Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I am infected by Win32/Sirefef


  • Please log in to reply
19 replies to this topic

#1 Gremmy

Gremmy

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:07:11 AM

Posted 04 August 2012 - 11:23 PM

Computer had been acting funny lately so I updated and ran MSE. MSE found the threat, but before I was able to remove and restart the pc I kept getting the error message "windows has encountered a critical problem and will restart automatically in one minute"

Every time I restart the machine it keeps throwing up the same error even in safe mode. I can't run any programs long enough to post any logs, please help

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:11 AM

Posted 05 August 2012 - 12:08 AM

Let me ask a malware response team member to assist you

good luck

#3 Gremmy

Gremmy
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:07:11 AM

Posted 05 August 2012 - 12:56 AM

Thanks narenxp

#4 Gremmy

Gremmy
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:07:11 AM

Posted 05 August 2012 - 10:06 AM

Anyone able to assist on this? I'm on a laptop atmo but it's my main PC that is infected

#5 Gremmy

Gremmy
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:07:11 AM

Posted 06 August 2012 - 12:52 AM

Managed to stop the reboot by running Kaspersky Rescue Disk. However, i'm afraid there might still be remnants of the virus on my machine. Anyone able to assist on this please?

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:11 AM

Posted 06 August 2012 - 07:31 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

Edited by narenxp, 06 August 2012 - 07:32 AM.


#7 Gremmy

Gremmy
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:07:11 AM

Posted 06 August 2012 - 02:10 PM

19:05:55.0042 2956 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
19:05:55.0182 2956 ============================================================
19:05:55.0182 2956 Current date / time: 2012/08/06 19:05:55.0182
19:05:55.0182 2956 SystemInfo:
19:05:55.0182 2956
19:05:55.0182 2956 OS Version: 6.0.6002 ServicePack: 2.0
19:05:55.0182 2956 Product type: Workstation
19:05:55.0182 2956 ComputerName: THEO-PC
19:05:55.0182 2956 UserName: Theo
19:05:55.0182 2956 Windows directory: C:\Windows
19:05:55.0182 2956 System windows directory: C:\Windows
19:05:55.0182 2956 Processor architecture: Intel x86
19:05:55.0182 2956 Number of processors: 4
19:05:55.0182 2956 Page size: 0x1000
19:05:55.0182 2956 Boot type: Normal boot
19:05:55.0182 2956 ============================================================
19:05:56.0321 2956 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:06:00.0627 2956 Drive \Device\Harddisk1\DR1 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:06:00.0751 2956 ============================================================
19:06:00.0751 2956 \Device\Harddisk0\DR0:
19:06:00.0767 2956 MBR partitions:
19:06:00.0767 2956 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1F800, BlocksNum 0x1E00000
19:06:00.0767 2956 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E1F800, BlocksNum 0x38566000
19:06:00.0767 2956 \Device\Harddisk1\DR1:
19:06:00.0767 2956 MBR partitions:
19:06:00.0767 2956 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x12A14BC1
19:06:00.0767 2956 ============================================================
19:06:00.0923 2956 C: <-> \Device\Harddisk0\DR0\Partition1
19:06:01.0407 2956 D: <-> \Device\Harddisk0\DR0\Partition0
19:06:01.0438 2956 F: <-> \Device\Harddisk1\DR1\Partition0
19:06:01.0438 2956 ============================================================
19:06:01.0438 2956 Initialize success
19:06:01.0438 2956 ============================================================
19:06:06.0040 3244 ============================================================
19:06:06.0040 3244 Scan started
19:06:06.0040 3244 Mode: Manual; TDLFS;
19:06:06.0040 3244 ============================================================
19:06:07.0272 3244 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
19:06:07.0272 3244 ACPI - ok
19:06:07.0335 3244 AdobeFlashPlayerUpdateSvc (f19c98ad81d2c0e1bbfd8153d2c80ee8) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:06:07.0335 3244 AdobeFlashPlayerUpdateSvc - ok
19:06:07.0413 3244 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
19:06:07.0413 3244 adp94xx - ok
19:06:07.0428 3244 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
19:06:07.0428 3244 adpahci - ok
19:06:07.0444 3244 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
19:06:07.0444 3244 adpu160m - ok
19:06:07.0459 3244 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
19:06:07.0459 3244 adpu320 - ok
19:06:07.0491 3244 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
19:06:07.0491 3244 AeLookupSvc - ok
19:06:07.0537 3244 AERTFilters (973f07c81f3b90c44c9beae261f7c93d) C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe
19:06:07.0537 3244 AERTFilters - ok
19:06:07.0584 3244 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
19:06:07.0584 3244 AFD - ok
19:06:07.0600 3244 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
19:06:07.0600 3244 agp440 - ok
19:06:07.0631 3244 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
19:06:07.0631 3244 aic78xx - ok
19:06:07.0647 3244 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
19:06:07.0647 3244 ALG - ok
19:06:07.0678 3244 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
19:06:07.0678 3244 aliide - ok
19:06:07.0693 3244 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
19:06:07.0693 3244 amdagp - ok
19:06:07.0709 3244 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
19:06:07.0709 3244 amdide - ok
19:06:07.0709 3244 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
19:06:07.0725 3244 AmdK7 - ok
19:06:07.0725 3244 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
19:06:07.0725 3244 AmdK8 - ok
19:06:07.0740 3244 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
19:06:07.0740 3244 Appinfo - ok
19:06:07.0818 3244 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:06:07.0818 3244 Apple Mobile Device - ok
19:06:07.0849 3244 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
19:06:07.0849 3244 arc - ok
19:06:07.0865 3244 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
19:06:07.0865 3244 arcsas - ok
19:06:07.0881 3244 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
19:06:07.0881 3244 AsyncMac - ok
19:06:07.0912 3244 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
19:06:07.0912 3244 atapi - ok
19:06:07.0943 3244 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
19:06:07.0943 3244 AudioEndpointBuilder - ok
19:06:07.0943 3244 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
19:06:07.0959 3244 Audiosrv - ok
19:06:07.0959 3244 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
19:06:07.0959 3244 Beep - ok
19:06:08.0099 3244 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
19:06:08.0099 3244 BFE - ok
19:06:08.0130 3244 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
19:06:08.0130 3244 blbdrive - ok
19:06:08.0177 3244 Bonjour Service (f2060a34c8a75bc24a9222eb4f8c07bd) C:\Program Files\Bonjour\mDNSResponder.exe
19:06:08.0193 3244 Bonjour Service - ok
19:06:08.0224 3244 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
19:06:08.0224 3244 bowser - ok
19:06:08.0239 3244 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
19:06:08.0255 3244 BrFiltLo - ok
19:06:08.0255 3244 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
19:06:08.0255 3244 BrFiltUp - ok
19:06:08.0271 3244 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
19:06:08.0271 3244 Browser - ok
19:06:08.0302 3244 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
19:06:08.0302 3244 Brserid - ok
19:06:08.0302 3244 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
19:06:08.0302 3244 BrSerWdm - ok
19:06:08.0317 3244 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
19:06:08.0317 3244 BrUsbMdm - ok
19:06:08.0349 3244 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
19:06:08.0349 3244 BrUsbSer - ok
19:06:08.0364 3244 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
19:06:08.0364 3244 BTHMODEM - ok
19:06:08.0380 3244 catchme - ok
19:06:08.0395 3244 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
19:06:08.0395 3244 cdfs - ok
19:06:08.0427 3244 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
19:06:08.0427 3244 cdrom - ok
19:06:08.0458 3244 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
19:06:08.0458 3244 CertPropSvc - ok
19:06:08.0473 3244 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
19:06:08.0473 3244 circlass - ok
19:06:08.0505 3244 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
19:06:08.0505 3244 CLFS - ok
19:06:08.0551 3244 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:06:08.0551 3244 clr_optimization_v2.0.50727_32 - ok
19:06:08.0583 3244 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:06:08.0583 3244 clr_optimization_v4.0.30319_32 - ok
19:06:08.0614 3244 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
19:06:08.0614 3244 cmdide - ok
19:06:08.0614 3244 Compbatt (4fc0a44da7603229e1a9454126a59efd) C:\Windows\system32\drivers\compbatt.sys
19:06:08.0614 3244 Compbatt - ok
19:06:08.0629 3244 COMSysApp - ok
19:06:08.0645 3244 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
19:06:08.0645 3244 crcdisk - ok
19:06:08.0661 3244 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
19:06:08.0661 3244 Crusoe - ok
19:06:08.0676 3244 CryptSvc (75c6a297e364014840b48eccd7525e30) C:\Windows\system32\cryptsvc.dll
19:06:08.0676 3244 CryptSvc - ok
19:06:08.0707 3244 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
19:06:08.0707 3244 DcomLaunch - ok
19:06:08.0739 3244 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
19:06:08.0739 3244 DfsC - ok
19:06:08.0817 3244 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
19:06:08.0848 3244 DFSR - ok
19:06:08.0941 3244 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
19:06:08.0941 3244 Dhcp - ok
19:06:08.0973 3244 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
19:06:08.0973 3244 disk - ok
19:06:08.0988 3244 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
19:06:08.0988 3244 Dnscache - ok
19:06:09.0019 3244 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
19:06:09.0019 3244 dot3svc - ok
19:06:09.0035 3244 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
19:06:09.0035 3244 DPS - ok
19:06:09.0066 3244 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
19:06:09.0066 3244 drmkaud - ok
19:06:09.0113 3244 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
19:06:09.0113 3244 DXGKrnl - ok
19:06:09.0144 3244 e1express (908ed85b7806e8af3af5e9b74f7809d4) C:\Windows\system32\DRIVERS\e1e6032.sys
19:06:09.0144 3244 e1express - ok
19:06:09.0160 3244 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
19:06:09.0160 3244 E1G60 - ok
19:06:09.0175 3244 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
19:06:09.0175 3244 EapHost - ok
19:06:09.0207 3244 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
19:06:09.0207 3244 Ecache - ok
19:06:09.0378 3244 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
19:06:09.0378 3244 ehRecvr - ok
19:06:09.0409 3244 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
19:06:09.0425 3244 ehSched - ok
19:06:09.0425 3244 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
19:06:09.0425 3244 ehstart - ok
19:06:09.0456 3244 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
19:06:09.0456 3244 elxstor - ok
19:06:09.0706 3244 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
19:06:09.0721 3244 EMDMgmt - ok
19:06:09.0737 3244 ErrDev (f2a80de2d1b7116052c09cb4d4ca1416) C:\Windows\system32\drivers\errdev.sys
19:06:09.0737 3244 ErrDev - ok
19:06:09.0768 3244 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
19:06:09.0768 3244 EventSystem - ok
19:06:09.0799 3244 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
19:06:09.0815 3244 exfat - ok
19:06:09.0831 3244 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
19:06:09.0846 3244 fastfat - ok
19:06:09.0862 3244 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
19:06:09.0862 3244 fdc - ok
19:06:09.0877 3244 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
19:06:09.0877 3244 fdPHost - ok
19:06:09.0893 3244 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
19:06:09.0893 3244 FDResPub - ok
19:06:09.0909 3244 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
19:06:09.0909 3244 FileInfo - ok
19:06:09.0924 3244 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
19:06:09.0924 3244 Filetrace - ok
19:06:09.0940 3244 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
19:06:09.0940 3244 flpydisk - ok
19:06:09.0955 3244 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
19:06:09.0955 3244 FltMgr - ok
19:06:09.0987 3244 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
19:06:10.0002 3244 FontCache - ok
19:06:10.0111 3244 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
19:06:10.0127 3244 FontCache3.0.0.0 - ok
19:06:10.0143 3244 Fs_Rec (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys
19:06:10.0143 3244 Fs_Rec - ok
19:06:10.0252 3244 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
19:06:10.0267 3244 gagp30kx - ok
19:06:10.0314 3244 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:06:10.0314 3244 GEARAspiWDM - ok
19:06:10.0330 3244 GGSAFERDriver - ok
19:06:10.0377 3244 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
19:06:10.0377 3244 gpsvc - ok
19:06:10.0408 3244 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
19:06:10.0408 3244 HDAudBus - ok
19:06:10.0439 3244 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
19:06:10.0439 3244 HidBth - ok
19:06:10.0455 3244 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
19:06:10.0455 3244 HidIr - ok
19:06:10.0501 3244 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\System32\hidserv.dll
19:06:10.0501 3244 hidserv - ok
19:06:10.0517 3244 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
19:06:10.0517 3244 HidUsb - ok
19:06:10.0533 3244 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
19:06:10.0533 3244 hkmsvc - ok
19:06:10.0548 3244 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
19:06:10.0564 3244 HpCISSs - ok
19:06:10.0579 3244 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
19:06:10.0579 3244 HTTP - ok
19:06:10.0595 3244 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
19:06:10.0595 3244 i2omp - ok
19:06:10.0611 3244 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
19:06:10.0611 3244 i8042prt - ok
19:06:10.0673 3244 iaStor (8ef427c54497c5f8a7a645990e4278c7) C:\Windows\system32\drivers\iastor.sys
19:06:10.0673 3244 iaStor - ok
19:06:10.0689 3244 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
19:06:10.0689 3244 iaStorV - ok
19:06:11.0250 3244 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:06:11.0250 3244 idsvc - ok
19:06:11.0547 3244 igfx (63c56dac467ef814b60ff2aa2286c917) C:\Windows\system32\DRIVERS\igdkmd32.sys
19:06:11.0562 3244 igfx - ok
19:06:11.0827 3244 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
19:06:11.0827 3244 iirsp - ok
19:06:11.0905 3244 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
19:06:11.0921 3244 IKEEXT - ok
19:06:12.0077 3244 IntcAzAudAddService (daad0b351a544d3a76770f4bbd75260f) C:\Windows\system32\drivers\RTKVHDA.sys
19:06:12.0093 3244 IntcAzAudAddService - ok
19:06:12.0295 3244 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\DRIVERS\intelide.sys
19:06:12.0311 3244 intelide - ok
19:06:12.0342 3244 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
19:06:12.0342 3244 intelppm - ok
19:06:12.0358 3244 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
19:06:12.0358 3244 IPBusEnum - ok
19:06:12.0389 3244 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:06:12.0389 3244 IpFilterDriver - ok
19:06:12.0420 3244 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
19:06:12.0420 3244 iphlpsvc - ok
19:06:12.0436 3244 IpInIp - ok
19:06:12.0451 3244 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
19:06:12.0451 3244 IPMIDRV - ok
19:06:12.0467 3244 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
19:06:12.0467 3244 IPNAT - ok
19:06:12.0670 3244 iPod Service (e51bd095b2fdf56b17ee010bb794d6ed) C:\Program Files\iPod\bin\iPodService.exe
19:06:12.0685 3244 iPod Service - ok
19:06:12.0701 3244 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
19:06:12.0701 3244 IRENUM - ok
19:06:12.0717 3244 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
19:06:12.0717 3244 isapnp - ok
19:06:12.0732 3244 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
19:06:12.0732 3244 iScsiPrt - ok
19:06:12.0748 3244 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
19:06:12.0748 3244 iteatapi - ok
19:06:12.0748 3244 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
19:06:12.0748 3244 iteraid - ok
19:06:12.0966 3244 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
19:06:12.0966 3244 kbdclass - ok
19:06:13.0091 3244 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
19:06:13.0091 3244 kbdhid - ok
19:06:13.0216 3244 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
19:06:13.0216 3244 KeyIso - ok
19:06:13.0278 3244 KSecDD (4a1445efa932a3baf5bdb02d7131ee20) C:\Windows\system32\Drivers\ksecdd.sys
19:06:13.0278 3244 KSecDD - ok
19:06:13.0481 3244 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
19:06:13.0481 3244 KtmRm - ok
19:06:13.0918 3244 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\System32\srvsvc.dll
19:06:13.0918 3244 LanmanServer - ok
19:06:14.0464 3244 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
19:06:14.0464 3244 LanmanWorkstation - ok
19:06:14.0651 3244 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
19:06:14.0651 3244 lltdio - ok
19:06:14.0760 3244 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
19:06:14.0791 3244 lltdsvc - ok
19:06:14.0807 3244 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
19:06:14.0807 3244 lmhosts - ok
19:06:14.0823 3244 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
19:06:14.0823 3244 LSI_FC - ok
19:06:14.0838 3244 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
19:06:14.0838 3244 LSI_SAS - ok
19:06:15.0197 3244 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
19:06:15.0197 3244 LSI_SCSI - ok
19:06:15.0244 3244 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
19:06:15.0244 3244 luafv - ok
19:06:15.0447 3244 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
19:06:15.0447 3244 Mcx2Svc - ok
19:06:15.0509 3244 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
19:06:15.0509 3244 megasas - ok
19:06:15.0540 3244 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
19:06:15.0540 3244 MegaSR - ok
19:06:15.0930 3244 Microsoft SharePoint Workspace Audit Service - ok
19:06:16.0164 3244 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
19:06:16.0180 3244 MMCSS - ok
19:06:16.0211 3244 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
19:06:16.0211 3244 Modem - ok
19:06:16.0320 3244 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
19:06:16.0320 3244 monitor - ok
19:06:16.0507 3244 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
19:06:16.0507 3244 mouclass - ok
19:06:16.0539 3244 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
19:06:16.0539 3244 mouhid - ok
19:06:16.0554 3244 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
19:06:16.0554 3244 MountMgr - ok
19:06:16.0601 3244 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
19:06:16.0601 3244 MozillaMaintenance - ok
19:06:16.0648 3244 MpFilter (d993bea500e7382dc4e760bf4f35efcb) C:\Windows\system32\DRIVERS\MpFilter.sys
19:06:16.0663 3244 MpFilter - ok
19:06:16.0679 3244 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
19:06:16.0679 3244 mpio - ok
19:06:16.0819 3244 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
19:06:16.0819 3244 mpsdrv - ok
19:06:16.0897 3244 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
19:06:16.0897 3244 Mraid35x - ok
19:06:17.0038 3244 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
19:06:17.0038 3244 MRxDAV - ok
19:06:17.0069 3244 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:06:17.0069 3244 mrxsmb - ok
19:06:17.0100 3244 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:06:17.0100 3244 mrxsmb10 - ok
19:06:17.0100 3244 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:06:17.0100 3244 mrxsmb20 - ok
19:06:17.0131 3244 msahci (f70590424eefbf5c27a40c67afdb8383) C:\Windows\system32\drivers\msahci.sys
19:06:17.0131 3244 msahci - ok
19:06:17.0147 3244 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
19:06:17.0147 3244 msdsm - ok
19:06:17.0178 3244 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
19:06:17.0178 3244 MSDTC - ok
19:06:17.0209 3244 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
19:06:17.0209 3244 Msfs - ok
19:06:17.0225 3244 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
19:06:17.0241 3244 msisadrv - ok
19:06:17.0256 3244 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
19:06:17.0256 3244 MSiSCSI - ok
19:06:17.0272 3244 msiserver - ok
19:06:17.0287 3244 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
19:06:17.0287 3244 MSKSSRV - ok
19:06:17.0365 3244 MsMpSvc (24516bf4e12a46cb67302e2cdcb8cddf) c:\Program Files\Microsoft Security Client\MsMpEng.exe
19:06:17.0365 3244 MsMpSvc - ok
19:06:17.0381 3244 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
19:06:17.0381 3244 MSPCLOCK - ok
19:06:17.0397 3244 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
19:06:17.0397 3244 MSPQM - ok
19:06:17.0428 3244 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
19:06:17.0428 3244 MsRPC - ok
19:06:17.0443 3244 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
19:06:17.0443 3244 mssmbios - ok
19:06:17.0459 3244 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
19:06:17.0459 3244 MSTEE - ok
19:06:17.0475 3244 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
19:06:17.0475 3244 Mup - ok
19:06:17.0490 3244 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
19:06:17.0506 3244 napagent - ok
19:06:17.0521 3244 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
19:06:17.0521 3244 NativeWifiP - ok
19:06:17.0568 3244 NAUpdate (1bbbf640bc0e0b750537baece8d66c18) C:\Program Files\Nero\Update\NASvc.exe
19:06:17.0584 3244 NAUpdate - ok
19:06:17.0599 3244 NBVol (e240f3204e86b7b6ccf266b2a2ad32b4) C:\Windows\system32\DRIVERS\NBVol.sys
19:06:17.0615 3244 NBVol - ok
19:06:17.0615 3244 NBVolUp (c0cf3cccce3c75f7280c89029ab47866) C:\Windows\system32\DRIVERS\NBVolUp.sys
19:06:17.0615 3244 NBVolUp - ok
19:06:17.0646 3244 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
19:06:17.0662 3244 NDIS - ok
19:06:17.0677 3244 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
19:06:17.0677 3244 NdisTapi - ok
19:06:17.0693 3244 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
19:06:17.0693 3244 Ndisuio - ok
19:06:17.0724 3244 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
19:06:17.0724 3244 NdisWan - ok
19:06:17.0740 3244 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
19:06:17.0740 3244 NDProxy - ok
19:06:17.0771 3244 Netaapl (1352e1648213551923a0a822e441553c) C:\Windows\system32\DRIVERS\netaapl.sys
19:06:17.0771 3244 Netaapl - ok
19:06:17.0787 3244 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
19:06:17.0787 3244 NetBIOS - ok
19:06:17.0802 3244 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
19:06:17.0802 3244 netbt - ok
19:06:17.0833 3244 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
19:06:17.0833 3244 Netlogon - ok
19:06:17.0865 3244 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
19:06:17.0865 3244 Netman - ok
19:06:17.0896 3244 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
19:06:17.0911 3244 netprofm - ok
19:06:17.0989 3244 NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:06:17.0989 3244 NetTcpPortSharing - ok
19:06:18.0021 3244 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
19:06:18.0021 3244 nfrd960 - ok
19:06:18.0036 3244 NisDrv (b52f26bade7d7e4a79706e3fd91834cd) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
19:06:18.0036 3244 NisDrv - ok
19:06:18.0145 3244 NisSrv (290c0d4c4889398797f8df3be00b9698) c:\Program Files\Microsoft Security Client\NisSrv.exe
19:06:18.0145 3244 NisSrv - ok
19:06:18.0177 3244 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
19:06:18.0177 3244 NlaSvc - ok
19:06:18.0208 3244 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
19:06:18.0208 3244 Npfs - ok
19:06:18.0208 3244 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
19:06:18.0223 3244 nsi - ok
19:06:18.0239 3244 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
19:06:18.0239 3244 nsiproxy - ok
19:06:18.0301 3244 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
19:06:18.0317 3244 Ntfs - ok
19:06:18.0348 3244 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
19:06:18.0348 3244 ntrigdigi - ok
19:06:18.0364 3244 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
19:06:18.0364 3244 Null - ok
19:06:18.0676 3244 nvlddmkm (01544d3e8b6c8c490f57317ad5e4e9ff) C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:06:18.0738 3244 nvlddmkm - ok
19:06:18.0847 3244 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
19:06:18.0847 3244 nvraid - ok
19:06:18.0863 3244 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
19:06:18.0863 3244 nvstor - ok
19:06:18.0894 3244 nvsvc (22ef929df12af21965b0bf5558feaa4a) C:\Windows\system32\nvvsvc.exe
19:06:18.0894 3244 nvsvc - ok
19:06:18.0910 3244 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
19:06:18.0910 3244 nv_agp - ok
19:06:18.0910 3244 NwlnkFlt - ok
19:06:18.0925 3244 NwlnkFwd - ok
19:06:18.0941 3244 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
19:06:18.0941 3244 ohci1394 - ok
19:06:19.0003 3244 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:06:19.0003 3244 ose - ok
19:06:19.0159 3244 osppsvc (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:06:19.0237 3244 osppsvc - ok
19:06:19.0362 3244 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
19:06:19.0362 3244 p2pimsvc - ok
19:06:19.0378 3244 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
19:06:19.0378 3244 p2psvc - ok
19:06:19.0456 3244 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
19:06:19.0456 3244 Parport - ok
19:06:19.0487 3244 partmgr (b9c2b89f08670e159f7181891e449cd9) C:\Windows\system32\drivers\partmgr.sys
19:06:19.0487 3244 partmgr - ok
19:06:19.0487 3244 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
19:06:19.0487 3244 Parvdm - ok
19:06:19.0518 3244 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
19:06:19.0518 3244 PcaSvc - ok
19:06:19.0612 3244 PCD5SRVC{3F6A8B78-EC003E00-05040104} (42ede7d217325ff56cb8a9983cd7f73b) C:\PROGRA~1\DELLSU~1\HWDiag\bin\PCD5SRVC.pkms
19:06:19.0627 3244 PCD5SRVC{3F6A8B78-EC003E00-05040104} - ok
19:06:19.0659 3244 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
19:06:19.0659 3244 pci - ok
19:06:19.0659 3244 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
19:06:19.0659 3244 pciide - ok
19:06:19.0690 3244 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
19:06:19.0690 3244 pcmcia - ok
19:06:19.0721 3244 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
19:06:19.0721 3244 PEAUTH - ok
19:06:19.0908 3244 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
19:06:19.0924 3244 pla - ok
19:06:20.0002 3244 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
19:06:20.0002 3244 PlugPlay - ok
19:06:20.0049 3244 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
19:06:20.0049 3244 PNRPAutoReg - ok
19:06:20.0064 3244 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
19:06:20.0064 3244 PNRPsvc - ok
19:06:20.0095 3244 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
19:06:20.0095 3244 PolicyAgent - ok
19:06:20.0142 3244 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
19:06:20.0142 3244 PptpMiniport - ok
19:06:20.0158 3244 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
19:06:20.0158 3244 Processor - ok
19:06:20.0173 3244 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
19:06:20.0173 3244 ProfSvc - ok
19:06:20.0205 3244 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
19:06:20.0205 3244 ProtectedStorage - ok
19:06:20.0236 3244 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
19:06:20.0236 3244 PSched - ok
19:06:20.0236 3244 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\Windows\system32\Drivers\PxHelp20.sys
19:06:20.0236 3244 PxHelp20 - ok
19:06:20.0283 3244 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
19:06:20.0283 3244 ql2300 - ok
19:06:20.0298 3244 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
19:06:20.0298 3244 ql40xx - ok
19:06:20.0329 3244 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
19:06:20.0329 3244 QWAVE - ok
19:06:20.0345 3244 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
19:06:20.0345 3244 QWAVEdrv - ok
19:06:20.0407 3244 R300 (e642b131fb74caf4bb8a014f31113142) C:\Windows\system32\DRIVERS\atikmdag.sys
19:06:20.0423 3244 R300 - ok
19:06:20.0532 3244 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
19:06:20.0532 3244 RasAcd - ok
19:06:20.0548 3244 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
19:06:20.0548 3244 RasAuto - ok
19:06:20.0579 3244 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:06:20.0579 3244 Rasl2tp - ok
19:06:20.0610 3244 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
19:06:20.0626 3244 RasMan - ok
19:06:20.0641 3244 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
19:06:20.0641 3244 RasPppoe - ok
19:06:20.0657 3244 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
19:06:20.0657 3244 RasSstp - ok
19:06:20.0704 3244 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
19:06:20.0704 3244 rdbss - ok
19:06:20.0704 3244 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:06:20.0704 3244 RDPCDD - ok
19:06:20.0751 3244 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
19:06:20.0751 3244 rdpdr - ok
19:06:20.0751 3244 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
19:06:20.0751 3244 RDPENCDD - ok
19:06:20.0797 3244 RDPWD (c127ebd5afab31524662c48dfceb773a) C:\Windows\system32\drivers\RDPWD.sys
19:06:20.0797 3244 RDPWD - ok
19:06:20.0813 3244 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
19:06:20.0813 3244 RemoteAccess - ok
19:06:20.0844 3244 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
19:06:20.0844 3244 RemoteRegistry - ok
19:06:20.0860 3244 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
19:06:20.0860 3244 RpcLocator - ok
19:06:20.0891 3244 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\System32\rpcss.dll
19:06:20.0907 3244 RpcSs - ok
19:06:20.0922 3244 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
19:06:20.0922 3244 rspndr - ok
19:06:20.0953 3244 RTL8169 (13e97cf38286b8a1d7605d3175db28ee) C:\Windows\system32\DRIVERS\Rtlh86.sys
19:06:20.0953 3244 RTL8169 - ok
19:06:20.0969 3244 RTL8187 (99c27fceb21347daf3ee9e8c205314d6) C:\Windows\system32\DRIVERS\wg111v2.sys
19:06:20.0969 3244 RTL8187 - ok
19:06:20.0985 3244 RTLWUSB (99c27fceb21347daf3ee9e8c205314d6) C:\Windows\system32\DRIVERS\wg111v2.sys
19:06:20.0985 3244 RTLWUSB - ok
19:06:20.0985 3244 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
19:06:20.0985 3244 SamSs - ok
19:06:21.0047 3244 SASDIFSV (a3281aec37e0720a2bc28034c2df2a56) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
19:06:21.0047 3244 SASDIFSV - ok
19:06:21.0063 3244 SASENUM (7ce61c25c159f50f9eaf6d77fc83fa35) C:\Program Files\SUPERAntiSpyware\SASENUM.SYS
19:06:21.0063 3244 SASENUM - ok
19:06:21.0078 3244 SASKUTIL (61db0d0756a99506207fd724e3692b25) C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys
19:06:21.0078 3244 SASKUTIL - ok
19:06:21.0094 3244 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
19:06:21.0094 3244 sbp2port - ok
19:06:21.0109 3244 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
19:06:21.0109 3244 SCardSvr - ok
19:06:21.0156 3244 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
19:06:21.0172 3244 Schedule - ok
19:06:21.0219 3244 SCMNdisP (3b68015683c27cb00c7a6b60a37cbcfd) C:\Windows\system32\DRIVERS\scmndisp.sys
19:06:21.0219 3244 SCMNdisP - ok
19:06:21.0234 3244 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
19:06:21.0234 3244 SCPolicySvc - ok
19:06:21.0265 3244 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
19:06:21.0265 3244 SDRSVC - ok
19:06:21.0328 3244 SeaPort (16a252022535b680046f6e34e136d378) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
19:06:21.0328 3244 SeaPort - ok
19:06:21.0343 3244 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
19:06:21.0343 3244 secdrv - ok
19:06:21.0343 3244 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
19:06:21.0343 3244 seclogon - ok
19:06:21.0359 3244 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\system32\sens.dll
19:06:21.0359 3244 SENS - ok
19:06:21.0390 3244 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
19:06:21.0390 3244 Serenum - ok
19:06:21.0390 3244 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
19:06:21.0390 3244 Serial - ok
19:06:21.0406 3244 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
19:06:21.0406 3244 sermouse - ok
19:06:21.0437 3244 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
19:06:21.0437 3244 SessionEnv - ok
19:06:21.0453 3244 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
19:06:21.0453 3244 sffdisk - ok
19:06:21.0468 3244 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
19:06:21.0468 3244 sffp_mmc - ok
19:06:21.0468 3244 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
19:06:21.0468 3244 sffp_sd - ok
19:06:21.0484 3244 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
19:06:21.0484 3244 sfloppy - ok
19:06:21.0515 3244 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
19:06:21.0515 3244 ShellHWDetection - ok
19:06:21.0531 3244 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
19:06:21.0531 3244 sisagp - ok
19:06:21.0546 3244 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
19:06:21.0546 3244 SiSRaid2 - ok
19:06:21.0562 3244 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
19:06:21.0562 3244 SiSRaid4 - ok
19:06:21.0749 3244 Skype C2C Service (2a99850c2a6edd6c6602e822c716edaf) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
19:06:21.0874 3244 Skype C2C Service - ok
19:06:22.0014 3244 SkypeUpdate (ea396139541706b4b433641d62ea53ce) C:\Program Files\Skype\Updater\Updater.exe
19:06:22.0014 3244 SkypeUpdate - ok
19:06:22.0186 3244 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
19:06:22.0248 3244 slsvc - ok
19:06:22.0295 3244 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
19:06:22.0311 3244 SLUINotify - ok
19:06:22.0326 3244 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
19:06:22.0326 3244 Smb - ok
19:06:22.0373 3244 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
19:06:22.0373 3244 SNMPTRAP - ok
19:06:22.0451 3244 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
19:06:22.0451 3244 spldr - ok
19:06:22.0467 3244 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
19:06:22.0482 3244 Spooler - ok
19:06:22.0529 3244 sprtsvc_DellSupportCenter (777115c9cc675bd98127660712d2f784) C:\Program Files\Dell Support Center\bin\sprtsvc.exe
19:06:22.0529 3244 sprtsvc_DellSupportCenter - ok
19:06:22.0576 3244 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
19:06:22.0576 3244 srv - ok
19:06:22.0591 3244 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
19:06:22.0591 3244 srv2 - ok
19:06:22.0607 3244 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
19:06:22.0607 3244 srvnet - ok
19:06:22.0638 3244 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
19:06:22.0638 3244 SSDPSRV - ok
19:06:22.0669 3244 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
19:06:22.0669 3244 SstpSvc - ok
19:06:22.0747 3244 Stereo Service (bad795e567a323481813c88db8bc8fdf) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
19:06:22.0747 3244 Stereo Service - ok
19:06:22.0779 3244 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
19:06:22.0779 3244 stisvc - ok
19:06:22.0794 3244 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
19:06:22.0794 3244 swenum - ok
19:06:22.0825 3244 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
19:06:22.0825 3244 swprv - ok
19:06:22.0857 3244 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
19:06:22.0857 3244 Symc8xx - ok
19:06:22.0857 3244 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
19:06:22.0857 3244 Sym_hi - ok
19:06:22.0872 3244 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
19:06:22.0872 3244 Sym_u3 - ok
19:06:22.0919 3244 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
19:06:22.0919 3244 SysMain - ok
19:06:22.0935 3244 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
19:06:22.0935 3244 TabletInputService - ok
19:06:22.0966 3244 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
19:06:22.0966 3244 TapiSrv - ok
19:06:22.0981 3244 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
19:06:22.0981 3244 TBS - ok
19:06:23.0028 3244 Tcpip (ee7e10bed85c312c1d5d30c435bdda9f) C:\Windows\system32\drivers\tcpip.sys
19:06:23.0044 3244 Tcpip - ok
19:06:23.0044 3244 Tcpip6 (ee7e10bed85c312c1d5d30c435bdda9f) C:\Windows\system32\DRIVERS\tcpip.sys
19:06:23.0059 3244 Tcpip6 - ok
19:06:23.0075 3244 tcpipreg (2c2d4cff5e09c73908f9b5af49a51365) C:\Windows\system32\drivers\tcpipreg.sys
19:06:23.0075 3244 tcpipreg - ok
19:06:23.0106 3244 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
19:06:23.0106 3244 TDPIPE - ok
19:06:23.0122 3244 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
19:06:23.0122 3244 TDTCP - ok
19:06:23.0137 3244 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
19:06:23.0137 3244 tdx - ok
19:06:23.0153 3244 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
19:06:23.0153 3244 TermDD - ok
19:06:23.0184 3244 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
19:06:23.0200 3244 TermService - ok
19:06:23.0215 3244 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
19:06:23.0231 3244 Themes - ok
19:06:23.0247 3244 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
19:06:23.0247 3244 THREADORDER - ok
19:06:23.0278 3244 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
19:06:23.0278 3244 TrkWks - ok
19:06:23.0309 3244 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
19:06:23.0309 3244 TrustedInstaller - ok
19:06:23.0340 3244 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:06:23.0340 3244 tssecsrv - ok
19:06:23.0356 3244 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
19:06:23.0356 3244 tunmp - ok
19:06:23.0371 3244 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
19:06:23.0371 3244 tunnel - ok
19:06:23.0387 3244 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
19:06:23.0387 3244 uagp35 - ok
19:06:23.0418 3244 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
19:06:23.0418 3244 udfs - ok
19:06:23.0449 3244 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
19:06:23.0449 3244 UI0Detect - ok
19:06:23.0465 3244 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
19:06:23.0465 3244 uliagpkx - ok
19:06:23.0496 3244 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
19:06:23.0496 3244 uliahci - ok
19:06:23.0512 3244 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
19:06:23.0512 3244 UlSata - ok
19:06:23.0543 3244 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
19:06:23.0543 3244 ulsata2 - ok
19:06:23.0559 3244 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
19:06:23.0559 3244 umbus - ok
19:06:23.0574 3244 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
19:06:23.0574 3244 upnphost - ok
19:06:23.0605 3244 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
19:06:23.0605 3244 USBAAPL - ok
19:06:23.0637 3244 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
19:06:23.0637 3244 usbaudio - ok
19:06:23.0637 3244 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
19:06:23.0637 3244 usbccgp - ok
19:06:23.0652 3244 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
19:06:23.0652 3244 usbcir - ok
19:06:23.0652 3244 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
19:06:23.0652 3244 usbehci - ok
19:06:23.0683 3244 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
19:06:23.0683 3244 usbhub - ok
19:06:23.0699 3244 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
19:06:23.0699 3244 usbohci - ok
19:06:23.0715 3244 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys
19:06:23.0715 3244 usbprint - ok
19:06:23.0730 3244 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:06:23.0730 3244 USBSTOR - ok
19:06:23.0730 3244 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
19:06:23.0730 3244 usbuhci - ok
19:06:23.0777 3244 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
19:06:23.0777 3244 usbvideo - ok
19:06:23.0808 3244 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
19:06:23.0808 3244 UxSms - ok
19:06:23.0839 3244 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
19:06:23.0839 3244 vds - ok
19:06:23.0871 3244 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
19:06:23.0871 3244 vga - ok
19:06:23.0902 3244 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
19:06:23.0902 3244 VgaSave - ok
19:06:23.0917 3244 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
19:06:23.0917 3244 viaagp - ok
19:06:23.0933 3244 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
19:06:23.0933 3244 ViaC7 - ok
19:06:23.0949 3244 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
19:06:23.0949 3244 viaide - ok
19:06:23.0949 3244 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
19:06:23.0949 3244 volmgr - ok
19:06:23.0980 3244 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
19:06:23.0980 3244 volmgrx - ok
19:06:23.0980 3244 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
19:06:23.0995 3244 volsnap - ok
19:06:24.0011 3244 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
19:06:24.0011 3244 vsmraid - ok
19:06:24.0058 3244 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
19:06:24.0058 3244 VSS - ok
19:06:24.0105 3244 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
19:06:24.0105 3244 W32Time - ok
19:06:24.0136 3244 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
19:06:24.0136 3244 WacomPen - ok
19:06:24.0167 3244 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
19:06:24.0167 3244 Wanarp - ok
19:06:24.0167 3244 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
19:06:24.0167 3244 Wanarpv6 - ok
19:06:24.0198 3244 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
19:06:24.0198 3244 wcncsvc - ok
19:06:24.0214 3244 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
19:06:24.0214 3244 WcsPlugInService - ok
19:06:24.0229 3244 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
19:06:24.0229 3244 Wd - ok
19:06:24.0292 3244 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
19:06:24.0292 3244 Wdf01000 - ok
19:06:24.0323 3244 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
19:06:24.0323 3244 WdiServiceHost - ok
19:06:24.0323 3244 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
19:06:24.0339 3244 WdiSystemHost - ok
19:06:24.0339 3244 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
19:06:24.0354 3244 WebClient - ok
19:06:24.0370 3244 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
19:06:24.0370 3244 Wecsvc - ok
19:06:24.0385 3244 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
19:06:24.0385 3244 wercplsupport - ok
19:06:24.0401 3244 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
19:06:24.0417 3244 WerSvc - ok
19:06:24.0479 3244 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
19:06:24.0495 3244 WinDefend - ok
19:06:24.0495 3244 WinHttpAutoProxySvc - ok
19:06:24.0526 3244 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
19:06:24.0526 3244 Winmgmt - ok
19:06:24.0573 3244 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
19:06:24.0588 3244 WinRM - ok
19:06:24.0651 3244 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
19:06:24.0651 3244 Wlansvc - ok
19:06:24.0775 3244 wlidsvc (fb01d4ae207b9efdbabfc55dc95c7e31) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:06:24.0807 3244 wlidsvc - ok
19:06:24.0900 3244 WmiAcpi (48ca581c12022ac60fe82e2b96fbf5d4) C:\Windows\system32\drivers\wmiacpi.sys
19:06:24.0900 3244 WmiAcpi - ok
19:06:24.0931 3244 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
19:06:24.0931 3244 wmiApSrv - ok
19:06:25.0009 3244 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
19:06:25.0025 3244 WMPNetworkSvc - ok
19:06:25.0056 3244 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
19:06:25.0056 3244 WPCSvc - ok
19:06:25.0072 3244 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
19:06:25.0087 3244 WPDBusEnum - ok
19:06:25.0134 3244 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
19:06:25.0134 3244 WpdUsb - ok
19:06:25.0228 3244 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
19:06:25.0228 3244 WPFFontCache_v0400 - ok
19:06:25.0259 3244 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
19:06:25.0259 3244 ws2ifsl - ok
19:06:25.0290 3244 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\system32\wscsvc.dll
19:06:25.0290 3244 wscsvc - ok
19:06:25.0290 3244 WSearch - ok
19:06:25.0399 3244 wuauserv (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll
19:06:25.0431 3244 wuauserv - ok
19:06:25.0540 3244 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:06:25.0540 3244 WUDFRd - ok
19:06:25.0571 3244 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
19:06:25.0571 3244 wudfsvc - ok
19:06:25.0649 3244 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
19:06:25.0649 3244 YahooAUService - ok
19:06:25.0665 3244 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
19:06:25.0899 3244 \Device\Harddisk0\DR0 - ok
19:06:25.0914 3244 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
19:06:26.0351 3244 \Device\Harddisk1\DR1 - ok
19:06:26.0367 3244 Boot (0x1200) (ddfe4fba2ac8fae343f5d3eeab34a8d3) \Device\Harddisk0\DR0\Partition0
19:06:26.0367 3244 \Device\Harddisk0\DR0\Partition0 - ok
19:06:26.0382 3244 Boot (0x1200) (e542350c82cbdd07dad43d3bc72bfb3e) \Device\Harddisk0\DR0\Partition1
19:06:26.0382 3244 \Device\Harddisk0\DR0\Partition1 - ok
19:06:26.0382 3244 Boot (0x1200) (e56a8cda86d9e6b3b656e45b28e466f4) \Device\Harddisk1\DR1\Partition0
19:06:26.0382 3244 \Device\Harddisk1\DR1\Partition0 - ok
19:06:26.0382 3244 ============================================================
19:06:26.0382 3244 Scan finished
19:06:26.0382 3244 ============================================================
19:06:26.0398 1324 Detected object count: 0
19:06:26.0398 1324 Actual detected object count: 0
19:07:54.0808 1272 Deinitialize success

#8 Gremmy

Gremmy
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:07:11 AM

Posted 06 August 2012 - 02:36 PM

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-06 19:10:45
-----------------------------
19:10:45.957 OS Version: Windows 6.0.6002 Service Pack 2
19:10:45.957 Number of processors: 4 586 0x1707
19:10:45.958 ComputerName: THEO-PC UserName: Theo
19:10:48.607 Initialize success
19:12:56.900 AVAST engine defs: 12080600
19:13:08.088 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
19:13:08.090 Disk 0 Vendor: ST3500418AS CC44 Size: 476940MB BusType: 3
19:13:08.092 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP3T0L0-4
19:13:08.094 Disk 1 Vendor: Maxtor_6V160E0 VA111630 Size: 152627MB BusType: 3
19:13:08.118 Disk 0 MBR read successfully
19:13:08.122 Disk 0 MBR scan
19:13:08.126 Disk 0 Windows VISTA default MBR code
19:13:08.129 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 62 MB offset 63
19:13:08.139 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 15360 MB offset 129024
19:13:08.157 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 461516 MB offset 31586304
19:13:08.163 Disk 0 scanning sectors +976771072
19:13:08.236 Disk 0 scanning C:\Windows\system32\drivers
19:13:17.539 Service scanning
19:13:37.466 Modules scanning
19:13:40.575 Disk 0 trace - called modules:
19:13:40.589 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys
19:13:40.595 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x864f8940]
19:13:40.599 3 CLASSPNP.SYS[8b5ad8b3] -> nt!IofCallDriver -> [0x85b8d918]
19:13:40.604 5 acpi.sys[806946bc] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x85b87b98]
19:13:41.629 AVAST engine scan C:\Windows
19:13:44.271 AVAST engine scan C:\Windows\system32
19:16:57.090 AVAST engine scan C:\Windows\system32\drivers
19:17:10.679 AVAST engine scan C:\Users\Theo
19:29:46.838 AVAST engine scan C:\ProgramData
19:34:24.052 Scan finished successfully
19:35:51.423 Disk 0 MBR has been saved successfully to "C:\Users\Theo\Downloads\MBR.dat"
19:35:51.428 The log file has been saved successfully to "C:\Users\Theo\Downloads\aswMBR.txt"

#9 Gremmy

Gremmy
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:07:11 AM

Posted 06 August 2012 - 04:14 PM

C:\Users\Theo\AppData\Local\{84EB6C45-DB6B-11E1-8270-B8AC6F996F26}\chrome\content\browser.xul JS/Redirector.NIQ trojan cleaned by deleting - quarantined

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:11 AM

Posted 06 August 2012 - 11:31 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#11 Gremmy

Gremmy
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:07:11 AM

Posted 07 August 2012 - 01:51 PM

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.07.05

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Theo :: THEO-PC [administrator]

06/08/2012 18:02:55
mbam-log-2012-08-06 (18-02-55).txt

Scan type: Full scan (C:\|D:\|F:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 466754
Time elapsed: 1 hour(s), 47 minute(s), 35 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#12 Gremmy

Gremmy
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:07:11 AM

Posted 07 August 2012 - 01:56 PM

iniToolBox by Farbar Version: 23-07-2012
Ran by Theo (administrator) on 06-08-2012 at 19:53:26
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter = Wireless Network Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Theo-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter
Physical Address. . . . . . . . . : 00-0F-B5-CD-5F-8C
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::7897:3da6:bc49:ade0%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.2(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : 06 August 2012 17:47:17
Lease Expires . . . . . . . . . . : 07 August 2012 17:47:17
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 285216693
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-11-E0-EB-C7-00-24-E8-1C-34-54
DNS Servers . . . . . . . . . . . : 192.168.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 6:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{76FE588F-07AF-4549-857D-453CA6986609}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{01166B69-3C18-406B-8135-E7DFA986093B}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 192.168.0.1

DNS request timed out.
timeout was 2 seconds.
Name: google.com
Address: 2a00:1450:4009:809::1007



Pinging google.com [173.194.41.163] with 32 bytes of data:

Request timed out.

Reply from 173.194.41.163: bytes=32 time=19ms TTL=54



Ping statistics for 173.194.41.163:

Packets: Sent = 2, Received = 1, Lost = 1 (50% loss),

Approximate round trip times in milli-seconds:

Minimum = 19ms, Maximum = 19ms, Average = 19ms

Server: UnKnown
Address: 192.168.0.1

Name: yahoo.com
Addresses: 98.139.183.24
209.191.122.70
72.30.38.140



Pinging yahoo.com [209.191.122.70] with 32 bytes of data:

Reply from 209.191.122.70: bytes=32 time=144ms TTL=46

Reply from 209.191.122.70: bytes=32 time=145ms TTL=46



Ping statistics for 209.191.122.70:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 144ms, Maximum = 145ms, Average = 144ms

Server: UnKnown
Address: 192.168.0.1

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:

Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
12 ...00 0f b5 cd 5f 8c ...... NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter
1 ........................... Software Loopback Interface 1
14 ...00 00 00 00 00 00 00 e0 isatap.{76FE588F-07AF-4549-857D-453CA6986609}
10 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
15 ...00 00 00 00 00 00 00 e0 isatap.{01166B69-3C18-406B-8135-E7DFA986093B}
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.2 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.2 281
192.168.0.2 255.255.255.255 On-link 192.168.0.2 281
192.168.0.255 255.255.255.255 On-link 192.168.0.2 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.2 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.2 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
12 281 fe80::/64 On-link
12 281 fe80::7897:3da6:bc49:ade0/128
On-link
1 306 ff00::/8 On-link
12 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 06 C:\Windows\System32\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
Catalog9 01 mswsock.dll [File Not found] ()
Catalog9 02 mswsock.dll [File Not found] ()
Catalog9 03 mswsock.dll [File Not found] ()
Catalog9 04 mswsock.dll [File Not found] ()
Catalog9 05 mswsock.dll [File Not found] ()
Catalog9 06 mswsock.dll [File Not found] ()
Catalog9 07 mswsock.dll [File Not found] ()
Catalog9 08 mswsock.dll [File Not found] ()
Catalog9 09 mswsock.dll [File Not found] ()
Catalog9 10 mswsock.dll [File Not found] ()
Catalog9 11 mswsock.dll [File Not found] ()
Catalog9 12 mswsock.dll [File Not found] ()
Catalog9 13 mswsock.dll [File Not found] ()
Catalog9 14 mswsock.dll [File Not found] ()
Catalog9 15 mswsock.dll [File Not found] ()
Catalog9 16 mswsock.dll [File Not found] ()
Catalog9 17 mswsock.dll [File Not found] ()
Catalog9 18 mswsock.dll [File Not found] ()
Catalog9 19 mswsock.dll [File Not found] ()
Catalog9 20 mswsock.dll [File Not found] ()
Catalog9 21 mswsock.dll [File Not found] ()
Catalog9 22 mswsock.dll [File Not found] ()
Catalog9 23 mswsock.dll [File Not found] ()
Catalog9 24 mswsock.dll [File Not found] ()
Catalog9 25 mswsock.dll [File Not found] ()
Catalog9 26 mswsock.dll [File Not found] ()

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/06/2012 05:48:25 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/06/2012 03:40:45 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/06/2012 05:20:24 AM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\THEO\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\Q15H6S1J.DEFAULT\CACHE\4\C5> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (08/06/2012 05:20:24 AM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\THEO\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\Q15H6S1J.DEFAULT\CACHE\4\C5> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (08/06/2012 05:20:11 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/06/2012 05:20:03 AM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\THEO\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\Q15H6S1J.DEFAULT\CACHE\0\FA> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (08/06/2012 05:20:03 AM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\THEO\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\Q15H6S1J.DEFAULT\CACHE\0\FA> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (08/06/2012 05:20:03 AM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\THEO\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\Q15H6S1J.DEFAULT\CACHE\0\61> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (08/06/2012 05:20:03 AM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\THEO\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\Q15H6S1J.DEFAULT\CACHE\0\61> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (08/06/2012 05:20:03 AM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\THEO\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\Q15H6S1J.DEFAULT\CACHE\8\74> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)


System errors:
=============
Error: (08/06/2012 05:57:50 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.131.1423.0

Update Source: %NT AUTHORITY59

Update Stage: 4.0.1526.00

Source Path: 4.0.1526.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (08/06/2012 05:57:50 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.131.1423.0

Update Source: %NT AUTHORITY59

Update Stage: 4.0.1526.00

Source Path: 4.0.1526.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (08/06/2012 05:48:26 PM) (Source: Service Control Manager) (User: )
Description: Computer Browser%%1060

Error: (08/06/2012 02:38:26 AM) (Source: Dhcp) (User: )
Description: The IP address lease 192.168.0.3 for the Network Card with network address 000FB5CD5F8C has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).

Error: (08/06/2012 03:50:10 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.131.1423.0

Update Source: %NT AUTHORITY59

Update Stage: 4.0.1526.00

Source Path: 4.0.1526.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (08/06/2012 03:50:10 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.131.1423.0

Update Source: %NT AUTHORITY59

Update Stage: 4.0.1526.00

Source Path: 4.0.1526.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (08/06/2012 03:40:45 PM) (Source: Service Control Manager) (User: )
Description: Computer Browser%%1060

Error: (08/06/2012 09:40:24 AM) (Source: Dhcp) (User: )
Description: The IP address lease 192.168.0.3 for the Network Card with network address 000FB5CD5F8C has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).

Error: (08/06/2012 08:57:38 AM) (Source: Dhcp) (User: )
Description: The IP address lease 192.168.0.5 for the Network Card with network address 000FB5CD5F8C has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).

Error: (08/06/2012 08:45:01 AM) (Source: disk) (User: )
Description: The device, \Device\Harddisk1\DR1, has a bad block.


Microsoft Office Sessions:
=========================
Error: (08/06/2012 05:48:25 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/06/2012 03:40:45 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/06/2012 05:20:24 AM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\THEO\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\Q15H6S1J.DEFAULT\CACHE\4\C5

Error: (08/06/2012 05:20:24 AM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\THEO\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\Q15H6S1J.DEFAULT\CACHE\4\C5

Error: (08/06/2012 05:20:11 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/06/2012 05:20:03 AM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\THEO\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\Q15H6S1J.DEFAULT\CACHE\0\FA

Error: (08/06/2012 05:20:03 AM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\THEO\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\Q15H6S1J.DEFAULT\CACHE\0\FA

Error: (08/06/2012 05:20:03 AM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\THEO\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\Q15H6S1J.DEFAULT\CACHE\0\61

Error: (08/06/2012 05:20:03 AM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\THEO\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\Q15H6S1J.DEFAULT\CACHE\0\61

Error: (08/06/2012 05:20:03 AM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\THEO\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\Q15H6S1J.DEFAULT\CACHE\8\74


=========================== Installed Programs ============================

Acrobat.com (Version: 0.0.0)
Acrobat.com (Version: 1.1.377)
Adobe AIR (Version: 1.0.4990)
Adobe AIR (Version: 1.0.8.4990)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.270)
Adobe Flash Player 11 Plugin (Version: 11.3.300.270)
Adobe Reader 9.5.1 (Version: 9.5.1)
Advanced Combat Tracker (remove only)
Apple Application Support (Version: 1.5.2)
Apple Mobile Device Support (Version: 3.4.1.2)
Apple Software Update (Version: 2.1.3.127)
Belarc Advisor 8.2 (Version: 8.2.7.10)
Bonjour (Version: 2.0.5.0)
CCleaner (Version: 2.27)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell Dock (Version: 1.0.0)
Dell Edoc Viewer (Version: 1.0.0)
Dell Support Center (Support Software) (Version: 2.2.08335)
DivX Setup (Version: 1.0.2.23)
EQ2MAP Updater 1.2.10 (Version: 1.2.10)
ESET Online Scanner v3
EverQuest II
EverQuest II (us english)
EverQuest II (us)
EverQuest II Streaming
Facebook Plug-In
High-Definition Video Playback (Version: 11.1.10400.2.65)
HiJackThis (Version: 1.0.0)
iTunes (Version: 10.2.2.14)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 31 (Version: 6.0.310)
Junk Mail filter update (Version: 15.4.3502.0922)
Ladbrokes Poker (Version: 16.3.2.9976)
League of Legends (Version: 1.3)
Legends of Norrath
Magic ISO Maker v5.5 (build 0276)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft LifeChat (Version: 1.40.224.0)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Search Enhancement Pack (Version: 3.0.133.0)
Microsoft Security Client (Version: 4.0.1526.0)
Microsoft Security Essentials (Version: 4.0.1526.0)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Works (Version: 9.7.0621)
MobileMe Control Panel (Version: 3.1.6.0)
Mohawk Voice 1.1 (Version: 1.1)
Mozilla Firefox 14.0.1 (x86 en-US) (Version: 14.0.1)
Mozilla Maintenance Service (Version: 14.0.1)
MSVCRT (Version: 15.4.2862.0708)
Nero 11 (Version: 11.0.15500)
Nero 11 Cliparts (Version: 11.0.11200.12.0)
Nero 11 Disc Menus 1 (Version: 11.0.11200.12.0)
Nero 11 Disc Menus 2 (Version: 11.0.11200.12.0)
Nero 11 Disc Menus 3 (Version: 11.0.11200.12.0)
Nero 11 Disc Menus Basic (Version: 11.0.11200.12.0)
Nero 11 Effects Basic (Version: 11.0.11200.12.0)
Nero 11 Image Samples (Version: 11.0.11200.12.0)
Nero 11 Kwik Themes 1 (Version: 11.0.11200.12.0)
Nero 11 Kwik Themes 2 (Version: 11.0.11200.12.0)
Nero 11 Kwik Themes 3 (Version: 11.0.11200.12.0)
Nero 11 Kwik Themes 4 (Version: 11.0.11200.12.0)
Nero 11 Kwik Themes Basic (Version: 11.0.11200.12.0)
Nero 11 PiP Effects 1 (Version: 11.0.11200.12.0)
Nero 11 PiP Effects Basic (Version: 11.0.11300.12.0)
Nero 11 Video Samples (Version: 11.0.11200.12.0)
Nero 11 Video Transitions 1 (Version: 11.0.11200.12.0)
Nero Audio Pack 1 (Version: 11.0.11500.110.0)
Nero BackItUp 11 (Version: 6.0.16000.13.100)
Nero BackItUp 11 Help (CHM) (Version: 11.0.10200)
Nero Backup Drivers (Version: 1.0.10000.1.0)
Nero Burning ROM 11 (Version: 11.0.12200.23.100)
Nero Burning ROM 11 Help (CHM) (Version: 11.0.10300)
Nero ControlCenter 11 (Version: 11.0.12300.0.23)
Nero ControlCenter 11 Help (CHM) (Version: 11.0.10300)
Nero Core Components 11 (Version: 11.0.15000.1.12)
Nero CoverDesigner 11 (Version: 6.0.10800.11.100)
Nero CoverDesigner 11 Help (CHM) (Version: 11.0.10300)
Nero Express 11 (Version: 11.0.11700.23.100)
Nero Express 11 Help (CHM) (Version: 11.0.10300)
Nero Kwik Media (Version: 1.10.19300.93.100)
Nero Kwik Media Help (CHM) (Version: 11.0.10200)
Nero Recode 11 (Version: 5.0.13300.32.100)
Nero Recode 11 Help (CHM) (Version: 11.0.10300)
Nero RescueAgent 11 (Version: 4.0.10600.10.100)
Nero RescueAgent 11 Help (CHM) (Version: 11.0.10400)
Nero SoundTrax 11 (Version: 5.0.10400.4.100)
Nero SoundTrax 11 Help (CHM) (Version: 11.0.10400)
Nero Update (Version: 11.0.10623.22.0)
Nero Video 11 (Version: 11.0.10300)
Nero Video 11 (Version: 8.0.14000.21.100)
Nero Video 11 Help (CHM) (Version: 11.0.10300)
Nero WaveEditor 11 (Version: 6.0.10800.5.100)
Nero WaveEditor 11 Help (CHM) (Version: 11.0.10400)
nero.prerequisites.msi (Version: 11.0.20007)
NETGEAR WG111v2 wireless USB 2.0 adapter (Version: 1.0.0.133)
NVIDIA Display Control Panel (Version: 6.14.12.5721)
NVIDIA Drivers (Version: 1.10.61.39)
NVIDIA PhysX (Version: 9.10.0223)
NVIDIA Stereoscopic 3D Driver (Version: 1.0)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
Pando Media Booster (Version: 2.3.6.0)
PokerStars
ProfitUI Reborn Updater
QuickTime (Version: 7.69.80.9)
Raid Hub Client (Version: 1.0.91)
Realtek High Definition Audio Driver
Safari (Version: 5.33.21.1)
Segoe UI (Version: 15.4.2271.0615)
Skype Click to Call (Version: 6.0.10297)
Skype™ 5.10 (Version: 5.10.116)
Spotify (Version: 0.6.1)
Station Launcher (Version: 1.01.9000)
SUPERAntiSpyware Free Edition (Version: 4.31.0.1000)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
VC80CRTRedist - 8.0.50727.4053 (Version: 1.1.0)
Ventrilo Client (Version: 3.0.5)
VLC media player 1.0.3 (Version: 1.0.3)
welcome (Version: 11.0.21500.0.4)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
WinRAR archiver
Yahoo! Software Update

========================= Memory info: ===================================

Percentage of memory in use: 68%
Total physical RAM: 3325.27 MB
Available physical RAM: 1049.59 MB
Total Pagefile: 6886.54 MB
Available Pagefile: 4435.72 MB
Total Virtual: 2047.88 MB
Available Virtual: 1946.21 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:450.7 GB) (Free:145.59 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:15 GB) (Free:7.26 GB) NTFS
3 Drive e: (CDROM) (CDROM) (Total:0.08 GB) (Free:0 GB) CDFS
4 Drive f: () (Fixed) (Total:149.04 GB) (Free:53.09 GB) NTFS

========================= Users: ========================================

User accounts for \\THEO-PC

Administrator Guest Theo


**** End of log ****

#13 Gremmy

Gremmy
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:07:11 AM

Posted 07 August 2012 - 01:59 PM

# AdwCleaner v1.800 - Logfile created 08/06/2012 at 19:58:20
# Updated 01/08/2012 by Xplode
# Operating system : Windows Vista ™ Home Premium Service Pack 2 (32 bits)
# User : Theo - THEO-PC
# Running from : C:\Users\Theo\Downloads\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****

Key Found : HKCU\Software\Softonic

***** [Registre - GUID] *****

Key Found : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Found : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v14.0.1 (en-US)

Profile name : default
File : C:\Users\Theo\AppData\Roaming\Mozilla\Firefox\Profiles\q15h6s1j.default\prefs.js

Found : user_pref("extensions.facemoods.DNSErrUrl", "hxxp://start.facemoods.com/?a=adknlg&f=5");
Found : user_pref("extensions.facemoods.aflt", "adknlg");
Found : user_pref("extensions.facemoods.dfltSrch", false);
Found : user_pref("extensions.facemoods.dnsErr", false);
Found : user_pref("extensions.facemoods.firstRun", true);
Found : user_pref("extensions.facemoods.hmpg", false);
Found : user_pref("extensions.facemoods.hmpgUrl", "hxxp://start.facemoods.com/?a=adknlg");
Found : user_pref("extensions.facemoods.id", "9a27346f000000000000000fb5cd5f8c");
Found : user_pref("extensions.facemoods.instlDay", "15254");
Found : user_pref("extensions.facemoods.mntz", "");
Found : user_pref("extensions.facemoods.newTab", false);
Found : user_pref("extensions.facemoods.prtnrId", "facemoods.com");
Found : user_pref("extensions.facemoods.searchProviderAdded", false);
Found : user_pref("extensions.facemoods.sid", "0d941e8d9f1b48868255ef234128fefb");
Found : user_pref("extensions.facemoods.tlbrSrchUrl", "hxxp://start.facemoods.com/?a=adknlg&f=3");
Found : user_pref("extensions.facemoods.vrsn", "1.4.17.11");

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Theo\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [2169 octets] - [06/08/2012 19:58:20]

########## EOF - C:\AdwCleaner[R1].txt - [2297 octets] ##########

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:11 AM

Posted 07 August 2012 - 02:10 PM

FSS log?

#15 Gremmy

Gremmy
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:07:11 AM

Posted 07 August 2012 - 05:18 PM

Missed it

Farbar Service Scanner Version: 06-08-2012
Ran by Theo (administrator) on 06-08-2012 at 23:17:14
Running from "C:\Users\Theo\Downloads"
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============
BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of BITS. The value does not exist.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============
Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.
Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist.
Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to retrieve ServiceDll of SharedAccess. The value does not exist.


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll
[2008-01-21 03:24] - [2008-01-21 03:24] - 0288256 ____A (Microsoft Corporation) E1499BD0FF76B1B2FBBF1AF339D91165

C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users