Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Cannot run or install any type of antivirus software and getting google redirects


  • Please log in to reply
19 replies to this topic

#1 rade2rising

rade2rising

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:09:10 AM

Posted 21 October 2012 - 08:01 AM

well not sure where to start. My antivirus subscription expired and well I made big mistake of leaving the machine unprotected and I got infected with god knows what. I notice I am getting google re directs like crazy so I went and try to run trend micro online version but it will not run giving an error that window installer cannot be started. So I downloaded and try to install trend micro same errors. The computer is running crazy slow and I know I am infected I am just completely clue less what is going on. I hope this is the right forum I posted this topic if not can someone please move it? thank you I appreciate it.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:10 AM

Posted 21 October 2012 - 09:59 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 rade2rising

rade2rising
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:09:10 AM

Posted 21 October 2012 - 10:30 AM

Hi, thanks for assisting me.

I ran TDSSKILLER and it detected nothing. you still want me to post the log here? It is quite long.

Am running aswMBR right now and looks like something is coming up in red color. Should i click fix MBR? then save log?

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:10 AM

Posted 21 October 2012 - 10:54 AM

Do not click on FIX MBR.Just follow my instructions :)

#5 rade2rising

rade2rising
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:09:10 AM

Posted 21 October 2012 - 11:07 AM

11:02:53.0601 4364 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
11:02:53.0942 4364 ============================================================
11:02:53.0942 4364 Current date / time: 2012/10/21 11:02:53.0942
11:02:53.0942 4364 SystemInfo:
11:02:53.0942 4364
11:02:53.0942 4364 OS Version: 6.0.6002 ServicePack: 2.0
11:02:53.0942 4364 Product type: Workstation
11:02:53.0942 4364 ComputerName: HOMECOMPUTER
11:02:53.0943 4364 UserName: Luis
11:02:53.0943 4364 Windows directory: C:\Windows
11:02:53.0943 4364 System windows directory: C:\Windows
11:02:53.0943 4364 Processor architecture: Intel x86
11:02:53.0943 4364 Number of processors: 2
11:02:53.0943 4364 Page size: 0x1000
11:02:53.0943 4364 Boot type: Normal boot
11:02:53.0943 4364 ============================================================
11:02:55.0726 4364 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xFC59, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000050
11:02:55.0808 4364 ============================================================
11:02:55.0808 4364 \Device\Harddisk0\DR0:
11:02:55.0829 4364 MBR partitions:
11:02:55.0829 4364 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3908F7C1
11:02:55.0829 4364 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x3908F800, BlocksNum 0x12F5800
11:02:55.0829 4364 ============================================================
11:02:55.0879 4364 C: <-> \Device\Harddisk0\DR0\Partition1
11:02:55.0926 4364 D: <-> \Device\Harddisk0\DR0\Partition2
11:02:55.0949 4364 ============================================================
11:02:55.0950 4364 Initialize success
11:02:55.0950 4364 ============================================================
11:03:24.0731 8856 ============================================================
11:03:24.0731 8856 Scan started
11:03:24.0731 8856 Mode: Manual; TDLFS;
11:03:24.0731 8856 ============================================================
11:03:26.0612 8856 ================ Scan system memory ========================
11:03:26.0612 8856 System memory - ok
11:03:26.0613 8856 ================ Scan services =============================
11:03:26.0782 8856 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
11:03:26.0788 8856 ACPI - ok
11:03:26.0876 8856 [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
11:03:26.0878 8856 AdobeARMservice - ok
11:03:26.0925 8856 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
11:03:26.0943 8856 adp94xx - ok
11:03:26.0994 8856 [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci C:\Windows\system32\drivers\adpahci.sys
11:03:27.0002 8856 adpahci - ok
11:03:27.0028 8856 [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
11:03:27.0032 8856 adpu160m - ok
11:03:27.0055 8856 [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320 C:\Windows\system32\drivers\adpu320.sys
11:03:27.0060 8856 adpu320 - ok
11:03:27.0093 8856 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
11:03:27.0094 8856 AeLookupSvc - ok
11:03:27.0149 8856 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
11:03:27.0154 8856 AFD - ok
11:03:27.0174 8856 [ EF23439CDD587F64C2C1B8825CEAD7D8 ] agp440 C:\Windows\system32\drivers\agp440.sys
11:03:27.0176 8856 agp440 - ok
11:03:27.0200 8856 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
11:03:27.0203 8856 aic78xx - ok
11:03:27.0241 8856 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
11:03:27.0243 8856 ALG - ok
11:03:27.0262 8856 [ 90395B64600EBB4552E26E178C94B2E4 ] aliide C:\Windows\system32\drivers\aliide.sys
11:03:27.0263 8856 aliide - ok
11:03:27.0303 8856 [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
11:03:27.0305 8856 amdagp - ok
11:03:27.0334 8856 [ 0577DF1D323FE75A739C787893D300EA ] amdide C:\Windows\system32\drivers\amdide.sys
11:03:27.0336 8856 amdide - ok
11:03:27.0362 8856 [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
11:03:27.0364 8856 AmdK7 - ok
11:03:27.0396 8856 [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
11:03:27.0397 8856 AmdK8 - ok
11:03:27.0468 8856 [ 85180CF88C5EBAD73B452A43A004CA51 ] AOL ACS C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
11:03:27.0471 8856 AOL ACS - ok
11:03:27.0503 8856 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
11:03:27.0505 8856 Appinfo - ok
11:03:27.0525 8856 [ 5F673180268BB1FDB69C99B6619FE379 ] arc C:\Windows\system32\drivers\arc.sys
11:03:27.0528 8856 arc - ok
11:03:27.0553 8856 [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas C:\Windows\system32\drivers\arcsas.sys
11:03:27.0555 8856 arcsas - ok
11:03:27.0591 8856 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
11:03:27.0592 8856 AsyncMac - ok
11:03:27.0644 8856 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
11:03:27.0645 8856 atapi - ok
11:03:27.0703 8856 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:03:27.0709 8856 AudioEndpointBuilder - ok
11:03:27.0722 8856 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
11:03:27.0726 8856 Audiosrv - ok
11:03:27.0770 8856 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
11:03:27.0771 8856 Beep - ok
11:03:27.0833 8856 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
11:03:27.0840 8856 BFE - ok
11:03:27.0940 8856 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll
11:03:27.0954 8856 BITS - ok
11:03:27.0963 8856 blbdrive - ok
11:03:28.0019 8856 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
11:03:28.0022 8856 bowser - ok
11:03:28.0055 8856 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
11:03:28.0056 8856 BrFiltLo - ok
11:03:28.0085 8856 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
11:03:28.0086 8856 BrFiltUp - ok
11:03:28.0122 8856 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
11:03:28.0124 8856 Browser - ok
11:03:28.0150 8856 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
11:03:28.0153 8856 Brserid - ok
11:03:28.0176 8856 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
11:03:28.0178 8856 BrSerWdm - ok
11:03:28.0203 8856 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
11:03:28.0204 8856 BrUsbMdm - ok
11:03:28.0219 8856 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
11:03:28.0220 8856 BrUsbSer - ok
11:03:28.0242 8856 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
11:03:28.0244 8856 BTHMODEM - ok
11:03:28.0284 8856 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
11:03:28.0286 8856 cdfs - ok
11:03:28.0312 8856 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
11:03:28.0314 8856 cdrom - ok
11:03:28.0346 8856 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
11:03:28.0348 8856 CertPropSvc - ok
11:03:28.0392 8856 [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass C:\Windows\system32\drivers\circlass.sys
11:03:28.0394 8856 circlass - ok
11:03:28.0449 8856 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
11:03:28.0454 8856 CLFS - ok
11:03:28.0488 8856 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:03:28.0492 8856 clr_optimization_v2.0.50727_32 - ok
11:03:28.0507 8856 [ 45201046C776FFDAF3FC8A0029C581C8 ] cmdide C:\Windows\system32\drivers\cmdide.sys
11:03:28.0509 8856 cmdide - ok
11:03:28.0518 8856 [ 82B8C91D327CFECF76CB58716F7D4997 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
11:03:28.0521 8856 Compbatt - ok
11:03:28.0531 8856 COMSysApp - ok
11:03:28.0553 8856 [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
11:03:28.0555 8856 crcdisk - ok
11:03:28.0578 8856 [ 22A7F883508176489F559EE745B5BF5D ] Crusoe C:\Windows\system32\drivers\crusoe.sys
11:03:28.0580 8856 Crusoe - ok
11:03:28.0641 8856 [ FB27772BEAF8E1D28CCD825C09DA939B ] CryptSvc C:\Windows\system32\cryptsvc.dll
11:03:28.0644 8856 CryptSvc - ok
11:03:28.0719 8856 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
11:03:28.0730 8856 DcomLaunch - ok
11:03:28.0786 8856 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
11:03:28.0788 8856 DfsC - ok
11:03:28.0892 8856 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
11:03:28.0922 8856 DFSR - ok
11:03:29.0007 8856 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
11:03:29.0012 8856 Dhcp - ok
11:03:29.0045 8856 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
11:03:29.0047 8856 disk - ok
11:03:29.0100 8856 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
11:03:29.0103 8856 Dnscache - ok
11:03:29.0165 8856 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
11:03:29.0169 8856 dot3svc - ok
11:03:29.0194 8856 [ 4F59C172C094E1A1D46463A8DC061CBD ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
11:03:29.0197 8856 Dot4 - ok
11:03:29.0234 8856 [ 80BF3BA09F6F2523C8F6B7CC6DBF7BD5 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
11:03:29.0236 8856 Dot4Print - ok
11:03:29.0254 8856 [ C55004CA6B419B6695970DFE849B122F ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
11:03:29.0256 8856 dot4usb - ok
11:03:29.0290 8856 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
11:03:29.0319 8856 DPS - ok
11:03:29.0338 8856 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
11:03:29.0340 8856 drmkaud - ok
11:03:29.0398 8856 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
11:03:29.0410 8856 DXGKrnl - ok
11:03:29.0440 8856 [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
11:03:29.0444 8856 E1G60 - ok
11:03:29.0468 8856 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
11:03:29.0472 8856 EapHost - ok
11:03:29.0536 8856 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
11:03:29.0540 8856 Ecache - ok
11:03:29.0585 8856 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
11:03:29.0591 8856 ehRecvr - ok
11:03:29.0618 8856 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
11:03:29.0622 8856 ehSched - ok
11:03:29.0632 8856 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
11:03:29.0637 8856 ehstart - ok
11:03:29.0656 8856 [ 9C64C2A950195F9BC3A09A499648B01C ] ElRawDisk C:\Windows\system32\drivers\elrawdsk.sys
11:03:29.0658 8856 ElRawDisk - ok
11:03:29.0689 8856 [ E8F3F21A71720C84BCF423B80028359F ] elxstor C:\Windows\system32\drivers\elxstor.sys
11:03:29.0695 8856 elxstor - ok
11:03:29.0762 8856 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
11:03:29.0771 8856 EMDMgmt - ok
11:03:29.0836 8856 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
11:03:29.0842 8856 EventSystem - ok
11:03:29.0902 8856 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
11:03:29.0905 8856 exfat - ok
11:03:29.0993 8856 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
11:03:29.0997 8856 fastfat - ok
11:03:30.0034 8856 [ 63BDADA84951B9C03E641800E176898A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
11:03:30.0036 8856 fdc - ok
11:03:30.0067 8856 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
11:03:30.0069 8856 fdPHost - ok
11:03:30.0096 8856 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
11:03:30.0099 8856 FDResPub - ok
11:03:30.0129 8856 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
11:03:30.0131 8856 FileInfo - ok
11:03:30.0157 8856 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
11:03:30.0159 8856 Filetrace - ok
11:03:30.0183 8856 [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
11:03:30.0185 8856 flpydisk - ok
11:03:30.0243 8856 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
11:03:30.0246 8856 FltMgr - ok
11:03:30.0323 8856 [ 452FEAAB2A8DBB42ED751754CB2594F5 ] FontCache C:\Windows\system32\FntCache.dll
11:03:30.0336 8856 FontCache - ok
11:03:30.0418 8856 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
11:03:30.0420 8856 FontCache3.0.0.0 - ok
11:03:30.0455 8856 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
11:03:30.0456 8856 Fs_Rec - ok
11:03:30.0493 8856 [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
11:03:30.0496 8856 gagp30kx - ok
11:03:30.0558 8856 [ 44D07E5A444692E9B6A5CDD7401B4402 ] GameConsoleService C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
11:03:30.0563 8856 GameConsoleService - ok
11:03:30.0627 8856 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
11:03:30.0639 8856 gpsvc - ok
11:03:30.0683 8856 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
11:03:30.0687 8856 gupdate - ok
11:03:30.0695 8856 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
11:03:30.0698 8856 gupdatem - ok
11:03:30.0741 8856 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
11:03:30.0748 8856 gusvc - ok
11:03:30.0778 8856 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:03:30.0784 8856 HdAudAddService - ok
11:03:30.0822 8856 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
11:03:30.0832 8856 HDAudBus - ok
11:03:30.0865 8856 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
11:03:30.0867 8856 HidBth - ok
11:03:30.0889 8856 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
11:03:30.0891 8856 HidIr - ok
11:03:30.0941 8856 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll
11:03:30.0944 8856 hidserv - ok
11:03:30.0992 8856 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
11:03:30.0993 8856 HidUsb - ok
11:03:31.0035 8856 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
11:03:31.0039 8856 hkmsvc - ok
11:03:31.0093 8856 [ 0D26C438E2938A3E6BDD91173BC96FF0 ] HP Health Check Service c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
11:03:31.0095 8856 HP Health Check Service - ok
11:03:31.0122 8856 [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
11:03:31.0125 8856 HpCISSs - ok
11:03:31.0176 8856 [ 58D4765AB87347DB835D5693ADF652C1 ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
11:03:31.0181 8856 hpqcxs08 - ok
11:03:31.0199 8856 [ 99ED733F614660EB32199BF889DFB7E2 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
11:03:31.0202 8856 hpqddsvc - ok
11:03:31.0541 8856 [ 88749FBF8BEB18C90E7D6626C8C1910B ] HSF_DP C:\Windows\system32\DRIVERS\HSX_DP.sys
11:03:31.0559 8856 HSF_DP - ok
11:03:31.0590 8856 [ FE440536BD98AF772130DC3A6FE1915F ] HSXHWBS2 C:\Windows\system32\DRIVERS\HSXHWBS2.sys
11:03:31.0596 8856 HSXHWBS2 - ok
11:03:31.0616 8856 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
11:03:31.0624 8856 HTTP - ok
11:03:31.0650 8856 [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp C:\Windows\system32\drivers\i2omp.sys
11:03:31.0652 8856 i2omp - ok
11:03:31.0710 8856 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
11:03:31.0719 8856 i8042prt - ok
11:03:31.0746 8856 [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
11:03:31.0753 8856 iaStorV - ok
11:03:31.0923 8856 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:03:31.0955 8856 idsvc - ok
11:03:31.0993 8856 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
11:03:32.0004 8856 iirsp - ok
11:03:32.0089 8856 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
11:03:32.0104 8856 IKEEXT - ok
11:03:32.0564 8856 [ EFAD2BC74D06C5F53FA64B6DD6DBB459 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
11:03:32.0598 8856 IntcAzAudAddService - ok
11:03:32.0655 8856 [ 97469037714070E45194ED318D636401 ] intelide C:\Windows\system32\drivers\intelide.sys
11:03:32.0658 8856 intelide - ok
11:03:32.0714 8856 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
11:03:32.0715 8856 intelppm - ok
11:03:32.0755 8856 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
11:03:32.0781 8856 IPBusEnum - ok
11:03:32.0826 8856 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:03:32.0829 8856 IpFilterDriver - ok
11:03:32.0869 8856 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
11:03:32.0875 8856 iphlpsvc - ok
11:03:32.0888 8856 IpInIp - ok
11:03:32.0913 8856 [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
11:03:32.0916 8856 IPMIDRV - ok
11:03:32.0994 8856 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
11:03:33.0014 8856 IPNAT - ok
11:03:33.0059 8856 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
11:03:33.0061 8856 IRENUM - ok
11:03:33.0099 8856 [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp C:\Windows\system32\drivers\isapnp.sys
11:03:33.0122 8856 isapnp - ok
11:03:33.0164 8856 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
11:03:33.0169 8856 iScsiPrt - ok
11:03:33.0193 8856 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
11:03:33.0195 8856 iteatapi - ok
11:03:33.0217 8856 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
11:03:33.0220 8856 iteraid - ok
11:03:33.0274 8856 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
11:03:33.0277 8856 kbdclass - ok
11:03:33.0296 8856 [ D2600CB17B7408B4A83F231DC9A11AC3 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
11:03:33.0298 8856 kbdhid - ok
11:03:33.0370 8856 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
11:03:33.0378 8856 KeyIso - ok
11:03:33.0477 8856 [ 2B2F1638466E8CB091400C9019CC730E ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
11:03:33.0486 8856 KSecDD - ok
11:03:33.0562 8856 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
11:03:33.0575 8856 KtmRm - ok
11:03:33.0632 8856 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll
11:03:33.0642 8856 LanmanServer - ok
11:03:33.0668 8856 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:03:33.0677 8856 LanmanWorkstation - ok
11:03:33.0719 8856 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
11:03:33.0728 8856 lltdio - ok
11:03:33.0761 8856 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
11:03:33.0768 8856 lltdsvc - ok
11:03:33.0798 8856 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
11:03:33.0802 8856 lmhosts - ok
11:03:33.0840 8856 [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
11:03:33.0855 8856 LSI_FC - ok
11:03:33.0880 8856 [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
11:03:33.0883 8856 LSI_SAS - ok
11:03:33.0900 8856 [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
11:03:33.0904 8856 LSI_SCSI - ok
11:03:33.0950 8856 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
11:03:33.0958 8856 luafv - ok
11:03:34.0028 8856 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
11:03:34.0033 8856 Mcx2Svc - ok
11:03:34.0062 8856 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
11:03:34.0064 8856 mdmxsdk - ok
11:03:34.0086 8856 [ D153B14FC6598EAE8422A2037553ADCE ] megasas C:\Windows\system32\drivers\megasas.sys
11:03:34.0089 8856 megasas - ok
11:03:34.0113 8856 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
11:03:34.0116 8856 MMCSS - ok
11:03:34.0152 8856 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
11:03:34.0164 8856 Modem - ok
11:03:34.0232 8856 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
11:03:34.0243 8856 monitor - ok
11:03:34.0251 8856 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
11:03:34.0256 8856 mouclass - ok
11:03:34.0288 8856 [ A3A6DFF7E9E757DB3DF51A833BC28885 ] mouhid C:\Windows\system32\drivers\mouhid.sys
11:03:34.0289 8856 mouhid - ok
11:03:34.0327 8856 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
11:03:34.0329 8856 MountMgr - ok
11:03:34.0358 8856 [ 583A41F26278D9E0EA548163D6139397 ] mpio C:\Windows\system32\drivers\mpio.sys
11:03:34.0360 8856 mpio - ok
11:03:34.0380 8856 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
11:03:34.0382 8856 mpsdrv - ok
11:03:34.0448 8856 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
11:03:34.0460 8856 MpsSvc - ok
11:03:34.0486 8856 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
11:03:34.0489 8856 Mraid35x - ok
11:03:34.0548 8856 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
11:03:34.0559 8856 MRxDAV - ok
11:03:34.0612 8856 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
11:03:34.0616 8856 mrxsmb - ok
11:03:34.0684 8856 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:03:34.0689 8856 mrxsmb10 - ok
11:03:34.0709 8856 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:03:34.0713 8856 mrxsmb20 - ok
11:03:34.0751 8856 [ 742AED7939E734C36B7E8D6228CE26B7 ] msahci C:\Windows\system32\drivers\msahci.sys
11:03:34.0764 8856 msahci - ok
11:03:34.0794 8856 [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm C:\Windows\system32\drivers\msdsm.sys
11:03:34.0797 8856 msdsm - ok
11:03:34.0837 8856 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
11:03:34.0862 8856 MSDTC - ok
11:03:34.0911 8856 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
11:03:34.0925 8856 Msfs - ok
11:03:34.0986 8856 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
11:03:34.0987 8856 msisadrv - ok
11:03:35.0062 8856 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
11:03:35.0106 8856 MSiSCSI - ok
11:03:35.0128 8856 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
11:03:35.0131 8856 MSKSSRV - ok
11:03:35.0164 8856 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
11:03:35.0166 8856 MSPCLOCK - ok
11:03:35.0184 8856 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
11:03:35.0186 8856 MSPQM - ok
11:03:35.0266 8856 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
11:03:35.0272 8856 MsRPC - ok
11:03:35.0298 8856 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
11:03:35.0300 8856 mssmbios - ok
11:03:35.0325 8856 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
11:03:35.0327 8856 MSTEE - ok
11:03:35.0357 8856 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
11:03:35.0360 8856 Mup - ok
11:03:35.0465 8856 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
11:03:35.0479 8856 napagent - ok
11:03:35.0560 8856 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
11:03:35.0568 8856 NativeWifiP - ok
11:03:35.0598 8856 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
11:03:35.0609 8856 NDIS - ok
11:03:35.0644 8856 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
11:03:35.0653 8856 NdisTapi - ok
11:03:35.0687 8856 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
11:03:35.0689 8856 Ndisuio - ok
11:03:35.0739 8856 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
11:03:35.0746 8856 NdisWan - ok
11:03:35.0782 8856 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
11:03:35.0785 8856 NDProxy - ok
11:03:35.0819 8856 [ 949941E4DE88DF1FAF49A4B3CFFB756F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
11:03:35.0831 8856 Net Driver HPZ12 - ok
11:03:35.0880 8856 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
11:03:35.0882 8856 NetBIOS - ok
11:03:35.0949 8856 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
11:03:35.0953 8856 netbt - ok
11:03:35.0962 8856 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
11:03:35.0966 8856 Netlogon - ok
11:03:36.0047 8856 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
11:03:36.0056 8856 Netman - ok
11:03:36.0100 8856 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
11:03:36.0113 8856 netprofm - ok
11:03:36.0160 8856 [ AF14F279BF4AC27560C6BCC82CB09D24 ] netr28u C:\Windows\system32\DRIVERS\netr28u.sys
11:03:36.0186 8856 netr28u - ok
11:03:36.0234 8856 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:03:36.0243 8856 NetTcpPortSharing - ok
11:03:36.0267 8856 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
11:03:36.0270 8856 nfrd960 - ok
11:03:36.0363 8856 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
11:03:36.0370 8856 NlaSvc - ok
11:03:36.0436 8856 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
11:03:36.0439 8856 Npfs - ok
11:03:36.0473 8856 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
11:03:36.0491 8856 nsi - ok
11:03:36.0501 8856 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
11:03:36.0503 8856 nsiproxy - ok
11:03:36.0594 8856 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
11:03:36.0614 8856 Ntfs - ok
11:03:36.0647 8856 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
11:03:36.0661 8856 ntrigdigi - ok
11:03:36.0684 8856 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
11:03:36.0687 8856 Null - ok
11:03:36.0740 8856 [ B896FB556B4DC1E1D2943559EA79C5C5 ] NVENETFD C:\Windows\system32\DRIVERS\nvmfdx32.sys
11:03:36.0758 8856 NVENETFD - ok
11:03:37.0758 8856 [ 170D59B88F7C124204CA4E5F22C80480 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:03:37.0940 8856 nvlddmkm - ok
11:03:38.0012 8856 [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid C:\Windows\system32\drivers\nvraid.sys
11:03:38.0015 8856 nvraid - ok
11:03:38.0040 8856 [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor C:\Windows\system32\drivers\nvstor.sys
11:03:38.0043 8856 nvstor - ok
11:03:38.0055 8856 [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
11:03:38.0062 8856 nv_agp - ok
11:03:38.0071 8856 NwlnkFlt - ok
11:03:38.0091 8856 NwlnkFwd - ok
11:03:38.0173 8856 [ 1F0E05DFF4F5A833168E49BE1256F002 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
11:03:38.0182 8856 odserv - ok
11:03:38.0218 8856 [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
11:03:38.0221 8856 ohci1394 - ok
11:03:38.0282 8856 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:03:38.0287 8856 ose - ok
11:03:38.0358 8856 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
11:03:38.0377 8856 p2pimsvc - ok
11:03:38.0399 8856 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
11:03:38.0414 8856 p2psvc - ok
11:03:38.0444 8856 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
11:03:38.0448 8856 Parport - ok
11:03:38.0507 8856 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
11:03:38.0510 8856 partmgr - ok
11:03:38.0538 8856 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
11:03:38.0543 8856 Parvdm - ok
11:03:38.0579 8856 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
11:03:38.0583 8856 PcaSvc - ok
11:03:38.0691 8856 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
11:03:38.0720 8856 pci - ok
11:03:38.0762 8856 [ 1636D43F10416AEB483BC6001097B26C ] pciide C:\Windows\system32\drivers\pciide.sys
11:03:38.0764 8856 pciide - ok
11:03:38.0787 8856 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
11:03:38.0792 8856 pcmcia - ok
11:03:39.0155 8856 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
11:03:39.0194 8856 PEAUTH - ok
11:03:39.0653 8856 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
11:03:39.0749 8856 pla - ok
11:03:39.0912 8856 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
11:03:39.0997 8856 PlugPlay - ok
11:03:40.0069 8856 [ 2F4CA141A609CAF5C98F6E4760EF1B9B ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
11:03:40.0073 8856 Pml Driver HPZ12 - ok
11:03:40.0106 8856 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
11:03:40.0117 8856 PNRPAutoReg - ok
11:03:40.0143 8856 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
11:03:40.0152 8856 PNRPsvc - ok
11:03:40.0194 8856 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
11:03:40.0225 8856 PolicyAgent - ok
11:03:40.0277 8856 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
11:03:40.0286 8856 PptpMiniport - ok
11:03:40.0316 8856 [ 0E3CEF5D28B40CF273281D620C50700A ] Processor C:\Windows\system32\drivers\processr.sys
11:03:40.0318 8856 Processor - ok
11:03:40.0389 8856 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
11:03:40.0402 8856 ProfSvc - ok
11:03:40.0419 8856 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
11:03:40.0421 8856 ProtectedStorage - ok
11:03:40.0456 8856 [ 390C204CED3785609AB24E9C52054A84 ] Ps2 C:\Windows\system32\DRIVERS\PS2.sys
11:03:40.0468 8856 Ps2 - ok
11:03:40.0527 8856 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
11:03:40.0536 8856 PSched - ok
11:03:40.0579 8856 [ CCDAC889326317792480C0A67156A1EC ] ql2300 C:\Windows\system32\drivers\ql2300.sys
11:03:40.0594 8856 ql2300 - ok
11:03:40.0615 8856 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
11:03:40.0619 8856 ql40xx - ok
11:03:40.0673 8856 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
11:03:40.0680 8856 QWAVE - ok
11:03:40.0714 8856 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
11:03:40.0724 8856 QWAVEdrv - ok
11:03:40.0759 8856 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
11:03:40.0760 8856 RasAcd - ok
11:03:40.0789 8856 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
11:03:40.0795 8856 RasAuto - ok
11:03:40.0829 8856 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
11:03:40.0836 8856 Rasl2tp - ok
11:03:40.0942 8856 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
11:03:40.0970 8856 RasMan - ok
11:03:41.0009 8856 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
11:03:41.0011 8856 RasPppoe - ok
11:03:41.0043 8856 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
11:03:41.0045 8856 RasSstp - ok
11:03:41.0094 8856 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
11:03:41.0100 8856 rdbss - ok
11:03:41.0118 8856 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
11:03:41.0120 8856 RDPCDD - ok
11:03:41.0162 8856 [ E8BD98D46F2ED77132BA927FCCB47D8B ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
11:03:41.0168 8856 rdpdr - ok
11:03:41.0180 8856 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
11:03:41.0183 8856 RDPENCDD - ok
11:03:41.0267 8856 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
11:03:41.0286 8856 RDPWD - ok
11:03:41.0343 8856 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
11:03:41.0348 8856 RemoteAccess - ok
11:03:41.0400 8856 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
11:03:41.0421 8856 RemoteRegistry - ok
11:03:41.0461 8856 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
11:03:41.0465 8856 RpcLocator - ok
11:03:41.0511 8856 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
11:03:41.0521 8856 RpcSs - ok
11:03:41.0552 8856 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
11:03:41.0554 8856 rspndr - ok
11:03:41.0569 8856 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
11:03:41.0572 8856 SamSs - ok
11:03:41.0603 8856 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
11:03:41.0629 8856 sbp2port - ok
11:03:41.0674 8856 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
11:03:41.0680 8856 SCardSvr - ok
11:03:41.0754 8856 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
11:03:41.0769 8856 Schedule - ok
11:03:41.0789 8856 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
11:03:41.0791 8856 SCPolicySvc - ok
11:03:41.0833 8856 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
11:03:41.0841 8856 SDRSVC - ok
11:03:41.0853 8856 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
11:03:41.0855 8856 secdrv - ok
11:03:41.0886 8856 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
11:03:41.0897 8856 seclogon - ok
11:03:41.0916 8856 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
11:03:41.0921 8856 SENS - ok
11:03:41.0955 8856 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
11:03:41.0957 8856 Serenum - ok
11:03:41.0979 8856 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
11:03:41.0983 8856 Serial - ok
11:03:42.0013 8856 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
11:03:42.0028 8856 sermouse - ok
11:03:42.0118 8856 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
11:03:42.0124 8856 SessionEnv - ok
11:03:42.0147 8856 [ 51CF56AA8BCC241F134B420B8F850406 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
11:03:42.0150 8856 sffdisk - ok
11:03:42.0169 8856 [ 96DED8B20C734AC41641CE275250E55D ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
11:03:42.0171 8856 sffp_mmc - ok
11:03:42.0195 8856 [ 8B08CAB1267B2C377883FC9E56981F90 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
11:03:42.0197 8856 sffp_sd - ok
11:03:42.0219 8856 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
11:03:42.0221 8856 sfloppy - ok
11:03:42.0249 8856 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
11:03:42.0256 8856 SharedAccess - ok
11:03:42.0361 8856 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:03:42.0370 8856 ShellHWDetection - ok
11:03:42.0398 8856 [ D2A595D6EEBEEAF4334F8E50EFBC9931 ] sisagp C:\Windows\system32\drivers\sisagp.sys
11:03:42.0401 8856 sisagp - ok
11:03:42.0439 8856 [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
11:03:42.0442 8856 SiSRaid2 - ok
11:03:42.0469 8856 [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
11:03:42.0473 8856 SiSRaid4 - ok
11:03:42.0609 8856 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
11:03:42.0693 8856 slsvc - ok
11:03:42.0736 8856 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
11:03:42.0742 8856 SLUINotify - ok
11:03:42.0797 8856 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
11:03:42.0800 8856 Smb - ok
11:03:42.0839 8856 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
11:03:42.0844 8856 SNMPTRAP - ok
11:03:42.0880 8856 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
11:03:42.0883 8856 spldr - ok
11:03:42.0933 8856 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
11:03:42.0940 8856 Spooler - ok
11:03:42.0996 8856 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
11:03:43.0002 8856 srv - ok
11:03:43.0060 8856 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
11:03:43.0064 8856 srv2 - ok
11:03:43.0092 8856 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
11:03:43.0095 8856 srvnet - ok
11:03:43.0117 8856 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
11:03:43.0123 8856 SSDPSRV - ok
11:03:43.0147 8856 [ 83A1FE75211BB59645FE53E469AD61C8 ] ssfmonm C:\Windows\system32\DRIVERS\ssfmonm.sys
11:03:43.0149 8856 ssfmonm - ok
11:03:43.0157 8856 [ 6FB311640254A0FC65FC70F4F58FB9B1 ] sshrmd C:\Windows\system32\DRIVERS\sshrmd.sys
11:03:43.0160 8856 sshrmd - ok
11:03:43.0177 8856 [ 16CD11A307389DB133E08229ED300861 ] ssidrv C:\Windows\system32\DRIVERS\ssidrv.sys
11:03:43.0181 8856 ssidrv - ok
11:03:43.0217 8856 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
11:03:43.0221 8856 SstpSvc - ok
11:03:43.0287 8856 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
11:03:43.0297 8856 stisvc - ok
11:03:43.0349 8856 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
11:03:43.0350 8856 swenum - ok
11:03:43.0407 8856 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
11:03:43.0414 8856 swprv - ok
11:03:43.0441 8856 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
11:03:43.0443 8856 Symc8xx - ok
11:03:43.0451 8856 SymIM - ok
11:03:43.0465 8856 SymIMMP - ok
11:03:43.0485 8856 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
11:03:43.0487 8856 Sym_hi - ok
11:03:43.0509 8856 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
11:03:43.0511 8856 Sym_u3 - ok
11:03:43.0586 8856 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
11:03:43.0597 8856 SysMain - ok
11:03:43.0625 8856 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:03:43.0631 8856 TabletInputService - ok
11:03:43.0702 8856 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
11:03:43.0709 8856 TapiSrv - ok
11:03:43.0741 8856 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
11:03:43.0745 8856 TBS - ok
11:03:43.0815 8856 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
11:03:43.0830 8856 Tcpip - ok
11:03:43.0854 8856 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
11:03:43.0864 8856 Tcpip6 - ok
11:03:43.0903 8856 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
11:03:43.0905 8856 tcpipreg - ok
11:03:43.0942 8856 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
11:03:43.0944 8856 TDPIPE - ok
11:03:43.0964 8856 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
11:03:43.0966 8856 TDTCP - ok
11:03:44.0016 8856 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
11:03:44.0018 8856 tdx - ok
11:03:44.0072 8856 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
11:03:44.0074 8856 TermDD - ok
11:03:44.0137 8856 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
11:03:44.0149 8856 TermService - ok
11:03:44.0169 8856 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
11:03:44.0174 8856 Themes - ok
11:03:44.0197 8856 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
11:03:44.0201 8856 THREADORDER - ok
11:03:44.0326 8856 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
11:03:44.0332 8856 TrkWks - ok
11:03:44.0404 8856 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:03:44.0406 8856 TrustedInstaller - ok
11:03:44.0439 8856 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
11:03:44.0442 8856 tssecsrv - ok
11:03:44.0469 8856 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
11:03:44.0472 8856 tunmp - ok
11:03:44.0503 8856 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
11:03:44.0505 8856 tunnel - ok
11:03:44.0546 8856 [ C3ADE15414120033A36C0F293D4A4121 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
11:03:44.0549 8856 uagp35 - ok
11:03:44.0606 8856 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
11:03:44.0612 8856 udfs - ok
11:03:44.0657 8856 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
11:03:44.0662 8856 UI0Detect - ok
11:03:44.0686 8856 [ 75E6890EBFCE0841D3291B02E7A8BDB0 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
11:03:44.0689 8856 uliagpkx - ok
11:03:44.0714 8856 [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci C:\Windows\system32\drivers\uliahci.sys
11:03:44.0720 8856 uliahci - ok
11:03:44.0746 8856 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
11:03:44.0750 8856 UlSata - ok
11:03:44.0771 8856 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
11:03:44.0775 8856 ulsata2 - ok
11:03:44.0828 8856 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
11:03:44.0830 8856 umbus - ok
11:03:44.0862 8856 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
11:03:44.0871 8856 upnphost - ok
11:03:44.0929 8856 [ 32DB9517628FF0D070682AAB61E688F0 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
11:03:44.0935 8856 usbaudio - ok
11:03:44.0957 8856 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
11:03:44.0960 8856 usbccgp - ok
11:03:44.0990 8856 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
11:03:44.0993 8856 usbcir - ok
11:03:45.0029 8856 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
11:03:45.0031 8856 usbehci - ok
11:03:45.0053 8856 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
11:03:45.0059 8856 usbhub - ok
11:03:45.0072 8856 [ CE697FEE0D479290D89BEC80DFE793B7 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
11:03:45.0075 8856 usbohci - ok
11:03:45.0094 8856 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
11:03:45.0097 8856 usbprint - ok
11:03:45.0156 8856 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
11:03:45.0159 8856 usbscan - ok
11:03:45.0171 8856 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:03:45.0174 8856 USBSTOR - ok
11:03:45.0197 8856 [ 325DBBACB8A36AF9988CCF40EAC228CC ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
11:03:45.0199 8856 usbuhci - ok
11:03:45.0267 8856 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
11:03:45.0272 8856 UxSms - ok
11:03:45.0343 8856 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
11:03:45.0354 8856 vds - ok
11:03:45.0390 8856 [ 7D92BE0028ECDEDEC74617009084B5EF ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
11:03:45.0392 8856 vga - ok
11:03:45.0422 8856 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
11:03:45.0424 8856 VgaSave - ok
11:03:45.0447 8856 [ 045D9961E591CF0674A920B6BA3BA5CB ] viaagp C:\Windows\system32\drivers\viaagp.sys
11:03:45.0450 8856 viaagp - ok
11:03:45.0468 8856 [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
11:03:45.0470 8856 ViaC7 - ok
11:03:45.0493 8856 [ FD2E3175FCADA350C7AB4521DCA187EC ] viaide C:\Windows\system32\drivers\viaide.sys
11:03:45.0495 8856 viaide - ok
11:03:45.0515 8856 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
11:03:45.0517 8856 volmgr - ok
11:03:45.0577 8856 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
11:03:45.0583 8856 volmgrx - ok
11:03:45.0604 8856 [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys
11:03:45.0608 8856 volsnap - ok
11:03:45.0631 8856 [ D984439746D42B30FC65A4C3546C6829 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
11:03:45.0635 8856 vsmraid - ok
11:03:45.0708 8856 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
11:03:45.0725 8856 VSS - ok
11:03:45.0767 8856 [ C466021D31FF6C0A6069D12299D80C0B ] VSTHWBS2 C:\Windows\system32\DRIVERS\VSTBS23.SYS
11:03:45.0772 8856 VSTHWBS2 - ok
11:03:45.0835 8856 [ EC36F1D542ED4252390D446BF6D4DFD0 ] VST_DPV C:\Windows\system32\DRIVERS\VSTDPV3.SYS
11:03:45.0852 8856 VST_DPV - ok
11:03:45.0915 8856 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
11:03:45.0923 8856 W32Time - ok
11:03:45.0952 8856 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
11:03:45.0954 8856 WacomPen - ok
11:03:45.0994 8856 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
11:03:45.0996 8856 Wanarp - ok
11:03:46.0003 8856 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
11:03:46.0005 8856 Wanarpv6 - ok
11:03:46.0034 8856 [ 0A716C08CB13C3A8F4F51E882DBF7416 ] wanatw C:\Windows\system32\DRIVERS\wanatw4.sys
11:03:46.0036 8856 wanatw - ok
11:03:46.0096 8856 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
11:03:46.0106 8856 wcncsvc - ok
11:03:46.0135 8856 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:03:46.0139 8856 WcsPlugInService - ok
11:03:46.0169 8856 [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd C:\Windows\system32\drivers\wd.sys
11:03:46.0171 8856 Wd - ok
11:03:46.0218 8856 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
11:03:46.0227 8856 Wdf01000 - ok
11:03:46.0256 8856 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
11:03:46.0261 8856 WdiServiceHost - ok
11:03:46.0269 8856 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
11:03:46.0274 8856 WdiSystemHost - ok
11:03:46.0342 8856 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
11:03:46.0348 8856 WebClient - ok
11:03:46.0514 8856 [ 8C4EAEE6D0176176173329C04A1ACC15 ] WebrootSpySweeperService C:\Program Files\Webroot\Security\current\plugins\antimalware\AEI.exe
11:03:46.0571 8856 WebrootSpySweeperService - ok
11:03:46.0612 8856 [ 905214925A88311FCE52F66153DE7610 ] Wecsvc C:\Windows\system32\wecsvc.dll
11:03:46.0618 8856 Wecsvc - ok
11:03:46.0650 8856 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
11:03:46.0655 8856 wercplsupport - ok
11:03:46.0690 8856 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
11:03:46.0696 8856 WerSvc - ok
11:03:46.0752 8856 [ 72CC6A8CA7891031D6380DB5025C773C ] winachsf C:\Windows\system32\DRIVERS\HSX_CNXT.sys
11:03:46.0763 8856 winachsf - ok
11:03:46.0808 8856 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
11:03:46.0815 8856 WinDefend - ok
11:03:46.0851 8856 WinHttpAutoProxySvc - ok
11:03:46.0918 8856 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
11:03:46.0923 8856 Winmgmt - ok
11:03:46.0966 8856 [ 01874D4689C212460FBABF0ECD7CB7F7 ] WinRM C:\Windows\system32\WsmSvc.dll
11:03:46.0983 8856 WinRM - ok
11:03:47.0058 8856 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
11:03:47.0072 8856 Wlansvc - ok
11:03:47.0129 8856 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
11:03:47.0130 8856 WmiAcpi - ok
11:03:47.0195 8856 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
11:03:47.0198 8856 wmiApSrv - ok
11:03:47.0259 8856 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
11:03:47.0272 8856 WMPNetworkSvc - ok
11:03:47.0290 8856 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
11:03:47.0296 8856 WPCSvc - ok
11:03:47.0328 8856 [ 396D406292B0CD26E3504FFE82784702 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
11:03:47.0332 8856 WPDBusEnum - ok
11:03:47.0368 8856 [ 0CEC23084B51B8288099EB710224E955 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
11:03:47.0370 8856 WpdUsb - ok
11:03:47.0471 8856 [ 7218CA0052F32F5A425D42AB48224754 ] WRConsumerService C:\Program Files\Webroot\Security\Current\Framework\WRConsumerService.exe
11:03:47.0519 8856 WRConsumerService - ok
11:03:47.0546 8856 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
11:03:47.0548 8856 ws2ifsl - ok
11:03:47.0599 8856 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\System32\wscsvc.dll
11:03:47.0604 8856 wscsvc - ok
11:03:47.0613 8856 WSearch - ok
11:03:47.0726 8856 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
11:03:47.0759 8856 wuauserv - ok
11:03:47.0797 8856 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
11:03:47.0800 8856 WUDFRd - ok
11:03:47.0830 8856 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll
11:03:47.0836 8856 wudfsvc - ok
11:03:47.0851 8856 [ DAB33CFA9DD24251AAA389FF36B64D4B ] XAudio C:\Windows\system32\DRIVERS\xaudio.sys
11:03:47.0853 8856 XAudio - ok
11:03:47.0887 8856 [ CD5F291A1161F15896D1A4D63DAFF5DF ] XAudioService C:\Windows\system32\DRIVERS\xaudio.exe
11:03:47.0895 8856 XAudioService - ok
11:03:47.0911 8856 ================ Scan global ===============================
11:03:47.0944 8856 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
11:03:47.0975 8856 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
11:03:47.0996 8856 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
11:03:48.0053 8856 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
11:03:48.0059 8856 [Global] - ok
11:03:48.0060 8856 ================ Scan MBR ==================================
11:03:48.0070 8856 [ 03BA8F890B47C0BE359A4D5A636D214D ] \Device\Harddisk0\DR0
11:03:48.0483 8856 \Device\Harddisk0\DR0 - ok
11:03:48.0484 8856 ================ Scan VBR ==================================
11:03:48.0489 8856 [ A4217A7190C619896A69998BD7685874 ] \Device\Harddisk0\DR0\Partition1
11:03:48.0490 8856 \Device\Harddisk0\DR0\Partition1 - ok
11:03:48.0502 8856 [ B9624EFEFA4D20C1D41C92073B8D9B6B ] \Device\Harddisk0\DR0\Partition2
11:03:48.0504 8856 \Device\Harddisk0\DR0\Partition2 - ok
11:03:48.0507 8856 ============================================================
11:03:48.0507 8856 Scan finished
11:03:48.0507 8856 ============================================================
11:03:48.0535 9968 Detected object count: 0
11:03:48.0535 9968 Actual detected object count: 0

#6 rade2rising

rade2rising
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:09:10 AM

Posted 21 October 2012 - 11:11 AM

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-21 11:07:38
-----------------------------
11:07:38.861 OS Version: Windows 6.0.6002 Service Pack 2
11:07:38.861 Number of processors: 2 586 0xF0D
11:07:38.864 ComputerName: HOMECOMPUTER UserName: Luis
11:07:41.960 Initialize success
11:19:24.009 AVAST engine defs: 12102100
11:22:20.411 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-3
11:22:20.417 Disk 0 Vendor: Hitachi_HDT725050VLA360 V56OA7BA Size: 476940MB BusType: 3
11:22:20.477 Disk 0 MBR read successfully
11:22:20.483 Disk 0 MBR scan
11:22:20.494 Disk 0 unknown MBR code
11:22:20.524 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 467230 MB offset 63
11:22:20.570 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 9707 MB offset 956889088
11:22:20.586 Disk 0 scanning sectors +976769024
11:22:20.675 Disk 0 scanning C:\Windows\system32\drivers
11:22:34.287 Service scanning
11:23:03.537 Modules scanning
11:23:11.187 Disk 0 trace - called modules:
11:23:11.218 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys
11:23:11.229 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x853b7030]
11:23:11.243 3 CLASSPNP.SYS[82fa58b3] -> nt!IofCallDriver -> [0x84879e10]
11:23:11.258 5 acpi.sys[806a06bc] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-3[0x8520d030]
11:23:12.420 AVAST engine scan C:\Windows
11:23:17.495 AVAST engine scan C:\Windows\system32
11:26:35.137 AVAST engine scan C:\Windows\system32\drivers
11:27:07.536 AVAST engine scan C:\Users\Luis
11:28:05.350 File: C:\Users\Luis\AppData\Local\CyberLink\djdwakwd.dll **INFECTED** Win32:Downloader-PLX [Trj]
11:43:44.827 File: C:\Users\Luis\AppData\Local\PokerStars.NET\PackageAware\tqcywtkxo.dll **INFECTED** Win32:Malware-gen
11:53:05.036 AVAST engine scan C:\ProgramData
11:56:44.620 Scan finished successfully
12:05:34.570 Disk 0 MBR has been saved successfully to "C:\Users\Luis\Documents\MBR.dat"
12:05:34.583 The log file has been saved successfully to "C:\Users\Luis\Documents\aswMBR.txt"

#7 rade2rising

rade2rising
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:09:10 AM

Posted 21 October 2012 - 01:53 PM

C:\Users\Luis\AppData\Local\Google\Chrome\User Data\Default\Default\aadgdcdedfdfdedbdgdideggdeddgcdb\background.html Win32/BHO.OEI trojan cleaned by deleting - quarantined
C:\Users\Luis\AppData\Local\Google\Chrome\User Data\Default\Default\aadgdcdedfdfdedbdgdideggdeddgcdb\ContentScript.js Win32/BHO.OEI trojan cleaned by deleting - quarantined
C:\Users\Luis\AppData\Local\PokerStars.NET\PackageAware\tqcywtkxo.dll a variant of Win32/Kryptik.AJGI trojan cleaned by deleting (after the next restart) - quarantined
C:\Users\Luis\AppData\Local\Temp\NOD6580.tmp a variant of Win32/Kryptik.AJGI trojan cleaned by deleting (after the next restart) - quarantined
C:\Users\Luis\Downloads\FLVPlayerSetup_MMM (1).exe a variant of Win32/InstallCore.T application cleaned by deleting - quarantined
C:\Users\Luis\Downloads\FLVPlayerSetup_MMM (2).exe a variant of Win32/InstallCore.T application cleaned by deleting - quarantined
C:\Users\Luis\Downloads\FLVPlayerSetup_MMM (3).exe a variant of Win32/InstallCore.T application cleaned by deleting - quarantined
C:\Users\Luis\Downloads\FLVPlayerSetup_MMM (4).exe a variant of Win32/InstallCore.T application cleaned by deleting - quarantined
C:\Users\Luis\Downloads\FLVPlayerSetup_MMM (5).exe a variant of Win32/InstallCore.T application cleaned by deleting - quarantined
C:\Users\Luis\Downloads\FLVPlayerSetup_MMM (6).exe a variant of Win32/InstallCore.T application cleaned by deleting - quarantined
C:\Users\Luis\Downloads\FLVPlayerSetup_MMM (7).exe a variant of Win32/InstallCore.T application cleaned by deleting - quarantined
C:\Users\Luis\Downloads\FLVPlayerSetup_MMM.exe a variant of Win32/InstallCore.T application cleaned by deleting - quarantined
C:\Users\Luis\Downloads\mplayer_Setup (1).exe a variant of Win32/Adware.iBryte.C application cleaned by deleting - quarantined
C:\Users\Luis\Downloads\mplayer_Setup (2).exe a variant of Win32/Adware.iBryte.C application cleaned by deleting - quarantined
C:\Users\Luis\Downloads\mplayer_Setup.exe a variant of Win32/Adware.iBryte.C application cleaned by deleting - quarantined
C:\Users\Luis\Downloads\PCPerformerSetup.exe a variant of Win32/InstallBrain.A application cleaned by deleting - quarantined
C:\Users\Luis\Downloads\setup.exe Win32/Adware.Bundlore application cleaned by deleting - quarantined
C:\Users\Luis\Downloads\SoftonicDownloader_for_talking-tom-cat.exe a variant of Win32/SoftonicDownloader.D application cleaned by deleting - quarantined
C:\Users\Luis\Downloads\VideoConverterSetup.exe a variant of Win32/InstallCore.E application cleaned by deleting - quarantined
C:\Users\Luis\Downloads\video_downloader (1).exe a variant of Win32/InstallCore.T application cleaned by deleting - quarantined
C:\Users\Luis\Downloads\video_downloader.exe Win32/Adware.Bundlore application cleaned by deleting - quarantined
Operating memory a variant of Win32/BHO.OEI trojan

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:10 AM

Posted 21 October 2012 - 05:45 PM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#9 rade2rising

rade2rising
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:09:10 AM

Posted 21 October 2012 - 09:24 PM

Malwarebytes Anti-Malware (Trial) 1.65.1.1000
www.malwarebytes.org

Database version: v2012.10.21.08

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Luis :: HOMECOMPUTER [administrator]

Protection: Enabled

10/21/2012 8:05:07 PM
mbam-log-2012-10-21 (20-05-07).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 415492
Time elapsed: 1 hour(s), 43 minute(s), 34 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 1
C:\Users\Luis\AppData\Local\CyberLink\djdwakwd.dll (Spyware.Password) -> Delete on reboot.

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|PackageAware (Trojan.RedirRdll3.Gen) -> Data: "rundll32.exe" "C:\Users\Luis\AppData\Local\PokerStars.NET\PackageAware\tqcywtkxo.dll",CreateInstance -> Quarantined and deleted successfully.

Registry Data Items Detected: 2
HKCR\scrfile\shell\open\command| (Broken.OpenCommand) -> Bad: (NOTEPAD.EXE %1) Good: ("%1" /S) -> Quarantined and repaired successfully.
HKCR\regfile\shell\open\command| (Broken.OpenCommand) -> Bad: (NOTEPAD.EXE %1) Good: (regedit.exe "%1") -> Quarantined and repaired successfully.

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Users\Luis\AppData\Local\CyberLink\djdwakwd.dll (Spyware.Password) -> Delete on reboot.

(end)

#10 rade2rising

rade2rising
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:09:10 AM

Posted 21 October 2012 - 09:41 PM

MiniToolBox by Farbar Version: 23-07-2012
Ran by Luis (administrator) on 21-10-2012 at 22:36:55
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================

NVIDIA nForce Networking Controller = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global defaultcurhoplimit=64 icmpredirects=enabled
set interface interface="Local Area Connection" forwarding=disabled advertise=disabled mtu=1500 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled
set interface interface="Wireless Network Connection" forwarding=disabled advertise=disabled mtu=576 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : HomeComputer
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : cfl.rr.com

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : cfl.rr.com
Description . . . . . . . . . . . : NVIDIA nForce Networking Controller
Physical Address. . . . . . . . . : 00-1C-25-51-80-CA
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::1918:fda9:e96c:6d8b%8(Preferred)
IPv4 Address. . . . . . . . . . . : 172.220.76.235(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.240.0
Lease Obtained. . . . . . . . . . : Sunday, October 21, 2012 10:29:56 PM
Lease Expires . . . . . . . . . . : Monday, October 22, 2012 10:29:56 PM
Default Gateway . . . . . . . . . : 172.220.64.1
DHCP Server . . . . . . . . . . . : 10.193.48.1
DHCPv6 IAID . . . . . . . . . . . : 201333797
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-3E-53-A0-00-1C-25-51-80-CA
DNS Servers . . . . . . . . . . . : 65.32.5.111
65.32.5.112
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 6:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : cfl.rr.com
Description . . . . . . . . . . . : isatap.cfl.rr.com
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 10:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 15:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 18:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #7
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 19:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #8
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 20:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:bb:33c8:5323:b314(Preferred)
Link-local IPv6 Address . . . . . : fe80::bb:33c8:5323:b314%22(Preferred)
Default Gateway . . . . . . . . . :
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 24:

Connection-specific DNS Suffix . : cfl.rr.com
Description . . . . . . . . . . . : 6TO4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2002:acdc:4ceb::acdc:4ceb(Preferred)
Default Gateway . . . . . . . . . : 2002:c058:6301::c058:6301
DNS Servers . . . . . . . . . . . : 65.32.5.111
65.32.5.112
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: dns-redir-lb-01.tampabay.rr.com
Address: 65.32.5.111

Name: google.com
Addresses: 2607:f8b0:4008:801::1004
74.125.229.165
74.125.229.166
74.125.229.167
74.125.229.168
74.125.229.169
74.125.229.174
74.125.229.160
74.125.229.161
74.125.229.162
74.125.229.163
74.125.229.164



Pinging google.com [74.125.229.169] with 32 bytes of data:

Reply from 74.125.229.169: bytes=32 time=24ms TTL=52

Reply from 74.125.229.169: bytes=32 time=30ms TTL=52



Ping statistics for 74.125.229.169:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 24ms, Maximum = 30ms, Average = 27ms

Server: dns-redir-lb-01.tampabay.rr.com
Address: 65.32.5.111

Name: yahoo.com
Addresses: 98.139.183.24
72.30.38.140
98.138.253.109



Pinging yahoo.com [72.30.38.140] with 32 bytes of data:

Reply from 72.30.38.140: bytes=32 time=186ms TTL=49

Reply from 72.30.38.140: bytes=32 time=88ms TTL=50



Ping statistics for 72.30.38.140:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 88ms, Maximum = 186ms, Average = 137ms

Server: dns-redir-lb-01.tampabay.rr.com
Address: 65.32.5.111

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:

Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time=10ms TTL=64

Reply from 127.0.0.1: bytes=32 time=3ms TTL=64



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 3ms, Maximum = 10ms, Average = 6ms

===========================================================================
Interface List
8 ...00 1c 25 51 80 ca ...... NVIDIA nForce Networking Controller
1 ........................... Software Loopback Interface 1
26 ...00 00 00 00 00 00 00 e0 isatap.cfl.rr.com
9 ...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
10 ...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
12 ...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
15 ...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
20 ...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #7
21 ...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #8
22 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
25 ...00 00 00 00 00 00 00 e0 6TO4 Adapter
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 172.220.64.1 172.220.76.235 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
172.220.64.0 255.255.240.0 On-link 172.220.76.235 276
172.220.76.235 255.255.255.255 On-link 172.220.76.235 276
172.220.79.255 255.255.255.255 On-link 172.220.76.235 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 172.220.76.235 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 172.220.76.235 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
25 1125 ::/0 2002:c058:6301::c058:6301
1 306 ::1/128 On-link
22 18 2001::/32 On-link
22 266 2001:0:4137:9e76:bb:33c8:5323:b314/128
On-link
25 1025 2002::/16 On-link
25 281 2002:acdc:4ceb::acdc:4ceb/128
On-link
8 276 fe80::/64 On-link
22 266 fe80::/64 On-link
22 266 fe80::bb:33c8:5323:b314/128
On-link
8 276 fe80::1918:fda9:e96c:6d8b/128
On-link
1 306 ff00::/8 On-link
22 266 ff00::/8 On-link
8 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [19968] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/21/2012 10:24:02 PM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 9.0.8112.16446, time stamp 0x4fb57c8f, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000005, fault offset 0x000e1970,
process id 0x26e4, application start time 0xiexplore.exe0.

Error: (10/21/2012 10:23:02 PM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 9.0.8112.16446, time stamp 0x4fb57c8f, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000005, fault offset 0x001e1970,
process id 0x24f8, application start time 0xiexplore.exe0.

Error: (10/21/2012 10:22:02 PM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 9.0.8112.16446, time stamp 0x4fb57c8f, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000005, fault offset 0x001f1970,
process id 0x1b8c, application start time 0xiexplore.exe0.

Error: (10/21/2012 10:21:01 PM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 9.0.8112.16446, time stamp 0x4fb57c8f, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000005, fault offset 0x002d1970,
process id 0x238c, application start time 0xiexplore.exe0.

Error: (10/21/2012 10:20:01 PM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 9.0.8112.16446, time stamp 0x4fb57c8f, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000005, fault offset 0x00921970,
process id 0x19ac, application start time 0xiexplore.exe0.

Error: (10/21/2012 10:19:01 PM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 9.0.8112.16446, time stamp 0x4fb57c8f, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000005, fault offset 0x00851970,
process id 0x1f00, application start time 0xiexplore.exe0.

Error: (10/21/2012 10:18:01 PM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 9.0.8112.16446, time stamp 0x4fb57c8f, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000005, fault offset 0x00731970,
process id 0x7e0, application start time 0xiexplore.exe0.

Error: (10/21/2012 10:17:01 PM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 9.0.8112.16446, time stamp 0x4fb57c8f, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000005, fault offset 0x00841970,
process id 0x2110, application start time 0xiexplore.exe0.

Error: (10/21/2012 10:16:01 PM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 9.0.8112.16446, time stamp 0x4fb57c8f, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000005, fault offset 0x00741970,
process id 0x22b0, application start time 0xiexplore.exe0.

Error: (10/21/2012 10:15:04 PM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 9.0.8112.16446, time stamp 0x4fb57c8f, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000005, fault offset 0x002d1970,
process id 0x1b30, application start time 0xiexplore.exe0.


System errors:
=============
Error: (10/21/2012 03:17:31 PM) (Source: Dhcp) (User: )
Description: Your computer has lost the lease to its IP address 192.168.100.10 on the Network Card with network address 001C255180CA.

Error: (10/21/2012 03:16:34 PM) (Source: Dhcp) (User: )
Description: The IP address lease 172.16.0.2 for the Network Card with network address 001C255180CA has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).

Error: (10/20/2012 04:06:39 PM) (Source: Dhcp) (User: )
Description: The IP address lease 142.196.171.192 for the Network Card with network address 001C255180CA has been denied by the DHCP server 172.16.0.1 (The DHCP Server sent a DHCPNACK message).

Error: (10/20/2012 09:43:25 AM) (Source: Dhcp) (User: )
Description: Your computer has lost the lease to its IP address 192.168.100.10 on the Network Card with network address 001C255180CA.

Error: (10/20/2012 09:33:03 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 9:20:05 AM on 10/20/2012 was unexpected.

Error: (10/20/2012 01:52:15 AM) (Source: Dhcp) (User: )
Description: The IP address lease 142.196.171.192 for the Network Card with network address 001C255180CA has been denied by the DHCP server 172.16.0.1 (The DHCP Server sent a DHCPNACK message).

Error: (10/14/2012 04:30:04 PM) (Source: Dhcp) (User: )
Description: Your computer has lost the lease to its IP address 192.168.100.10 on the Network Card with network address 001C255180CA.

Error: (10/14/2012 04:29:32 PM) (Source: Dhcp) (User: )
Description: The IP address lease 172.16.0.6 for the Network Card with network address 001C255180CA has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).

Error: (10/13/2012 08:56:03 PM) (Source: Dhcp) (User: )
Description: The IP address lease 172.16.0.2 for the Network Card with network address 001C255180CA has been denied by the DHCP server 172.16.0.1 (The DHCP Server sent a DHCPNACK message).

Error: (10/13/2012 08:56:02 AM) (Source: Dhcp) (User: )
Description: The IP address lease 142.196.171.192 for the Network Card with network address 001C255180CA has been denied by the DHCP server 172.16.0.1 (The DHCP Server sent a DHCPNACK message).


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
32 Bit HP CIO Components Installer (Version: 2.1.4)
Adobe AIR (Version: 2.5.1.17730)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.257)
Adobe Reader X (10.1.3) (Version: 10.1.3)
BufferChm (Version: 90.0.146.000)
Canon Digital Camera Solution Disk 40-46 Software Starter Guide (Version: 1.1.0.1)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (Version: 1.7.0.4)
Canon Internet Library for ZoomBrowser EX (Version: 1.6.3.9)
Canon MOV Decoder (Version: 1.3.0.14)
Canon MOV Encoder (Version: 1.1.0.18)
Canon MovieEdit Task for ZoomBrowser EX (Version: 3.1.0.27)
Canon Personal Printing Guide (Version: 1.0.0.1)
Canon Utilities CameraWindow (Version: 7.2.0.2)
Canon Utilities CameraWindow DC (Version: 7.4.0.9)
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX (Version: 6.5.0.3)
Canon Utilities MyCamera (Version: 7.2.0.4)
Canon Utilities MyCamera DC (Version: 7.2.0.5)
Canon Utilities PhotoStitch (Version: 3.1.22.46)
Canon Utilities RemoteCapture Task for ZoomBrowser EX (Version: 1.8.0.1)
Canon Utilities ZoomBrowser EX (Version: 6.3.0.7)
Canon ZoomBrowser EX Memory Card Utility (Version: 1.2.2.11)
Cards_Calendar_OrderGift_DoMorePlugout (Version: 1.00.0000)
CDBurnerXP (Version: 4.4.0.2968)
CustomerResearchQFolder (Version: 1.00.0000)
CyberLink DVD Suite Deluxe (Version: 5.5.1019)
D1400 (Version: 90.0.200.000)
D1400_Help (Version: 90.0.200.000)
DeviceDiscovery (Version: 90.0.146.000)
DeviceManagementQFolder (Version: 1.00.0000)
DJ_AIO_03_F4200_Software_Min (Version: 110.0.206.000)
dj_sf_ProductContext (Version: 90.0.200.000)
dj_sf_software (Version: 90.0.200.000)
dj_sf_software_req (Version: 90.0.200.000)
Enhanced Multimedia Keyboard Solution
ESET Online Scanner v3
eSupportQFolder (Version: 1.00.0000)
Google Chrome (Version: 22.0.1229.94)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3230.2052)
Google Update Helper (Version: 1.3.21.111)
Hardware Diagnostic Tools (Version: 5.00.4589.14)
Hewlett-Packard Active Check (Version: 1.1.11.0)
Hewlett-Packard Asset Agent for Health Check (Version: 2.0.62.5)
HP Active Support Library (Version: 2.3.0.2)
HP Customer Feedback (Version: 1.0.0)
HP Customer Participation Program 9.0 (Version: 9.0)
HP Deskjet F4200 All-In-One Driver 11.0 03 (Version: 11.0)
HP Deskjet Printer Driver Software 9.0 (Version: 9.0)
HP Imaging Device Functions 9.0 (Version: 9.0)
HP On-Screen Cap/Num/Scroll Lock Indicator
HP Photosmart Essential 2.5 (Version: 1.02.0000)
HP Photosmart Essential 2.5 (Version: 2.5)
HP Picasso Media Center Add-In (Version: 1.0.0)
HP Solution Center 9.0 (Version: 9.0)
HP Total Care Advisor (Version: 1.4.20.2435)
HP Update (Version: 4.000.007.003)
HPPhotoSmartPhotobookWebPack1 (Version: 1.00.0000)
HPProductAssistant (Version: 90.0.146.000)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 30 (Version: 6.0.300)
magicJack (Version: 2.0.6073.4413)
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
MarketResearch (Version: 90.0.146.000)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6425.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft VC9 runtime libraries (Version: 1.0.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Works (Version: 9.7.0621)
MSN
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
My HP Games (Version: HPCMPQ1902)
NVIDIA Drivers
PanoStandAlone (Version: 90.0.146.000)
PokerStars.net
PowerDirector (Version: 6.5.2209)
PSSWCORE (Version: 2.02.0000)
Python 2.5 (Version: 2.5.150)
Realtek High Definition Audio Driver (Version: 6.0.1.5485)
Reedy Order Entry System
Scan (Version: 11.0.0.0)
Skype Click to Call (Version: 5.6.8442)
Skype™ 5.5 (Version: 5.5.124)
Soft Data Fax Modem with SmartCP (Version: 7.74.00)
SolutionCenter (Version: 90.0.146.000)
Spotify (Version: 0.6.2)
Status (Version: 90.0.146.000)
Toolbox (Version: 110.0.180.000)
TrayApp (Version: 90.0.146.000)
UnloadSupport (Version: 9.0.0)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office OneNote 2007 (KB980729)
VideoToolkit01 (Version: 100.0.128.000)
Viewpoint Media Player
VLC media player 1.1.11 (Version: 1.1.11)
WeatherBug Gadget (Version: 1.0.0.6)
WebReg (Version: 90.0.146.000)
Webroot Software (Version: 7.0.4.127)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)

========================= Memory info: ===================================

Percentage of memory in use: 59%
Total physical RAM: 1916.45 MB
Available physical RAM: 782.75 MB
Total Pagefile: 4079 MB
Available Pagefile: 2602.34 MB
Total Virtual: 2047.88 MB
Available Virtual: 1946.14 MB

========================= Partitions: =====================================

1 Drive c: (HP) (Fixed) (Total:456.28 GB) (Free:341.02 GB) NTFS
2 Drive d: (FACTORY_IMAGE) (Fixed) (Total:9.48 GB) (Free:1.28 GB) NTFS

========================= Users: ========================================

User accounts for \\HOMECOMPUTER

Administrator Guest Luis

========================= Restore Points ==================================

24-09-2012 13:06:13 Scheduled Checkpoint
25-09-2012 08:29:04 Scheduled Checkpoint
26-09-2012 16:31:40 Scheduled Checkpoint
27-09-2012 10:48:20 Scheduled Checkpoint
28-09-2012 04:00:07 Scheduled Checkpoint
29-09-2012 04:00:07 Scheduled Checkpoint
30-09-2012 08:05:42 Scheduled Checkpoint
01-10-2012 10:46:13 Scheduled Checkpoint
02-10-2012 06:09:58 Scheduled Checkpoint
03-10-2012 10:37:25 Scheduled Checkpoint
04-10-2012 05:36:53 Scheduled Checkpoint
05-10-2012 18:18:33 Scheduled Checkpoint
06-10-2012 21:30:16 Scheduled Checkpoint
08-10-2012 04:00:11 Scheduled Checkpoint
09-10-2012 04:30:28 Scheduled Checkpoint
10-10-2012 04:00:05 Scheduled Checkpoint
11-10-2012 04:01:40 Scheduled Checkpoint
11-10-2012 23:29:48 Scheduled Checkpoint
13-10-2012 04:00:10 Scheduled Checkpoint
14-10-2012 04:14:06 Scheduled Checkpoint
15-10-2012 04:37:40 Scheduled Checkpoint
17-10-2012 01:59:20 Scheduled Checkpoint
20-10-2012 13:48:39 Windows Update
21-10-2012 08:45:00 Scheduled Checkpoint

**** End of log ****

#11 rade2rising

rade2rising
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:09:10 AM

Posted 21 October 2012 - 09:44 PM

Farbar Service Scanner Version: 19-10-2012
Ran by Luis (administrator) on 21-10-2012 at 22:43:33
Running from "C:\Users\Luis\Downloads"
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll
[2011-09-22 18:55] - [2008-01-19 03:34] - 0288256 ____A (Microsoft Corporation) E1499BD0FF76B1B2FBBF1AF339D91165

C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

#12 rade2rising

rade2rising
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:09:10 AM

Posted 21 October 2012 - 09:52 PM

# AdwCleaner v2.005 - Logfile created 10/21/2012 at 22:45:20
# Updated 14/10/2012 by Xplode
# Operating system : Windows Vista ™ Home Premium Service Pack 2 (32 bits)
# User : Luis - HOMECOMPUTER
# Boot Mode : Normal
# Running from : C:\Users\Luis\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
Folder Deleted : C:\Program Files\Viewpoint
Folder Deleted : C:\ProgramData\Viewpoint
Folder Deleted : C:\Users\Luis\AppData\Local\APN

***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\Software\MetaStream
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Deleted : HKLM\SOFTWARE\Software
Key Deleted : HKLM\Software\Viewpoint
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Google Chrome v22.0.1229.94

File : C:\Users\Luis\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [2421 octets] - [21/10/2012 22:45:20]

########## EOF - C:\AdwCleaner[S1].txt - [2481 octets] ##########

#13 rade2rising

rade2rising
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:09:10 AM

Posted 21 October 2012 - 10:13 PM

Junkware Removal Tool (JRT) by Thisisu
Version: 1.9.1 (10.21.2012)
OS: Windows Vista ™ Home Premium x86
Ran by Luis on Sun 10/21/2012 at 22:54:02.58
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Services: 0 Detections



*** Registry Values: 0 Detections



*** Registry Keys: 0 Detections



*** Files: 0 Detections



*** Folders: 0 Detections



*** Event Viewer Logs - Cleared





**************************************************************
Scan was completed on Sun 10/21/2012 at 23:09:40.50
End of Report

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:10 AM

Posted 21 October 2012 - 11:50 PM

Restart the PC,run malwarebytes once again and post the new log

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

Any current issues?

#15 rade2rising

rade2rising
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:09:10 AM

Posted 22 October 2012 - 11:20 PM

hello, sorry I had a long day at work today. Am putting the Malware to scan and going to sleep. Tmrw I will continue the rest and post. thanks for helping me. Also I am not getting the google redirects anymore. I notice when i restart this DLL box comes up saying cannot find certain .dll file....

thanks again.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users