Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Live Security Platform Virus - No proxy chkd still can't connect


  • Please log in to reply
22 replies to this topic

#1 jimmymac

jimmymac

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Local time:02:52 AM

Posted 02 August 2012 - 04:39 PM

I have a Windows XP SP3 machine that has the Live Security Platform virus, so I went to this site and followed the directions to try and fix the problem.
http://www.bleepingcomputer.com/virus-removal/remove-live-security-platinum

I was not able to sign on as administrator, nor connect to my wireless network, so I used my other laptop to download the fixexec file to a usb drive which I then used on the infected computer to copy the fixexec file to the C: drive (where it would not run, no error, it just got hung up after the *No processes found to kill. message), and then to the desktop from where it then ran successfully. I then went to the Add/Remove Programs and clicked on the Change/Remove button for Live Security Platinum, but it would not remove the program. I also was still not able to connect wirelessly. I have checked the lan settings and the proxy server box is NOT checked. I have tried running the repair on the wireless connection, but it still will not connect.

Also, the USB drive that I used to copy the fixexec file onto the infected computer is no longer working on either laptop. I am now afraid that I have more problems than Live Security Platinum. I am running Avira Free version, and the Avira scan does not detect the virus.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:52 AM

Posted 02 August 2012 - 07:10 PM

Do you have a previous restore point?

#3 jimmymac

jimmymac
  • Topic Starter

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Local time:02:52 AM

Posted 02 August 2012 - 08:09 PM

Do you have a previous restore point?


No, not a recent one anyway (like several years).

#4 bedlin88

bedlin88

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Maryland, USA
  • Local time:03:52 AM

Posted 02 August 2012 - 08:41 PM

Check out my post here

http://www.bleepingcomputer.com/forums/topic463537.html

Check your services and make sure plug and play is still there if it's not check to see if the other services in the list in my post are there.

#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:52 AM

Posted 02 August 2012 - 08:54 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results


Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

#6 jimmymac

jimmymac
  • Topic Starter

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Local time:02:52 AM

Posted 02 August 2012 - 11:18 PM

Thanks. I will have to wait until I can get another USB key to do this because I can't get online with the infected computer.

#7 jimmymac

jimmymac
  • Topic Starter

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Local time:02:52 AM

Posted 04 August 2012 - 05:24 PM

17:15:52.0984 0632 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
17:15:53.0171 0632 ============================================================
17:15:53.0171 0632 Current date / time: 2012/08/04 17:15:53.0171
17:15:53.0171 0632 SystemInfo:
17:15:53.0171 0632
17:15:53.0171 0632 OS Version: 5.1.2600 ServicePack: 3.0
17:15:53.0171 0632 Product type: Workstation
17:15:53.0171 0632 ComputerName: MCREYNOLDS
17:15:53.0171 0632 UserName: Sarah&James
17:15:53.0171 0632 Windows directory: C:\WINDOWS
17:15:53.0171 0632 System windows directory: C:\WINDOWS
17:15:53.0171 0632 Processor architecture: Intel x86
17:15:53.0171 0632 Number of processors: 2
17:15:53.0171 0632 Page size: 0x1000
17:15:53.0171 0632 Boot type: Safe boot with network
17:15:53.0171 0632 ============================================================
17:15:55.0890 0632 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
17:15:55.0890 0632 Drive \Device\Harddisk1\DR7 - Size: 0x1E3000000 (7.55 Gb), SectorSize: 0x200, Cylinders: 0x3D9, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
17:15:55.0890 0632 ============================================================
17:15:55.0890 0632 \Device\Harddisk0\DR0:
17:15:55.0890 0632 MBR partitions:
17:15:55.0890 0632 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x17886, BlocksNum 0x875BEC3
17:15:55.0921 0632 \Device\Harddisk1\DR7:
17:15:55.0921 0632 MBR partitions:
17:15:55.0921 0632 \Device\Harddisk1\DR7\Partition0: MBR, Type 0xC, StartLBA 0x20, BlocksNum 0xF17FE0
17:15:55.0921 0632 ============================================================
17:15:55.0984 0632 C: <-> \Device\Harddisk0\DR0\Partition0
17:15:55.0984 0632 ============================================================
17:15:55.0984 0632 Initialize success
17:15:55.0984 0632 ============================================================
17:16:18.0546 0720 ============================================================
17:16:18.0546 0720 Scan started
17:16:18.0546 0720 Mode: Manual; TDLFS;
17:16:18.0546 0720 ============================================================
17:16:20.0765 0720 Abiosdsk - ok
17:16:20.0843 0720 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
17:16:20.0843 0720 abp480n5 - ok
17:16:20.0968 0720 ACDaemon (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
17:16:20.0968 0720 ACDaemon - ok
17:16:21.0031 0720 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
17:16:21.0046 0720 ACPI - ok
17:16:21.0078 0720 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
17:16:21.0078 0720 ACPIEC - ok
17:16:21.0203 0720 AdobeFlashPlayerUpdateSvc (6c40d5ed8951ab7b90d08af655224ee4) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
17:16:21.0203 0720 AdobeFlashPlayerUpdateSvc - ok
17:16:21.0281 0720 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
17:16:21.0281 0720 adpu160m - ok
17:16:21.0312 0720 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
17:16:21.0328 0720 aec - ok
17:16:21.0390 0720 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
17:16:21.0390 0720 AFD - ok
17:16:21.0437 0720 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
17:16:21.0437 0720 agp440 - ok
17:16:21.0484 0720 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
17:16:21.0484 0720 agpCPQ - ok
17:16:21.0546 0720 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
17:16:21.0546 0720 Aha154x - ok
17:16:21.0593 0720 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
17:16:21.0593 0720 aic78u2 - ok
17:16:21.0625 0720 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
17:16:21.0625 0720 aic78xx - ok
17:16:21.0671 0720 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
17:16:21.0671 0720 Alerter - ok
17:16:21.0718 0720 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
17:16:21.0718 0720 ALG - ok
17:16:21.0750 0720 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
17:16:21.0750 0720 AliIde - ok
17:16:21.0765 0720 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
17:16:21.0781 0720 alim1541 - ok
17:16:21.0828 0720 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
17:16:21.0828 0720 amdagp - ok
17:16:21.0875 0720 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
17:16:21.0875 0720 amsint - ok
17:16:22.0078 0720 AntiVirSchedulerService (0a1cc583e8147004e4ad4625d7fbf88c) C:\Program Files\Avira\AntiVir Desktop\sched.exe
17:16:22.0078 0720 AntiVirSchedulerService - ok
17:16:22.0171 0720 AntiVirService (c9a36ef935aced86aedf93e97e606911) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
17:16:22.0171 0720 AntiVirService - ok
17:16:22.0218 0720 APPDRV (ec94e05b76d033b74394e7b2175103cf) C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS
17:16:22.0218 0720 APPDRV - ok
17:16:22.0328 0720 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:16:22.0328 0720 Apple Mobile Device - ok
17:16:22.0390 0720 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll
17:16:22.0390 0720 AppMgmt - ok
17:16:22.0437 0720 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
17:16:22.0453 0720 Arp1394 - ok
17:16:22.0515 0720 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
17:16:22.0515 0720 asc - ok
17:16:22.0546 0720 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
17:16:22.0546 0720 asc3350p - ok
17:16:22.0593 0720 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
17:16:22.0593 0720 asc3550 - ok
17:16:22.0796 0720 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
17:16:22.0843 0720 aspnet_state - ok
17:16:22.0890 0720 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
17:16:22.0890 0720 AsyncMac - ok
17:16:22.0906 0720 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
17:16:22.0921 0720 atapi - ok
17:16:22.0937 0720 Atdisk - ok
17:16:22.0968 0720 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
17:16:22.0968 0720 Atmarpc - ok
17:16:23.0015 0720 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
17:16:23.0031 0720 AudioSrv - ok
17:16:23.0046 0720 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
17:16:23.0046 0720 audstub - ok
17:16:23.0125 0720 avgntflt (d5541f0afb767e85fc412fc609d96a74) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
17:16:23.0171 0720 avgntflt - ok
17:16:23.0265 0720 avipbb (7d967a682d4694df7fa57d63a2db01fe) C:\WINDOWS\system32\DRIVERS\avipbb.sys
17:16:23.0265 0720 avipbb - ok
17:16:23.0296 0720 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\WINDOWS\system32\DRIVERS\avkmgr.sys
17:16:23.0296 0720 avkmgr - ok
17:16:23.0375 0720 BCM43XX (b89bcf0a25aeb3b47030ac83287f894a) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
17:16:23.0390 0720 BCM43XX - ok
17:16:23.0406 0720 bcm4sbxp (6489310d11971f6ba6c7f49be0baf6e0) C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
17:16:23.0406 0720 bcm4sbxp - ok
17:16:23.0468 0720 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
17:16:23.0468 0720 Beep - ok
17:16:23.0625 0720 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
17:16:23.0640 0720 Bonjour Service - ok
17:16:23.0687 0720 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
17:16:23.0687 0720 Browser - ok
17:16:23.0765 0720 btaudio (8893ae0b6b9b60e0521a60e8b2160216) C:\WINDOWS\system32\drivers\btaudio.sys
17:16:23.0765 0720 btaudio - ok
17:16:23.0812 0720 BTDriver (fde318e3569f57264af74b7e431f60ae) C:\WINDOWS\system32\DRIVERS\btport.sys
17:16:23.0812 0720 BTDriver - ok
17:16:23.0921 0720 BTKRNL (9c3c8b9e2eda516eb44b51dab81dbd68) C:\WINDOWS\system32\DRIVERS\btkrnl.sys
17:16:23.0937 0720 BTKRNL - ok
17:16:24.0000 0720 BTSERIAL (089f7526ff41c17b0a43896d0553d5a2) C:\WINDOWS\system32\drivers\btserial.sys
17:16:24.0000 0720 BTSERIAL - ok
17:16:24.0046 0720 btwdins (3a462eba453d84d036046772104cfbcb) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
17:16:24.0062 0720 btwdins - ok
17:16:24.0093 0720 BTWDNDIS (28531ab3183f498e58d93d585e6a6b70) C:\WINDOWS\system32\DRIVERS\btwdndis.sys
17:16:24.0093 0720 BTWDNDIS - ok
17:16:24.0156 0720 btwhid (c5c0e21c67089f053b964e0a8b8adbac) C:\WINDOWS\system32\DRIVERS\btwhid.sys
17:16:24.0156 0720 btwhid - ok
17:16:24.0203 0720 btwmodem (7d295223c172ab4d61dc256721b2f09e) C:\WINDOWS\system32\DRIVERS\btwmodem.sys
17:16:24.0203 0720 btwmodem - ok
17:16:24.0234 0720 BTWUSB (56c701580f2891952761362ba7594b3d) C:\WINDOWS\system32\Drivers\btwusb.sys
17:16:24.0234 0720 BTWUSB - ok
17:16:24.0281 0720 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
17:16:24.0281 0720 cbidf - ok
17:16:24.0296 0720 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
17:16:24.0296 0720 cbidf2k - ok
17:16:24.0328 0720 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
17:16:24.0328 0720 cd20xrnt - ok
17:16:24.0375 0720 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
17:16:24.0375 0720 Cdaudio - ok
17:16:24.0437 0720 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
17:16:24.0437 0720 Cdfs - ok
17:16:24.0484 0720 Cdrom (4b0a100eaf5c49ef3cca8c641431eacc) C:\WINDOWS\system32\DRIVERS\cdrom.sys
17:16:24.0484 0720 Cdrom - ok
17:16:24.0500 0720 Changer - ok
17:16:24.0562 0720 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
17:16:24.0593 0720 CiSvc - ok
17:16:24.0625 0720 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
17:16:24.0625 0720 ClipSrv - ok
17:16:24.0781 0720 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:16:24.0875 0720 clr_optimization_v2.0.50727_32 - ok
17:16:24.0906 0720 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
17:16:24.0906 0720 CmBatt - ok
17:16:24.0937 0720 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
17:16:24.0953 0720 CmdIde - ok
17:16:24.0984 0720 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
17:16:24.0984 0720 Compbatt - ok
17:16:25.0000 0720 COMSysApp - ok
17:16:25.0062 0720 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
17:16:25.0062 0720 Cpqarray - ok
17:16:25.0140 0720 Creative Labs Licensing Service (7db5e3f44d797bd38b8e336ccc2e49d5) C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
17:16:25.0140 0720 Creative Labs Licensing Service - ok
17:16:25.0187 0720 Creative Service for CDROM Access (3c8b6609712f4ff78e521f6dcfc4032b) C:\WINDOWS\system32\CTsvcCDA.exe
17:16:25.0187 0720 Creative Service for CDROM Access - ok
17:16:25.0265 0720 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
17:16:25.0265 0720 CryptSvc - ok
17:16:25.0312 0720 ctsfm2k (8db84de3aab34a8b4c2f644eff41cd76) C:\WINDOWS\system32\DRIVERS\ctsfm2k.sys
17:16:25.0312 0720 ctsfm2k - ok
17:16:25.0343 0720 CTUSFSYN (4ee8822adb764edd28ce44e808097995) C:\WINDOWS\system32\drivers\ctusfsyn.sys
17:16:25.0343 0720 CTUSFSYN - ok
17:16:25.0375 0720 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
17:16:25.0390 0720 dac2w2k - ok
17:16:25.0437 0720 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
17:16:25.0437 0720 dac960nt - ok
17:16:25.0515 0720 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
17:16:25.0687 0720 DcomLaunch - ok
17:16:25.0750 0720 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
17:16:25.0750 0720 Dhcp - ok
17:16:25.0812 0720 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
17:16:25.0812 0720 Disk - ok
17:16:25.0875 0720 DLABOIOM (e2d0de31442390c35e3163c87cb6a9eb) C:\WINDOWS\system32\DLA\DLABOIOM.SYS
17:16:25.0875 0720 DLABOIOM - ok
17:16:25.0906 0720 DLACDBHM (d979bebcf7edcc9c9ee1857d1a68c67b) C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
17:16:25.0906 0720 DLACDBHM - ok
17:16:25.0921 0720 DLADResN (83545593e297f50a8e2524b4c071a153) C:\WINDOWS\system32\DLA\DLADResN.SYS
17:16:25.0937 0720 DLADResN - ok
17:16:25.0968 0720 DLAIFS_M (96e01d901cdc98c7817155cc057001bf) C:\WINDOWS\system32\DLA\DLAIFS_M.SYS
17:16:25.0968 0720 DLAIFS_M - ok
17:16:25.0984 0720 DLAOPIOM (0a60a39cc5e767980a31ca5d7238dfa9) C:\WINDOWS\system32\DLA\DLAOPIOM.SYS
17:16:25.0984 0720 DLAOPIOM - ok
17:16:26.0015 0720 DLAPoolM (9fe2b72558fc808357f427fd83314375) C:\WINDOWS\system32\DLA\DLAPoolM.SYS
17:16:26.0015 0720 DLAPoolM - ok
17:16:26.0031 0720 DLARTL_N (7ee0852ae8907689df25049dcd2342e8) C:\WINDOWS\system32\Drivers\DLARTL_N.SYS
17:16:26.0031 0720 DLARTL_N - ok
17:16:26.0062 0720 DLAUDFAM (f08e1dafac457893399e03430a6a1397) C:\WINDOWS\system32\DLA\DLAUDFAM.SYS
17:16:26.0062 0720 DLAUDFAM - ok
17:16:26.0093 0720 DLAUDF_M (e7d105ed1e694449d444a9933df8e060) C:\WINDOWS\system32\DLA\DLAUDF_M.SYS
17:16:26.0093 0720 DLAUDF_M - ok
17:16:26.0109 0720 dmadmin - ok
17:16:26.0234 0720 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
17:16:26.0250 0720 dmboot - ok
17:16:26.0281 0720 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
17:16:26.0296 0720 dmio - ok
17:16:26.0328 0720 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
17:16:26.0328 0720 dmload - ok
17:16:26.0375 0720 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
17:16:26.0375 0720 dmserver - ok
17:16:26.0406 0720 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
17:16:26.0406 0720 DMusic - ok
17:16:26.0468 0720 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
17:16:26.0468 0720 Dnscache - ok
17:16:26.0515 0720 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
17:16:26.0515 0720 Dot3svc - ok
17:16:26.0562 0720 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
17:16:26.0562 0720 dpti2o - ok
17:16:26.0593 0720 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
17:16:26.0609 0720 drmkaud - ok
17:16:26.0640 0720 DRVMCDB (fd0f95981fef9073659d8ec58e40aa3c) C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
17:16:26.0640 0720 DRVMCDB - ok
17:16:26.0656 0720 DRVNDDM (b4869d320428cdc5ec4d7f5e808e99b5) C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
17:16:26.0671 0720 DRVNDDM - ok
17:16:26.0781 0720 DSproct (2ac2372ffad9adc85672cc8e8ae14be9) C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys
17:16:26.0781 0720 DSproct - ok
17:16:26.0828 0720 E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys
17:16:26.0828 0720 E100B - ok
17:16:26.0890 0720 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
17:16:26.0890 0720 EapHost - ok
17:16:27.0062 0720 eeCtrl (96bcd90ed9235a21629effde5e941fb1) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
17:16:27.0062 0720 eeCtrl - ok
17:16:27.0250 0720 ehRecvr (d039a0c347632622934906bd59a4e1ea) C:\WINDOWS\eHome\ehRecvr.exe
17:16:27.0250 0720 ehRecvr - ok
17:16:27.0281 0720 ehSched (a53243709439ac2a4c216b817f8d7411) C:\WINDOWS\eHome\ehSched.exe
17:16:27.0281 0720 ehSched - ok
17:16:27.0359 0720 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
17:16:27.0359 0720 ERSvc - ok
17:16:27.0421 0720 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
17:16:27.0468 0720 Eventlog - ok
17:16:27.0531 0720 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
17:16:27.0546 0720 EventSystem - ok
17:16:27.0656 0720 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
17:16:27.0656 0720 Fastfat - ok
17:16:27.0718 0720 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
17:16:27.0750 0720 FastUserSwitchingCompatibility - ok
17:16:27.0812 0720 Fax (e97d6a8684466df94ff3bc24fb787a07) C:\WINDOWS\system32\fxssvc.exe
17:16:27.0812 0720 Fax - ok
17:16:27.0859 0720 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
17:16:27.0859 0720 Fdc - ok
17:16:27.0890 0720 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
17:16:27.0890 0720 Fips - ok
17:16:27.0937 0720 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
17:16:27.0937 0720 Flpydisk - ok
17:16:27.0984 0720 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
17:16:27.0984 0720 FltMgr - ok
17:16:28.0125 0720 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
17:16:28.0140 0720 FontCache3.0.0.0 - ok
17:16:28.0187 0720 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:16:28.0187 0720 Fs_Rec - ok
17:16:28.0281 0720 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
17:16:28.0281 0720 Ftdisk - ok
17:16:28.0328 0720 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
17:16:28.0328 0720 GEARAspiWDM - ok
17:16:28.0484 0720 GoogleDesktopManager-051210-111108 (9f5f2f0fb0a7f5aa9f16b9a7b6dad89f) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
17:16:28.0500 0720 GoogleDesktopManager-051210-111108 - ok
17:16:28.0531 0720 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
17:16:28.0531 0720 Gpc - ok
17:16:28.0593 0720 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
17:16:28.0593 0720 gupdate - ok
17:16:28.0625 0720 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
17:16:28.0625 0720 gupdatem - ok
17:16:28.0687 0720 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
17:16:28.0703 0720 HDAudBus - ok
17:16:28.0812 0720 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
17:16:28.0812 0720 helpsvc - ok
17:16:28.0875 0720 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll
17:16:28.0875 0720 HidServ - ok
17:16:28.0890 0720 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
17:16:28.0890 0720 HidUsb - ok
17:16:28.0937 0720 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
17:16:28.0937 0720 hkmsvc - ok
17:16:29.0000 0720 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
17:16:29.0015 0720 hpn - ok
17:16:29.0140 0720 HSF_DPV (e8ec1767ea315a39a0dd8989952ca0e9) C:\WINDOWS\system32\DRIVERS\HSX_DPV.sys
17:16:29.0156 0720 HSF_DPV - ok
17:16:29.0203 0720 HSXHWAZL (61478fa42ee04562e7f11f4dca87e9c8) C:\WINDOWS\system32\DRIVERS\HSXHWAZL.sys
17:16:29.0203 0720 HSXHWAZL - ok
17:16:29.0265 0720 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
17:16:29.0281 0720 HTTP - ok
17:16:29.0328 0720 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
17:16:29.0343 0720 HTTPFilter - ok
17:16:29.0406 0720 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
17:16:29.0406 0720 i2omgmt - ok
17:16:29.0453 0720 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
17:16:29.0453 0720 i2omp - ok
17:16:29.0500 0720 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
17:16:29.0500 0720 i8042prt - ok
17:16:29.0671 0720 ialm (cc449157474d5e43daea7e20f52c635a) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
17:16:29.0687 0720 ialm - ok
17:16:29.0953 0720 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:16:29.0984 0720 idsvc - ok
17:16:30.0140 0720 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
17:16:30.0140 0720 Imapi - ok
17:16:30.0203 0720 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
17:16:30.0218 0720 ImapiService - ok
17:16:30.0265 0720 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
17:16:30.0265 0720 ini910u - ok
17:16:30.0312 0720 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
17:16:30.0312 0720 IntelIde - ok
17:16:30.0359 0720 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
17:16:30.0359 0720 intelppm - ok
17:16:30.0390 0720 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
17:16:30.0406 0720 Ip6Fw - ok
17:16:30.0421 0720 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:16:30.0421 0720 IpFilterDriver - ok
17:16:30.0453 0720 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
17:16:30.0453 0720 IpInIp - ok
17:16:30.0484 0720 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
17:16:30.0500 0720 IpNat - ok
17:16:30.0656 0720 iPod Service (6351b24dc3cb7dffde917d1276ee166c) C:\Program Files\iPod\bin\iPodService.exe
17:16:30.0671 0720 iPod Service - ok
17:16:30.0703 0720 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
17:16:30.0703 0720 IPSec - ok
17:16:30.0750 0720 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
17:16:30.0750 0720 IRENUM - ok
17:16:30.0812 0720 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
17:16:30.0828 0720 isapnp - ok
17:16:30.0937 0720 JavaQuickStarterService (0a5709543986843d37a92290b7838340) C:\Program Files\Java\jre6\bin\jqs.exe
17:16:30.0937 0720 JavaQuickStarterService - ok
17:16:30.0984 0720 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
17:16:31.0000 0720 Kbdclass - ok
17:16:31.0031 0720 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
17:16:31.0031 0720 kbdhid - ok
17:16:31.0062 0720 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
17:16:31.0078 0720 kmixer - ok
17:16:31.0109 0720 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
17:16:31.0109 0720 KSecDD - ok
17:16:31.0156 0720 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
17:16:31.0171 0720 lanmanserver - ok
17:16:31.0218 0720 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
17:16:31.0218 0720 lanmanworkstation - ok
17:16:31.0234 0720 lbrtfdc - ok
17:16:31.0296 0720 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
17:16:31.0296 0720 LmHosts - ok
17:16:31.0375 0720 McrdSvc (df0a511f38f16016bf658fca0090cb87) C:\WINDOWS\ehome\mcrdsvc.exe
17:16:31.0375 0720 McrdSvc - ok
17:16:31.0468 0720 MDM (11f714f85530a2bd134074dc30e99fca) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
17:16:31.0468 0720 MDM - ok
17:16:31.0531 0720 mdmxsdk (e246a32c445056996074a397da56e815) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
17:16:31.0531 0720 mdmxsdk - ok
17:16:31.0546 0720 MEMSWEEP2 - ok
17:16:31.0593 0720 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
17:16:31.0593 0720 Messenger - ok
17:16:31.0640 0720 MHN (b7521f69c0a9b29d356157229376fb21) C:\WINDOWS\System32\mhn.dll
17:16:31.0656 0720 MHN - ok
17:16:31.0671 0720 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys
17:16:31.0671 0720 MHNDRV - ok
17:16:31.0718 0720 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
17:16:31.0718 0720 mnmdd - ok
17:16:31.0781 0720 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
17:16:31.0781 0720 mnmsrvc - ok
17:16:31.0828 0720 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
17:16:31.0828 0720 Modem - ok
17:16:32.0000 0720 monfilt (9fa7207d1b1adead88ae8eed9cdbbaa5) C:\WINDOWS\system32\drivers\monfilt.sys
17:16:32.0031 0720 monfilt - ok
17:16:32.0156 0720 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
17:16:32.0156 0720 Mouclass - ok
17:16:32.0218 0720 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
17:16:32.0218 0720 mouhid - ok
17:16:32.0250 0720 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
17:16:32.0250 0720 MountMgr - ok
17:16:32.0312 0720 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
17:16:32.0312 0720 mraid35x - ok
17:16:32.0343 0720 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
17:16:32.0359 0720 MRxDAV - ok
17:16:32.0437 0720 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:16:32.0437 0720 MRxSmb - ok
17:16:32.0484 0720 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
17:16:32.0484 0720 MSDTC - ok
17:16:32.0531 0720 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
17:16:32.0531 0720 Msfs - ok
17:16:32.0546 0720 MSIServer - ok
17:16:32.0609 0720 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:16:32.0609 0720 MSKSSRV - ok
17:16:32.0640 0720 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:16:32.0640 0720 MSPCLOCK - ok
17:16:32.0656 0720 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
17:16:32.0656 0720 MSPQM - ok
17:16:32.0703 0720 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
17:16:32.0703 0720 mssmbios - ok
17:16:32.0734 0720 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
17:16:32.0734 0720 Mup - ok
17:16:32.0812 0720 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
17:16:32.0828 0720 napagent - ok
17:16:32.0859 0720 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
17:16:32.0859 0720 NDIS - ok
17:16:32.0890 0720 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:16:32.0890 0720 NdisTapi - ok
17:16:32.0937 0720 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:16:32.0937 0720 Ndisuio - ok
17:16:32.0953 0720 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:16:32.0968 0720 NdisWan - ok
17:16:33.0015 0720 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
17:16:33.0031 0720 NDProxy - ok
17:16:33.0046 0720 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
17:16:33.0046 0720 NetBIOS - ok
17:16:33.0093 0720 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
17:16:33.0093 0720 NetBT - ok
17:16:33.0156 0720 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
17:16:33.0171 0720 NetDDE - ok
17:16:33.0187 0720 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
17:16:33.0187 0720 NetDDEdsdm - ok
17:16:33.0234 0720 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
17:16:33.0234 0720 Netlogon - ok
17:16:33.0281 0720 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
17:16:33.0281 0720 Netman - ok
17:16:33.0437 0720 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:16:33.0437 0720 NetTcpPortSharing - ok
17:16:33.0468 0720 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
17:16:33.0468 0720 NIC1394 - ok
17:16:33.0546 0720 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
17:16:33.0546 0720 Nla - ok
17:16:33.0578 0720 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
17:16:33.0578 0720 Npfs - ok
17:16:33.0671 0720 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
17:16:33.0687 0720 Ntfs - ok
17:16:33.0718 0720 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
17:16:33.0718 0720 NtLmSsp - ok
17:16:33.0796 0720 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
17:16:33.0812 0720 NtmsSvc - ok
17:16:33.0906 0720 NuidFltr (cf7e041663119e09d2e118521ada9300) C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
17:16:33.0906 0720 NuidFltr - ok
17:16:33.0953 0720 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
17:16:33.0953 0720 Null - ok
17:16:34.0156 0720 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
17:16:34.0203 0720 nv - ok
17:16:34.0421 0720 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
17:16:34.0421 0720 NwlnkFlt - ok
17:16:34.0484 0720 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
17:16:34.0484 0720 NwlnkFwd - ok
17:16:34.0531 0720 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
17:16:34.0531 0720 ohci1394 - ok
17:16:34.0640 0720 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:16:34.0640 0720 ose - ok
17:16:34.0703 0720 ossrv (103a9b117a7d9903111955cdafe65ac6) C:\WINDOWS\system32\DRIVERS\ctoss2k.sys
17:16:34.0703 0720 ossrv - ok
17:16:34.0781 0720 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
17:16:34.0781 0720 Parport - ok
17:16:34.0843 0720 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
17:16:34.0859 0720 PartMgr - ok
17:16:34.0890 0720 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
17:16:34.0890 0720 ParVdm - ok
17:16:34.0968 0720 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
17:16:34.0968 0720 PCI - ok
17:16:34.0984 0720 PCIDump - ok
17:16:35.0062 0720 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
17:16:35.0062 0720 PCIIde - ok
17:16:35.0125 0720 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
17:16:35.0140 0720 Pcmcia - ok
17:16:35.0156 0720 PDCOMP - ok
17:16:35.0171 0720 PDFRAME - ok
17:16:35.0203 0720 PDRELI - ok
17:16:35.0218 0720 PDRFRAME - ok
17:16:35.0281 0720 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
17:16:35.0281 0720 perc2 - ok
17:16:35.0328 0720 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
17:16:35.0328 0720 perc2hib - ok
17:16:35.0437 0720 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
17:16:35.0453 0720 PlugPlay - ok
17:16:35.0500 0720 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
17:16:35.0500 0720 PolicyAgent - ok
17:16:35.0531 0720 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
17:16:35.0531 0720 PptpMiniport - ok
17:16:35.0546 0720 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
17:16:35.0546 0720 ProtectedStorage - ok
17:16:35.0593 0720 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
17:16:35.0593 0720 PSched - ok
17:16:35.0640 0720 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
17:16:35.0640 0720 Ptilink - ok
17:16:35.0671 0720 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys
17:16:35.0671 0720 PxHelp20 - ok
17:16:35.0718 0720 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
17:16:35.0718 0720 ql1080 - ok
17:16:35.0750 0720 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
17:16:35.0750 0720 Ql10wnt - ok
17:16:35.0781 0720 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
17:16:35.0781 0720 ql12160 - ok
17:16:35.0812 0720 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
17:16:35.0812 0720 ql1240 - ok
17:16:35.0828 0720 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
17:16:35.0828 0720 ql1280 - ok
17:16:35.0859 0720 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:16:35.0859 0720 RasAcd - ok
17:16:35.0906 0720 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
17:16:35.0906 0720 RasAuto - ok
17:16:35.0937 0720 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
17:16:35.0937 0720 Rasl2tp - ok
17:16:36.0000 0720 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
17:16:36.0000 0720 RasMan - ok
17:16:36.0031 0720 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:16:36.0031 0720 RasPppoe - ok
17:16:36.0062 0720 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
17:16:36.0062 0720 Raspti - ok
17:16:36.0109 0720 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:16:36.0109 0720 Rdbss - ok
17:16:36.0171 0720 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
17:16:36.0171 0720 RDPCDD - ok
17:16:36.0250 0720 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
17:16:36.0250 0720 rdpdr - ok
17:16:36.0328 0720 RDPWD (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys
17:16:36.0328 0720 RDPWD - ok
17:16:36.0359 0720 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
17:16:36.0375 0720 RDSessMgr - ok
17:16:36.0421 0720 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
17:16:36.0421 0720 redbook - ok
17:16:36.0500 0720 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
17:16:36.0500 0720 RemoteAccess - ok
17:16:36.0562 0720 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll
17:16:36.0562 0720 RemoteRegistry - ok
17:16:36.0625 0720 rimmptsk (24ed7af20651f9fa1f249482e7c1f165) C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
17:16:36.0640 0720 rimmptsk - ok
17:16:36.0687 0720 rimsptsk (1bdba2d2d402415a78a4ba766dfe0f7b) C:\WINDOWS\system32\DRIVERS\rimsptsk.sys
17:16:36.0703 0720 rimsptsk - ok
17:16:36.0734 0720 rismxdp (f774ecd11a064f0debb2d4395418153c) C:\WINDOWS\system32\DRIVERS\rixdptsk.sys
17:16:36.0750 0720 rismxdp - ok
17:16:36.0781 0720 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
17:16:36.0781 0720 RpcLocator - ok
17:16:36.0875 0720 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\System32\rpcss.dll
17:16:36.0875 0720 RpcSs - ok
17:16:36.0953 0720 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
17:16:36.0953 0720 RSVP - ok
17:16:36.0984 0720 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
17:16:36.0984 0720 SamSs - ok
17:16:37.0031 0720 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
17:16:37.0046 0720 SCardSvr - ok
17:16:37.0109 0720 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
17:16:37.0109 0720 Schedule - ok
17:16:37.0203 0720 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
17:16:37.0203 0720 sdbus - ok
17:16:37.0265 0720 SDDMI2 (8edd7b9e4a4b4c16e2dab9188caa861b) C:\WINDOWS\system32\DDMI2.sys
17:16:37.0265 0720 SDDMI2 - ok
17:16:37.0312 0720 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
17:16:37.0312 0720 Secdrv - ok
17:16:37.0375 0720 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
17:16:37.0375 0720 seclogon - ok
17:16:37.0421 0720 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
17:16:37.0421 0720 SENS - ok
17:16:37.0484 0720 Ser2pl (6ce397c482bede91a38e56a8c4a0dc6d) C:\WINDOWS\system32\DRIVERS\ser2pl.sys
17:16:37.0484 0720 Ser2pl - ok
17:16:37.0546 0720 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
17:16:37.0546 0720 serenum - ok
17:16:37.0593 0720 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
17:16:37.0593 0720 Serial - ok
17:16:37.0671 0720 sffdisk (0fa803c64df0914b41f807ea276bf2a6) C:\WINDOWS\system32\DRIVERS\sffdisk.sys
17:16:37.0671 0720 sffdisk - ok
17:16:37.0718 0720 sffp_sd (c17c331e435ed8737525c86a7557b3ac) C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
17:16:37.0718 0720 sffp_sd - ok
17:16:37.0765 0720 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
17:16:37.0765 0720 Sfloppy - ok
17:16:37.0828 0720 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
17:16:37.0828 0720 ShellHWDetection - ok
17:16:37.0843 0720 Simbad - ok
17:16:37.0890 0720 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
17:16:37.0890 0720 sisagp - ok
17:16:37.0921 0720 slabbus (70d7480eba6e5d2a1687809324237d98) C:\WINDOWS\system32\DRIVERS\slabbus.sys
17:16:37.0937 0720 slabbus - ok
17:16:38.0000 0720 slabser (044c01804923a37e771a2b9750406979) C:\WINDOWS\system32\DRIVERS\slabser.sys
17:16:38.0000 0720 slabser - ok
17:16:38.0062 0720 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
17:16:38.0062 0720 Sparrow - ok
17:16:38.0109 0720 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
17:16:38.0109 0720 splitter - ok
17:16:38.0156 0720 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
17:16:38.0171 0720 Spooler - ok
17:16:38.0187 0720 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
17:16:38.0187 0720 sr - ok
17:16:38.0281 0720 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
17:16:38.0281 0720 srservice - ok
17:16:38.0343 0720 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
17:16:38.0359 0720 Srv - ok
17:16:38.0375 0720 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
17:16:38.0390 0720 SSDPSRV - ok
17:16:38.0437 0720 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
17:16:38.0437 0720 ssmdrv - ok
17:16:38.0593 0720 STHDA (3ad78e22210d3fbd9f76de84a8df19b5) C:\WINDOWS\system32\drivers\sthda.sys
17:16:38.0625 0720 STHDA - ok
17:16:38.0703 0720 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
17:16:38.0718 0720 stisvc - ok
17:16:38.0828 0720 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
17:16:38.0828 0720 swenum - ok
17:16:38.0890 0720 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
17:16:38.0890 0720 swmidi - ok
17:16:38.0906 0720 SwPrv - ok
17:16:39.0234 0720 Symantec Core LC (fa2f6a8849219b16460bf44f9d1f3aa7) C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
17:16:39.0250 0720 Symantec Core LC - ok
17:16:39.0437 0720 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
17:16:39.0437 0720 symc810 - ok
17:16:39.0468 0720 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
17:16:39.0468 0720 symc8xx - ok
17:16:39.0515 0720 symlcbrd (b226f8a4d780acdf76145b58bb791d5b) C:\WINDOWS\system32\drivers\symlcbrd.sys
17:16:39.0515 0720 symlcbrd - ok
17:16:39.0578 0720 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
17:16:39.0578 0720 sym_hi - ok
17:16:39.0609 0720 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
17:16:39.0609 0720 sym_u3 - ok
17:16:39.0671 0720 SynTP (fa2daa32bed908023272a0f77d625dae) C:\WINDOWS\system32\DRIVERS\SynTP.sys
17:16:39.0671 0720 SynTP - ok
17:16:39.0718 0720 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
17:16:39.0718 0720 sysaudio - ok
17:16:39.0781 0720 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
17:16:39.0781 0720 SysmonLog - ok
17:16:39.0843 0720 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
17:16:39.0843 0720 TapiSrv - ok
17:16:39.0921 0720 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:16:39.0937 0720 Tcpip - ok
17:16:39.0968 0720 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
17:16:39.0968 0720 TDPIPE - ok
17:16:40.0000 0720 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
17:16:40.0000 0720 TDTCP - ok
17:16:40.0046 0720 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
17:16:40.0046 0720 TermDD - ok
17:16:40.0109 0720 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
17:16:40.0109 0720 TermService - ok
17:16:40.0156 0720 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
17:16:40.0156 0720 Themes - ok
17:16:40.0218 0720 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32\tlntsvr.exe
17:16:40.0218 0720 TlntSvr - ok
17:16:40.0281 0720 tmcomm (eb2283c0a4dfbd2e53d14f2c4d5a1e89) C:\WINDOWS\system32\drivers\tmcomm.sys
17:16:40.0281 0720 tmcomm - ok
17:16:40.0328 0720 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
17:16:40.0328 0720 TosIde - ok
17:16:40.0375 0720 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
17:16:40.0390 0720 TrkWks - ok
17:16:40.0468 0720 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
17:16:40.0468 0720 Udfs - ok
17:16:40.0515 0720 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
17:16:40.0515 0720 ultra - ok
17:16:40.0562 0720 UMWdf (9651e5d850b6f6bd7c77c70aa06f02bf) C:\WINDOWS\system32\wdfmgr.exe
17:16:40.0562 0720 UMWdf - ok
17:16:40.0640 0720 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
17:16:40.0656 0720 Update - ok
17:16:40.0812 0720 Updater Service for StartNow Toolbar (7ccf424450af71461ca5aca14fb45b72) C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe
17:16:40.0812 0720 Updater Service for StartNow Toolbar - ok
17:16:40.0875 0720 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
17:16:40.0890 0720 upnphost - ok
17:16:40.0953 0720 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
17:16:40.0953 0720 UPS - ok
17:16:41.0015 0720 USBAAPL (eafe1e00739afe6c51487a050e772e17) C:\WINDOWS\system32\Drivers\usbaapl.sys
17:16:41.0015 0720 USBAAPL - ok
17:16:41.0062 0720 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
17:16:41.0078 0720 usbccgp - ok
17:16:41.0093 0720 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
17:16:41.0093 0720 usbehci - ok
17:16:41.0125 0720 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
17:16:41.0140 0720 usbhub - ok
17:16:41.0156 0720 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
17:16:41.0156 0720 usbprint - ok
17:16:41.0171 0720 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
17:16:41.0234 0720 usbscan - ok
17:16:41.0265 0720 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
17:16:41.0265 0720 USBSTOR - ok
17:16:41.0328 0720 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
17:16:41.0328 0720 usbuhci - ok
17:16:41.0359 0720 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
17:16:41.0359 0720 VgaSave - ok
17:16:41.0406 0720 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
17:16:41.0406 0720 viaagp - ok
17:16:41.0437 0720 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
17:16:41.0453 0720 ViaIde - ok
17:16:41.0500 0720 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
17:16:41.0500 0720 VolSnap - ok
17:16:41.0578 0720 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
17:16:41.0578 0720 VSS - ok
17:16:41.0640 0720 w32time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
17:16:41.0640 0720 w32time - ok
17:16:41.0687 0720 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:16:41.0687 0720 Wanarp - ok
17:16:41.0703 0720 wanatw - ok
17:16:41.0796 0720 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
17:16:41.0812 0720 Wdf01000 - ok
17:16:41.0828 0720 WDICA - ok
17:16:41.0859 0720 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
17:16:41.0875 0720 wdmaud - ok
17:16:41.0890 0720 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
17:16:41.0906 0720 WebClient - ok
17:16:42.0015 0720 winachsf (ba6b6fb242a6ba4068c8b763063beb63) C:\WINDOWS\system32\DRIVERS\HSX_CNXT.sys
17:16:42.0031 0720 winachsf - ok
17:16:42.0156 0720 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
17:16:42.0156 0720 winmgmt - ok
17:16:42.0218 0720 wltrysvc - ok
17:16:42.0281 0720 WmdmPmSN (b9715b9c18bc6c8f4b66733d208cc9f7) C:\WINDOWS\system32\MsPMSNSv.dll
17:16:42.0281 0720 WmdmPmSN - ok
17:16:42.0375 0720 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll
17:16:42.0390 0720 Wmi - ok
17:16:42.0500 0720 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
17:16:42.0500 0720 WmiAcpi - ok
17:16:42.0546 0720 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
17:16:42.0562 0720 WmiApSrv - ok
17:16:42.0593 0720 WpdUsb (bbaeaca1ffa3c86361cf0998474f6c3a) C:\WINDOWS\system32\Drivers\wpdusb.sys
17:16:42.0609 0720 WpdUsb - ok
17:16:42.0625 0720 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
17:16:42.0625 0720 WS2IFSL - ok
17:16:42.0718 0720 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
17:16:42.0750 0720 WZCSVC - ok
17:16:42.0843 0720 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
17:16:42.0843 0720 xmlprov - ok
17:16:42.0937 0720 MBR (0x1B8) (5cb90281d1a59b251f6603134774eec3) \Device\Harddisk0\DR0
17:16:43.0812 0720 \Device\Harddisk0\DR0 - ok
17:16:43.0828 0720 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR7
17:16:49.0656 0720 \Device\Harddisk1\DR7 - ok
17:16:49.0718 0720 Boot (0x1200) (2de558b3313e6ee7f2f9d9aaff45a90d) \Device\Harddisk0\DR0\Partition0
17:16:49.0718 0720 \Device\Harddisk0\DR0\Partition0 - ok
17:16:49.0734 0720 Boot (0x1200) (35b789815d64af6b270df60bb510f8bb) \Device\Harddisk1\DR7\Partition0
17:16:49.0750 0720 \Device\Harddisk1\DR7\Partition0 - ok
17:16:49.0750 0720 ============================================================
17:16:49.0750 0720 Scan finished
17:16:49.0750 0720 ============================================================
17:16:49.0796 0712 Detected object count: 0
17:16:49.0796 0712 Actual detected object count: 0
17:16:58.0140 0624 Deinitialize success



Farbar Service Scanner Version: 04-08-2012 01
Ran by Sarah&James (administrator) on 04-08-2012 at 17:18:39
Running from "E:\"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Network
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error: Google IP is unreachable
Attempt to access Google.com returned error: Other errors
Attempt to access Yahoo IP returned error: Yahoo IP is unreachable
Attempt to access Yahoo.com returned error: Other errors


Windows Firewall:
=============
sharedaccess Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of sharedaccess. The value does not exist.
Checking ImagePath: ATTENTION!=====> Unable to retrieve ImagePath of sharedaccess. The value does not exist.
Unable to retrieve ServiceDll of sharedaccess. The value does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.

BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.

EventSystem Service is not running. Checking service configuration:
The start type of EventSystem service is OK.
The ImagePath of EventSystem: "C:\WINDOWS\system32\svchost.exe -k netsvcs".
The ServiceDll of EventSystem: "C:\WINDOWS\system32\es.dll".


Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
Gpc(6) IPSec(4) NetBT(5) PSched(7) Tcpip(3)
0x09000000040000000100000002000000030000000500000006000000070000000800000009000000
IpSec Tag value is correct.

**** End of log ****

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:52 AM

Posted 04 August 2012 - 11:41 PM

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs


Click Go and post the result.

#9 jimmymac

jimmymac
  • Topic Starter

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Local time:02:52 AM

Posted 06 August 2012 - 11:40 AM

MiniToolBox by Farbar Version: 23-07-2012
Ran by Sarah&James (administrator) on 06-08-2012 at 11:37:32
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Network
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Broadcom 440x 10/100 Integrated Controller = Local Area Connection (Media disconnected)
Dell Wireless 1390 WLAN Mini-Card = Wireless Network Connection (Media disconnected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp

# Interface IP Configuration for "Wireless Network Connection"

set address name="Wireless Network Connection" source=dhcp
set dns name="Wireless Network Connection" source=dhcp register=PRIMARY
set wins name="Wireless Network Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : MCREYNOLDS

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Hybrid

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter Local Area Connection:



Media State . . . . . . . . . . . : Media disconnected

Description . . . . . . . . . . . : Broadcom 440x 10/100 Integrated Controller

Physical Address. . . . . . . . . : 00-15-C5-77-37-05



Ethernet adapter Wireless Network Connection:



Media State . . . . . . . . . . . : Media disconnected

Description . . . . . . . . . . . : Dell Wireless 1390 WLAN Mini-Card

Physical Address. . . . . . . . . : 00-19-7D-58-BD-89

Server: UnKnown
Address: 127.0.0.1

Ping request could not find host google.com. Please check the name and try again.

Server: UnKnown
Address: 127.0.0.1

Ping request could not find host yahoo.com. Please check the name and try again.

Server: UnKnown
Address: 127.0.0.1

Ping request could not find host bleepingcomputer.com. Please check the name and try again.



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 15 c5 77 37 05 ...... Broadcom 440x 10/100 Integrated Controller - Packet Scheduler Miniport
0x3 ...00 19 7d 58 bd 89 ...... Dell Wireless 1390 WLAN Mini-Card - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
255.255.255.255 255.255.255.255 255.255.255.255 2 1
255.255.255.255 255.255.255.255 255.255.255.255 3 1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/01/2012 11:11:18 PM) (Source: Avira Antivirus) (User: NT AUTHORITY)NT AUTHORITY
Description: Unable to load file AvShadow.
Returned error code: 0x3e5

Error: (08/01/2012 11:00:57 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007041d.

Error: (08/01/2012 10:55:52 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007041d.

Error: (08/01/2012 10:44:04 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007041d.

Error: (08/01/2012 09:00:02 PM) (Source: COM+) (User: )
Description: The run-time environment has detected an inconsistency in its internal state. This indicates a potential instability in the process that could be caused by the custom components running in the COM+ application, the components they make use of, or other factors. Error in f:\xpsp3\com\com1x\src\comsvcs\package\cpackage.cpp(1184), hr = 8007041d: InitEventCollector failed

Error: (08/01/2012 08:55:47 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (08/01/2012 08:55:39 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (08/01/2012 08:55:39 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (08/01/2012 08:55:01 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (08/01/2012 08:54:01 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.


System errors:
=============
Error: (08/06/2012 11:36:07 AM) (Source: DCOM) (User: MCREYNOLDS)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (08/04/2012 05:19:46 PM) (Source: DCOM) (User: MCREYNOLDS)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (08/04/2012 05:17:48 PM) (Source: DCOM) (User: MCREYNOLDS)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (08/04/2012 05:15:55 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (08/04/2012 05:15:55 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
APPDRV
avipbb
avkmgr
eeCtrl
Fips
intelppm
ssmdrv

Error: (08/04/2012 05:15:28 PM) (Source: DCOM) (User: MCREYNOLDS)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (08/04/2012 05:14:50 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (08/04/2012 05:07:13 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (08/03/2012 04:58:58 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (08/02/2012 03:45:44 PM) (Source: DCOM) (User: MCREYNOLDS)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}


Microsoft Office Sessions:
=========================
Error: (08/01/2012 11:11:18 PM) (Source: Avira Antivirus)(User: NT AUTHORITY)NT AUTHORITY
Description: AvShadow0x3e5

Error: (08/01/2012 11:00:57 PM) (Source: VSS)(User: )
Description: CoCreateInstance0x8007041d

Error: (08/01/2012 10:55:52 PM) (Source: VSS)(User: )
Description: CoCreateInstance0x8007041d

Error: (08/01/2012 10:44:04 PM) (Source: VSS)(User: )
Description: CoCreateInstance0x8007041d

Error: (08/01/2012 09:00:02 PM) (Source: COM+)(User: )
Description: Error in f:\xpsp3\com\com1x\src\comsvcs\package\cpackage.cpp(1184), hr = 8007041d: InitEventCollector failed

Error: (08/01/2012 08:55:47 PM) (Source: Application Hang)(User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000

Error: (08/01/2012 08:55:39 PM) (Source: Application Hang)(User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000

Error: (08/01/2012 08:55:39 PM) (Source: Application Hang)(User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000

Error: (08/01/2012 08:55:01 PM) (Source: Application Hang)(User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000

Error: (08/01/2012 08:54:01 PM) (Source: Application Hang)(User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000


=========================== Installed Programs ============================

Adobe AIR (Version: 3.1.0.4880)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.268)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Adobe Shockwave Player 11.5 (Version: 11.5.6.606)
Andrea VoiceCenter
AnswerWorks 5.0 English Runtime (Version: 5.0.7)
AOLIcon (Version: 1.00.0000)
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (Version: 2.1.1.116)
ArcSoft Print Creations - Album Page
ArcSoft Print Creations - Funhouse
ArcSoft Print Creations - Greeting Card
ArcSoft Print Creations - Photo Book
ArcSoft Print Creations - Photo Calendar
ArcSoft Print Creations - Scrapbook
ArcSoft Print Creations - Slimline Card
ArcSoft Print Creations (Version: 2.8.255.384)
Avira Free Antivirus (Version: 12.0.0.1125)
Bonjour (Version: 3.0.0.10)
Broadcom Management Programs (Version: 8.65.05)
Canon Easy-PhotoPrint EX
Canon Easy-WebPrint EX
Canon IJ Network Tool
Canon MP Navigator EX 4.0
Canon MP495 series MP Drivers
Canon MP495 series User Registration
Canon My Printer
Canon Solution Menu EX
Citrix Presentation Server Client - Web Only (Version: 10.200.2650)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Conexant HDA D110 MDC V.92 Modem
Coupon Printer for Windows (Version: 5.0.0.1)
CouponBar (Version: 5.0.0.5)
Creative Audio Pack
Creative MediaSource 5 (Version: 5.00)
Creative Memories Memory Manager 2 (Version: 2.0)
Dell Driver Reset Tool (Version: 1.02.0000)
Dell Support 3.2.1 (Version: 5.5.2087)
Dell System Restore (Version: 2.00.0000)
Dell Wireless WLAN Card (Version: 4.100.15.8)
DexCom DM3 11.0.0.22 (Version: 1.0.10)
Digital Content Portal (Version: 1.00.0000)
Digital Line Detect (Version: 1.15)
Documentation & Support Launcher (Version: 1.00.0000)
fflink (Version: 6.02.1001.0001)
Games, Music, & Photos Launcher (Version: 1.00.0000)
Google Desktop (Version: 5.9.1005.12335)
Google Earth Plug-in (Version: 6.1.0.5001)
Google Update Helper (Version: 1.3.21.115)
High Definition Audio Driver Package - KB835221 (Version: 20040219.000000)
Intel® Graphics Media Accelerator Driver (Version: 6.14.10.4446)
iTunes (Version: 10.1.0.54)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 31 (Version: 6.0.310)
Kodak EasyShare software
Live Security Platinum
Malwarebytes' Anti-Malware
MediaDirect (Version: 4.7)
Microsoft .NET Framework 1.0 Hotfix (KB2572066)
Microsoft .NET Framework 1.0 Hotfix (KB2604042)
Microsoft .NET Framework 1.0 Hotfix (KB2656378)
Microsoft .NET Framework 1.0 Hotfix (KB953295)
Microsoft .NET Framework 1.0 Hotfix (KB979904)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Professional Edition 2003 (Version: 11.0.8173.0)
Microsoft Office Small Business Edition 2003 (Version: 11.0.8173.0)
Microsoft Office XP Professional with FrontPage (Version: 10.0.6626.0)
Microsoft Plus! Digital Media Edition Installer (Version: 1.1.0.3514)
Microsoft Plus! Photo Story 2 LE (Version: 1.1.0.3463)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Works (Version: 08.05.0818)
MobileMe Control Panel (Version: 3.1.4.0)
Modem Helper (Version: 3.01)
Move Media Player
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NetWaiting (Version: 2.5.23)
NetZeroInstallers (Version: 1.0.0)
OneTouch Software
Otto
OutlookAddinSetup (Version: 1.0.0)
Quicken 2009 (Version: 18.1.4.14)
QuickSet (Version: 7.1.12)
QuickTime (Version: 7.68.75.0)
Roxio DLA (Version: 5.2.0)
Roxio MyDVD LE (Version: 6.1.6)
Roxio RecordNow Audio (Version: 2.0.4)
Roxio RecordNow Copy (Version: 2.0.4)
Roxio RecordNow Data (Version: 2.0.4)
SearchAssist
Silicon Laboratories CP210x USB to UART Bridge (Driver Removal)
Sonic Activation Module (Version: 1.0)
Sonic Encoders (Version: 1.00)
Sonic Update Manager (Version: 3.0.0)
Sound Blaster ADVANCED MB Drivers
Sound Blaster Audigy ADVANCED MB (Version: 1.0)
Sound Blaster Audigy ADVANCED MB Product Registration
StartNow Toolbar (Version: 2.3.0)
Symantec KB-DocID:2003093015493306 (Version: 1.0.0.1)
Synaptics Pointing Device Driver (Version: 8.2.4.6)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows Internet Explorer 8 (KB968220) (Version: 1)
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
Update for Windows Internet Explorer 8 (KB976749) (Version: 1)
Update for Windows Internet Explorer 8 (KB980182) (Version: 1)
Update for Windows Media Player 10 (KB910393)
Update for Windows Media Player 10 (KB913800)
Update for Windows Media Player 10 (KB926251)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB951072-v2) (Version: 2)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
Update Rollup 2 for Windows XP Media Center Edition 2005
URL Assistant
VoiceOver Kit (Version: 1.40.128.0)
WebFldrs XP (Version: 9.50.7523)
WIDCOMM Bluetooth Software (Version: 5.0.1.2609)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.7.0018.5)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Format Runtime
Windows Media Player 10 (Version: 9.00.3636)
Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information]
Windows XP Media Center Edition 2005 KB2502898
Windows XP Media Center Edition 2005 KB2619340
Windows XP Media Center Edition 2005 KB2628259
Windows XP Media Center Edition 2005 KB908246
Windows XP Media Center Edition 2005 KB912067
Windows XP Media Center Edition 2005 KB973768
Windows XP Service Pack 3 (Version: 20080414.031525)

**** End of log ****

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:52 AM

Posted 06 August 2012 - 12:13 PM

Uninstall AVIRA antivirus

Download

Winsock fix

Launch it ,Click on FIX

Restart your PC after it gets completed

Check your browser.If that doesnt work try this


PLEASE create a restore point before trying this

Please copy the entire contents of the codebox below into Notepad:


REGEDIT4

[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Winsock]

[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2]





Open a notepad ,copy the script,save it as

Filename:winsock.reg
save as type:All files


Launch it and click YES to add it to registry

After that, Reboot your computer.

After the restart,

Go to Network Connections
Right click on your normal connection icon, and choose Properties
Click the Install button
Choose Protocol then click Add
Click Have disk
In the drop down box, type in: C:\WINDOWS\INF and click OK
In the next dialog, click Internet Protocol (TCP/IP) then click OK
Click Close to leave the properties box

After that, restart your computer into safemode with networking and see if you can browse now.

#11 jimmymac

jimmymac
  • Topic Starter

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Local time:02:52 AM

Posted 06 August 2012 - 12:24 PM

I am assuming I should reinstall Avira once I get the connectivity working? BTW, I have still not been able to delete the Live Security Platinum. If I get connectivity, should I just run MBAM anyway to kill it?

Edited by jimmymac, 06 August 2012 - 12:26 PM.


#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:52 AM

Posted 06 August 2012 - 01:21 PM

We can scan for infections after restoring internet connectivity

Edited by narenxp, 06 August 2012 - 01:22 PM.


#13 jimmymac

jimmymac
  • Topic Starter

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Local time:02:52 AM

Posted 06 August 2012 - 03:07 PM

I went through all the steps before I realized I forgot to uninstall Avira, and I still could not connect. Uninstalled Avira, then ran the WinsockFix and I can now connect. MBAM will not update, however. I get an Error code: 732 (0,0) message when I try to update it.

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:52 AM

Posted 06 August 2012 - 03:48 PM

Reinstall MBAM and update.Please run these scans too

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#15 jimmymac

jimmymac
  • Topic Starter

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Local time:02:52 AM

Posted 06 August 2012 - 08:42 PM

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.06.12

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Sarah&James :: MCREYNOLDS [administrator]

8/6/2012 4:49:34 PM
mbam-log-2012-08-06 (16-49-34).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 229232
Time elapsed: 21 minute(s), 17 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 3
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Live Security Platinum (Trojan.LameShield) -> Quarantined and deleted successfully.
HKCR\AppID\GamevanceText.DLL (Adware.GameVance) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\CLASSES\CLSID\{42AEDC87-2188-41FD-B9A3-0C966FEABEC1}\INPROCSERVER32 (Trojan.Zaccess) -> Quarantined and deleted successfully.

Registry Values Detected: 1
HKCU\SOFTWARE\CLASSES\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InprocServer32| (Trojan.Zaccess) -> Data: C:\Documents and Settings\Sarah&James\Local Settings\Application Data\{a16ce3b8-38ed-fa7d-1692-880612278e6e}\n. -> Quarantined and deleted successfully.

Registry Data Items Detected: 1
HKCR\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32| (Trojan.Zaccess) -> Bad: (\\.\globalroot\systemroot\Installer\{a16ce3b8-38ed-fa7d-1692-880612278e6e}\n.) Good: (wbemess.dll) -> Quarantined and repaired successfully.

Folders Detected: 1
C:\Documents and Settings\Sarah&James\Start Menu\Programs\Live Security Platinum (Rogue.LiveSecurityPlatinum) -> Quarantined and deleted successfully.

Files Detected: 5
C:\Documents and Settings\All Users\Application Data\036DFF6A8FD3305DB7E819387B07D287\036DFF6A8FD3305DB7E819387B07D287.exe (Trojan.LameShield) -> Quarantined and deleted successfully.
C:\WINDOWS\Installer\{a16ce3b8-38ed-fa7d-1692-880612278e6e}\n (RootKit.0Access) -> Delete on reboot.
C:\WINDOWS\Installer\{a16ce3b8-38ed-fa7d-1692-880612278e6e}\U\800000cb.@ (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sarah&James\Desktop\Live Security Platinum.lnk (Rogue.LiveSecurityPlatinum) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sarah&James\Start Menu\Programs\Live Security Platinum\Live Security Platinum.lnk (Rogue.LiveSecurityPlatinum) -> Quarantined and deleted successfully.

(end)




aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-06 17:40:23
-----------------------------
17:40:23.046 OS Version: Windows 5.1.2600 Service Pack 3
17:40:23.046 Number of processors: 2 586 0xE08
17:40:23.046 ComputerName: MCREYNOLDS UserName:
17:40:23.687 Initialize success
17:41:44.859 AVAST engine defs: 12080601
17:42:04.203 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
17:42:04.203 Disk 0 Vendor: SAMSUNG_HM080HI AB100-12 Size: 76319MB BusType: 3
17:42:04.234 Disk 0 MBR read successfully
17:42:04.234 Disk 0 MBR scan
17:42:04.296 Disk 0 unknown MBR code
17:42:04.296 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 47 MB offset 63
17:42:04.328 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 69303 MB offset 96390
17:42:04.328 Disk 0 Partition - 00 0F Extended LBA 2047 MB offset 142046730
17:42:04.375 Disk 0 Partition 3 00 DB CP/M / CTOS Dell 8.0 4910 MB offset 146239695
17:42:04.390 Disk 0 Partition 4 00 DD MSWIN4.1 2047 MB offset 142046793
17:42:04.390 Disk 0 scanning sectors +156296385
17:42:04.468 Disk 0 scanning C:\WINDOWS\system32\drivers
17:42:20.421 Service scanning
17:42:42.359 Modules scanning
17:42:55.046 Module: C:\WINDOWS\System32\DLA\DLADResN.SYS **SUSPICIOUS**
17:43:00.718 Disk 0 trace - called modules:
17:43:00.765 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys
17:43:00.765 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x87116ab8]
17:43:00.765 3 CLASSPNP.SYS[f76cdfd7] -> nt!IofCallDriver -> \Device\00000070[0x8711df18]
17:43:00.765 5 ACPI.sys[f7554620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8716dd98]
17:43:02.328 AVAST engine scan C:\WINDOWS
17:43:34.015 AVAST engine scan C:\WINDOWS\system32
17:47:40.625 AVAST engine scan C:\WINDOWS\system32\drivers
17:48:06.250 AVAST engine scan C:\Documents and Settings\Sarah&James
18:00:10.875 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Sarah&James\Desktop\MBR.dat"
18:00:10.921 The log file has been saved successfully to "C:\Documents and Settings\Sarah&James\Desktop\aswMBR.txt"





C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\BHUXCQYG\index1[1].htm HTML/Iframe.B.Gen virus deleted - quarantined
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M9EQYA6Q\index1[1].htm HTML/Iframe.B.Gen virus deleted - quarantined
C:\Documents and Settings\Sarah&James\Local Settings\Application Data\{a16ce3b8-38ed-fa7d-1692-880612278e6e}\n Win32/Sirefef.EV trojan cleaned by deleting - quarantined
C:\Documents and Settings\Sarah&James\Local Settings\Temp\NODDB88.tmp Win32/Qhost trojan cleaned by deleting (after the next restart) - quarantined
C:\Documents and Settings\Sarah&James\Local Settings\Temp\zugo.exe Win32/Toolbar.Zugo application cleaned by deleting - quarantined
C:\Program Files\StartNow Toolbar\StartNowToolbarUninstall.exe Win32/Toolbar.Zugo application cleaned by deleting - quarantined
C:\Program Files\StartNow Toolbar\Toolbar32.dll a variant of Win32/Toolbar.Zugo application cleaned by deleting - quarantined
C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe a variant of Win32/Toolbar.Zugo application cleaned by deleting - quarantined
C:\WINDOWS\Installer\{a16ce3b8-38ed-fa7d-1692-880612278e6e}\U\80000000.@ a variant of Win32/Sirefef.FA trojan cleaned by deleting - quarantined




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users