Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Potential Infection


  • Please log in to reply
26 replies to this topic

#1 R0D3R1CK

R0D3R1CK

  • Members
  • 623 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:04 PM

Posted 18 September 2012 - 07:01 AM

I run windows vista. Here's a timeline of what happened

1. I left my computer on and with a browser, Chrome, open

2. I return to my computer to find that a page (linecserver[dot]com) had opened in my browser that was not open when i left the computer. This page appeared to have downloaded a program, driverupdate_setup[dot] exe; chrome also warned me that it was trying to download multiple other files. I did not allow it to download the other files.

3. I close the browser and begin performing an anti-virus scan (with webroot secure anywhere). Simultaneously, i download MBAM.

4. Webroot doesn't find anything, so i start MBAM, even though i doubted that it would have enough time to complete a full scan

5. MBAM doesn't find anything after about 80 minutes, so i decide to call it quits and shut down the computer; i also shut down my home network's router.

6. I reboot the computer and enter the password. It took a surprisingly long amount of time to log me in. When it finally does, I'm not presented with my desktop, but rather just a pale blue screen. I used ctrl+alt+del to view what processes were running...there were only 6.

7. I attempt to boot into safe mode. After one *unsuccessful* attempt, i decided to just wait. After a while, the pale blue screen was replaced by my desktop.

8. I successfully reboot into safe mode. The blue screen does not appear; I'm taken to my desktop as expected.

9. I reboot normally. This time, I'm not shown the pale blue screen - i get directly to my desktop.

Does it sound like I'm infected?

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:04 PM

Posted 18 September 2012 - 07:37 AM

That sounds like you're infected.


Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 R0D3R1CK

R0D3R1CK
  • Topic Starter

  • Members
  • 623 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:04 PM

Posted 18 September 2012 - 05:51 PM

I scanned with MBAM so it could finish this time and it found "PUM.Hijack.StartMenu" which is categorized as a "registry data item"

Should i proceed with removing it via MBAM?

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:04 PM

Posted 18 September 2012 - 05:54 PM

Yes

#5 R0D3R1CK

R0D3R1CK
  • Topic Starter

  • Members
  • 623 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:04 PM

Posted 18 September 2012 - 05:57 PM

Ok. it's been quarantined. I did some research and from the looks of it, the PUM was harmless...and irrelevant to Vista.

I'll now proceed with the instructions from your initial post.

#6 R0D3R1CK

R0D3R1CK
  • Topic Starter

  • Members
  • 623 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:04 PM

Posted 18 September 2012 - 06:06 PM

Here's the first of the 3 logs
TDSSKiller: No threats found.


18:02:15.0207 4668 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
18:02:15.0550 4668 ============================================================
18:02:15.0550 4668 Current date / time: 2012/09/18 18:02:15.0550
18:02:15.0550 4668 SystemInfo:
18:02:15.0550 4668
18:02:15.0550 4668 OS Version: 6.0.6002 ServicePack: 2.0
18:02:15.0550 4668 Product type: Workstation
18:02:15.0550 4668 ComputerName: JOHN-PC
18:02:15.0550 4668 UserName: John
18:02:15.0550 4668 Windows directory: C:\Windows
18:02:15.0550 4668 System windows directory: C:\Windows
18:02:15.0550 4668 Processor architecture: Intel x86
18:02:15.0550 4668 Number of processors: 2
18:02:15.0550 4668 Page size: 0x1000
18:02:15.0550 4668 Boot type: Normal boot
18:02:15.0550 4668 ============================================================
18:02:16.0205 4668 Drive \Device\Harddisk0\DR0 - Size: 0x53D67B6000 (335.35 Gb), SectorSize: 0x200, Cylinders: 0xAB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
18:02:16.0283 4668 ============================================================
18:02:16.0283 4668 \Device\Harddisk0\DR0:
18:02:16.0299 4668 MBR partitions:
18:02:16.0299 4668 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x28CF4C7C
18:02:16.0299 4668 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x28CF4CBB, BlocksNum 0x11BDD06
18:02:16.0299 4668 ============================================================
18:02:16.0361 4668 C: <-> \Device\Harddisk0\DR0\Partition1
18:02:16.0501 4668 D: <-> \Device\Harddisk0\DR0\Partition2
18:02:16.0611 4668 ============================================================
18:02:16.0611 4668 Initialize success
18:02:16.0611 4668 ============================================================
18:02:38.0061 5848 ============================================================
18:02:38.0061 5848 Scan started
18:02:38.0061 5848 Mode: Manual; TDLFS;
18:02:38.0061 5848 ============================================================
18:02:38.0887 5848 ================ Scan system memory ========================
18:02:38.0887 5848 System memory - ok
18:02:38.0887 5848 ================ Scan services =============================
18:02:39.0106 5848 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
18:02:39.0121 5848 ACDaemon - ok
18:02:39.0309 5848 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
18:02:39.0309 5848 ACPI - ok
18:02:39.0371 5848 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
18:02:39.0371 5848 AdobeARMservice - ok
18:02:39.0511 5848 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
18:02:39.0543 5848 AdobeFlashPlayerUpdateSvc - ok
18:02:39.0667 5848 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
18:02:39.0683 5848 adp94xx - ok
18:02:39.0745 5848 [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci C:\Windows\system32\drivers\adpahci.sys
18:02:39.0761 5848 adpahci - ok
18:02:39.0792 5848 [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
18:02:39.0808 5848 adpu160m - ok
18:02:39.0839 5848 [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320 C:\Windows\system32\drivers\adpu320.sys
18:02:39.0839 5848 adpu320 - ok
18:02:39.0901 5848 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:02:39.0901 5848 AeLookupSvc - ok
18:02:39.0964 5848 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
18:02:39.0979 5848 AFD - ok
18:02:40.0026 5848 [ EF23439CDD587F64C2C1B8825CEAD7D8 ] agp440 C:\Windows\system32\drivers\agp440.sys
18:02:40.0042 5848 agp440 - ok
18:02:40.0073 5848 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
18:02:40.0073 5848 aic78xx - ok
18:02:40.0120 5848 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
18:02:40.0120 5848 ALG - ok
18:02:40.0167 5848 [ 90395B64600EBB4552E26E178C94B2E4 ] aliide C:\Windows\system32\drivers\aliide.sys
18:02:40.0182 5848 aliide - ok
18:02:40.0245 5848 [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
18:02:40.0260 5848 amdagp - ok
18:02:40.0291 5848 [ 0577DF1D323FE75A739C787893D300EA ] amdide C:\Windows\system32\drivers\amdide.sys
18:02:40.0291 5848 amdide - ok
18:02:40.0323 5848 [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
18:02:40.0323 5848 AmdK7 - ok
18:02:40.0401 5848 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
18:02:40.0416 5848 AmdK8 - ok
18:02:40.0479 5848 [ 85180CF88C5EBAD73B452A43A004CA51 ] AOL ACS C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
18:02:40.0479 5848 AOL ACS - ok
18:02:40.0541 5848 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
18:02:40.0541 5848 Appinfo - ok
18:02:40.0619 5848 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:02:40.0619 5848 Apple Mobile Device - ok
18:02:40.0666 5848 [ 5F673180268BB1FDB69C99B6619FE379 ] arc C:\Windows\system32\drivers\arc.sys
18:02:40.0666 5848 arc - ok
18:02:40.0728 5848 [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas C:\Windows\system32\drivers\arcsas.sys
18:02:40.0728 5848 arcsas - ok
18:02:40.0806 5848 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:02:40.0806 5848 AsyncMac - ok
18:02:40.0869 5848 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
18:02:40.0884 5848 atapi - ok
18:02:40.0962 5848 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:02:40.0978 5848 AudioEndpointBuilder - ok
18:02:41.0009 5848 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
18:02:41.0025 5848 Audiosrv - ok
18:02:41.0056 5848 [ CF6A67C90951E3E763D2135DEDE44B85 ] BCM43XV C:\Windows\system32\DRIVERS\bcmwl6.sys
18:02:41.0071 5848 BCM43XV - ok
18:02:41.0149 5848 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
18:02:41.0149 5848 Beep - ok
18:02:41.0227 5848 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
18:02:41.0227 5848 BFE - ok
18:02:41.0352 5848 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll
18:02:41.0383 5848 BITS - ok
18:02:41.0555 5848 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:02:41.0555 5848 Bonjour Service - ok
18:02:41.0649 5848 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:02:41.0649 5848 bowser - ok
18:02:41.0758 5848 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
18:02:41.0758 5848 BrFiltLo - ok
18:02:41.0789 5848 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
18:02:41.0789 5848 BrFiltUp - ok
18:02:41.0836 5848 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
18:02:41.0867 5848 Browser - ok
18:02:41.0945 5848 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
18:02:41.0961 5848 Brserid - ok
18:02:41.0992 5848 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
18:02:42.0007 5848 BrSerWdm - ok
18:02:42.0070 5848 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
18:02:42.0070 5848 BrUsbMdm - ok
18:02:42.0117 5848 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
18:02:42.0132 5848 BrUsbSer - ok
18:02:42.0195 5848 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
18:02:42.0195 5848 BTHMODEM - ok
18:02:42.0335 5848 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:02:42.0366 5848 cdfs - ok
18:02:42.0475 5848 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
18:02:42.0491 5848 cdrom - ok
18:02:42.0569 5848 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
18:02:42.0569 5848 CertPropSvc - ok
18:02:42.0600 5848 [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass C:\Windows\system32\drivers\circlass.sys
18:02:42.0600 5848 circlass - ok
18:02:42.0678 5848 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
18:02:42.0694 5848 CLFS - ok
18:02:42.0772 5848 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:02:42.0772 5848 clr_optimization_v2.0.50727_32 - ok
18:02:42.0850 5848 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:02:42.0865 5848 clr_optimization_v4.0.30319_32 - ok
18:02:42.0897 5848 [ 45201046C776FFDAF3FC8A0029C581C8 ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:02:42.0897 5848 cmdide - ok
18:02:42.0943 5848 [ 82B8C91D327CFECF76CB58716F7D4997 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
18:02:42.0943 5848 Compbatt - ok
18:02:42.0959 5848 COMSysApp - ok
18:02:42.0990 5848 [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
18:02:42.0990 5848 crcdisk - ok
18:02:43.0006 5848 [ 22A7F883508176489F559EE745B5BF5D ] Crusoe C:\Windows\system32\drivers\crusoe.sys
18:02:43.0006 5848 Crusoe - ok
18:02:43.0084 5848 [ 75C6A297E364014840B48ECCD7525E30 ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:02:43.0084 5848 CryptSvc - ok
18:02:43.0162 5848 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
18:02:43.0177 5848 DcomLaunch - ok
18:02:43.0209 5848 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:02:43.0209 5848 DfsC - ok
18:02:43.0380 5848 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
18:02:43.0458 5848 DFSR - ok
18:02:43.0536 5848 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
18:02:43.0536 5848 Dhcp - ok
18:02:43.0599 5848 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
18:02:43.0599 5848 disk - ok
18:02:43.0630 5848 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:02:43.0630 5848 Dnscache - ok
18:02:43.0723 5848 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
18:02:43.0755 5848 dot3svc - ok
18:02:43.0848 5848 [ 4F59C172C094E1A1D46463A8DC061CBD ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
18:02:43.0864 5848 Dot4 - ok
18:02:43.0911 5848 [ 80BF3BA09F6F2523C8F6B7CC6DBF7BD5 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
18:02:43.0911 5848 Dot4Print - ok
18:02:43.0942 5848 [ C55004CA6B419B6695970DFE849B122F ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
18:02:43.0942 5848 dot4usb - ok
18:02:44.0004 5848 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
18:02:44.0004 5848 DPS - ok
18:02:44.0051 5848 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:02:44.0051 5848 drmkaud - ok
18:02:44.0238 5848 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:02:44.0254 5848 DXGKrnl - ok
18:02:44.0301 5848 [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
18:02:44.0316 5848 E1G60 - ok
18:02:44.0379 5848 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
18:02:44.0379 5848 EapHost - ok
18:02:44.0457 5848 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
18:02:44.0550 5848 Ecache - ok
18:02:44.0659 5848 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:02:44.0659 5848 ehRecvr - ok
18:02:44.0769 5848 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
18:02:44.0769 5848 ehSched - ok
18:02:44.0847 5848 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
18:02:44.0862 5848 ehstart - ok
18:02:45.0081 5848 [ E8F3F21A71720C84BCF423B80028359F ] elxstor C:\Windows\system32\drivers\elxstor.sys
18:02:45.0112 5848 elxstor - ok
18:02:45.0237 5848 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
18:02:45.0252 5848 EMDMgmt - ok
18:02:45.0377 5848 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
18:02:45.0408 5848 EventSystem - ok
18:02:45.0549 5848 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
18:02:45.0642 5848 exfat - ok
18:02:45.0736 5848 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:02:45.0751 5848 fastfat - ok
18:02:45.0798 5848 [ 63BDADA84951B9C03E641800E176898A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
18:02:45.0814 5848 fdc - ok
18:02:45.0861 5848 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
18:02:45.0876 5848 fdPHost - ok
18:02:45.0907 5848 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
18:02:45.0923 5848 FDResPub - ok
18:02:46.0001 5848 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:02:46.0017 5848 FileInfo - ok
18:02:46.0079 5848 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:02:46.0079 5848 Filetrace - ok
18:02:46.0126 5848 [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
18:02:46.0157 5848 flpydisk - ok
18:02:46.0251 5848 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:02:46.0266 5848 FltMgr - ok
18:02:46.0438 5848 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
18:02:46.0453 5848 FontCache - ok
18:02:46.0516 5848 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
18:02:46.0531 5848 FontCache3.0.0.0 - ok
18:02:46.0594 5848 [ D909075FA72C090F27AA926C32CB4612 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
18:02:46.0594 5848 fssfltr - ok
18:02:46.0781 5848 [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
18:02:46.0859 5848 fsssvc - ok
18:02:46.0921 5848 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:02:46.0921 5848 Fs_Rec - ok
18:02:46.0968 5848 [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
18:02:46.0968 5848 gagp30kx - ok
18:02:47.0015 5848 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\Drivers\GEARAspiWDM.sys
18:02:47.0015 5848 GEARAspiWDM - ok
18:02:47.0062 5848 [ A72034228A6D8DCD9A1CD70107556E40 ] getPlusHelper C:\Program Files\NOS\bin\getPlus_Helper.dll
18:02:47.0062 5848 getPlusHelper - ok
18:02:47.0233 5848 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
18:02:47.0249 5848 gpsvc - ok
18:02:47.0343 5848 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
18:02:47.0343 5848 gupdate - ok
18:02:47.0358 5848 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
18:02:47.0358 5848 gupdatem - ok
18:02:47.0436 5848 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
18:02:47.0436 5848 gusvc - ok
18:02:47.0467 5848 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:02:47.0483 5848 HdAudAddService - ok
18:02:47.0561 5848 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
18:02:47.0577 5848 HDAudBus - ok
18:02:47.0623 5848 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
18:02:47.0623 5848 HidBth - ok
18:02:47.0670 5848 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
18:02:47.0670 5848 HidIr - ok
18:02:47.0842 5848 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll
18:02:47.0842 5848 hidserv - ok
18:02:47.0904 5848 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
18:02:47.0904 5848 HidUsb - ok
18:02:47.0967 5848 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:02:47.0967 5848 hkmsvc - ok
18:02:48.0076 5848 [ 89F9E1984C1CD9E5F4FE39642D886E11 ] HP Health Check Service c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
18:02:48.0076 5848 HP Health Check Service - ok
18:02:48.0201 5848 [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
18:02:48.0201 5848 HpCISSs - ok
18:02:48.0325 5848 [ F50F7984FDD151EDD8A70A8DBD9E2A44 ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
18:02:48.0325 5848 hpqcxs08 - ok
18:02:48.0466 5848 [ DF446BA625CC441617843E87798CE048 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
18:02:48.0481 5848 hpqddsvc - ok
18:02:48.0887 5848 [ 88749FBF8BEB18C90E7D6626C8C1910B ] HSF_DP C:\Windows\system32\DRIVERS\HSX_DP.sys
18:02:48.0903 5848 HSF_DP - ok
18:02:49.0012 5848 [ FE440536BD98AF772130DC3A6FE1915F ] HSXHWBS2 C:\Windows\system32\DRIVERS\HSXHWBS2.sys
18:02:49.0027 5848 HSXHWBS2 - ok
18:02:49.0074 5848 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:02:49.0105 5848 HTTP - ok
18:02:49.0137 5848 [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp C:\Windows\system32\drivers\i2omp.sys
18:02:49.0137 5848 i2omp - ok
18:02:49.0183 5848 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
18:02:49.0183 5848 i8042prt - ok
18:02:49.0215 5848 [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
18:02:49.0230 5848 iaStorV - ok
18:02:49.0324 5848 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
18:02:49.0355 5848 IDriverT - ok
18:02:49.0433 5848 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:02:49.0464 5848 idsvc - ok
18:02:49.0511 5848 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
18:02:49.0511 5848 iirsp - ok
18:02:49.0683 5848 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
18:02:49.0698 5848 IKEEXT - ok
18:02:49.0823 5848 [ 84ED2154239F9D013BBD3220755ADA8B ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
18:02:49.0885 5848 IntcAzAudAddService - ok
18:02:49.0917 5848 [ 97469037714070E45194ED318D636401 ] intelide C:\Windows\system32\drivers\intelide.sys
18:02:49.0917 5848 intelide - ok
18:02:49.0979 5848 [ CE44CC04262F28216DD4341E9E36A16F ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:02:49.0979 5848 intelppm - ok
18:02:50.0073 5848 [ 3DC635B66DD7412E1C9C3A77B8D78F25 ] IntuitUpdateService C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
18:02:50.0088 5848 IntuitUpdateService - ok
18:02:50.0151 5848 [ 1663A135865F0BA6E853353E98E67F2A ] IntuitUpdateServiceV4 C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
18:02:50.0166 5848 IntuitUpdateServiceV4 - ok
18:02:50.0229 5848 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:02:50.0244 5848 IPBusEnum - ok
18:02:50.0322 5848 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:02:50.0322 5848 IpFilterDriver - ok
18:02:50.0431 5848 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
18:02:50.0431 5848 iphlpsvc - ok
18:02:50.0494 5848 [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
18:02:50.0494 5848 IPMIDRV - ok
18:02:50.0556 5848 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
18:02:50.0572 5848 IPNAT - ok
18:02:50.0634 5848 [ E6BE7A41A28D8F2DB174957454D32448 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
18:02:50.0665 5848 iPod Service - ok
18:02:50.0743 5848 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:02:50.0759 5848 IRENUM - ok
18:02:50.0821 5848 [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:02:50.0821 5848 isapnp - ok
18:02:50.0899 5848 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
18:02:50.0915 5848 iScsiPrt - ok
18:02:50.0946 5848 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
18:02:50.0962 5848 iteatapi - ok
18:02:51.0009 5848 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
18:02:51.0024 5848 iteraid - ok
18:02:51.0071 5848 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
18:02:51.0102 5848 kbdclass - ok
18:02:51.0133 5848 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
18:02:51.0133 5848 kbdhid - ok
18:02:51.0180 5848 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
18:02:51.0180 5848 KeyIso - ok
18:02:51.0243 5848 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:02:51.0258 5848 KSecDD - ok
18:02:51.0352 5848 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
18:02:51.0383 5848 KtmRm - ok
18:02:51.0445 5848 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll
18:02:51.0445 5848 LanmanServer - ok
18:02:51.0508 5848 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:02:51.0523 5848 LanmanWorkstation - ok
18:02:51.0586 5848 [ F34B35F6F74E28A460749DA11D1117F8 ] LightScribeService c:\Program Files\Common Files\LightScribe\LSSrvc.exe
18:02:51.0586 5848 LightScribeService - ok
18:02:51.0648 5848 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:02:51.0648 5848 lltdio - ok
18:02:51.0773 5848 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:02:51.0804 5848 lltdsvc - ok
18:02:51.0851 5848 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:02:51.0867 5848 lmhosts - ok
18:02:51.0945 5848 [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
18:02:51.0945 5848 LSI_FC - ok
18:02:51.0991 5848 [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
18:02:51.0991 5848 LSI_SAS - ok
18:02:52.0007 5848 [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
18:02:52.0023 5848 LSI_SCSI - ok
18:02:52.0069 5848 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
18:02:52.0085 5848 luafv - ok
18:02:52.0101 5848 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:02:52.0116 5848 Mcx2Svc - ok
18:02:52.0163 5848 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
18:02:52.0163 5848 mdmxsdk - ok
18:02:52.0288 5848 [ D153B14FC6598EAE8422A2037553ADCE ] megasas C:\Windows\system32\drivers\megasas.sys
18:02:52.0288 5848 megasas - ok
18:02:52.0319 5848 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
18:02:52.0350 5848 MMCSS - ok
18:02:52.0428 5848 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
18:02:52.0444 5848 Modem - ok
18:02:52.0600 5848 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:02:52.0600 5848 monitor - ok
18:02:52.0647 5848 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:02:52.0647 5848 mouclass - ok
18:02:52.0693 5848 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:02:52.0709 5848 mouhid - ok
18:02:52.0756 5848 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
18:02:52.0756 5848 MountMgr - ok
18:02:52.0787 5848 [ 583A41F26278D9E0EA548163D6139397 ] mpio C:\Windows\system32\drivers\mpio.sys
18:02:52.0787 5848 mpio - ok
18:02:52.0849 5848 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:02:52.0849 5848 mpsdrv - ok
18:02:52.0896 5848 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
18:02:52.0912 5848 MpsSvc - ok
18:02:52.0959 5848 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
18:02:52.0974 5848 Mraid35x - ok
18:02:53.0005 5848 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:02:53.0021 5848 MRxDAV - ok
18:02:53.0052 5848 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:02:53.0052 5848 mrxsmb - ok
18:02:53.0099 5848 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:02:53.0099 5848 mrxsmb10 - ok
18:02:53.0146 5848 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:02:53.0161 5848 mrxsmb20 - ok
18:02:53.0193 5848 [ 742AED7939E734C36B7E8D6228CE26B7 ] msahci C:\Windows\system32\drivers\msahci.sys
18:02:53.0193 5848 msahci - ok
18:02:53.0208 5848 [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:02:53.0208 5848 msdsm - ok
18:02:53.0255 5848 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
18:02:53.0255 5848 MSDTC - ok
18:02:53.0333 5848 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:02:53.0333 5848 Msfs - ok
18:02:53.0380 5848 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:02:53.0395 5848 msisadrv - ok
18:02:53.0427 5848 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:02:53.0427 5848 MSiSCSI - ok
18:02:53.0427 5848 msiserver - ok
18:02:53.0489 5848 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:02:53.0489 5848 MSKSSRV - ok
18:02:53.0520 5848 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:02:53.0520 5848 MSPCLOCK - ok
18:02:53.0567 5848 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:02:53.0583 5848 MSPQM - ok
18:02:53.0629 5848 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:02:53.0629 5848 MsRPC - ok
18:02:53.0692 5848 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
18:02:53.0692 5848 mssmbios - ok
18:02:53.0801 5848 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:02:53.0801 5848 MSTEE - ok
18:02:53.0863 5848 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
18:02:53.0863 5848 Mup - ok
18:02:53.0926 5848 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
18:02:53.0941 5848 napagent - ok
18:02:54.0004 5848 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:02:54.0019 5848 NativeWifiP - ok
18:02:54.0082 5848 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
18:02:54.0097 5848 NDIS - ok
18:02:54.0175 5848 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:02:54.0191 5848 NdisTapi - ok
18:02:54.0238 5848 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:02:54.0238 5848 Ndisuio - ok
18:02:54.0347 5848 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:02:54.0378 5848 NdisWan - ok
18:02:54.0441 5848 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:02:54.0456 5848 NDProxy - ok
18:02:54.0487 5848 [ 19715A9A573DAD2521348ABC74266A48 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
18:02:54.0503 5848 Net Driver HPZ12 - ok
18:02:54.0565 5848 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:02:54.0581 5848 NetBIOS - ok
18:02:54.0612 5848 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
18:02:54.0628 5848 netbt - ok
18:02:54.0659 5848 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
18:02:54.0659 5848 Netlogon - ok
18:02:54.0737 5848 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
18:02:54.0737 5848 Netman - ok
18:02:54.0799 5848 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
18:02:54.0815 5848 netprofm - ok
18:02:54.0862 5848 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:02:54.0862 5848 NetTcpPortSharing - ok
18:02:54.0909 5848 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
18:02:54.0924 5848 nfrd960 - ok
18:02:54.0971 5848 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
18:02:54.0971 5848 NlaSvc - ok
18:02:55.0033 5848 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:02:55.0033 5848 Npfs - ok
18:02:55.0096 5848 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
18:02:55.0111 5848 nsi - ok
18:02:55.0158 5848 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:02:55.0158 5848 nsiproxy - ok
18:02:55.0408 5848 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:02:55.0439 5848 Ntfs - ok
18:02:55.0486 5848 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
18:02:55.0486 5848 ntrigdigi - ok
18:02:55.0501 5848 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
18:02:55.0501 5848 Null - ok
18:02:55.0579 5848 [ D958A2B5F6AD5C3B8CCDC4D7DA62466C ] NVENETFD C:\Windows\system32\DRIVERS\nvmfdx32.sys
18:02:55.0611 5848 NVENETFD - ok
18:02:56.0952 5848 [ E0434DCCF91A47D9D8A785AF83865D7D ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:02:57.0311 5848 nvlddmkm - ok
18:02:57.0389 5848 [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:02:57.0389 5848 nvraid - ok
18:02:57.0451 5848 [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:02:57.0451 5848 nvstor - ok
18:02:57.0498 5848 [ A1CE1A6FD74C046F029448FCFA5E386D ] nvstor32 C:\Windows\system32\drivers\nvstor32.sys
18:02:57.0498 5848 nvstor32 - ok
18:02:57.0561 5848 [ 2FE4FE6B316836AFE396851EFF6DEA6B ] nvsvc C:\Windows\system32\nvvsvc.exe
18:02:57.0561 5848 nvsvc - ok
18:02:57.0670 5848 [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:02:57.0670 5848 nv_agp - ok
18:02:57.0935 5848 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:02:57.0935 5848 odserv - ok
18:02:57.0997 5848 [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
18:02:57.0997 5848 ohci1394 - ok
18:02:58.0029 5848 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:02:58.0029 5848 ose - ok
18:02:58.0216 5848 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
18:02:58.0247 5848 p2pimsvc - ok
18:02:58.0294 5848 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
18:02:58.0309 5848 p2psvc - ok
18:02:58.0372 5848 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
18:02:58.0419 5848 Parport - ok
18:02:58.0450 5848 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:02:58.0450 5848 partmgr - ok
18:02:58.0481 5848 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
18:02:58.0481 5848 Parvdm - ok
18:02:58.0528 5848 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
18:02:58.0528 5848 PcaSvc - ok
18:02:58.0575 5848 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
18:02:58.0575 5848 pci - ok
18:02:58.0606 5848 [ 1636D43F10416AEB483BC6001097B26C ] pciide C:\Windows\system32\drivers\pciide.sys
18:02:58.0606 5848 pciide - ok
18:02:58.0637 5848 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
18:02:58.0637 5848 pcmcia - ok
18:02:58.0715 5848 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:02:58.0793 5848 PEAUTH - ok
18:02:59.0011 5848 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
18:02:59.0074 5848 pla - ok
18:02:59.0152 5848 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:02:59.0167 5848 PlugPlay - ok
18:02:59.0214 5848 [ B36CD3F2ECA751C0CA8B8868BD1C5449 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
18:02:59.0230 5848 Pml Driver HPZ12 - ok
18:02:59.0261 5848 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
18:02:59.0277 5848 PNRPAutoReg - ok
18:02:59.0511 5848 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
18:02:59.0526 5848 PNRPsvc - ok
18:02:59.0589 5848 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:02:59.0589 5848 PolicyAgent - ok
18:02:59.0651 5848 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:02:59.0667 5848 PptpMiniport - ok
18:02:59.0698 5848 [ 0E3CEF5D28B40CF273281D620C50700A ] Processor C:\Windows\system32\drivers\processr.sys
18:02:59.0698 5848 Processor - ok
18:02:59.0729 5848 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
18:02:59.0729 5848 ProfSvc - ok
18:02:59.0776 5848 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
18:02:59.0776 5848 ProtectedStorage - ok
18:02:59.0823 5848 [ 390C204CED3785609AB24E9C52054A84 ] Ps2 C:\Windows\system32\DRIVERS\PS2.sys
18:02:59.0823 5848 Ps2 - ok
18:02:59.0885 5848 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
18:02:59.0901 5848 PSched - ok
18:02:59.0963 5848 [ 49452BFCEC22F36A7A9B9C2181BC3042 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
18:02:59.0963 5848 PxHelp20 - ok
18:03:00.0010 5848 [ CCDAC889326317792480C0A67156A1EC ] ql2300 C:\Windows\system32\drivers\ql2300.sys
18:03:00.0057 5848 ql2300 - ok
18:03:00.0103 5848 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
18:03:00.0119 5848 ql40xx - ok
18:03:00.0166 5848 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
18:03:00.0181 5848 QWAVE - ok
18:03:00.0259 5848 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:03:00.0259 5848 QWAVEdrv - ok
18:03:00.0306 5848 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:03:00.0322 5848 RasAcd - ok
18:03:00.0384 5848 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
18:03:00.0400 5848 RasAuto - ok
18:03:00.0478 5848 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:03:00.0493 5848 Rasl2tp - ok
18:03:00.0540 5848 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
18:03:00.0540 5848 RasMan - ok
18:03:00.0587 5848 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:03:00.0603 5848 RasPppoe - ok
18:03:00.0665 5848 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:03:00.0665 5848 RasSstp - ok
18:03:00.0712 5848 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:03:00.0712 5848 rdbss - ok
18:03:00.0774 5848 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:03:00.0774 5848 RDPCDD - ok
18:03:00.0946 5848 [ E8BD98D46F2ED77132BA927FCCB47D8B ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
18:03:00.0961 5848 rdpdr - ok
18:03:00.0993 5848 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:03:00.0993 5848 RDPENCDD - ok
18:03:01.0071 5848 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:03:01.0102 5848 RDPWD - ok
18:03:01.0149 5848 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
18:03:01.0164 5848 RemoteAccess - ok
18:03:01.0211 5848 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:03:01.0211 5848 RemoteRegistry - ok
18:03:01.0539 5848 [ 2DAC86F10C42B55F2511F14CBCEE7284 ] RoxMediaDB9 c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
18:03:01.0585 5848 RoxMediaDB9 - ok
18:03:01.0632 5848 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
18:03:01.0632 5848 RpcLocator - ok
18:03:01.0663 5848 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
18:03:01.0663 5848 RpcSs - ok
18:03:01.0757 5848 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:03:01.0804 5848 rspndr - ok
18:03:01.0960 5848 [ 99C7C809B34D2DBC383DE491860EB4A3 ] SaiH075C C:\Windows\system32\DRIVERS\SaiH075C.sys
18:03:01.0975 5848 SaiH075C - ok
18:03:02.0007 5848 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
18:03:02.0007 5848 SamSs - ok
18:03:02.0069 5848 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:03:02.0069 5848 sbp2port - ok
18:03:02.0163 5848 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:03:02.0163 5848 SCardSvr - ok
18:03:02.0319 5848 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
18:03:02.0334 5848 Schedule - ok
18:03:02.0397 5848 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
18:03:02.0397 5848 SCPolicySvc - ok
18:03:02.0459 5848 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:03:02.0459 5848 SDRSVC - ok
18:03:02.0506 5848 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:03:02.0506 5848 secdrv - ok
18:03:02.0553 5848 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
18:03:02.0553 5848 seclogon - ok
18:03:02.0599 5848 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
18:03:02.0615 5848 SENS - ok
18:03:02.0646 5848 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
18:03:02.0646 5848 Serenum - ok
18:03:02.0724 5848 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
18:03:02.0740 5848 Serial - ok
18:03:02.0787 5848 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
18:03:02.0787 5848 sermouse - ok
18:03:02.0911 5848 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
18:03:02.0927 5848 SessionEnv - ok
18:03:03.0005 5848 [ 51CF56AA8BCC241F134B420B8F850406 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:03:03.0005 5848 sffdisk - ok
18:03:03.0036 5848 [ 96DED8B20C734AC41641CE275250E55D ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:03:03.0052 5848 sffp_mmc - ok
18:03:03.0083 5848 [ 8B08CAB1267B2C377883FC9E56981F90 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:03:03.0099 5848 sffp_sd - ok
18:03:03.0130 5848 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
18:03:03.0161 5848 sfloppy - ok
18:03:03.0208 5848 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:03:03.0223 5848 SharedAccess - ok
18:03:03.0270 5848 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:03:03.0286 5848 ShellHWDetection - ok
18:03:03.0317 5848 [ D2A595D6EEBEEAF4334F8E50EFBC9931 ] sisagp C:\Windows\system32\drivers\sisagp.sys
18:03:03.0317 5848 sisagp - ok
18:03:03.0348 5848 [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
18:03:03.0348 5848 SiSRaid2 - ok
18:03:03.0379 5848 [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
18:03:03.0395 5848 SiSRaid4 - ok
18:03:03.0723 5848 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
18:03:03.0801 5848 slsvc - ok
18:03:03.0847 5848 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
18:03:03.0847 5848 SLUINotify - ok
18:03:03.0894 5848 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:03:03.0894 5848 Smb - ok
18:03:03.0941 5848 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:03:03.0941 5848 SNMPTRAP - ok
18:03:04.0003 5848 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
18:03:04.0003 5848 spldr - ok
18:03:04.0019 5848 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
18:03:04.0035 5848 Spooler - ok
18:03:04.0066 5848 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
18:03:04.0081 5848 srv - ok
18:03:04.0175 5848 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:03:04.0222 5848 srv2 - ok
18:03:04.0269 5848 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:03:04.0284 5848 srvnet - ok
18:03:04.0393 5848 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:03:04.0393 5848 SSDPSRV - ok
18:03:04.0471 5848 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:03:04.0471 5848 SstpSvc - ok
18:03:04.0674 5848 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
18:03:04.0752 5848 stisvc - ok
18:03:04.0877 5848 [ E5FF667E416DAC99BFF16B626234A379 ] stllssvr c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
18:03:04.0893 5848 stllssvr - ok
18:03:04.0939 5848 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
18:03:04.0939 5848 swenum - ok
18:03:05.0002 5848 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
18:03:05.0017 5848 swprv - ok
18:03:05.0049 5848 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
18:03:05.0049 5848 Symc8xx - ok
18:03:05.0095 5848 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
18:03:05.0111 5848 Sym_hi - ok
18:03:05.0142 5848 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
18:03:05.0142 5848 Sym_u3 - ok
18:03:05.0205 5848 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
18:03:05.0205 5848 SysMain - ok
18:03:05.0283 5848 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:03:05.0283 5848 TabletInputService - ok
18:03:05.0345 5848 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
18:03:05.0361 5848 TapiSrv - ok
18:03:05.0407 5848 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
18:03:05.0407 5848 TBS - ok
18:03:05.0579 5848 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:03:05.0595 5848 Tcpip - ok
18:03:05.0657 5848 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
18:03:05.0673 5848 Tcpip6 - ok
18:03:05.0719 5848 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:03:05.0735 5848 tcpipreg - ok
18:03:05.0782 5848 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:03:05.0782 5848 TDPIPE - ok
18:03:05.0829 5848 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:03:05.0844 5848 TDTCP - ok
18:03:05.0922 5848 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:03:05.0922 5848 tdx - ok
18:03:05.0969 5848 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
18:03:05.0969 5848 TermDD - ok
18:03:06.0141 5848 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
18:03:06.0156 5848 TermService - ok
18:03:06.0234 5848 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
18:03:06.0250 5848 Themes - ok
18:03:06.0265 5848 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
18:03:06.0265 5848 THREADORDER - ok
18:03:06.0343 5848 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
18:03:06.0359 5848 TrkWks - ok
18:03:06.0437 5848 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:03:06.0437 5848 TrustedInstaller - ok
18:03:06.0484 5848 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:03:06.0484 5848 tssecsrv - ok
18:03:06.0531 5848 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
18:03:06.0531 5848 tunmp - ok
18:03:06.0577 5848 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:03:06.0577 5848 tunnel - ok
18:03:06.0609 5848 [ C3ADE15414120033A36C0F293D4A4121 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
18:03:06.0609 5848 uagp35 - ok
18:03:06.0655 5848 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:03:06.0655 5848 udfs - ok
18:03:06.0718 5848 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:03:06.0733 5848 UI0Detect - ok
18:03:06.0780 5848 [ 75E6890EBFCE0841D3291B02E7A8BDB0 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:03:06.0780 5848 uliagpkx - ok
18:03:06.0827 5848 [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci C:\Windows\system32\drivers\uliahci.sys
18:03:06.0827 5848 uliahci - ok
18:03:06.0874 5848 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
18:03:06.0874 5848 UlSata - ok
18:03:06.0905 5848 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
18:03:06.0905 5848 ulsata2 - ok
18:03:06.0952 5848 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
18:03:06.0952 5848 umbus - ok
18:03:07.0077 5848 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
18:03:07.0077 5848 upnphost - ok
18:03:07.0108 5848 [ 83CAFCB53201BBAC04D822F32438E244 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
18:03:07.0108 5848 USBAAPL - ok
18:03:07.0186 5848 [ 32DB9517628FF0D070682AAB61E688F0 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
18:03:07.0186 5848 usbaudio - ok
18:03:07.0279 5848 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:03:07.0279 5848 usbccgp - ok
18:03:07.0357 5848 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:03:07.0373 5848 usbcir - ok
18:03:07.0420 5848 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
18:03:07.0435 5848 usbehci - ok
18:03:07.0513 5848 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:03:07.0529 5848 usbhub - ok
18:03:07.0576 5848 [ CE697FEE0D479290D89BEC80DFE793B7 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
18:03:07.0576 5848 usbohci - ok
18:03:07.0607 5848 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
18:03:07.0607 5848 usbprint - ok
18:03:07.0654 5848 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
18:03:07.0654 5848 usbscan - ok
18:03:07.0669 5848 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:03:07.0669 5848 USBSTOR - ok
18:03:07.0685 5848 [ 325DBBACB8A36AF9988CCF40EAC228CC ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
18:03:07.0701 5848 usbuhci - ok
18:03:07.0732 5848 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
18:03:07.0732 5848 UxSms - ok
18:03:07.0841 5848 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
18:03:07.0857 5848 vds - ok
18:03:07.0888 5848 [ 7D92BE0028ECDEDEC74617009084B5EF ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:03:07.0888 5848 vga - ok
18:03:07.0935 5848 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
18:03:07.0950 5848 VgaSave - ok
18:03:07.0981 5848 [ 045D9961E591CF0674A920B6BA3BA5CB ] viaagp C:\Windows\system32\drivers\viaagp.sys
18:03:08.0013 5848 viaagp - ok
18:03:08.0028 5848 [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
18:03:08.0028 5848 ViaC7 - ok
18:03:08.0059 5848 [ FD2E3175FCADA350C7AB4521DCA187EC ] viaide C:\Windows\system32\drivers\viaide.sys
18:03:08.0059 5848 viaide - ok
18:03:08.0091 5848 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:03:08.0106 5848 volmgr - ok
18:03:08.0262 5848 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:03:08.0278 5848 volmgrx - ok
18:03:08.0325 5848 [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:03:08.0325 5848 volsnap - ok
18:03:08.0356 5848 [ D984439746D42B30FC65A4C3546C6829 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
18:03:08.0356 5848 vsmraid - ok
18:03:08.0512 5848 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
18:03:08.0605 5848 VSS - ok
18:03:08.0621 5848 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
18:03:08.0637 5848 W32Time - ok
18:03:08.0668 5848 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
18:03:08.0683 5848 WacomPen - ok
18:03:08.0746 5848 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
18:03:08.0746 5848 Wanarp - ok
18:03:08.0761 5848 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:03:08.0761 5848 Wanarpv6 - ok
18:03:08.0808 5848 [ 0A716C08CB13C3A8F4F51E882DBF7416 ] wanatw C:\Windows\system32\DRIVERS\wanatw4.sys
18:03:08.0808 5848 wanatw - ok
18:03:08.0902 5848 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:03:08.0949 5848 wcncsvc - ok
18:03:09.0011 5848 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:03:09.0027 5848 WcsPlugInService - ok
18:03:09.0089 5848 [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd C:\Windows\system32\drivers\wd.sys
18:03:09.0105 5848 Wd - ok
18:03:09.0198 5848 [ D6EFAF429FD30C5DF613D220E344CCE7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam.sys
18:03:09.0214 5848 WDC_SAM - ok
18:03:09.0370 5848 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:03:09.0448 5848 Wdf01000 - ok
18:03:09.0495 5848 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:03:09.0510 5848 WdiServiceHost - ok
18:03:09.0526 5848 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:03:09.0526 5848 WdiSystemHost - ok
18:03:09.0651 5848 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
18:03:09.0697 5848 WebClient - ok
18:03:09.0791 5848 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:03:09.0931 5848 Wecsvc - ok
18:03:09.0994 5848 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:03:10.0009 5848 wercplsupport - ok
18:03:10.0056 5848 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
18:03:10.0087 5848 WerSvc - ok
18:03:10.0275 5848 [ 72CC6A8CA7891031D6380DB5025C773C ] winachsf C:\Windows\system32\DRIVERS\HSX_CNXT.sys
18:03:10.0540 5848 winachsf - ok
18:03:10.0805 5848 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
18:03:10.0821 5848 WinDefend - ok
18:03:11.0023 5848 [ 451F905BC7BFF9E1CFF2E7AE76196B2C ] WinDriver6 C:\Windows\system32\drivers\windrvr6.sys
18:03:11.0055 5848 WinDriver6 - ok
18:03:11.0070 5848 WinHttpAutoProxySvc - ok
18:03:11.0351 5848 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:03:11.0382 5848 Winmgmt - ok
18:03:11.0850 5848 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
18:03:12.0037 5848 WinRM - ok
18:03:12.0147 5848 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
18:03:12.0318 5848 Wlansvc - ok
18:03:12.0552 5848 [ 6067ACEF367E79914AF628FA1E9B5330 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
18:03:12.0599 5848 wlcrasvc - ok
18:03:12.0817 5848 [ 0A70F4022EC2E14C159EFC4F69AA2477 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:03:12.0895 5848 wlidsvc - ok
18:03:12.0958 5848 [ 701A9F884A294327E9141D73746EE279 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
18:03:12.0973 5848 WmiAcpi - ok
18:03:13.0114 5848 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:03:13.0114 5848 wmiApSrv - ok
18:03:13.0410 5848 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
18:03:13.0504 5848 WMPNetworkSvc - ok
18:03:13.0597 5848 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:03:13.0629 5848 WPCSvc - ok
18:03:13.0707 5848 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:03:13.0707 5848 WPDBusEnum - ok
18:03:13.0769 5848 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
18:03:13.0769 5848 WpdUsb - ok
18:03:13.0987 5848 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
18:03:14.0003 5848 WPFFontCache_v0400 - ok
18:03:14.0206 5848 [ BF40D8A65C241D39E897DAE977FF726D ] WRkrn C:\Windows\system32\drivers\WRkrn.sys
18:03:14.0268 5848 WRkrn - ok
18:03:14.0845 5848 [ 198434E71A01A170EDA6C73A812B540D ] WRSVC C:\Program Files\Webroot\WRSA.exe
18:03:14.0861 5848 WRSVC - ok
18:03:14.0923 5848 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:03:14.0939 5848 ws2ifsl - ok
18:03:15.0048 5848 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\System32\wscsvc.dll
18:03:15.0048 5848 wscsvc - ok
18:03:15.0064 5848 WSearch - ok
18:03:15.0376 5848 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
18:03:15.0625 5848 wuauserv - ok
18:03:15.0719 5848 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:03:15.0719 5848 WUDFRd - ok
18:03:15.0828 5848 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:03:15.0828 5848 wudfsvc - ok
18:03:15.0922 5848 [ DAB33CFA9DD24251AAA389FF36B64D4B ] XAudio C:\Windows\system32\DRIVERS\xaudio.sys
18:03:15.0922 5848 XAudio - ok
18:03:16.0125 5848 [ CD5F291A1161F15896D1A4D63DAFF5DF ] XAudioService C:\Windows\system32\DRIVERS\xaudio.exe
18:03:16.0234 5848 XAudioService - ok
18:03:16.0249 5848 ================ Scan global ===============================
18:03:16.0312 5848 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
18:03:16.0343 5848 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
18:03:16.0405 5848 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
18:03:16.0671 5848 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
18:03:16.0764 5848 [Global] - ok
18:03:16.0764 5848 ================ Scan MBR ==================================
18:03:16.0780 5848 [ 8913823FF508CCF109DB74B636C301DA ] \Device\Harddisk0\DR0
18:03:17.0544 5848 \Device\Harddisk0\DR0 - ok
18:03:17.0544 5848 ================ Scan VBR ==================================
18:03:17.0575 5848 [ C466652B653D9B2D929506B27FF6E2A8 ] \Device\Harddisk0\DR0\Partition1
18:03:17.0575 5848 \Device\Harddisk0\DR0\Partition1 - ok
18:03:17.0607 5848 [ 635939309E20F84DCFDA4FFC7DFEBABB ] \Device\Harddisk0\DR0\Partition2
18:03:17.0653 5848 \Device\Harddisk0\DR0\Partition2 - ok
18:03:17.0653 5848 ============================================================
18:03:17.0653 5848 Scan finished
18:03:17.0653 5848 ============================================================
18:03:17.0685 5792 Detected object count: 0
18:03:17.0685 5792 Actual detected object count: 0
18:03:27.0325 4968 Deinitialize success

#7 R0D3R1CK

R0D3R1CK
  • Topic Starter

  • Members
  • 623 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:04 PM

Posted 18 September 2012 - 06:46 PM

Here's the aswMBR log


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-18 18:07:44
-----------------------------
18:07:44.740 OS Version: Windows 6.0.6002 Service Pack 2
18:07:44.740 Number of processors: 2 586 0x6B01
18:07:44.740 ComputerName: JOHN-PC UserName: John
18:07:49.061 Initialize success
18:08:38.866 AVAST engine defs: 12091400
18:08:43.982 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000004f
18:08:43.982 Disk 0 Vendor: ST336032 3.CH Size: 343399MB BusType: 6
18:08:44.060 Disk 0 MBR read successfully
18:08:44.060 Disk 0 MBR scan
18:08:44.357 Disk 0 unknown MBR code
18:08:44.388 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 334313 MB offset 63
18:08:44.435 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 9083 MB offset 684674235
18:08:44.482 Disk 0 scanning sectors +703277505
18:08:44.762 Disk 0 scanning C:\Windows\system32\drivers
18:09:12.920 Service scanning
18:09:42.451 Service WRkrn C:\Windows\System32\drivers\WRkrn.sys **LOCKED** 32
18:09:44.339 Modules scanning
18:10:07.084 Disk 0 trace - called modules:
18:10:07.130 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll storport.sys nvstor32.sys
18:10:07.130 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x859400f0]
18:10:07.146 3 CLASSPNP.SYS[87ba88b3] -> nt!IofCallDriver -> [0x845a0e00]
18:10:07.146 5 acpi.sys[8060a6bc] -> nt!IofCallDriver -> \Device\0000004f[0x845a2b50]
18:10:08.020 AVAST engine scan C:\Windows
18:10:30.421 AVAST engine scan C:\Windows\system32
18:15:27.320 AVAST engine scan C:\Windows\system32\drivers
18:15:53.828 AVAST engine scan C:\Users\John
18:35:07.532 AVAST engine scan C:\ProgramData
18:44:57.415 Scan finished successfully
18:45:20.284 Disk 0 MBR has been saved successfully to "C:\Users\John\Desktop\MBR.dat"
18:45:20.300 The log file has been saved successfully to "C:\Users\John\Desktop\aswMBR.txt"

On a side-note, what's the thing second from the last..."MBR.dat"?

#8 R0D3R1CK

R0D3R1CK
  • Topic Starter

  • Members
  • 623 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:04 PM

Posted 18 September 2012 - 09:16 PM

ESET found nothing.
Shall we begin the uninstallation process for the 3 utilities?

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:04 PM

Posted 18 September 2012 - 09:25 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.



Download

adware cleaner

Launch it click on Delete

post the generated log

#10 R0D3R1CK

R0D3R1CK
  • Topic Starter

  • Members
  • 623 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:04 PM

Posted 18 September 2012 - 09:28 PM

That'll all have to wait till tomorrow (about 18 hours from now)

thanks for all your help so far!

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:04 PM

Posted 18 September 2012 - 09:29 PM

:thumbup2:

#12 R0D3R1CK

R0D3R1CK
  • Topic Starter

  • Members
  • 623 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:04 PM

Posted 19 September 2012 - 06:11 PM

MBAM didn't find anything


Here's the MiniToolbox Log

MiniToolBox by Farbar Version: 23-07-2012
Ran by John (administrator) on 19-09-2012 at 18:07:42
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================

NVIDIA nForce 10/100 Mbps Ethernet = Local Area Connection (Connected)
Broadcom 802.11g Network Adapter = Wireless Network Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : John-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : hsd1.mn.comcast.net.

Wireless LAN adapter Wireless Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : hsd1.mn.comcast.net.
Description . . . . . . . . . . . : Broadcom 802.11g Network Adapter
Physical Address. . . . . . . . . : 00-1C-DF-4C-D2-E0
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : hsd1.mn.comcast.net.
Description . . . . . . . . . . . : NVIDIA nForce 10/100 Mbps Ethernet
Physical Address. . . . . . . . . : 00-19-21-43-CA-68
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::fd34:1cd:9e3c:550%8(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.112(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Wednesday, September 19, 2012 4:01:51 PM
Lease Expires . . . . . . . . . . : Thursday, September 20, 2012 6:04:30 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 201333689
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-0E-85-5B-C5-00-19-21-43-CA-68
DNS Servers . . . . . . . . . . . : 75.75.76.76
75.75.75.75
192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 6:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:24c0:25c0:3f57:fe8f(Preferred)
Link-local IPv6 Address . . . . . : fe80::24c0:25c0:3f57:fe8f%9(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 14:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : hsd1.mn.comcast.net.
Description . . . . . . . . . . . : isatap.hsd1.mn.comcast.net.
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: cdns02.comcast.net
Address: 75.75.76.76

Name: google.com
Addresses: 2607:f8b0:4009:803::1005
74.125.225.32
74.125.225.36
74.125.225.41
74.125.225.34
74.125.225.39
74.125.225.37
74.125.225.38
74.125.225.35
74.125.225.33
74.125.225.46
74.125.225.40



Pinging google.com [74.125.225.131] with 32 bytes of data:

Reply from 74.125.225.131: bytes=32 time=19ms TTL=55

Reply from 74.125.225.131: bytes=32 time=18ms TTL=55



Ping statistics for 74.125.225.131:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 18ms, Maximum = 19ms, Average = 18ms

Server: cdns02.comcast.net
Address: 75.75.76.76

DNS request timed out.
timeout was 2 seconds.
Name: yahoo.com
Addresses: 72.30.38.140
98.138.253.109
98.139.183.24



Pinging yahoo.com [98.139.183.24] with 32 bytes of data:

Reply from 98.139.183.24: bytes=32 time=139ms TTL=50

Reply from 98.139.183.24: bytes=32 time=142ms TTL=50



Ping statistics for 98.139.183.24:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 139ms, Maximum = 142ms, Average = 140ms

Server: cdns02.comcast.net
Address: 75.75.76.76

DNS request timed out.
timeout was 2 seconds.
Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:

Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
11 ...00 1c df 4c d2 e0 ...... Broadcom 802.11g Network Adapter
8 ...00 19 21 43 ca 68 ...... NVIDIA nForce 10/100 Mbps Ethernet
1 ........................... Software Loopback Interface 1
9 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
14 ...00 00 00 00 00 00 00 e0 isatap.hsd1.mn.comcast.net.
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.112 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.112 276
192.168.1.112 255.255.255.255 On-link 192.168.1.112 276
192.168.1.255 255.255.255.255 On-link 192.168.1.112 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.112 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.112 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
9 18 ::/0 On-link
1 306 ::1/128 On-link
9 18 2001::/32 On-link
9 266 2001:0:4137:9e76:24c0:25c0:3f57:fe8f/128
On-link
8 276 fe80::/64 On-link
9 266 fe80::/64 On-link
9 266 fe80::24c0:25c0:3f57:fe8f/128
On-link
8 276 fe80::fd34:1cd:9e3c:550/128
On-link
1 306 ff00::/8 On-link
9 266 ff00::/8 On-link
8 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/19/2012 04:02:06 PM) (Source: Application Error) (User: )
Description: Faulting application HpqSRmon.exe, version 10.0.0.202, time stamp 0x46c64b4e, faulting module HpqSRmon.exe, version 10.0.0.202, time stamp 0x46c64b4e, exception code 0xc0000005, fault offset 0x000032db,
process id 0xa24, application start time 0xHpqSRmon.exe0.

Error: (09/17/2012 09:24:14 PM) (Source: EventSystem) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (09/17/2012 11:33:26 AM) (Source: Application Error) (User: )
Description: Faulting application HpqSRmon.exe, version 10.0.0.202, time stamp 0x46c64b4e, faulting module HpqSRmon.exe, version 10.0.0.202, time stamp 0x46c64b4e, exception code 0xc0000005, fault offset 0x000032db,
process id 0xcc0, application start time 0xHpqSRmon.exe0.

Error: (09/15/2012 03:12:45 PM) (Source: Application Error) (User: )
Description: Faulting application HpqSRmon.exe, version 10.0.0.202, time stamp 0x46c64b4e, faulting module HpqSRmon.exe, version 10.0.0.202, time stamp 0x46c64b4e, exception code 0xc0000005, fault offset 0x000032db,
process id 0x9d8, application start time 0xHpqSRmon.exe0.

Error: (09/13/2012 06:28:19 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6583

Error: (09/13/2012 06:28:19 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6583

Error: (09/13/2012 06:28:19 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/09/2012 03:26:04 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {42a42bd8-e58a-45be-8949-b044554c17e0}

Error: (09/08/2012 07:49:37 PM) (Source: Application Error) (User: )
Description: Faulting application chrome.exe, version 21.0.1180.89, time stamp 0x503ebf10, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000005, fault offset 0x732e6874,
process id 0x144, application start time 0xchrome.exe0.

Error: (09/07/2012 06:22:42 PM) (Source: Application Error) (User: )
Description: Faulting application HpqSRmon.exe, version 10.0.0.202, time stamp 0x46c64b4e, faulting module HpqSRmon.exe, version 10.0.0.202, time stamp 0x46c64b4e, exception code 0xc0000005, fault offset 0x000032db,
process id 0x9ac, application start time 0xHpqSRmon.exe0.


System errors:
=============
Error: (09/19/2012 04:04:14 PM) (Source: Service Control Manager) (User: )
Description: HP CUE DeviceDiscovery Service

Error: (09/18/2012 04:03:58 PM) (Source: Service Control Manager) (User: )
Description: Windows Update

Error: (09/18/2012 03:57:54 PM) (Source: Service Control Manager) (User: )
Description: HP CUE DeviceDiscovery Service

Error: (09/17/2012 09:29:13 PM) (Source: RasMan) (User: )
Description: Remote Access Connection Manager failed to start because it could not register with the local security authority. Try restarting the Remote Access Connection Manager service. If the problem persists, contact the system administrator. Incorrect function.

Error: (09/17/2012 09:29:09 PM) (Source: Service Control Manager) (User: )
Description: HP CUE DeviceDiscovery Service

Error: (09/17/2012 09:25:11 PM) (Source: Service Control Manager) (User: )
Description: Network List ServiceNetwork Location Awareness%%1068

Error: (09/17/2012 09:25:02 PM) (Source: Service Control Manager) (User: )
Description: Network List ServiceNetwork Location Awareness%%1068

Error: (09/17/2012 09:25:02 PM) (Source: Service Control Manager) (User: )
Description: Network List ServiceNetwork Location Awareness%%1068

Error: (09/17/2012 09:25:02 PM) (Source: Service Control Manager) (User: )
Description: Network List ServiceNetwork Location Awareness%%1068

Error: (09/17/2012 09:25:02 PM) (Source: Service Control Manager) (User: )
Description: AFD
DfsC
NetBIOS
netbt
nsiproxy
PSched
RasAcd
rdbss
Smb
spldr
tdx
Wanarpv6


Microsoft Office Sessions:
=========================
Error: (01/11/2012 09:18:17 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 367 seconds with 120 seconds of active time. This session ended with a crash.

Error: (12/14/2010 05:30:35 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 3242 seconds with 900 seconds of active time. This session ended with a crash.

Error: (10/20/2010 05:10:36 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 2 seconds with 0 seconds of active time. This session ended with a crash.

Error: (10/20/2010 05:10:16 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 201 seconds with 120 seconds of active time. This session ended with a crash.

Error: (10/20/2010 05:02:49 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 2 seconds with 0 seconds of active time. This session ended with a crash.

Error: (10/20/2010 05:02:38 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 144 seconds with 120 seconds of active time. This session ended with a crash.

Error: (10/20/2010 04:58:56 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 209 seconds with 180 seconds of active time. This session ended with a crash.

Error: (10/05/2010 07:39:29 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 83 seconds with 60 seconds of active time. This session ended with a crash.

Error: (10/05/2010 05:31:43 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 16 seconds with 0 seconds of active time. This session ended with a crash.

Error: (10/05/2010 05:31:19 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 43 seconds with 0 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
32 Bit HP CIO Components Installer (Version: 2.1.0)
ActiveCheck component for HP Active Support Library (Version: 3.0.0.2)
Adobe AIR (Version: 1.5.3.9120)
Adobe Download Manager (Version: 1.6.2.53)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.271)
Adobe Reader X (10.1.4) (Version: 10.1.4)
Adobe Shockwave Player 11.5 (Version: 11.5.2.602)
AIO_Scan (Version: 100.0.206.000)
AnswerWorks 4.0 Runtime - English (Version: 4.0.101)
AnswerWorks 5.0 English Runtime (Version: 008.000.0003)
AOL Uninstaller (Choose which Products to Remove)
Apple Application Support (Version: 2.1.9)
Apple Mobile Device Support (Version: 5.2.0.6)
Apple Software Update (Version: 2.1.3.127)
ArcSoft Print Creations - Album Page
ArcSoft Print Creations - Funhouse
ArcSoft Print Creations - Greeting Card
ArcSoft Print Creations - Photo Book
ArcSoft Print Creations - Photo Calendar
ArcSoft Print Creations - Scrapbook
ArcSoft Print Creations - Slimline Card
ArcSoft Print Creations (Version: 2.8.255.384)
Ask.com Toolbar (Version: 1.2.1.0)
Bonjour (Version: 3.0.0.10)
BufferChm (Version: 100.0.170.000)
C6200 (Version: 100.0.206.000)
C6200_Help (Version: 100.0.206.000)
C6200_Help (Version: 90.0.189.000)
Cards_Calendar_OrderGift_DoMorePlugout (Version: 1.00.0000)
CCScore (Version: 7.00.0000.0001)
Chief Architect X2 Viewer (Version: 12.6.0.23)
Cisco Connect (Version: 1.4.11299.0)
Copy (Version: 100.0.170.000)
Coupon Printer for Windows (Version: 4.0)
Coupon Printer for Windows (Version: 5.0.0.1)
D3DX10 (Version: 15.4.2368.0902)
Destination Component (Version: 100.0.0.0)
DeviceDiscovery (Version: 100.0.190.000)
DocProc (Version: 10.0.0.0)
EA Download Manager (Version: 6.0.0.93)
EA Download Manager UI (Version: 6.0.0)
EA Download Manager UI (Version: 6.0.0.93)
ESSBrwr (Version: 8.00.0000.0001)
ESSCDBK (Version: 8.00.0000.0001)
ESScore (Version: 8.00.0000.0001)
ESSgui (Version: 8.00.0000.0001)
ESSini (Version: 8.00.0000.0001)
ESSPCD (Version: 7.01.0000.0001)
ESSPDock (Version: 6.03.0001.0004)
ESSTOOLS (Version: 5.00.0000.0004)
essvatgt (Version: 8.00.0000.0001)
Fax (Version: 100.0.187.000)
fflink (Version: 6.02.1001.0001)
Forces in 1 Dimension
GIMP 2.8.2 (Version: 2.8.2)
Google Chrome (Version: 21.0.1180.89)
Google Earth (Version: 6.1.0.5001)
Google Toolbar for Firefox (Version: 7.1.20101113)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3203.136)
Google Update Helper (Version: 1.3.21.123)
Google Updater (Version: 2.4.2432.1652)
GPBaseService (Version: 100.0.187.000)
Hardware Diagnostic Tools (Version: 5.00.4558.05)
HP Active Support Library (Version: 3.1.6.1)
HP Active Support Library 32 bit components (Version: 2.1.0)
HP Customer Experience Enhancements (Version: 5.2.0.2296)
HP Customer Feedback (Version: 1.0.0)
HP Customer Participation Program 10.0 (Version: 10.0)
HP Imaging Device Functions 10.0 (Version: 10.0)
HP On-Screen Cap/Num/Scroll Lock Indicator
HP Photosmart All-In-One Driver Software 10.0 Rel .2 (Version: 10.0)
HP Photosmart Essential 2.5 (Version: 1.02.0000)
HP Photosmart Essential 2.5 (Version: 2.5)
HP Smart Web Printing (Version: 2.15.7.0)
HP Solution Center 10.0 (Version: 10.0)
HP Total Care Advisor (Version: 1.2.13)
HP Update (Version: 4.000.007.003)
HPAsset component for HP Active Support Library (Version: 3.0.0.7)
HPPhotoSmartDiscLabel_PaperLabel (Version: 2.02.0000)
HPPhotoSmartDiscLabel_PrintOnDisc (Version: 2.02.0000)
HPPhotoSmartDiscLabelContent1 (Version: 2.02.0000)
hpphotosmartdisclabelplugin (Version: 2.02.0000)
HPPhotoSmartPhotobookWebPack1 (Version: 1.00.0000)
HPProductAssistant (Version: 100.0.170.000)
HPSSupply (Version: 100.0.170.000)
iCloud (Version: 1.1.0.40)
iSEEK AnswerWorks English Runtime (Version: 010.000.0101)
iTunes (Version: 10.6.3.25)
Java Auto Updater (Version: 2.1.6.0)
Java™ 7 Update 5 (Version: 7.0.50)
Java™ SE Runtime Environment 6 Update 1 (Version: 1.6.0.10)
JavaFX 2.1.1 (Version: 2.1.1)
Junk Mail filter update (Version: 15.4.3502.0922)
Kodak EasyShare software
Learn2 Player (Uninstall Only)
LightScribe 1.8.15.1 (Version: 1.8.15.1)
Logger Pro 3.8.4 (Version: 5.11.384)
Logitech Unifying Software 2.00 (Version: 2.00.43)
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
MarketResearch (Version: 100.0.170.000)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Flight Simulator X (Version: 10.0.61355.0)
Microsoft Flight Simulator X Service Pack 1 (Version: 10.0.61355.0)
Microsoft Flight Simulator X Service Pack 2 (Version: 10.0.61472.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office Home and Student 60 day trial
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Works (Version: 08.05.0818)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
MobileMe Control Panel (Version: 3.1.8.0)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 and SOAP Toolkit 3.0 (Version: 1.0.0.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
netbrdg (Version: 7.01.0000.0001)
Norton Security Scan (Version: 3.0.1.8)
NVIDIA Drivers (Version: 1.10)
OCR Software by I.R.I.S. 10.0 (Version: 10.0)
OfotoXMI (Version: 7.02.0000.0001)
OLYMPUS Master 2 (Version: 1.0.10)
OLYMPUS muvee theaterPack (Version: 1.0.7)
PanoStandAlone (Version: 100.0.170.000)
PS_AIO_02_ProductContext (Version: 100.0.206.000)
PS_AIO_02_Software (Version: 100.0.206.000)
PS_AIO_02_Software_Min (Version: 100.0.206.000)
PSSWCORE (Version: 2.02.0000)
Python 2.5 (Version: 2.5.150)
Quicken 2012 (Version: 21.1.7.18)
QuickTime (Version: 7.72.80.56)
REA's TESTware for the AP United States History (Version: 1.4.5)
RealPlayer Basic
Realtek High Definition Audio Driver (Version: 6.0.1.5789)
Rhapsody Player Engine (Version: 1.0.604)
Roxio Activation Module (Version: 1.0)
Roxio Creator Audio (Version: 3.4.0)
Roxio Creator Basic v9 (Version: 3.4.0)
Roxio Creator Copy (Version: 3.4.0)
Roxio Creator Data (Version: 3.4.0)
Roxio Creator EasyArchive (Version: 3.4.0)
Roxio Creator Tools (Version: 3.4.0)
Roxio Express Labeler 3 (Version: 3.2.1)
Roxio MyDVD Basic v9 (Version: 9.0.572)
RTC Client API v1.2 (Version: 1.2.0000)
Safari (Version: 5.34.57.2)
Scan (Version: 10.1.0.0)
Segoe UI (Version: 15.4.2271.0615)
SES Driver (Version: 1.0.0)
SFR (Version: 7.01.0000.0003)
SHASTA (Version: 7.01.0000.0001)
Shop for HP Supplies (Version: 10.0)
skin0001 (Version: 8.00.0000.0001)
SKINXSDK (Version: 7.01.0000.0001)
SmartMusic 11 (Version: 11.0.1)
Soft Data Fax Modem with SmartCP (Version: 7.74.00)
SolutionCenter (Version: 100.0.175.000)
Spelling Dictionaries Support For Adobe Reader 8 (Version: 8.0.0)
staticcr (Version: 8.00.0000.0001)
Status (Version: 100.0.175.000)
The Sims™ 2 Deluxe
The Sims™ 3 (Version: 1.8.25)
Toolbox (Version: 100.0.170.000)
TrayApp (Version: 100.0.170.000)
Trend Micro AntiVirus (Version: 16.10)
UnloadSupport (Version: 10.0.0)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VideoToolkit01 (Version: 100.0.128.000)
Viewpoint Media Player
VPRINTOL (Version: 7.01.0000.0001)
WeatherBug Gadget (Version: 1.0.0.6)
WebReg (Version: 100.0.170.000)
Webroot SecureAnywhere (Version: 8.0.1.233)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3508.1109)
Windows Live Family Safety (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WIRELESS (Version: 7.02.0000.0001)
Yahoo! Toolbar
YouTube Downloader 2.7.2

========================= Memory info: ===================================

Percentage of memory in use: 60%
Total physical RAM: 1917.76 MB
Available physical RAM: 764.43 MB
Total Pagefile: 4082.05 MB
Available Pagefile: 2736.99 MB
Total Virtual: 2047.88 MB
Available Virtual: 1945.95 MB

========================= Partitions: =====================================

1 Drive c: (HP) (Fixed) (Total:326.48 GB) (Free:182.56 GB) NTFS
2 Drive d: (FACTORY_IMAGE) (Fixed) (Total:8.87 GB) (Free:1.2 GB) NTFS

========================= Users: ========================================

User accounts for \\JOHN-PC

Administrator Guest John


**** End of log ****

#13 R0D3R1CK

R0D3R1CK
  • Topic Starter

  • Members
  • 623 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:04 PM

Posted 19 September 2012 - 06:14 PM

And FSS

Farbar Service Scanner Version: 19-09-2012
Ran by John (administrator) on 19-09-2012 at 18:13:07
Running from "C:\Users\John\Desktop"
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll
[2008-07-25 17:53] - [2008-01-19 02:34] - 0288256 ____A (Microsoft Corporation) E1499BD0FF76B1B2FBBF1AF339D91165

C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

#14 R0D3R1CK

R0D3R1CK
  • Topic Starter

  • Members
  • 623 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:04 PM

Posted 19 September 2012 - 06:21 PM

Urgent Update: Webroot SecureAnywhere has detected c:\users\john\downloads\43db.tmp and automatically quarantined it.

I performed a scan with it afterward and it did not find anything else.

I will now proceed with running Adware Cleaner

EDIT
It appears that whenever I click the link you provided for Adware Cleaner, Webroot detects an item [this time, c:\users\john\downloads\7071.tmp]. Even though I have not yet downloaded Adware Cleaner.

At this time, I will not be running Adware Cleaner until further input from you.

Edited by R0D3R1CK, 19 September 2012 - 06:24 PM.


#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:04 PM

Posted 19 September 2012 - 07:16 PM

Disable webroot and download it




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users