Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Hijacked address book?


  • Please log in to reply
5 replies to this topic

#1 saluqi

saluqi

  • Members
  • 613 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:southern San Joaquin Valley, Calfornia
  • Local time:04:01 PM

Posted 11 November 2012 - 09:56 PM

Antique computer (Compaq Presario SR1055CL, vintage 2004) running Windows XP Home, SP3, MSIE 8, MSOE 6. A while back I upgraded the memory to 2 GB (the maximum the board will support; it uses "integrated" graphics, grrr). Using Avast! free antivirus, Windows firewall, Spyware Blaster, MVPS Hosts file, WinPatrol, WOT, all current.

A couple of days ago most or all the people (and lists) in my address book suddenly received spam messages, purporting to come from my address. Many of those bounced, or were rejected by the recipients' spam filters; nearly all of those "undeliverable mail" return messages landed in my spam folder. The messages began with "Hi" or "Hey" and had various wording, but all included a link. I reproduce a sample (including headers; link and recipient info munged) below:

<begin quote>
Return-path: <saluqi@ix.netcom.com>
Received: from [95.180.50.60] (helo=localhost)
by elasmtp-mealy.atl.sa.earthlink.net with esmtpa (Exim 4.67)
(envelope-from <saluqi@ix.netcom.com>)
id 1TWWN3-0003Tj-Ir
for <address munged>; Thu, 08 Nov 2012 12:58:31 -0500
Date: Thu, 08 Nov 2012 19:18:58 -0700
From: saluqi@ix.netcom.com
To: <name and address munged>
Subject: Hey Rob
Message-ID: <E1TWWN3-0003Tj-Ir@elasmtp-mealy.atl.sa.earthlink.net>

hi Rob i would like you to see the benefits of this before you change your mind http:--msnbc.msn.com-election.us/finance you're worth what you're time is worth to be fair with yourself you just have to try this
<end quote>

The links in the various messages are all identical except that various other words appear in place of "election". The hyphen and the .us part are always the same.

I have done a complete system scan with Avast! free, and also with Malwarebytes' Anti-Malware (both with absolutely current definitions) and did not find anything suspicious.

I am a careful Web surfer. I do mostly scholarly searches, and do not go to sites with doubtful ratings from WOT or from Avast!. I have recently made a few online purchases, from Amazon, and have used PayPal a couple of times to pay for those things (cooking utensils and spices). I also bought some work shirts online from Wal-Mart.

So I would like to know how this can happen (how does it work, to steal an address book?) and what if anything I can do about it.

I had a similar-but-different experience two or three years ago, in which thousands of spam messages were sent, supposedly from my address, to recipients mostly in Russia and eastern Europe, and then in a second wave in the Middle East and western Europe. None of those messages were sent to people in my address book. By analyzing the headers we figured out that the spammer was in Saudi Arabia (where I lived for 15 years, but that was long ago) but they changed address every 20 minutes or so, and I didn't pursue it past that point. I have not yet tried to analyze the headers of this current lot of messages (and anyway I am no expert at header analysis).

I'd be grateful for any suggestions!

Thanks,

BC AdBot (Login to Remove)

 


#2 Dolby

Dolby

  • Members
  • 86 posts
  • OFFLINE
  •  
  • Local time:06:01 PM

Posted 11 November 2012 - 10:00 PM

...sounds like you clicked on a bad link in a email at one point - email links are bad nowadays - you've had your email account hacked - the link you clicked on was probably a phony one sent to look like it was from a contact in your address book (who was hacked) & it's spreading in this way. CHANGE YOUR PASSWORD. If you don't, it will keep going out to all of YOUR contacts. I had trouble changing mine in RR email. Every time I hit "submit" after filling out the thing, it would send me back the same blank form to fill out again. I had to call cust. ser. & they helped me "reset" as they call it, to a new "number" that they assigned me. Then I went in with the # password & was able to change that to something new. Good Luck...

#3 saluqi

saluqi
  • Topic Starter

  • Members
  • 613 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:southern San Joaquin Valley, Calfornia
  • Local time:04:01 PM

Posted 12 November 2012 - 12:42 PM

I suppose anything is possible - I am owner or moderator of quite a few mailing lists so I see hundreds of list messages every day - but I rather doubt I clicked on such a link. This thing is so obviously spam, and I am always on the lookout for such things so I can warn list members about them. I've seen dozens of "bad link" spams, but never before fallen victim to one!

However that may be, it can't hurt to reset my E-mail password, so I'll do that. In the earlier case I mentioned, resetting my password stopped the "undeliverable mail" bounce messages (of which I had received thousands by that time) but did not stop the distribution of the spam which was not, I think, actually going through my mail account at all. In that earlier case the spam went not to my contacts but to all manner of other addresses, many of which were obsolete or nonexistent and so generated "undeliverable mail" reports which came to me as the supposed source of the spam messages. The targets, to the extent a pattern was discernible, seemed to be companies and individuals doing business in Russia, eastern Europe or the Middle East.

At first glance it looks as if spam messages have not gone to any of my private contacts, but only to members of certain lists. I'll have to check on that.

Thanks for the tip!

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,416 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:01 PM

Posted 12 November 2012 - 11:21 PM

Also run these. As even if your email was spoofed you may also have picked up something.

Please Download

TDSSkiller


Launch it. Click on change parameters-Select TDLFS file system

Click on "Scan".
Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results.




Please download AdwCleaner by Xplode onto your desktop.


  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.



AND
Please download MiniToolBox, save it to your desktop and run it.Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 saluqi

saluqi
  • Topic Starter

  • Members
  • 613 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:southern San Joaquin Valley, Calfornia
  • Local time:04:01 PM

Posted 13 November 2012 - 01:10 AM

OK here are the logs:


1) TDSSkiller log

21:18:08.0578 0220 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
21:18:10.0109 0220 ============================================================
21:18:10.0109 0220 Current date / time: 2012/11/12 21:18:10.0109
21:18:10.0109 0220 SystemInfo:
21:18:10.0109 0220
21:18:10.0109 0220 OS Version: 5.1.2600 ServicePack: 3.0
21:18:10.0109 0220 Product type: Workstation
21:18:10.0109 0220 ComputerName: JOHN
21:18:10.0109 0220 UserName: Owner
21:18:10.0109 0220 Windows directory: C:\WINDOWS
21:18:10.0109 0220 System windows directory: C:\WINDOWS
21:18:10.0109 0220 Processor architecture: Intel x86
21:18:10.0109 0220 Number of processors: 1
21:18:10.0109 0220 Page size: 0x1000
21:18:10.0109 0220 Boot type: Normal boot
21:18:10.0109 0220 ============================================================
21:18:11.0796 0220 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x50C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000054
21:18:11.0796 0220 Drive \Device\Harddisk1\DR3 - Size: 0x1D197300000 (1862.36 Gb), SectorSize: 0x200, Cylinders: 0x3B5AB, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
21:18:11.0984 0220 ============================================================
21:18:11.0984 0220 \Device\Harddisk0\DR0:
21:18:11.0984 0220 MBR partitions:
21:18:11.0984 0220 \Device\Harddisk0\DR0\Partition1: MBR, Type 0xB, StartLBA 0x3F, BlocksNum 0x84A8B1
21:18:11.0984 0220 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x84A8F0, BlocksNum 0x121CA310
21:18:11.0984 0220 \Device\Harddisk1\DR3:
21:18:11.0984 0220 MBR partitions:
21:18:11.0984 0220 \Device\Harddisk1\DR3\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8CB9000
21:18:11.0984 0220 ============================================================
21:18:12.0031 0220 C: <-> \Device\Harddisk0\DR0\Partition2
21:18:12.0031 0220 D: <-> \Device\Harddisk0\DR0\Partition1
21:18:12.0500 0220 M: <-> \Device\Harddisk1\DR3\Partition1
21:18:12.0500 0220 ============================================================
21:18:12.0500 0220 Initialize success
21:18:12.0500 0220 ============================================================
21:19:17.0437 3356 ============================================================
21:19:17.0437 3356 Scan started
21:19:17.0437 3356 Mode: Manual; TDLFS;
21:19:17.0437 3356 ============================================================
21:19:18.0421 3356 ================ Scan system memory ========================
21:19:18.0421 3356 System memory - ok
21:19:18.0421 3356 ================ Scan services =============================
21:19:18.0656 3356 [ 914A9709FC3BF419AD2F85547F2A4832 ] 61883 C:\WINDOWS\system32\DRIVERS\61883.sys
21:19:18.0671 3356 61883 - ok
21:19:18.0734 3356 [ 0352A73CD6B1782EA3ED7A03A8268F55 ] Aavmker4 C:\WINDOWS\system32\drivers\Aavmker4.sys
21:19:18.0734 3356 Aavmker4 - ok
21:19:18.0765 3356 Abiosdsk - ok
21:19:18.0781 3356 abp480n5 - ok
21:19:18.0812 3356 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
21:19:18.0812 3356 ACPI - ok
21:19:18.0875 3356 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
21:19:18.0875 3356 ACPIEC - ok
21:19:18.0984 3356 [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
21:19:18.0984 3356 AdobeFlashPlayerUpdateSvc - ok
21:19:19.0015 3356 adpu160m - ok
21:19:19.0046 3356 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
21:19:19.0062 3356 aec - ok
21:19:19.0125 3356 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
21:19:19.0125 3356 AFD - ok
21:19:19.0171 3356 [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
21:19:19.0171 3356 agp440 - ok
21:19:19.0203 3356 Aha154x - ok
21:19:19.0234 3356 aic78u2 - ok
21:19:19.0265 3356 aic78xx - ok
21:19:19.0328 3356 [ FBBCB95F677CBAA924140B6EA2D9A97B ] ALCXSENS C:\WINDOWS\system32\drivers\ALCXSENS.SYS
21:19:19.0343 3356 ALCXSENS - ok
21:19:19.0500 3356 [ 8D6C30E515717248E0E52B85FD7AC466 ] ALCXWDM C:\WINDOWS\system32\drivers\ALCXWDM.SYS
21:19:19.0578 3356 ALCXWDM - ok
21:19:19.0625 3356 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
21:19:19.0625 3356 Alerter - ok
21:19:19.0687 3356 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
21:19:19.0687 3356 ALG - ok
21:19:19.0718 3356 AliIde - ok
21:19:19.0781 3356 [ 8FCE268CDBDD83B23419D1F35F42C7B1 ] AmdK7 C:\WINDOWS\system32\DRIVERS\amdk7.sys
21:19:19.0781 3356 AmdK7 - ok
21:19:19.0812 3356 amsint - ok
21:19:19.0843 3356 AppMgmt - ok
21:19:19.0890 3356 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
21:19:19.0906 3356 Arp1394 - ok
21:19:19.0921 3356 asc - ok
21:19:19.0968 3356 asc3350p - ok
21:19:19.0984 3356 asc3550 - ok
21:19:20.0140 3356 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
21:19:20.0140 3356 aspnet_state - ok
21:19:20.0203 3356 [ F5DC168BF77572D51BE28BA261B30CB4 ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys
21:19:20.0203 3356 aswFsBlk - ok
21:19:20.0250 3356 [ 2B9B1DF809E965EF63402CBBA6DB50AE ] aswMon2 C:\WINDOWS\system32\drivers\aswMon2.sys
21:19:20.0265 3356 aswMon2 - ok
21:19:20.0296 3356 [ B7D5E4486BA658ED08624D8084ABB830 ] aswRdr C:\WINDOWS\system32\drivers\aswRdr.sys
21:19:20.0312 3356 aswRdr - ok
21:19:20.0406 3356 [ 30E45AF8B4D83176CA850FC9699E860B ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
21:19:20.0437 3356 aswSnx - ok
21:19:20.0515 3356 [ F04BDBCB965C05C51F4A7DE7B62063D6 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
21:19:20.0531 3356 aswSP - ok
21:19:20.0593 3356 [ DFE9152ABFA89BB8CFDC057409B2D4DA ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
21:19:20.0593 3356 aswTdi - ok
21:19:20.0656 3356 aswUpdSv - ok
21:19:20.0703 3356 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
21:19:20.0703 3356 AsyncMac - ok
21:19:20.0765 3356 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
21:19:20.0765 3356 atapi - ok
21:19:20.0796 3356 Atdisk - ok
21:19:20.0828 3356 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
21:19:20.0828 3356 Atmarpc - ok
21:19:20.0890 3356 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
21:19:20.0890 3356 AudioSrv - ok
21:19:20.0937 3356 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
21:19:20.0937 3356 audstub - ok
21:19:21.0015 3356 [ 04AC21E821F259845BD7367CEE057290 ] avast! Antivirus C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
21:19:21.0015 3356 avast! Antivirus - ok
21:19:21.0062 3356 [ F8E6956A614F15A0860474C5E2A7DE6B ] Avc C:\WINDOWS\system32\DRIVERS\avc.sys
21:19:21.0062 3356 Avc - ok
21:19:21.0156 3356 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
21:19:21.0156 3356 Beep - ok
21:19:21.0218 3356 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
21:19:21.0281 3356 BITS - ok
21:19:21.0328 3356 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
21:19:21.0328 3356 Browser - ok
21:19:21.0359 3356 catchme - ok
21:19:21.0406 3356 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
21:19:21.0406 3356 cbidf2k - ok
21:19:21.0453 3356 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
21:19:21.0453 3356 CCDECODE - ok
21:19:21.0484 3356 cd20xrnt - ok
21:19:21.0546 3356 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
21:19:21.0546 3356 Cdaudio - ok
21:19:21.0578 3356 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
21:19:21.0578 3356 Cdfs - ok
21:19:21.0640 3356 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
21:19:21.0640 3356 Cdrom - ok
21:19:21.0656 3356 Changer - ok
21:19:21.0718 3356 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
21:19:21.0718 3356 CiSvc - ok
21:19:21.0765 3356 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
21:19:21.0765 3356 ClipSrv - ok
21:19:21.0828 3356 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:19:21.0859 3356 clr_optimization_v2.0.50727_32 - ok
21:19:21.0890 3356 CmdIde - ok
21:19:21.0906 3356 COMSysApp - ok
21:19:21.0953 3356 Cpqarray - ok
21:19:22.0000 3356 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
21:19:22.0000 3356 CryptSvc - ok
21:19:22.0031 3356 dac2w2k - ok
21:19:22.0062 3356 dac960nt - ok
21:19:22.0125 3356 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
21:19:22.0156 3356 DcomLaunch - ok
21:19:22.0218 3356 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
21:19:22.0218 3356 Dhcp - ok
21:19:22.0250 3356 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
21:19:22.0250 3356 Disk - ok
21:19:22.0281 3356 dmadmin - ok
21:19:22.0343 3356 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
21:19:22.0390 3356 dmboot - ok
21:19:22.0437 3356 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
21:19:22.0453 3356 dmio - ok
21:19:22.0515 3356 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
21:19:22.0515 3356 dmload - ok
21:19:22.0578 3356 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
21:19:22.0578 3356 dmserver - ok
21:19:22.0609 3356 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
21:19:22.0609 3356 DMusic - ok
21:19:22.0671 3356 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
21:19:22.0671 3356 Dnscache - ok
21:19:22.0750 3356 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
21:19:22.0750 3356 Dot3svc - ok
21:19:22.0781 3356 dpti2o - ok
21:19:22.0843 3356 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
21:19:22.0843 3356 drmkaud - ok
21:19:22.0875 3356 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
21:19:22.0890 3356 EapHost - ok
21:19:22.0937 3356 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
21:19:22.0937 3356 ERSvc - ok
21:19:22.0984 3356 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
21:19:23.0000 3356 Eventlog - ok
21:19:23.0046 3356 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\System32\es.dll
21:19:23.0062 3356 EventSystem - ok
21:19:23.0093 3356 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
21:19:23.0093 3356 Fastfat - ok
21:19:23.0156 3356 [ 1E580770BDECE924494B368AC980749E ] fasttx2k C:\WINDOWS\system32\DRIVERS\fasttx2k.sys
21:19:23.0156 3356 fasttx2k - ok
21:19:23.0218 3356 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
21:19:23.0234 3356 FastUserSwitchingCompatibility - ok
21:19:23.0296 3356 [ E97D6A8684466DF94FF3BC24FB787A07 ] Fax C:\WINDOWS\system32\fxssvc.exe
21:19:23.0312 3356 Fax - ok
21:19:23.0343 3356 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
21:19:23.0343 3356 Fdc - ok
21:19:23.0406 3356 [ 92CBCE0913661FF966F9FB696A1775A5 ] FET5X86V C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys
21:19:23.0406 3356 FET5X86V - ok
21:19:23.0421 3356 [ 92CBCE0913661FF966F9FB696A1775A5 ] FETND5BV C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys
21:19:23.0421 3356 FETND5BV - ok
21:19:23.0484 3356 [ 29063004926B225C417E7147822F5866 ] FETNDISB C:\WINDOWS\system32\DRIVERS\fetnd5b.sys
21:19:23.0484 3356 FETNDISB - ok
21:19:23.0546 3356 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
21:19:23.0546 3356 Fips - ok
21:19:23.0578 3356 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
21:19:23.0578 3356 Flpydisk - ok
21:19:23.0640 3356 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
21:19:23.0640 3356 FltMgr - ok
21:19:23.0734 3356 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
21:19:23.0734 3356 FontCache3.0.0.0 - ok
21:19:23.0781 3356 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
21:19:23.0796 3356 Fs_Rec - ok
21:19:23.0828 3356 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
21:19:23.0828 3356 Ftdisk - ok
21:19:23.0890 3356 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
21:19:23.0890 3356 Gpc - ok
21:19:24.0031 3356 [ 4236E014632F4163F53EBB717F41594C ] HCF_MSFT C:\WINDOWS\system32\DRIVERS\HCF_MSFT.sys
21:19:24.0062 3356 HCF_MSFT - ok
21:19:24.0156 3356 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
21:19:24.0156 3356 helpsvc - ok
21:19:24.0203 3356 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
21:19:24.0203 3356 HidServ - ok
21:19:24.0265 3356 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
21:19:24.0265 3356 HidUsb - ok
21:19:24.0312 3356 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
21:19:24.0312 3356 hkmsvc - ok
21:19:24.0343 3356 hpn - ok
21:19:24.0390 3356 [ D03D10F7DED688FECF50F8FBF1EA9B8A ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
21:19:24.0406 3356 HPZid412 - ok
21:19:24.0421 3356 [ 89F41658929393487B6B7D13C8528CE3 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
21:19:24.0437 3356 HPZipr12 - ok
21:19:24.0453 3356 [ ABCB05CCDBF03000354B9553820E39F8 ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
21:19:24.0453 3356 HPZius12 - ok
21:19:24.0531 3356 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
21:19:24.0546 3356 HTTP - ok
21:19:24.0593 3356 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
21:19:24.0593 3356 HTTPFilter - ok
21:19:24.0625 3356 i2omgmt - ok
21:19:24.0656 3356 i2omp - ok
21:19:24.0703 3356 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
21:19:24.0703 3356 i8042prt - ok
21:19:24.0765 3356 [ 537EFE2F9ADCD01073F59E9D3D24164E ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
21:19:24.0781 3356 ialm - ok
21:19:24.0890 3356 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:19:24.0921 3356 idsvc - ok
21:19:25.0015 3356 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
21:19:25.0015 3356 Imapi - ok
21:19:25.0078 3356 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
21:19:25.0078 3356 ImapiService - ok
21:19:25.0109 3356 ini910u - ok
21:19:25.0156 3356 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\System32\DRIVERS\intelide.sys
21:19:25.0156 3356 IntelIde - ok
21:19:25.0218 3356 [ 3BB22519A194418D5FEC05D800A19AD0 ] ip6fw C:\WINDOWS\system32\drivers\ip6fw.sys
21:19:25.0218 3356 ip6fw - ok
21:19:25.0281 3356 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
21:19:25.0281 3356 IpFilterDriver - ok
21:19:25.0312 3356 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
21:19:25.0312 3356 IpInIp - ok
21:19:25.0359 3356 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
21:19:25.0359 3356 IpNat - ok
21:19:25.0406 3356 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
21:19:25.0421 3356 IPSec - ok
21:19:25.0453 3356 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
21:19:25.0453 3356 IRENUM - ok
21:19:25.0500 3356 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
21:19:25.0500 3356 isapnp - ok
21:19:25.0531 3356 ivusb - ok
21:19:25.0640 3356 [ B591E761161D1EF547D76EF236EAA6A5 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
21:19:25.0640 3356 JavaQuickStarterService - ok
21:19:25.0703 3356 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
21:19:25.0703 3356 Kbdclass - ok
21:19:25.0750 3356 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
21:19:25.0750 3356 kbdhid - ok
21:19:25.0796 3356 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
21:19:25.0796 3356 kmixer - ok
21:19:25.0859 3356 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
21:19:25.0859 3356 KSecDD - ok
21:19:25.0921 3356 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
21:19:25.0921 3356 lanmanserver - ok
21:19:25.0984 3356 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
21:19:26.0015 3356 lanmanworkstation - ok
21:19:26.0031 3356 Lbd - ok
21:19:26.0062 3356 lbrtfdc - ok
21:19:26.0140 3356 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
21:19:26.0156 3356 LmHosts - ok
21:19:26.0218 3356 [ 829EF680A308C12E2A80E5E0DA0D958D ] ltmodem5 C:\WINDOWS\system32\DRIVERS\ltmdmnt.sys
21:19:26.0265 3356 ltmodem5 - ok
21:19:26.0312 3356 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
21:19:26.0312 3356 Messenger - ok
21:19:26.0437 3356 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
21:19:26.0437 3356 Microsoft Office Groove Audit Service - ok
21:19:26.0484 3356 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
21:19:26.0484 3356 mnmdd - ok
21:19:26.0546 3356 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\System32\mnmsrvc.exe
21:19:26.0546 3356 mnmsrvc - ok
21:19:26.0578 3356 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
21:19:26.0593 3356 Modem - ok
21:19:26.0625 3356 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
21:19:26.0625 3356 Mouclass - ok
21:19:26.0703 3356 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
21:19:26.0703 3356 mouhid - ok
21:19:26.0765 3356 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
21:19:26.0765 3356 MountMgr - ok
21:19:26.0796 3356 mraid35x - ok
21:19:26.0812 3356 mrtRate - ok
21:19:26.0859 3356 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
21:19:26.0859 3356 MRxDAV - ok
21:19:26.0937 3356 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
21:19:26.0953 3356 MRxSmb - ok
21:19:27.0000 3356 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\System32\msdtc.exe
21:19:27.0015 3356 MSDTC - ok
21:19:27.0046 3356 [ 1477849772712BAC69C144DCF2C9CE81 ] MSDV C:\WINDOWS\system32\DRIVERS\msdv.sys
21:19:27.0062 3356 MSDV - ok
21:19:27.0093 3356 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
21:19:27.0093 3356 Msfs - ok
21:19:27.0125 3356 MSIServer - ok
21:19:27.0171 3356 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
21:19:27.0171 3356 MSKSSRV - ok
21:19:27.0203 3356 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
21:19:27.0203 3356 MSPCLOCK - ok
21:19:27.0234 3356 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
21:19:27.0234 3356 MSPQM - ok
21:19:27.0265 3356 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
21:19:27.0265 3356 mssmbios - ok
21:19:27.0312 3356 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
21:19:27.0312 3356 MSTEE - ok
21:19:27.0375 3356 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
21:19:27.0375 3356 Mup - ok
21:19:27.0437 3356 [ E91FC8B52D21E38317DC61A3C7CCFA4B ] MxlW2k C:\WINDOWS\system32\drivers\MxlW2k.sys
21:19:27.0437 3356 MxlW2k - ok
21:19:27.0500 3356 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
21:19:27.0500 3356 NABTSFEC - ok
21:19:27.0562 3356 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
21:19:27.0593 3356 napagent - ok
21:19:27.0640 3356 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
21:19:27.0640 3356 NDIS - ok
21:19:27.0687 3356 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
21:19:27.0687 3356 NdisIP - ok
21:19:27.0765 3356 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
21:19:27.0765 3356 NdisTapi - ok
21:19:27.0828 3356 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
21:19:27.0828 3356 Ndisuio - ok
21:19:27.0859 3356 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:19:27.0875 3356 NdisWan - ok
21:19:27.0921 3356 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
21:19:27.0937 3356 NDProxy - ok
21:19:27.0968 3356 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
21:19:27.0968 3356 NetBIOS - ok
21:19:28.0015 3356 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
21:19:28.0031 3356 NetBT - ok
21:19:28.0078 3356 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
21:19:28.0093 3356 NetDDE - ok
21:19:28.0109 3356 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
21:19:28.0125 3356 NetDDEdsdm - ok
21:19:28.0187 3356 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
21:19:28.0187 3356 Netlogon - ok
21:19:28.0250 3356 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
21:19:28.0265 3356 Netman - ok
21:19:28.0328 3356 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:19:28.0328 3356 NetTcpPortSharing - ok
21:19:28.0390 3356 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
21:19:28.0390 3356 NIC1394 - ok
21:19:28.0437 3356 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
21:19:28.0437 3356 Nla - ok
21:19:28.0500 3356 [ F6C40E0A565EE3CE5AEEB325E10054F2 ] nmwcd C:\WINDOWS\system32\drivers\ccdcmb.sys
21:19:28.0500 3356 nmwcd - ok
21:19:28.0562 3356 [ 2A394E9E1FA3565E4B2FEA470FFE4D6B ] nmwcdc C:\WINDOWS\system32\drivers\ccdcmbo.sys
21:19:28.0562 3356 nmwcdc - ok
21:19:28.0625 3356 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
21:19:28.0625 3356 Npfs - ok
21:19:28.0703 3356 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
21:19:28.0750 3356 Ntfs - ok
21:19:28.0796 3356 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\System32\lsass.exe
21:19:28.0796 3356 NtLmSsp - ok
21:19:28.0875 3356 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
21:19:28.0921 3356 NtmsSvc - ok
21:19:28.0984 3356 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
21:19:28.0984 3356 Null - ok
21:19:29.0109 3356 [ 2B298519EDBFCF451D43E0F1E8F1006D ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
21:19:29.0171 3356 nv - ok
21:19:29.0218 3356 [ 01621905AE34BC24AAA2FDDB93977299 ] nv_agp C:\WINDOWS\system32\DRIVERS\nv_agp.sys
21:19:29.0218 3356 nv_agp - ok
21:19:29.0265 3356 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
21:19:29.0265 3356 NwlnkFlt - ok
21:19:29.0312 3356 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
21:19:29.0312 3356 NwlnkFwd - ok
21:19:29.0468 3356 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:19:29.0500 3356 odserv - ok
21:19:29.0546 3356 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
21:19:29.0562 3356 ohci1394 - ok
21:19:29.0609 3356 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:19:29.0625 3356 ose - ok
21:19:29.0687 3356 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
21:19:29.0703 3356 Parport - ok
21:19:29.0734 3356 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
21:19:29.0750 3356 PartMgr - ok
21:19:29.0796 3356 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
21:19:29.0796 3356 ParVdm - ok
21:19:29.0859 3356 [ FD2041E9BA03DB7764B2248F02475079 ] pccsmcfd C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
21:19:29.0859 3356 pccsmcfd - ok
21:19:29.0906 3356 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
21:19:29.0921 3356 PCI - ok
21:19:29.0937 3356 PCIDump - ok
21:19:30.0000 3356 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
21:19:30.0000 3356 PCIIde - ok
21:19:30.0078 3356 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
21:19:30.0078 3356 Pcmcia - ok
21:19:30.0109 3356 PDCOMP - ok
21:19:30.0125 3356 PDFRAME - ok
21:19:30.0156 3356 PDRELI - ok
21:19:30.0187 3356 PDRFRAME - ok
21:19:30.0203 3356 perc2 - ok
21:19:30.0234 3356 perc2hib - ok
21:19:30.0312 3356 [ 2C1EB94C24A6A1D3434481B0A5FA9C08 ] pfc C:\WINDOWS\System32\drivers\pfc.sys
21:19:30.0312 3356 pfc - ok
21:19:30.0343 3356 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
21:19:30.0359 3356 PlugPlay - ok
21:19:30.0390 3356 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
21:19:30.0390 3356 PolicyAgent - ok
21:19:30.0437 3356 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
21:19:30.0453 3356 PptpMiniport - ok
21:19:30.0484 3356 [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
21:19:30.0484 3356 Processor - ok
21:19:30.0500 3356 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
21:19:30.0515 3356 ProtectedStorage - ok
21:19:30.0578 3356 [ 9B793A1FFD480155FE9EE5261153F21B ] Ps2 C:\WINDOWS\system32\DRIVERS\PS2.sys
21:19:30.0578 3356 Ps2 - ok
21:19:30.0640 3356 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
21:19:30.0640 3356 PSched - ok
21:19:30.0687 3356 [ 365622E1F0B6D5F9871D76E89BF0501A ] PSI C:\WINDOWS\system32\DRIVERS\psi_mf.sys
21:19:30.0687 3356 PSI - ok
21:19:30.0750 3356 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
21:19:30.0750 3356 Ptilink - ok
21:19:30.0812 3356 [ 7E1EACDECBA39E0B2A35306426F0DECC ] PxHelp20 C:\WINDOWS\system32\DRIVERS\PxHelp20.sys
21:19:30.0812 3356 PxHelp20 - ok
21:19:30.0843 3356 ql1080 - ok
21:19:30.0859 3356 Ql10wnt - ok
21:19:30.0890 3356 ql12160 - ok
21:19:30.0921 3356 ql1240 - ok
21:19:30.0953 3356 ql1280 - ok
21:19:30.0968 3356 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
21:19:30.0968 3356 RasAcd - ok
21:19:31.0031 3356 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
21:19:31.0046 3356 RasAuto - ok
21:19:31.0093 3356 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
21:19:31.0093 3356 Rasl2tp - ok
21:19:31.0156 3356 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
21:19:31.0156 3356 RasMan - ok
21:19:31.0187 3356 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
21:19:31.0187 3356 RasPppoe - ok
21:19:31.0250 3356 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
21:19:31.0250 3356 Raspti - ok
21:19:31.0296 3356 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
21:19:31.0312 3356 Rdbss - ok
21:19:31.0343 3356 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
21:19:31.0343 3356 RDPCDD - ok
21:19:31.0421 3356 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
21:19:31.0421 3356 RDPWD - ok
21:19:31.0484 3356 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
21:19:31.0500 3356 RDSessMgr - ok
21:19:31.0546 3356 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
21:19:31.0546 3356 redbook - ok
21:19:31.0609 3356 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
21:19:31.0609 3356 RemoteAccess - ok
21:19:31.0671 3356 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\System32\locator.exe
21:19:31.0671 3356 RpcLocator - ok
21:19:31.0734 3356 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\System32\rpcss.dll
21:19:31.0750 3356 RpcSs - ok
21:19:31.0828 3356 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\System32\rsvp.exe
21:19:31.0843 3356 RSVP - ok
21:19:31.0875 3356 [ 2EF9C0DC26B30B2318B1FC3FAA1F0AE7 ] rtl8139 C:\WINDOWS\system32\DRIVERS\R8139n51.SYS
21:19:31.0875 3356 rtl8139 - ok
21:19:31.0921 3356 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
21:19:31.0921 3356 SamSs - ok
21:19:31.0984 3356 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
21:19:32.0000 3356 SCardSvr - ok
21:19:32.0046 3356 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
21:19:32.0046 3356 Schedule - ok
21:19:32.0125 3356 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
21:19:32.0125 3356 Secdrv - ok
21:19:32.0156 3356 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
21:19:32.0171 3356 seclogon - ok
21:19:32.0203 3356 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
21:19:32.0218 3356 SENS - ok
21:19:32.0265 3356 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] Serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
21:19:32.0984 3356 Serenum - ok
21:19:33.0031 3356 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
21:19:33.0031 3356 Serial - ok
21:19:33.0140 3356 [ E802089FEC30A95FDFD218995308F9B3 ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
21:19:33.0156 3356 ServiceLayer - ok
21:19:33.0234 3356 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
21:19:33.0234 3356 Sfloppy - ok
21:19:33.0296 3356 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
21:19:33.0328 3356 SharedAccess - ok
21:19:33.0359 3356 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
21:19:33.0375 3356 ShellHWDetection - ok
21:19:33.0390 3356 Simbad - ok
21:19:33.0468 3356 [ 7A363269D1B57526410FA23FC92CDFA1 ] SiS315 C:\WINDOWS\system32\DRIVERS\sisgrp.sys
21:19:33.0500 3356 SiS315 - ok
21:19:33.0546 3356 [ 61CA562DEF09A782D26B3E7EDEC5369A ] SISAGP C:\WINDOWS\system32\DRIVERS\SISAGPX.sys
21:19:33.0562 3356 SISAGP - ok
21:19:33.0593 3356 [ 7EF8E5C266133638E7E06BE03FCBEFF3 ] SiSkp C:\WINDOWS\system32\DRIVERS\srvkp.sys
21:19:33.0593 3356 SiSkp - ok
21:19:33.0625 3356 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
21:19:33.0625 3356 SLIP - ok
21:19:33.0671 3356 Sparrow - ok
21:19:33.0718 3356 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
21:19:33.0718 3356 splitter - ok
21:19:33.0765 3356 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
21:19:33.0781 3356 Spooler - ok
21:19:33.0812 3356 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
21:19:33.0828 3356 sr - ok
21:19:33.0875 3356 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\System32\srsvc.dll
21:19:33.0890 3356 srservice - ok
21:19:33.0968 3356 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
21:19:33.0984 3356 Srv - ok
21:19:34.0046 3356 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
21:19:34.0046 3356 SSDPSRV - ok
21:19:34.0125 3356 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
21:19:34.0140 3356 stisvc - ok
21:19:34.0203 3356 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
21:19:34.0203 3356 streamip - ok
21:19:34.0265 3356 [ F658D6420B14BEDB49C19E39E7D03594 ] SunkFilt C:\WINDOWS\System32\Drivers\sunkfilt.sys
21:19:34.0265 3356 SunkFilt - ok
21:19:34.0281 3356 Sunkfiltp - ok
21:19:34.0328 3356 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
21:19:34.0328 3356 swenum - ok
21:19:34.0359 3356 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
21:19:34.0359 3356 swmidi - ok
21:19:34.0390 3356 SwPrv - ok
21:19:34.0437 3356 symc810 - ok
21:19:34.0453 3356 symc8xx - ok
21:19:34.0468 3356 sym_hi - ok
21:19:34.0500 3356 sym_u3 - ok
21:19:34.0531 3356 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
21:19:34.0531 3356 sysaudio - ok
21:19:34.0593 3356 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
21:19:34.0609 3356 SysmonLog - ok
21:19:34.0656 3356 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
21:19:34.0703 3356 TapiSrv - ok
21:19:34.0781 3356 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
21:19:34.0796 3356 Tcpip - ok
21:19:34.0828 3356 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
21:19:34.0843 3356 TDPIPE - ok
21:19:34.0875 3356 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
21:19:34.0875 3356 TDTCP - ok
21:19:34.0921 3356 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
21:19:34.0921 3356 TermDD - ok
21:19:34.0984 3356 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
21:19:35.0046 3356 TermService - ok
21:19:35.0093 3356 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
21:19:35.0093 3356 Themes - ok
21:19:35.0125 3356 TosIde - ok
21:19:35.0156 3356 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
21:19:35.0171 3356 TrkWks - ok
21:19:35.0234 3356 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
21:19:35.0234 3356 Udfs - ok
21:19:35.0265 3356 ultra - ok
21:19:35.0343 3356 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
21:19:35.0359 3356 Update - ok
21:19:35.0421 3356 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
21:19:35.0421 3356 upnphost - ok
21:19:35.0484 3356 [ 47F5F9D837D80FFD5882A14DB9DA0A67 ] upperdev C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
21:19:35.0484 3356 upperdev - ok
21:19:35.0515 3356 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
21:19:35.0531 3356 UPS - ok
21:19:35.0593 3356 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
21:19:35.0593 3356 usbccgp - ok
21:19:35.0625 3356 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
21:19:35.0640 3356 usbehci - ok
21:19:35.0671 3356 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
21:19:35.0671 3356 usbhub - ok
21:19:35.0734 3356 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
21:19:35.0734 3356 usbohci - ok
21:19:35.0781 3356 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
21:19:35.0796 3356 usbprint - ok
21:19:35.0812 3356 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
21:19:35.0828 3356 usbscan - ok
21:19:35.0875 3356 [ 1C888B000C2F9492F4B15B5B6B84873E ] usbser C:\WINDOWS\system32\drivers\usbser.sys
21:19:35.0875 3356 usbser - ok
21:19:35.0921 3356 [ E44F0D17BE0908B58DCC99CCB99C6C32 ] UsbserFilt C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
21:19:35.0921 3356 UsbserFilt - ok
21:19:35.0984 3356 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
21:19:35.0984 3356 USBSTOR - ok
21:19:36.0015 3356 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
21:19:36.0031 3356 usbuhci - ok
21:19:36.0062 3356 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
21:19:36.0062 3356 VgaSave - ok
21:19:36.0125 3356 [ 4B039BBD037B01F5DB5A144C837F283A ] viaagp1 C:\WINDOWS\system32\DRIVERS\viaagp1.sys
21:19:36.0125 3356 viaagp1 - ok
21:19:36.0187 3356 [ 949F86F5A8E493574BBB830C3D18E4A9 ] viagfx C:\WINDOWS\system32\DRIVERS\vtmini.sys
21:19:36.0187 3356 viagfx - ok
21:19:36.0218 3356 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
21:19:36.0218 3356 ViaIde - ok
21:19:36.0265 3356 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
21:19:36.0265 3356 VolSnap - ok
21:19:36.0343 3356 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
21:19:36.0359 3356 VSS - ok
21:19:36.0390 3356 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
21:19:36.0406 3356 W32Time - ok
21:19:36.0453 3356 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:19:36.0453 3356 Wanarp - ok
21:19:36.0515 3356 [ D6EFAF429FD30C5DF613D220E344CCE7 ] WDC_SAM C:\WINDOWS\system32\DRIVERS\wdcsam.sys
21:19:36.0515 3356 WDC_SAM - ok
21:19:36.0593 3356 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
21:19:36.0609 3356 Wdf01000 - ok
21:19:36.0625 3356 WDICA - ok
21:19:36.0671 3356 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
21:19:36.0687 3356 wdmaud - ok
21:19:36.0750 3356 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
21:19:36.0765 3356 WebClient - ok
21:19:36.0843 3356 [ F45DD1E1365D857DD08BC23563370D0E ] WinDefend C:\Program Files\Windows Defender\MsMpEng.exe
21:19:36.0843 3356 WinDefend - ok
21:19:36.0953 3356 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
21:19:36.0953 3356 winmgmt - ok
21:19:37.0046 3356 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
21:19:37.0046 3356 WmdmPmSN - ok
21:19:37.0125 3356 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\System32\wbem\wmiapsrv.exe
21:19:37.0125 3356 WmiApSrv - ok
21:19:37.0234 3356 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
21:19:37.0250 3356 WMPNetworkSvc - ok
21:19:37.0312 3356 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
21:19:37.0312 3356 WpdUsb - ok
21:19:37.0359 3356 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
21:19:37.0359 3356 WS2IFSL - ok
21:19:37.0406 3356 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
21:19:37.0421 3356 wscsvc - ok
21:19:37.0484 3356 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
21:19:37.0484 3356 WSTCODEC - ok
21:19:37.0531 3356 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
21:19:37.0546 3356 wuauserv - ok
21:19:37.0593 3356 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
21:19:37.0609 3356 WudfPf - ok
21:19:37.0640 3356 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WUDFRd C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
21:19:37.0640 3356 WUDFRd - ok
21:19:37.0687 3356 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
21:19:37.0703 3356 WudfSvc - ok
21:19:37.0781 3356 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
21:19:37.0812 3356 WZCSVC - ok
21:19:37.0875 3356 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
21:19:37.0890 3356 xmlprov - ok
21:19:37.0968 3356 [ E6C22D34BAEF5196E1B23A4492C275B7 ] {6080A529-897E-4629-A488-ABA0C29B635E} C:\WINDOWS\system32\drivers\ialmsbw.sys
21:19:37.0968 3356 {6080A529-897E-4629-A488-ABA0C29B635E} - ok
21:19:37.0984 3356 [ 6E53BD96B0EBAD721CDD6320DBFC3F5F ] {D31A0762-0CEB-444e-ACFF-B049A1F6FE91} C:\WINDOWS\system32\drivers\ialmkchw.sys
21:19:38.0000 3356 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91} - ok
21:19:38.0031 3356 ================ Scan global ===============================
21:19:38.0078 3356 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
21:19:38.0125 3356 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
21:19:38.0171 3356 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
21:19:38.0218 3356 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
21:19:38.0234 3356 [Global] - ok
21:19:38.0234 3356 ================ Scan MBR ==================================
21:19:38.0265 3356 [ BAD0263FBE81B49F5F07B32DC9D198B3 ] \Device\Harddisk0\DR0
21:19:38.0531 3356 \Device\Harddisk0\DR0 - ok
21:19:38.0562 3356 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR3
21:19:39.0062 3356 \Device\Harddisk1\DR3 - ok
21:19:39.0078 3356 ================ Scan VBR ==================================
21:19:39.0093 3356 [ 275B17FB4F0D04DC04886F12A13E8ABF ] \Device\Harddisk0\DR0\Partition1
21:19:39.0093 3356 \Device\Harddisk0\DR0\Partition1 - ok
21:19:39.0125 3356 [ 0260E5833243215403DF172E8106DF4A ] \Device\Harddisk0\DR0\Partition2
21:19:39.0125 3356 \Device\Harddisk0\DR0\Partition2 - ok
21:19:39.0156 3356 [ C095100C34B8BE40FCCD0EA917A9C9E0 ] \Device\Harddisk1\DR3\Partition1
21:19:39.0156 3356 \Device\Harddisk1\DR3\Partition1 - ok
21:19:39.0156 3356 ============================================================
21:19:39.0156 3356 Scan finished
21:19:39.0156 3356 ============================================================
21:19:39.0203 2436 Detected object count: 0
21:19:39.0203 2436 Actual detected object count: 0
21:19:57.0796 1840 Deinitialize success


2) AdwCleaner log:

# AdwCleaner v2.007 - Logfile created 11/12/2012 at 21:20:47
# Updated 06/11/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Owner - JOHN
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Owner\Desktop\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Documents and Settings\All Users\Application Data\InstallMate
Folder Deleted : C:\Program Files\Viewpoint

***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9DBB28C1-1925-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\Software\MetaStream
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Deleted : HKLM\Software\Viewpoint

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

*************************

AdwCleaner[S1].txt - [1943 octets] - [12/11/2012 21:20:47]

########## EOF - C:\AdwCleaner[S1].txt - [2003 octets] ##########


3) MiniToolBox log:

MiniToolBox by Farbar Version: 10-11-2012 02
Ran by Owner (administrator) on 12-11-2012 at 21:28:28
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Could not flush the DNS Resolver Cache: Function failed during execution.




========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================


::1 localhost

127.0.0.1 localhost
127.0.0.1 fr.a2dfp.net
127.0.0.1 m.fr.a2dfp.net
127.0.0.1 ad.a8.net
127.0.0.1 asy.a8ww.net
127.0.0.1 abcstats.com
127.0.0.1 a.abv.bg
127.0.0.1 adserver.abv.bg
127.0.0.1 adv.abv.bg
127.0.0.1 bimg.abv.bg
127.0.0.1 ca.abv.bg
127.0.0.1 www2.a-counter.kiev.ua
127.0.0.1 track.acclaimnetwork.com
127.0.0.1 accuserveadsystem.com
127.0.0.1 www.accuserveadsystem.com
127.0.0.1 achmedia.com
127.0.0.1 aconti.net
127.0.0.1 secure.aconti.net
127.0.0.1 www.aconti.net 127.0.0.1 csh.actiondesk.com

There are 12943 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

1394 Net Adapter = 1394 Connection (Connected)
VIA Rhine II Fast Ethernet Adapter = Local Area Connection (Media disconnected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : John

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Mixed

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter Local Area Connection:



Media State . . . . . . . . . . . : Media disconnected

Description . . . . . . . . . . . : VIA Rhine II Fast Ethernet Adapter

Physical Address. . . . . . . . . : 00-0E-A6-77-52-81

Server: UnKnown
Address: 127.0.0.1

Ping request could not find host google.com. Please check the name and try again.

Server: UnKnown
Address: 127.0.0.1

Ping request could not find host yahoo.com. Please check the name and try again.



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 0e a6 77 52 81 ...... VIA Rhine II Fast Ethernet Adapter - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
255.255.255.255 255.255.255.255 255.255.255.255 2 1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/12/2012 01:54:19 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (11/12/2012 10:10:43 AM) (Source: Application Hang) (User: )
Description: Fault bucket 1180947459.

Error: (11/12/2012 10:10:02 AM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (10/30/2012 06:52:46 PM) (Source: Userenv) (User: NT AUTHORITY)
Description: Windows cannot unload your registry file. The memory used by the registry has not been freed. This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account. If this problem persists, contact your administrator.


DETAIL - Insufficient system resources exist to complete the requested service.

Error: (10/26/2012 09:17:38 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This operation returned because the timeout period expired.

Error: (10/23/2012 05:58:52 PM) (Source: Userenv) (User: NT AUTHORITY)
Description: Windows cannot unload your registry file. The memory used by the registry has not been freed. This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account. If this problem persists, contact your administrator.


DETAIL - Insufficient system resources exist to complete the requested service.

Error: (10/19/2012 04:53:48 PM) (Source: Userenv) (User: NT AUTHORITY)
Description: Windows cannot unload your registry file. The memory used by the registry has not been freed. This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account. If this problem persists, contact your administrator.


DETAIL - Insufficient system resources exist to complete the requested service.

Error: (10/19/2012 03:53:10 AM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 0x80070670, P2 patchapplication, P3 as bdd, P4 11.1.3927.0, P5 mpsigstub.exe, P6 1.1.1593.0, P7 microsoft windows defender (downlevel), P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

Error: (10/17/2012 05:42:46 PM) (Source: Application Error) (User: )
Description: Fault bucket -1171749783.
The Wep key exchange did not result in a secure connection setup after 802.1x authentication. The current setting has been marked as failed and the Wireless connection will be disconnected.

Error: (10/17/2012 10:15:18 AM) (Source: Application Error) (User: )
Description: Faulting application avastui.exe, version 7.0.1466.549, faulting module avastui.exe, version 7.0.1466.549, fault address 0x000bf830.
Processing media-specific event for [avastui.exe!ws!]


System errors:
=============
Error: (11/12/2012 09:23:29 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Lbd

Error: (11/12/2012 09:23:29 PM) (Source: Service Control Manager) (User: )
Description: The mrtRate service failed to start due to the following error:
%%2

Error: (11/12/2012 02:01:33 PM) (Source: Service Control Manager) (User: )
Description: The IMAPI CD-Burning COM Service service failed to start due to the following error:
%%1053

Error: (11/12/2012 02:01:33 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the IMAPI CD-Burning COM Service service to connect.

Error: (11/12/2012 02:00:45 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Lbd

Error: (11/12/2012 02:00:37 PM) (Source: Service Control Manager) (User: )
Description: The mrtRate service failed to start due to the following error:
%%2

Error: (11/12/2012 01:45:45 PM) (Source: Service Control Manager) (User: )
Description: The IMAPI CD-Burning COM Service service failed to start due to the following error:
%%1053

Error: (11/12/2012 01:45:44 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the IMAPI CD-Burning COM Service service to connect.

Error: (11/12/2012 01:44:36 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Lbd

Error: (11/12/2012 01:44:32 PM) (Source: Service Control Manager) (User: )
Description: The mrtRate service failed to start due to the following error:
%%2


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

AC3Filter (remove only)
Acrobat.com (Version: 2.3.0)
Acrobat.com (Version: 2.3.0.0)
Adobe AIR (Version: 2.0.2.12610)
Adobe Flash Player 11 ActiveX (Version: 11.5.502.110)
Adobe Photoshop 7.0 (Version: 7.0)
Adobe Photoshop Album Starter Edition (Version: 1.0)
Adobe Reader X (10.1.4) (Version: 10.1.4)
Adobe Shockwave Player 11.6 (Version: 11.6.8.638)
AiO_Scan_CDA (Version: 71.0.215.000)
AiOSoftwareNPI (Version: 71.0.215.000)
Apple Application Support (Version: 2.1.7)
Apple Software Update (Version: 2.1.3.127)
avast! Free Antivirus (Version: 7.0.1466.0)
Avery Wizard 3.1 (Version: 3.1.5)
Blackhawk Striker from Compaq (remove only)
Blasterball 2 from Compaq (remove only)
Bounce Symphony from Compaq (remove only)
BufferChm (Version: 70.0.170.000)
C3100 (Version: 71.0.215.000)
c3100_Help (Version: 71.0.215.000)
CCleaner (Version: 3.11)
Compaq Connections
Compaq Instant Support
Compaq Organize
CustomerResearchQFolder (Version: 1.00.0000)
Destinations (Version: 70.0.170.000)
DeviceManagementQFolder (Version: 1.00.0000)
DocProc (Version: 7.0.0.0)
DocProcQFolder (Version: 1.00.0000)
Dropbox (Version: 1.2.52)
Easy Internet Sign-up (Version: FE UI-2.2.0.937)
EasyCleaner (Version: 2.0.6.380)
eSupportQFolder (Version: 1.00.0000)
Excavation from Compaq (remove only)
Fax_CDA (Version: 71.0.215.000)
Five Card Frenzy from Compaq (remove only)
Free Download Manager 3.0
HiJackThis (Version: 1.0.0)
HP Customer Participation Program 7.0 (Version: 7.0)
HP Imaging Device Functions 7.0 (Version: 7.0)
HP Photosmart Essential (Version: 1.9.1.3)
HP Photosmart, Officejet and Deskjet 7.0.A
HP Product Assistant (Version: 100.000.001.000)
HP Solution Center 7.0 (Version: 7.0)
HP Update (Version: 5.002.005.003)
HPPhotoSmartExpress (Version: 70.0.170.000)
HPProductAssistant (Version: 70.0.170.000)
HpSdpAppCoreApp (Version: 2.00.0000)
InstantShareDevicesMFC (Version: 70.0.170.000)
IntelliMover Data Transfer Demo
InterVideo WinDVD Player (Version: 4.0-B11.406)
IrfanView (remove only) (Version: 4.30)
Java 7 Update 9 (Version: 7.0.90)
Java Auto Updater (Version: 2.1.9.0)
KBD
KeePass Password Safe 2.15
Links 2003 (Downloadable Version) (remove only)
LiveUpdate
MailWasher Free 6.5.2
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
MarketResearch (Version: 70.0.170.000)
Memorex exPressit Label Design Studio
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Data Access Components KB870669
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft Money 2004 (Version: 12.0.50)
Microsoft Money 2004 System Pack (Version: 12.0.80)
Microsoft National Language Support Downlevel APIs
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Plus! Digital Media Edition (Version: 1.1.0.2423)
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs (Version: 12.0.4518.1014)
Microsoft Software Update for Web Folders (English) 12 (Version: 12.0.6612.1000)
Microsoft Streets and Trips 2005 (Version: 12.00.07.1200)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Works 7.0 (Version: 07.02.0808)
MSVC90_x86 (Version: 1.0.1.2)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Multimedia Card Reader (Version: 6.12)
MUSICMATCH® Jukebox
NewCopy_CDA (Version: 71.0.215.000)
Nikon Scan (Version: 4.0)
Nokia Connectivity Cable Driver (Version: 7.1.69.0)
Nokia PC Suite (Version: 7.1.180.46)
Nokia Software Updater (Version: 02.06.006.44298)
NVIDIA GART Driver
OCR Software by I.R.I.S 7.0 (Version: 7.0)
OE-QuoteFix
Orbital from Compaq (remove only)
Otto from Compaq (remove only)
Overball from Compaq (remove only)
PanoStandAlone (Version: 70.0.170.000)
PC-Doctor for Windows
PC Connectivity Solution (Version: 11.5.22.0)
Polar Bowler from Compaq (remove only)
ProductContextNPI (Version: 71.0.215.000)
PS2
Python 2.2 combined Win32 extensions
Python 2.2.1 (Version: 2.2.1)
Quicken 2004 (Version: 13.00.0000)
QuickTime (Version: 7.72.80.56)
Readme (Version: 71.0.215.000)
RecordNow! (Version: 6.5.1)
Roadkil's Unstoppable Copier Version 5.2
S3 S3Display
S3 S3Gamma2
S3 S3Info2
S3 S3Overlay
S3GSetup (Version: 2.00.07.0709)
Scan (Version: 7.0.0.0)
ScannerCopy (Version: 7.0.0.0)
Secunia PSI
Slyder from Compaq (remove only)
SolutionCenter (Version: 70.0.170.000)
Sonic Update Manager (Version: 2.9)
Spell Checker For OE 2.1
SpywareBlaster 4.6 (Version: 4.6.0)
Status (Version: 70.0.170.000)
swMSM (Version: 12.0.0.1)
Symantec Visual Page
Toolbox (Version: 70.0.170.000)
TrayApp (Version: 70.0.170.000)
Unload (Version: 7.0.0)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687407) 32-Bit Edition
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
Update for Windows Internet Explorer 8 (KB980182) (Version: 1)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
VIA Rhine-Family Fast-Ethernet Adapter
VIA/S3G Display Driver
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
Visual Page Art Collection
VLC media player 2.0.2 (Version: 2.0.2)
WebFldrs XP (Version: 9.50.6513)
WebReg (Version: 70.0.170.000)
WhoCrashed 3.05
Windows 7 Upgrade Advisor (Version: 2.0.5000.0)
Windows Defender (Version: 1.1.1593.21)
Windows Driver Package - Nokia Modem (02/25/2011 4.7) (Version: 02/25/2011 4.7)
Windows Driver Package - Nokia Modem (02/25/2011 7.01.0.9) (Version: 02/25/2011 7.01.0.9)
Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0) (Version: 08/22/2008 7.0.0.0)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.7.0018.5)
Windows Genuine Advantage v1.3.0254.0 (Version: 1.3.0254.0)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Installer Clean Up (Version: 3.00.00.0000)
Windows Internet Explorer 7 (Version: 20061107.210142)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Connect
Windows Media Format 11 runtime
Windows Media Format SDK Hotfix - KB891122
Windows Media Player 11
Windows XP Service Pack 3 (Version: 20080414.031525)
WinPatrol (Version: 20.0.2011.0)
WinX Free DVD Ripper 4.5.13
WOT for Internet Explorer (Version: 10.2.5.0)
Xvid 1.2.2 final uninstall (Version: 1.2)
Zone Deluxe Games (Version: 7.1.7412.1)

========================= Memory info: ===================================

Percentage of memory in use: 26%
Total physical RAM: 1983.48 MB
Available physical RAM: 1458.6 MB
Total Pagefile: 4334.13 MB
Available Pagefile: 4015.07 MB
Total Virtual: 2047.88 MB
Available Virtual: 1970.48 MB

========================= Partitions: =====================================

2 Drive c: (PRESARIO) (Fixed) (Total:144.89 GB) (Free:37.08 GB) NTFS
3 Drive d: (PRESARIO_RP) (Fixed) (Total:4.14 GB) (Free:0.61 GB) FAT32
10 Drive k: (WD SmartWare) (CDROM) (Total:0.43 GB) (Free:0 GB) UDF
12 Drive m: (My Book) (Fixed) (Total:1862.36 GB) (Free:1509.91 GB) NTFS

========================= Users: ========================================

User accounts for \\JOHN

Administrator ASPNET Guest
HelpAssistant Owner SUPPORT_388945a0
SUPPORT_fddfa904 Top Dog


**** End of log ****


There are a few things in that list of installed programs that I don't recognize and that don't appear in the Add/Remove Programs listing in Control Panel ... ???

The Hosts file is the current version of the MVPS Hosts file ... and yes, it is rather big ...

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,416 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:01 PM

Posted 14 November 2012 - 11:21 AM

There are a few things in that list of installed programs that I don't recognize and that don't appear in the Add/Remove Programs listing in Control Panel ... ???

The Hosts file is the current version of the MVPS Hosts file ... and yes, it is rather big


I was going to ask if you had a custom hots app.

We can remove those apps if you know which.

Revo Uninstaller:

1.Please download Revo Uninstaller.
2.Extract the ZIP file to a folder and run revouninstaller.exe from there! (You can copy that folder to an USB Mass storage drive and use it without any installation required!)
3.There are two ways to uninstall programs with Revo Uninstaller:
Important: Please, try to close the application you want to uninstall first!
Select the application in the list of installed applications and press the Uninstall button in the toolbar.
Right-click the application and click the Uninstall command in the displayed menu. Follow the instructions.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users