Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

picked up some viruses recently


  • Please log in to reply
46 replies to this topic

#1 charlie j

charlie j

  • Members
  • 60 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Mass
  • Local time:01:39 AM

Posted 30 August 2012 - 08:37 PM

Looks as though I've picked up some viruses recently on my Desktop Computer.

Specs as follows:
Dell Optiplex GX270 Series
Capacity 250 GB Master
" 320 GB Slave
2.5 Gig Ram

Friday I ran my McAfee internet security and discovered there were 2

malicious objects, one I was able to remove the second could not be

removed.
1. Went into safe mode and installed/ran Malwarebytes found 16 viruses

and removed.
2. Used Rkill - results were good.
3. " ATF Cleaner found 1 problem = Cleaned.

Sunday I noticed PC was running a little slow and discovered I had

Vendor: Trojan.Midhos; Category: File; Item: C:\System Volume

Information\_restore(26D203F8-3567-49F6-8...

Monday I found I was unable to use mouse and keyboard in Safe Mode when

accesing Internet Explorer rendering me Unable to download any Anti

Malware, antispy, Rkill, or ATF programs in safe mode, I ran them without

that function.

Tuesday began getting results on the scans as follows:
Malwarebytes = Trojan.Midhos (removed) I hope.
Norman Malware Cleaner showed the following results:
Malicious objects: 2
Logging to C:\Documents and settings\Administrator\Desktop\Nmc_2012-8-

30_01-33-50.log
C:Documents and

Settings\Administrator\MyDocuments\Downloads\agsetup183se.exe: Archive

infected
C:\Documents ans Settings\Administrator\My

Documents\Downloadsagsetup183se.exe/noname.nsis/nsis.sld/file26: Sandbox

detected infection of type W32/InstallCore.FKAID
Delete archive object: C:\Documents and Settings\Administrator\My

Documents\Downloads\agsetup183se.exe\noname.nsis\nsis.sld\file26
Cleaning not supported (220000)
C:\WINDOWS\system32\mfc45.dll: File infected with W32/Suspicious_Gen2.dam
Delete file: C:\WINDOWS\system32\mfc45.dll
Cleaning successful
Results:
Total number of files found: 167698
Total number of archives unpacked: 6625
Total number of objects found: 954961
Total number of objects scanned: 954918
Total number of objects not scanned: 43
Total number of malicious objects found: 2
Total number of malicious objects cleaned: 1
Total number of malicious files found: 2
Total number of malicious files cleaned: 1
Total number of objects quarantined: 1
Total scanning time 17h 28m 28s

When I ran Norman the first time (full, scan every file on local drives)

in safe mode it took 5 plus hours to complete and showed somewhere around

600,000 objects scanned, and the last (most recent) scan not in safe mode

noted 17 + hours with over 900,000 objects scanned.


My most recent attempt (today) to use the web in safe mode showed Blekko

greyed out in the browser search bar.

Can someone direct me to remove these viruses?

*Moderator Edit: Moved topic from XP to the more appropriate forum. ~ Queen-Evie*

Edited by Queen-Evie, 30 August 2012 - 08:39 PM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:39 AM

Posted 30 August 2012 - 08:40 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 charlie j

charlie j
  • Topic Starter

  • Members
  • 60 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Mass
  • Local time:01:39 AM

Posted 30 August 2012 - 09:33 PM

22:19:01.0968 5296 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
22:19:03.0390 5296 ============================================================
22:19:03.0390 5296 Current date / time: 2012/08/30 22:19:03.0390
22:19:03.0390 5296 SystemInfo:
22:19:03.0390 5296
22:19:03.0390 5296 OS Version: 5.1.2600 ServicePack: 3.0
22:19:03.0390 5296 Product type: Workstation
22:19:03.0390 5296 ComputerName: CHARLIE-PC1
22:19:03.0390 5296 UserName: Administrator
22:19:03.0390 5296 Windows directory: C:\WINDOWS
22:19:03.0390 5296 System windows directory: C:\WINDOWS
22:19:03.0390 5296 Processor architecture: Intel x86
22:19:03.0390 5296 Number of processors: 1
22:19:03.0390 5296 Page size: 0x1000
22:19:03.0390 5296 Boot type: Normal boot
22:19:03.0390 5296 ============================================================
22:19:05.0765 5296 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
22:19:05.0875 5296 Drive \Device\Harddisk1\DR1 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
22:19:05.0875 5296 ============================================================
22:19:05.0875 5296 \Device\Harddisk0\DR0:
22:19:05.0875 5296 MBR partitions:
22:19:05.0875 5296 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C4542
22:19:05.0875 5296 \Device\Harddisk1\DR1:
22:19:05.0875 5296 MBR partitions:
22:19:05.0875 5296 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2542D682
22:19:05.0875 5296 ============================================================
22:19:05.0984 5296 C: <-> \Device\Harddisk0\DR0\Partition1
22:19:06.0093 5296 E: <-> \Device\Harddisk1\DR1\Partition1
22:19:06.0093 5296 ============================================================
22:19:06.0093 5296 Initialize success
22:19:06.0093 5296 ============================================================
22:22:06.0750 3696 ============================================================
22:22:06.0750 3696 Scan started
22:22:06.0750 3696 Mode: Manual; TDLFS;
22:22:06.0750 3696 ============================================================
22:22:07.0578 3696 ================ Scan system memory ========================
22:22:07.0593 3696 System memory - ok
22:22:07.0593 3696 ================ Scan services =============================
22:22:07.0750 3696 Abiosdsk - ok
22:22:07.0765 3696 abp480n5 - ok
22:22:07.0859 3696 ACDaemon - ok
22:22:07.0937 3696 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
22:22:07.0937 3696 ACPI - ok
22:22:07.0984 3696 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
22:22:07.0984 3696 ACPIEC - ok
22:22:08.0140 3696 [ 4451CC2275B04043EC2BCC757AF97291 ] AdobeActiveFileMonitor8.0 C:\Program Files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
22:22:08.0156 3696 AdobeActiveFileMonitor8.0 - ok
22:22:08.0250 3696 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
22:22:08.0265 3696 AdobeFlashPlayerUpdateSvc - ok
22:22:08.0281 3696 adpu160m - ok
22:22:08.0437 3696 [ 96D6CDD0B32846E8CFBE592F4F32E608 ] AdvancedSystemCareService5 C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
22:22:08.0453 3696 AdvancedSystemCareService5 - ok
22:22:08.0515 3696 [ 11C04B17ED2ABBB4833694BCD644AC90 ] aeaudio C:\WINDOWS\system32\drivers\aeaudio.sys
22:22:08.0515 3696 aeaudio - ok
22:22:08.0562 3696 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
22:22:08.0562 3696 aec - ok
22:22:08.0640 3696 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
22:22:08.0640 3696 AFD - ok
22:22:08.0656 3696 Aha154x - ok
22:22:08.0671 3696 aic78u2 - ok
22:22:08.0703 3696 aic78xx - ok
22:22:08.0765 3696 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
22:22:08.0765 3696 Alerter - ok
22:22:08.0812 3696 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
22:22:08.0812 3696 ALG - ok
22:22:08.0828 3696 AliIde - ok
22:22:08.0859 3696 amsint - ok
22:22:08.0984 3696 [ 85180CF88C5EBAD73B452A43A004CA51 ] AOL ACS C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
22:22:08.0984 3696 AOL ACS - ok
22:22:09.0171 3696 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:22:09.0171 3696 Apple Mobile Device - ok
22:22:09.0234 3696 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
22:22:09.0250 3696 AppMgmt - ok
22:22:09.0250 3696 asc - ok
22:22:09.0281 3696 asc3350p - ok
22:22:09.0296 3696 asc3550 - ok
22:22:09.0484 3696 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
22:22:09.0562 3696 aspnet_state - ok
22:22:09.0609 3696 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
22:22:09.0609 3696 AsyncMac - ok
22:22:09.0656 3696 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
22:22:09.0656 3696 atapi - ok
22:22:09.0687 3696 Atdisk - ok
22:22:09.0734 3696 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
22:22:09.0734 3696 Atmarpc - ok
22:22:09.0796 3696 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
22:22:09.0812 3696 AudioSrv - ok
22:22:09.0859 3696 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
22:22:09.0859 3696 audstub - ok
22:22:09.0921 3696 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
22:22:09.0921 3696 Beep - ok
22:22:10.0046 3696 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
22:22:10.0062 3696 Bonjour Service - ok
22:22:10.0125 3696 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
22:22:10.0125 3696 Browser - ok
22:22:10.0203 3696 [ 2C8DD508D8736394D931F38EB4016FB2 ] C-DillaCdaC11BA C:\WINDOWS\system32\drivers\CDAC11BA.EXE
22:22:10.0203 3696 C-DillaCdaC11BA - ok
22:22:10.0250 3696 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
22:22:10.0250 3696 cbidf2k - ok
22:22:10.0265 3696 cd20xrnt - ok
22:22:10.0312 3696 [ 69419792390122EEFD84E598D896715B ] CdaC15BA C:\WINDOWS\system32\drivers\CdaC15BA.SYS
22:22:10.0312 3696 CdaC15BA - ok
22:22:10.0375 3696 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
22:22:10.0375 3696 Cdaudio - ok
22:22:10.0437 3696 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
22:22:10.0437 3696 Cdfs - ok
22:22:10.0500 3696 [ 9714B7C918C6543D69074EC101F86AC4 ] Cdr4_xp C:\WINDOWS\system32\drivers\Cdr4_xp.sys
22:22:10.0500 3696 Cdr4_xp - ok
22:22:10.0531 3696 [ 0D856D16C08440BFB566D6CDD9948D4E ] Cdralw2k C:\WINDOWS\system32\drivers\Cdralw2k.sys
22:22:10.0546 3696 Cdralw2k - ok
22:22:10.0609 3696 [ 4B0A100EAF5C49EF3CCA8C641431EACC ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
22:22:10.0781 3696 Cdrom - ok
22:22:10.0875 3696 [ CFD81F2140193FC7F1812E6D6EAF6795 ] cdudf_xp C:\WINDOWS\system32\drivers\cdudf_xp.sys
22:22:10.0875 3696 cdudf_xp - ok
22:22:10.0953 3696 [ 1C7B1E36F3CED9E4B0B13385E627FE8B ] cfwids C:\WINDOWS\system32\drivers\cfwids.sys
22:22:10.0953 3696 cfwids - ok
22:22:10.0968 3696 Changer - ok
22:22:11.0031 3696 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
22:22:11.0046 3696 CiSvc - ok
22:22:11.0093 3696 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
22:22:11.0093 3696 ClipSrv - ok
22:22:11.0140 3696 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:22:11.0359 3696 clr_optimization_v2.0.50727_32 - ok
22:22:11.0375 3696 CmdIde - ok
22:22:11.0406 3696 COMSysApp - ok
22:22:11.0437 3696 Cpqarray - ok
22:22:11.0500 3696 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
22:22:11.0500 3696 CryptSvc - ok
22:22:11.0531 3696 dac2w2k - ok
22:22:11.0546 3696 dac960nt - ok
22:22:11.0640 3696 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
22:22:11.0656 3696 DcomLaunch - ok
22:22:11.0718 3696 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
22:22:11.0718 3696 Dhcp - ok
22:22:11.0781 3696 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
22:22:11.0781 3696 Disk - ok
22:22:11.0812 3696 dmadmin - ok
22:22:11.0937 3696 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
22:22:11.0937 3696 dmboot - ok
22:22:11.0984 3696 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
22:22:11.0984 3696 dmio - ok
22:22:12.0046 3696 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
22:22:12.0046 3696 dmload - ok
22:22:12.0093 3696 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
22:22:12.0109 3696 dmserver - ok
22:22:12.0203 3696 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
22:22:12.0203 3696 DMusic - ok
22:22:12.0281 3696 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
22:22:12.0343 3696 Dnscache - ok
22:22:12.0421 3696 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
22:22:12.0437 3696 Dot3svc - ok
22:22:12.0468 3696 [ 3E4B043F8BC6BE1D4820CC6C9C500306 ] dot4 C:\WINDOWS\system32\DRIVERS\Dot4.sys
22:22:12.0484 3696 dot4 - ok
22:22:12.0562 3696 [ 77CE63A8A34AE23D9FE4C7896D1DEBE7 ] Dot4Print C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys
22:22:12.0656 3696 Dot4Print - ok
22:22:12.0687 3696 [ BD05306428DA63369692477DDC0F6F5F ] Dot4Scan C:\WINDOWS\system32\DRIVERS\Dot4Scan.sys
22:22:12.0765 3696 Dot4Scan - ok
22:22:12.0796 3696 [ 6EC3AF6BB5B30E488A0C559921F012E1 ] dot4usb C:\WINDOWS\system32\DRIVERS\dot4usb.sys
22:22:12.0875 3696 dot4usb - ok
22:22:12.0890 3696 dpti2o - ok
22:22:12.0937 3696 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
22:22:12.0937 3696 drmkaud - ok
22:22:12.0984 3696 [ 677829F7010768EEEED8D0083E510DAB ] dvd_2K C:\WINDOWS\system32\drivers\dvd_2K.sys
22:22:13.0078 3696 dvd_2K - ok
22:22:13.0140 3696 [ A8B3EC8EE13CBE14F067C72110155A1B ] E1000 C:\WINDOWS\system32\DRIVERS\e1000325.sys
22:22:13.0234 3696 E1000 - ok
22:22:13.0312 3696 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
22:22:13.0312 3696 EapHost - ok
22:22:13.0359 3696 [ EFACD8D57A42A93E244A0DBD357E8CB8 ] EAPPkt C:\WINDOWS\system32\DRIVERS\EAPPkt.sys
22:22:13.0453 3696 EAPPkt - ok
22:22:13.0796 3696 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
22:22:13.0812 3696 ERSvc - ok
22:22:13.0890 3696 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
22:22:13.0906 3696 Eventlog - ok
22:22:13.0921 3696 EventSystem - ok
22:22:13.0984 3696 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
22:22:13.0984 3696 Fastfat - ok
22:22:14.0031 3696 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
22:22:14.0046 3696 FastUserSwitchingCompatibility - ok
22:22:14.0093 3696 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
22:22:14.0093 3696 Fdc - ok
22:22:14.0125 3696 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
22:22:14.0140 3696 Fips - ok
22:22:14.0234 3696 [ ABEDFD48AC042C6AAAD32452E77217A1 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
22:22:14.0281 3696 FLEXnet Licensing Service - ok
22:22:14.0343 3696 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
22:22:14.0343 3696 Flpydisk - ok
22:22:14.0421 3696 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
22:22:14.0421 3696 FltMgr - ok
22:22:14.0546 3696 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
22:22:14.0546 3696 FontCache3.0.0.0 - ok
22:22:14.0578 3696 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
22:22:14.0578 3696 Fs_Rec - ok
22:22:14.0625 3696 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
22:22:14.0625 3696 Ftdisk - ok
22:22:14.0687 3696 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
22:22:14.0703 3696 GEARAspiWDM - ok
22:22:14.0812 3696 [ 947DA3AD94A7593BFA439939AC5E823B ] getPlusHelper C:\Program Files\NOS\bin\getPlus_Helper.dll
22:22:14.0828 3696 getPlusHelper - ok
22:22:14.0890 3696 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
22:22:14.0890 3696 Gpc - ok
22:22:15.0031 3696 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
22:22:15.0046 3696 gupdate - ok
22:22:15.0062 3696 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
22:22:15.0062 3696 gupdatem - ok
22:22:15.0187 3696 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
22:22:15.0187 3696 helpsvc - ok
22:22:15.0218 3696 HidServ - ok
22:22:15.0265 3696 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
22:22:15.0265 3696 HidUsb - ok
22:22:15.0328 3696 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
22:22:15.0328 3696 hkmsvc - ok
22:22:15.0359 3696 hpn - ok
22:22:15.0531 3696 [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
22:22:15.0593 3696 hpqcxs08 - ok
22:22:15.0656 3696 [ F3F72A2A86C22610BCA5439FA789DD52 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
22:22:15.0656 3696 hpqddsvc - ok
22:22:15.0750 3696 [ 568E44F6DCFA173F3670172B69379891 ] HPSLPSVC C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
22:22:15.0781 3696 HPSLPSVC - ok
22:22:15.0828 3696 [ D03D10F7DED688FECF50F8FBF1EA9B8A ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
22:22:15.0828 3696 HPZid412 - ok
22:22:15.0921 3696 [ 89F41658929393487B6B7D13C8528CE3 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
22:22:15.0921 3696 HPZipr12 - ok
22:22:15.0968 3696 [ ABCB05CCDBF03000354B9553820E39F8 ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
22:22:16.0046 3696 HPZius12 - ok
22:22:16.0109 3696 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
22:22:16.0109 3696 HTTP - ok
22:22:16.0187 3696 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
22:22:16.0203 3696 HTTPFilter - ok
22:22:16.0234 3696 i2omgmt - ok
22:22:16.0250 3696 i2omp - ok
22:22:16.0312 3696 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
22:22:16.0328 3696 i8042prt - ok
22:22:16.0437 3696 [ 240D0F5D7CAAFD87BD8D801A97BBE041 ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
22:22:16.0609 3696 ialm - ok
22:22:16.0750 3696 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:22:16.0796 3696 idsvc - ok
22:22:16.0890 3696 [ 2889B2FA2487B848B59A031755E2A618 ] IHA_MessageCenter C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
22:22:16.0890 3696 IHA_MessageCenter - ok
22:22:16.0953 3696 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
22:22:16.0953 3696 Imapi - ok
22:22:17.0046 3696 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
22:22:17.0062 3696 ImapiService - ok
22:22:17.0078 3696 ini910u - ok
22:22:17.0140 3696 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
22:22:17.0140 3696 IntelIde - ok
22:22:17.0218 3696 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
22:22:17.0218 3696 intelppm - ok
22:22:17.0359 3696 [ 3DC635B66DD7412E1C9C3A77B8D78F25 ] IntuitUpdateService C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
22:22:17.0359 3696 IntuitUpdateService - ok
22:22:17.0406 3696 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
22:22:17.0406 3696 Ip6Fw - ok
22:22:17.0453 3696 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
22:22:17.0453 3696 IpFilterDriver - ok
22:22:17.0484 3696 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
22:22:17.0484 3696 IpInIp - ok
22:22:17.0562 3696 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
22:22:17.0562 3696 IpNat - ok
22:22:17.0671 3696 [ 57EDB35EA2FECA88F8B17C0C095C9A56 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
22:22:17.0671 3696 iPod Service - ok
22:22:17.0718 3696 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
22:22:17.0718 3696 IPSec - ok
22:22:17.0750 3696 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
22:22:17.0750 3696 IRENUM - ok
22:22:17.0796 3696 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
22:22:17.0796 3696 isapnp - ok
22:22:17.0937 3696 [ 9AA67569D5257462E230767510B0C815 ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
22:22:17.0937 3696 JavaQuickStarterService - ok
22:22:18.0015 3696 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
22:22:18.0015 3696 Kbdclass - ok
22:22:18.0078 3696 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
22:22:18.0078 3696 kbdhid - ok
22:22:18.0156 3696 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
22:22:18.0171 3696 kmixer - ok
22:22:18.0218 3696 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
22:22:18.0234 3696 KSecDD - ok
22:22:18.0296 3696 [ D88846F9F4F27AE9BE584A6E5B6B8753 ] L8042Kbd C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys
22:22:18.0468 3696 L8042Kbd - ok
22:22:18.0500 3696 [ BEA61FDA2103F6F51B14EB0872E8A050 ] L8042mou C:\WINDOWS\system32\DRIVERS\L8042mou.Sys
22:22:18.0593 3696 L8042mou - ok
22:22:18.0656 3696 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
22:22:18.0734 3696 lanmanserver - ok
22:22:18.0812 3696 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
22:22:18.0828 3696 lanmanworkstation - ok
22:22:18.0859 3696 lbrtfdc - ok
22:22:18.0953 3696 [ A0F7DC0080E4F97DC97DE08B699E231B ] LBTServ C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
22:22:18.0953 3696 LBTServ - ok
22:22:19.0031 3696 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
22:22:19.0031 3696 LmHosts - ok
22:22:19.0093 3696 [ CAB504E38FCED9A56D87D838E9BA13E9 ] LMouKE C:\WINDOWS\system32\DRIVERS\LMouKE.Sys
22:22:19.0093 3696 LMouKE - ok
22:22:19.0250 3696 [ 7E6932EEDA54C8EAF7DC6C2225261B85 ] McAfee SiteAdvisor Service C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
22:22:19.0359 3696 McAfee SiteAdvisor Service - ok
22:22:19.0468 3696 [ F8B823414A22DBF3BEC10DCAA5F93CD8 ] McciCMService C:\Program Files\Common Files\Motive\McciCMService.exe
22:22:19.0484 3696 McciCMService - ok
22:22:19.0500 3696 [ 7E6932EEDA54C8EAF7DC6C2225261B85 ] McMPFSvc C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
22:22:19.0500 3696 McMPFSvc - ok
22:22:19.0531 3696 [ 7E6932EEDA54C8EAF7DC6C2225261B85 ] mcmscsvc C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
22:22:19.0531 3696 mcmscsvc - ok
22:22:19.0562 3696 [ 7E6932EEDA54C8EAF7DC6C2225261B85 ] McNaiAnn C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
22:22:19.0562 3696 McNaiAnn - ok
22:22:19.0593 3696 [ 7E6932EEDA54C8EAF7DC6C2225261B85 ] McNASvc C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
22:22:19.0593 3696 McNASvc - ok
22:22:19.0750 3696 [ B3CD9ADE1C2665124CA34125B331B0B4 ] McODS C:\Program Files\McAfee\VirusScan\mcods.exe
22:22:19.0765 3696 McODS - ok
22:22:19.0796 3696 [ 7E6932EEDA54C8EAF7DC6C2225261B85 ] McProxy C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
22:22:19.0812 3696 McProxy - ok
22:22:19.0921 3696 [ 593FA4C378818ECE76BA64A11AD56CF2 ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
22:22:19.0921 3696 McShield - ok
22:22:20.0031 3696 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
22:22:20.0031 3696 Messenger - ok
22:22:20.0078 3696 [ 43C31BDF404A6D7A7AC1BFD5EAD2A566 ] mfeapfk C:\WINDOWS\system32\drivers\mfeapfk.sys
22:22:20.0078 3696 mfeapfk - ok
22:22:20.0156 3696 [ C1DC5F42D3367F33B6451BE78B38BD46 ] mfeavfk C:\WINDOWS\system32\drivers\mfeavfk.sys
22:22:20.0156 3696 mfeavfk - ok
22:22:20.0171 3696 mfeavfk01 - ok
22:22:20.0234 3696 [ 0435C43F4C2BE01B84868AD2A906397B ] mfebopk C:\WINDOWS\system32\drivers\mfebopk.sys
22:22:20.0328 3696 mfebopk - ok
22:22:20.0406 3696 [ 7E1F8B1BDC8240F08BD358B3A466C005 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
22:22:20.0406 3696 mfefire - ok
22:22:20.0500 3696 [ 4EA6FF90015424517843E931448E00F1 ] mfefirek C:\WINDOWS\system32\drivers\mfefirek.sys
22:22:20.0593 3696 mfefirek - ok
22:22:20.0671 3696 [ D1E998748BA24A731106611D535C6BBF ] mfehidk C:\WINDOWS\system32\drivers\mfehidk.sys
22:22:20.0875 3696 mfehidk - ok
22:22:20.0953 3696 [ 26C76D10ED650E6492800D6F081ECFBA ] mfendisk C:\WINDOWS\system32\DRIVERS\mfendisk.sys
22:22:21.0046 3696 mfendisk - ok
22:22:21.0062 3696 [ 26C76D10ED650E6492800D6F081ECFBA ] mfendiskmp C:\WINDOWS\system32\DRIVERS\mfendisk.sys
22:22:21.0187 3696 mfendiskmp - ok
22:22:21.0218 3696 [ F454A13377F0A006D20A8C14A753C432 ] mferkdet C:\WINDOWS\system32\drivers\mferkdet.sys
22:22:21.0234 3696 mferkdet - ok
22:22:21.0265 3696 [ 070D3FAF2EAC417C59D8674A8752F7A6 ] mfetdi2k C:\WINDOWS\system32\drivers\mfetdi2k.sys
22:22:21.0265 3696 mfetdi2k - ok
22:22:21.0312 3696 [ B10C4EFD40810C08F4B44DF2EFCB54F7 ] mfevtp C:\WINDOWS\system32\mfevtps.exe
22:22:21.0421 3696 mfevtp - ok
22:22:21.0453 3696 [ 9B90303A9C9405A6CE1466FF4AA20FDD ] mmc_2K C:\WINDOWS\system32\drivers\mmc_2K.sys
22:22:21.0453 3696 mmc_2K - ok
22:22:21.0500 3696 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
22:22:21.0500 3696 mnmdd - ok
22:22:21.0546 3696 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
22:22:21.0546 3696 mnmsrvc - ok
22:22:21.0656 3696 [ 35176FA09A0FC58DB630991A81A0BA39 ] MOBKbackup C:\Program Files\McAfee Online Backup\MOBKbackup.exe
22:22:21.0671 3696 MOBKbackup - ok
22:22:21.0687 3696 [ E896775837A8BCE436348DF460522394 ] MOBKFilter C:\WINDOWS\system32\DRIVERS\MOBK.sys
22:22:21.0875 3696 MOBKFilter - ok
22:22:21.0937 3696 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
22:22:21.0937 3696 Modem - ok
22:22:21.0984 3696 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
22:22:21.0984 3696 Mouclass - ok
22:22:22.0046 3696 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
22:22:22.0046 3696 mouhid - ok
22:22:22.0078 3696 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
22:22:22.0078 3696 MountMgr - ok
22:22:22.0093 3696 mraid35x - ok
22:22:22.0171 3696 [ 9BD4DCB5412921864A7AACDEDFBD1923 ] MREMP50 C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
22:22:22.0171 3696 MREMP50 - ok
22:22:22.0203 3696 [ 07C02C892E8E1A72D6BF35004F0E9C5E ] MRESP50 C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
22:22:22.0218 3696 MRESP50 - ok
22:22:22.0250 3696 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
22:22:22.0250 3696 MRxDAV - ok
22:22:22.0343 3696 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
22:22:22.0531 3696 MRxSmb - ok
22:22:22.0593 3696 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
22:22:22.0609 3696 MSDTC - ok
22:22:22.0656 3696 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
22:22:22.0656 3696 Msfs - ok
22:22:22.0671 3696 MSIServer - ok
22:22:22.0703 3696 [ 7E6932EEDA54C8EAF7DC6C2225261B85 ] MSK80Service C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
22:22:22.0718 3696 MSK80Service - ok
22:22:22.0750 3696 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
22:22:22.0750 3696 MSKSSRV - ok
22:22:22.0796 3696 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
22:22:22.0796 3696 MSPCLOCK - ok
22:22:22.0812 3696 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
22:22:22.0828 3696 MSPQM - ok
22:22:22.0890 3696 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
22:22:22.0890 3696 mssmbios - ok
22:22:22.0953 3696 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
22:22:23.0046 3696 Mup - ok
22:22:23.0109 3696 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
22:22:23.0140 3696 napagent - ok
22:22:23.0234 3696 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
22:22:23.0234 3696 NDIS - ok
22:22:23.0312 3696 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
22:22:23.0390 3696 NdisTapi - ok
22:22:23.0421 3696 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
22:22:23.0421 3696 Ndisuio - ok
22:22:23.0453 3696 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
22:22:23.0468 3696 NdisWan - ok
22:22:23.0531 3696 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
22:22:23.0531 3696 NDProxy - ok
22:22:23.0593 3696 [ 510C138564486FF926A3F773205C63D1 ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll
22:22:23.0671 3696 Net Driver HPZ12 - ok
22:22:23.0703 3696 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
22:22:23.0703 3696 NetBIOS - ok
22:22:23.0750 3696 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
22:22:23.0750 3696 NetBT - ok
22:22:23.0828 3696 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
22:22:23.0828 3696 NetDDE - ok
22:22:23.0843 3696 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
22:22:23.0859 3696 NetDDEdsdm - ok
22:22:23.0921 3696 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
22:22:23.0921 3696 Netlogon - ok
22:22:23.0968 3696 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
22:22:23.0984 3696 Netman - ok
22:22:24.0062 3696 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:22:24.0078 3696 NetTcpPortSharing - ok
22:22:24.0187 3696 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
22:22:24.0187 3696 Nla - ok
22:22:24.0250 3696 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
22:22:24.0250 3696 Npfs - ok
22:22:24.0359 3696 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
22:22:24.0375 3696 Ntfs - ok
22:22:24.0406 3696 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
22:22:24.0406 3696 NtLmSsp - ok
22:22:24.0500 3696 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
22:22:24.0515 3696 NtmsSvc - ok
22:22:24.0562 3696 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
22:22:24.0562 3696 Null - ok
22:22:24.0609 3696 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
22:22:24.0609 3696 NwlnkFlt - ok
22:22:24.0656 3696 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
22:22:24.0656 3696 NwlnkFwd - ok
22:22:24.0718 3696 [ 1D98907D80461371437A7C898C58C8AE ] omci C:\WINDOWS\system32\DRIVERS\omci.sys
22:22:24.0812 3696 omci - ok
22:22:24.0890 3696 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
22:22:24.0890 3696 Parport - ok
22:22:24.0937 3696 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
22:22:24.0937 3696 PartMgr - ok
22:22:25.0000 3696 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
22:22:25.0000 3696 ParVdm - ok
22:22:25.0046 3696 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
22:22:25.0046 3696 PCI - ok
22:22:25.0062 3696 PCIDump - ok
22:22:25.0125 3696 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
22:22:25.0140 3696 PCIIde - ok
22:22:25.0187 3696 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
22:22:25.0203 3696 Pcmcia - ok
22:22:25.0250 3696 PDCOMP - ok
22:22:25.0250 3696 PDFRAME - ok
22:22:25.0265 3696 PDRELI - ok
22:22:25.0296 3696 PDRFRAME - ok
22:22:25.0312 3696 perc2 - ok
22:22:25.0343 3696 perc2hib - ok
22:22:25.0453 3696 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
22:22:25.0468 3696 PlugPlay - ok
22:22:25.0500 3696 [ 37E5E8FFBAD35605DAEEC3224EA0E465 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll
22:22:25.0578 3696 Pml Driver HPZ12 - ok
22:22:25.0625 3696 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
22:22:25.0625 3696 PolicyAgent - ok
22:22:25.0703 3696 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
22:22:25.0703 3696 PptpMiniport - ok
22:22:25.0734 3696 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
22:22:25.0734 3696 ProtectedStorage - ok
22:22:25.0750 3696 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
22:22:25.0765 3696 PSched - ok
22:22:25.0796 3696 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
22:22:25.0812 3696 Ptilink - ok
22:22:25.0875 3696 [ C50DE6D0C04B230F185A13FDE0F047FA ] pwdrvio C:\WINDOWS\system32\pwdrvio.sys
22:22:26.0218 3696 pwdrvio - ok
22:22:26.0296 3696 [ CDC5704308222400AD606BCF87B006A5 ] pwdspio C:\WINDOWS\system32\pwdspio.sys
22:22:26.0296 3696 pwdspio - ok
22:22:26.0343 3696 [ D8B90616A8BD53DE281DBDB664C0984A ] pwd_2k C:\WINDOWS\system32\drivers\pwd_2k.sys
22:22:26.0343 3696 pwd_2k - ok
22:22:26.0406 3696 [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
22:22:26.0500 3696 PxHelp20 - ok
22:22:26.0515 3696 ql1080 - ok
22:22:26.0531 3696 Ql10wnt - ok
22:22:26.0562 3696 ql12160 - ok
22:22:26.0593 3696 ql1240 - ok
22:22:26.0609 3696 ql1280 - ok
22:22:26.0656 3696 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
22:22:26.0656 3696 RasAcd - ok
22:22:26.0734 3696 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
22:22:26.0750 3696 RasAuto - ok
22:22:26.0781 3696 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
22:22:26.0781 3696 Rasl2tp - ok
22:22:26.0859 3696 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
22:22:26.0875 3696 RasMan - ok
22:22:26.0906 3696 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
22:22:26.0921 3696 RasPppoe - ok
22:22:26.0968 3696 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
22:22:26.0968 3696 Raspti - ok
22:22:27.0015 3696 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
22:22:27.0015 3696 Rdbss - ok
22:22:27.0046 3696 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
22:22:27.0062 3696 RDPCDD - ok
22:22:27.0109 3696 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
22:22:27.0109 3696 rdpdr - ok
22:22:27.0203 3696 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
22:22:27.0218 3696 RDPWD - ok
22:22:27.0296 3696 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
22:22:27.0296 3696 RDSessMgr - ok
22:22:27.0359 3696 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
22:22:27.0375 3696 redbook - ok
22:22:27.0437 3696 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
22:22:27.0453 3696 RemoteAccess - ok
22:22:27.0515 3696 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
22:22:27.0531 3696 RemoteRegistry - ok
22:22:27.0609 3696 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
22:22:27.0609 3696 RpcLocator - ok
22:22:27.0703 3696 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll
22:22:27.0718 3696 RpcSs - ok
22:22:27.0765 3696 [ A3B23FB3F295694091F51865F98588B2 ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys
22:22:27.0781 3696 rspndr - ok
22:22:27.0828 3696 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
22:22:27.0828 3696 RSVP - ok
22:22:27.0875 3696 [ 691DB86B09E13CA5D3E8881141738CC5 ] RTLWUSB C:\WINDOWS\system32\DRIVERS\wg111v2.sys
22:22:27.0984 3696 RTLWUSB - ok
22:22:28.0031 3696 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
22:22:28.0031 3696 SamSs - ok
22:22:28.0093 3696 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
22:22:28.0109 3696 SCardSvr - ok
22:22:28.0218 3696 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
22:22:28.0218 3696 Schedule - ok
22:22:28.0296 3696 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
22:22:28.0296 3696 Secdrv - ok
22:22:28.0328 3696 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
22:22:28.0343 3696 seclogon - ok
22:22:28.0390 3696 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
22:22:28.0406 3696 SENS - ok
22:22:28.0453 3696 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
22:22:28.0453 3696 serenum - ok
22:22:28.0500 3696 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
22:22:28.0500 3696 Serial - ok
22:22:28.0562 3696 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
22:22:28.0578 3696 Sfloppy - ok
22:22:28.0656 3696 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
22:22:28.0656 3696 ShellHWDetection - ok
22:22:28.0687 3696 Simbad - ok
22:22:28.0765 3696 [ 14BB60A4F1C5291217A05D5728C403E6 ] SmartDefragDriver C:\WINDOWS\system32\Drivers\SmartDefragDriver.sys
22:22:28.0765 3696 SmartDefragDriver - ok
22:22:28.0843 3696 [ 31FD0707C7DBE715234F2823B27214FE ] smwdm C:\WINDOWS\system32\drivers\smwdm.sys
22:22:29.0031 3696 smwdm - ok
22:22:29.0078 3696 Sparrow - ok
22:22:29.0140 3696 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
22:22:29.0140 3696 splitter - ok
22:22:29.0203 3696 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
22:22:29.0218 3696 Spooler - ok
22:22:29.0250 3696 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
22:22:29.0250 3696 sr - ok
22:22:29.0328 3696 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
22:22:29.0343 3696 srservice - ok
22:22:29.0421 3696 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
22:22:29.0421 3696 Srv - ok
22:22:29.0484 3696 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
22:22:29.0500 3696 SSDPSRV - ok
22:22:29.0578 3696 [ A9573045BAA16EAB9B1085205B82F1ED ] StillCam C:\WINDOWS\system32\DRIVERS\serscan.sys
22:22:29.0656 3696 StillCam - ok
22:22:29.0734 3696 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
22:22:29.0750 3696 stisvc - ok
22:22:29.0781 3696 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
22:22:29.0781 3696 swenum - ok
22:22:29.0828 3696 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
22:22:29.0828 3696 swmidi - ok
22:22:29.0843 3696 SwPrv - ok
22:22:29.0875 3696 symc810 - ok
22:22:29.0890 3696 symc8xx - ok
22:22:29.0906 3696 sym_hi - ok
22:22:29.0937 3696 sym_u3 - ok
22:22:29.0953 3696 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
22:22:29.0968 3696 sysaudio - ok
22:22:30.0015 3696 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
22:22:30.0015 3696 SysmonLog - ok
22:22:30.0062 3696 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
22:22:30.0062 3696 TapiSrv - ok
22:22:30.0140 3696 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
22:22:30.0156 3696 Tcpip - ok
22:22:30.0203 3696 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
22:22:30.0218 3696 TDPIPE - ok
22:22:30.0250 3696 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
22:22:30.0265 3696 TDTCP - ok
22:22:30.0296 3696 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
22:22:30.0296 3696 TermDD - ok
22:22:30.0375 3696 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
22:22:30.0390 3696 TermService - ok
22:22:30.0437 3696 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
22:22:30.0437 3696 Themes - ok
22:22:30.0515 3696 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
22:22:30.0531 3696 TlntSvr - ok
22:22:30.0640 3696 [ 3199A477F0F06EEDE41BD55179F8EB05 ] TomTomHOMEService C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
22:22:30.0640 3696 TomTomHOMEService - ok
22:22:30.0656 3696 TosIde - ok
22:22:30.0734 3696 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
22:22:30.0750 3696 TrkWks - ok
22:22:30.0812 3696 [ 4E75005B74BE901C30F2636DF40B0C15 ] UdfReadr_xp C:\WINDOWS\system32\drivers\UdfReadr_xp.sys
22:22:30.0921 3696 UdfReadr_xp - ok
22:22:31.0000 3696 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
22:22:31.0000 3696 Udfs - ok
22:22:31.0015 3696 ultra - ok
22:22:31.0109 3696 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
22:22:31.0125 3696 Update - ok
22:22:31.0187 3696 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
22:22:31.0203 3696 upnphost - ok
22:22:31.0234 3696 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
22:22:31.0250 3696 UPS - ok
22:22:31.0296 3696 [ EAFE1E00739AFE6C51487A050E772E17 ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
22:22:31.0468 3696 USBAAPL - ok
22:22:31.0531 3696 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
22:22:31.0531 3696 usbccgp - ok
22:22:31.0578 3696 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
22:22:31.0578 3696 usbehci - ok
22:22:31.0625 3696 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
22:22:31.0625 3696 usbhub - ok
22:22:31.0656 3696 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
22:22:31.0656 3696 usbprint - ok
22:22:31.0703 3696 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
22:22:31.0703 3696 usbscan - ok
22:22:31.0765 3696 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
22:22:31.0765 3696 USBSTOR - ok
22:22:31.0812 3696 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
22:22:31.0812 3696 usbuhci - ok
22:22:31.0843 3696 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
22:22:31.0859 3696 VgaSave - ok
22:22:31.0875 3696 ViaIde - ok
22:22:31.0921 3696 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
22:22:31.0921 3696 VolSnap - ok
22:22:32.0000 3696 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
22:22:32.0031 3696 VSS - ok
22:22:32.0078 3696 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
22:22:32.0093 3696 W32Time - ok
22:22:32.0140 3696 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
22:22:32.0140 3696 Wanarp - ok
22:22:32.0203 3696 [ 0A716C08CB13C3A8F4F51E882DBF7416 ] wanatw C:\WINDOWS\system32\DRIVERS\wanatw4.sys
22:22:32.0203 3696 wanatw - ok
22:22:32.0234 3696 [ 4C0B8EF721783F52F8E531FBDC4B1F74 ] wceusbsh C:\WINDOWS\system32\DRIVERS\wceusbsh.sys
22:22:32.0250 3696 wceusbsh - ok
22:22:32.0265 3696 WDICA - ok
22:22:32.0312 3696 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
22:22:32.0328 3696 wdmaud - ok
22:22:32.0390 3696 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
22:22:32.0406 3696 WebClient - ok
22:22:32.0515 3696 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
22:22:32.0531 3696 winmgmt - ok
22:22:32.0656 3696 [ 18F347402DA544A780949B8FDF83351B ] WinRM C:\WINDOWS\system32\WsmSvc.dll
22:22:32.0718 3696 WinRM - ok
22:22:32.0796 3696 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
22:22:32.0812 3696 WmdmPmSN - ok
22:22:32.0875 3696 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll
22:22:32.0890 3696 Wmi - ok
22:22:32.0968 3696 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
22:22:32.0984 3696 WmiApSrv - ok
22:22:33.0109 3696 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
22:22:33.0156 3696 WMPNetworkSvc - ok
22:22:33.0218 3696 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
22:22:33.0234 3696 WudfPf - ok
22:22:33.0265 3696 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
22:22:33.0281 3696 WudfRd - ok
22:22:33.0328 3696 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
22:22:33.0343 3696 WudfSvc - ok
22:22:33.0437 3696 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
22:22:33.0453 3696 WZCSVC - ok
22:22:33.0531 3696 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
22:22:33.0531 3696 xmlprov - ok
22:22:33.0562 3696 ================ Scan global ===============================
22:22:33.0640 3696 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
22:22:33.0703 3696 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
22:22:33.0812 3696 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
22:22:33.0937 3696 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
22:22:33.0953 3696 [Global] - ok
22:22:33.0953 3696 ================ Scan MBR ==================================
22:22:33.0968 3696 [ 671B81004FDD1588FA9ED1331C9CECA9 ] \Device\Harddisk0\DR0
22:22:34.0250 3696 \Device\Harddisk0\DR0 - ok
22:22:34.0281 3696 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
22:22:34.0468 3696 \Device\Harddisk1\DR1 - ok
22:22:34.0468 3696 ================ Scan VBR ==================================
22:22:34.0484 3696 [ 6A0E9911E320F18474F2FBDDDB1BA264 ] \Device\Harddisk0\DR0\Partition1
22:22:34.0484 3696 \Device\Harddisk0\DR0\Partition1 - ok
22:22:34.0515 3696 [ 71218F8E550D8240BCB167A43C6AF91A ] \Device\Harddisk1\DR1\Partition1
22:22:34.0515 3696 \Device\Harddisk1\DR1\Partition1 - ok
22:22:34.0531 3696 ============================================================
22:22:34.0531 3696 Scan finished
22:22:34.0531 3696 ============================================================
22:22:34.0562 0576 Detected object count: 0
22:22:34.0562 0576 Actual detected object count: 0

Thank you Narenxp
aswMBR and ESET online scanner to follow.

#4 charlie j

charlie j
  • Topic Starter

  • Members
  • 60 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Mass
  • Local time:01:39 AM

Posted 31 August 2012 - 04:51 AM

aswMBR scan results:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-31 01:05:12
-----------------------------
01:05:12.203 OS Version: Windows 5.1.2600 Service Pack 3
01:05:12.203 Number of processors: 1 586 0x209
01:05:12.218 ComputerName: CHARLIE-PC1 UserName:
01:05:14.984 Initialize success
01:05:46.765 AVAST engine defs: 12083001
01:08:05.140 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4
01:08:05.140 Disk 0 Vendor: WDC_WD2500BB-55GUC0 08.02D08 Size: 238475MB BusType: 3
01:08:05.265 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T1L0-c
01:08:05.265 Disk 1 Vendor: WDC_WD3200JB-00KFA0 08.05J08 Size: 305245MB BusType: 3
01:08:05.562 Disk 0 MBR read successfully
01:08:05.562 Disk 0 MBR scan
01:08:05.890 Disk 0 unknown MBR code
01:08:06.125 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 238472 MB offset 63
01:08:06.296 Disk 0 scanning sectors +488392065
01:08:06.828 Disk 0 scanning C:\WINDOWS\system32\drivers
01:09:43.234 Service scanning
01:10:51.359 Modules scanning
01:12:13.546 Disk 0 trace - called modules:
01:12:13.593 ntoskrnl.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll pciide.sys PCIIDEX.SYS
01:12:13.593 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8b610ab8]
01:12:13.609 3 CLASSPNP.SYS[f7637fd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-4[0x8b60ed98]
01:12:16.328 AVAST engine scan C:\WINDOWS
01:13:54.828 AVAST engine scan C:\WINDOWS\system32
01:55:46.421 AVAST engine scan C:\WINDOWS\system32\drivers
01:58:39.156 AVAST engine scan C:\Documents and Settings\Administrator
03:14:36.734 File: C:\Documents and Settings\Administrator\Application Data\proap.dll **INFECTED** Win32:Medfos [Trj]
04:05:49.703 AVAST engine scan C:\Documents and Settings\All Users
05:29:03.640 Scan finished successfully
05:42:07.562 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Administrator\Desktop\MBR.dat"
05:42:07.625 The log file has been saved successfully to "C:\Documents and Settings\Administrator\Desktop\aswMBR.txt"

#5 charlie j

charlie j
  • Topic Starter

  • Members
  • 60 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Mass
  • Local time:01:39 AM

Posted 31 August 2012 - 11:32 AM

C:\Documents and Settings\Administrator\Application Data\proap.dll a variant of Win32/Kryptik.AKTH trojan
E:\CDRIVE\Nero\Nero-7.5.9.0A_eng.exe Win32/Toolbar.AskSBar application
Operating memory a variant of Win32/Kryptik.AKTH trojan


That should take care of the three scans Narenxp

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:39 AM

Posted 31 August 2012 - 12:47 PM

C:\Documents and Settings\Administrator\Application Data\proap.dll a variant of Win32/Kryptik.AKTH trojan


Did you remove this?

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log


download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here

#7 charlie j

charlie j
  • Topic Starter

  • Members
  • 60 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Mass
  • Local time:01:39 AM

Posted 31 August 2012 - 01:01 PM

Did I remove what Narenxp?
The virus, or the additional scans?
Following is what I received from you yesterday:

Posted Yesterday, 09:40 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:39 AM

Posted 31 August 2012 - 01:03 PM

C:\Documents and Settings\Administrator\Application Data\proap.dll a variant of Win32/Kryptik.AKTH trojan
E:\CDRIVE\Nero\Nero-7.5.9.0A_eng.exe Win32/Toolbar.AskSBar application
Operating memory a variant of Win32/Kryptik.AKTH trojan


Did you remove the infections detected by ESET

#9 charlie j

charlie j
  • Topic Starter

  • Members
  • 60 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Mass
  • Local time:01:39 AM

Posted 31 August 2012 - 01:37 PM

No I still have the ESET program/scan open and can remove, also I have not removed the infecton from aswMBR.

Please advise
Charlie

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:39 AM

Posted 31 August 2012 - 01:58 PM

No I still have the ESET program/scan open and can remove


Remove infections detected by ESET,ignore ASWMBR

#11 charlie j

charlie j
  • Topic Starter

  • Members
  • 60 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Mass
  • Local time:01:39 AM

Posted 31 August 2012 - 02:14 PM

I don't see an option to remove infections

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:39 AM

Posted 31 August 2012 - 02:21 PM

Go ahead with other scans,lets remove them later

#13 charlie j

charlie j
  • Topic Starter

  • Members
  • 60 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Mass
  • Local time:01:39 AM

Posted 31 August 2012 - 09:20 PM

Your instructions to Install, update and run a full scan pasted below mention to remove infections, reboot, and scan MBAM once in regular mode have me a little confused. yesterday I wrote -

"Monday I found I was unable to use mouse and keyboard in Safe Mode when

accesing Internet Explorer rendering me Unable to download any Anti

Malware, antispy, Rkill, or ATF programs in safe mode, I ran them without

that function."
Did you want me to initially run these programs in safe mode? Because thats not an option.


http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Anyway today I ran Malwarebytes in regular mode,results as follows:

(The scan completed successfully. No malicious items were detected)

I'll just continue with MINI TOOLBAR; FSS; ADWARE CLEANER; RKILL. In regular mode

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:39 AM

Posted 31 August 2012 - 09:24 PM

Run the scans in normal mode

#15 charlie j

charlie j
  • Topic Starter

  • Members
  • 60 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Mass
  • Local time:01:39 AM

Posted 31 August 2012 - 09:39 PM

Mini toolbox :
MiniToolBox by Farbar Version: 23-07-2012
Ran by Administrator (administrator) on 31-08-2012 at 22:26:29
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================





















127.0.0.1 localhost

========================= IP Configuration: ================================


WARNING: Could not obtain host information from machine: [CHARLIE-PC1]. Some commands may not be available.
The specified module could not be found.



# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : Charlie-PC1

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Broadcast

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : home



Ethernet adapter Local Area Connection:



Connection-specific DNS Suffix . : home

Description . . . . . . . . . . . : Intel® PRO/1000 MT Network Connection

Physical Address. . . . . . . . . : 00-0D-56-17-37-CE

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.1.6

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.1.1

DHCP Server . . . . . . . . . . . : 192.168.1.1

DNS Servers . . . . . . . . . . . : 192.168.1.1

Lease Obtained. . . . . . . . . . : Friday, August 31, 2012 9:19:36 PM

Lease Expires . . . . . . . . . . : Saturday, September 01, 2012 9:19:36 PM

Server: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: google.com
Addresses: 173.194.43.9, 173.194.43.0, 173.194.43.3, 173.194.43.4
173.194.43.14, 173.194.43.7, 173.194.43.8, 173.194.43.6, 173.194.43.1
173.194.43.5, 173.194.43.2



Pinging google.com [74.125.226.196] with 32 bytes of data:



Reply from 74.125.226.196: bytes=32 time=15ms TTL=251

Reply from 74.125.226.196: bytes=32 time=17ms TTL=252



Ping statistics for 74.125.226.196:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 15ms, Maximum = 17ms, Average = 16ms

Server: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: yahoo.com
Addresses: 72.30.38.140, 98.138.253.109, 98.139.183.24



Pinging yahoo.com [98.138.253.109] with 32 bytes of data:



Reply from 98.138.253.109: bytes=32 time=113ms TTL=49

Reply from 98.138.253.109: bytes=32 time=84ms TTL=50



Ping statistics for 98.138.253.109:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 84ms, Maximum = 113ms, Average = 98ms

Server: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:



Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=64

Reply from 127.0.0.1: bytes=32 time<1ms TTL=64



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 0d 56 17 37 ce ...... Intel® PRO/1000 MT Network Connection - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.6 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
169.254.0.0 255.255.0.0 192.168.1.6 192.168.1.6 20
192.168.1.0 255.255.255.0 192.168.1.6 192.168.1.6 20
192.168.1.6 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.1.255 255.255.255.255 192.168.1.6 192.168.1.6 20
224.0.0.0 240.0.0.0 192.168.1.6 192.168.1.6 20
255.255.255.255 255.255.255.255 192.168.1.6 192.168.1.6 1
Default Gateway: 192.168.1.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 mswsock.dll [File Not found] ()
Catalog9 02 mswsock.dll [File Not found] ()
Catalog9 03 mswsock.dll [File Not found] ()
Catalog9 04 mswsock.dll [File Not found] ()
Catalog9 05 mswsock.dll [File Not found] ()
Catalog9 06 mswsock.dll [File Not found] ()
Catalog9 07 mswsock.dll [File Not found] ()
Catalog9 08 mswsock.dll [File Not found] ()
Catalog9 09 mswsock.dll [File Not found] ()
Catalog9 10 mswsock.dll [File Not found] ()
Catalog9 11 mswsock.dll [File Not found] ()
Catalog9 12 mswsock.dll [File Not found] ()
Catalog9 13 mswsock.dll [File Not found] ()

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/30/2012 09:21:21 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x80040154.

Error: (08/30/2012 09:21:13 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Shadow Copy writer Microsoft Writer (Bootable State) called routine CVssWriterShim::Subscribe which failed with status 0x8000ffff (converted to 0x800423f4).

Error: (08/30/2012 09:21:13 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x80040154.

Error: (08/30/2012 09:21:13 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x80040154.

Error: (08/30/2012 09:21:00 PM) (Source: WinMgmt) (User: )
Description: WinMgmt could not initialize the core parts. This could be due to a badly installed version of WinMgmt, WinMgmt repository upgrade failure, insufficient disk space or insufficient memory.

Error: (08/30/2012 09:20:07 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x80040154.

Error: (08/30/2012 09:14:06 PM) (Source: WinMgmt) (User: )
Description: WinMgmt could not initialize the core parts. This could be due to a badly installed version of WinMgmt, WinMgmt repository upgrade failure, insufficient disk space or insufficient memory.

Error: (08/29/2012 11:55:04 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x80040154.

Error: (08/29/2012 11:54:48 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Shadow Copy writer Microsoft Writer (Bootable State) called routine CVssWriterShim::Subscribe which failed with status 0x8000ffff (converted to 0x800423f4).

Error: (08/29/2012 11:54:48 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x80040154.


System errors:
=============
Error: (08/31/2012 01:33:25 AM) (Source: 0) (User: )
Description: \Device\Ide\IdePort0

Error: (08/30/2012 09:21:54 PM) (Source: DCOM) (User: CHARLIE-PC1)
Description: The server {0002DF01-0000-0000-C000-000000000046} did not register with DCOM within the required timeout.

Error: (08/30/2012 09:16:06 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service McNaiAnn with arguments ""
in order to run the server:
{DC7EF8E1-824F-4110-AB43-1604DA9B4F40}

Error: (08/30/2012 09:16:06 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service McNaiAnn with arguments ""
in order to run the server:
{DC7EF8E1-824F-4110-AB43-1604DA9B4F40}

Error: (08/30/2012 09:16:06 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service McNaiAnn with arguments ""
in order to run the server:
{DC7EF8E1-824F-4110-AB43-1604DA9B4F40}

Error: (08/30/2012 09:16:06 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service McNaiAnn with arguments ""
in order to run the server:
{DC7EF8E1-824F-4110-AB43-1604DA9B4F40}

Error: (08/30/2012 09:16:06 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service McNaiAnn with arguments ""
in order to run the server:
{DC7EF8E1-824F-4110-AB43-1604DA9B4F40}

Error: (08/30/2012 09:16:06 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service McNaiAnn with arguments ""
in order to run the server:
{DC7EF8E1-824F-4110-AB43-1604DA9B4F40}

Error: (08/30/2012 09:16:06 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service McNaiAnn with arguments ""
in order to run the server:
{DC7EF8E1-824F-4110-AB43-1604DA9B4F40}

Error: (08/30/2012 09:16:06 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service McNaiAnn with arguments ""
in order to run the server:
{DC7EF8E1-824F-4110-AB43-1604DA9B4F40}


Microsoft Office Sessions:
=========================
Error: (08/30/2012 09:21:21 PM) (Source: VSS)(User: )
Description: CoCreateInstance0x80040154

Error: (08/30/2012 09:21:13 PM) (Source: VSS)(User: )
Description: 0x8000ffff0x800423f4Microsoft Writer (Bootable State)CVssWriterShim::Subscribe

Error: (08/30/2012 09:21:13 PM) (Source: VSS)(User: )
Description: CoCreateInstance0x80040154

Error: (08/30/2012 09:21:13 PM) (Source: VSS)(User: )
Description: CoCreateInstance0x80040154

Error: (08/30/2012 09:21:00 PM) (Source: WinMgmt)(User: )
Description:

Error: (08/30/2012 09:20:07 PM) (Source: VSS)(User: )
Description: CoCreateInstance0x80040154

Error: (08/30/2012 09:14:06 PM) (Source: WinMgmt)(User: )
Description:

Error: (08/29/2012 11:55:04 PM) (Source: VSS)(User: )
Description: CoCreateInstance0x80040154

Error: (08/29/2012 11:54:48 PM) (Source: VSS)(User: )
Description: 0x8000ffff0x800423f4Microsoft Writer (Bootable State)CVssWriterShim::Subscribe

Error: (08/29/2012 11:54:48 PM) (Source: VSS)(User: )
Description: CoCreateInstance0x80040154


=========================== Installed Programs ============================

2003 National Painting Cost Estimator (Version: 1.00.0000)
2003 National Repair and Remodeling Estimator (Version: 1.00.0000)
32 Bit HP CIO Components Installer (Version: 6.1.1)
3ivx MPEG-4 5.0.3 (remove only) (Version: 5.0.3)
4500_G510gm_Help (Version: 000.0.439.000)
4500G510gm (Version: 000.0.423.000)
4500G510gm_Software_Min (Version: 000.0.423.000)
6400_Help (Version: 1.00.0000)
Adobe AIR (Version: 3.3.0.3670)
Adobe Community Help (Version: 3.5.23)
Adobe Download Assistant (Version: 1.0.6)
Adobe Flash Player 10 Plugin (Version: 10.0.12.36)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.271)
Adobe Photoshop Elements 8.0 (Version: 8.0)
Adobe Photoshop.com Inspiration Browser (Version: 3.02)
Adobe Reader 9.3.3 (Version: 9.3.3)
Adobe Reader 9.5.2 (Version: 9.5.2)
Advanced SystemCare 5 (Version: 5.3.0)
Anti-phishing Domain Advisor (Version: 1.0.0.0)
AOL Uninstaller (Choose which Products to Remove)
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (Version: 2.1.3.127)
Audible Download Manager (Version: 6.6.0.15)
blekko search bar (Version: 1.5.18.12)
Bonjour (Version: 3.0.0.10)
bpd_scan (Version: 3.00.0000)
BPDSoftware (Version: 50.0.165.000)
BPDSoftware_Ini (Version: 1.00.0000)
BufferChm (Version: 130.0.331.000)
CCleaner (Version: 3.17)
CCScore (Version: 8.02.0000.0001)
CDDRV_Installer (Version: 1.00.0000)
Critical Update for Windows Media Player 11 (KB959772)
CustomerResearchQFolder (Version: 1.00.0000)
Dell Driver Download Manager (Version: 1.0.0.0)
Destinations (Version: 130.0.0.0)
DeviceDiscovery (Version: 130.0.372.000)
DeviceManagementQFolder (Version: 1.00.0000)
DocMgr (Version: 130.0.000.000)
DocProc (Version: 13.0.0.0)
DocProcQFolder (Version: 1.00.0000)
Driver Detective (Version: 6.0.0.0)
Easy CD Creator 5 Basic (Version: 5.3.4.21)
eBay Toolbar Featuring Yahoo! (Version: 2.50.12.4)
ESET Online Scanner v3
ESSBrwr (Version: 8.02.0000.0001)
ESSCDBK (Version: 8.02.0000.0001)
ESScore (Version: 8.02.0000.0001)
ESSgui (Version: 8.02.0000.0001)
ESSini (Version: 8.02.0000.0001)
ESSPCD (Version: 8.02.0000.0001)
ESSPDock (Version: 6.03.0001.0004)
ESSTOOLS (Version: 5.00.0000.0004)
essvatgt (Version: 8.00.0000.0001)
eSupportQFolder (Version: 1.00.0000)
Fax (Version: 130.0.418.000)
getPlus® for Adobe (Version: 1.5.2.35)
Glary Utilities 2.48.0.1568 (Version: 2.48.0.1568)
Google Update Helper (Version: 1.3.21.115)
GPBaseService (Version: 100.0.187.000)
GPBaseService2 (Version: 130.0.371.000)
HP Smart Web Printing 4.60 (Version: 4.60)
HP Update (Version: 4.000.012.001)
HP_Network_UserGuide (Version: 1.00.0000)
HPProductAssistant (Version: 130.0.371.000)
HPSSupply (Version: 130.0.371.000)
IHA_MessageCenter (Version: 1.6.0)
Intel® PRO Network Adapters and Drivers
InterVideo WinDVD
iTunes (Version: 10.6.1.7)
J6400 (Version: 50.0.165.000)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 30 (Version: 6.0.300)
KhalInstallWrapper (Version: 4.00.121)
Kodak EasyShare software
Logitech SetPoint (Version: 4.00)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
MarketResearch (Version: 130.0.374.000)
McAfee Internet Security (Version: 11.0.678)
McAfee Online Backup
McAfee Online Backup (Version: 1.16.4.0)
McAfee Virtual Technician (Version: 6.5.0.2101)
Memorex exPressit Label Design Studio
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB953297)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office XP Media Content (Version: 10.0.2619.0)
Microsoft Office XP Professional (Version: 10.0.6626.0)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft VC9 runtime libraries (Version: 1.0.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
MiniTool Partition Wizard Home Edition 5.2
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 6 Service Pack 2 (KB954459) (Version: 6.20.1099.0)
netbrdg (Version: 7.01.0000.0001)
Network (Version: 130.0.374.000)
OfotoXMI (Version: 8.02.1000.0001)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
ProductContext (Version: 50.0.165.000)
Publish It Lifestyle Edition
QuickTime (Version: 7.71.80.42)
SafeCast Shared Components
Scan (Version: 13.0.0.0)
Security Advisor (Version: 2.5.1)
SFR (Version: 8.01.0000.0001)
SHASTA (Version: 7.01.0000.0001)
skin0001 (Version: 8.02.0000.0001)
SKINXSDK (Version: 8.02.0000.0001)
Smart Defrag 2 (Version: 2.5)
SmartWebPrinting (Version: 140.0.186.000)
SolutionCenter (Version: 130.0.373.000)
SoundMAX
staticcr (Version: 8.02.0000.0001)
Status (Version: 130.0.373.000)
TomTom HOME 2.8.3.2499 (Version: 2.8.3.2499)
TomTom HOME Visual Studio Merge Modules (Version: 1.0.2)
Toolbox (Version: 130.0.648.000)
TrayApp (Version: 130.0.376.000)
TurboTax 2008
TurboTax 2008 WinPerFedFormset (Version: 008.000.0341)
TurboTax 2008 WinPerProgramHelp (Version: 008.000.0219)
TurboTax 2008 WinPerReleaseEngine (Version: 008.000.0197)
TurboTax 2008 WinPerTaxSupport (Version: 008.000.1007)
TurboTax 2008 WinPerUserEducation (Version: 008.000.0433)
TurboTax 2008 wmaiper (Version: 008.000.0131)
TurboTax 2008 wrapper (Version: 008.000.0065)
TurboTax 2009
TurboTax 2009 WinPerFedFormset (Version: 009.000.1480)
TurboTax 2009 WinPerReleaseEngine (Version: 009.000.0282)
TurboTax 2009 WinPerTaxSupport (Version: 009.000.0218)
TurboTax 2009 wmaiper (Version: 009.000.0623)
TurboTax 2009 wrapper (Version: 009.000.0145)
TurboTax 2010 WinPerFedFormset (Version: 010.000.3441)
TurboTax 2010 WinPerReleaseEngine (Version: 010.000.0414)
TurboTax 2010 wmaiper (Version: 010.000.1075)
TurboTax 2010 wrapper (Version: 010.000.0157)
TurboTax Business 2002
TurboTax Business 2003
TurboTax Deluxe 2007
TurboTax Home & Business 2007
TurboTax Premier 2002
UnloadSupport (Version: 10.0.0)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows Internet Explorer 7 (KB976749) (Version: 1)
Update for Windows Internet Explorer 8 (KB2447568) (Version: 1)
Update for Windows Internet Explorer 8 (KB2598845) (Version: 1)
Update for Windows Internet Explorer 8 (KB2632503) (Version: 1)
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2492386) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB951072-v2) (Version: 2)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
Verizon Broadband Toolbar (IE only)
Verizon Help and Support Tool
Viewpoint Media Player
VPRINTOL (Version: 8.02.0000.0001)
Vuze
Vz In Home Agent (Version: 8.03.25)
WebFldrs XP (Version: 9.50.7523)
WebReg (Version: 130.0.132.017)
WG111v2 Configuration Utility (Version: 1.00)
Winamp (Version: 5.541 )
Windows Genuine Advantage Notifications (KB905474) (Version: 1.9.0040.0)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0059.1)
Windows Imaging Component (Version: 3.0.0.0)
Windows Internet Explorer 7 (Version: 20061107.210142)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Live OneCare safety scanner
Windows Management Framework Core
Windows Media Format 11 runtime
Windows XP Service Pack 3 (Version: 20080414.031525)
WinRAR archiver
WIRELESS (Version: 8.02.0000.0001)
Yahoo! Messenger
Yahoo! Toolbar

========================= Memory info: ===================================

Percentage of memory in use: 31%
Total physical RAM: 2557.98 MB
Available physical RAM: 1748.5 MB
Total Pagefile: 3203.19 MB
Available Pagefile: 2037.18 MB
Total Virtual: 2047.88 MB
Available Virtual: 1975.75 MB

========================= Partitions: =====================================

2 Drive c: (Local Disk ) (Fixed) (Total:232.88 GB) (Free:128.49 GB) NTFS
4 Drive e: (New Volume) (Fixed) (Total:298.09 GB) (Free:296.03 GB) NTFS

========================= Users: ========================================

User accounts for \\CHARLIE-PC1

Administrator ASPNET Guest
HelpAssistant SUPPORT_388945a0


**** End of log ****




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users