Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojan.gen/ZeroAcsess/Sirefef.r


  • Please log in to reply
40 replies to this topic

#1 Cipher91

Cipher91

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:08:53 PM

Posted 22 July 2012 - 04:16 AM

So the other day norton alerts kept popping up every few minutes saying that trojan.gen, trojan.gen2, and trojan.zeroacsess were being blocked. Google search results were also being redirected to irrelevant adware sites. Using a Windows virus scan sirefef.r was detected. I quickly realized many people were having this problem and I waited all day to get help on various forums. My computer seemed to be getting progressively worse with internet going in and out intermittently and boot times being very slow. I found out my master boot record was infected and I was scared to wait days at a time to receive help, so I contacted dell support. They had me use hitman pro 3 on my computer and that seemed to solve everything, but I'm scared that the trojan may not be completely gone and my computer could still be compromised. Can anyone help me to make sure my computer is no longer infected? Also, I no longer am receiving help from any other websites or tech services.

Edit: Forgot to include OS info- Windows Vista Home Basic 32-bit

Edited by Cipher91, 22 July 2012 - 04:57 AM.


BC AdBot (Login to Remove)

 


#2 Cipher91

Cipher91
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:08:53 PM

Posted 22 July 2012 - 04:18 AM

I'm sorry this got posted twice. First time I submitted it said it didn't go through.

#3 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:53 PM

Posted 22 July 2012 - 06:59 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#4 Cipher91

Cipher91
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:08:53 PM

Posted 22 July 2012 - 02:14 PM

TDSS log:
13:05:24.0845 5056 TDSS rootkit removing tool 2.7.46.0 Jul 16 2012 22:10:11
13:05:25.0155 5056 ============================================================
13:05:25.0155 5056 Current date / time: 2012/07/22 13:05:25.0155
13:05:25.0155 5056 SystemInfo:
13:05:25.0155 5056
13:05:25.0155 5056 OS Version: 6.0.6002 ServicePack: 2.0
13:05:25.0155 5056 Product type: Workstation
13:05:25.0155 5056 ComputerName: OLIVIA-PC
13:05:25.0155 5056 UserName: Olivia
13:05:25.0155 5056 Windows directory: C:\Windows
13:05:25.0155 5056 System windows directory: C:\Windows
13:05:25.0155 5056 Processor architecture: Intel x86
13:05:25.0155 5056 Number of processors: 2
13:05:25.0155 5056 Page size: 0x1000
13:05:25.0155 5056 Boot type: Normal boot
13:05:25.0155 5056 ============================================================
13:05:25.0625 5056 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
13:05:25.0625 5056 ============================================================
13:05:25.0625 5056 \Device\Harddisk0\DR0:
13:05:25.0675 5056 MBR partitions:
13:05:25.0675 5056 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000
13:05:25.0675 5056 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x236CE2B0
13:05:25.0675 5056 ============================================================
13:05:25.0795 5056 C: <-> \Device\Harddisk0\DR0\Partition1
13:05:25.0825 5056 E: <-> \Device\Harddisk0\DR0\Partition0
13:05:25.0825 5056 ============================================================
13:05:25.0825 5056 Initialize success
13:05:25.0825 5056 ============================================================
13:05:28.0836 7620 ============================================================
13:05:28.0836 7620 Scan started
13:05:28.0836 7620 Mode: Manual;
13:05:28.0836 7620 ============================================================
13:05:29.0352 7620 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
13:05:29.0362 7620 !SASCORE - ok
13:05:29.0532 7620 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
13:05:29.0532 7620 ACPI - ok
13:05:29.0572 7620 ActionReplayDS (f35b5d0cc142b87e687fc504baa69d82) C:\Windows\system32\Drivers\ActionReplayDS.sys
13:05:29.0582 7620 ActionReplayDS - ok
13:05:29.0642 7620 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
13:05:29.0642 7620 AdobeARMservice - ok
13:05:29.0702 7620 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
13:05:29.0712 7620 adp94xx - ok
13:05:29.0772 7620 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
13:05:29.0772 7620 adpahci - ok
13:05:29.0802 7620 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
13:05:29.0802 7620 adpu160m - ok
13:05:29.0842 7620 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
13:05:29.0842 7620 adpu320 - ok
13:05:29.0882 7620 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
13:05:29.0882 7620 AeLookupSvc - ok
13:05:29.0951 7620 AESTFilters (827dbc22c96eecf6d36a13162fabafd3) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\aestsrv.exe
13:05:29.0953 7620 AESTFilters - ok
13:05:30.0014 7620 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
13:05:30.0016 7620 AFD - ok
13:05:30.0059 7620 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
13:05:30.0059 7620 agp440 - ok
13:05:30.0086 7620 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
13:05:30.0087 7620 aic78xx - ok
13:05:30.0108 7620 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
13:05:30.0109 7620 ALG - ok
13:05:30.0132 7620 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
13:05:30.0133 7620 aliide - ok
13:05:30.0270 7620 Amazon Download Agent (ff6f0f6a2d72065ae4300426fa414693) C:\Program Files\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe
13:05:30.0295 7620 Amazon Download Agent - ok
13:05:30.0349 7620 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
13:05:30.0350 7620 amdagp - ok
13:05:30.0366 7620 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
13:05:30.0366 7620 amdide - ok
13:05:30.0387 7620 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
13:05:30.0388 7620 AmdK7 - ok
13:05:30.0408 7620 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
13:05:30.0409 7620 AmdK8 - ok
13:05:30.0467 7620 ApfiltrService (5bffa4db168d2d0f99c182732535e82f) C:\Windows\system32\DRIVERS\Apfiltr.sys
13:05:30.0469 7620 ApfiltrService - ok
13:05:30.0521 7620 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
13:05:30.0523 7620 Appinfo - ok
13:05:30.0589 7620 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:05:30.0592 7620 Apple Mobile Device - ok
13:05:30.0624 7620 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
13:05:30.0626 7620 arc - ok
13:05:30.0658 7620 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
13:05:30.0660 7620 arcsas - ok
13:05:30.0695 7620 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
13:05:30.0696 7620 AsyncMac - ok
13:05:30.0715 7620 atapi (0d83c87a801a3dfcd1bf73893fe7518c) C:\Windows\system32\drivers\atapi.sys
13:05:30.0716 7620 atapi - ok
13:05:30.0780 7620 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
13:05:30.0786 7620 AudioEndpointBuilder - ok
13:05:30.0796 7620 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
13:05:30.0801 7620 Audiosrv - ok
13:05:30.0876 7620 BBSvc (825f81a6f7dd073509db101f0ba6dc59) C:\Program Files\Microsoft\BingBar\BBSvc.EXE
13:05:30.0891 7620 BBSvc - ok
13:05:30.0937 7620 bckd (7cfd6d37aba7006148abbf4f629b2d2a) C:\Windows\system32\drivers\bckd.sys
13:05:30.0939 7620 bckd - ok
13:05:31.0136 7620 bckwfs (a49f12b3157b35e221da1c70ad36664a) C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe
13:05:31.0213 7620 bckwfs - ok
13:05:31.0400 7620 BCM42RLY (423c7b87e886ac93d22936ea82665f83) C:\Windows\system32\drivers\BCM42RLY.sys
13:05:31.0401 7620 BCM42RLY - ok
13:05:31.0583 7620 BCM43XX (41a70777e892c3dea606758366566a77) C:\Windows\system32\DRIVERS\bcmwl6.sys
13:05:31.0598 7620 BCM43XX - ok
13:05:31.0670 7620 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
13:05:31.0671 7620 Beep - ok
13:05:31.0861 7620 BHDrvx86 (a9e111a358ac5f7eba7ac61e43fc6725) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20120711.002\BHDrvx86.sys
13:05:31.0866 7620 BHDrvx86 - ok
13:05:31.0971 7620 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll
13:05:31.0987 7620 BITS - ok
13:05:32.0034 7620 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
13:05:32.0034 7620 blbdrive - ok
13:05:32.0143 7620 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
13:05:32.0159 7620 Bonjour Service - ok
13:05:32.0190 7620 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
13:05:32.0190 7620 bowser - ok
13:05:32.0221 7620 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
13:05:32.0221 7620 BrFiltLo - ok
13:05:32.0237 7620 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
13:05:32.0237 7620 BrFiltUp - ok
13:05:32.0268 7620 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
13:05:32.0268 7620 Browser - ok
13:05:32.0299 7620 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
13:05:32.0299 7620 Brserid - ok
13:05:32.0315 7620 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
13:05:32.0315 7620 BrSerWdm - ok
13:05:32.0330 7620 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
13:05:32.0330 7620 BrUsbMdm - ok
13:05:32.0361 7620 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
13:05:32.0361 7620 BrUsbSer - ok
13:05:32.0377 7620 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
13:05:32.0377 7620 BTHMODEM - ok
13:05:32.0408 7620 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
13:05:32.0408 7620 cdfs - ok
13:05:32.0439 7620 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
13:05:32.0439 7620 cdrom - ok
13:05:32.0471 7620 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
13:05:32.0471 7620 CertPropSvc - ok
13:05:32.0486 7620 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
13:05:32.0486 7620 circlass - ok
13:05:32.0533 7620 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
13:05:32.0533 7620 CLFS - ok
13:05:32.0627 7620 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:05:32.0627 7620 clr_optimization_v2.0.50727_32 - ok
13:05:32.0689 7620 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:05:32.0689 7620 clr_optimization_v4.0.30319_32 - ok
13:05:32.0736 7620 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
13:05:32.0736 7620 CmBatt - ok
13:05:32.0751 7620 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
13:05:32.0751 7620 cmdide - ok
13:05:32.0767 7620 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
13:05:32.0767 7620 Compbatt - ok
13:05:32.0767 7620 COMSysApp - ok
13:05:32.0829 7620 CrashPlanService (970d7839b28326d2bbfdf374b02cdc9b) C:\Program Files\CrashPlan\CrashPlanService.exe
13:05:32.0845 7620 CrashPlanService - ok
13:05:32.0845 7620 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
13:05:32.0845 7620 crcdisk - ok
13:05:32.0861 7620 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
13:05:32.0861 7620 Crusoe - ok
13:05:32.0907 7620 CryptSvc (75c6a297e364014840b48eccd7525e30) C:\Windows\system32\cryptsvc.dll
13:05:32.0923 7620 CryptSvc - ok
13:05:32.0985 7620 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
13:05:33.0001 7620 DcomLaunch - ok
13:05:33.0438 7620 Dell-Backup-Svc (384e92d196450d200b8d922e24f1121e) C:\Program Files\Dell\Tech Concierge Backup\Dell-Backup-Svc.exe
13:05:33.0563 7620 Dell-Backup-Svc - ok
13:05:33.0687 7620 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
13:05:33.0687 7620 DfsC - ok
13:05:33.0843 7620 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
13:05:33.0890 7620 DFSR - ok
13:05:34.0046 7620 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
13:05:34.0046 7620 Dhcp - ok
13:05:34.0077 7620 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
13:05:34.0093 7620 disk - ok
13:05:34.0124 7620 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
13:05:34.0124 7620 Dnscache - ok
13:05:34.0249 7620 DockLoginService (0840abbbdf438691ee65a20040635cbe) C:\Program Files\Dell\DellDock\DockLogin.exe
13:05:34.0265 7620 DockLoginService - ok
13:05:34.0311 7620 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
13:05:34.0327 7620 dot3svc - ok
13:05:34.0374 7620 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
13:05:34.0389 7620 DPS - ok
13:05:34.0405 7620 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
13:05:34.0405 7620 drmkaud - ok
13:05:34.0483 7620 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
13:05:34.0483 7620 DXGKrnl - ok
13:05:34.0514 7620 e1express (908ed85b7806e8af3af5e9b74f7809d4) C:\Windows\system32\DRIVERS\e1e6032.sys
13:05:34.0530 7620 e1express - ok
13:05:34.0545 7620 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
13:05:34.0545 7620 E1G60 - ok
13:05:34.0561 7620 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
13:05:34.0561 7620 EapHost - ok
13:05:34.0608 7620 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
13:05:34.0623 7620 Ecache - ok
13:05:34.0748 7620 eeCtrl (fce87ba643d5e9a8b6e0378508d1b22d) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
13:05:34.0748 7620 eeCtrl - ok
13:05:34.0795 7620 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
13:05:34.0795 7620 elxstor - ok
13:05:34.0873 7620 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
13:05:34.0889 7620 EMDMgmt - ok
13:05:34.0935 7620 EraserUtilRebootDrv (115dc729465a8c386615207f28875255) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
13:05:34.0935 7620 EraserUtilRebootDrv - ok
13:05:34.0951 7620 ErrDev (f2a80de2d1b7116052c09cb4d4ca1416) C:\Windows\system32\drivers\errdev.sys
13:05:34.0951 7620 ErrDev - ok
13:05:34.0982 7620 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
13:05:34.0982 7620 EventSystem - ok
13:05:35.0013 7620 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
13:05:35.0029 7620 exfat - ok
13:05:35.0060 7620 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
13:05:35.0060 7620 fastfat - ok
13:05:35.0076 7620 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
13:05:35.0076 7620 fdc - ok
13:05:35.0107 7620 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
13:05:35.0107 7620 fdPHost - ok
13:05:35.0107 7620 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
13:05:35.0107 7620 FDResPub - ok
13:05:35.0138 7620 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
13:05:35.0138 7620 FileInfo - ok
13:05:35.0138 7620 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
13:05:35.0138 7620 Filetrace - ok
13:05:35.0154 7620 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
13:05:35.0154 7620 flpydisk - ok
13:05:35.0169 7620 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
13:05:35.0169 7620 FltMgr - ok
13:05:35.0279 7620 FontCache (452feaab2a8dbb42ed751754cb2594f5) C:\Windows\system32\FntCache.dll
13:05:35.0310 7620 FontCache - ok
13:05:35.0372 7620 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
13:05:35.0372 7620 FontCache3.0.0.0 - ok
13:05:35.0372 7620 Fs_Rec (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys
13:05:35.0388 7620 Fs_Rec - ok
13:05:35.0403 7620 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
13:05:35.0403 7620 gagp30kx - ok
13:05:35.0435 7620 GEARAspiWDM (5ae3a887ece5bbb72cfab273c2fd1cfa) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:05:35.0435 7620 GEARAspiWDM - ok
13:05:35.0497 7620 GoToAssist (d3316f6e3c011435f36e3d6e49b3196c) C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
13:05:35.0497 7620 GoToAssist - ok
13:05:35.0575 7620 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
13:05:35.0591 7620 gpsvc - ok
13:05:35.0653 7620 gupdate1c9fcf7536f3b10 (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe
13:05:35.0653 7620 gupdate1c9fcf7536f3b10 - ok
13:05:35.0669 7620 gupdatem (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe
13:05:35.0669 7620 gupdatem - ok
13:05:35.0731 7620 gusvc (408ddd80eede47175f6844817b90213e) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
13:05:35.0731 7620 gusvc - ok
13:05:35.0793 7620 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
13:05:35.0793 7620 HDAudBus - ok
13:05:35.0825 7620 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
13:05:35.0825 7620 HidBth - ok
13:05:35.0840 7620 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
13:05:35.0840 7620 HidIr - ok
13:05:35.0887 7620 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll
13:05:35.0887 7620 hidserv - ok
13:05:35.0903 7620 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
13:05:35.0903 7620 HidUsb - ok
13:05:35.0949 7620 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
13:05:35.0949 7620 hkmsvc - ok
13:05:36.0059 7620 hnmsvc (26018afa49f03032ccd3c26eaa384a4c) c:\Program Files\Common Files\Dell\Advanced Networking Service\hnm_svc.exe
13:05:36.0074 7620 hnmsvc - ok
13:05:36.0121 7620 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
13:05:36.0121 7620 HpCISSs - ok
13:05:36.0402 7620 HsdService36 (6f0835a6b7ba011d7018ec2e85546e04) C:\Program Files\Dell\Tech Concierge Desk Extension\4.5.20.60831\DellTechConciergeDeskExtensionService.exe
13:05:36.0464 7620 HsdService36 - ok
13:05:36.0620 7620 HTTP (0eeeca26c8d4bde2a4664db058a81937) C:\Windows\system32\drivers\HTTP.sys
13:05:36.0620 7620 HTTP - ok
13:05:36.0651 7620 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
13:05:36.0651 7620 i2omp - ok
13:05:36.0698 7620 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
13:05:36.0698 7620 i8042prt - ok
13:05:36.0823 7620 IAANTMON (7b96206e4bdd2fe582f0dbc46f5f410e) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
13:05:36.0823 7620 IAANTMON - ok
13:05:36.0885 7620 iaStor (80c633722da72e97f3f5b3b11325696d) C:\Windows\system32\drivers\iastor.sys
13:05:36.0885 7620 iaStor - ok
13:05:36.0932 7620 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
13:05:36.0932 7620 iaStorV - ok
13:05:36.0995 7620 IDriverT (6f95324909b502e2651442c1548ab12f) C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
13:05:36.0995 7620 IDriverT - ok
13:05:37.0135 7620 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
13:05:37.0151 7620 idsvc - ok
13:05:37.0307 7620 IDSVix86 (6262c22a913bd255a0795d070b82aa47) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120720.001_2fd\IDSvix86.sys
13:05:37.0307 7620 IDSVix86 - ok
13:05:37.0775 7620 igfx (938753888eaddb29d4b3754139ec19e8) C:\Windows\system32\DRIVERS\igdkmd32.sys
13:05:37.0821 7620 igfx - ok
13:05:37.0938 7620 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
13:05:37.0938 7620 iirsp - ok
13:05:38.0008 7620 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
13:05:38.0038 7620 IKEEXT - ok
13:05:38.0058 7620 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
13:05:38.0058 7620 intelide - ok
13:05:38.0078 7620 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
13:05:38.0078 7620 intelppm - ok
13:05:38.0128 7620 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
13:05:38.0128 7620 IPBusEnum - ok
13:05:38.0148 7620 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:05:38.0148 7620 IpFilterDriver - ok
13:05:38.0158 7620 IpInIp - ok
13:05:38.0168 7620 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
13:05:38.0168 7620 IPMIDRV - ok
13:05:38.0198 7620 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
13:05:38.0198 7620 IPNAT - ok
13:05:38.0308 7620 iPod Service (e6be7a41a28d8f2db174957454d32448) C:\Program Files\iPod\bin\iPodService.exe
13:05:38.0338 7620 iPod Service - ok
13:05:38.0348 7620 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
13:05:38.0348 7620 IRENUM - ok
13:05:38.0358 7620 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
13:05:38.0358 7620 isapnp - ok
13:05:38.0408 7620 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
13:05:38.0408 7620 iScsiPrt - ok
13:05:38.0418 7620 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
13:05:38.0418 7620 iteatapi - ok
13:05:38.0448 7620 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
13:05:38.0448 7620 iteraid - ok
13:05:38.0468 7620 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
13:05:38.0468 7620 kbdclass - ok
13:05:38.0508 7620 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
13:05:38.0508 7620 kbdhid - ok
13:05:38.0528 7620 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
13:05:38.0528 7620 KeyIso - ok
13:05:38.0588 7620 KSecDD (4a1445efa932a3baf5bdb02d7131ee20) C:\Windows\system32\Drivers\ksecdd.sys
13:05:38.0588 7620 KSecDD - ok
13:05:38.0658 7620 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
13:05:38.0678 7620 KtmRm - ok
13:05:38.0708 7620 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\system32\srvsvc.dll
13:05:38.0728 7620 LanmanServer - ok
13:05:38.0758 7620 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
13:05:38.0768 7620 LanmanWorkstation - ok
13:05:38.0808 7620 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
13:05:38.0808 7620 lltdio - ok
13:05:38.0848 7620 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
13:05:38.0858 7620 lltdsvc - ok
13:05:38.0878 7620 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
13:05:38.0878 7620 lmhosts - ok
13:05:38.0908 7620 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
13:05:38.0908 7620 LSI_FC - ok
13:05:38.0928 7620 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
13:05:38.0928 7620 LSI_SAS - ok
13:05:38.0968 7620 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
13:05:38.0968 7620 LSI_SCSI - ok
13:05:38.0988 7620 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
13:05:38.0988 7620 luafv - ok
13:05:38.0989 7620 MCSTRM - ok
13:05:39.0006 7620 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
13:05:39.0007 7620 megasas - ok
13:05:39.0034 7620 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
13:05:39.0037 7620 MegaSR - ok
13:05:39.0062 7620 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
13:05:39.0064 7620 MMCSS - ok
13:05:39.0085 7620 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
13:05:39.0086 7620 Modem - ok
13:05:39.0106 7620 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
13:05:39.0107 7620 monitor - ok
13:05:39.0124 7620 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
13:05:39.0125 7620 mouclass - ok
13:05:39.0138 7620 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
13:05:39.0139 7620 mouhid - ok
13:05:39.0155 7620 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
13:05:39.0156 7620 MountMgr - ok
13:05:39.0252 7620 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
13:05:39.0255 7620 MozillaMaintenance - ok
13:05:39.0276 7620 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
13:05:39.0278 7620 mpio - ok
13:05:39.0295 7620 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
13:05:39.0296 7620 mpsdrv - ok
13:05:39.0313 7620 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
13:05:39.0314 7620 Mraid35x - ok
13:05:39.0350 7620 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
13:05:39.0351 7620 MRxDAV - ok
13:05:39.0382 7620 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
13:05:39.0383 7620 mrxsmb - ok
13:05:39.0409 7620 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:05:39.0411 7620 mrxsmb10 - ok
13:05:39.0421 7620 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:05:39.0422 7620 mrxsmb20 - ok
13:05:39.0434 7620 msahci (f70590424eefbf5c27a40c67afdb8383) C:\Windows\system32\drivers\msahci.sys
13:05:39.0435 7620 msahci - ok
13:05:39.0458 7620 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
13:05:39.0459 7620 msdsm - ok
13:05:39.0497 7620 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
13:05:39.0501 7620 MSDTC - ok
13:05:39.0534 7620 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
13:05:39.0535 7620 Msfs - ok
13:05:39.0563 7620 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
13:05:39.0564 7620 msisadrv - ok
13:05:39.0605 7620 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
13:05:39.0611 7620 MSiSCSI - ok
13:05:39.0616 7620 msiserver - ok
13:05:39.0643 7620 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
13:05:39.0644 7620 MSKSSRV - ok
13:05:39.0661 7620 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
13:05:39.0662 7620 MSPCLOCK - ok
13:05:39.0678 7620 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
13:05:39.0679 7620 MSPQM - ok
13:05:39.0724 7620 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
13:05:39.0726 7620 MsRPC - ok
13:05:39.0749 7620 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
13:05:39.0750 7620 mssmbios - ok
13:05:39.0763 7620 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
13:05:39.0764 7620 MSTEE - ok
13:05:39.0774 7620 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
13:05:39.0775 7620 Mup - ok
13:05:39.0906 7620 N360 (e78a365cc3e0fbfc018a33dce01909f8) C:\Program Files\Norton Security Suite\Engine\5.2.2.3\ccSvcHst.exe
13:05:39.0906 7620 N360 - ok
13:05:39.0953 7620 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
13:05:39.0984 7620 napagent - ok
13:05:40.0016 7620 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
13:05:40.0016 7620 NativeWifiP - ok
13:05:40.0109 7620 NAVENG (f11033730b38260b6892e837c457fb4b) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120721.005\NAVENG.SYS
13:05:40.0109 7620 NAVENG - ok
13:05:40.0218 7620 NAVEX15 (4e4e7c0259d3bb97de24a636c0e06aba) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120721.005\NAVEX15.SYS
13:05:40.0234 7620 NAVEX15 - ok
13:05:40.0374 7620 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
13:05:40.0374 7620 NDIS - ok
13:05:40.0406 7620 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
13:05:40.0406 7620 NdisTapi - ok
13:05:40.0421 7620 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
13:05:40.0421 7620 Ndisuio - ok
13:05:40.0452 7620 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
13:05:40.0452 7620 NdisWan - ok
13:05:40.0468 7620 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
13:05:40.0468 7620 NDProxy - ok
13:05:40.0484 7620 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
13:05:40.0484 7620 NetBIOS - ok
13:05:40.0515 7620 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
13:05:40.0515 7620 netbt - ok
13:05:40.0546 7620 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
13:05:40.0546 7620 Netlogon - ok
13:05:40.0608 7620 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
13:05:40.0608 7620 Netman - ok
13:05:40.0640 7620 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
13:05:40.0671 7620 netprofm - ok
13:05:40.0733 7620 NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:05:40.0749 7620 NetTcpPortSharing - ok
13:05:40.0780 7620 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
13:05:40.0796 7620 nfrd960 - ok
13:05:40.0811 7620 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
13:05:40.0827 7620 NlaSvc - ok
13:05:40.0858 7620 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
13:05:40.0858 7620 Npfs - ok
13:05:40.0889 7620 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
13:05:40.0889 7620 nsi - ok
13:05:40.0905 7620 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
13:05:40.0905 7620 nsiproxy - ok
13:05:40.0998 7620 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
13:05:41.0014 7620 Ntfs - ok
13:05:41.0045 7620 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
13:05:41.0045 7620 ntrigdigi - ok
13:05:41.0045 7620 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
13:05:41.0045 7620 Null - ok
13:05:41.0076 7620 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
13:05:41.0076 7620 nvraid - ok
13:05:41.0092 7620 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
13:05:41.0092 7620 nvstor - ok
13:05:41.0108 7620 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
13:05:41.0123 7620 nv_agp - ok
13:05:41.0123 7620 NwlnkFlt - ok
13:05:41.0139 7620 NwlnkFwd - ok
13:05:41.0224 7620 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
13:05:41.0234 7620 odserv - ok
13:05:41.0264 7620 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
13:05:41.0264 7620 ohci1394 - ok
13:05:41.0294 7620 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:05:41.0304 7620 ose - ok
13:05:41.0364 7620 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
13:05:41.0374 7620 p2pimsvc - ok
13:05:41.0384 7620 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
13:05:41.0394 7620 p2psvc - ok
13:05:41.0434 7620 Packet (9d80e0be979c3edaf2863f23b88f4de6) C:\Windows\system32\DRIVERS\packet.sys
13:05:41.0434 7620 Packet - ok
13:05:41.0444 7620 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
13:05:41.0444 7620 Parport - ok
13:05:41.0474 7620 partmgr (b9c2b89f08670e159f7181891e449cd9) C:\Windows\system32\drivers\partmgr.sys
13:05:41.0474 7620 partmgr - ok
13:05:41.0494 7620 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
13:05:41.0494 7620 Parvdm - ok
13:05:41.0524 7620 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
13:05:41.0524 7620 PcaSvc - ok
13:05:41.0564 7620 PCD5SRVC{3F6A8B78-EC003E00-05040104} - ok
13:05:41.0624 7620 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
13:05:41.0624 7620 pci - ok
13:05:41.0654 7620 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
13:05:41.0654 7620 pciide - ok
13:05:41.0684 7620 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
13:05:41.0684 7620 pcmcia - ok
13:05:41.0764 7620 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
13:05:41.0774 7620 PEAUTH - ok
13:05:41.0904 7620 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
13:05:41.0934 7620 pla - ok
13:05:42.0032 7620 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
13:05:42.0038 7620 PlugPlay - ok
13:05:42.0096 7620 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
13:05:42.0102 7620 PNRPAutoReg - ok
13:05:42.0110 7620 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
13:05:42.0116 7620 PNRPsvc - ok
13:05:42.0160 7620 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
13:05:42.0176 7620 PolicyAgent - ok
13:05:42.0218 7620 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
13:05:42.0219 7620 PptpMiniport - ok
13:05:42.0239 7620 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
13:05:42.0240 7620 Processor - ok
13:05:42.0268 7620 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
13:05:42.0282 7620 ProfSvc - ok
13:05:42.0308 7620 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
13:05:42.0310 7620 ProtectedStorage - ok
13:05:42.0342 7620 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
13:05:42.0343 7620 PSched - ok
13:05:42.0380 7620 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\Windows\system32\Drivers\PxHelp20.sys
13:05:42.0382 7620 PxHelp20 - ok
13:05:42.0504 7620 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
13:05:42.0517 7620 ql2300 - ok
13:05:42.0551 7620 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
13:05:42.0553 7620 ql40xx - ok
13:05:42.0591 7620 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
13:05:42.0610 7620 QWAVE - ok
13:05:42.0624 7620 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
13:05:42.0626 7620 QWAVEdrv - ok
13:05:42.0834 7620 R300 (e642b131fb74caf4bb8a014f31113142) C:\Windows\system32\DRIVERS\atikmdag.sys
13:05:42.0855 7620 R300 - ok
13:05:43.0010 7620 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
13:05:43.0011 7620 RasAcd - ok
13:05:43.0045 7620 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
13:05:43.0060 7620 RasAuto - ok
13:05:43.0083 7620 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
13:05:43.0085 7620 Rasl2tp - ok
13:05:43.0145 7620 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
13:05:43.0158 7620 RasMan - ok
13:05:43.0193 7620 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
13:05:43.0195 7620 RasPppoe - ok
13:05:43.0215 7620 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
13:05:43.0216 7620 RasSstp - ok
13:05:43.0269 7620 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
13:05:43.0271 7620 rdbss - ok
13:05:43.0277 7620 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
13:05:43.0278 7620 RDPCDD - ok
13:05:43.0315 7620 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
13:05:43.0319 7620 rdpdr - ok
13:05:43.0341 7620 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
13:05:43.0343 7620 RDPENCDD - ok
13:05:43.0382 7620 RDPWD (c127ebd5afab31524662c48dfceb773a) C:\Windows\system32\drivers\RDPWD.sys
13:05:43.0384 7620 RDPWD - ok
13:05:43.0421 7620 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
13:05:43.0438 7620 RemoteAccess - ok
13:05:43.0483 7620 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
13:05:43.0496 7620 RemoteRegistry - ok
13:05:43.0542 7620 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
13:05:43.0573 7620 RpcLocator - ok
13:05:43.0620 7620 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
13:05:43.0635 7620 RpcSs - ok
13:05:43.0661 7620 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
13:05:43.0661 7620 rspndr - ok
13:05:43.0681 7620 RTSTOR (d97d8259293b7a82cb891f37f997df3f) C:\Windows\system32\drivers\RTSTOR.SYS
13:05:43.0691 7620 RTSTOR - ok
13:05:43.0701 7620 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
13:05:43.0711 7620 SamSs - ok
13:05:43.0761 7620 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
13:05:43.0761 7620 SASDIFSV - ok
13:05:43.0791 7620 SASENUM (7ce61c25c159f50f9eaf6d77fc83fa35) C:\Program Files\SUPERAntiSpyware\SASENUM.SYS
13:05:43.0791 7620 SASENUM - ok
13:05:43.0821 7620 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys
13:05:43.0821 7620 SASKUTIL - ok
13:05:43.0981 7620 SasUpdaterService36 (56c9295f4856825ac1355b076e2ead08) C:\Program Files\Dell\Security Advisor\3.0.14.60469\SasUpdaterService36.exe
13:05:44.0031 7620 SasUpdaterService36 - ok
13:05:44.0151 7620 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
13:05:44.0151 7620 sbp2port - ok
13:05:44.0291 7620 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
13:05:44.0331 7620 SBSDWSCService - ok
13:05:44.0361 7620 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
13:05:44.0381 7620 SCardSvr - ok
13:05:44.0441 7620 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
13:05:44.0461 7620 Schedule - ok
13:05:44.0481 7620 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
13:05:44.0481 7620 SCPolicySvc - ok
13:05:44.0521 7620 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
13:05:44.0531 7620 SDRSVC - ok
13:05:44.0611 7620 SeaPort (cc781378e7eda615d2cdca3b17829fa4) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
13:05:44.0621 7620 SeaPort - ok
13:05:44.0671 7620 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
13:05:44.0671 7620 secdrv - ok
13:05:44.0691 7620 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
13:05:44.0691 7620 seclogon - ok
13:05:44.0701 7620 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
13:05:44.0711 7620 SENS - ok
13:05:44.0711 7620 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
13:05:44.0711 7620 Serenum - ok
13:05:44.0741 7620 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
13:05:44.0741 7620 Serial - ok
13:05:44.0751 7620 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
13:05:44.0751 7620 sermouse - ok
13:05:45.0820 7620 ServicepointService36 (89077c5c30f17b239b09bbc89e29c7f5) C:\Program Files\Dell\Tech Concierge Desk\5.2.30.60845\Dell_ServicepointService.exe
13:05:46.0144 7620 ServicepointService36 - ok
13:05:46.0244 7620 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
13:05:46.0254 7620 SessionEnv - ok
13:05:46.0294 7620 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
13:05:46.0294 7620 sffdisk - ok
13:05:46.0304 7620 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
13:05:46.0314 7620 sffp_mmc - ok
13:05:46.0324 7620 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
13:05:46.0324 7620 sffp_sd - ok
13:05:46.0334 7620 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
13:05:46.0334 7620 sfloppy - ok
13:05:46.0434 7620 SftService (89c8ce6971a3e571176348e237018c0a) C:\Windows\sminst\sftservice.EXE
13:05:46.0444 7620 SftService - ok
13:05:46.0484 7620 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
13:05:46.0494 7620 ShellHWDetection - ok
13:05:46.0504 7620 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
13:05:46.0504 7620 sisagp - ok
13:05:46.0514 7620 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
13:05:46.0524 7620 SiSRaid2 - ok
13:05:46.0534 7620 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
13:05:46.0534 7620 SiSRaid4 - ok
13:05:46.0804 7620 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
13:05:46.0884 7620 slsvc - ok
13:05:46.0984 7620 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
13:05:46.0994 7620 SLUINotify - ok
13:05:47.0024 7620 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
13:05:47.0025 7620 Smb - ok
13:05:47.0055 7620 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
13:05:47.0058 7620 SNMPTRAP - ok
13:05:47.0094 7620 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
13:05:47.0094 7620 spldr - ok
13:05:47.0129 7620 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
13:05:47.0144 7620 Spooler - ok
13:05:47.0233 7620 SRTSP (83726cf02eced69138948083e06b6eac) C:\Windows\System32\Drivers\N360\0502020.003\SRTSP.SYS
13:05:47.0236 7620 SRTSP - ok
13:05:47.0255 7620 SRTSPX (4e7eab2e5615d39cf1f1df9c71e5e225) C:\Windows\system32\drivers\N360\0502020.003\SRTSPX.SYS
13:05:47.0255 7620 SRTSPX - ok
13:05:47.0294 7620 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
13:05:47.0296 7620 srv - ok
13:05:47.0336 7620 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
13:05:47.0337 7620 srv2 - ok
13:05:47.0355 7620 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
13:05:47.0356 7620 srvnet - ok
13:05:47.0398 7620 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
13:05:47.0411 7620 SSDPSRV - ok
13:05:47.0433 7620 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
13:05:47.0449 7620 SstpSvc - ok
13:05:47.0545 7620 STacSV (ddeb942850278d67edc108d57f774bf8) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\STacSV.exe
13:05:47.0576 7620 STacSV - ok
13:05:47.0649 7620 STHDA (c4be9c3af8af6f2e4cdd22fcabf77a1b) C:\Windows\system32\DRIVERS\stwrt.sys
13:05:47.0653 7620 STHDA - ok
13:05:47.0709 7620 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
13:05:47.0732 7620 stisvc - ok
13:05:47.0827 7620 stllssvr (1d0063597c3666404fcf97698abeb019) C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
13:05:47.0829 7620 stllssvr - ok
13:05:47.0855 7620 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
13:05:47.0857 7620 swenum - ok
13:05:47.0908 7620 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
13:05:47.0930 7620 swprv - ok
13:05:47.0946 7620 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
13:05:47.0948 7620 Symc8xx - ok
13:05:48.0021 7620 SymDS (9bbeb8c6258e72d62e7560e6667aad39) C:\Windows\system32\drivers\N360\0502020.003\SYMDS.SYS
13:05:48.0023 7620 SymDS - ok
13:05:48.0086 7620 SymEFA (d5c02629c02a820a7e71bca3d44294a3) C:\Windows\system32\drivers\N360\0502020.003\SYMEFA.SYS
13:05:48.0092 7620 SymEFA - ok
13:05:48.0132 7620 SymEvent (ab33c3b196197ca467cbdda717860dba) C:\Windows\system32\Drivers\SYMEVENT.SYS
13:05:48.0134 7620 SymEvent - ok
13:05:48.0152 7620 SymIRON (a73399804d5d4a8b20ba60fcf70c9f1f) C:\Windows\system32\drivers\N360\0502020.003\Ironx86.SYS
13:05:48.0154 7620 SymIRON - ok
13:05:48.0189 7620 SYMTDIv (d42a7229e333af725f1445f785e4658d) C:\Windows\System32\Drivers\N360\0502020.003\SYMTDIV.SYS
13:05:48.0192 7620 SYMTDIv - ok
13:05:48.0227 7620 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
13:05:48.0228 7620 Sym_hi - ok
13:05:48.0239 7620 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
13:05:48.0241 7620 Sym_u3 - ok
13:05:48.0301 7620 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
13:05:48.0319 7620 SysMain - ok
13:05:48.0344 7620 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
13:05:48.0348 7620 TabletInputService - ok
13:05:48.0406 7620 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
13:05:48.0421 7620 TapiSrv - ok
13:05:48.0437 7620 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
13:05:48.0437 7620 TBS - ok
13:05:48.0531 7620 Tcpip (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\drivers\tcpip.sys
13:05:48.0546 7620 Tcpip - ok
13:05:48.0546 7620 Tcpip6 (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\DRIVERS\tcpip.sys
13:05:48.0562 7620 Tcpip6 - ok
13:05:48.0592 7620 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
13:05:48.0592 7620 tcpipreg - ok
13:05:48.0612 7620 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
13:05:48.0612 7620 TDPIPE - ok
13:05:48.0632 7620 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
13:05:48.0632 7620 TDTCP - ok
13:05:48.0672 7620 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
13:05:48.0672 7620 tdx - ok
13:05:48.0702 7620 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
13:05:48.0712 7620 TermDD - ok
13:05:48.0762 7620 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
13:05:48.0802 7620 TermService - ok
13:05:48.0832 7620 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
13:05:48.0842 7620 Themes - ok
13:05:48.0862 7620 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
13:05:48.0862 7620 THREADORDER - ok
13:05:48.0912 7620 TIEHDUSB (a1124ebc672aa3ae1b327096c1dcc346) C:\Windows\system32\drivers\tiehdusb.sys
13:05:48.0922 7620 TIEHDUSB - ok
13:05:48.0952 7620 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
13:05:48.0952 7620 TrkWks - ok
13:05:49.0002 7620 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
13:05:49.0012 7620 TrustedInstaller - ok
13:05:49.0042 7620 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
13:05:49.0042 7620 tssecsrv - ok
13:05:49.0052 7620 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
13:05:49.0052 7620 tunmp - ok
13:05:49.0092 7620 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
13:05:49.0092 7620 tunnel - ok
13:05:49.0112 7620 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
13:05:49.0122 7620 uagp35 - ok
13:05:49.0142 7620 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
13:05:49.0142 7620 udfs - ok
13:05:49.0172 7620 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
13:05:49.0182 7620 UI0Detect - ok
13:05:49.0202 7620 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
13:05:49.0202 7620 uliagpkx - ok
13:05:49.0232 7620 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
13:05:49.0232 7620 uliahci - ok
13:05:49.0262 7620 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
13:05:49.0262 7620 UlSata - ok
13:05:49.0282 7620 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
13:05:49.0282 7620 ulsata2 - ok
13:05:49.0302 7620 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
13:05:49.0302 7620 umbus - ok
13:05:49.0332 7620 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
13:05:49.0332 7620 upnphost - ok
13:05:49.0372 7620 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
13:05:49.0372 7620 usbccgp - ok
13:05:49.0382 7620 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
13:05:49.0382 7620 usbcir - ok
13:05:49.0412 7620 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
13:05:49.0412 7620 usbehci - ok
13:05:49.0452 7620 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
13:05:49.0452 7620 usbhub - ok
13:05:49.0462 7620 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
13:05:49.0462 7620 usbohci - ok
13:05:49.0482 7620 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys
13:05:49.0482 7620 usbprint - ok
13:05:49.0492 7620 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:05:49.0492 7620 USBSTOR - ok
13:05:49.0512 7620 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
13:05:49.0512 7620 usbuhci - ok
13:05:49.0542 7620 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
13:05:49.0542 7620 UxSms - ok
13:05:49.0602 7620 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
13:05:49.0632 7620 vds - ok
13:05:49.0652 7620 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
13:05:49.0652 7620 vga - ok
13:05:49.0662 7620 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
13:05:49.0662 7620 VgaSave - ok
13:05:49.0682 7620 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
13:05:49.0682 7620 viaagp - ok
13:05:49.0702 7620 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
13:05:49.0702 7620 ViaC7 - ok
13:05:49.0712 7620 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
13:05:49.0712 7620 viaide - ok
13:05:49.0722 7620 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
13:05:49.0732 7620 volmgr - ok
13:05:49.0752 7620 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
13:05:49.0752 7620 volmgrx - ok
13:05:49.0802 7620 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
13:05:49.0802 7620 volsnap - ok
13:05:49.0822 7620 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
13:05:49.0842 7620 vsmraid - ok
13:05:49.0942 7620 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
13:05:49.0962 7620 VSS - ok
13:05:50.0002 7620 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
13:05:50.0012 7620 W32Time - ok
13:05:50.0045 7620 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
13:05:50.0046 7620 WacomPen - ok
13:05:50.0059 7620 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
13:05:50.0060 7620 Wanarp - ok
13:05:50.0064 7620 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
13:05:50.0065 7620 Wanarpv6 - ok
13:05:50.0116 7620 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
13:05:50.0126 7620 wcncsvc - ok
13:05:50.0159 7620 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
13:05:50.0163 7620 WcsPlugInService - ok
13:05:50.0180 7620 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
13:05:50.0182 7620 Wd - ok
13:05:50.0239 7620 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
13:05:50.0242 7620 Wdf01000 - ok
13:05:50.0264 7620 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
13:05:50.0272 7620 WdiServiceHost - ok
13:05:50.0275 7620 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
13:05:50.0280 7620 WdiSystemHost - ok
13:05:50.0324 7620 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
13:05:50.0340 7620 WebClient - ok
13:05:50.0364 7620 Wecsvc (905214925a88311fce52f66153de7610) C:\Windows\system32\wecsvc.dll
13:05:50.0379 7620 Wecsvc - ok
13:05:50.0392 7620 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
13:05:50.0397 7620 wercplsupport - ok
13:05:50.0433 7620 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
13:05:50.0447 7620 WerSvc - ok
13:05:50.0454 7620 WinHttpAutoProxySvc - ok
13:05:50.0528 7620 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
13:05:50.0562 7620 Winmgmt - ok
13:05:50.0654 7620 WinRM (01874d4689c212460fbabf0ecd7cb7f7) C:\Windows\system32\WsmSvc.dll
13:05:50.0678 7620 WinRM - ok
13:05:50.0760 7620 WinUSB (676f4b665bdd8053eaa53ac1695b8074) C:\Windows\system32\DRIVERS\WinUSB.sys
13:05:50.0762 7620 WinUSB - ok
13:05:50.0838 7620 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
13:05:50.0856 7620 Wlansvc - ok
13:05:51.0062 7620 wlidsvc (5144ae67d60ec653f97ddf3feed29e77) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:05:51.0117 7620 wlidsvc - ok
13:05:51.0199 7620 wltrysvc - ok
13:05:51.0249 7620 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
13:05:51.0250 7620 WmiAcpi - ok
13:05:51.0302 7620 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
13:05:51.0305 7620 wmiApSrv - ok
13:05:51.0435 7620 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
13:05:51.0461 7620 WMPNetworkSvc - ok
13:05:51.0541 7620 WMZuneComm (017695393afffed8de58abd1b085be6d) c:\Program Files\Zune\WMZuneComm.exe
13:05:51.0568 7620 WMZuneComm - ok
13:05:51.0722 7620 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
13:05:51.0737 7620 WPCSvc - ok
13:05:51.0773 7620 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
13:05:51.0792 7620 WPDBusEnum - ok
13:05:51.0859 7620 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
13:05:51.0859 7620 WpdUsb - ok
13:05:52.0000 7620 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
13:05:52.0015 7620 WPFFontCache_v0400 - ok
13:05:52.0046 7620 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
13:05:52.0046 7620 ws2ifsl - ok
13:05:52.0093 7620 WSDPrintDevice (4422ac5ed8d4c2f0db63e71d4c069dd7) C:\Windows\system32\DRIVERS\WSDPrint.sys
13:05:52.0093 7620 WSDPrintDevice - ok
13:05:52.0093 7620 WSearch - ok
13:05:52.0249 7620 wuauserv (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll
13:05:52.0280 7620 wuauserv - ok
13:05:52.0421 7620 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
13:05:52.0421 7620 WudfPf - ok
13:05:52.0452 7620 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
13:05:52.0452 7620 WUDFRd - ok
13:05:52.0468 7620 wudfsvc (2c0206ff8d2c75ac027d1096fa2fafda) C:\Windows\System32\WUDFSvc.dll
13:05:52.0483 7620 wudfsvc - ok
13:05:52.0499 7620 yksvc - ok
13:05:52.0546 7620 yukonwlh (1a51df1a5c658d534ed980d18f7982de) C:\Windows\system32\DRIVERS\yk60x86.sys
13:05:52.0546 7620 yukonwlh - ok
13:05:53.0061 7620 ZuneNetworkSvc (1076df9ade4e13ea3bf39d2165aeb903) c:\Program Files\Zune\ZuneNss.exe
13:05:53.0217 7620 ZuneNetworkSvc - ok
13:05:53.0326 7620 ZuneWlanCfgSvc (de1cdb333a402b279f04d627122fa08e) c:\Program Files\Zune\ZuneWlanCfgSvc.exe
13:05:53.0341 7620 ZuneWlanCfgSvc - ok
13:05:53.0404 7620 MBR (0x1B8) (cdb4de4bbd714f152979da2dcbef57eb) \Device\Harddisk0\DR0
13:05:53.0825 7620 \Device\Harddisk0\DR0 - ok
13:05:53.0887 7620 Boot (0x1200) (27517a8949e270e4d070113fce694625) \Device\Harddisk0\DR0\Partition0
13:05:53.0887 7620 \Device\Harddisk0\DR0\Partition0 - ok
13:05:53.0887 7620 Boot (0x1200) (ddca41a38af1f5e36380e9c397687086) \Device\Harddisk0\DR0\Partition1
13:05:53.0887 7620 \Device\Harddisk0\DR0\Partition1 - ok
13:05:53.0887 7620 ============================================================
13:05:53.0887 7620 Scan finished
13:05:53.0887 7620 ============================================================
13:05:53.0903 7820 Detected object count: 0
13:05:53.0903 7820 Actual detected object count: 0





aswMBR log:
aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-22 13:06:52
-----------------------------
13:06:52.708 OS Version: Windows 6.0.6002 Service Pack 2
13:06:52.708 Number of processors: 2 586 0x170A
13:06:52.709 ComputerName: OLIVIA-PC UserName: Olivia
13:06:54.472 Initialize success
13:07:06.525 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
13:07:06.525 Disk 0 Vendor: WDC_WD32 11.0 Size: 305245MB BusType: 3
13:07:06.645 Disk 0 MBR read successfully
13:07:06.645 Disk 0 MBR scan
13:07:06.645 Disk 0 Windows VISTA default MBR code
13:07:06.685 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
13:07:06.745 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 15000 MB offset 81920
13:07:06.805 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 290204 MB offset 30801920
13:07:06.935 Disk 0 scanning sectors +625140400
13:07:07.356 Disk 0 scanning C:\Windows\system32\drivers
13:08:14.799 Service scanning
13:08:51.061 Modules scanning
13:09:58.033 Disk 0 trace - called modules:
13:09:58.073 ntkrnlpa.exe CLASSPNP.SYS disk.sys iastor.sys hal.dll
13:09:58.083 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85f74780]
13:09:58.083 3 CLASSPNP.SYS[8b5a98b3] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x85467028]
13:09:58.093 Scan finished successfully
13:10:17.059 Disk 0 MBR has been saved successfully to "C:\Users\Olivia\Desktop\MBR.dat"
13:10:17.059 The log file has been saved successfully to "C:\Users\Olivia\Desktop\aswMBR1.txt"



ESET scan
C:\ProgramData\Spybot - Search & Destroy\Recovery\DNSFlushcws1.zip Win32/Bagle.gen.zip worm
C:\TDSSKiller_Quarantine\21.07.2012_22.54.53\mbr0000\tdlfs0000\tsk0001.dta Win32/Olmarik.AYI trojan
C:\TDSSKiller_Quarantine\21.07.2012_22.54.53\mbr0000\tdlfs0000\tsk0002.dta Win64/Olmarik.AK trojan
C:\TDSSKiller_Quarantine\21.07.2012_22.54.53\mbr0000\tdlfs0000\tsk0004.dta Win64/Olmarik.AL trojan
C:\TDSSKiller_Quarantine\21.07.2012_22.54.53\mbr0000\tdlfs0000\tsk0005.dta a variant of Win32/Rootkit.Kryptik.NH trojan
C:\TDSSKiller_Quarantine\21.07.2012_22.54.53\mbr0000\tdlfs0000\tsk0006.dta Win64/Olmarik.AK trojan
C:\TDSSKiller_Quarantine\21.07.2012_22.54.53\mbr0000\tdlfs0000\tsk0010.dta Win32/Olmarik.AFK trojan
C:\TDSSKiller_Quarantine\21.07.2012_22.54.53\mbr0000\tdlfs0000\tsk0011.dta Win64/Olmarik.AK trojan
C:\Users\All Users\Spybot - Search & Destroy\Recovery\DNSFlushcws1.zip Win32/Bagle.gen.zip worm

#5 Cipher91

Cipher91
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:08:53 PM

Posted 22 July 2012 - 02:20 PM

Also, I know it wasn't asked for but I did a GMER scan earlier. I can post that as well if it will help at all.

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:53 PM

Posted 22 July 2012 - 02:43 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Create a restore point before trying this

Download

adware cleaner

Launch it click on Delete

post the generated log

#7 Cipher91

Cipher91
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:08:53 PM

Posted 22 July 2012 - 05:38 PM

MiniToolBox by Farbar Version: 22-07-2012
Ran by Olivia (administrator) on 22-07-2012 at 18:00:27
Microsoft® Windows Vista™ Home Basic Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

::1 localhost

127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1001namen.com
127.0.0.1 1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com

There are 14942 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

Dell Wireless 1397 WLAN Mini-Card = Wireless Network Connection (Connected)
Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Olivia-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : hsd1.md.comcast.net.

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : hsd1.md.comcast.net.
Description . . . . . . . . . . . : Dell Wireless 1397 WLAN Mini-Card
Physical Address. . . . . . . . . : 00-22-5F-A4-54-D8
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::9181:3b8f:8b75:f3bc%11(Preferred)
IPv4 Address. . . . . . . . . . . : 10.0.0.4(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Sunday, July 22, 2012 5:45:54 PM
Lease Expires . . . . . . . . . . : Sunday, July 29, 2012 5:45:53 PM
Default Gateway . . . . . . . . . : 10.0.0.1
DHCP Server . . . . . . . . . . . : 10.0.0.1
DHCPv6 IAID . . . . . . . . . . . : 285221471
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-11-AF-50-6F-00-23-AE-39-33-0B
DNS Servers . . . . . . . . . . . : 75.75.75.75
75.75.76.76
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller
Physical Address. . . . . . . . . : 00-23-AE-39-33-0B
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 6:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{F1C8022C-C7D6-4E8F-9314-F241520060B6}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 13:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.hsd1.md.comcast.net.
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: cdns01.comcast.net
Address: 75.75.75.75

Name: google.com
Addresses: 2607:f8b0:4004:800::1005
74.125.226.231
74.125.226.226
74.125.226.225
74.125.226.229
74.125.226.233
74.125.226.238
74.125.226.228
74.125.226.230
74.125.226.224
74.125.226.232
74.125.226.227



Pinging google.com [173.194.43.34] with 32 bytes of data:

Reply from 173.194.43.34: bytes=32 time=24ms TTL=52

Reply from 173.194.43.34: bytes=32 time=23ms TTL=52



Ping statistics for 173.194.43.34:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 23ms, Maximum = 24ms, Average = 23ms

Server: cdns01.comcast.net
Address: 75.75.75.75

Name: yahoo.com
Addresses: 209.191.122.70
72.30.38.140
98.139.183.24



Pinging yahoo.com [72.30.38.140] with 32 bytes of data:

Reply from 72.30.38.140: bytes=32 time=116ms TTL=47

Reply from 72.30.38.140: bytes=32 time=161ms TTL=47



Ping statistics for 72.30.38.140:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 116ms, Maximum = 161ms, Average = 138ms

Server: cdns01.comcast.net
Address: 75.75.75.75

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:

Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
11 ...00 22 5f a4 54 d8 ...... Dell Wireless 1397 WLAN Mini-Card
10 ...00 23 ae 39 33 0b ...... Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller
1 ........................... Software Loopback Interface 1
12 ...00 00 00 00 00 00 00 e0 isatap.{F1C8022C-C7D6-4E8F-9314-F241520060B6}
14 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
15 ...00 00 00 00 00 00 00 e0 isatap.hsd1.md.comcast.net.
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.0.0.1 10.0.0.4 25
10.0.0.0 255.255.255.0 On-link 10.0.0.4 281
10.0.0.4 255.255.255.255 On-link 10.0.0.4 281
10.0.0.255 255.255.255.255 On-link 10.0.0.4 281
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 10.0.0.4 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 10.0.0.4 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
11 281 fe80::/64 On-link
11 281 fe80::9181:3b8f:8b75:f3bc/128
On-link
1 306 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 06 C:\Windows\System32\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 mswsock.dll [File Not found] ()
Catalog9 02 mswsock.dll [File Not found] ()
Catalog9 03 mswsock.dll [File Not found] ()
Catalog9 04 mswsock.dll [File Not found] ()
Catalog9 05 mswsock.dll [File Not found] ()
Catalog9 06 mswsock.dll [File Not found] ()
Catalog9 07 mswsock.dll [File Not found] ()
Catalog9 08 mswsock.dll [File Not found] ()
Catalog9 09 mswsock.dll [File Not found] ()
Catalog9 10 mswsock.dll [File Not found] ()
Catalog9 11 mswsock.dll [File Not found] ()
Catalog9 12 mswsock.dll [File Not found] ()
Catalog9 13 mswsock.dll [File Not found] ()
Catalog9 14 mswsock.dll [File Not found] ()
Catalog9 15 mswsock.dll [File Not found] ()
Catalog9 16 mswsock.dll [File Not found] ()
Catalog9 17 mswsock.dll [File Not found] ()
Catalog9 18 mswsock.dll [File Not found] ()
Catalog9 19 mswsock.dll [File Not found] ()
Catalog9 20 mswsock.dll [File Not found] ()
Catalog9 21 mswsock.dll [File Not found] ()
Catalog9 22 mswsock.dll [File Not found] ()
Catalog9 23 mswsock.dll [File Not found] ()
Catalog9 24 mswsock.dll [File Not found] ()

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/22/2012 05:47:16 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/22/2012 05:38:24 PM) (Source: Application Error) (User: )
Description: Faulting application Explorer.EXE, version 6.0.6002.18005, time stamp 0x49e01da5, faulting module DELL-B~1.DLL_unloaded, version 0.0.0.0, time stamp 0x4fe34d90, exception code 0xc0000005, fault offset 0x09fa7ba0,
process id 0x8a8, application start time 0xExplorer.EXE0.

Error: (07/22/2012 06:01:18 AM) (Source: Application Error) (User: )
Description: Faulting application psu7ouwz.exe, version 1.0.15.15641, time stamp 0x4e21f2b1, faulting module psu7ouwz.exe, version 1.0.15.15641, time stamp 0x4e21f2b1, exception code 0xc0000005, fault offset 0x0000c676,
process id 0x13ac, application start time 0xpsu7ouwz.exe0.

Error: (07/22/2012 05:53:34 AM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\OLIVIA\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\VUFWR48L.DEFAULT\CACHE\6\E8> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (07/22/2012 05:53:34 AM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\OLIVIA\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\VUFWR48L.DEFAULT\CACHE\6\E8> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (07/22/2012 05:53:34 AM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\OLIVIA\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\VUFWR48L.DEFAULT\CACHE\2\D2> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (07/22/2012 05:53:34 AM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\OLIVIA\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\VUFWR48L.DEFAULT\CACHE\2\D2> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (07/22/2012 05:53:34 AM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\OLIVIA\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\VUFWR48L.DEFAULT\CACHE\F\41> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (07/22/2012 05:53:33 AM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\OLIVIA\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\VUFWR48L.DEFAULT\CACHE\F\41> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (07/22/2012 05:53:33 AM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\OLIVIA\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\VUFWR48L.DEFAULT\CACHE\F\60> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)


System errors:
=============
Error: (07/22/2012 05:58:25 PM) (Source: netbt) (User: )
Description: The name "DFFJK5B1 :0" could not be registered on the interface with IP address 10.0.0.4.
The computer with the IP address 10.0.0.2 did not allow the name to be claimed by
this computer.

Error: (07/22/2012 05:58:21 PM) (Source: netbt) (User: )
Description: The name "SARAH-PC :0" could not be registered on the interface with IP address 10.0.0.4.
The computer with the IP address 10.0.0.3 did not allow the name to be claimed by
this computer.

Error: (07/22/2012 05:49:54 PM) (Source: WMPNetworkSvc) (User: )
Description: WMPNetworkSvc0x80070424

Error: (07/22/2012 05:48:19 PM) (Source: netbt) (User: )
Description: The name "DFFJK5B1 :0" could not be registered on the interface with IP address 10.0.0.4.
The computer with the IP address 10.0.0.2 did not allow the name to be claimed by
this computer.

Error: (07/22/2012 05:48:15 PM) (Source: netbt) (User: )
Description: The name "SARAH-PC :0" could not be registered on the interface with IP address 10.0.0.4.
The computer with the IP address 10.0.0.3 did not allow the name to be claimed by
this computer.

Error: (07/22/2012 05:48:12 PM) (Source: WMPNetworkSvc) (User: )
Description: WMPNetworkSvc0x80070424

Error: (07/22/2012 05:47:48 PM) (Source: Service Control Manager) (User: )
Description: Dell Security Advisor Updater Service

Error: (07/22/2012 05:47:48 PM) (Source: Service Control Manager) (User: )
Description: Dell Tech Concierge Desk Extension Service

Error: (07/22/2012 05:47:17 PM) (Source: Service Control Manager) (User: )
Description: SBSD Security Center Servicewscsvc

Error: (07/22/2012 05:47:17 PM) (Source: Service Control Manager) (User: )
Description: IPsec Policy AgentBFE


Microsoft Office Sessions:
=========================
Error: (03/03/2011 06:26:31 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 181 seconds with 120 seconds of active time. This session ended with a crash.

Error: (03/03/2011 06:23:20 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 250590 seconds with 11160 seconds of active time. This session ended with a crash.

Error: (11/05/2009 01:30:56 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6504.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 713017 seconds with 600 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
Acrobat.com (Version: 2.1.0)
Acrobat.com (Version: 2.1.0.0)
Action Replay Code Manager
Adobe AIR (Version: 1.5.3.9130)
Adobe Digital Editions
Adobe Flash Player 11 Plugin (Version: 11.3.300.265)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Adobe Shockwave Player 11.5 (Version: 11.5.9.615)
Airport Mania
Amazon Games & Software Downloader (Version: 2.0.2.0)
Amazon MP3 Downloader 1.0.15 (Version: 1.0.15)
Apple Application Support (Version: 2.1.9)
Apple Mobile Device Support (Version: 5.2.0.6)
Apple Software Update (Version: 2.1.3.127)
Audacity 1.2.6
AudibleManager (Version: 597577851.-2.2010017830.2010016844)
Big Fish Games: Game Manager (Version: 3.0.1.60)
Big Kahuna Reef
Bing Bar (Version: 7.0.609.0)
Bing Rewards Client Installer (Version: 16.0.345.0)
Blue Coat K9 Web Protection 4.2.123 (Version: 4.2.123)
Bonjour (Version: 3.0.0.10)
CCleaner (Version: 3.20)
CDisplay 1.8
Choice Guard (Version: 1.2.87.0)
Cisco EAP-FAST Module (Version: 2.1.6)
Cisco LEAP Module (Version: 1.0.12)
Cisco PEAP Module (Version: 1.0.13)
CrashPlan (Version: 3.0.3)
Dark Parables: Curse of Briar Rose
Defraggler (Version: 2.10)
Dell-eBay (Version: 1.00.0000)
Dell DataSafe Local Backup - Support Software (Version: 2.16)
Dell DataSafe Local Backup (Version: Dell DataSafe Local Backup 2.75 x86)
Dell DataSafe Online (Version: 1.2.0009)
Dell Dock (Version: 1.0.0)
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell Remote Access (Version: 1.0.0.0)
Dell Security Advisor 3.0.14 (Version: 3.0.14)
Dell Support Center (Version: 3.1.5907.39)
Dell Tech Concierge Backup (32-bit) (Version: 5.1.13452.801)
Dell Tech Concierge Desk 5.2.30 (Version: 5.2.30)
Dell Tech Concierge Desk Extension 4.5.20 (Version: 4.5.20)
Dell Touchpad (Version: 7.4.115.101)
Dell Wireless WLAN Card Utility (Version: 5.10.38.30)
DivX Setup (Version: 2.6.1.3)
eMusic Download Manager (Version: 5.0.5)
ESET Online Scanner v3
ExamGuard (Version: 1.02.0001)
ffdshow v1.1.3836 [2011-05-02] (Version: 1.1.3836.0)
Google Earth (Version: 6.1.0.5001)
Google Update Helper (Version: 1.3.21.115)
Google Updater (Version: 2.4.2432.1652)
GoToAssist 8.0.0.514
Intel® TV Wizard
Intel® Matrix Storage Manager
iTunes (Version: 10.6.3.25)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 31 (Version: 6.0.310)
Junk Mail filter update (Version: 14.0.8050.1202)
jZip
LAME v3.99.3 (for Windows)
Luxor
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Move Media Player
Mozilla Firefox 13.0.1 (x86 en-US) (Version: 13.0.1)
Mozilla Maintenance Service (Version: 13.0.1)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
MyPoints Point Finder (Version: 1.514)
Norton Security Suite (Version: 5.2.2.3)
Octoshape add-in for Adobe Flash Player
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
OverDrive Media Console (Version: 3.2.10)
PlayStation®Network Downloader (Version: 2.01.11251)
PowerDVD DX (Version: 8.2.5024)
Questionmark Secure Browser (Version: 4.2.4.0)
QuickSet32 (Version: 9.6.21)
QuickTime (Version: 7.72.80.56)
Radialpoint Malware Removal Tool version 1.51.1.2100 (Version: 1.51.1.2100)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer
RealUpgrade 1.1 (Version: 1.1.0)
Roxio Creator Audio (Version: 3.7.0)
Roxio Creator Copy (Version: 3.7.0)
Roxio Creator Data (Version: 3.7.0)
Roxio Creator DE (Version: 10.1)
Roxio Creator DE (Version: 3.7.0)
Roxio Creator Tools (Version: 3.7.0)
Roxio Express Labeler 3 (Version: 3.2.1)
Roxio Update Manager (Version: 6.0.0)
Spelling Dictionaries Support For Adobe Reader 9 (Version: 9.0.0)
Spybot - Search & Destroy (Version: 1.6.2)
SUPERAntiSpyware Free Edition (Version: 4.33.0.1000)
TBS WMP Plug-in (Version: 1.00.676)
TI Connect 1.6 (Version: 1.6)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
Windows Live Call (Version: 14.0.8050.1202)
Windows Live Communications Platform (Version: 14.0.8050.1202)
Windows Live Essentials (Version: 14.0.8050.1202)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows Live Mail (Version: 14.0.8050.1202)
Windows Live Messenger (Version: 14.0.8050.1202)
Windows Live Photo Gallery (Version: 14.0.8051.1204)
Windows Live Sync (Version: 14.0.8050.1202)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8050.1202)
Windows Media DRM Reset
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
Windows Mobile Device Updater Component (Version: 04.08.2345.00)
Xiph.Org Open Codecs 0.85.17777 (Version: 0.85.17777)
Yamaha's Digital Music Notebook (Version: 3.0.71.2)
ZSNES (a FREE GNU licensed SNES Famicom Game Emulator) version
Zune (Version: 04.08.2345.00)
Zune Language Pack (CHS) (Version: 04.08.2345.00)
Zune Language Pack (CHT) (Version: 04.08.2345.00)
Zune Language Pack (CSY) (Version: 04.08.2345.00)
Zune Language Pack (DAN) (Version: 04.08.2345.00)
Zune Language Pack (DEU) (Version: 04.08.2345.00)
Zune Language Pack (ELL) (Version: 04.08.2345.00)
Zune Language Pack (ESP) (Version: 04.08.2345.00)
Zune Language Pack (FIN) (Version: 04.08.2345.00)
Zune Language Pack (FRA) (Version: 04.08.2345.00)
Zune Language Pack (HUN) (Version: 04.08.2345.00)
Zune Language Pack (IND) (Version: 04.08.2345.00)
Zune Language Pack (ITA) (Version: 04.08.2345.00)
Zune Language Pack (JPN) (Version: 04.08.2345.00)
Zune Language Pack (KOR) (Version: 04.08.2345.00)
Zune Language Pack (MSL) (Version: 04.08.2345.00)
Zune Language Pack (NLD) (Version: 04.08.2345.00)
Zune Language Pack (NOR) (Version: 04.08.2345.00)
Zune Language Pack (PLK) (Version: 04.08.2345.00)
Zune Language Pack (PTB) (Version: 04.08.2345.00)
Zune Language Pack (PTG) (Version: 04.08.2345.00)
Zune Language Pack (RUS) (Version: 04.08.2345.00)
Zune Language Pack (SVE) (Version: 04.08.2345.00)

========================= Memory info: ===================================

Percentage of memory in use: 49%
Total physical RAM: 3545.45 MB
Available physical RAM: 1784.45 MB
Total Pagefile: 7310.64 MB
Available Pagefile: 5230.32 MB
Total Virtual: 2047.88 MB
Available Virtual: 1943.57 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:283.4 GB) (Free:187.01 GB) NTFS
2 Drive e: (RECOVERY) (Fixed) (Total:14.65 GB) (Free:8.04 GB) NTFS

========================= Users: ========================================

User accounts for \\OLIVIA-PC

Administrator Guest Olivia


**** End of log ****



Farbar Service Scanner Version: 22-07-2012
Ran by Olivia (administrator) on 22-07-2012 at 18:18:22
Running from "C:\Users\Olivia\Desktop"
Microsoft® Windows Vista™ Home Basic Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.


Firewall Disabled Policy:
==================
ATTENTION!=====> Unable to open HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile. The key does not exist.
ATTENTION!=====> Unable to open HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile. The key does not exist.


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============

sharedaccess Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of sharedaccess. The value does not exist.
Checking ImagePath: ATTENTION!=====> Unable to retrieve ImagePath of sharedaccess. The value does not exist.
Unable to retrieve ServiceDll of sharedaccess. The value does not exist.


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys
[2012-05-08 22:24] - [2012-03-30 08:39] - 0905600 ____A (Microsoft Corporation) 27D470DABC77BC60D0A3B0E4DEB6CB91

C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll
[2008-01-20 22:33] - [2008-01-20 22:33] - 0288256 ____A (Microsoft Corporation) E1499BD0FF76B1B2FBBF1AF339D91165

C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****


# AdwCleaner v1.703 - Logfile created 07/22/2012 at 18:20:38
# Updated 20/07/2012 by Xplode
# Operating system : Windows Vista ™ Home Basic Service Pack 2 (32 bits)
# User : Olivia - OLIVIA-PC
# Running from : C:\Users\Olivia\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Users\Olivia\AppData\LocalLow\boost_interprocess
Folder Deleted : C:\Users\Olivia\AppData\Roaming\Mozilla\Firefox\Profiles\vufwr48l.default\Conduit
Folder Deleted : C:\Users\Olivia\AppData\Roaming\Mozilla\Firefox\Profiles\vufwr48l.default\ConduitCommon
Folder Deleted : C:\Users\Olivia\AppData\Roaming\Mozilla\Firefox\Profiles\vufwr48l.default\ConduitEngine
Folder Deleted : C:\ProgramData\InstallMate
File Deleted : C:\Users\Olivia\AppData\Roaming\Mozilla\Firefox\Profiles\vufwr48l.default\searchplugins\Conduit.xml

***** [Registry] *****

[*] Key Deleted : HKLM\SOFTWARE\FCTB000060497
[*] Key Deleted : HKLM\SOFTWARE\Classes\FCTB000060497.FCTB000060497Pos
[*] Key Deleted : HKLM\SOFTWARE\Classes\FCTB000060497.FCTB000060497Pos.1
[*] Key Deleted : HKLM\SOFTWARE\Classes\FCTB000060497.IEToolbar
[*] Key Deleted : HKLM\SOFTWARE\Classes\FCTB000060497.IEToolbar.1
[*] Key Deleted : HKLM\SOFTWARE\Classes\FCTB000060497.JSOptionsImpl
[*] Key Deleted : HKLM\SOFTWARE\Classes\FCTB000060497.JSOptionsImpl.1
Key Deleted : HKCU\Software\AppDataLow\Software\Freecause
Key Deleted : HKCU\Software\Headlight
Key Deleted : HKLM\SOFTWARE\Classes\FreeCauseURLSearchHook.FCToolbarURLSearchHook
Key Deleted : HKLM\SOFTWARE\Classes\FreeCauseURLSearchHook.FCToolbarURLSearchHook.1
Key Deleted : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43

***** [Registre - GUID] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v13.0.1 (en-US)

Profile name : default
File : C:\Users\Olivia\AppData\Roaming\Mozilla\Firefox\Profiles\vufwr48l.default\prefs.js

C:\Users\Olivia\AppData\Roaming\Mozilla\Firefox\Profiles\vufwr48l.default\user.js ... Deleted !

Deleted : user_pref("CT2260173..clientLogIsEnabled", true);
Deleted : user_pref("CT2260173..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT2260173..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT2260173.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Deleted : user_pref("CT2260173.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT2260173.AppTrackingLastCheckTime", "Sun Oct 16 2011 06:54:28 GMT-0400 (Eastern Daylight[...]
Deleted : user_pref("CT2260173.CT2260173", "CT2260173");
Deleted : user_pref("CT2260173.CommunitiesChangesLastCheckTime", "0");
Deleted : user_pref("CT2260173.CurrentServerDate", "10-11-2011");
Deleted : user_pref("CT2260173.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2260173.DialogsGetterLastCheckTime", "Mon Nov 07 2011 23:32:05 GMT-0500 (Eastern Standa[...]
Deleted : user_pref("CT2260173.DownloadReferralCookieData", "");
Deleted : user_pref("CT2260173.EMailNotifierPollDate", "Fri Jun 03 2011 00:54:26 GMT-0400 (Eastern Daylight Ti[...]
Deleted : user_pref("CT2260173.EnableClickToSearchBox", false);
Deleted : user_pref("CT2260173.EnableSearchHistory", false);
Deleted : user_pref("CT2260173.EnableSearchSuggest", false);
Deleted : user_pref("CT2260173.FeedLastCount128940659599556287", 0);
Deleted : user_pref("CT2260173.FeedPollDate128940659196275477", "Wed Nov 09 2011 16:57:35 GMT-0500 (Eastern St[...]
Deleted : user_pref("CT2260173.FeedPollDate128940659574712536", "Wed Nov 09 2011 15:59:41 GMT-0500 (Eastern St[...]
Deleted : user_pref("CT2260173.FeedTTL128940659574712536", 40);
Deleted : user_pref("CT2260173.FirstServerDate", "2-6-2011");
Deleted : user_pref("CT2260173.FirstTime", true);
Deleted : user_pref("CT2260173.FirstTimeFF3", true);
Deleted : user_pref("CT2260173.FixPageNotFoundErrors", false);
Deleted : user_pref("CT2260173.GroupingInvalidateCache", false);
Deleted : user_pref("CT2260173.GroupingLastCheckTime", "0");
Deleted : user_pref("CT2260173.GroupingLastServerUpdateTime", "0");
Deleted : user_pref("CT2260173.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT2260173.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT2260173.HasUserGlobalKeys", true);
Deleted : user_pref("CT2260173.HomePageProtectorEnabled", false);
Deleted : user_pref("CT2260173.Initialize", true);
Deleted : user_pref("CT2260173.InitializeCommonPrefs", true);
Deleted : user_pref("CT2260173.InstallationAndCookieDataSentCount", 3);
Deleted : user_pref("CT2260173.InstalledDate", "Thu Jun 02 2011 02:05:21 GMT-0400 (Eastern Daylight Time)");
Deleted : user_pref("CT2260173.InvalidateCache", false);
Deleted : user_pref("CT2260173.IsAlertDBUpdated", true);
Deleted : user_pref("CT2260173.IsGrouping", false);
Deleted : user_pref("CT2260173.IsMulticommunity", false);
Deleted : user_pref("CT2260173.IsOpenThankYouPage", true);
Deleted : user_pref("CT2260173.IsOpenUninstallPage", true);
Deleted : user_pref("CT2260173.LanguagePackLastCheckTime", "Wed Nov 09 2011 09:42:18 GMT-0500 (Eastern Standar[...]
Deleted : user_pref("CT2260173.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT2260173.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT2260173.LastLogin_3.3.5.1", "Thu Jun 23 2011 22:14:18 GMT-0400 (Eastern Daylight Time)"[...]
Deleted : user_pref("CT2260173.LastLogin_3.5.0.12", "Mon Aug 15 2011 23:58:28 GMT-0400 (Eastern Daylight Time)[...]
Deleted : user_pref("CT2260173.LastLogin_3.6.0.10", "Wed Sep 28 2011 07:21:41 GMT-0400 (Eastern Daylight Time)[...]
Deleted : user_pref("CT2260173.LastLogin_3.7.0.6", "Wed Nov 09 2011 14:59:21 GMT-0500 (Eastern Standard Time)"[...]
Deleted : user_pref("CT2260173.LastLogin_3.8.0.8", "Wed Nov 09 2011 17:00:48 GMT-0500 (Eastern Standard Time)"[...]
Deleted : user_pref("CT2260173.LatestVersion", "3.8.0.8");
Deleted : user_pref("CT2260173.Locale", "en");
Deleted : user_pref("CT2260173.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2260173.MCDetectTooltipShow", false);
Deleted : user_pref("CT2260173.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT2260173.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2260173.MyStuffEnabledAtInstallation", true);
Deleted : user_pref("CT2260173.RadioLastCheckTime", "0");
Deleted : user_pref("CT2260173.RadioLastUpdateIPServer", "0");
Deleted : user_pref("CT2260173.RadioLastUpdateServer", "0");
Deleted : user_pref("CT2260173.SearchEngineBeforeUnload", "chrome://browser-region/locale/region.properties");
Deleted : user_pref("CT2260173.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2260173.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT226[...]
Deleted : user_pref("CT2260173.SearchInNewTabEnabled", true);
Deleted : user_pref("CT2260173.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT2260173.SearchInNewTabLastCheckTime", "Wed Nov 09 2011 09:42:13 GMT-0500 (Eastern Stand[...]
Deleted : user_pref("CT2260173.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT2260173.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usa[...]
Deleted : user_pref("CT2260173.SearchInNewTabUserEnabled", false);
Deleted : user_pref("CT2260173.SearchProtectorEnabled", false);
Deleted : user_pref("CT2260173.SearchProtectorToolbarDisabled", false);
Deleted : user_pref("CT2260173.ServiceMapLastCheckTime", "Wed Nov 09 2011 13:12:39 GMT-0500 (Eastern Standard [...]
Deleted : user_pref("CT2260173.SettingsLastCheckTime", "Wed Nov 09 2011 15:59:40 GMT-0500 (Eastern Standard Ti[...]
Deleted : user_pref("CT2260173.SettingsLastUpdate", "1317849484");
Deleted : user_pref("CT2260173.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT2260173.ThirdPartyComponentsLastCheck", "Sat Nov 05 2011 00:31:50 GMT-0400 (Eastern Day[...]
Deleted : user_pref("CT2260173.ThirdPartyComponentsLastUpdate", "1312887586");
Deleted : user_pref("CT2260173.ToolbarShrinkedFromSetup", false);
Deleted : user_pref("CT2260173.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2260173");
Deleted : user_pref("CT2260173.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Deleted : user_pref("CT2260173.UserID", "UN13554748243026493");
Deleted : user_pref("CT2260173.ValidationData_Search", 2);
Deleted : user_pref("CT2260173.ValidationData_Toolbar", 2);
Deleted : user_pref("CT2260173.alertChannelId", "657446");
Deleted : user_pref("CT2260173.approveUntrustedApps", true);
Deleted : user_pref("CT2260173.backendstorage.url_history", "687474703A2F2F736F736869666965642E636F6D2F666F727[...]
Deleted : user_pref("CT2260173.backendstorage.url_history_time", "31333131373337373632333237");
Deleted : user_pref("CT2260173.components.1000034", false);
Deleted : user_pref("CT2260173.components.1000082", false);
Deleted : user_pref("CT2260173.components.1000234", false);
Deleted : user_pref("CT2260173.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Deleted : user_pref("CT2260173.globalFirstTimeInfoLastCheckTime", "Wed Nov 09 2011 13:12:39 GMT-0500 (Eastern [...]
Deleted : user_pref("CT2260173.homepageProtectorEnableByLogin", true);
Deleted : user_pref("CT2260173.initDone", true);
Deleted : user_pref("CT2260173.isAppTrackingManagerOn", true);
Deleted : user_pref("CT2260173.myStuffEnabled", true);
Deleted : user_pref("CT2260173.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT2260173.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT2260173.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT2260173.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT2260173.oldAppsList", "128848965243869714,128848965243869715,111,128958821111237507,128[...]
Deleted : user_pref("CT2260173.revertSettingsEnabled", false);
Deleted : user_pref("CT2260173.searchProtectorDialogDelayInSec", 10);
Deleted : user_pref("CT2260173.searchProtectorEnableByLogin", true);
Deleted : user_pref("CT2260173.testingCtid", "");
Deleted : user_pref("CT2260173.toolbarAppMetaDataLastCheckTime", "Wed Nov 09 2011 13:12:38 GMT-0500 (Eastern S[...]
Deleted : user_pref("CT2260173.toolbarContextMenuLastCheckTime", "Sat Nov 05 2011 18:09:02 GMT-0400 (Eastern D[...]
Deleted : user_pref("CT2260173.usageEnabled", false);
Deleted : user_pref("CT2260173.usagesFlag", 2);
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/657446/653307/US", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/US", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2260173", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.5[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.5.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.6.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.7.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2260173",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/20[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2260173&octid=[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2260173/CT2260173[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"1d8[...]
Deleted : user_pref("CommunityToolbar.EngineOwner", "CT2260173");
Deleted : user_pref("CommunityToolbar.EngineOwnerGuid", "{8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94}");
Deleted : user_pref("CommunityToolbar.EngineOwnerToolbarId", "swag_bucks");
Deleted : user_pref("CommunityToolbar.IsEngineShown", true);
Deleted : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Olivia\\AppData\\Roaming\\Mozilla\\[...]
Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.8.0.8");
Deleted : user_pref("CommunityToolbar.OriginalEngineOwner", "CT2260173");
Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94}");
Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "swag_bucks");
Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://www.google.com/search?ie=UTF-8&so[...]
Deleted : user_pref("CommunityToolbar.ToolbarsList", "ConduitEngine,CT2260173");
Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2260173");
Deleted : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Thu Jun 02 2011 02:05:19 GMT-04[...]
Deleted : user_pref("CommunityToolbar.alert.alertEnabled", true);
Deleted : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Deleted : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Sun Jun 19 2011 23:38:25 GMT-0400 (Easte[...]
Deleted : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.locale", "en");
Deleted : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Thu Jun 23 2011 22:14:15 GMT-0400 (Eastern D[...]
Deleted : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");
Deleted : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.alert.userId", "95d1adcf-24ef-48b1-826c-46f10adc5a63");
Deleted : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Wed Nov 09 2011 13:12:38 GMT-0500 (Eas[...]
Deleted : user_pref("CommunityToolbar.globalUserId", "ddc79d57-d61c-4ecb-ae28-54e5b9529cc0");
Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2260173");
Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sat Nov 05 2011 00:32:0[...]
Deleted : user_pref("CommunityToolbar.notifications.alertEnabled", true);
Deleted : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
Deleted : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Tue Nov 08 2011 23:37:26 GMT-050[...]
Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Wed Nov 09 2011 09:42:11 GMT-0500 (E[...]
Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.notifications.userId", "cd489441-355c-41d0-bab9-a6f9bb49760c");
Deleted : user_pref("ConduitEngine.AppTrackingLastCheckTime", "Thu Jun 02 2011 05:05:18 GMT-0400 (Eastern Dayl[...]
Deleted : user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Tue Jun 21 2011 16:01:20 GMT-0400 (Eastern Da[...]
Deleted : user_pref("ConduitEngine.FirstServerDate", "06/02/2011 09");
Deleted : user_pref("ConduitEngine.FirstTime", true);
Deleted : user_pref("ConduitEngine.FirstTimeFF3", true);
Deleted : user_pref("ConduitEngine.HasUserGlobalKeys", true);
Deleted : user_pref("ConduitEngine.HideEngineAfterRestart", true);
Deleted : user_pref("ConduitEngine.Initialize", true);
Deleted : user_pref("ConduitEngine.InitializeCommonPrefs", true);
Deleted : user_pref("ConduitEngine.InstalledDate", "Thu Jun 02 2011 02:05:20 GMT-0400 (Eastern Daylight Time)"[...]
Deleted : user_pref("ConduitEngine.IsMulticommunity", false);
Deleted : user_pref("ConduitEngine.IsOpenThankYouPage", false);
Deleted : user_pref("ConduitEngine.IsOpenUninstallPage", true);
Deleted : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Thu Jun 23 2011 22:14:19 GMT-0400 (Eastern Day[...]
Deleted : user_pref("ConduitEngine.LastLogin_3.3.5.1", "Thu Jun 23 2011 22:14:19 GMT-0400 (Eastern Daylight Ti[...]
Deleted : user_pref("ConduitEngine.PublisherContainerWidth", 0);
Deleted : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Deleted : user_pref("ConduitEngine.SettingsLastCheckTime", "Thu Jun 23 2011 22:14:19 GMT-0400 (Eastern Dayligh[...]
Deleted : user_pref("ConduitEngine.UserID", "UN91169259439771360");
Deleted : user_pref("ConduitEngine.engineLocale", "en-US");
Deleted : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Thu Jun 23 2011 22:14:19 GMT-0400 (Easte[...]
Deleted : user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Thu Jun 23 2011 22:14:19 GMT-0400 (East[...]
Deleted : user_pref("ConduitEngine.initDone", true);
Deleted : user_pref("ConduitEngine.isAppTrackingManagerOn", true);
Deleted : user_pref("browser.search.defaultthis.engineName", "Swag Bucks Customized Web Search");
Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2260173&Sea[...]
Deleted : user_pref("myqna.searchquotes", "Y");

*************************

AdwCleaner[S1].txt - [278 octets] - [22/07/2012 18:19:14]
AdwCleaner[S2].txt - [19467 octets] - [22/07/2012 18:20:38]

########## EOF - C:\AdwCleaner[S2].txt - [19596 octets] ##########

#8 Cipher91

Cipher91
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:08:53 PM

Posted 22 July 2012 - 05:42 PM

Also, I encountered a problem when trying to create a restore point. Every time I try to create one I get the message "restore point creation disabled by group policy." The fixes I found for this in google don't work. gpedit.msc does not exist on my computer and I could not find the value disableconfig in regedit. A similar problem I encountered earlier was trying to use the "repair your computer" option when booting up. Instead of running the program a screen that says "other user" comes up and asks for a username and password. My usual username and password will not work. Why is this happening? I am not in a domain, this a standalone home computer.

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:53 PM

Posted 22 July 2012 - 06:17 PM

You cannot find disableconfig because most of fixes in google show you the wrong place

Press Windows+R key and type

regedit and click ok

Navigate to this path

HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\SystemRestore

On the right side

Delete following keys

Disable config
Disable SR

Restart,you should get back your system restore tab

We still have missing registry keys but before that we need to create a restore point

#10 Cipher91

Cipher91
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:08:53 PM

Posted 22 July 2012 - 06:32 PM

I went to HKEY_Local_Machine\SOFTWARE\Microsoft\WindowsNT\System Restore

There is no "policies" before "microsoft" I looked for it and it's not there

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:53 PM

Posted 22 July 2012 - 06:41 PM

Download

system look

Launch it,and copy this script

:reg
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\SystemRestore /s

Click on look,post the generated log

#12 Cipher91

Cipher91
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:08:53 PM

Posted 22 July 2012 - 06:43 PM

SystemLook 30.07.11 by jpshortstuff
Log created at 19:42 on 22/07/2012 by Olivia
Administrator - Elevation successful

========== reg ==========

[HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\SystemRestore]
"DisableConfig"= 0x0000000000 (0)
"DisableSR"= 0x0000000000 (0)


-= EOF =-

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:53 PM

Posted 22 July 2012 - 06:56 PM

Download

enablesr.reg

launch it,click YES

restart the pc,system restore should work now

#14 Cipher91

Cipher91
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:08:53 PM

Posted 22 July 2012 - 07:10 PM

It worked and I created a restore point

#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:53 PM

Posted 22 July 2012 - 07:23 PM

Download

mpssvc
bfe
wscsvc
windefend
sharedaccess

Launch them ,click YES when you get UAC prompt

restart the PC


Download

Windows repair tool

Extract and launch the Repair_Windows.exe file

Click on Start repairs tab-click on Start

check mark following options alone

Reset registry permissions
Repair WMI
Repair Windows Firewall.
Remove Policies Set By Infections
Repair Winsock & DNS Cache
Repair hosts


Checkmark Restart System When Finished option
click the Start button

System should restart after repair

Post the FSS log




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users