Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Ebay: Detected Suspicious Activity. Your account has been blocked


  • Please log in to reply
21 replies to this topic

#1 Theo2010

Theo2010

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:00 AM

Posted 24 October 2012 - 05:48 PM

Hello,

After reading the original post on this subject, I ran the antivirus programs recommended to no avail.

Your help is greatly appreciated.

Attaching the log from Malwarebytes:

Malwarebytes Anti-Malware (Trial) 1.65.1.1000
www.malwarebytes.org

Database version: v2012.10.24.05

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 8.0.6001.18975
German Delgado :: LUCY [administrator]

Protection: Enabled

10/24/2012 5:14:04 PM
mbam-log-2012-10-24 (17-14-04).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 286326
Time elapsed: 13 minute(s), 4 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Users\German Delgado\Local Settings\Temporary Internet Files\Content.IE5\8GJ83O0Q\freeeditor_1787[1].exe (PUP.BundleOffers.IIQ) -> Quarantined and deleted successfully.

(end)

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:00 AM

Posted 24 October 2012 - 05:49 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 Theo2010

Theo2010
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:00 AM

Posted 24 October 2012 - 07:57 PM

Thank you,

I can't run eset online scanner
Attaching logs:

Malwarebytes Anti-Malware (Trial) 1.65.1.1000
www.malwarebytes.org

Database version: v2012.10.24.05

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 8.0.6001.18975
German Delgado :: LUCY [administrator]

Protection: Enabled

10/24/2012 5:14:04 PM
mbam-log-2012-10-24 (17-14-04).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 286326
Time elapsed: 13 minute(s), 4 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Users\German Delgado\Local Settings\Temporary Internet Files\Content.IE5\8GJ83O0Q\freeeditor_1787[1].exe (PUP.BundleOffers.IIQ) -> Quarantined and deleted successfully.

(end)

--------------------------------------------------------

*********aswMBR Log: ************

18:54:51.0443 4224 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
18:54:51.0646 4224 ============================================================
18:54:51.0646 4224 Current date / time: 2012/10/24 18:54:51.0646
18:54:51.0646 4224 SystemInfo:
18:54:51.0646 4224
18:54:51.0646 4224 OS Version: 6.0.6002 ServicePack: 2.0
18:54:51.0646 4224 Product type: Workstation
18:54:51.0646 4224 ComputerName: LUCY
18:54:51.0646 4224 UserName: German Delgado
18:54:51.0646 4224 Windows directory: C:\Windows
18:54:51.0646 4224 System windows directory: C:\Windows
18:54:51.0646 4224 Processor architecture: Intel x86
18:54:51.0646 4224 Number of processors: 2
18:54:51.0646 4224 Page size: 0x1000
18:54:51.0646 4224 Boot type: Normal boot
18:54:51.0646 4224 ============================================================
18:54:52.0223 4224 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
18:54:52.0379 4224 Drive \Device\Harddisk1\DR1 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
18:54:52.0379 4224 ============================================================
18:54:52.0379 4224 \Device\Harddisk0\DR0:
18:54:52.0379 4224 MBR partitions:
18:54:52.0379 4224 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xCFA08B1
18:54:52.0379 4224 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xCFA08F0, BlocksNum 0xFF2ED1
18:54:52.0379 4224 \Device\Harddisk1\DR1:
18:54:52.0379 4224 MBR partitions:
18:54:52.0379 4224 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xDF93782
18:54:52.0379 4224 ============================================================
18:54:52.0395 4224 C: <-> \Device\Harddisk0\DR0\Partition1
18:54:52.0426 4224 D: <-> \Device\Harddisk1\DR1\Partition1
18:54:52.0473 4224 E: <-> \Device\Harddisk0\DR0\Partition2
18:54:52.0473 4224 ============================================================
18:54:52.0473 4224 Initialize success
18:54:52.0473 4224 ============================================================
18:55:14.0999 5712 ============================================================
18:55:14.0999 5712 Scan started
18:55:14.0999 5712 Mode: Manual; TDLFS;
18:55:14.0999 5712 ============================================================
18:55:16.0528 5712 ================ Scan system memory ========================
18:55:16.0528 5712 System memory - ok
18:55:16.0528 5712 ================ Scan services =============================
18:55:16.0715 5712 [ 585E64BB6DFBC0A2F1F0B554DED012DF ] 61883 C:\Windows\system32\DRIVERS\61883.sys
18:55:16.0715 5712 61883 - ok
18:55:16.0793 5712 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
18:55:16.0793 5712 ACPI - ok
18:55:16.0934 5712 [ F3CD7B20B27D1772C946DF993FF3635C ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
18:55:16.0934 5712 AdobeFlashPlayerUpdateSvc - ok
18:55:16.0996 5712 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
18:55:17.0012 5712 adp94xx - ok
18:55:17.0027 5712 [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci C:\Windows\system32\drivers\adpahci.sys
18:55:17.0027 5712 adpahci - ok
18:55:17.0059 5712 [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
18:55:17.0059 5712 adpu160m - ok
18:55:17.0090 5712 [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320 C:\Windows\system32\drivers\adpu320.sys
18:55:17.0090 5712 adpu320 - ok
18:55:17.0137 5712 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:55:17.0152 5712 AeLookupSvc - ok
18:55:17.0230 5712 [ A201207363AA900ABF1A388468688570 ] AFD C:\Windows\system32\drivers\afd.sys
18:55:17.0246 5712 AFD - ok
18:55:17.0293 5712 [ EF23439CDD587F64C2C1B8825CEAD7D8 ] agp440 C:\Windows\system32\drivers\agp440.sys
18:55:17.0293 5712 agp440 - ok
18:55:17.0324 5712 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
18:55:17.0324 5712 aic78xx - ok
18:55:17.0386 5712 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
18:55:17.0386 5712 ALG - ok
18:55:17.0417 5712 [ 90395B64600EBB4552E26E178C94B2E4 ] aliide C:\Windows\system32\drivers\aliide.sys
18:55:17.0417 5712 aliide - ok
18:55:17.0433 5712 [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
18:55:17.0433 5712 amdagp - ok
18:55:17.0449 5712 [ 0577DF1D323FE75A739C787893D300EA ] amdide C:\Windows\system32\drivers\amdide.sys
18:55:17.0449 5712 amdide - ok
18:55:17.0464 5712 [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
18:55:17.0464 5712 AmdK7 - ok
18:55:17.0495 5712 [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
18:55:17.0495 5712 AmdK8 - ok
18:55:17.0558 5712 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
18:55:17.0558 5712 Appinfo - ok
18:55:17.0729 5712 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:55:17.0729 5712 Apple Mobile Device - ok
18:55:17.0823 5712 [ 0FE769CAE5855B53C90E23F85E7E89FF ] AppMgmt C:\Windows\System32\appmgmts.dll
18:55:17.0839 5712 AppMgmt - ok
18:55:17.0854 5712 [ 5F673180268BB1FDB69C99B6619FE379 ] arc C:\Windows\system32\drivers\arc.sys
18:55:17.0854 5712 arc - ok
18:55:17.0901 5712 [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas C:\Windows\system32\drivers\arcsas.sys
18:55:17.0901 5712 arcsas - ok
18:55:17.0948 5712 [ 2EEDA27C19259C2340324EF7180D086B ] ASBroker c:\Program Files\Bioscrypt\VeriSoft\Bin\ASWLNPkg.dll
18:55:17.0948 5712 ASBroker - ok
18:55:17.0979 5712 [ BB3C0521ECCA4BB17AC55EB640DF0FA5 ] ASChannel c:\Program Files\Bioscrypt\VeriSoft\Bin\AsChnl.dll
18:55:17.0979 5712 ASChannel - ok
18:55:18.0026 5712 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:55:18.0026 5712 AsyncMac - ok
18:55:18.0073 5712 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
18:55:18.0073 5712 atapi - ok
18:55:18.0135 5712 [ 40767B965A8D575D794F1F95E2E017E9 ] atashost C:\Windows\system32\atashost.exe
18:55:18.0135 5712 atashost - ok
18:55:18.0182 5712 [ FB2162AFF83D519CD77431A1BC5EE0ED ] ATSWPDRV C:\Windows\system32\DRIVERS\ATSwpDrv.sys
18:55:18.0182 5712 ATSWPDRV - ok
18:55:18.0260 5712 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:55:18.0260 5712 AudioEndpointBuilder - ok
18:55:18.0275 5712 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
18:55:18.0275 5712 Audiosrv - ok
18:55:18.0338 5712 [ F4B56425A00BEB32F5FA6603FF7B0EA2 ] Avc C:\Windows\system32\DRIVERS\avc.sys
18:55:18.0338 5712 Avc - ok
18:55:18.0385 5712 [ CF6A67C90951E3E763D2135DEDE44B85 ] BCM43XV C:\Windows\system32\DRIVERS\bcmwl6.sys
18:55:18.0400 5712 BCM43XV - ok
18:55:18.0463 5712 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
18:55:18.0463 5712 Beep - ok
18:55:18.0478 5712 blbdrive - ok
18:55:18.0525 5712 [ 74B442B2BE1260B7588C136177CEAC66 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:55:18.0525 5712 bowser - ok
18:55:18.0572 5712 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
18:55:18.0572 5712 BrFiltLo - ok
18:55:18.0603 5712 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
18:55:18.0603 5712 BrFiltUp - ok
18:55:18.0650 5712 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
18:55:18.0650 5712 Browser - ok
18:55:18.0665 5712 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
18:55:18.0665 5712 Brserid - ok
18:55:18.0697 5712 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
18:55:18.0697 5712 BrSerWdm - ok
18:55:18.0728 5712 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
18:55:18.0728 5712 BrUsbMdm - ok
18:55:18.0728 5712 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
18:55:18.0728 5712 BrUsbSer - ok
18:55:18.0790 5712 [ 6D39C954799B63BA866910234CF7D726 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
18:55:18.0790 5712 BthEnum - ok
18:55:18.0853 5712 [ 9A966A8E86D1771911AE34A20D11BFF3 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
18:55:18.0853 5712 BTHMODEM - ok
18:55:18.0899 5712 [ 5904EFA25F829BF84EA6FB045134A1D8 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
18:55:18.0899 5712 BthPan - ok
18:55:18.0946 5712 [ 5A3ABAA2F8EECE7AEFB942773766E3DB ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
18:55:18.0962 5712 BTHPORT - ok
18:55:19.0024 5712 [ A4C8377FA4A994E07075107DBE2E3DCE ] BthServ C:\Windows\System32\bthserv.dll
18:55:19.0024 5712 BthServ - ok
18:55:19.0040 5712 [ 94E2941280E3756A5E0BCB467865C43A ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
18:55:19.0040 5712 BTHUSB - ok
18:55:19.0118 5712 [ 99AEEA7CEFDFC6E4151A8F620D682088 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
18:55:19.0118 5712 btwaudio - ok
18:55:19.0180 5712 [ 195872E48A7FB01F8BC9B800F70F4054 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
18:55:19.0180 5712 btwavdt - ok
18:55:19.0243 5712 [ 0724E7D6C9B6A289EDDDA33FA8176E80 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
18:55:19.0243 5712 btwrchid - ok
18:55:19.0367 5712 catchme - ok
18:55:19.0445 5712 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:55:19.0445 5712 cdfs - ok
18:55:19.0492 5712 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
18:55:19.0508 5712 cdrom - ok
18:55:19.0570 5712 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
18:55:19.0570 5712 CertPropSvc - ok
18:55:19.0601 5712 [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass C:\Windows\system32\drivers\circlass.sys
18:55:19.0601 5712 circlass - ok
18:55:19.0804 5712 [ DBAFC6734C054FEEF9087754BD80F847 ] CLCapSvc C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
18:55:19.0804 5712 CLCapSvc - ok
18:55:19.0867 5712 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
18:55:19.0867 5712 CLFS - ok
18:55:19.0960 5712 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:55:19.0991 5712 clr_optimization_v2.0.50727_32 - ok
18:55:20.0101 5712 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:55:20.0101 5712 clr_optimization_v4.0.30319_32 - ok
18:55:20.0132 5712 [ E67F8F036FD882E4AB62501C0D45B536 ] CLSched C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
18:55:20.0147 5712 CLSched - ok
18:55:20.0194 5712 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
18:55:20.0194 5712 CmBatt - ok
18:55:20.0225 5712 [ 45201046C776FFDAF3FC8A0029C581C8 ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:55:20.0225 5712 cmdide - ok
18:55:20.0335 5712 [ A5AAA656403E5E7AFA9647CE73DBF944 ] Com4Qlb C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
18:55:20.0335 5712 Com4Qlb - ok
18:55:20.0397 5712 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
18:55:20.0397 5712 Compbatt - ok
18:55:20.0413 5712 COMSysApp - ok
18:55:20.0413 5712 [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
18:55:20.0413 5712 crcdisk - ok
18:55:20.0444 5712 [ 22A7F883508176489F559EE745B5BF5D ] Crusoe C:\Windows\system32\drivers\crusoe.sys
18:55:20.0444 5712 Crusoe - ok
18:55:20.0491 5712 [ FB27772BEAF8E1D28CCD825C09DA939B ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:55:20.0491 5712 CryptSvc - ok
18:55:20.0569 5712 [ 9BDB2E89BE8D0EF37B1F25C3D3FC192C ] CSC C:\Windows\system32\drivers\csc.sys
18:55:20.0569 5712 CSC - ok
18:55:20.0647 5712 [ 0A2095F92F6AE4FE6484D911B0C21E95 ] CscService C:\Windows\System32\cscsvc.dll
18:55:20.0662 5712 CscService - ok
18:55:20.0709 5712 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
18:55:20.0725 5712 DcomLaunch - ok
18:55:20.0787 5712 [ 218D8AE46C88E82014F5D73D0236D9B2 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:55:20.0787 5712 DfsC - ok
18:55:20.0896 5712 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
18:55:20.0974 5712 DFSR - ok
18:55:21.0052 5712 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
18:55:21.0068 5712 Dhcp - ok
18:55:21.0115 5712 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
18:55:21.0115 5712 disk - ok
18:55:21.0177 5712 [ 30A08728740E71947AE1E073B5CE69B4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:55:21.0177 5712 Dnscache - ok
18:55:21.0255 5712 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
18:55:21.0255 5712 dot3svc - ok
18:55:21.0349 5712 [ 4F59C172C094E1A1D46463A8DC061CBD ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
18:55:21.0349 5712 Dot4 - ok
18:55:21.0395 5712 [ 80BF3BA09F6F2523C8F6B7CC6DBF7BD5 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
18:55:21.0395 5712 Dot4Print - ok
18:55:21.0427 5712 [ C55004CA6B419B6695970DFE849B122F ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
18:55:21.0427 5712 dot4usb - ok
18:55:21.0473 5712 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
18:55:21.0473 5712 DPS - ok
18:55:21.0551 5712 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:55:21.0551 5712 drmkaud - ok
18:55:21.0614 5712 [ 5C7E2097B91D689DED7A6FF90F0F3A25 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:55:21.0629 5712 DXGKrnl - ok
18:55:21.0676 5712 [ C0B00E55CF82D122D25983C7A6A53DEA ] E100B C:\Windows\system32\DRIVERS\e100b325.sys
18:55:21.0676 5712 E100B - ok
18:55:21.0723 5712 [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
18:55:21.0739 5712 E1G60 - ok
18:55:21.0785 5712 [ E88B0CFCECF745211BBA87F44F85D0DD ] eabfiltr C:\Windows\system32\DRIVERS\eabfiltr.sys
18:55:21.0785 5712 eabfiltr - ok
18:55:21.0832 5712 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
18:55:21.0848 5712 EapHost - ok
18:55:21.0895 5712 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
18:55:21.0895 5712 Ecache - ok
18:55:21.0941 5712 [ 7EC42EC12A4BAC14BCCA99FB06F2D125 ] elagopro C:\Windows\system32\DRIVERS\elagopro.sys
18:55:21.0941 5712 elagopro - ok
18:55:21.0973 5712 [ DFEABB7CFFFADEA4A912AB95BDC3177A ] elaunidr C:\Windows\system32\DRIVERS\elaunidr.sys
18:55:21.0973 5712 elaunidr - ok
18:55:22.0019 5712 [ E8F3F21A71720C84BCF423B80028359F ] elxstor C:\Windows\system32\drivers\elxstor.sys
18:55:22.0035 5712 elxstor - ok
18:55:22.0113 5712 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
18:55:22.0113 5712 EMDMgmt - ok
18:55:22.0175 5712 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
18:55:22.0175 5712 EventSystem - ok
18:55:22.0238 5712 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
18:55:22.0238 5712 exfat - ok
18:55:22.0363 5712 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:55:22.0378 5712 fastfat - ok
18:55:22.0441 5712 [ DFBA0F60FA301E5B1BFB1403A93EE23E ] Fax C:\Windows\system32\fxssvc.exe
18:55:22.0441 5712 Fax - ok
18:55:22.0519 5712 [ 63BDADA84951B9C03E641800E176898A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
18:55:22.0519 5712 fdc - ok
18:55:22.0565 5712 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
18:55:22.0565 5712 fdPHost - ok
18:55:22.0581 5712 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
18:55:22.0581 5712 FDResPub - ok
18:55:22.0643 5712 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:55:22.0643 5712 FileInfo - ok
18:55:22.0706 5712 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:55:22.0706 5712 Filetrace - ok
18:55:22.0784 5712 [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
18:55:22.0784 5712 FLEXnet Licensing Service - ok
18:55:22.0846 5712 [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
18:55:22.0846 5712 flpydisk - ok
18:55:22.0909 5712 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:55:22.0909 5712 FltMgr - ok
18:55:23.0049 5712 [ D49705F25390265CAD9B620F55EA968C ] FontCache C:\Windows\system32\FntCache.dll
18:55:23.0096 5712 FontCache - ok
18:55:23.0189 5712 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
18:55:23.0189 5712 FontCache3.0.0.0 - ok
18:55:23.0236 5712 [ 65EA8B77B5851854F0C55C43FA51A198 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:55:23.0236 5712 Fs_Rec - ok
18:55:23.0267 5712 [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
18:55:23.0267 5712 gagp30kx - ok
18:55:23.0330 5712 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\Drivers\GEARAspiWDM.sys
18:55:23.0330 5712 GEARAspiWDM - ok
18:55:23.0408 5712 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
18:55:23.0423 5712 gpsvc - ok
18:55:23.0579 5712 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
18:55:23.0595 5712 gupdate - ok
18:55:23.0611 5712 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
18:55:23.0611 5712 gupdatem - ok
18:55:23.0673 5712 [ 833051C6C6C42117191935F734CFBD97 ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
18:55:23.0673 5712 hamachi - ok
18:55:23.0751 5712 [ DE15777902A5D9121857D155873A1D1B ] HBtnKey C:\Windows\system32\DRIVERS\cpqbttn.sys
18:55:23.0751 5712 HBtnKey - ok
18:55:23.0782 5712 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:55:23.0798 5712 HdAudAddService - ok
18:55:23.0860 5712 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
18:55:23.0876 5712 HDAudBus - ok
18:55:23.0907 5712 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
18:55:23.0907 5712 HidBth - ok
18:55:23.0923 5712 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
18:55:23.0923 5712 HidIr - ok
18:55:23.0985 5712 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\System32\hidserv.dll
18:55:23.0985 5712 hidserv - ok
18:55:24.0016 5712 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
18:55:24.0016 5712 HidUsb - ok
18:55:24.0110 5712 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:55:24.0125 5712 hkmsvc - ok
18:55:24.0250 5712 [ A19B0BB5A7EB6DF2DD4A0711D36955EE ] HP Health Check Service c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
18:55:24.0250 5712 HP Health Check Service - ok
18:55:24.0281 5712 [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
18:55:24.0281 5712 HpCISSs - ok
18:55:24.0406 5712 [ FCB563B0A23643E5F80B6FF1E60F610F ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
18:55:24.0406 5712 hpqcxs08 - ok
18:55:24.0469 5712 [ 25E443E27165C652723A92D9BDFD4649 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
18:55:24.0484 5712 hpqddsvc - ok
18:55:24.0531 5712 [ 04C1DCBB226C6AE647B794833CE3CEB6 ] hpqwmiex C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
18:55:24.0531 5712 hpqwmiex - ok
18:55:24.0578 5712 [ 46D67209550973257601A533E2AC5785 ] HSFHWAZL C:\Windows\system32\DRIVERS\VSTAZL3.SYS
18:55:24.0578 5712 HSFHWAZL - ok
18:55:24.0640 5712 [ EC36F1D542ED4252390D446BF6D4DFD0 ] HSF_DPV C:\Windows\system32\DRIVERS\VSTDPV3.SYS
18:55:24.0687 5712 HSF_DPV - ok
18:55:24.0765 5712 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:55:24.0765 5712 HTTP - ok
18:55:24.0812 5712 [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp C:\Windows\system32\drivers\i2omp.sys
18:55:24.0812 5712 i2omp - ok
18:55:24.0890 5712 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
18:55:24.0890 5712 i8042prt - ok
18:55:25.0030 5712 [ F79525634B192F5A18DE503568F94EF3 ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
18:55:25.0046 5712 IAANTMON - ok
18:55:25.0139 5712 [ 496DB78E6A0C4C44023D9A92B4A7AC31 ] ialm C:\Windows\system32\DRIVERS\igdkmd32.sys
18:55:25.0202 5712 ialm - ok
18:55:25.0264 5712 [ BAABB0301949774A66B955C65319635A ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
18:55:25.0264 5712 iaStor - ok
18:55:25.0295 5712 [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
18:55:25.0295 5712 iaStorV - ok
18:55:25.0420 5712 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
18:55:25.0420 5712 IDriverT - ok
18:55:25.0498 5712 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:55:25.0514 5712 idsvc - ok
18:55:25.0561 5712 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
18:55:25.0561 5712 iirsp - ok
18:55:25.0654 5712 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
18:55:25.0654 5712 IKEEXT - ok
18:55:25.0841 5712 [ 1F10ED6F98C57EFB4E7FB9972B2DBB71 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
18:55:25.0919 5712 IntcAzAudAddService - ok
18:55:25.0951 5712 [ 97469037714070E45194ED318D636401 ] intelide C:\Windows\system32\drivers\intelide.sys
18:55:25.0951 5712 intelide - ok
18:55:25.0997 5712 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:55:25.0997 5712 intelppm - ok
18:55:26.0044 5712 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:55:26.0060 5712 IPBusEnum - ok
18:55:26.0107 5712 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:55:26.0107 5712 IpFilterDriver - ok
18:55:26.0107 5712 IpInIp - ok
18:55:26.0169 5712 [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
18:55:26.0169 5712 IPMIDRV - ok
18:55:26.0216 5712 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
18:55:26.0216 5712 IPNAT - ok
18:55:26.0309 5712 [ BC0EA61246F8D940FBC5F652D337D6BD ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
18:55:26.0419 5712 iPod Service - ok
18:55:26.0465 5712 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:55:26.0465 5712 IRENUM - ok
18:55:26.0481 5712 [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:55:26.0481 5712 isapnp - ok
18:55:26.0543 5712 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
18:55:26.0543 5712 iScsiPrt - ok
18:55:26.0575 5712 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
18:55:26.0575 5712 iteatapi - ok
18:55:26.0590 5712 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
18:55:26.0590 5712 iteraid - ok
18:55:26.0637 5712 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
18:55:26.0637 5712 kbdclass - ok
18:55:26.0684 5712 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
18:55:26.0699 5712 kbdhid - ok
18:55:26.0731 5712 [ 3978F3540329E16C0AC3BCF677E5669F ] KeyIso C:\Windows\system32\lsass.exe
18:55:26.0746 5712 KeyIso - ok
18:55:26.0809 5712 [ 86165728AF9BF72D6442A894FDFB4F8B ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:55:26.0809 5712 KSecDD - ok
18:55:26.0887 5712 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
18:55:26.0902 5712 KtmRm - ok
18:55:26.0949 5712 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\System32\srvsvc.dll
18:55:26.0949 5712 LanmanServer - ok
18:55:27.0011 5712 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:55:27.0027 5712 LanmanWorkstation - ok
18:55:27.0089 5712 [ 9807159672DB88F70B9ADC98593C76FA ] lawq C:\Users\German Delgado\AppData\Roaming\cna3.bat
18:55:27.0089 5712 lawq - ok
18:55:27.0167 5712 [ 559C9B7800FAC92FC515CD0003D7C631 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
18:55:27.0167 5712 LightScribeService - ok
18:55:27.0230 5712 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:55:27.0230 5712 lltdio - ok
18:55:27.0292 5712 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:55:27.0292 5712 lltdsvc - ok
18:55:27.0386 5712 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:55:27.0401 5712 lmhosts - ok
18:55:27.0433 5712 LMIGuardianSvc - ok
18:55:27.0448 5712 LMIInfo - ok
18:55:27.0495 5712 [ 4477689E2D8AE6B78BA34C9AF4CC1ED1 ] lmimirr C:\Windows\system32\DRIVERS\lmimirr.sys
18:55:27.0526 5712 lmimirr - ok
18:55:27.0542 5712 LMIRfsClientNP - ok
18:55:27.0604 5712 [ 3FAA563DDF853320F90259D455A01D79 ] LMIRfsDriver C:\Windows\system32\drivers\LMIRfsDriver.sys
18:55:27.0604 5712 LMIRfsDriver - ok
18:55:27.0635 5712 [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
18:55:27.0635 5712 LSI_FC - ok
18:55:27.0651 5712 [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
18:55:27.0651 5712 LSI_SAS - ok
18:55:27.0682 5712 [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
18:55:27.0682 5712 LSI_SCSI - ok
18:55:27.0729 5712 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
18:55:27.0729 5712 luafv - ok
18:55:27.0791 5712 [ 500D089CE760D83DA2B6CBA681AA9949 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
18:55:27.0791 5712 MBAMProtector - ok
18:55:27.0994 5712 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
18:55:28.0025 5712 MBAMScheduler - ok
18:55:28.0072 5712 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
18:55:28.0088 5712 MBAMService - ok
18:55:28.0166 5712 [ 0DB7527DB188C7D967A37BB51BBF3963 ] MBAMSwissArmy C:\Windows\system32\drivers\mbamswissarmy.sys
18:55:28.0166 5712 MBAMSwissArmy - ok
18:55:28.0181 5712 MCSTRM - ok
18:55:28.0415 5712 [ 7CF1B716372B89568AE4C0FE769F5869 ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
18:55:28.0462 5712 MDM - ok
18:55:28.0509 5712 [ D153B14FC6598EAE8422A2037553ADCE ] megasas C:\Windows\system32\drivers\megasas.sys
18:55:28.0509 5712 megasas - ok
18:55:28.0759 5712 [ 7C4C76B39D5525C4A465E0BE32528E19 ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
18:55:28.0790 5712 Microsoft Office Groove Audit Service - ok
18:55:28.0837 5712 [ 124AAF5D2A58E00C05019B0FB77C0966 ] MLPTDR_B C:\Windows\system32\MLPTDR_B.SYS
18:55:28.0837 5712 MLPTDR_B - ok
18:55:28.0868 5712 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
18:55:28.0883 5712 MMCSS - ok
18:55:28.0930 5712 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
18:55:28.0930 5712 Modem - ok
18:55:28.0993 5712 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:55:28.0993 5712 monitor - ok
18:55:29.0008 5712 motccgp - ok
18:55:29.0008 5712 motccgpfl - ok
18:55:29.0071 5712 [ 80BDA4AC4B2834CA522B7386FC1F6A20 ] MotDev C:\Windows\system32\DRIVERS\motodrv.sys
18:55:29.0071 5712 MotDev - ok
18:55:29.0117 5712 [ FE80C18BA448DDD76B7BEAD9EB203D37 ] motmodem C:\Windows\system32\DRIVERS\motmodem.sys
18:55:29.0117 5712 motmodem - ok
18:55:29.0149 5712 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:55:29.0164 5712 mouclass - ok
18:55:29.0180 5712 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:55:29.0180 5712 mouhid - ok
18:55:29.0227 5712 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
18:55:29.0227 5712 MountMgr - ok
18:55:29.0273 5712 [ 583A41F26278D9E0EA548163D6139397 ] mpio C:\Windows\system32\drivers\mpio.sys
18:55:29.0273 5712 mpio - ok
18:55:29.0320 5712 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:55:29.0336 5712 mpsdrv - ok
18:55:29.0367 5712 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
18:55:29.0367 5712 Mraid35x - ok
18:55:29.0429 5712 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:55:29.0429 5712 MRxDAV - ok
18:55:29.0476 5712 [ 454341E652BDF5E01B0F2140232B073E ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:55:29.0476 5712 mrxsmb - ok
18:55:29.0492 5712 [ 2A4901AFF069944FA945ED5BBF4DCDE3 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:55:29.0507 5712 mrxsmb10 - ok
18:55:29.0539 5712 [ 28B3F1AB44BDD4432C041581412F17D9 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:55:29.0539 5712 mrxsmb20 - ok
18:55:29.0601 5712 [ 28023E86F17001F7CD9B15A5BC9AE07D ] msahci C:\Windows\system32\DRIVERS\msahci.sys
18:55:29.0601 5712 msahci - ok
18:55:29.0632 5712 [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:55:29.0632 5712 msdsm - ok
18:55:29.0679 5712 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
18:55:29.0695 5712 MSDTC - ok
18:55:29.0757 5712 [ 343291A4DFD7C923C3F71F550830EC1C ] MSDV C:\Windows\system32\DRIVERS\msdv.sys
18:55:29.0773 5712 MSDV - ok
18:55:29.0773 5712 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:55:29.0773 5712 Msfs - ok
18:55:29.0835 5712 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:55:29.0835 5712 msisadrv - ok
18:55:29.0882 5712 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:55:29.0882 5712 MSiSCSI - ok
18:55:29.0882 5712 msiserver - ok
18:55:29.0944 5712 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:55:29.0960 5712 MSKSSRV - ok
18:55:29.0991 5712 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:55:29.0991 5712 MSPCLOCK - ok
18:55:30.0022 5712 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:55:30.0022 5712 MSPQM - ok
18:55:30.0069 5712 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:55:30.0069 5712 MsRPC - ok
18:55:30.0131 5712 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
18:55:30.0147 5712 mssmbios - ok
18:55:30.0163 5712 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:55:30.0163 5712 MSTEE - ok
18:55:30.0209 5712 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
18:55:30.0225 5712 Mup - ok
18:55:30.0287 5712 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
18:55:30.0303 5712 napagent - ok
18:55:30.0350 5712 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:55:30.0365 5712 NativeWifiP - ok
18:55:30.0428 5712 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
18:55:30.0428 5712 NDIS - ok
18:55:30.0490 5712 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:55:30.0506 5712 NdisTapi - ok
18:55:30.0553 5712 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:55:30.0568 5712 Ndisuio - ok
18:55:30.0615 5712 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:55:30.0631 5712 NdisWan - ok
18:55:30.0724 5712 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:55:30.0724 5712 NDProxy - ok
18:55:30.0787 5712 [ 2969D26EEE289BE7422AA46FC55F4E38 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
18:55:30.0802 5712 Net Driver HPZ12 - ok
18:55:30.0833 5712 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:55:30.0833 5712 NetBIOS - ok
18:55:30.0896 5712 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
18:55:30.0896 5712 netbt - ok
18:55:30.0896 5712 [ 3978F3540329E16C0AC3BCF677E5669F ] Netlogon C:\Windows\system32\lsass.exe
18:55:30.0896 5712 Netlogon - ok
18:55:30.0989 5712 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
18:55:31.0021 5712 Netman - ok
18:55:31.0036 5712 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
18:55:31.0052 5712 netprofm - ok
18:55:31.0099 5712 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:55:31.0099 5712 NetTcpPortSharing - ok
18:55:31.0286 5712 [ 6522DD40A5F67CED020BD81B856613FB ] NETw4v32 C:\Windows\system32\DRIVERS\NETw4v32.sys
18:55:31.0379 5712 NETw4v32 - ok
18:55:31.0442 5712 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
18:55:31.0442 5712 nfrd960 - ok
18:55:31.0504 5712 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
18:55:31.0520 5712 NlaSvc - ok
18:55:31.0613 5712 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:55:31.0613 5712 Npfs - ok
18:55:31.0676 5712 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
18:55:31.0691 5712 nsi - ok
18:55:31.0738 5712 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:55:31.0738 5712 nsiproxy - ok
18:55:31.0941 5712 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:55:31.0988 5712 Ntfs - ok
18:55:32.0003 5712 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
18:55:32.0003 5712 ntrigdigi - ok
18:55:32.0081 5712 [ CF7E041663119E09D2E118521ADA9300 ] NuidFltr C:\Windows\system32\DRIVERS\NuidFltr.sys
18:55:32.0081 5712 NuidFltr - ok
18:55:32.0128 5712 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
18:55:32.0128 5712 Null - ok
18:55:32.0425 5712 [ B36C3B866B0D47E2E2856EC8FD746E39 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:55:32.0690 5712 nvlddmkm - ok
18:55:32.0783 5712 [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:55:32.0815 5712 nvraid - ok
18:55:32.0830 5712 [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:55:32.0830 5712 nvstor - ok
18:55:32.0861 5712 [ CF672C71844A3B407EB86042829BCE09 ] nvsvc C:\Windows\system32\nvvsvc.exe
18:55:32.0861 5712 nvsvc - ok
18:55:32.0893 5712 [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:55:32.0893 5712 nv_agp - ok
18:55:33.0017 5712 [ FC2A8AAA0F3321F41231EDE0AF1968AE ] NWADI C:\Windows\system32\DRIVERS\NWADIenum.sys
18:55:33.0033 5712 NWADI - ok
18:55:33.0033 5712 NwlnkFlt - ok
18:55:33.0049 5712 NwlnkFwd - ok
18:55:33.0111 5712 [ 224131778C92AEE8C13AFAC5FBFF19CA ] NWUSBCDFIL C:\Windows\system32\DRIVERS\NwUsbCdFil.sys
18:55:33.0111 5712 NWUSBCDFIL - ok
18:55:33.0189 5712 [ B7112F30D7EFF4B5052EBA879F46228F ] NWUSBModem C:\Windows\system32\DRIVERS\nwusbmdm.sys
18:55:33.0189 5712 NWUSBModem - ok
18:55:33.0220 5712 [ B7112F30D7EFF4B5052EBA879F46228F ] NWUSBPort C:\Windows\system32\DRIVERS\nwusbser.sys
18:55:33.0236 5712 NWUSBPort - ok
18:55:33.0251 5712 [ B7112F30D7EFF4B5052EBA879F46228F ] NWUSBPort2 C:\Windows\system32\DRIVERS\nwusbser2.sys
18:55:33.0267 5712 NWUSBPort2 - ok
18:55:33.0532 5712 [ 1F0E05DFF4F5A833168E49BE1256F002 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:55:33.0579 5712 odserv - ok
18:55:33.0626 5712 [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
18:55:33.0626 5712 ohci1394 - ok
18:55:33.0688 5712 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:55:33.0688 5712 ose - ok
18:55:33.0751 5712 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
18:55:33.0844 5712 p2pimsvc - ok
18:55:33.0875 5712 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
18:55:33.0875 5712 p2psvc - ok
18:55:34.0000 5712 [ 4A410C7AEA51123519C20D43A20BCE96 ] PAC207 C:\Windows\system32\DRIVERS\PFC027.SYS
18:55:34.0000 5712 PAC207 - ok
18:55:34.0063 5712 [ 836E48DE7630D419F6AD2728D79A2615 ] palmmdm C:\Windows\system32\DRIVERS\palmmdm.sys
18:55:34.0063 5712 palmmdm - ok
18:55:34.0109 5712 [ DC450992EBA6F914080C1F7FBEEED72C ] PalmUSBD C:\Windows\system32\drivers\PalmUSBD.sys
18:55:34.0109 5712 PalmUSBD - ok
18:55:34.0141 5712 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
18:55:34.0141 5712 Parport - ok
18:55:34.0187 5712 [ 57389FA59A36D96B3EB09D0CB91E9CDC ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:55:34.0203 5712 partmgr - ok
18:55:34.0234 5712 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
18:55:34.0234 5712 Parvdm - ok
18:55:34.0359 5712 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
18:55:34.0359 5712 PcaSvc - ok
18:55:34.0421 5712 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
18:55:34.0437 5712 pci - ok
18:55:34.0453 5712 [ 1636D43F10416AEB483BC6001097B26C ] pciide C:\Windows\system32\DRIVERS\pciide.sys
18:55:34.0453 5712 pciide - ok
18:55:34.0499 5712 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
18:55:34.0499 5712 pcmcia - ok
18:55:34.0562 5712 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:55:34.0609 5712 PEAUTH - ok
18:55:34.0733 5712 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
18:55:34.0780 5712 pla - ok
18:55:34.0843 5712 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:55:34.0843 5712 PlugPlay - ok
18:55:34.0921 5712 [ BAFC9706BDF425A02B66468AB2605C59 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
18:55:34.0921 5712 Pml Driver HPZ12 - ok
18:55:34.0983 5712 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
18:55:34.0983 5712 PNRPAutoReg - ok
18:55:35.0014 5712 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
18:55:35.0014 5712 PNRPsvc - ok
18:55:35.0045 5712 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:55:35.0045 5712 PolicyAgent - ok
18:55:35.0108 5712 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:55:35.0108 5712 PptpMiniport - ok
18:55:35.0155 5712 [ 0E3CEF5D28B40CF273281D620C50700A ] Processor C:\Windows\system32\drivers\processr.sys
18:55:35.0155 5712 Processor - ok
18:55:35.0217 5712 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
18:55:35.0217 5712 ProfSvc - ok
18:55:35.0248 5712 [ 3978F3540329E16C0AC3BCF677E5669F ] ProtectedStorage C:\Windows\system32\lsass.exe
18:55:35.0264 5712 ProtectedStorage - ok
18:55:35.0311 5712 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
18:55:35.0311 5712 PSched - ok
18:55:35.0357 5712 [ D86B4A68565E444D76457F14172C875A ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
18:55:35.0357 5712 PxHelp20 - ok
18:55:35.0404 5712 [ CCDAC889326317792480C0A67156A1EC ] ql2300 C:\Windows\system32\drivers\ql2300.sys
18:55:35.0513 5712 ql2300 - ok
18:55:35.0545 5712 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
18:55:35.0545 5712 ql40xx - ok
18:55:35.0591 5712 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
18:55:35.0607 5712 QWAVE - ok
18:55:35.0654 5712 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:55:35.0654 5712 QWAVEdrv - ok
18:55:35.0685 5712 [ C8E5DFF0A7A52806DD3EB2DE02A65E19 ] R5U870FLx86 C:\Windows\system32\Drivers\R5U870FLx86.sys
18:55:35.0685 5712 R5U870FLx86 - ok
18:55:35.0747 5712 [ 9156104475AEFF19003B33860340391E ] R5U870FUx86 C:\Windows\system32\Drivers\R5U870FUx86.sys
18:55:35.0747 5712 R5U870FUx86 - ok
18:55:35.0810 5712 [ 70DBDAB246C18B78E2200D6401D038BE ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
18:55:35.0825 5712 RapiMgr - ok
18:55:35.0872 5712 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:55:35.0872 5712 RasAcd - ok
18:55:35.0919 5712 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
18:55:35.0919 5712 RasAuto - ok
18:55:35.0966 5712 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:55:35.0966 5712 Rasl2tp - ok
18:55:36.0028 5712 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
18:55:36.0044 5712 RasMan - ok
18:55:36.0075 5712 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:55:36.0091 5712 RasPppoe - ok
18:55:36.0137 5712 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:55:36.0137 5712 RasSstp - ok
18:55:36.0200 5712 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:55:36.0200 5712 rdbss - ok
18:55:36.0262 5712 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:55:36.0278 5712 RDPCDD - ok
18:55:36.0309 5712 [ 943B18305EAE3935598A9B4A3D560B4C ] rdpdr C:\Windows\system32\DRIVERS\rdpdr.sys
18:55:36.0309 5712 rdpdr - ok
18:55:36.0325 5712 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:55:36.0325 5712 RDPENCDD - ok
18:55:36.0387 5712 [ 30BFBDFB7F95559EDE971F9DDB9A00BA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:55:36.0387 5712 RDPWD - ok
18:55:36.0434 5712 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
18:55:36.0434 5712 RemoteAccess - ok
18:55:36.0496 5712 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:55:36.0496 5712 RemoteRegistry - ok
18:55:36.0559 5712 [ 6482707F9F4DA0ECBAB43B2E0398A101 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
18:55:36.0559 5712 RFCOMM - ok
18:55:36.0621 5712 [ 355AAC141B214BEF1DBC1483AFD9BD50 ] rimmptsk C:\Windows\system32\DRIVERS\rimmptsk.sys
18:55:36.0621 5712 rimmptsk - ok
18:55:36.0699 5712 [ A4216C71DD4F60B26418CCFD99CD0815 ] rimsptsk C:\Windows\system32\DRIVERS\rimsptsk.sys
18:55:36.0699 5712 rimsptsk - ok
18:55:36.0746 5712 [ 4F4A4C09CC5BE58A76CAC1C337E004E6 ] RimUsb C:\Windows\system32\Drivers\RimUsb.sys
18:55:36.0761 5712 RimUsb - ok
18:55:36.0824 5712 [ 3A5633AD615E2B15291BD0B1B97CCD8A ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial.sys
18:55:36.0824 5712 RimVSerPort - ok
18:55:36.0871 5712 [ C663AF77E2F4EABF8EB08B388D2F1F36 ] rismxdp C:\Windows\system32\DRIVERS\rixdptsk.sys
18:55:36.0871 5712 rismxdp - ok
18:55:36.0917 5712 [ 75E8A6BFA7374ABA833AE92BF41AE4E6 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
18:55:36.0917 5712 ROOTMODEM - ok
18:55:36.0949 5712 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
18:55:36.0949 5712 RpcLocator - ok
18:55:37.0011 5712 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
18:55:37.0027 5712 RpcSs - ok
18:55:37.0073 5712 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:55:37.0073 5712 rspndr - ok
18:55:37.0120 5712 [ 8CCA591019216E9523E3CB385CE643E6 ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys
18:55:37.0120 5712 RTL8169 - ok
18:55:37.0120 5712 [ 3978F3540329E16C0AC3BCF677E5669F ] SamSs C:\Windows\system32\lsass.exe
18:55:37.0120 5712 SamSs - ok
18:55:37.0151 5712 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:55:37.0167 5712 sbp2port - ok
18:55:37.0229 5712 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:55:37.0245 5712 SCardSvr - ok
18:55:37.0339 5712 [ 323AE0BDFD2EB15B668DDA50CC597329 ] Schedule C:\Windows\system32\schedsvc.dll
18:55:37.0354 5712 Schedule - ok
18:55:37.0432 5712 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
18:55:37.0432 5712 SCPolicySvc - ok
18:55:37.0479 5712 [ 8F36B54688C31EED4580129040C6A3D3 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
18:55:37.0479 5712 sdbus - ok
18:55:37.0510 5712 SDDMI2 - ok
18:55:37.0573 5712 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:55:37.0573 5712 SDRSVC - ok
18:55:37.0588 5712 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:55:37.0588 5712 secdrv - ok
18:55:37.0651 5712 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
18:55:37.0651 5712 seclogon - ok
18:55:37.0697 5712 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\system32\sens.dll
18:55:37.0697 5712 SENS - ok
18:55:37.0713 5712 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
18:55:37.0713 5712 Serenum - ok
18:55:37.0744 5712 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
18:55:37.0744 5712 Serial - ok
18:55:37.0760 5712 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
18:55:37.0760 5712 sermouse - ok
18:55:37.0822 5712 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
18:55:37.0822 5712 SessionEnv - ok
18:55:37.0869 5712 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
18:55:37.0869 5712 sffdisk - ok
18:55:37.0900 5712 [ 8FD08A310645FE872EEEC6E08C6BF3EE ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:55:37.0900 5712 sffp_mmc - ok
18:55:37.0931 5712 [ 9F66A46C55D6F1CCABC79BB7AFCCC545 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
18:55:37.0931 5712 sffp_sd - ok
18:55:37.0963 5712 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
18:55:37.0963 5712 sfloppy - ok
18:55:38.0025 5712 [ C818C44C201898399BF999BB6B35D4E3 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:55:38.0041 5712 ShellHWDetection - ok
18:55:38.0056 5712 [ D2A595D6EEBEEAF4334F8E50EFBC9931 ] sisagp C:\Windows\system32\drivers\sisagp.sys
18:55:38.0056 5712 sisagp - ok
18:55:38.0072 5712 [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
18:55:38.0072 5712 SiSRaid2 - ok
18:55:38.0087 5712 [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
18:55:38.0087 5712 SiSRaid4 - ok
18:55:38.0321 5712 [ 753D254205E0A62100A050BD8B458D06 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
18:55:38.0431 5712 Skype C2C Service - ok
18:55:38.0587 5712 [ DDAA5F4A6B958FC313EBD02DD925752F ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
18:55:38.0587 5712 SkypeUpdate - ok
18:55:38.0758 5712 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
18:55:38.0867 5712 slsvc - ok
18:55:38.0914 5712 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
18:55:38.0930 5712 SLUINotify - ok
18:55:38.0977 5712 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:55:38.0977 5712 Smb - ok
18:55:39.0070 5712 [ 63B3B77BDB67EE674771C0E6FB96DA9E ] smserial C:\Windows\system32\DRIVERS\smserial.sys
18:55:39.0101 5712 smserial - ok
18:55:39.0133 5712 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:55:39.0133 5712 SNMPTRAP - ok
18:55:39.0179 5712 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
18:55:39.0179 5712 spldr - ok
18:55:39.0226 5712 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
18:55:39.0242 5712 Spooler - ok
18:55:39.0304 5712 [ CDDDEC541BC3C96F91ECB48759673505 ] sptd C:\Windows\system32\Drivers\sptd.sys
18:55:39.0304 5712 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: CDDDEC541BC3C96F91ECB48759673505
18:55:39.0304 5712 sptd ( LockedFile.Multi.Generic ) - warning
18:55:39.0304 5712 sptd - detected LockedFile.Multi.Generic (1)
18:55:39.0382 5712 [ FF3CBC13DB84D81F56931BC922CC37C4 ] srv C:\Windows\system32\DRIVERS\srv.sys
18:55:39.0382 5712 srv - ok
18:55:39.0398 5712 [ D15959D9F69F0D39A0153E9C244F20DD ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:55:39.0398 5712 srv2 - ok
18:55:39.0413 5712 [ FAA0D553A49E85008C6BB3781987C574 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:55:39.0413 5712 srvnet - ok
18:55:39.0460 5712 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:55:39.0476 5712 SSDPSRV - ok
18:55:39.0538 5712 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:55:39.0538 5712 SstpSvc - ok
18:55:39.0601 5712 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
18:55:39.0616 5712 stisvc - ok
18:55:39.0710 5712 [ 0453267164A1E88FD7829A5AE6A3E455 ] SureThing Labelflash service C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
18:55:39.0725 5712 SureThing Labelflash service - ok
18:55:39.0788 5712 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
18:55:39.0788 5712 swenum - ok
18:55:39.0835 5712 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
18:55:39.0850 5712 swprv - ok
18:55:39.0881 5712 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
18:55:39.0881 5712 Symc8xx - ok
18:55:39.0897 5712 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
18:55:39.0897 5712 Sym_hi - ok
18:55:39.0913 5712 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
18:55:39.0913 5712 Sym_u3 - ok
18:55:39.0991 5712 [ 3D6316279C3540AA268BF025F4621EF3 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
18:55:39.0991 5712 SynTP - ok
18:55:40.0053 5712 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
18:55:40.0084 5712 SysMain - ok
18:55:40.0100 5712 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:55:40.0100 5712 TabletInputService - ok
18:55:40.0162 5712 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
18:55:40.0162 5712 TapiSrv - ok
18:55:40.0209 5712 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
18:55:40.0209 5712 TBS - ok
18:55:40.0303 5712 [ A474879AFA4A596B3A531F3E69730DBF ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:55:40.0349 5712 Tcpip - ok
18:55:40.0459 5712 [ A474879AFA4A596B3A531F3E69730DBF ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
18:55:40.0459 5712 Tcpip6 - ok
18:55:40.0521 5712 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:55:40.0521 5712 tcpipreg - ok
18:55:40.0568 5712 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:55:40.0568 5712 TDPIPE - ok
18:55:40.0615 5712 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:55:40.0615 5712 TDTCP - ok
18:55:40.0646 5712 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:55:40.0646 5712 tdx - ok
18:55:40.0661 5712 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
18:55:40.0661 5712 TermDD - ok
18:55:40.0693 5712 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
18:55:40.0708 5712 TermService - ok
18:55:40.0724 5712 [ C818C44C201898399BF999BB6B35D4E3 ] Themes C:\Windows\system32\shsvcs.dll
18:55:40.0724 5712 Themes - ok
18:55:40.0739 5712 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
18:55:40.0755 5712 THREADORDER - ok
18:55:40.0802 5712 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
18:55:40.0802 5712 TrkWks - ok
18:55:40.0864 5712 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:55:40.0864 5712 TrustedInstaller - ok
18:55:40.0911 5712 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:55:40.0911 5712 tssecsrv - ok
18:55:40.0958 5712 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
18:55:40.0958 5712 tunmp - ok
18:55:41.0020 5712 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:55:41.0020 5712 tunnel - ok
18:55:41.0051 5712 [ C3ADE15414120033A36C0F293D4A4121 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
18:55:41.0051 5712 uagp35 - ok
18:55:41.0114 5712 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:55:41.0129 5712 udfs - ok
18:55:41.0176 5712 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:55:41.0176 5712 UI0Detect - ok
18:55:41.0192 5712 [ 75E6890EBFCE0841D3291B02E7A8BDB0 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:55:41.0192 5712 uliagpkx - ok
18:55:41.0223 5712 [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci C:\Windows\system32\drivers\uliahci.sys
18:55:41.0239 5712 uliahci - ok
18:55:41.0254 5712 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
18:55:41.0270 5712 UlSata - ok
18:55:41.0301 5712 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
18:55:41.0301 5712 ulsata2 - ok
18:55:41.0348 5712 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
18:55:41.0348 5712 umbus - ok
18:55:41.0410 5712 [ 8A66360F38F81E960E2367B428CBD5D9 ] UmRdpService C:\Windows\System32\umrdp.dll
18:55:41.0410 5712 UmRdpService - ok
18:55:41.0488 5712 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
18:55:41.0504 5712 upnphost - ok
18:55:41.0582 5712 [ F340199E8CB097E1ACD58A967C665919 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
18:55:41.0582 5712 USBAAPL - ok
18:55:41.0629 5712 [ 32DB9517628FF0D070682AAB61E688F0 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
18:55:41.0629 5712 usbaudio - ok
18:55:41.0691 5712 [ 9419FAAC6552A51542DBBA02971C841C ] usbbus C:\Windows\system32\DRIVERS\lgusbbus.sys
18:55:41.0691 5712 usbbus - ok
18:55:41.0738 5712 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:55:41.0738 5712 usbccgp - ok
18:55:41.0769 5712 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:55:41.0769 5712 usbcir - ok
18:55:41.0816 5712 [ C0A466FA4FFEC464320E159BC1BBDC0C ] UsbDiag C:\Windows\system32\DRIVERS\lgusbdiag.sys
18:55:41.0816 5712 UsbDiag - ok
18:55:41.0878 5712 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
18:55:41.0878 5712 usbehci - ok
18:55:41.0925 5712 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:55:41.0941 5712 usbhub - ok
18:55:41.0987 5712 [ F74A54774A9B0AFEB3C40ADEC68AA600 ] USBModem C:\Windows\system32\DRIVERS\lgusbmodem.sys
18:55:41.0987 5712 USBModem - ok
18:55:42.0003 5712 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
18:55:42.0003 5712 usbohci - ok
18:55:42.0034 5712 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
18:55:42.0050 5712 usbprint - ok
18:55:42.0097 5712 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
18:55:42.0112 5712 usbscan - ok
18:55:42.0128 5712 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:55:42.0128 5712 USBSTOR - ok
18:55:42.0159 5712 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
18:55:42.0175 5712 usbuhci - ok
18:55:42.0221 5712 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
18:55:42.0221 5712 usbvideo - ok
18:55:42.0284 5712 [ 830D5D8456B822C1247C1E59B4C464FA ] USB_RNDIS C:\Windows\system32\DRIVERS\usb8023.sys
18:55:42.0284 5712 USB_RNDIS - ok
18:55:42.0331 5712 [ 35C9095FA7076466AFBFC5B9EC4B779E ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
18:55:42.0331 5712 usb_rndisx - ok
18:55:42.0377 5712 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
18:55:42.0377 5712 UxSms - ok
18:55:42.0424 5712 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
18:55:42.0440 5712 vds - ok
18:55:42.0487 5712 [ 7D92BE0028ECDEDEC74617009084B5EF ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:55:42.0487 5712 vga - ok
18:55:42.0549 5712 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
18:55:42.0549 5712 VgaSave - ok
18:55:42.0565 5712 [ 045D9961E591CF0674A920B6BA3BA5CB ] viaagp C:\Windows\system32\drivers\viaagp.sys
18:55:42.0565 5712 viaagp - ok
18:55:42.0643 5712 [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
18:55:42.0643 5712 ViaC7 - ok
18:55:42.0674 5712 [ FD2E3175FCADA350C7AB4521DCA187EC ] viaide C:\Windows\system32\drivers\viaide.sys
18:55:42.0674 5712 viaide - ok
18:55:42.0689 5712 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:55:42.0689 5712 volmgr - ok
18:55:42.0752 5712 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:55:42.0752 5712 volmgrx - ok
18:55:42.0814 5712 [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:55:42.0814 5712 volsnap - ok
18:55:42.0830 5712 [ D984439746D42B30FC65A4C3546C6829 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
18:55:42.0845 5712 vsmraid - ok
18:55:42.0908 5712 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
18:55:42.0955 5712 VSS - ok
18:55:43.0001 5712 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
18:55:43.0017 5712 W32Time - ok
18:55:43.0033 5712 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
18:55:43.0033 5712 WacomPen - ok
18:55:43.0079 5712 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
18:55:43.0079 5712 Wanarp - ok
18:55:43.0095 5712 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:55:43.0095 5712 Wanarpv6 - ok
18:55:43.0142 5712 [ 20B23332885DFB93FE0185362EE811E9 ] wbengine C:\Windows\system32\wbengine.exe
18:55:43.0173 5712 wbengine - ok
18:55:43.0235 5712 [ 779F9C90D3FE9C70B6FFD8EF035F3E83 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
18:55:43.0235 5712 WcesComm - ok
18:55:43.0313 5712 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:55:43.0360 5712 wcncsvc - ok
18:55:43.0376 5712 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:55:43.0376 5712 WcsPlugInService - ok
18:55:43.0391 5712 [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd C:\Windows\system32\drivers\wd.sys
18:55:43.0391 5712 Wd - ok
18:55:43.0469 5712 [ D6EFAF429FD30C5DF613D220E344CCE7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam.sys
18:55:43.0469 5712 WDC_SAM - ok
18:55:43.0594 5712 [ 997F2E3B66F1A987DEE83947FB40A033 ] WDDMService C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
18:55:43.0594 5712 WDDMService - ok
18:55:43.0657 5712 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:55:43.0672 5712 Wdf01000 - ok
18:55:43.0859 5712 [ 5BB2ED6A1070001038276C814BC8C1DE ] WDFME C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
18:55:43.0922 5712 WDFME - ok
18:55:43.0969 5712 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:55:43.0969 5712 WdiServiceHost - ok
18:55:43.0984 5712 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:55:43.0984 5712 WdiSystemHost - ok
18:55:44.0031 5712 [ 3BA6FAF9276294285B88C2E6C85A4A09 ] WDSC C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
18:55:44.0047 5712 WDSC - ok
18:55:44.0093 5712 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
18:55:44.0109 5712 WebClient - ok
18:55:44.0156 5712 [ 905214925A88311FCE52F66153DE7610 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:55:44.0171 5712 Wecsvc - ok
18:55:44.0234 5712 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:55:44.0234 5712 wercplsupport - ok
18:55:44.0281 5712 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
18:55:44.0296 5712 WerSvc - ok
18:55:44.0359 5712 [ 5C7BDCF5864DB00323FE2D90FA26A8A2 ] winachsf C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
18:55:44.0374 5712 winachsf - ok
18:55:44.0390 5712 WinHttpAutoProxySvc - ok
18:55:44.0499 5712 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:55:44.0499 5712 Winmgmt - ok
18:55:44.0577 5712 [ 01874D4689C212460FBABF0ECD7CB7F7 ] WinRM C:\Windows\system32\WsmSvc.dll
18:55:44.0624 5712 WinRM - ok
18:55:44.0702 5712 [ 676F4B665BDD8053EAA53AC1695B8074 ] winusb C:\Windows\system32\DRIVERS\winusb.sys
18:55:44.0702 5712 winusb - ok
18:55:44.0764 5712 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
18:55:44.0780 5712 Wlansvc - ok
18:55:44.0842 5712 [ CFFE18DB8140B00335221907A694DD01 ] WmFilter C:\Windows\system32\drivers\WmFilter.sys
18:55:44.0842 5712 WmFilter - ok
18:55:44.0889 5712 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
18:55:44.0889 5712 WmiAcpi - ok
18:55:44.0951 5712 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:55:44.0951 5712 wmiApSrv - ok
18:55:44.0998 5712 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
18:55:45.0045 5712 WMPNetworkSvc - ok
18:55:45.0107 5712 [ 39A4F8A73B2A45E9727A205DA941C13E ] WmUsbHid C:\Windows\system32\drivers\WmUsbHid.sys
18:55:45.0107 5712 WmUsbHid - ok
18:55:45.0154 5712 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:55:45.0154 5712 WPDBusEnum - ok
18:55:45.0217 5712 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
18:55:45.0217 5712 WpdUsb - ok
18:55:45.0404 5712 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
18:55:45.0451 5712 WPFFontCache_v0400 - ok
18:55:45.0513 5712 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:55:45.0513 5712 ws2ifsl - ok
18:55:45.0513 5712 WSearch - ok
18:55:45.0607 5712 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:55:45.0607 5712 WUDFRd - ok
18:55:45.0669 5712 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:55:45.0669 5712 wudfsvc - ok
18:55:45.0685 5712 ================ Scan global ===============================
18:55:45.0747 5712 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
18:55:45.0794 5712 [ 40864DA48A14EBC68A0D6BFD08BA21EB ] C:\Windows\system32\winsrv.dll
18:55:45.0825 5712 [ 40864DA48A14EBC68A0D6BFD08BA21EB ] C:\Windows\system32\winsrv.dll
18:55:45.0872 5712 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
18:55:45.0887 5712 [Global] - ok
18:55:45.0887 5712 ================ Scan MBR ==================================
18:55:45.0887 5712 [ 1A1A06F62E891045814007163C1C76C3 ] \Device\Harddisk0\DR0
18:55:46.0324 5712 \Device\Harddisk0\DR0 - ok
18:55:46.0496 5712 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
18:55:46.0558 5712 \Device\Harddisk1\DR1 - ok
18:55:46.0558 5712 ================ Scan VBR ==================================
18:55:46.0558 5712 [ FB852E8EFBDF9795578F480B65127E06 ] \Device\Harddisk0\DR0\Partition1
18:55:46.0558 5712 \Device\Harddisk0\DR0\Partition1 - ok
18:55:46.0605 5712 [ 907BFCFAC0A6386CC52EB7F2EFAA5028 ] \Device\Harddisk0\DR0\Partition2
18:55:46.0605 5712 \Device\Harddisk0\DR0\Partition2 - ok
18:55:46.0605 5712 [ C8BC674F344B68EC2CA12054402D2556 ] \Device\Harddisk1\DR1\Partition1
18:55:46.0605 5712 \Device\Harddisk1\DR1\Partition1 - ok
18:55:46.0605 5712 ============================================================
18:55:46.0605 5712 Scan finished
18:55:46.0605 5712 ============================================================
18:55:46.0621 4832 Detected object count: 1
18:55:46.0621 4832 Actual detected object count: 1
18:56:01.0971 4832 sptd ( LockedFile.Multi.Generic ) - skipped by user
18:56:01.0971 4832 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
18:57:10.0081 5320 Deinitialize success

--------------------------------------------
********aswMBR log file:********


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-24 18:58:32
-----------------------------
18:58:32.061 OS Version: Windows 6.0.6002 Service Pack 2
18:58:32.061 Number of processors: 2 586 0xF0D
18:58:32.061 ComputerName: LUCY UserName:
18:59:21.842 Initialize success
18:59:35.633 AVAST engine defs: 12102400
19:00:07.520 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
19:00:07.520 Disk 0 Vendor: ST912082 3.BH Size: 114473MB BusType: 3
19:00:07.520 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-1
19:00:07.535 Disk 1 Vendor: ST912082 3.BH Size: 114473MB BusType: 3
19:00:07.551 Disk 0 MBR read successfully
19:00:07.551 Disk 0 MBR scan
19:00:07.567 Disk 0 unknown MBR code
19:00:07.567 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 106305 MB offset 63
19:00:07.598 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 8165 MB offset 217712880
19:00:07.645 Disk 0 scanning sectors +234436545
19:00:07.707 Disk 0 scanning C:\Windows\system32\drivers
19:00:24.539 Service scanning
19:00:49.109 Service sptd C:\Windows\System32\Drivers\sptd.sys **LOCKED** 32
19:00:57.409 Modules scanning
19:01:06.488 Disk 0 trace - called modules:
19:01:06.535 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll iaStor.sys spvv.sys >>UNKNOWN [0x85fd0938]<<
19:01:06.535 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86b83500]
19:01:06.550 3 CLASSPNP.SYS[8939f8b3] -> nt!IofCallDriver -> [0x860a09c0]
19:01:06.566 5 acpi.sys[837b76bc] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x86061028]
19:01:07.049 AVAST engine scan C:\Windows
19:01:12.073 AVAST engine scan C:\Windows\system32
19:05:12.672 AVAST engine scan C:\Windows\system32\drivers
19:05:32.609 AVAST engine scan C:\Users\German Delgado
19:06:22.202 Disk 0 MBR has been saved successfully to "D:\MBR.dat"
19:06:22.217 The log file has been saved successfully to "D:\aswMBR.txt"


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-24 18:58:32
-----------------------------
18:58:32.061 OS Version: Windows 6.0.6002 Service Pack 2
18:58:32.061 Number of processors: 2 586 0xF0D
18:58:32.061 ComputerName: LUCY UserName:
18:59:21.842 Initialize success
18:59:35.633 AVAST engine defs: 12102400
19:00:07.520 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
19:00:07.520 Disk 0 Vendor: ST912082 3.BH Size: 114473MB BusType: 3
19:00:07.520 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-1
19:00:07.535 Disk 1 Vendor: ST912082 3.BH Size: 114473MB BusType: 3
19:00:07.551 Disk 0 MBR read successfully
19:00:07.551 Disk 0 MBR scan
19:00:07.567 Disk 0 unknown MBR code
19:00:07.567 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 106305 MB offset 63
19:00:07.598 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 8165 MB offset 217712880
19:00:07.645 Disk 0 scanning sectors +234436545
19:00:07.707 Disk 0 scanning C:\Windows\system32\drivers
19:00:24.539 Service scanning
19:00:49.109 Service sptd C:\Windows\System32\Drivers\sptd.sys **LOCKED** 32
19:00:57.409 Modules scanning
19:01:06.488 Disk 0 trace - called modules:
19:01:06.535 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll iaStor.sys spvv.sys >>UNKNOWN [0x85fd0938]<<
19:01:06.535 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86b83500]
19:01:06.550 3 CLASSPNP.SYS[8939f8b3] -> nt!IofCallDriver -> [0x860a09c0]
19:01:06.566 5 acpi.sys[837b76bc] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x86061028]
19:01:07.049 AVAST engine scan C:\Windows
19:01:12.073 AVAST engine scan C:\Windows\system32
19:05:12.672 AVAST engine scan C:\Windows\system32\drivers
19:05:32.609 AVAST engine scan C:\Users\German Delgado
19:06:22.202 Disk 0 MBR has been saved successfully to "D:\MBR.dat"
19:06:22.217 The log file has been saved successfully to "D:\aswMBR.txt"
19:14:14.483 File: C:\Users\German Delgado\AppData\Roaming\Pooc\uhney.exe **INFECTED** Win32:LockScreen-LC [Trj]
19:20:20.523 AVAST engine scan C:\ProgramData
19:25:49.184 Scan finished successfully
19:49:04.826 Disk 0 MBR has been saved successfully to "D:\MBR.dat"
19:49:04.919 The log file has been saved successfully to "D:\aswMBR.txt"

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:00 AM

Posted 25 October 2012 - 05:14 AM

ESET log?

#5 Theo2010

Theo2010
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:00 AM

Posted 25 October 2012 - 08:07 AM

I could not run ESET on line... no matter how i tried the virus would not let me run it.

Thanks

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:00 AM

Posted 25 October 2012 - 08:11 AM

Please explain :)

Can you run it from safemode with networking?

#7 Theo2010

Theo2010
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:00 AM

Posted 14 November 2012 - 07:22 AM

Apologies for the delay, I am using another system on my new job and didn't have the chance to play with my home system.
Below the ESET scan results
C:\Documents and Settings\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\yfmewa.exe
a variant of Win32/Injector.YBG trojan cleaned by deleting - quarantined
C:\Documents and Settings\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StartUp\ekalel.exe
a variant of Win32/Injector.YBG trojan cleaned by deleting - quarantined
C:\Documents and Settings\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ewduc.exe
a variant of Win32/Injector.YBG trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Users\German Delgado\AppData\Roaming\WMPRWISE.EXE.vir Win32/Extats.
A trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Users\German Delgado\AppData\Roaming\Pooc\uhney.exe.vir
a variant of Win32/Injector.YBG trojan cleaned by deleting - quarantined
D:\Documents\Utillities\installer_eset_online_scanner.exe
Win32/Toggle application cleaned by deleting - quarantined


Thank you for your help,

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:00 AM

Posted 14 November 2012 - 08:33 AM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#9 Theo2010

Theo2010
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:00 AM

Posted 14 November 2012 - 11:48 AM

My laptop seems to be running much better, is faster booting up, accessing the internet and faster running all my programs.

With that said, do I really need ot run the other set of instructions you provided?

Thank you much,

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:00 AM

Posted 14 November 2012 - 01:01 PM

Yes,you may be still infected

Edited by narenxp, 14 November 2012 - 01:01 PM.


#11 Theo2010

Theo2010
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:00 AM

Posted 14 November 2012 - 07:22 PM

I will run the programs and post results as soon as possible.

Appreciate your support,

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:00 AM

Posted 14 November 2012 - 07:23 PM

:thumbup2:

#13 HPLovethrash

HPLovethrash

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:00 AM

Posted 14 November 2012 - 10:27 PM

For what it's worth, I had that same problem with eBay and it was because a family member was doing unprofessional things with his account...and somehow his account was linked to mine from an address we shared years back. As far as I know, eBay blocked my account and his thinking we were "working together". Otherwise, follow their instructions here :)

#14 Theo2010

Theo2010
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:00 AM

Posted 15 November 2012 - 07:27 AM

Thank you for the input. This is definitely related to a virus.

#15 Theo2010

Theo2010
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:00 AM

Posted 16 November 2012 - 09:29 PM

Ran additional tools,
below results

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.11.15.04

Windows Vista Service Pack 2 x86 NTFS (Safe Mode/Networking)
Internet Explorer 8.0.6001.18975
German Delgado :: LUCY [administrator]

11/16/2012 1:25:25 PM
mbam-log-2012-11-16 (13-25-25).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 516903
Time elapsed: 1 hour(s), 40 minute(s), 17 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|fedja (Trojan.Ransom) -> Data: c:\users\german~1\appdata\local\temp\wgsdgsdgdsgsd.exe -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Users\German Delgado\AppData\Local\temp\wgsdgsdgdsgsd.exe (Trojan.Ransom) -> Quarantined and deleted successfully.

(end)


MiniToolBox by Farbar Version: 10-11-2012 02
Ran by German Delgado (administrator) on 16-11-2012 at 20:27:27
Windows Vista ™ Business Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Intel® Wireless WiFi Link 4965AGN = Brittany (Connected)
Realtek RTL8168B/8111B Family PCI-E Gigabit Ethernet NIC (NDIS 6.0) = Local Area Connection (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)





# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set interface interface="ethernet_16" forwarding=disabled advertise=disabled metric=9000 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Lucy
Primary Dns Suffix . . . . . . . : LUCY
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : LUCY
hvc.rr.com

Ethernet adapter Bluetooth Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : 00-1E-37-69-DD-0E
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Brittany:

Connection-specific DNS Suffix . : hvc.rr.com
Description . . . . . . . . . . . : Intel® Wireless WiFi Link 4965AGN
Physical Address. . . . . . . . . : 00-1D-E0-11-82-E3
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 10.10.1.100(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Friday, November 16, 2012 3:08:40 PM
Lease Expires . . . . . . . . . . : Saturday, November 17, 2012 6:01:21 PM
Default Gateway . . . . . . . . . : 10.10.1.1
DHCP Server . . . . . . . . . . . : 10.10.1.1
DNS Servers . . . . . . . . . . . : 209.18.47.61
209.18.47.62
10.10.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : hvc.rr.com
Description . . . . . . . . . . . : Realtek RTL8168B/8111B Family PCI-E Gigabit Ethernet NIC (NDIS 6.0)
Physical Address. . . . . . . . . : 00-1B-24-EA-3E-79
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{BC7837E8-6B40-401E-BF6F-A53C8E0888D6}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 10:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 23:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #15
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 14:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #6
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 17:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.hvc.rr.com
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 19:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #7
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 21:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #10
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 20:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : hvc.rr.com
Description . . . . . . . . . . . : isatap.hvc.rr.com
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 27:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:489:25ae:f5f5:fe9b(Preferred)
Link-local IPv6 Address . . . . . : fe80::489:25ae:f5f5:fe9b%30(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: dns-cac-lb-01.rr.com
Address: 209.18.47.61

Name: google.com
Addresses: 2607:f8b0:4004:800::1004
74.125.228.3
74.125.228.4
74.125.228.5
74.125.228.6
74.125.228.7
74.125.228.8
74.125.228.9
74.125.228.14
74.125.228.0
74.125.228.1
74.125.228.2



Pinging google.com [74.125.228.7] with 32 bytes of data:

Reply from 74.125.228.7: bytes=32 time=24ms TTL=52

Reply from 74.125.228.7: bytes=32 time=26ms TTL=52



Ping statistics for 74.125.228.7:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 24ms, Maximum = 26ms, Average = 25ms

Server: dns-cac-lb-01.rr.com
Address: 209.18.47.61

Name: yahoo.com
Addresses: 98.139.183.24
72.30.38.140
98.138.253.109



Pinging yahoo.com [72.30.38.140] with 32 bytes of data:

Reply from 72.30.38.140: bytes=32 time=174ms TTL=51

Reply from 72.30.38.140: bytes=32 time=95ms TTL=51



Ping statistics for 72.30.38.140:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 95ms, Maximum = 174ms, Average = 134ms



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
11 ...00 1e 37 69 dd 0e ...... Bluetooth Device (Personal Area Network)
9 ...00 1d e0 11 82 e3 ...... Intel® Wireless WiFi Link 4965AGN
8 ...00 1b 24 ea 3e 79 ...... Realtek RTL8168B/8111B Family PCI-E Gigabit Ethernet NIC (NDIS 6.0)
1 ........................... Software Loopback Interface 1
24 ...00 00 00 00 00 00 00 e0 isatap.{BC7837E8-6B40-401E-BF6F-A53C8E0888D6}
13 ...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
44 ...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #15
14 ...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #6
25 ...00 00 00 00 00 00 00 e0 isatap.hvc.rr.com
18 ...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #7
21 ...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #10
37 ...00 00 00 00 00 00 00 e0 isatap.hvc.rr.com
30 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.10.1.1 10.10.1.100 20
10.10.1.0 255.255.255.0 On-link 10.10.1.100 276
10.10.1.100 255.255.255.255 On-link 10.10.1.100 276
10.10.1.255 255.255.255.255 On-link 10.10.1.100 276
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 10.10.1.100 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 10.10.1.100 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
30 18 ::/0 On-link
1 306 ::1/128 On-link
30 18 2001::/32 On-link
30 266 2001:0:9d38:953c:489:25ae:f5f5:fe9b/128
On-link
30 266 fe80::/64 On-link
30 266 fe80::489:25ae:f5f5:fe9b/128
On-link
1 306 ff00::/8 On-link
30 266 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [223232] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\wshbth.dll [34304] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 07 C:\Windows\System32\winrnr.dll [19968] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 32 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 33 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 34 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 35 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 36 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 37 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/16/2012 01:24:10 PM) (Source: EventSystem) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (11/15/2012 11:48:49 PM) (Source: Application Error) (User: )
Description: Faulting application iTunes.exe, version 10.7.0.21, time stamp 0x504d85d9, faulting module iTunes.dll, version 10.7.0.21, time stamp 0x504d85b5, exception code 0x40000015, fault offset 0x008fc201,
process id 0x10b0, application start time 0xiTunes.exe0.

Error: (11/15/2012 11:39:28 PM) (Source: Application Error) (User: )
Description: Faulting application iTunes.exe, version 10.7.0.21, time stamp 0x504d85d9, faulting module iTunes.dll, version 10.7.0.21, time stamp 0x504d85b5, exception code 0x40000015, fault offset 0x008fc201,
process id 0x16c0, application start time 0xiTunes.exe0.

Error: (11/15/2012 11:37:58 PM) (Source: Application Error) (User: )
Description: Faulting application iTunes.exe, version 10.7.0.21, time stamp 0x504d85d9, faulting module iTunes.dll, version 10.7.0.21, time stamp 0x504d85b5, exception code 0x40000015, fault offset 0x008fc201,
process id 0x155c, application start time 0xiTunes.exe0.

Error: (11/15/2012 11:21:02 PM) (Source: Application Error) (User: )
Description: Faulting application iTunes.exe, version 10.7.0.21, time stamp 0x504d85d9, faulting module iTunes.dll, version 10.7.0.21, time stamp 0x504d85b5, exception code 0x40000015, fault offset 0x008fc201,
process id 0x1064, application start time 0xiTunes.exe0.

Error: (11/15/2012 00:04:47 PM) (Source: Application Error) (User: )
Description: Faulting application AcroRd32.exe, version 9.4.0.195, time stamp 0x4c9b3e3c, faulting module ole32.dll, version 6.0.6002.18277, time stamp 0x4c28d53e, exception code 0xc0000005, fault offset 0x00047336,
process id 0x1040, application start time 0xAcroRd32.exe0.

Error: (11/13/2012 10:27:24 PM) (Source: Google Update) (User: Lucy)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s

Error: (11/13/2012 04:04:35 PM) (Source: Application Error) (User: )
Description: Faulting application AcroRd32.exe, version 9.4.0.195, time stamp 0x4c9b3e3c, faulting module ole32.dll, version 6.0.6002.18277, time stamp 0x4c28d53e, exception code 0xc0000005, fault offset 0x00047336,
process id 0xdb4, application start time 0xAcroRd32.exe0.

Error: (11/11/2012 05:58:34 PM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18975, time stamp 0x4c8710a6, faulting module mshtml.dll, version 8.0.6001.18975, time stamp 0x4c87263d, exception code 0xc0000005, fault offset 0x000a74bf,
process id 0x114c, application start time 0xiexplore.exe0.

Error: (11/09/2012 10:31:23 AM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18975, time stamp 0x4c8710a6, faulting module mshtml.dll, version 8.0.6001.18975, time stamp 0x4c87263d, exception code 0xc0000005, fault offset 0x0010919b,
process id 0x1198, application start time 0xiexplore.exe0.


System errors:
=============
Error: (11/16/2012 08:24:36 PM) (Source: Service Control Manager) (User: )
Description: Volume Shadow Copy%%1053

Error: (11/16/2012 08:24:36 PM) (Source: Service Control Manager) (User: )
Description: 30000Volume Shadow Copy

Error: (11/16/2012 08:24:22 PM) (Source: DCOM) (User: )
Description: 1053VSS{E579AB5F-1CC4-44B4-BED9-DE0991FF0623}

Error: (11/16/2012 03:10:53 PM) (Source: Service Control Manager) (User: )
Description: CyberLink Task Scheduler (CTS)CyberLink Background Capture Service (CBCS)%%1070

Error: (11/16/2012 03:10:53 PM) (Source: Service Control Manager) (User: )
Description: CyberLink Background Capture Service (CBCS)

Error: (11/16/2012 03:09:38 PM) (Source: Service Control Manager) (User: )
Description: MCSTRM%%2

Error: (11/16/2012 03:09:38 PM) (Source: Service Control Manager) (User: )
Description: LogMeIn Kernel Information Provider%%3

Error: (11/16/2012 03:09:38 PM) (Source: Service Control Manager) (User: )
Description: LMIGuardianSvc%%3

Error: (11/16/2012 03:09:38 PM) (Source: Service Control Manager) (User: )
Description: MLPTDR_BParallel arbitrator

Error: (11/16/2012 03:09:38 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058


Microsoft Office Sessions:
=========================
Error: (07/25/2012 06:20:36 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6423.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 80 seconds with 60 seconds of active time. This session ended with a crash.

Error: (07/09/2012 09:53:01 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6425.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 44774 seconds with 60 seconds of active time. This session ended with a crash.

Error: (06/06/2012 08:55:52 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6423.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 385646 seconds with 3420 seconds of active time. This session ended with a crash.

Error: (11/29/2011 09:34:57 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6423.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 5928 seconds with 3060 seconds of active time. This session ended with a crash.

Error: (08/01/2011 09:45:19 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6425.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 7360 seconds with 840 seconds of active time. This session ended with a crash.

Error: (06/06/2011 09:18:14 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6425.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 4924 seconds with 300 seconds of active time. This session ended with a crash.

Error: (04/26/2011 06:29:48 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6425.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 8433 seconds with 1140 seconds of active time. This session ended with a crash.

Error: (02/17/2011 03:41:54 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6425.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 71 seconds with 60 seconds of active time. This session ended with a crash.

Error: (02/17/2011 03:40:25 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6425.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 498 seconds with 480 seconds of active time. This session ended with a crash.

Error: (01/22/2011 09:03:45 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6425.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 14000 seconds with 780 seconds of active time. This session ended with a crash.


CodeIntegrity Errors:
===================================
Date: 2012-11-16 14:55:50.387
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-11-16 14:55:50.215
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-11-16 14:55:50.013
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-11-16 14:55:49.841
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-11-16 14:55:49.654
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-11-16 14:55:49.435
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-11-16 14:55:49.217
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-11-16 14:55:48.983
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-11-16 14:55:48.780
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-11-16 14:55:48.609
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

1600 (Version: 82.0.242.000)
1600_Help (Version: 82.0.242.000)
1600Trb (Version: 82.0.242.000)
32 Bit HP CIO Components Installer (Version: 2.1.5)
ActiveCheck component for HP Active Support Library (Version: 3.0.0.1)
Adobe Acrobat 8 Professional (Version: 8.1.2)
Adobe Acrobat 8.1.2 Professional (Version: 8.1.2)
Adobe Acrobat 8.1.2 Security Update 1 (KB403742)
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742) (Version: 8.1.2)
Adobe AIR (Version: 2.7.1.19610)
Adobe Digital Editions
Adobe Flash Player 11 ActiveX (Version: 11.3.300.257)
Adobe Reader 9.4.0 (Version: 9.4.0)
Adobe Shockwave Player 11.5 (Version: 11.5)
Ahead Nero Burning ROM
AIM 7
AIO_CDB_ProductContext (Version: 82.0.242.000)
AIO_CDB_Software (Version: 82.0.242.000)
AIO_Scan (Version: 82.0.173.000)
Apple Application Support (Version: 2.2.2)
Apple Mobile Device Support (Version: 6.0.0.59)
Apple Software Update (Version: 2.1.3.127)
AuthenTec Fingerprint Sensor Minimum Install (Version: 7.7.0.62)
BlackBerry Desktop Software 6.1 (Version: 6.1.0.35)
BlackBerry Desktop Software 7.0 (Version: 7.0.0.59)
BlackBerry Device Software Updater (Version: 7.0.0.31)
BufferChm (Version: 82.0.173.000)
Camera Window (Version: 4.0.1)
Canon Camera TWAIN Driver (Version: 5.0)
Canon Camera Window for ZoomBrowser EX (Version: 4.0.1)
Canon IXY 320, PowerShot S230, IXUS v3 TWAIN Driver (Version: 5.0)
Canon Utilities FileViewerUtility 1.0 (Version: 1.0)
Canon Utilities PhotoStitch 3.1 (Version: 3.1.8)
Canon Utilities RemoteCapture 2.6 (Version: 2.6.0)
Canon Utilities ZoomBrowser EX (Version: 04.00.0200)
Copy (Version: 82.0.188.000)
Crystal Reports for .NET Framework 2.0 (x86) (Version: 10.2.0)
CustomerResearchQFolder (Version: 1.00.0000)
CutePDF Writer 3.0 (Version: 3.0)
Destinations (Version: 82.0.173.000)
DeviceManagementQFolder (Version: 1.00.0000)
DocProc (Version: 8.1.0.0)
DocProcQFolder (Version: 1.00.0000)
Download Suite
DR Systems Web Ambassador
Drivers Install For Linksys Easylink Advisor (Version: 2.0.9)
EasyBB Unlocker (Version: 0.4)
eMule
ESET Online Scanner v3
eSupportQFolder (Version: 1.00.0000)
Facebook Video Calling 1.2.0.287 (Version: 1.2.287)
Fax (Version: 82.0.188.000)
Garmin City Navigator North America NT 2010.40 (Version: 13.40.0.0)
Google Earth Plug-in (Version: 6.2.2.6613)
Google Update Helper (Version: 1.3.21.123)
Hewlett-Packard ACLM.NET v1.1.0.0 (Version: 1.00.0000)
HP Active Support Library (Version: 3.1.9.1)
HP Active Support Library 32 bit components (Version: 1.0.9)
HP Customer Experience Enhancements (Version: 5.1.0.2278)
HP Customer Participation Program 8.0 (Version: 8.0)
HP Doc Viewer (Version: 1.01.0005)
HP Easy Setup - Frontend (Version: 5.1.0.2279)
HP Help and Support (Version: 2.1.2.0)
HP Imaging Device Functions 8.0 (Version: 8.0)
HP Integrated Module with Bluetooth wireless technology 6.0.1.6000 (Version: 6.0.1.6000)
HP OCR Software 8.0 (Version: 8.0)
HP Photosmart Essential (Version: 1.12.0.46)
HP Photosmart Essential 2.0 (Version: 2.0)
HP Photosmart Essential2.5 (Version: 1.00.0000)
HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B (Version: 8.0)
HP Product Assistant (Version: 100.000.001.000)
HP Quick Launch Buttons 6.20 B1 (Version: 6.20 B1)
HP QuickPlay 3.2
HP Softpaq SP50902
HP Solution Center 8.0 (Version: 8.0)
HP Total Care Advisor (Version: 1.1.19)
HP Update (Version: 5.003.001.001)
HP User Guides 0056 (Version: 1.02.0000)
HP Wireless Assistant (Version: 3.00 H3)
HPAsset component for HP Active Support Library (Version: 3.0.0.2)
HPNetworkAssistant (Version: 1.1.70)
HPProductAssistant (Version: 82.0.173.000)
HPSSupply (Version: 2.1.3.0000)
IBM Lotus Symphony (Version: 3.01.12011)
Intel® Matrix Storage Manager
InterActual Player
iTunes (Version: 10.7.0.21)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 29 (Version: 6.0.290)
Java™ 6 Update 3 (Version: 1.6.0.30)
Java™ SE Runtime Environment 6 (Version: 1.6.0.0)
K-Lite Codec Pack 8.7.0 (Standard) (Version: 8.7.0)
LG USB Modem driver
LightScribe 1.4.136.1 (Version: 1.4.136.1)
Linksys EasyLink Advisor 1.6 (0032)
magicolor 2300 DL
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
Managed DirectX (0901) (Version: 4.09.00.0901)
MarketResearch (Version: 82.0.174.000)
MFI MultiLoader (Version: 1.0.0)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6425.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Live Meeting 2007 (Version: 8.0.6362.202)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Project Professional 2003 (Version: 11.0.8173.0)
Microsoft Office Proof (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Visio 2007 Service Pack 2 (SP2)
Microsoft Office Visio MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Visio Professional 2007 (Version: 12.0.6425.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Silverlight (Version: 4.0.60531.0)
Microsoft VC9 runtime libraries (Version: 1.0.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual Studio 2005 Tools for Office Runtime (Version: 8.0.60940.0)
Mobile Broadband Generic Drivers (Version: 2.03.09.005.14)
MobileMe Control Panel (Version: 3.1.6.0)
MotionDV STUDIO 6.0E LE for DV
Motorola Internal Driver Installation 3.5.0 (Version: 3.5.0)
Motorola SM56 Data Fax Modem
Motorola Software Update (Version: 01.11.36)
MSCU for Microsoft Vista (Version: 1.0.1.1)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
muvee autoProducer 6.0 (Version: 6.00.050)
My HP Games (Version: HPLAP0503)
NVIDIA Drivers
Octoshape add-in for Adobe Flash Player
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
PhotoStitch (Version: 3.1.8)
PSSWCORE (Version: 2.00.5000)
Pure Networks Platform (Version: 11.2.9169.1)
QuickTime (Version: 7.69.80.9)
Realtek High Definition Audio Driver (Version: 6.0.1.5869)
Rhapsody
Rhapsody Player Engine (Version: 1.0.604)
Roxio Activation Module (Version: 1.0)
Roxio Creator Audio (Version: 3.4.0)
Roxio Creator Basic v9 (Version: 3.4.0)
Roxio Creator Copy (Version: 3.4.0)
Roxio Creator Data (Version: 3.4.0)
Roxio Creator EasyArchive (Version: 3.4.0)
Roxio Creator Tools (Version: 3.4.0)
Roxio Express Labeler 3 (Version: 3.2.1)
Scan (Version: 8.1.0.0)
Skype Click to Call (Version: 6.3.11079)
Skype™ 5.10 (Version: 5.10.116)
SolutionCenter (Version: 82.0.188.000)
Sony Picture Utility (Version: 3.0.00.11220)
Status (Version: 82.0.173.000)
SupportSoft Assisted Service (Version: 15)
SureThing CD Labeler Deluxe Trial 5
Synaptics Pointing Device Driver (Version: 10.0.13.2)
Toolbox (Version: 82.0.173.000)
TrayApp (Version: 82.0.188.000)
UnloadSupport (Version: 1.00.0000)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Visio 2007 Help (KB963666)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (KB2443839)
USB over Network (Server) 4.4 (Version: 4.4.0.8)
VeriSoft Access Manager (Version: 2.1.2.880.15)
Vista Codec Package (Version: 5.9.7)
Visual Studio 2005 Tools for Office Second Edition Runtime
WD SmartWare (Version: 1.3.0.16)
WDSuite V9.0
WebEx
WebEx Support Manager for Internet Explorer (Version: 6.5.4917)
WebReg (Version: 82.0.173.000)
WinRAR archiver
WinZip 11.1 (Version: 11.1.7466)

========================= Memory info: ===================================

Percentage of memory in use: 60%
Total physical RAM: 2045.68 MB
Available physical RAM: 809.49 MB
Total Pagefile: 4330.63 MB
Available Pagefile: 2888.94 MB
Total Virtual: 2047.88 MB
Available Virtual: 1940.37 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:103.81 GB) (Free:13.69 GB) NTFS
2 Drive d: (DATA) (Fixed) (Total:111.79 GB) (Free:45.78 GB) NTFS
3 Drive e: (HP_RECOVERY) (Fixed) (Total:7.97 GB) (Free:1.44 GB) NTFS

========================= Users: ========================================

User accounts for \\LUCY

Administrator German Delgado Guest

========================= Restore Points ==================================

01-11-2012 04:00:08 Scheduled Checkpoint
02-11-2012 04:00:08 Scheduled Checkpoint
03-11-2012 04:00:07 Scheduled Checkpoint
04-11-2012 04:00:08 Scheduled Checkpoint
05-11-2012 05:00:10 Scheduled Checkpoint
06-11-2012 05:00:09 Scheduled Checkpoint
07-11-2012 13:49:16 Scheduled Checkpoint
08-11-2012 05:00:07 Scheduled Checkpoint
09-11-2012 13:45:52 Scheduled Checkpoint
10-11-2012 05:00:10 Scheduled Checkpoint
11-11-2012 05:00:06 Scheduled Checkpoint
12-11-2012 05:00:05 Scheduled Checkpoint
13-11-2012 05:00:06 Scheduled Checkpoint
14-11-2012 09:00:18 Scheduled Checkpoint
15-11-2012 12:57:04 Scheduled Checkpoint
16-11-2012 16:52:35 Scheduled Checkpoint

**** End of log ****


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll
[2008-05-21 18:01] - [2008-01-19 02:34] - 0288256 ____A (Microsoft Corporation) E1499BD0FF76B1B2FBBF1AF339D91165

C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 3.1.4 (11.16.2012)
OS: Windows Vista ™ Business x86
Ran by German Delgado on Fri 11/16/2012 at 20:44:32.22
Blog: http://thisisudax.blogspot.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] "hkey_current_user\software\sweetim"



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 11/16/2012 at 20:47:08.01
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users