Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Vista Sp 3 won't connect to Internet


  • Please log in to reply
13 replies to this topic

#1 destry.stevens

destry.stevens

  • Members
  • 88 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:08 PM

Posted 25 November 2012 - 11:50 PM

Hello Everyone or anyone,
I have a Gateway ID58 series with Windows Vista Sp 3 64-bit, had an outdated version of Norton 360 on it when I got it. So no real protection. Vista is running extremely slow, and the only two browsers on the laptop, IE and Chrome, will not connect to the Internet. I get an error message saying Webpage cannot be displayed, I tried the "diagnose connection problem" button, it says there is no trouble with the connection. Itunes updated just fine, so I know the machine knows its connected, but how do I repair the web browsers to recognize the connection?

I installed Advanced System Care Free thinking it might help but know luck. The machine had about every toolbar you can think of installed, I've uninstalled all of them. There were also a couple of shopping site loyalty apps in there, also gone now.

For a side note the Hourglass next to the cursor/pointer is running constantly

Any help is welcome and appreciated greatly.

Edited by destry.stevens, 25 November 2012 - 11:54 PM.


BC AdBot (Login to Remove)

 


#2 Sightless

Sightless

  • Members
  • 435 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Up in the Clouds
  • Local time:12:08 AM

Posted 26 November 2012 - 10:58 AM

If you can't connect to the internet, download these onto a different computer and transfer them to the computer in question via a flash drive or CD.

Download TDSSkiller
  • Right Click it Run as Admin.
  • Click on Change parameters
  • Select TDLFS file system
  • Click the Scan button
  • Post the LOG In your next reply

    Do not change the default options on scan results

Some types of malware will disable MBAM and other security tools. If MBAM will not install, try renaming it.

  • Before saving any of your security programs, rename them first. For example, before you save Malwarebytes', rename it to something like MBblah.exe and then click on Save and save it to your desktop. Same thing after you install it. Before running it, rename the main executable file first

    Right-click on the mbam-setup.exe file and change the .exe extension to .bat, .com, .pif, or .scr and then double-click on it to run.

    If after installation, MBAM will not run, open the Malwarebytes' Anti-Malware folder in Program Files, right-click on mbam.exe and change the .exe as noted above. Then double-click on it to run..
  • Another work around is by not using the mouse to install it, Just use the arrow keys, tab, and enter keys.



Please download Malwarebytes Anti-Malware and save it to your desktop.
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
  • MBAM will automatically start and you will be asked to update the program before performing a scan. If an update is found, the program will automatically update itself. Press the OK button to close that box and continue. If you encounter any problems while downloading the updates, manually download them from here or here and just double-click on mbam-rules.exe to install.
  • On the Scanner tab:
    • Make sure the "Perform Quick Scan" option is selected.
    • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
  • Back at the main Scanner screen, click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply and exit MBAM.
Note: If MBAM encounters a file that is difficult to remove, you may be asked to reboot your computer so it can proceed with the disinfection process. Regardless if prompted to restart the computer or not, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware. MBAM may make changes to your registry as part of its disinfection routine. If you're using other security programs that detect registry changes, they may alert you after scanning with MBAM. Please permit the program to allow the changes.
For a complete visual tutorial of MBAM, see http://thespykiller.co.uk/index.php/topic,5946.0.html

Download and run mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries

Click Go and post the result.

Please download AdwCleaner by Xplode to your desktop.
  • Make sure all programs are closed
  • Doubleclick adwcleaner.exe
  • Click Delete
  • Press OK when prompted
  • Restart your computer when asked
  • Copy and paste the contents of the text files that opens after your computer restarts to a reply to this thread. (The log is also saved to C:\AdwCleaner[S1].txt)

Please include the following in your reply:
MBAM log
TDSSKiller Log
ADW Log
Minitoolbox log

#3 destry.stevens

destry.stevens
  • Topic Starter

  • Members
  • 88 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:08 PM

Posted 26 November 2012 - 07:59 PM

Thank you very much for your quick response to my post. Here are the reports you requested. I did have trouble updating MBAM but successfully did it manually.

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.11.26.07

Windows Vista Service Pack 2 x64 NTFS
Internet Explorer 9.0.8112.16421
mariah :: MARIAH-PC [administrator]

11/26/2012 4:22:13 PM
mbam-log-2012-11-26 (16-22-13).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 203323
Time elapsed: 2 minute(s), 18 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 11
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF6-072E-44CF-8957-5838F569A31D} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF6-072E-44CF-8957-5838F569A31D} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{1E0DE227-5CE4-4EA3-AB0C-8B03E1AA76BC} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{65bcd620-07dd-012f-819f-073cf1b8f7c6} (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02F0243C-2E71-4a1a-A790-6C30888119D0} (PUP.Magoo) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{97E74A14-E5F1-40cc-9B0F-0D11946E5469} (PUP.MightyMagoo) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AEB04B5E-C981-47a9-B847-33EE4C92F6B9} (PUP.Magoo) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47a3-BD87-1E41684E07BB} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\APPID\MightyMagooText.DLL (PUP.MightyMagoo) -> Quarantined and deleted successfully.
HKCU\Software\AppDataLow\mmagootl (PUP.MightyMagoo) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MightyMagoo (PUP.MightyMagoo) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 4
C:\Program Files (x86)\Mighty Magoo (PUP.MightyMagoo) -> Quarantined and deleted successfully.
C:\Users\mariah\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@mmagoo.com (PUP.MightyMagoo) -> Quarantined and deleted successfully.
C:\Users\mariah\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@mmagoo.com\chrome (PUP.MightyMagoo) -> Quarantined and deleted successfully.
C:\Users\mariah\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@mmagoo.com\components (PUP.MightyMagoo) -> Quarantined and deleted successfully.

Files Detected: 6
C:\Program Files (x86)\Mighty Magoo\ars.cfg (PUP.MightyMagoo) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mighty Magoo\icon.ico (PUP.MightyMagoo) -> Quarantined and deleted successfully.
C:\Users\mariah\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@mmagoo.com\chrome.manifest (PUP.MightyMagoo) -> Quarantined and deleted successfully.
C:\Users\mariah\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@mmagoo.com\install.rdf (PUP.MightyMagoo) -> Quarantined and deleted successfully.
C:\Users\mariah\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@mmagoo.com\chrome\mmtextlinks.jar (PUP.MightyMagoo) -> Quarantined and deleted successfully.
C:\Users\mariah\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@mmagoo.com\components\mmagootlf.xpt (PUP.MightyMagoo) -> Quarantined and deleted successfully.

(end)

16:07:16.0379 3508 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
16:07:16.0425 3508 ============================================================
16:07:16.0425 3508 Current date / time: 2012/11/26 16:07:16.0425
16:07:16.0425 3508 SystemInfo:
16:07:16.0425 3508
16:07:16.0425 3508 OS Version: 6.0.6002 ServicePack: 2.0
16:07:16.0425 3508 Product type: Workstation
16:07:16.0425 3508 ComputerName: MARIAH-PC
16:07:16.0425 3508 UserName: mariah
16:07:16.0425 3508 Windows directory: C:\Windows
16:07:16.0425 3508 System windows directory: C:\Windows
16:07:16.0425 3508 Running under WOW64
16:07:16.0425 3508 Processor architecture: Intel x64
16:07:16.0425 3508 Number of processors: 2
16:07:16.0425 3508 Page size: 0x1000
16:07:16.0425 3508 Boot type: Normal boot
16:07:16.0425 3508 ============================================================
16:07:20.0247 3508 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:07:20.0263 3508 Drive \Device\Harddisk1\DR2 - Size: 0x75E00000 (1.84 Gb), SectorSize: 0x200, Cylinders: 0xF0, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
16:07:20.0263 3508 ============================================================
16:07:20.0263 3508 \Device\Harddisk0\DR0:
16:07:20.0263 3508 MBR partitions:
16:07:20.0263 3508 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1770800, BlocksNum 0x38C15000
16:07:20.0263 3508 \Device\Harddisk1\DR2:
16:07:20.0263 3508 MBR partitions:
16:07:20.0263 3508 \Device\Harddisk1\DR2\Partition1: MBR, Type 0x6, StartLBA 0x87, BlocksNum 0x3AE039
16:07:20.0263 3508 ============================================================
16:07:20.0310 3508 C: <-> \Device\Harddisk0\DR0\Partition1
16:07:20.0310 3508 ============================================================
16:07:20.0310 3508 Initialize success
16:07:20.0310 3508 ============================================================
16:07:45.0644 2196 ============================================================
16:07:45.0644 2196 Scan started
16:07:45.0644 2196 Mode: Manual; TDLFS;
16:07:45.0644 2196 ============================================================
16:07:45.0925 2196 ================ Scan system memory ========================
16:07:45.0925 2196 System memory - ok
16:07:45.0925 2196 ================ Scan services =============================
16:07:46.0050 2196 [ 1965AAFFAB07E3FB03C77F81BEBA3547 ] ACPI C:\Windows\system32\drivers\acpi.sys
16:07:46.0065 2196 ACPI - ok
16:07:46.0097 2196 [ F14215E37CF124104575073F782111D2 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
16:07:46.0097 2196 adp94xx - ok
16:07:46.0112 2196 [ 7D05A75E3066861A6610F7EE04FF085C ] adpahci C:\Windows\system32\drivers\adpahci.sys
16:07:46.0112 2196 adpahci - ok
16:07:46.0128 2196 [ 820A201FE08A0C345B3BEDBC30E1A77C ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
16:07:46.0128 2196 adpu160m - ok
16:07:46.0143 2196 [ 9B4AB6854559DC168FBB4C24FC52E794 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
16:07:46.0143 2196 adpu320 - ok
16:07:46.0315 2196 [ 993F7B0BA5188A0007C085AA10257B8E ] AdvancedSystemCareService6 C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
16:07:46.0315 2196 AdvancedSystemCareService6 - ok
16:07:46.0346 2196 [ 0F421175574BFE0BF2F4D8E910A253BB ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:07:46.0346 2196 AeLookupSvc - ok
16:07:46.0377 2196 [ C4F6CE6087760AD70960C9EB130E7943 ] AFD C:\Windows\system32\drivers\afd.sys
16:07:46.0393 2196 AFD - ok
16:07:46.0424 2196 [ F6F6793B7F17B550ECFDBD3B229173F7 ] agp440 C:\Windows\system32\drivers\agp440.sys
16:07:46.0424 2196 agp440 - ok
16:07:46.0471 2196 [ 222CB641B4B8A1D1126F8033F9FD6A00 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
16:07:46.0471 2196 aic78xx - ok
16:07:46.0502 2196 [ 5922F4F59B7868F3D74BBBBEB7B825A3 ] ALG C:\Windows\System32\alg.exe
16:07:46.0502 2196 ALG - ok
16:07:46.0533 2196 [ 157D0898D4B73F075CE9FA26B482DF98 ] aliide C:\Windows\system32\drivers\aliide.sys
16:07:46.0533 2196 aliide - ok
16:07:46.0533 2196 [ 970FA5059E61E30D25307B99903E991E ] amdide C:\Windows\system32\drivers\amdide.sys
16:07:46.0533 2196 amdide - ok
16:07:46.0549 2196 [ CDC3632A3A5EA4DBB83E46076A3165A1 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
16:07:46.0549 2196 AmdK8 - ok
16:07:46.0580 2196 [ 9C37B3FD5615477CB9A0CD116CF43F5C ] Appinfo C:\Windows\System32\appinfo.dll
16:07:46.0580 2196 Appinfo - ok
16:07:46.0658 2196 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:07:46.0658 2196 Apple Mobile Device - ok
16:07:46.0689 2196 [ BA8417D4765F3988FF921F30F630E303 ] arc C:\Windows\system32\drivers\arc.sys
16:07:46.0689 2196 arc - ok
16:07:46.0705 2196 [ 9D41C435619733B34CC16A511E644B11 ] arcsas C:\Windows\system32\drivers\arcsas.sys
16:07:46.0705 2196 arcsas - ok
16:07:46.0721 2196 [ 22D13FF3DAFEC2A80634752B1EAA2DE6 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:07:46.0721 2196 AsyncMac - ok
16:07:46.0767 2196 [ E68D9B3A3905619732F7FE039466A623 ] atapi C:\Windows\system32\drivers\atapi.sys
16:07:46.0767 2196 atapi - ok
16:07:46.0799 2196 [ 79318C744693EC983D20E9337A2F8196 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:07:46.0814 2196 AudioEndpointBuilder - ok
16:07:46.0814 2196 [ 79318C744693EC983D20E9337A2F8196 ] AudioSrv C:\Windows\System32\Audiosrv.dll
16:07:46.0830 2196 AudioSrv - ok
16:07:46.0877 2196 [ 1777E5AC9FC74F7991B2ABA25EA34759 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
16:07:46.0877 2196 b57nd60a - ok
16:07:46.0939 2196 [ FFB96C2589FFA60473EAD78B39FBDE29 ] BFE C:\Windows\System32\bfe.dll
16:07:46.0939 2196 BFE - ok
16:07:47.0157 2196 [ 6C64FA457C200874FAA87D74152E0D84 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20120317.002\BHDrvx64.sys
16:07:47.0173 2196 BHDrvx64 - ok
16:07:47.0220 2196 [ 6D316F4859634071CC25C4FD4589AD2C ] BITS C:\Windows\System32\qmgr.dll
16:07:47.0235 2196 BITS - ok
16:07:47.0267 2196 [ 79FEEB40056683F8F61398D81DDA65D2 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
16:07:47.0267 2196 blbdrive - ok
16:07:47.0360 2196 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:07:47.0376 2196 Bonjour Service - ok
16:07:47.0407 2196 [ 2348447A80920B2493A9B582A23E81E1 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:07:47.0407 2196 bowser - ok
16:07:47.0438 2196 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
16:07:47.0438 2196 BrFiltLo - ok
16:07:47.0454 2196 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
16:07:47.0454 2196 BrFiltUp - ok
16:07:47.0485 2196 [ A1B39DE453433B115B4EA69EE0343816 ] Browser C:\Windows\System32\browser.dll
16:07:47.0501 2196 Browser - ok
16:07:47.0532 2196 [ F0F0BA4D815BE446AA6A4583CA3BCA9B ] Brserid C:\Windows\system32\drivers\brserid.sys
16:07:47.0532 2196 Brserid - ok
16:07:47.0532 2196 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
16:07:47.0532 2196 BrSerWdm - ok
16:07:47.0547 2196 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
16:07:47.0547 2196 BrUsbMdm - ok
16:07:47.0563 2196 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
16:07:47.0579 2196 BrUsbSer - ok
16:07:47.0579 2196 [ E0777B34E05F8A82A21856EFC900C29F ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
16:07:47.0594 2196 BTHMODEM - ok
16:07:47.0625 2196 [ D1787E11C6A0078DDEAF8CF3EE2AB293 ] CAXHWAZL C:\Windows\system32\DRIVERS\CAXHWAZL.sys
16:07:47.0641 2196 CAXHWAZL - ok
16:07:47.0641 2196 [ B4D787DB8D30793A4D4DF9FEED18F136 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:07:47.0657 2196 cdfs - ok
16:07:47.0688 2196 [ C025AA69BE3D0D25C7A2E746EF6F94FC ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
16:07:47.0688 2196 cdrom - ok
16:07:47.0719 2196 [ 5A268127633C7EE2A7FB87F39D748D56 ] CertPropSvc C:\Windows\System32\certprop.dll
16:07:47.0719 2196 CertPropSvc - ok
16:07:47.0750 2196 [ 02EA568D498BBDD4BA55BF3FCE34D456 ] circlass C:\Windows\system32\drivers\circlass.sys
16:07:47.0750 2196 circlass - ok
16:07:47.0797 2196 [ 3DCA9A18B204939CFB24BEA53E31EB48 ] CLFS C:\Windows\system32\CLFS.sys
16:07:47.0797 2196 CLFS - ok
16:07:47.0859 2196 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:07:47.0859 2196 clr_optimization_v2.0.50727_32 - ok
16:07:47.0922 2196 [ CE07A466201096F021CD09D631B21540 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:07:47.0922 2196 clr_optimization_v2.0.50727_64 - ok
16:07:47.0984 2196 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:07:47.0984 2196 clr_optimization_v4.0.30319_32 - ok
16:07:48.0031 2196 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:07:48.0031 2196 clr_optimization_v4.0.30319_64 - ok
16:07:48.0062 2196 [ B52D9A14CE4101577900A364BA86F3DF ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
16:07:48.0062 2196 CmBatt - ok
16:07:48.0078 2196 [ E5D5499A1C50A54B5161296B6AFE6192 ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:07:48.0078 2196 cmdide - ok
16:07:48.0093 2196 [ 7FB8AD01DB0EABE60C8A861531A8F431 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
16:07:48.0093 2196 Compbatt - ok
16:07:48.0109 2196 COMSysApp - ok
16:07:48.0109 2196 [ A8585B6412253803CE8EFCBD6D6DC15C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
16:07:48.0109 2196 crcdisk - ok
16:07:48.0171 2196 [ CA78B312C44E4D52E842C2C8BD48E452 ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:07:48.0171 2196 CryptSvc - ok
16:07:48.0234 2196 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] DcomLaunch C:\Windows\system32\rpcss.dll
16:07:48.0249 2196 DcomLaunch - ok
16:07:48.0281 2196 [ 8B722BA35205C71E7951CDC4CDBADE19 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:07:48.0281 2196 DfsC - ok
16:07:48.0421 2196 [ C647F468F7DE343DF8C143655C5557D4 ] DFSR C:\Windows\system32\DFSR.exe
16:07:48.0499 2196 DFSR - ok
16:07:48.0546 2196 [ 3ED0321127CE70ACDAABBF77E157C2A7 ] Dhcp C:\Windows\System32\dhcpcsvc.dll
16:07:48.0546 2196 Dhcp - ok
16:07:48.0577 2196 [ B0107E40ECDB5FA692EBF832F295D905 ] disk C:\Windows\system32\drivers\disk.sys
16:07:48.0577 2196 disk - ok
16:07:48.0655 2196 [ F655C320762177F39FCD9C85CFCD8BD8 ] DKbFltr C:\Windows\syswow64\Drivers\DKbFltr.sys
16:07:48.0656 2196 DKbFltr - ok
16:07:48.0703 2196 [ 06230F1B721494A6DF8D47FD395BB1B0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:07:48.0703 2196 Dnscache - ok
16:07:48.0734 2196 [ 1A7156DD1E850E9914E5E991E3225B94 ] dot3svc C:\Windows\System32\dot3svc.dll
16:07:48.0734 2196 dot3svc - ok
16:07:48.0765 2196 [ 1583B39790DB3EAEC7EDB0CB0140C708 ] DPS C:\Windows\system32\dps.dll
16:07:48.0781 2196 DPS - ok
16:07:48.0796 2196 [ F1A78A98CFC2EE02144C6BEC945447E6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:07:48.0796 2196 drmkaud - ok
16:07:48.0843 2196 [ B8E554E502D5123BC111F99D6A2181B4 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:07:48.0859 2196 DXGKrnl - ok
16:07:48.0890 2196 [ 264CEE7B031A9D6C827F3D0CB031F2FE ] E1G60 C:\Windows\system32\DRIVERS\E1G6032E.sys
16:07:48.0906 2196 E1G60 - ok
16:07:48.0937 2196 [ C2303883FD9BE49DC36A6400643002EA ] EapHost C:\Windows\System32\eapsvc.dll
16:07:48.0937 2196 EapHost - ok
16:07:48.0968 2196 [ 5F94962BE5A62DB6E447FF6470C4F48A ] Ecache C:\Windows\system32\drivers\ecache.sys
16:07:48.0968 2196 Ecache - ok
16:07:49.0046 2196 [ 0C3F9EFF8DDD9F9EB56D754B4620155F ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
16:07:49.0062 2196 eeCtrl - ok
16:07:49.0108 2196 [ 14CE384D2E27B64C256BDA4DC39C312D ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:07:49.0124 2196 ehRecvr - ok
16:07:49.0140 2196 [ B93159C1313D66FDFBBE876F5189CD52 ] ehSched C:\Windows\ehome\ehsched.exe
16:07:49.0140 2196 ehSched - ok
16:07:49.0202 2196 [ F5EE2527D74449868E3C3227A59BCD28 ] ehstart C:\Windows\ehome\ehstart.dll
16:07:49.0202 2196 ehstart - ok
16:07:49.0233 2196 [ C4636D6E10469404AB5308D9FD45ED07 ] elxstor C:\Windows\system32\drivers\elxstor.sys
16:07:49.0233 2196 elxstor - ok
16:07:49.0280 2196 [ A9B18B63A4FD6BAAB83326706D857FAB ] EMDMgmt C:\Windows\system32\emdmgmt.dll
16:07:49.0280 2196 EMDMgmt - ok
16:07:49.0358 2196 [ E010F93C622AFF903FF5248E19DBB16F ] ePowerSvc C:\Program Files\Gateway\Gateway PowerSave Solution\ePowerSvc.exe
16:07:49.0358 2196 ePowerSvc - ok
16:07:49.0389 2196 [ 8C0F9B877BC0B7FFD327EF55F9EFB642 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
16:07:49.0405 2196 EraserUtilRebootDrv - ok
16:07:49.0420 2196 [ BC3A58E938BB277E46BF4B3003B01ABD ] ErrDev C:\Windows\system32\drivers\errdev.sys
16:07:49.0420 2196 ErrDev - ok
16:07:49.0483 2196 [ E12F22B73F153DECE721CD45EC05B4AF ] EventSystem C:\Windows\system32\es.dll
16:07:49.0498 2196 EventSystem - ok
16:07:49.0545 2196 [ 486844F47B6636044A42454614ED4523 ] exfat C:\Windows\system32\drivers\exfat.sys
16:07:49.0561 2196 exfat - ok
16:07:49.0592 2196 [ 1A4BEE34277784619DDAF0422C0C6E23 ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:07:49.0592 2196 fastfat - ok
16:07:49.0623 2196 [ 81B79B6DF71FA1D2C6D688D830616E39 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
16:07:49.0623 2196 fdc - ok
16:07:49.0654 2196 [ BB9267ACACD8B7533DD936C34A0CBA5E ] fdPHost C:\Windows\system32\fdPHost.dll
16:07:49.0654 2196 fdPHost - ok
16:07:49.0670 2196 [ 300C80931EABBE1DB7591C516EFE8D0F ] FDResPub C:\Windows\system32\fdrespub.dll
16:07:49.0670 2196 FDResPub - ok
16:07:49.0701 2196 [ 457B7D1D533E4BD62A99AED9C7BB4C59 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:07:49.0701 2196 FileInfo - ok
16:07:49.0732 2196 [ D421327FD6EFCCAF884A54C58E1B0D7F ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:07:49.0732 2196 Filetrace - ok
16:07:49.0732 2196 [ 230923EA2B80F79B0F88D90F87B87EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
16:07:49.0748 2196 flpydisk - ok
16:07:49.0779 2196 [ E3041BC26D6930D61F42AEDB79C91720 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:07:49.0779 2196 FltMgr - ok
16:07:49.0842 2196 [ BE1C5BD1CA7ED015BC6FA1AE67E592C8 ] FontCache C:\Windows\system32\FntCache.dll
16:07:49.0857 2196 FontCache - ok
16:07:49.0920 2196 [ BC5B0BE5AF3510B0FD8C140EE42C6D3E ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:07:49.0920 2196 FontCache3.0.0.0 - ok
16:07:49.0966 2196 [ 5779B86CD8B32519FBECB136394D946A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:07:49.0966 2196 Fs_Rec - ok
16:07:49.0998 2196 [ C8E416668D3DC2BE3D4FE4C79224997F ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
16:07:49.0998 2196 gagp30kx - ok
16:07:50.0076 2196 [ 617DC2877015270914CA3C03873560D5 ] GameConsoleService C:\Program Files (x86)\Gateway Games\Gateway Game Console\GameConsoleService.exe
16:07:50.0091 2196 GameConsoleService - ok
16:07:50.0138 2196 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:07:50.0138 2196 GEARAspiWDM - ok
16:07:50.0200 2196 [ A0E1B575BA8F504968CD40C0FAEB2384 ] gpsvc C:\Windows\System32\gpsvc.dll
16:07:50.0216 2196 gpsvc - ok
16:07:50.0247 2196 [ DF45F8142DC6DF9D18C39B3EFFBD0409 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:07:50.0247 2196 HdAudAddService - ok
16:07:50.0341 2196 [ F942C5820205F2FB453243EDFEC82A3D ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
16:07:50.0356 2196 HDAudBus - ok
16:07:50.0372 2196 [ B4881C84A180E75B8C25DC1D726C375F ] HidBth C:\Windows\system32\drivers\hidbth.sys
16:07:50.0372 2196 HidBth - ok
16:07:50.0388 2196 [ 4E77A77E2C986E8F88F996BB3E1AD829 ] HidIr C:\Windows\system32\drivers\hidir.sys
16:07:50.0388 2196 HidIr - ok
16:07:50.0450 2196 [ 59361D38A297755D46A540E450202B2A ] hidserv C:\Windows\system32\hidserv.dll
16:07:50.0450 2196 hidserv - ok
16:07:50.0450 2196 [ D02C82CB3A20F391C8AEFF94E8E0BAA1 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
16:07:50.0450 2196 HidUsb - ok
16:07:50.0481 2196 [ B12F367EA39C0795FD57E31242CE1A5A ] hkmsvc C:\Windows\system32\kmsvc.dll
16:07:50.0481 2196 hkmsvc - ok
16:07:50.0497 2196 [ D7109A1E6BD2DFDBCBA72A6BC626A13B ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
16:07:50.0497 2196 HpCISSs - ok
16:07:50.0544 2196 [ 57BA73B5B321291E5114CB21350E1EA0 ] HSFHWAZL C:\Windows\system32\DRIVERS\VSTAZL6.SYS
16:07:50.0544 2196 HSFHWAZL - ok
16:07:50.0590 2196 [ 14492080EC1C7FF89673A98F0E6162F1 ] HsfXAudioService C:\Windows\SysWOW64\XAudio64.dll
16:07:50.0606 2196 HsfXAudioService - ok
16:07:50.0653 2196 [ 26C5D00321937E49B6BC91029947D094 ] HSF_DPV C:\Windows\system32\DRIVERS\CAX_DPV.sys
16:07:50.0668 2196 HSF_DPV - ok
16:07:50.0715 2196 [ 098F1E4E5C9CB5B0063A959063631610 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:07:50.0731 2196 HTTP - ok
16:07:50.0762 2196 [ DA94C854CEA5FAC549D4E1F6E88349E8 ] i2omp C:\Windows\system32\drivers\i2omp.sys
16:07:50.0762 2196 i2omp - ok
16:07:50.0778 2196 [ CBB597659A2713CE0C9CC20C88C7591F ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
16:07:50.0778 2196 i8042prt - ok
16:07:50.0809 2196 [ 3E3BF3627D886736D0B4E90054F929F6 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
16:07:50.0809 2196 iaStorV - ok
16:07:50.0871 2196 [ 749F5F8CEDCA70F2A512945325FC489D ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:07:50.0887 2196 idsvc - ok
16:07:51.0090 2196 [ 18C40C3F368323B203ACE403CB430DB1 ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120328.002\IDSvia64.sys
16:07:51.0090 2196 IDSVia64 - ok
16:07:51.0417 2196 [ C6238C6ABD6AC99F5D152DA4E9439A3D ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
16:07:51.0682 2196 igfx - ok
16:07:51.0698 2196 [ 8C3951AD2FE886EF76C7B5027C3125D3 ] iirsp C:\Windows\system32\drivers\iirsp.sys
16:07:51.0698 2196 iirsp - ok
16:07:51.0745 2196 [ 0C9EA6E654E7B0471741E343A6C671AF ] IKEEXT C:\Windows\System32\ikeext.dll
16:07:51.0760 2196 IKEEXT - ok
16:07:51.0792 2196 [ BE1CB000C655396C9DEF09AEE3EA2D67 ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
16:07:51.0792 2196 IntcHdmiAddService - ok
16:07:51.0823 2196 [ DF797A12176F11B2D301C5B234BB200E ] intelide C:\Windows\system32\drivers\intelide.sys
16:07:51.0823 2196 intelide - ok
16:07:51.0838 2196 [ BFD84AF32FA1BAD6231C4585CB469630 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:07:51.0838 2196 intelppm - ok
16:07:51.0870 2196 [ 5624BC1BC5EEB49C0AB76A8114F05EA3 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:07:51.0870 2196 IPBusEnum - ok
16:07:51.0916 2196 [ D8AABC341311E4780D6FCE8C73C0AD81 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:07:51.0916 2196 IpFilterDriver - ok
16:07:51.0963 2196 [ BF0DBFA9792C5C14FA00F61C75116C1B ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:07:51.0963 2196 iphlpsvc - ok
16:07:51.0963 2196 IpInIp - ok
16:07:51.0994 2196 [ 9C2EE2E6E5A7203BFAE15C299475EC67 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
16:07:51.0994 2196 IPMIDRV - ok
16:07:52.0026 2196 [ B7E6212F581EA5F6AB0C3A6CEEEB89BE ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
16:07:52.0026 2196 IPNAT - ok
16:07:52.0135 2196 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
16:07:52.0150 2196 iPod Service - ok
16:07:52.0197 2196 [ 8C42CA155343A2F11D29FECA67FAA88D ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:07:52.0197 2196 IRENUM - ok
16:07:52.0213 2196 [ 0672BFCEDC6FC468A2B0500D81437F4F ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:07:52.0213 2196 isapnp - ok
16:07:52.0260 2196 [ E4FDF99599F27EC25D2CF6D754243520 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
16:07:52.0260 2196 iScsiPrt - ok
16:07:52.0260 2196 [ 63C766CDC609FF8206CB447A65ABBA4A ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
16:07:52.0275 2196 iteatapi - ok
16:07:52.0291 2196 [ 1281FE73B17664631D12F643CBEA3F59 ] iteraid C:\Windows\system32\drivers\iteraid.sys
16:07:52.0291 2196 iteraid - ok
16:07:52.0353 2196 [ 54D14E71DCC55D22CF9A7F4D52A654B6 ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
16:07:52.0353 2196 k57nd60a - ok
16:07:52.0384 2196 [ 423696F3BA6472DD17699209B933BC26 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
16:07:52.0384 2196 kbdclass - ok
16:07:52.0416 2196 [ BF8783A5066CFECF45095459E8010FA7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
16:07:52.0416 2196 kbdhid - ok
16:07:52.0447 2196 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] KeyIso C:\Windows\system32\lsass.exe
16:07:52.0447 2196 KeyIso - ok
16:07:52.0509 2196 [ 88956AD9FA510848AD176777A6C6C1F5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:07:52.0525 2196 KSecDD - ok
16:07:52.0556 2196 [ 1D419CF43DB29396ECD7113D129D94EB ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
16:07:52.0572 2196 ksthunk - ok
16:07:52.0603 2196 [ 1FAF6926F3416D3DA05C5B265491BDAE ] KtmRm C:\Windows\system32\msdtckrm.dll
16:07:52.0618 2196 KtmRm - ok
16:07:52.0650 2196 [ 50C7A3CB427E9BB5ED0708A669956AB5 ] LanmanServer C:\Windows\system32\srvsvc.dll
16:07:52.0650 2196 LanmanServer - ok
16:07:52.0696 2196 [ CAF86FC1388BE1E470F1A7B43E348ADB ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:07:52.0712 2196 LanmanWorkstation - ok
16:07:52.0728 2196 [ 96ECE2659B6654C10A0C310AE3A6D02C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:07:52.0743 2196 lltdio - ok
16:07:52.0774 2196 [ 961CCBD0B1CCB5675D64976FAE37D092 ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:07:52.0790 2196 lltdsvc - ok
16:07:52.0806 2196 [ A47F8080CACC23C91FE823AD19AA5612 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:07:52.0806 2196 lmhosts - ok
16:07:52.0837 2196 [ ACBE1AF32D3123E330A07BFBC5EC4A9B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
16:07:52.0852 2196 LSI_FC - ok
16:07:52.0852 2196 [ 799FFB2FC4729FA46D2157C0065B3525 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
16:07:52.0852 2196 LSI_SAS - ok
16:07:52.0852 2196 [ F445FF1DAAD8A226366BFAF42551226B ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
16:07:52.0868 2196 LSI_SCSI - ok
16:07:52.0884 2196 [ 52F87B9CC8932C2A7375C3B2A9BE5E3E ] luafv C:\Windows\system32\drivers\luafv.sys
16:07:52.0884 2196 luafv - ok
16:07:52.0915 2196 [ 76A58DF02BD4EA29F189B82D0BEF17F8 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:07:52.0915 2196 Mcx2Svc - ok
16:07:52.0930 2196 [ E4F44EC214B3E381E1FC844A02926666 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
16:07:52.0930 2196 mdmxsdk - ok
16:07:52.0946 2196 [ 5C5CD6AACED32FB26C3FB34B3DCF972F ] megasas C:\Windows\system32\drivers\megasas.sys
16:07:52.0946 2196 megasas - ok
16:07:52.0962 2196 [ 859BC2436B076C77C159ED694ACFE8F8 ] MegaSR C:\Windows\system32\drivers\megasr.sys
16:07:52.0962 2196 MegaSR - ok
16:07:52.0993 2196 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] MMCSS C:\Windows\system32\mmcss.dll
16:07:52.0993 2196 MMCSS - ok
16:07:53.0024 2196 [ 59848D5CC74606F0EE7557983BB73C2E ] Modem C:\Windows\system32\drivers\modem.sys
16:07:53.0024 2196 Modem - ok
16:07:53.0040 2196 [ C247CC2A57E0A0C8C6DCCF7807B3E9E5 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:07:53.0040 2196 monitor - ok
16:07:53.0055 2196 [ 9367304E5E412B120CF5F4EA14E4E4F1 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
16:07:53.0055 2196 mouclass - ok
16:07:53.0071 2196 [ C2C2BD5C5CE5AAF786DDD74B75D2AC69 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:07:53.0071 2196 mouhid - ok
16:07:53.0102 2196 [ 11BC9B1E8801B01F7F6ADB9EAD30019B ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
16:07:53.0102 2196 MountMgr - ok
16:07:53.0118 2196 [ F8276EB8698142884498A528DFEA8478 ] mpio C:\Windows\system32\drivers\mpio.sys
16:07:53.0118 2196 mpio - ok
16:07:53.0133 2196 [ C92B9ABDB65A5991E00C28F13491DBA2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:07:53.0133 2196 mpsdrv - ok
16:07:53.0180 2196 [ 897E3BAF68BA406A61682AE39C83900C ] MpsSvc C:\Windows\system32\mpssvc.dll
16:07:53.0196 2196 MpsSvc - ok
16:07:53.0211 2196 [ 3C200630A89EF2C0864D515B7A75802E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
16:07:53.0211 2196 Mraid35x - ok
16:07:53.0242 2196 [ 7C1DE4AA96DC0C071611F9E7DE02A68D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:07:53.0242 2196 MRxDAV - ok
16:07:53.0274 2196 [ 1485811B320FF8C7EDAD1CAEBB1C6C2B ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:07:53.0274 2196 mrxsmb - ok
16:07:53.0305 2196 [ 3B929A60C833FC615FD97FBA82BC7632 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:07:53.0305 2196 mrxsmb10 - ok
16:07:53.0320 2196 [ C64AB3E1F53B4F5B5BB6D796B2D7BEC3 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:07:53.0320 2196 mrxsmb20 - ok
16:07:53.0352 2196 [ AA459F2AB3AB603C357FF117CAE3D818 ] msahci C:\Windows\system32\drivers\msahci.sys
16:07:53.0352 2196 msahci - ok
16:07:53.0383 2196 [ 264BBB4AAF312A485F0E44B65A6B7202 ] msdsm C:\Windows\system32\drivers\msdsm.sys
16:07:53.0383 2196 msdsm - ok
16:07:53.0414 2196 [ 7EC02CE772F068ED0BEAFA3DA341A9BC ] MSDTC C:\Windows\System32\msdtc.exe
16:07:53.0414 2196 MSDTC - ok
16:07:53.0445 2196 [ 704F59BFC4512D2BB0146AEC31B10A7C ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:07:53.0445 2196 Msfs - ok
16:07:53.0461 2196 [ 00EBC952961664780D43DCA157E79B27 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:07:53.0461 2196 msisadrv - ok
16:07:53.0492 2196 [ 366B0C1F4478B519C181E37D43DCDA32 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:07:53.0492 2196 MSiSCSI - ok
16:07:53.0508 2196 msiserver - ok
16:07:53.0539 2196 [ 0EA73E498F53B96D83DBFCA074AD4CF8 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:07:53.0539 2196 MSKSSRV - ok
16:07:53.0554 2196 [ 52E59B7E992A58E740AA63F57EDBAE8B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:07:53.0554 2196 MSPCLOCK - ok
16:07:53.0570 2196 [ 49084A75BAE043AE02D5B44D02991BB2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:07:53.0570 2196 MSPQM - ok
16:07:53.0601 2196 [ DC6CCF440CDEDE4293DB41C37A5060A5 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:07:53.0617 2196 MsRPC - ok
16:07:53.0648 2196 [ 855796E59DF77EA93AF46F20155BF55B ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
16:07:53.0648 2196 mssmbios - ok
16:07:53.0664 2196 [ 86D632D75D05D5B7C7C043FA3564AE86 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:07:53.0664 2196 MSTEE - ok
16:07:53.0710 2196 [ 0CC49F78D8ACA0877D885F149084E543 ] Mup C:\Windows\system32\Drivers\mup.sys
16:07:53.0710 2196 Mup - ok
16:07:53.0742 2196 [ A5B10C845E7538C60C0F5D87A57CB3F5 ] napagent C:\Windows\system32\qagentRT.dll
16:07:53.0757 2196 napagent - ok
16:07:53.0788 2196 [ 2007B826C4ACD94AE32232B41F0842B9 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:07:53.0804 2196 NativeWifiP - ok
16:07:53.0882 2196 [ 2DBE90210DE76BE6E1653BB20EC70EC2 ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120329.002\ENG64.SYS
16:07:53.0882 2196 NAVENG - ok
16:07:53.0960 2196 [ 346DA70E203B8E2C850277713DE8F71B ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120329.002\EX64.SYS
16:07:54.0007 2196 NAVEX15 - ok
16:07:54.0054 2196 [ 65950E07329FCEE8E6516B17C8D0ABB6 ] NDIS C:\Windows\system32\drivers\ndis.sys
16:07:54.0069 2196 NDIS - ok
16:07:54.0132 2196 [ 64DF698A425478E321981431AC171334 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:07:54.0132 2196 NdisTapi - ok
16:07:54.0147 2196 [ 8BAA43196D7B5BB972C9A6B2BBF61A19 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:07:54.0147 2196 Ndisuio - ok
16:07:54.0178 2196 [ F8158771905260982CE724076419EF19 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:07:54.0178 2196 NdisWan - ok
16:07:54.0210 2196 [ 9CB77ED7CB72850253E973A2D6AFDF49 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:07:54.0210 2196 NDProxy - ok
16:07:54.0225 2196 [ A499294F5029A7862ADC115BDA7371CE ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:07:54.0225 2196 NetBIOS - ok
16:07:54.0256 2196 [ FC2C792EBDDC8E28DF939D6A92C83D61 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
16:07:54.0256 2196 netbt - ok
16:07:54.0272 2196 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] Netlogon C:\Windows\system32\lsass.exe
16:07:54.0272 2196 Netlogon - ok
16:07:54.0319 2196 [ 9B63B29DEFC0F3115A559D2597BF5D75 ] Netman C:\Windows\System32\netman.dll
16:07:54.0319 2196 Netman - ok
16:07:54.0350 2196 [ 7846D0136CC2B264926A73047BA7688A ] netprofm C:\Windows\System32\netprofm.dll
16:07:54.0350 2196 netprofm - ok
16:07:54.0397 2196 [ 74751DDA198165947FD7454D83F49825 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:07:54.0397 2196 NetTcpPortSharing - ok
16:07:54.0568 2196 [ 2BDCB7B7917380794C9D87AC2153CE33 ] NETw5v64 C:\Windows\system32\DRIVERS\NETw5v64.sys
16:07:54.0709 2196 NETw5v64 - ok
16:07:54.0740 2196 [ 4AC08BD6AF2DF42E0C3196D826C8AEA7 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
16:07:54.0740 2196 nfrd960 - ok
16:07:54.0756 2196 [ F145BF4C4668E7E312069F81EF847CFC ] NlaSvc C:\Windows\System32\nlasvc.dll
16:07:54.0771 2196 NlaSvc - ok
16:07:54.0802 2196 [ B298874F8E0EA93F06EC40AA8D146478 ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:07:54.0802 2196 Npfs - ok
16:07:54.0818 2196 [ ACB62BAA1C319B17752553DF3026EEEB ] nsi C:\Windows\system32\nsisvc.dll
16:07:54.0834 2196 nsi - ok
16:07:54.0865 2196 [ 1523AF19EE8B030BA682F7A53537EAEB ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:07:54.0865 2196 nsiproxy - ok
16:07:54.0943 2196 [ BAC869DFB98E499BA4D9BB1FB43270E1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:07:54.0958 2196 Ntfs - ok
16:07:55.0036 2196 [ 952BF6DFC96E3E94D1D88FD0B78EC443 ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe
16:07:55.0036 2196 NTI IScheduleSvc - ok
16:07:55.0052 2196 [ 7D397449AAF52B0E7C79B64F6AD4473E ] NTIDrvr C:\Windows\system32\Drivers\NTIDrvr.sys
16:07:55.0052 2196 NTIDrvr - ok
16:07:55.0083 2196 [ DD5D684975352B85B52E3FD5347C20CB ] Null C:\Windows\system32\drivers\Null.sys
16:07:55.0083 2196 Null - ok
16:07:55.0114 2196 [ 2C040B7ADA5B06F6FACADAC8514AA034 ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:07:55.0114 2196 nvraid - ok
16:07:55.0130 2196 [ F7EA0FE82842D05EDA3EFDD376DBFDBA ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:07:55.0130 2196 nvstor - ok
16:07:55.0161 2196 [ 19067CA93075EF4823E3938A686F532F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:07:55.0161 2196 nv_agp - ok
16:07:55.0161 2196 NwlnkFlt - ok
16:07:55.0177 2196 NwlnkFwd - ok
16:07:55.0302 2196 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:07:55.0302 2196 odserv - ok
16:07:55.0333 2196 [ 7B58953E2F263421FDBB09A192712A85 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
16:07:55.0333 2196 ohci1394 - ok
16:07:55.0395 2196 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:07:55.0395 2196 ose - ok
16:07:55.0473 2196 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2pimsvc C:\Windows\system32\p2psvc.dll
16:07:55.0489 2196 p2pimsvc - ok
16:07:55.0504 2196 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2psvc C:\Windows\system32\p2psvc.dll
16:07:55.0504 2196 p2psvc - ok
16:07:55.0536 2196 [ AECD57F94C887F58919F307C35498EA0 ] Parport C:\Windows\system32\drivers\parport.sys
16:07:55.0536 2196 Parport - ok
16:07:55.0598 2196 [ B43751085E2ABE389DA466BC62A4B987 ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:07:55.0598 2196 partmgr - ok
16:07:55.0629 2196 [ 9AB157B374192FF276C1628FBDBA2B0E ] PcaSvc C:\Windows\System32\pcasvc.dll
16:07:55.0629 2196 PcaSvc - ok
16:07:55.0645 2196 [ 47AB1E0FC9D0E12BB53BA246E3A0906D ] pci C:\Windows\system32\drivers\pci.sys
16:07:55.0645 2196 pci - ok
16:07:55.0676 2196 [ 8D618C829034479985A9ED56106CC732 ] pciide C:\Windows\system32\drivers\pciide.sys
16:07:55.0676 2196 pciide - ok
16:07:55.0692 2196 [ 037661F3D7C507C9993B7010CEEE6288 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
16:07:55.0692 2196 pcmcia - ok
16:07:55.0723 2196 [ 58865916F53592A61549B04941BFD80D ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:07:55.0738 2196 PEAUTH - ok
16:07:55.0770 2196 [ 0ED8727EA0172860F47258456C06CAEA ] PerfHost C:\Windows\SysWow64\perfhost.exe
16:07:55.0770 2196 PerfHost - ok
16:07:55.0848 2196 [ E9E68C1A0F25CF4A7AC966EEA74EE89E ] pla C:\Windows\system32\pla.dll
16:07:55.0879 2196 pla - ok
16:07:55.0910 2196 [ FE6B0F59215C9FD9F9D26539C58C8B82 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:07:55.0926 2196 PlugPlay - ok
16:07:55.0957 2196 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
16:07:55.0972 2196 PNRPAutoReg - ok
16:07:55.0988 2196 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPsvc C:\Windows\system32\p2psvc.dll
16:07:56.0004 2196 PNRPsvc - ok
16:07:56.0019 2196 [ 89A5560671C2D8B4A4B51F3E1AA069D8 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:07:56.0035 2196 PolicyAgent - ok
16:07:56.0066 2196 [ 23386E9952025F5F21C368971E2E7301 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:07:56.0082 2196 PptpMiniport - ok
16:07:56.0097 2196 [ 5080E59ECEE0BC923F14018803AA7A01 ] Processor C:\Windows\system32\drivers\processr.sys
16:07:56.0097 2196 Processor - ok
16:07:56.0175 2196 [ E058CE4FC2449D8BFA14739C83B7FF2A ] ProfSvc C:\Windows\system32\profsvc.dll
16:07:56.0175 2196 ProfSvc - ok
16:07:56.0191 2196 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] ProtectedStorage C:\Windows\system32\lsass.exe
16:07:56.0206 2196 ProtectedStorage - ok
16:07:56.0238 2196 [ C5AB7F0809392D0DA027F4A2A81BFA31 ] PSched C:\Windows\system32\DRIVERS\pacer.sys
16:07:56.0238 2196 PSched - ok
16:07:56.0284 2196 [ 0B83F4E681062F3839BE2EC1D98FD94A ] ql2300 C:\Windows\system32\drivers\ql2300.sys
16:07:56.0316 2196 ql2300 - ok
16:07:56.0331 2196 [ E1C80F8D4D1E39EF9595809C1369BF2A ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
16:07:56.0331 2196 ql40xx - ok
16:07:56.0378 2196 [ 90574842C3DA781E279061A3EFF91F07 ] QWAVE C:\Windows\system32\qwave.dll
16:07:56.0378 2196 QWAVE - ok
16:07:56.0425 2196 [ E8D76EDAB77EC9C634C27B8EAC33ADC5 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:07:56.0425 2196 QWAVEdrv - ok
16:07:56.0440 2196 [ 1013B3B663A56D3DDD784F581C1BD005 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:07:56.0440 2196 RasAcd - ok
16:07:56.0472 2196 [ B2AE18F847D07F0044404DDF7CB04497 ] RasAuto C:\Windows\System32\rasauto.dll
16:07:56.0487 2196 RasAuto - ok
16:07:56.0518 2196 [ AC7BC4D42A7E558718DFDEC599BBFC2C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:07:56.0518 2196 Rasl2tp - ok
16:07:56.0550 2196 [ 3AD83E4046C43BE510DE681588ACB8AF ] RasMan C:\Windows\System32\rasmans.dll
16:07:56.0550 2196 RasMan - ok
16:07:56.0581 2196 [ 4517FBF8B42524AFE4EDE1DE102AAE3E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:07:56.0581 2196 RasPppoe - ok
16:07:56.0612 2196 [ C6A593B51F34C33E5474539544072527 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:07:56.0612 2196 RasSstp - ok
16:07:56.0643 2196 [ 322DB5C6B55E8D8EE8D6F358B2AAABB1 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:07:56.0659 2196 rdbss - ok
16:07:56.0674 2196 [ 603900CC05F6BE65CCBF373800AF3716 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:07:56.0674 2196 RDPCDD - ok
16:07:56.0706 2196 [ C045D1FB111C28DF0D1BE8D4BDA22C06 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
16:07:56.0706 2196 rdpdr - ok
16:07:56.0721 2196 [ CAB9421DAF3D97B33D0D055858E2C3AB ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:07:56.0721 2196 RDPENCDD - ok
16:07:56.0784 2196 [ AE4BD9E1C33D351D8E607FC81F15160C ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:07:56.0784 2196 RDPWD - ok
16:07:56.0815 2196 [ C612B9557DA73F70D41F8A6FBC8E5344 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:07:56.0815 2196 RemoteAccess - ok
16:07:56.0846 2196 [ 44B9D8EC2F3EF3A0EFB00857AF70D861 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:07:56.0862 2196 RemoteRegistry - ok
16:07:56.0893 2196 [ F46C457840D4B7A4DAAFEE739CE04102 ] RpcLocator C:\Windows\system32\locator.exe
16:07:56.0893 2196 RpcLocator - ok
16:07:56.0955 2196 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] RpcSs C:\Windows\system32\rpcss.dll
16:07:56.0955 2196 RpcSs - ok
16:07:57.0002 2196 [ 22A9CB08B1A6707C1550C6BF099AAE73 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:07:57.0002 2196 rspndr - ok
16:07:57.0002 2196 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] SamSs C:\Windows\system32\lsass.exe
16:07:57.0018 2196 SamSs - ok
16:07:57.0033 2196 [ CD9C693589C60AD59BBBCFB0E524E01B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:07:57.0033 2196 sbp2port - ok
16:07:57.0111 2196 [ FD1CDCF108D5EF3366F00D18B70FB89B ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:07:57.0111 2196 SCardSvr - ok
16:07:57.0174 2196 [ 0F838C811AD295D2A4489B9993096C63 ] Schedule C:\Windows\system32\schedsvc.dll
16:07:57.0189 2196 Schedule - ok
16:07:57.0236 2196 [ 5A268127633C7EE2A7FB87F39D748D56 ] SCPolicySvc C:\Windows\System32\certprop.dll
16:07:57.0236 2196 SCPolicySvc - ok
16:07:57.0267 2196 [ 4FF71B076A7760FE75EA5AE2D0EE0018 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:07:57.0267 2196 SDRSVC - ok
16:07:57.0314 2196 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:07:57.0314 2196 secdrv - ok
16:07:57.0330 2196 [ 5ACDCBC67FCF894A1815B9F96D704490 ] seclogon C:\Windows\system32\seclogon.dll
16:07:57.0330 2196 seclogon - ok
16:07:57.0361 2196 [ 90973A64B96CD647FF81C79443618EED ] SENS C:\Windows\System32\sens.dll
16:07:57.0361 2196 SENS - ok
16:07:57.0376 2196 [ F71BFE7AC6C52273B7C82CBF1BB2A222 ] Serenum C:\Windows\system32\drivers\serenum.sys
16:07:57.0392 2196 Serenum - ok
16:07:57.0408 2196 [ E62FAC91EE288DB29A9696A9D279929C ] Serial C:\Windows\system32\drivers\serial.sys
16:07:57.0408 2196 Serial - ok
16:07:57.0454 2196 [ A842F04833684BCEEA7336211BE478DF ] sermouse C:\Windows\system32\drivers\sermouse.sys
16:07:57.0454 2196 sermouse - ok
16:07:57.0501 2196 [ A8E4A4407A09F35DCCC3771AF590B0C4 ] SessionEnv C:\Windows\system32\sessenv.dll
16:07:57.0501 2196 SessionEnv - ok
16:07:57.0517 2196 [ 14D4B4465193A87C127933978E8C4106 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
16:07:57.0517 2196 sffdisk - ok
16:07:57.0532 2196 [ 7073AEE3F82F3D598E3825962AA98AB2 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:07:57.0532 2196 sffp_mmc - ok
16:07:57.0548 2196 [ 35E59EBE4A01A0532ED67975161C7B82 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
16:07:57.0548 2196 sffp_sd - ok
16:07:57.0564 2196 [ 6B7838C94135768BD455CBDC23E39E5F ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
16:07:57.0579 2196 sfloppy - ok
16:07:57.0642 2196 [ 4C5AEE179DA7E1EE9A9CCB9DA289AF34 ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:07:57.0657 2196 SharedAccess - ok
16:07:57.0688 2196 [ 56793271ECDEDD350C5ADD305603E963 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:07:57.0704 2196 ShellHWDetection - ok
16:07:57.0735 2196 [ 7A5DE502AEB719D4594C6471060A78B3 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
16:07:57.0735 2196 SiSRaid2 - ok
16:07:57.0735 2196 [ 3A2F769FAB9582BC720E11EA1DFB184D ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
16:07:57.0735 2196 SiSRaid4 - ok
16:07:57.0829 2196 [ A9A27A8E257B45A604FDAD4F26FE7241 ] slsvc C:\Windows\system32\SLsvc.exe
16:07:57.0891 2196 slsvc - ok
16:07:57.0922 2196 [ FD74B4B7C2088E390A30C85A896FC3AF ] SLUINotify C:\Windows\system32\SLUINotify.dll
16:07:57.0922 2196 SLUINotify - ok
16:07:57.0954 2196 [ 290B6F6A0EC4FCDFC90F5CB6D7020473 ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:07:57.0954 2196 Smb - ok
16:07:58.0000 2196 [ F8F47F38909823B1AF28D60B96340CFF ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:07:58.0000 2196 SNMPTRAP - ok
16:07:58.0078 2196 [ 386C3C63F00A7040C7EC5E384217E89D ] spldr C:\Windows\system32\drivers\spldr.sys
16:07:58.0078 2196 spldr - ok
16:07:58.0110 2196 [ F66FF751E7EFC816D266977939EF5DC3 ] Spooler C:\Windows\System32\spoolsv.exe
16:07:58.0125 2196 Spooler - ok
16:07:58.0266 2196 [ 90EF30C3867BCDE4579C01A6D6E75A7A ] SRTSP C:\Windows\System32\Drivers\N360x64\0502000.00D\SRTSP64.SYS
16:07:58.0266 2196 SRTSP - ok
16:07:58.0297 2196 [ C513E8A5E7978DA49077F5484344EE1B ] SRTSPX C:\Windows\system32\drivers\N360x64\0502000.00D\SRTSPX64.SYS
16:07:58.0297 2196 SRTSPX - ok
16:07:58.0344 2196 [ 880A57FCCB571EBD063D4DD50E93E46D ] srv C:\Windows\system32\DRIVERS\srv.sys
16:07:58.0359 2196 srv - ok
16:07:58.0390 2196 [ A1AD14A6D7A37891FFFECA35EBBB0730 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:07:58.0390 2196 srv2 - ok
16:07:58.0406 2196 [ 4BED62F4FA4D8300973F1151F4C4D8A7 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:07:58.0406 2196 srvnet - ok
16:07:58.0453 2196 [ 192C74646EC5725AEF3F80D19FF75F6A ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:07:58.0453 2196 SSDPSRV - ok
16:07:58.0515 2196 [ 2EE3FA0308E6185BA64A9A7F2E74332B ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:07:58.0515 2196 SstpSvc - ok
16:07:58.0562 2196 [ 15825C1FBFB8779992CB65087F316AF5 ] stisvc C:\Windows\System32\wiaservc.dll
16:07:58.0578 2196 stisvc - ok
16:07:58.0609 2196 [ 8A851CA908B8B974F89C50D2E18D4F0C ] swenum C:\Windows\system32\DRIVERS\swenum.sys
16:07:58.0609 2196 swenum - ok
16:07:58.0640 2196 [ 6DE37F4DE19D4EFD9C48C43ADDBC949A ] swprv C:\Windows\System32\swprv.dll
16:07:58.0656 2196 swprv - ok
16:07:58.0687 2196 [ 2F26A2C6FC96B29BEFF5D8ED74E6625B ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
16:07:58.0687 2196 Symc8xx - ok
16:07:58.0749 2196 [ 6160145C7A87FC7672E8E3B886888176 ] SymDS C:\Windows\system32\drivers\N360x64\0502000.00D\SYMDS64.SYS
16:07:58.0749 2196 SymDS - ok
16:07:58.0796 2196 [ 96AEED40D4D3521568B42027687E69E0 ] SymEFA C:\Windows\system32\drivers\N360x64\0502000.00D\SYMEFA64.SYS
16:07:58.0812 2196 SymEFA - ok
16:07:58.0858 2196 [ 21A1C2D694C3CF962D31F5E873AB3D6F ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
16:07:58.0858 2196 SymEvent - ok
16:07:58.0905 2196 [ BD0D711D8CBFCAA19CA123306EAF53A5 ] SymIRON C:\Windows\system32\drivers\N360x64\0502000.00D\Ironx64.SYS
16:07:58.0905 2196 SymIRON - ok
16:07:58.0936 2196 [ 61D06BE74FA23EBB7D816E4468EDD19E ] SYMTDIv C:\Windows\System32\Drivers\N360x64\0502000.00D\SYMTDIV.SYS
16:07:58.0952 2196 SYMTDIv - ok
16:07:58.0968 2196 [ A909667976D3BCCD1DF813FED517D837 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
16:07:58.0968 2196 Sym_hi - ok
16:07:58.0983 2196 [ 36887B56EC2D98B9C362F6AE4DE5B7B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
16:07:58.0983 2196 Sym_u3 - ok
16:07:59.0014 2196 [ 2F240094AFFC3D5AA8BF3060B22FE7ED ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
16:07:59.0014 2196 SynTP - ok
16:07:59.0077 2196 [ 92D7A8B0F87B036F17D25885937897A6 ] SysMain C:\Windows\system32\sysmain.dll
16:07:59.0092 2196 SysMain - ok
16:07:59.0108 2196 [ 005CE42567F9113A3BCCB3B20073B029 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:07:59.0124 2196 TabletInputService - ok
16:07:59.0139 2196 [ CC2562B4D55E0B6A4758C65407F63B79 ] TapiSrv C:\Windows\System32\tapisrv.dll
16:07:59.0155 2196 TapiSrv - ok
16:07:59.0170 2196 [ CDBE8D7C1E201B911CDC346D06617FB5 ] TBS C:\Windows\System32\tbssvc.dll
16:07:59.0170 2196 TBS - ok
16:07:59.0264 2196 [ 46D448E9117464E4D3BBF36D7E3FA48E ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:07:59.0280 2196 Tcpip - ok
16:07:59.0311 2196 [ 46D448E9117464E4D3BBF36D7E3FA48E ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
16:07:59.0326 2196 Tcpip6 - ok
16:07:59.0358 2196 [ C7E72A4071EE0200E3C075DACFB2B334 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:07:59.0358 2196 tcpipreg - ok
16:07:59.0404 2196 [ 1D8BF4AAA5FB7A2761475781DC1195BC ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:07:59.0404 2196 TDPIPE - ok
16:07:59.0420 2196 [ 7F7E00CDF609DF657F4CDA02DD1C9BB1 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:07:59.0420 2196 TDTCP - ok
16:07:59.0482 2196 [ 458919C8C42E398DC4802178D5FFEE27 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:07:59.0482 2196 tdx - ok
16:07:59.0498 2196 [ 8C19678D22649EC002EF2282EAE92F98 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
16:07:59.0514 2196 TermDD - ok
16:07:59.0545 2196 [ 5CDD30BC217082DAC71A9878D9BFD566 ] TermService C:\Windows\System32\termsrv.dll
16:07:59.0560 2196 TermService - ok
16:07:59.0576 2196 [ 56793271ECDEDD350C5ADD305603E963 ] Themes C:\Windows\system32\shsvcs.dll
16:07:59.0592 2196 Themes - ok
16:07:59.0607 2196 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] THREADORDER C:\Windows\system32\mmcss.dll
16:07:59.0607 2196 THREADORDER - ok
16:07:59.0638 2196 [ F4689F05AF472A651A7B1B7B02D200E7 ] TrkWks C:\Windows\System32\trkwks.dll
16:07:59.0654 2196 TrkWks - ok
16:07:59.0701 2196 [ 66328B08EF5A9305D8EDE36B93930369 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:07:59.0701 2196 TrustedInstaller - ok
16:07:59.0748 2196 [ 9E5409CD17C8BEF193AAD498F3BC2CB8 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:07:59.0748 2196 tssecsrv - ok
16:07:59.0779 2196 [ 89EC74A9E602D16A75A4170511029B3C ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
16:07:59.0779 2196 tunmp - ok
16:07:59.0810 2196 [ 30A9B3F45AD081BFFC3BCAA9C812B609 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:07:59.0810 2196 tunnel - ok
16:07:59.0841 2196 [ FEC266EF401966311744BD0F359F7F56 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
16:07:59.0841 2196 uagp35 - ok
16:07:59.0872 2196 [ 00C8CE31657624A125FDB90EFD554371 ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
16:07:59.0872 2196 UBHelper - ok
16:07:59.0919 2196 [ FAF2640A2A76ED03D449E443194C4C34 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:07:59.0919 2196 udfs - ok
16:07:59.0982 2196 [ 060507C4113391394478F6953A79EEDC ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:07:59.0982 2196 UI0Detect - ok
16:08:00.0013 2196 [ 4EC9447AC3AB462647F60E547208CA00 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:08:00.0013 2196 uliagpkx - ok
16:08:00.0044 2196 [ 697F0446134CDC8F99E69306184FBBB4 ] uliahci C:\Windows\system32\drivers\uliahci.sys
16:08:00.0044 2196 uliahci - ok
16:08:00.0060 2196 [ 31707F09846056651EA2C37858F5DDB0 ] UlSata C:\Windows\system32\drivers\ulsata.sys
16:08:00.0060 2196 UlSata - ok
16:08:00.0075 2196 [ 85E5E43ED5B48C8376281BAB519271B7 ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
16:08:00.0075 2196 ulsata2 - ok
16:08:00.0106 2196 [ 46E9A994C4FED537DD951F60B86AD3F4 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
16:08:00.0106 2196 umbus - ok
16:08:00.0153 2196 [ 7093799FF80E9DECA0680D2E3535BE60 ] upnphost C:\Windows\System32\upnphost.dll
16:08:00.0153 2196 upnphost - ok
16:08:00.0216 2196 [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
16:08:00.0216 2196 USBAAPL64 - ok
16:08:00.0262 2196 [ 07E3498FC60834219D2356293DA0FECC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:08:00.0262 2196 usbccgp - ok
16:08:00.0278 2196 [ 9247F7E0B65852C1F6631480984D6ED2 ] usbcir C:\Windows\system32\drivers\usbcir.sys
16:08:00.0294 2196 usbcir - ok
16:08:00.0325 2196 [ 827E44DE934A736EA31E91D353EB126F ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
16:08:00.0325 2196 usbehci - ok
16:08:00.0340 2196 [ BB35CD80A2ECECFADC73569B3D70C7D1 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:08:00.0340 2196 usbhub - ok
16:08:00.0387 2196 [ EBA14EF0C07CEC233F1529C698D0D154 ] usbohci C:\Windows\system32\drivers\usbohci.sys
16:08:00.0387 2196 usbohci - ok
16:08:00.0418 2196 [ 28B693B6D31E7B9332C1BDCEFEF228C1 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
16:08:00.0418 2196 usbprint - ok
16:08:00.0434 2196 [ B854C1558FCA0C269A38663E8B59B581 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:08:00.0450 2196 USBSTOR - ok
16:08:00.0481 2196 [ B2872CBF9F47316ABD0E0C74A1ABA507 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
16:08:00.0481 2196 usbuhci - ok
16:08:00.0496 2196 [ FC33099877790D51B0927B7039059855 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
16:08:00.0512 2196 usbvideo - ok
16:08:00.0543 2196 [ D76E231E4850BB3F88A3D9A78DF191E3 ] UxSms C:\Windows\System32\uxsms.dll
16:08:00.0543 2196 UxSms - ok
16:08:00.0574 2196 [ 294945381DFA7CE58CECF0A9896AF327 ] vds C:\Windows\System32\vds.exe
16:08:00.0590 2196 vds - ok
16:08:00.0621 2196 [ 916B94BCF1E09873FFF2D5FB11767BBC ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:08:00.0621 2196 vga - ok
16:08:00.0652 2196 [ B83AB16B51FEDA65DD81B8C59D114D63 ] VgaSave C:\Windows\System32\drivers\vga.sys
16:08:00.0652 2196 VgaSave - ok
16:08:00.0715 2196 [ 4AAF1935214946224897506B544790C5 ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
16:08:00.0746 2196 VIAHdAudAddService - ok
16:08:00.0762 2196 [ 8294B6C3FDB6C33F24E150DE647ECDAA ] viaide C:\Windows\system32\drivers\viaide.sys
16:08:00.0762 2196 viaide - ok
16:08:00.0793 2196 [ 2B7E885ED951519A12C450D24535DFCA ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:08:00.0793 2196 volmgr - ok
16:08:00.0824 2196 [ CEC5AC15277D75D9E5DEC2E1C6EAF877 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:08:00.0840 2196 volmgrx - ok
16:08:00.0871 2196 [ 5280AADA24AB36B01A84A6424C475C8D ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:08:00.0871 2196 volsnap - ok
16:08:00.0902 2196 [ A68F455ED2673835209318DD61BFBB0E ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
16:08:00.0902 2196 vsmraid - ok
16:08:00.0964 2196 [ B75232DAD33BFD95BF6F0A3E6BFF51E1 ] VSS C:\Windows\system32\vssvc.exe
16:08:00.0996 2196 VSS - ok
16:08:01.0027 2196 [ F14A7DE2EA41883E250892E1E5230A9A ] W32Time C:\Windows\system32\w32time.dll
16:08:01.0042 2196 W32Time - ok
16:08:01.0074 2196 [ FEF8FE5923FEAD2CEE4DFABFCE3393A7 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
16:08:01.0074 2196 WacomPen - ok
16:08:01.0120 2196 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
16:08:01.0120 2196 Wanarp - ok
16:08:01.0120 2196 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:08:01.0136 2196 Wanarpv6 - ok
16:08:01.0214 2196 [ B4E4C37D0AA6100090A53213EE2BF1C1 ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:08:01.0230 2196 wcncsvc - ok
16:08:01.0245 2196 [ EA4B369560E986F19D93F45A881484AC ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:08:01.0261 2196 WcsPlugInService - ok
16:08:01.0276 2196 [ 0C17A0816F65B89E362E682AD5E7266E ] Wd C:\Windows\system32\drivers\wd.sys
16:08:01.0276 2196 Wd - ok
16:08:01.0323 2196 [ D02E7E4567DA1E7582FBF6A91144B0DF ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:08:01.0339 2196 Wdf01000 - ok
16:08:01.0370 2196 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:08:01.0386 2196 WdiServiceHost - ok
16:08:01.0386 2196 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:08:01.0386 2196 WdiSystemHost - ok
16:08:01.0417 2196 [ 3E6D05381CF35F75EBB055544A8ED9AC ] WebClient C:\Windows\System32\webclnt.dll
16:08:01.0417 2196 WebClient - ok
16:08:01.0432 2196 [ 8D40BC587993F876658BF9FB0F7D3462 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:08:01.0448 2196 Wecsvc - ok
16:08:01.0479 2196 [ 9C980351D7E96288EA0C23AE232BD065 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:08:01.0479 2196 wercplsupport - ok
16:08:01.0526 2196 [ 66B9ECEBC46683F47EDC06333C075FEF ] WerSvc C:\Windows\System32\WerSvc.dll
16:08:01.0526 2196 WerSvc - ok
16:08:01.0588 2196 [ A6EA7A3FC4B00F48535B506DB1E86EFD ] winachsf C:\Windows\system32\DRIVERS\CAX_CNXT.sys
16:08:01.0604 2196 winachsf - ok
16:08:01.0604 2196 WinDefend - ok
16:08:01.0620 2196 WinHttpAutoProxySvc - ok
16:08:01.0682 2196 [ D2E7296ED1BD26D8DB2799770C077A02 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:08:01.0682 2196 Winmgmt - ok
16:08:01.0760 2196 [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869 ] WinRM C:\Windows\system32\WsmSvc.dll
16:08:01.0807 2196 WinRM - ok
16:08:01.0869 2196 [ EC339C8115E91BAED835957E9A677F16 ] Wlansvc C:\Windows\System32\wlansvc.dll
16:08:01.0885 2196 Wlansvc - ok
16:08:01.0916 2196 [ E18AEBAAA5A773FE11AA2C70F65320F5 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
16:08:01.0916 2196 WmiAcpi - ok
16:08:01.0963 2196 [ 21FA389E65A852698B6A1341F36EE02D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:08:01.0963 2196 wmiApSrv - ok
16:08:01.0994 2196 WMPNetworkSvc - ok
16:08:02.0041 2196 [ CBC156C913F099E6680D1DF9307DB7A8 ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:08:02.0041 2196 WPCSvc - ok
16:08:02.0072 2196 [ 490A18B4E4D53DC10879DEAA8E8B70D9 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:08:02.0072 2196 WPDBusEnum - ok
16:08:02.0103 2196 [ 5E2401B3FC1089C90E081291357371A9 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
16:08:02.0103 2196 WpdUsb - ok
16:08:02.0197 2196 [ 991E2C2CF3BC204C2BB2EE1476149E4E ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
16:08:02.0228 2196 WPFFontCache_v0400 - ok
16:08:02.0259 2196 [ 8A900348370E359B6BFF6A550E4649E1 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:08:02.0259 2196 ws2ifsl - ok
16:08:02.0290 2196 [ 9EA3E6D0EF7A5C2B9181961052A4B01A ] wscsvc C:\Windows\System32\wscsvc.dll
16:08:02.0290 2196 wscsvc - ok
16:08:02.0306 2196 WSearch - ok
16:08:02.0415 2196 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
16:08:02.0446 2196 wuauserv - ok
16:08:02.0462 2196 [ 501A65252617B495C0F1832F908D54D8 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:08:02.0478 2196 WUDFRd - ok
16:08:02.0524 2196 [ 6CBD51FF913C851D56ED9DC7F2A27DDE ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:08:02.0524 2196 wudfsvc - ok
16:08:02.0556 2196 [ C22B223CC6D58E921D78E173172F66F5 ] XAudio C:\Windows\system32\DRIVERS\XAudio64.sys
16:08:02.0556 2196 XAudio - ok
16:08:02.0587 2196 ================ Scan global ===============================
16:08:02.0634 2196 [ 060DC3A7A9A2626031EB23D90151428D ] C:\Windows\system32\basesrv.dll
16:08:02.0680 2196 [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll
16:08:02.0696 2196 [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll
16:08:02.0743 2196 [ 934E0B7D77FF78C18D9F8891221B6DE3 ] C:\Windows\system32\services.exe
16:08:02.0758 2196 [Global] - ok
16:08:02.0758 2196 ================ Scan MBR ==================================
16:08:02.0774 2196 [ BEEDF9B7F43A72A91456F7131AFC11B2 ] \Device\Harddisk0\DR0
16:08:03.0928 2196 \Device\Harddisk0\DR0 - ok
16:08:03.0928 2196 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR2
16:08:04.0131 2196 \Device\Harddisk1\DR2 - ok
16:08:04.0131 2196 ================ Scan VBR ==================================
16:08:04.0194 2196 [ 10A4343FA26BC51EE6B517F5BE3AC785 ] \Device\Harddisk0\DR0\Partition1
16:08:04.0194 2196 \Device\Harddisk0\DR0\Partition1 - ok
16:08:04.0209 2196 [ 087D46D69BCA4A2E54C9DE8FAA9CDE30 ] \Device\Harddisk1\DR2\Partition1
16:08:04.0209 2196 \Device\Harddisk1\DR2\Partition1 - ok
16:08:04.0209 2196 ============================================================
16:08:04.0209 2196 Scan finished
16:08:04.0209 2196 ============================================================
16:08:04.0225 2972 Detected object count: 0
16:08:04.0225 2972 Actual detected object count: 0


# AdwCleaner v2.009 - Logfile created 11/26/2012 at 16:42:37
# Updated 24/11/2012 by Xplode
# Operating system : Windows ™ Vista Home Premium Service Pack 2 (64 bits)
# User : mariah - MARIAH-PC
# Boot Mode : Normal
# Running from : C:\Users\mariah\Desktop\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Deleted on reboot : C:\Program Files (x86)\Free Offers from Freeze.com
File Deleted : C:\Users\Public\Desktop\eBay.lnk

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\Freecause
Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

*************************

AdwCleaner[S1].txt - [1280 octets] - [26/11/2012 16:42:37]

########## EOF - C:\AdwCleaner[S1].txt - [1340 octets] ##########


MiniToolBox by Farbar Version: 25-11-2012
Ran by mariah (administrator) on 26-11-2012 at 16:39:48
Running from "C:\Users\mariah\Desktop"
Windows Vista ™ Home Premium Service Pack 2 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================

Intel® WiFi Link 5100 AGN = Wireless Network Connection (Connected)
Broadcom NetLink ™ Gigabit Ethernet = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : mariah-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® WiFi Link 5100 AGN
Physical Address. . . . . . . . . : 00-21-6B-CE-10-A6
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::addf:b57:b13e:2da6%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.134(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Monday, November 26, 2012 3:59:15 PM
Lease Expires . . . . . . . . . . : Tuesday, November 27, 2012 3:59:15 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 184557931
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-11-CC-AC-C5-00-1D-72-FA-94-EA
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet
Physical Address. . . . . . . . . : 00-1D-72-FA-94-EA
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 6:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{A9ED9245-A677-4518-A3E0-ED9CE7DD81DB}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.home.gateway
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{6F8705C6-46FD-4875-93C8-618DADDCB53F}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: ThePlantation
Address: 192.168.1.1

Name: google.com
Addresses: 2607:f8b0:400a:801::1006
173.194.33.39
173.194.33.40
173.194.33.41
173.194.33.46
173.194.33.32
173.194.33.33
173.194.33.34
173.194.33.35
173.194.33.36
173.194.33.37
173.194.33.38



Pinging google.com [173.194.33.38] with 32 bytes of data:

Reply from 173.194.33.38: bytes=32 time=28ms TTL=53

Reply from 173.194.33.38: bytes=32 time=31ms TTL=53



Ping statistics for 173.194.33.38:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 28ms, Maximum = 31ms, Average = 29ms

Server: ThePlantation
Address: 192.168.1.1

Name: yahoo.com
Addresses: 72.30.38.140
98.138.253.109
98.139.183.24



Pinging yahoo.com [98.139.183.24] with 32 bytes of data:

Reply from 98.139.183.24: bytes=32 time=208ms TTL=46

Reply from 98.139.183.24: bytes=32 time=124ms TTL=46



Ping statistics for 98.139.183.24:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 124ms, Maximum = 208ms, Average = 166ms



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
11 ...00 21 6b ce 10 a6 ...... Intel® WiFi Link 5100 AGN
10 ...00 1d 72 fa 94 ea ...... Broadcom NetLink ™ Gigabit Ethernet
1 ........................... Software Loopback Interface 1
14 ...00 00 00 00 00 00 00 e0 isatap.{A9ED9245-A677-4518-A3E0-ED9CE7DD81DB}
13 ...00 00 00 00 00 00 00 e0 isatap.home.gateway
15 ...00 00 00 00 00 00 00 e0 isatap.{6F8705C6-46FD-4875-93C8-618DADDCB53F}
12 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.134 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.134 281
192.168.1.134 255.255.255.255 On-link 192.168.1.134 281
192.168.1.255 255.255.255.255 On-link 192.168.1.134 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.134 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.134 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
11 281 fe80::/64 On-link
11 281 fe80::addf:b57:b13e:2da6/128
On-link
1 306 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [61440] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [62976] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [78848] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [78848] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [27648] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)

**** End of log ****

Thank you.

#4 Sightless

Sightless

  • Members
  • 435 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Up in the Clouds
  • Local time:12:08 AM

Posted 26 November 2012 - 08:44 PM

How is it running now?

Please download DrWeb-CureIt and save it to your desktop. DO NOT perform a scan yet.

Reboot your computer in "Safe Mode" using the F8 method. To do this, restart your computer and after hearing your computer beep once during startup (but before the Windows icon appears) press the F8 key repeatedly. A menu will appear with several options. Use the arrow keys to navigate and select the option to run Windows in "Safe Mode".

Scan with Dr.Web CureIt as follows:
  • Double-click on drweb-cureit.exe to start the program.
  • Cancel any prompts to download the latest CureIt version and click Start.
  • At the prompt to "Start scan now", click Ok. Allow the setup.exe/driver to load if asked by any of your security programs.
  • The Express scan will automatically begin.
    (This is a short scan of files currently running in memory, boot sectors, and targeted folders).
  • If an infected object is found, you will be prompted to move anything that cannot be cured. Click Yes to All.
  • When complete, click Select All, then choose Cure > Move incurable.
    (This will move any detected files to the C:\Documents and Settings\userprofile\DoctorWeb\Quarantine folder if they can't be cured)
  • Now put a check next to Complete scan to scan all local disks and removable media.
  • In the top menu, click Settings > Change settings, and UNcheck "Heuristic analysis" under the "Scanning" tab, then click Ok.
  • Back at the main window, click the green arrow "Start Scanning" button on the right under the Dr.Web logo.
  • When the scan is complete, a message will be displayed at the bottom indicating if any viruses were found.
  • Click "Yes to all" if asked to cure or move the file(s) and select "Move incurable".
  • In the top menu, click file and choose save report list.
  • Save the DrWeb.csv report to your desktop.
  • Exit Dr.Web Cureit when done.
  • Important! Reboot your computer because it could be possible that files in use will be moved/deleted during reboot.
  • After reboot, post the contents of the log from Dr.Web in your next reply. (You can use Notepad to open the DrWeb.cvs report)


#5 destry.stevens

destry.stevens
  • Topic Starter

  • Members
  • 88 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:08 PM

Posted 27 November 2012 - 12:54 AM

Update on function,

Dr. Web is still running "complete Scan"

However the laptop surfs the web just fine in Safe mode with networking. But it will not access in when running in regular mode.

will post Dr. Web report in my next post.

thanks for your help.

#6 destry.stevens

destry.stevens
  • Topic Starter

  • Members
  • 88 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:08 PM

Posted 27 November 2012 - 10:32 AM

laptop still won't connect to the internet when running Vista normally, however, it will surf the net when running in Safe mode with networking.

I can't get the Dr. Web-Cureit log file to paste in to this field. any ideas on how to get it to you, or a small section that would suffice versus the whole document. It is quite a size-able document.

#7 Sightless

Sightless

  • Members
  • 435 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Up in the Clouds
  • Local time:12:08 AM

Posted 27 November 2012 - 12:36 PM

Hi, go to http://pastebin.com/. Paste the log file into the box labeled "new paste". Change the paste exposure to "unlisted" and give it a title. Click submit and then paste the URL here.

#8 destry.stevens

destry.stevens
  • Topic Starter

  • Members
  • 88 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:08 PM

Posted 27 November 2012 - 07:57 PM

Okay, so I tried the Pastebin.com thing. No luck. I decided to see how big the file was so I opened it with Microsoft word, single spaced, font size 10 the file is approximately 11465 pages in length, obviously I did something wrong when I scanned the laptop with Dr. Web-Cureit. I will rescan and save a new log and try again if you want me to.

I don't know what else to do as the machine is operating the same as when we started.

#9 Sightless

Sightless

  • Members
  • 435 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Up in the Clouds
  • Local time:12:08 AM

Posted 27 November 2012 - 08:49 PM

Hi, the Dr. Web logs are generally really log for some reason.

See if you can find the section where it has found infected files. Look at the end of the log, or search for "quarantined", "cure", or "infect" (do a "find" by pressing ctrl+f)

#10 destry.stevens

destry.stevens
  • Topic Starter

  • Members
  • 88 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:08 PM

Posted 27 November 2012 - 10:00 PM

Hello, I went through the Dr.Web-Cureit file and at the very end it states that there were 7 infected files 6 where moved and 1 was incurable. I cut and pasted the section that showed the file names that were moved, and the very end where it states the total numbers of infected files and such.

I hope this helps.


>C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\QBackup\{0470C82C-BC1A-42D0-A83C-92F7A95F27D8}\{1B9ED573-4D8B-49C6-A7EF-8BCBFFA5B0EC}.qbd - archive contains infected objects - moved

>C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\QBackup\{1011FEB5-B90B-4C4E-87CC-EC780B635BC6}\{19734FDF-C350-4418-B95F-5F278A09C18F}.qbd - archive contains infected objects - moved

>C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\QBackup\{47C2F93E-CA38-49C9-81A3-18D7844A6CFA}\{F4D427CD-742F-496C-995A-8DA7C09E98F8}.qbd - archive contains infected objects - moved

>>>C:\Documents and Settings\mariah\DoctorWeb\Quarantine\{19734FDF-C350-4418-B95F-5F278A09C18F}.qbd/data001 - is an adware Adware.Siggen.13406
>C:\Documents and Settings\mariah\DoctorWeb\Quarantine\{19734FDF-C350-4418-B95F-5F278A09C18F}.qbd - archive contains infected objects - moved
C:\Documents and Settings\mariah\DoctorWeb\Quarantine\{1B9ED573-4D8B-49C6-A7EF-8BCBFFA5B0EC}.qbd packed by BINARY PACKAGE
>C:\Documents and Settings\mariah\DoctorWeb\Quarantine\{1B9ED573-4D8B-49C6-A7EF-8BCBFFA5B0EC}.qbd - archive BINARYRES
>>C:\Documents and Settings\mariah\DoctorWeb\Quarantine\{1B9ED573-4D8B-49C6-A7EF-8BCBFFA5B0EC}.qbd/data001 packed by XOREXE
>>>C:\Documents and Settings\mariah\DoctorWeb\Quarantine\{1B9ED573-4D8B-49C6-A7EF-8BCBFFA5B0EC}.qbd/data001 - is an adware Adware.Siggen.21559
>C:\Documents and Settings\mariah\DoctorWeb\Quarantine\{1B9ED573-4D8B-49C6-A7EF-8BCBFFA5B0EC}.qbd - archive contains infected objects - moved
C:\Documents and Settings\mariah\DoctorWeb\Quarantine\{F4D427CD-742F-496C-995A-8DA7C09E98F8}.qbd packed by BINARY PACKAGE
>C:\Documents and Settings\mariah\DoctorWeb\Quarantine\{F4D427CD-742F-496C-995A-8DA7C09E98F8}.qbd - archive BINARYRES
>>C:\Documents and Settings\mariah\DoctorWeb\Quarantine\{F4D427CD-742F-496C-995A-8DA7C09E98F8}.qbd/data001 packed by XOREXE
>>>C:\Documents and Settings\mariah\DoctorWeb\Quarantine\{F4D427CD-742F-496C-995A-8DA7C09E98F8}.qbd/data001 - is an adware Adware.Siggen.13406
>C:\Documents and Settings\mariah\DoctorWeb\Quarantine\{F4D427CD-742F-496C-995A-8DA7C09E98F8}.qbd - archive contains infected objects - moved
**
Scan statistics
-----------------------------------------------------------------------------
Scanned: 257232
Infected: 0
Modifications: 0
Suspicious: 0
Adware: 7
Dialers: 0
Jokes: 0
Riskware: 1
Hacktools: 0
Cured: 0
Deleted: 0
Renamed: 0
Moved: 6
Ignored: 0
Scan speed: 74 Kb/s
Scan time: 6:47:32
-----------------------------------------------------------------------------

C:\Program Files (x86)\Play Pickle\ppun.exe - deleted
C:\Windows\Downloaded Program Files\popcaploader.dll - incurable - moved

=============================================================================
Total session statistics
=============================================================================
Scanned: 293001
Infected: 0
Modifications: 0
Suspicious: 0
Adware: 7
Dialers: 0
Jokes: 0
Riskware: 1
Hacktools: 0
Cured: 0
Deleted: 1
Renamed: 0
Moved: 7
Ignored: 0
Scan speed: 57 Kb/s
Scan time: 6:48:21
=============================================================================

#11 Sightless

Sightless

  • Members
  • 435 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Up in the Clouds
  • Local time:12:08 AM

Posted 27 November 2012 - 11:04 PM

Hi, I've got someone else coming to take a look at this, we'll see what he can do.

#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,430 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:08 AM

Posted 28 November 2012 - 09:40 AM

Hello,
For the connection try these...

Please click Start > Run, type inetcpl.cpl in the runbox and press enter.
Click the Connections tab and click the LAN settings option.
Verify if "Use a proxy..." is checked, if so, UNcheck it and click OK/OK to exit.


Now check if the internet is working again.



OR



Go to Start ... Run and type in cmd
A dos Window will appear.
Type in the dos window: netsh winsock reset
Click on the enter key.

Reboot your system to complete the process.



If needed : type these one line at a time, press enter after each line. See if it works after each.


netsh interface ipv4 reset
netsh interface ipv6 reset
ipconfig /flushdns


If connected run...

Please download aswMBR ( 4.5MB ) to your desktop.
  • Double click the aswMBR.exe icon, and click Run.
  • When asked if you'd like to "download the latest Avast! virus definitions", click Yes.
  • Click the Scan button to start the scan.
  • On completion of the scan, click the save log button, save it to your desktop, then copy and paste it in your next reply.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 destry.stevens

destry.stevens
  • Topic Starter

  • Members
  • 88 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:08 PM

Posted 28 November 2012 - 01:14 PM

I tried all of the cmd prompt fixes you suggested, cmd prompt was ran as administrator.. Internet explorer would not connect after any of those fixes. I downloaded the aswMBR.exe and ran the scan, the log is below.

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2012-11-28 09:58:46
-----------------------------
09:58:46.680 OS Version: Windows x64 6.0.6002 Service Pack 2
09:58:46.680 Number of processors: 2 586 0x170A
09:58:46.680 ComputerName: MARIAH-PC UserName: mariah
09:58:49.098 Initialize success
09:59:00.665 AVAST engine download error: 0
10:05:15.892 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
10:05:15.892 Disk 0 Vendor: TOSHIBA_MK5055GSX FG001J Size: 476940MB BusType: 3
10:05:16.282 Disk 0 MBR read successfully
10:05:16.282 Disk 0 MBR scan
10:05:16.282 Disk 0 unknown MBR code
10:05:16.298 Disk 0 Partition 1 00 27 Hidden NTFS WinRE MSDOS5.0 12000 MB offset 2048
10:05:16.313 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 464938 MB offset 24578048
10:05:16.329 Disk 0 scanning C:\Windows\system32\drivers
10:05:22.631 Service scanning
10:05:59.666 Modules scanning
10:05:59.666 Disk 0 trace - called modules:
10:05:59.712 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
10:05:59.728 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005c10790]
10:05:59.728 3 CLASSPNP.SYS[fffffa60011d2c33] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004bc0060]
10:05:59.744 Scan finished successfully
10:09:03.340 Disk 0 MBR has been saved successfully to "C:\Users\mariah\Desktop\MBR.dat"
10:09:03.356 The log file has been saved successfully to "C:\Users\mariah\Desktop\aswMBR.txt"

#14 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,430 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:08 AM

Posted 28 November 2012 - 02:14 PM

Looks like a rootkit in that last log.. We have to remove it in another section.


Please follow this Preparation Guide and post in a new topic.

Let me know if all went well.

Include this link back to here...
http://www.bleepingcomputer.com/forums/topic476492.html/page__pid__2907794#top
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users