Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Microsoft Security Essentails will not open


  • Please log in to reply
36 replies to this topic

#1 buddysixstar

buddysixstar

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:08:03 PM

Posted 10 January 2013 - 01:12 PM

Started having trouble with yahoo search being redirected and notice that Microsoft Security Essentails will not open.
When I open it by clicking on START then programs, it will open for a micro second but then close.

It doesnt seem to be doing any damage but its completely annoying.
Hopefully someone can advise how to fix.

Thanks

Edited by bloopie, 10 January 2013 - 01:49 PM.
Moved from XP to Aii. ~bloopie


BC AdBot (Login to Remove)

 


#2 Allan

Allan

  • BC Advisor
  • 8,589 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Jersey
  • Local time:09:03 PM

Posted 10 January 2013 - 01:18 PM

Your system is infected. I've asked the staff to move this to the correct forum. Please wait for a malware specialist to respond.

#3 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:03 PM

Posted 10 January 2013 - 01:55 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#4 buddysixstar

buddysixstar
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:08:03 PM

Posted 10 January 2013 - 02:36 PM

14:31:28.0031 2336 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
14:31:28.0593 2336 ============================================================
14:31:28.0593 2336 Current date / time: 2013/01/10 14:31:28.0593
14:31:28.0593 2336 SystemInfo:
14:31:28.0593 2336
14:31:28.0593 2336 OS Version: 5.1.2600 ServicePack: 3.0
14:31:28.0593 2336 Product type: Workstation
14:31:28.0593 2336 ComputerName: HP-DAVID
14:31:28.0593 2336 UserName: David
14:31:28.0593 2336 Windows directory: C:\WINDOWS
14:31:28.0593 2336 System windows directory: C:\WINDOWS
14:31:28.0593 2336 Processor architecture: Intel x86
14:31:28.0593 2336 Number of processors: 4
14:31:28.0593 2336 Page size: 0x1000
14:31:28.0593 2336 Boot type: Normal boot
14:31:28.0593 2336 ============================================================
14:31:32.0765 2336 Drive \Device\Harddisk0\DR0 - Size: 0x7470900000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED80, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
14:31:32.0765 2336 Drive \Device\Harddisk2\DR4 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
14:31:46.0875 2336 ============================================================
14:31:46.0875 2336 \Device\Harddisk0\DR0:
14:31:46.0875 2336 MBR partitions:
14:31:46.0875 2336 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A380D41
14:31:46.0875 2336 \Device\Harddisk2\DR4:
14:31:46.0875 2336 MBR partitions:
14:31:46.0875 2336 \Device\Harddisk2\DR4\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2542D682
14:31:46.0875 2336 ============================================================
14:31:46.0953 2336 C: <-> \Device\Harddisk0\DR0\Partition1
14:31:47.0109 2336 G: <-> \Device\Harddisk2\DR4\Partition1
14:31:47.0109 2336 ============================================================
14:31:47.0109 2336 Initialize success
14:31:47.0109 2336 ============================================================
14:32:27.0406 2340 ============================================================
14:32:27.0406 2340 Scan started
14:32:27.0406 2340 Mode: Manual; TDLFS;
14:32:27.0406 2340 ============================================================
14:32:27.0718 2340 ================ Scan system memory ========================
14:32:30.0468 2340 System memory - ok
14:32:30.0468 2340 ================ Scan services =============================
14:32:30.0609 2340 [ 01E81C84AD1D0ACC61CF3CFD06632210 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
14:32:30.0640 2340 !SASCORE - ok
14:32:30.0781 2340 Abiosdsk - ok
14:32:30.0781 2340 abp480n5 - ok
14:32:30.0828 2340 [ 0F2D66D5F08EBE2F77BB904288DCF6F0 ] ac97intc C:\WINDOWS\system32\drivers\ac97intc.sys
14:32:30.0843 2340 ac97intc - ok
14:32:30.0890 2340 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
14:32:30.0906 2340 ACPI - ok
14:32:30.0937 2340 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
14:32:30.0968 2340 ACPIEC - ok
14:32:30.0968 2340 ADIHdAudAddService - ok
14:32:30.0984 2340 [ 9A11864873DA202C996558B2106B0BBC ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys
14:32:30.0984 2340 adpu160m - ok
14:32:31.0015 2340 [ 0EA9B1F0C6C90A509C8603775366ADB7 ] adpu320 C:\WINDOWS\system32\DRIVERS\adpu320.sys
14:32:31.0031 2340 adpu320 - ok
14:32:31.0031 2340 AEAudio - ok
14:32:31.0093 2340 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
14:32:31.0093 2340 aec - ok
14:32:31.0156 2340 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
14:32:31.0187 2340 AFD - ok
14:32:31.0203 2340 Aha154x - ok
14:32:31.0218 2340 [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys
14:32:31.0250 2340 aic78u2 - ok
14:32:31.0265 2340 [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys
14:32:31.0265 2340 aic78xx - ok
14:32:31.0296 2340 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
14:32:31.0312 2340 Alerter - ok
14:32:31.0328 2340 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
14:32:31.0359 2340 ALG - ok
14:32:31.0359 2340 AliIde - ok
14:32:31.0359 2340 amsint - ok
14:32:31.0703 2340 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:32:31.0765 2340 Apple Mobile Device - ok
14:32:31.0906 2340 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
14:32:31.0968 2340 AppMgmt - ok
14:32:31.0968 2340 asc - ok
14:32:31.0984 2340 asc3350p - ok
14:32:31.0984 2340 asc3550 - ok
14:32:32.0109 2340 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
14:32:32.0140 2340 aspnet_state - ok
14:32:32.0171 2340 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
14:32:32.0203 2340 AsyncMac - ok
14:32:32.0234 2340 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
14:32:32.0234 2340 atapi - ok
14:32:32.0234 2340 Atdisk - ok
14:32:32.0265 2340 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
14:32:32.0281 2340 Atmarpc - ok
14:32:32.0328 2340 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
14:32:32.0343 2340 AudioSrv - ok
14:32:32.0359 2340 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
14:32:32.0359 2340 audstub - ok
14:32:32.0406 2340 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
14:32:32.0453 2340 Beep - ok
14:32:32.0531 2340 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
14:32:32.0609 2340 BITS - ok
14:32:32.0656 2340 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
14:32:32.0687 2340 Browser - ok
14:32:32.0703 2340 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
14:32:32.0734 2340 cbidf2k - ok
14:32:32.0765 2340 [ FDC06E2ADA8C468EBB161624E03976CF ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
14:32:32.0765 2340 CCDECODE - ok
14:32:32.0765 2340 cd20xrnt - ok
14:32:32.0796 2340 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
14:32:32.0828 2340 Cdaudio - ok
14:32:32.0859 2340 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
14:32:32.0859 2340 Cdfs - ok
14:32:32.0890 2340 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
14:32:32.0906 2340 Cdrom - ok
14:32:32.0921 2340 [ 2A5815CA6FFF24B688C01F828B96819C ] Changer C:\WINDOWS\system32\drivers\Changer.sys
14:32:32.0937 2340 Changer - ok
14:32:32.0953 2340 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
14:32:32.0953 2340 CiSvc - ok
14:32:32.0968 2340 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
14:32:33.0000 2340 ClipSrv - ok
14:32:33.0031 2340 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:32:33.0109 2340 clr_optimization_v2.0.50727_32 - ok
14:32:33.0125 2340 CmdIde - ok
14:32:33.0156 2340 [ 216F2C5CD4B5858D9A80A09A5479562B ] CompFilter C:\WINDOWS\system32\DRIVERS\lvbusflt.sys
14:32:33.0171 2340 CompFilter - ok
14:32:33.0171 2340 COMSysApp - ok
14:32:33.0171 2340 Cpqarray - ok
14:32:33.0187 2340 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
14:32:33.0187 2340 CryptSvc - ok
14:32:33.0203 2340 dac2w2k - ok
14:32:33.0203 2340 dac960nt - ok
14:32:33.0265 2340 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
14:32:33.0281 2340 DcomLaunch - ok
14:32:33.0312 2340 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
14:32:33.0312 2340 Dhcp - ok
14:32:33.0328 2340 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
14:32:33.0328 2340 Disk - ok
14:32:33.0390 2340 [ 795278665264C0B13BEBBD29AE86B412 ] DLABOIOM C:\WINDOWS\system32\DLA\DLABOIOM.SYS
14:32:33.0421 2340 DLABOIOM - ok
14:32:33.0453 2340 [ 7581407A6A3C56860AE31E6E423FE824 ] DLACDBHM C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
14:32:33.0453 2340 DLACDBHM - ok
14:32:33.0484 2340 [ 5CA787A303418595294BED9B46DADFDB ] DLADResN C:\WINDOWS\system32\DLA\DLADResN.SYS
14:32:33.0484 2340 DLADResN - ok
14:32:33.0484 2340 [ B84498F23D7A9EEF825A1A6123BC5854 ] DLAIFS_M C:\WINDOWS\system32\DLA\DLAIFS_M.SYS
14:32:33.0484 2340 DLAIFS_M - ok
14:32:33.0500 2340 [ 97ECA0DDBE0330E6BB4C79BCCFEBF3E4 ] DLAOPIOM C:\WINDOWS\system32\DLA\DLAOPIOM.SYS
14:32:33.0500 2340 DLAOPIOM - ok
14:32:33.0500 2340 [ 571D7EC728EC65A0EE7EA7E618D56A36 ] DLAPoolM C:\WINDOWS\system32\DLA\DLAPoolM.SYS
14:32:33.0500 2340 DLAPoolM - ok
14:32:33.0500 2340 [ 693DFD92D41A3D270053CD97834E4960 ] DLARTL_N C:\WINDOWS\system32\Drivers\DLARTL_N.SYS
14:32:33.0500 2340 DLARTL_N - ok
14:32:33.0515 2340 [ 248EB7B4554408A741FD6734C55A36C2 ] DLAUDFAM C:\WINDOWS\system32\DLA\DLAUDFAM.SYS
14:32:33.0515 2340 DLAUDFAM - ok
14:32:33.0515 2340 [ 1CFABDED94431A56CFDBD783B2457E7B ] DLAUDF_M C:\WINDOWS\system32\DLA\DLAUDF_M.SYS
14:32:33.0515 2340 DLAUDF_M - ok
14:32:33.0515 2340 dmadmin - ok
14:32:33.0593 2340 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
14:32:33.0625 2340 dmboot - ok
14:32:33.0625 2340 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
14:32:33.0625 2340 dmio - ok
14:32:33.0640 2340 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
14:32:33.0640 2340 dmload - ok
14:32:33.0687 2340 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
14:32:33.0687 2340 dmserver - ok
14:32:33.0718 2340 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
14:32:33.0718 2340 DMusic - ok
14:32:33.0750 2340 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
14:32:33.0750 2340 Dnscache - ok
14:32:33.0781 2340 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
14:32:33.0796 2340 Dot3svc - ok
14:32:33.0828 2340 [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys
14:32:33.0859 2340 dpti2o - ok
14:32:33.0859 2340 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
14:32:33.0859 2340 drmkaud - ok
14:32:33.0890 2340 [ D626B0037E3585C12520F1E5CD67DFDE ] DRVMCDB C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
14:32:33.0890 2340 DRVMCDB - ok
14:32:33.0890 2340 [ 2AEEE1600D0F14BA535F90A1F4411B54 ] DRVNDDM C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
14:32:33.0890 2340 DRVNDDM - ok
14:32:33.0937 2340 [ 3FCA03CBCA11269F973B70FA483C88EF ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys
14:32:33.0953 2340 E100B - ok
14:32:33.0968 2340 e1express - ok
14:32:34.0015 2340 [ 8BED3DBBB13D2C8E1C1C9DECEC309826 ] e1kexpress C:\WINDOWS\system32\DRIVERS\e1k5132.sys
14:32:34.0031 2340 e1kexpress - ok
14:32:34.0062 2340 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
14:32:34.0078 2340 EapHost - ok
14:32:34.0125 2340 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
14:32:34.0156 2340 ERSvc - ok
14:32:34.0203 2340 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
14:32:34.0250 2340 Eventlog - ok
14:32:34.0296 2340 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
14:32:34.0312 2340 EventSystem - ok
14:32:34.0359 2340 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
14:32:34.0359 2340 Fastfat - ok
14:32:34.0437 2340 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
14:32:34.0437 2340 FastUserSwitchingCompatibility - ok
14:32:34.0468 2340 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
14:32:34.0484 2340 Fdc - ok
14:32:34.0515 2340 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
14:32:34.0546 2340 Fips - ok
14:32:34.0562 2340 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
14:32:34.0593 2340 Flpydisk - ok
14:32:34.0625 2340 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
14:32:34.0640 2340 FltMgr - ok
14:32:34.0765 2340 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
14:32:34.0812 2340 FontCache3.0.0.0 - ok
14:32:34.0812 2340 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
14:32:34.0812 2340 Fs_Rec - ok
14:32:34.0828 2340 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
14:32:34.0828 2340 Ftdisk - ok
14:32:34.0875 2340 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
14:32:34.0921 2340 GEARAspiWDM - ok
14:32:34.0953 2340 [ 483924F92E55A5F9423201EC635E2CED ] gfibto C:\WINDOWS\system32\drivers\gfibto.sys
14:32:34.0953 2340 gfibto - ok
14:32:34.0968 2340 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
14:32:34.0984 2340 Gpc - ok
14:32:35.0109 2340 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
14:32:35.0125 2340 gupdate - ok
14:32:35.0140 2340 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
14:32:35.0140 2340 gupdatem - ok
14:32:35.0171 2340 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
14:32:35.0171 2340 HDAudBus - ok
14:32:35.0203 2340 [ C865D1F6D03595DF213DC3C67E4E4C58 ] HECI C:\WINDOWS\system32\DRIVERS\HECI.sys
14:32:35.0218 2340 HECI - ok
14:32:35.0328 2340 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
14:32:35.0328 2340 helpsvc - ok
14:32:35.0343 2340 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
14:32:35.0375 2340 HidServ - ok
14:32:35.0406 2340 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
14:32:35.0421 2340 HidUsb - ok
14:32:35.0437 2340 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
14:32:35.0468 2340 hkmsvc - ok
14:32:35.0500 2340 [ 299683D4C8AAA3F6F5D5D226A1782A6E ] HPFXBULK C:\WINDOWS\system32\drivers\hpfxbulk.sys
14:32:35.0500 2340 HPFXBULK - ok
14:32:35.0531 2340 [ F728DB73A87231E27B6BA34D71CE2EDB ] HPFXFAX C:\WINDOWS\system32\drivers\hpfxfax.sys
14:32:35.0546 2340 HPFXFAX - ok
14:32:35.0546 2340 hpn - ok
14:32:35.0718 2340 [ F50F7984FDD151EDD8A70A8DBD9E2A44 ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
14:32:35.0718 2340 hpqcxs08 - ok
14:32:35.0781 2340 [ DF446BA625CC441617843E87798CE048 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
14:32:35.0781 2340 hpqddsvc - ok
14:32:35.0781 2340 HPZid412 - ok
14:32:35.0781 2340 HPZipr12 - ok
14:32:35.0828 2340 [ ABCB05CCDBF03000354B9553820E39F8 ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
14:32:35.0843 2340 HPZius12 - ok
14:32:35.0906 2340 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
14:32:35.0937 2340 HTTP - ok
14:32:35.0968 2340 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
14:32:35.0984 2340 HTTPFilter - ok
14:32:36.0015 2340 [ 9368670BD426EBEA5E8B18A62416EC28 ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
14:32:36.0015 2340 i2omgmt - ok
14:32:36.0015 2340 i2omp - ok
14:32:36.0046 2340 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
14:32:36.0046 2340 i8042prt - ok
14:32:36.0093 2340 [ 06B7EF73BA5F302EECC294CDF7E19702 ] i81x C:\WINDOWS\system32\DRIVERS\i81xnt5.sys
14:32:36.0109 2340 i81x - ok
14:32:36.0125 2340 [ 7B5B44EFE5EB9DADFB8EE29700885D23 ] iAimFP0 C:\WINDOWS\system32\DRIVERS\wADV01nt.sys
14:32:36.0140 2340 iAimFP0 - ok
14:32:36.0140 2340 [ EB1F6BAB6C22EDE0BA551B527475F7E9 ] iAimFP1 C:\WINDOWS\system32\DRIVERS\wADV02NT.sys
14:32:36.0140 2340 iAimFP1 - ok
14:32:36.0156 2340 [ 03CE989D846C1AA81145CB22FCB86D06 ] iAimFP2 C:\WINDOWS\system32\DRIVERS\wADV05NT.sys
14:32:36.0156 2340 iAimFP2 - ok
14:32:36.0171 2340 [ 525849B4469DE021D5D61B4DB9BE3A9D ] iAimFP3 C:\WINDOWS\system32\DRIVERS\wSiINTxx.sys
14:32:36.0171 2340 iAimFP3 - ok
14:32:36.0171 2340 [ 589C2BCDB5BD602BF7B63D210407EF8C ] iAimFP4 C:\WINDOWS\system32\DRIVERS\wVchNTxx.sys
14:32:36.0187 2340 iAimFP4 - ok
14:32:36.0187 2340 [ 0308AEF61941E4AF478FA1A0F83812F5 ] iAimFP5 C:\WINDOWS\system32\DRIVERS\wADV07nt.sys
14:32:36.0187 2340 iAimFP5 - ok
14:32:36.0187 2340 [ 714038A8AA5DE08E12062202CD7EAEB5 ] iAimFP6 C:\WINDOWS\system32\DRIVERS\wADV08nt.sys
14:32:36.0187 2340 iAimFP6 - ok
14:32:36.0187 2340 [ 7BB3AA595E4507A788DE1CDC63F4C8C4 ] iAimFP7 C:\WINDOWS\system32\DRIVERS\wADV09nt.sys
14:32:36.0187 2340 iAimFP7 - ok
14:32:36.0203 2340 [ D83BDD5C059667A2F647A6BE5703A4D2 ] iAimTV0 C:\WINDOWS\system32\DRIVERS\wATV01nt.sys
14:32:36.0203 2340 iAimTV0 - ok
14:32:36.0203 2340 [ ED968D23354DAA0D7C621580C012A1F6 ] iAimTV1 C:\WINDOWS\system32\DRIVERS\wATV02NT.sys
14:32:36.0203 2340 iAimTV1 - ok
14:32:36.0203 2340 [ D738273F218A224C1DDAC04203F27A84 ] iAimTV3 C:\WINDOWS\system32\DRIVERS\wATV04nt.sys
14:32:36.0203 2340 iAimTV3 - ok
14:32:36.0218 2340 [ 0052D118995CBAB152DAABE6106D1442 ] iAimTV4 C:\WINDOWS\system32\DRIVERS\wCh7xxNT.sys
14:32:36.0218 2340 iAimTV4 - ok
14:32:36.0218 2340 [ 791CC45DE6E50445BE72E8AD6401FF45 ] iAimTV5 C:\WINDOWS\system32\DRIVERS\wATV10nt.sys
14:32:36.0218 2340 iAimTV5 - ok
14:32:36.0218 2340 [ 352FA0E98BC461CE1CE5D41F64DB558D ] iAimTV6 C:\WINDOWS\system32\DRIVERS\wATV06nt.sys
14:32:36.0218 2340 iAimTV6 - ok
14:32:36.0265 2340 [ 0674CE8AE167D830B871A99C677C5C59 ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
14:32:36.0296 2340 ialm - ok
14:32:36.0359 2340 [ F4037A3FEDB92DD97C95F320766EA5C9 ] iaStor C:\WINDOWS\system32\DRIVERS\iaStor.sys
14:32:36.0359 2340 iaStor - ok
14:32:36.0468 2340 [ 8FFF9083252C16FE3960173722605E9E ] IAStorDataMgrSvc C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
14:32:36.0468 2340 IAStorDataMgrSvc - ok
14:32:36.0562 2340 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
14:32:36.0593 2340 IDriverT - ok
14:32:36.0703 2340 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:32:36.0718 2340 idsvc - ok
14:32:36.0765 2340 [ F67554DA27D5B55EFCB6C7CB4818FBFD ] IFXTPM C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS
14:32:36.0796 2340 IFXTPM - ok
14:32:36.0796 2340 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
14:32:36.0796 2340 Imapi - ok
14:32:36.0875 2340 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
14:32:36.0875 2340 ImapiService - ok
14:32:36.0890 2340 ini910u - ok
14:32:37.0093 2340 [ 70A42B2D9B5ABDC3D91CEEBA0618B22D ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
14:32:37.0250 2340 IntcAzAudAddService - ok
14:32:37.0281 2340 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
14:32:37.0281 2340 IntelIde - ok
14:32:37.0312 2340 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
14:32:37.0312 2340 intelppm - ok
14:32:37.0359 2340 [ 9D7069D72C0C72952F05E1688A5AE89D ] iomdisk C:\WINDOWS\system32\DRIVERS\iomdisk.sys
14:32:37.0390 2340 iomdisk - ok
14:32:37.0468 2340 [ 19EF7FB809D3073EE60F85464E9C4C51 ] Iomega App Services C:\PROGRA~1\Iomega\System32\AppServices.exe
14:32:37.0468 2340 Iomega App Services - ok
14:32:37.0500 2340 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
14:32:37.0515 2340 Ip6Fw - ok
14:32:37.0515 2340 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
14:32:37.0531 2340 IpFilterDriver - ok
14:32:37.0531 2340 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
14:32:37.0546 2340 IpInIp - ok
14:32:37.0546 2340 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
14:32:37.0546 2340 IpNat - ok
14:32:37.0625 2340 [ E6BE7A41A28D8F2DB174957454D32448 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
14:32:37.0640 2340 iPod Service - ok
14:32:37.0640 2340 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
14:32:37.0640 2340 IPSec - ok
14:32:37.0671 2340 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
14:32:37.0703 2340 IRENUM - ok
14:32:37.0750 2340 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
14:32:37.0750 2340 isapnp - ok
14:32:37.0859 2340 [ 9AE07549A0D691A103FAF8946554BDB7 ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
14:32:37.0859 2340 JavaQuickStarterService - ok
14:32:37.0906 2340 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
14:32:37.0906 2340 Kbdclass - ok
14:32:37.0937 2340 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
14:32:37.0937 2340 kbdhid - ok
14:32:37.0968 2340 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
14:32:37.0984 2340 kmixer - ok
14:32:38.0031 2340 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
14:32:38.0062 2340 KSecDD - ok
14:32:38.0093 2340 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
14:32:38.0109 2340 lanmanserver - ok
14:32:38.0156 2340 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
14:32:38.0171 2340 lanmanworkstation - ok
14:32:38.0171 2340 [ 406598827A1B5F77954DE11DDE115CED ] lbrtfdc C:\WINDOWS\system32\drivers\lbrtfdc.sys
14:32:38.0171 2340 lbrtfdc - ok
14:32:38.0296 2340 [ 793FF718477345CD5D232C50BED1E452 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
14:32:38.0296 2340 LightScribeService - ok
14:32:38.0328 2340 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
14:32:38.0343 2340 LmHosts - ok
14:32:38.0390 2340 [ 8BE71D7EDB8C7494913722059F760DD0 ] LVPr2Mon C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys
14:32:38.0437 2340 LVPr2Mon - ok
14:32:38.0515 2340 [ 2333057542C91AE8228BDCCC2E5F2632 ] LVPrcSrv C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
14:32:38.0515 2340 LVPrcSrv - ok
14:32:38.0625 2340 [ A1857FBB9B4930EEB2FD92386C45C529 ] LVRS C:\WINDOWS\system32\DRIVERS\lvrs.sys
14:32:38.0656 2340 LVRS - ok
14:32:38.0781 2340 [ 3703406AF0726BADD24C5E552493E5B1 ] LVUVC C:\WINDOWS\system32\DRIVERS\lvuvc.sys
14:32:38.0843 2340 LVUVC - ok
14:32:38.0921 2340 [ 7CF1B716372B89568AE4C0FE769F5869 ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
14:32:38.0921 2340 MDM - ok
14:32:38.0953 2340 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
14:32:38.0968 2340 Messenger - ok
14:32:38.0984 2340 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
14:32:38.0984 2340 mnmdd - ok
14:32:39.0000 2340 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
14:32:39.0031 2340 mnmsrvc - ok
14:32:39.0062 2340 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
14:32:39.0093 2340 Modem - ok
14:32:39.0093 2340 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
14:32:39.0093 2340 Mouclass - ok
14:32:39.0125 2340 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
14:32:39.0156 2340 mouhid - ok
14:32:39.0187 2340 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
14:32:39.0187 2340 MountMgr - ok
14:32:39.0218 2340 [ EE728AF83850DDAD9A3FCAC0AAB3AD97 ] MpFilter C:\WINDOWS\system32\DRIVERS\MpFilter.sys
14:32:39.0234 2340 MpFilter - ok
14:32:39.0250 2340 mraid35x - ok
14:32:39.0250 2340 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
14:32:39.0250 2340 MRxDAV - ok
14:32:39.0296 2340 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
14:32:39.0312 2340 MRxSmb - ok
14:32:39.0343 2340 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
14:32:39.0343 2340 MSDTC - ok
14:32:39.0343 2340 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
14:32:39.0343 2340 Msfs - ok
14:32:39.0343 2340 MSIServer - ok
14:32:39.0375 2340 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
14:32:39.0375 2340 MSKSSRV - ok
14:32:39.0453 2340 [ E077FCA2A7E79FB9BF67D3E30B5CE593 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
14:32:39.0500 2340 MsMpSvc - ok
14:32:39.0515 2340 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
14:32:39.0546 2340 MSPCLOCK - ok
14:32:39.0562 2340 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
14:32:39.0562 2340 MSPQM - ok
14:32:39.0562 2340 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
14:32:39.0593 2340 mssmbios - ok
14:32:39.0625 2340 [ D5059366B361F0E1124753447AF08AA2 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
14:32:39.0625 2340 MSTEE - ok
14:32:39.0671 2340 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
14:32:39.0687 2340 Mup - ok
14:32:39.0718 2340 [ AC31B352CE5E92704056D409834BEB74 ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
14:32:39.0750 2340 NABTSFEC - ok
14:32:39.0796 2340 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
14:32:39.0828 2340 napagent - ok
14:32:39.0843 2340 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
14:32:39.0843 2340 NDIS - ok
14:32:39.0875 2340 [ ABD7629CF2796250F315C1DD0B6CF7A0 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
14:32:39.0875 2340 NdisIP - ok
14:32:39.0890 2340 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
14:32:39.0953 2340 NdisTapi - ok
14:32:39.0968 2340 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
14:32:39.0968 2340 Ndisuio - ok
14:32:39.0984 2340 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
14:32:39.0984 2340 NdisWan - ok
14:32:40.0031 2340 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
14:32:40.0046 2340 NDProxy - ok
14:32:40.0078 2340 [ 51C6D8BFBD4EA5B62A1BA7F4469250D3 ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll
14:32:40.0093 2340 Net Driver HPZ12 - ok
14:32:40.0125 2340 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
14:32:40.0125 2340 NetBIOS - ok
14:32:40.0140 2340 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
14:32:40.0156 2340 NetBT - ok
14:32:40.0171 2340 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
14:32:40.0203 2340 NetDDE - ok
14:32:40.0218 2340 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
14:32:40.0218 2340 NetDDEdsdm - ok
14:32:40.0250 2340 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
14:32:40.0265 2340 Netlogon - ok
14:32:40.0343 2340 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
14:32:40.0343 2340 Netman - ok
14:32:40.0421 2340 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:32:40.0421 2340 NetTcpPortSharing - ok
14:32:40.0484 2340 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
14:32:40.0484 2340 Nla - ok
14:32:40.0531 2340 [ 6623E51595C0076755C29C00846C4EB2 ] npf C:\WINDOWS\system32\drivers\npf.sys
14:32:40.0578 2340 npf - ok
14:32:40.0625 2340 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
14:32:40.0625 2340 Npfs - ok
14:32:40.0656 2340 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
14:32:40.0671 2340 Ntfs - ok
14:32:40.0671 2340 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
14:32:40.0671 2340 NtLmSsp - ok
14:32:40.0718 2340 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
14:32:40.0734 2340 NtmsSvc - ok
14:32:40.0781 2340 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
14:32:40.0781 2340 Null - ok
14:32:41.0156 2340 [ BC26A471A28674D47B5AA3FB0E444064 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
14:32:41.0359 2340 nv - ok
14:32:41.0468 2340 [ F829BAF3E5A14670373117746555E95D ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
14:32:41.0468 2340 NVSvc - ok
14:32:41.0500 2340 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
14:32:41.0500 2340 NwlnkFlt - ok
14:32:41.0515 2340 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
14:32:41.0546 2340 NwlnkFwd - ok
14:32:41.0656 2340 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:32:41.0671 2340 odserv - ok
14:32:41.0703 2340 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:32:41.0703 2340 ose - ok
14:32:41.0734 2340 [ C90018BAFDC7098619A4A95B046B30F3 ] P3 C:\WINDOWS\system32\DRIVERS\p3.sys
14:32:41.0734 2340 P3 - ok
14:32:41.0734 2340 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
14:32:41.0734 2340 Parport - ok
14:32:41.0796 2340 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
14:32:41.0796 2340 PartMgr - ok
14:32:41.0875 2340 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
14:32:41.0906 2340 ParVdm - ok
14:32:41.0937 2340 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
14:32:41.0937 2340 PCI - ok
14:32:41.0937 2340 PCIDump - ok
14:32:41.0937 2340 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
14:32:41.0937 2340 PCIIde - ok
14:32:41.0953 2340 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
14:32:41.0953 2340 Pcmcia - ok
14:32:41.0953 2340 PDCOMP - ok
14:32:41.0953 2340 PDFRAME - ok
14:32:41.0953 2340 PDRELI - ok
14:32:41.0968 2340 PDRFRAME - ok
14:32:41.0968 2340 perc2 - ok
14:32:41.0968 2340 perc2hib - ok
14:32:42.0015 2340 [ 8754763A924639B9D07D4C8EA9990F1E ] PhilCam8116 C:\WINDOWS\system32\DRIVERS\CamDrO21.sys
14:32:42.0031 2340 PhilCam8116 - ok
14:32:42.0062 2340 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
14:32:42.0062 2340 PlugPlay - ok
14:32:42.0093 2340 [ 79834AA2FBF9FE81EEBB229024F6F7FC ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll
14:32:42.0125 2340 Pml Driver HPZ12 - ok
14:32:42.0125 2340 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
14:32:42.0125 2340 PolicyAgent - ok
14:32:42.0125 2340 [ C740D0CB238670629AF1B740414A8F3C ] ppa3 C:\WINDOWS\system32\DRIVERS\ppa3.sys
14:32:42.0156 2340 ppa3 - ok
14:32:42.0171 2340 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
14:32:42.0171 2340 PptpMiniport - ok
14:32:42.0171 2340 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
14:32:42.0171 2340 ProtectedStorage - ok
14:32:42.0187 2340 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
14:32:42.0187 2340 PSched - ok
14:32:42.0187 2340 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
14:32:42.0187 2340 Ptilink - ok
14:32:42.0203 2340 [ D86B4A68565E444D76457F14172C875A ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
14:32:42.0234 2340 PxHelp20 - ok
14:32:42.0343 2340 [ 45FF9E4EC506FCA0C263A3299809B73A ] QBCFMonitorService c:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
14:32:42.0359 2340 QBCFMonitorService - ok
14:32:42.0406 2340 [ 6BEE1814470DC12FA20C53DFC3C97EBB ] QBFCService c:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
14:32:42.0421 2340 QBFCService - ok
14:32:42.0515 2340 [ 147552E28311DB3E86188A356A7A9F9C ] QBVSS C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe
14:32:42.0531 2340 QBVSS - ok
14:32:42.0531 2340 ql1080 - ok
14:32:42.0546 2340 Ql10wnt - ok
14:32:42.0546 2340 ql12160 - ok
14:32:42.0546 2340 ql1240 - ok
14:32:42.0546 2340 ql1280 - ok
14:32:42.0562 2340 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
14:32:42.0562 2340 RasAcd - ok
14:32:42.0609 2340 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
14:32:42.0656 2340 RasAuto - ok
14:32:42.0671 2340 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
14:32:42.0671 2340 Rasl2tp - ok
14:32:42.0703 2340 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
14:32:42.0718 2340 RasMan - ok
14:32:42.0750 2340 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
14:32:42.0750 2340 RasPppoe - ok
14:32:42.0750 2340 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
14:32:42.0750 2340 Raspti - ok
14:32:42.0765 2340 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
14:32:42.0765 2340 Rdbss - ok
14:32:42.0765 2340 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
14:32:42.0781 2340 RDPCDD - ok
14:32:42.0781 2340 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
14:32:42.0781 2340 rdpdr - ok
14:32:42.0859 2340 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
14:32:42.0906 2340 RDPWD - ok
14:32:42.0937 2340 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
14:32:42.0953 2340 RDSessMgr - ok
14:32:42.0968 2340 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
14:32:42.0968 2340 redbook - ok
14:32:42.0984 2340 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
14:32:43.0015 2340 RemoteAccess - ok
14:32:43.0031 2340 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
14:32:43.0046 2340 RemoteRegistry - ok
14:32:43.0062 2340 [ 2C4FB2E9F039287767C384E46EE91030 ] RimSerPort C:\WINDOWS\system32\DRIVERS\RimSerial.sys
14:32:43.0078 2340 RimSerPort - ok
14:32:43.0125 2340 [ F17713D108ACA124A139FDE877EEF68A ] RimUsb C:\WINDOWS\system32\Drivers\RimUsb.sys
14:32:43.0187 2340 RimUsb - ok
14:32:43.0187 2340 [ 2C4FB2E9F039287767C384E46EE91030 ] RimVSerPort C:\WINDOWS\system32\DRIVERS\RimSerial.sys
14:32:43.0187 2340 RimVSerPort - ok
14:32:43.0187 2340 [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7 ] ROOTMODEM C:\WINDOWS\system32\Drivers\RootMdm.sys
14:32:43.0203 2340 ROOTMODEM - ok
14:32:43.0281 2340 RoxLiveShare9 - ok
14:32:43.0281 2340 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
14:32:43.0312 2340 RpcLocator - ok
14:32:43.0359 2340 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll
14:32:43.0359 2340 RpcSs - ok
14:32:43.0437 2340 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
14:32:43.0484 2340 RSVP - ok
14:32:43.0500 2340 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
14:32:43.0500 2340 SamSs - ok
14:32:43.0562 2340 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
14:32:43.0593 2340 SASDIFSV - ok
14:32:43.0640 2340 [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
14:32:43.0656 2340 SASKUTIL - ok
14:32:43.0656 2340 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
14:32:43.0687 2340 SCardSvr - ok
14:32:43.0859 2340 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
14:32:43.0953 2340 Schedule - ok
14:32:44.0140 2340 [ 54196CDAC7E1D81D71C652E100B99E77 ] ScsiAccess C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe
14:32:44.0218 2340 ScsiAccess - ok
14:32:44.0281 2340 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
14:32:44.0359 2340 Secdrv - ok
14:32:44.0437 2340 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
14:32:44.0484 2340 seclogon - ok
14:32:44.0546 2340 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
14:32:44.0562 2340 SENS - ok
14:32:44.0703 2340 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
14:32:44.0781 2340 serenum - ok
14:32:44.0875 2340 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
14:32:44.0906 2340 Serial - ok
14:32:45.0031 2340 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
14:32:45.0093 2340 Sfloppy - ok
14:32:45.0265 2340 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
14:32:45.0375 2340 SharedAccess - ok
14:32:45.0468 2340 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
14:32:45.0468 2340 ShellHWDetection - ok
14:32:45.0468 2340 Simbad - ok
14:32:45.0703 2340 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
14:32:45.0765 2340 SkypeUpdate - ok
14:32:45.0843 2340 [ 1FFC44D6787EC1EA9A2B1440A90FA5C1 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
14:32:45.0843 2340 SLIP - ok
14:32:45.0843 2340 Sparrow - ok
14:32:45.0937 2340 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
14:32:45.0968 2340 splitter - ok
14:32:46.0062 2340 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
14:32:46.0140 2340 Spooler - ok
14:32:46.0187 2340 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
14:32:46.0187 2340 sr - ok
14:32:46.0234 2340 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
14:32:46.0234 2340 srservice - ok
14:32:46.0281 2340 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
14:32:46.0296 2340 Srv - ok
14:32:46.0312 2340 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
14:32:46.0328 2340 SSDPSRV - ok
14:32:46.0406 2340 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
14:32:46.0484 2340 stisvc - ok
14:32:46.0515 2340 [ A9F9FD0212E572B84EDB9EB661F6BC04 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
14:32:46.0531 2340 streamip - ok
14:32:46.0562 2340 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
14:32:46.0593 2340 swenum - ok
14:32:46.0656 2340 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
14:32:46.0671 2340 swmidi - ok
14:32:46.0671 2340 SwPrv - ok
14:32:46.0703 2340 [ 1FF3217614018630D0A6758630FC698C ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys
14:32:46.0734 2340 symc810 - ok
14:32:46.0734 2340 [ 070E001D95CF725186EF8B20335F933C ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys
14:32:46.0734 2340 symc8xx - ok
14:32:46.0734 2340 [ F2B7E8416F508368AC6730E2AE1C614F ] Symmpi C:\WINDOWS\system32\DRIVERS\symmpi.sys
14:32:46.0750 2340 Symmpi - ok
14:32:46.0750 2340 [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys
14:32:46.0765 2340 sym_hi - ok
14:32:46.0765 2340 [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys
14:32:46.0765 2340 sym_u3 - ok
14:32:46.0796 2340 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
14:32:46.0796 2340 sysaudio - ok
14:32:46.0828 2340 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
14:32:46.0859 2340 SysmonLog - ok
14:32:46.0890 2340 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
14:32:46.0906 2340 TapiSrv - ok
14:32:47.0000 2340 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
14:32:47.0015 2340 Tcpip - ok
14:32:47.0046 2340 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
14:32:47.0062 2340 TDPIPE - ok
14:32:47.0078 2340 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
14:32:47.0093 2340 TDTCP - ok
14:32:47.0125 2340 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
14:32:47.0125 2340 TermDD - ok
14:32:47.0203 2340 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
14:32:47.0218 2340 TermService - ok
14:32:47.0218 2340 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
14:32:47.0218 2340 Themes - ok
14:32:47.0265 2340 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
14:32:47.0296 2340 TlntSvr - ok
14:32:47.0296 2340 TosIde - ok
14:32:47.0328 2340 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
14:32:47.0359 2340 TrkWks - ok
14:32:47.0375 2340 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
14:32:47.0375 2340 Udfs - ok
14:32:47.0390 2340 ultra - ok
14:32:47.0421 2340 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
14:32:47.0437 2340 upnphost - ok
14:32:47.0468 2340 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
14:32:47.0500 2340 UPS - ok
14:32:47.0546 2340 [ EAFE1E00739AFE6C51487A050E772E17 ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
14:32:47.0562 2340 USBAAPL - ok
14:32:47.0640 2340 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
14:32:47.0640 2340 usbaudio - ok
14:32:47.0671 2340 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
14:32:47.0671 2340 usbccgp - ok
14:32:47.0718 2340 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
14:32:47.0765 2340 usbehci - ok
14:32:47.0781 2340 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
14:32:47.0828 2340 usbhub - ok
14:32:47.0828 2340 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
14:32:47.0828 2340 usbprint - ok
14:32:47.0859 2340 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
14:32:47.0875 2340 usbscan - ok
14:32:47.0875 2340 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
14:32:47.0875 2340 USBSTOR - ok
14:32:47.0906 2340 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
14:32:47.0937 2340 usbuhci - ok
14:32:47.0953 2340 [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
14:32:47.0984 2340 usbvideo - ok
14:32:48.0015 2340 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
14:32:48.0046 2340 VgaSave - ok
14:32:48.0046 2340 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
14:32:48.0062 2340 ViaIde - ok
14:32:48.0078 2340 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
14:32:48.0078 2340 VolSnap - ok
14:32:48.0156 2340 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
14:32:48.0156 2340 VSS - ok
14:32:48.0218 2340 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
14:32:48.0218 2340 W32Time - ok
14:32:48.0250 2340 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
14:32:48.0250 2340 Wanarp - ok
14:32:48.0250 2340 WDICA - ok
14:32:48.0265 2340 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
14:32:48.0265 2340 wdmaud - ok
14:32:48.0281 2340 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
14:32:48.0281 2340 WebClient - ok
14:32:48.0406 2340 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
14:32:48.0406 2340 winmgmt - ok
14:32:48.0453 2340 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
14:32:48.0468 2340 WmdmPmSN - ok
14:32:48.0515 2340 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll
14:32:48.0515 2340 Wmi - ok
14:32:48.0515 2340 [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
14:32:48.0531 2340 WmiAcpi - ok
14:32:48.0609 2340 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
14:32:48.0625 2340 WmiApSrv - ok
14:32:48.0750 2340 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
14:32:48.0812 2340 WMPNetworkSvc - ok
14:32:48.0859 2340 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
14:32:48.0875 2340 WpdUsb - ok
14:32:48.0921 2340 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
14:32:48.0953 2340 wscsvc - ok
14:32:48.0984 2340 [ 233CDD1C06942115802EB7CE6669E099 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
14:32:48.0984 2340 WSTCODEC - ok
14:32:49.0031 2340 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
14:32:49.0031 2340 wuauserv - ok
14:32:49.0078 2340 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
14:32:49.0109 2340 WudfPf - ok
14:32:49.0125 2340 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
14:32:49.0125 2340 WudfRd - ok
14:32:49.0156 2340 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
14:32:49.0171 2340 WudfSvc - ok
14:32:49.0250 2340 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
14:32:49.0265 2340 WZCSVC - ok
14:32:49.0281 2340 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
14:32:49.0312 2340 xmlprov - ok
14:32:49.0390 2340 [ B624180218BB196AD9869D5D6B454318 ] _IOMEGA_ACTIVE_DISK_SERVICE_ C:\Program Files\Iomega\AutoDisk\ADService.exe
14:32:49.0390 2340 _IOMEGA_ACTIVE_DISK_SERVICE_ - ok
14:32:49.0406 2340 ================ Scan global ===============================
14:32:49.0453 2340 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
14:32:49.0515 2340 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
14:32:49.0531 2340 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
14:32:49.0546 2340 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
14:32:49.0546 2340 [Global] - ok
14:32:49.0546 2340 ================ Scan MBR ==================================
14:32:49.0578 2340 [ 671B81004FDD1588FA9ED1331C9CECA9 ] \Device\Harddisk0\DR0
14:32:49.0875 2340 \Device\Harddisk0\DR0 - ok
14:32:49.0875 2340 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk2\DR4
14:32:50.0093 2340 \Device\Harddisk2\DR4 - ok
14:32:50.0093 2340 ================ Scan VBR ==================================
14:32:50.0109 2340 [ 9DAEDEDBB835AD6070786CD3843097C8 ] \Device\Harddisk0\DR0\Partition1
14:32:50.0109 2340 \Device\Harddisk0\DR0\Partition1 - ok
14:32:50.0109 2340 [ 018BFEFF0C793135888B91ABC1256284 ] \Device\Harddisk2\DR4\Partition1
14:32:50.0109 2340 \Device\Harddisk2\DR4\Partition1 - ok
14:32:50.0109 2340 ============================================================
14:32:50.0109 2340 Scan finished
14:32:50.0109 2340 ============================================================
14:32:50.0125 2120 Detected object count: 0
14:32:50.0125 2120 Actual detected object count: 0

#5 buddysixstar

buddysixstar
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:08:03 PM

Posted 10 January 2013 - 04:00 PM

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-01-10 14:37:52
-----------------------------
14:37:52.828 OS Version: Windows 5.1.2600 Service Pack 3
14:37:52.828 Number of processors: 4 586 0x2505
14:37:52.828 ComputerName: HP-DAVID UserName: David
14:37:53.953 Initialize success
14:44:09.375 AVAST engine defs: 13011000
14:44:24.250 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
14:44:24.250 Disk 0 Vendor: Intel___ 1.0. Size: 476937MB BusType: 8
14:44:24.281 Disk 0 MBR read successfully
14:44:24.281 Disk 0 MBR scan
14:44:24.453 Disk 0 unknown MBR code
14:44:24.484 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 476929 MB offset 63
14:44:24.484 Disk 0 scanning sectors +976752000
14:44:24.562 Disk 0 scanning C:\WINDOWS\system32\drivers
14:44:38.718 Service scanning
14:45:02.375 Modules scanning
14:45:07.328 Module: C:\WINDOWS\System32\DLA\DLADResN.SYS **SUSPICIOUS**
14:45:08.468 Disk 0 trace - called modules:
14:45:08.671 ntkrnlpa.exe CLASSPNP.SYS disk.sys iomdisk.sys hal.dll iaStor.sys
14:45:09.000 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8b7502d8]
14:45:09.015 3 CLASSPNP.SYS[b80e8fd7] -> nt!IofCallDriver -> [0x8b750840]
14:45:09.015 5 iomdisk.sys[b8340bc3] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x8b72c028]
14:45:09.640 AVAST engine scan C:\WINDOWS
14:45:32.468 AVAST engine scan C:\WINDOWS\system32
14:49:26.984 AVAST engine scan C:\WINDOWS\system32\drivers
14:49:55.437 AVAST engine scan C:\Documents and Settings\David
15:56:43.109 AVAST engine scan C:\Documents and Settings\All Users
15:59:39.531 Scan finished successfully
16:00:03.109 Disk 0 MBR has been saved successfully to "C:\MBR.dat"
16:00:03.109 The log file has been saved successfully to "C:\aswMBR.txt"

#6 buddysixstar

buddysixstar
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:08:03 PM

Posted 10 January 2013 - 06:12 PM

Operating memory probably a variant of Win32/Ponmocup.AA trojan

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:03 PM

Posted 10 January 2013 - 06:53 PM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#8 buddysixstar

buddysixstar
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:08:03 PM

Posted 11 January 2013 - 12:16 AM

Malwarebytes Anti-Malware (Trial) 1.70.0.1100
www.malwarebytes.org

Database version: v2013.01.11.03

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
David :: HP-DAVID [administrator]

Protection: Enabled

1/10/2013 10:26:17 PM
mbam-log-2013-01-10 (22-26-17).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 451882
Time elapsed: 1 hour(s), 12 minute(s), 15 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 8
HKCR\CLSID\{7FE26BE2-B923-4B41-9834-E84DA1CC1F96} (Adware.ClosetMaid) -> Quarantined and deleted successfully.
HKCR\TypeLib\{BFC48A4D-75B9-455B-A4C3-9DC3F940B245} (Adware.ClosetMaid) -> Quarantined and deleted successfully.
HKCR\Interface\{4040A92C-93F0-49B4-9DD0-93E1887E724A} (Adware.ClosetMaid) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/DOWNLOADED PROGRAM FILES/CMAIDCTL.OCX (Adware.ClosetMaid) -> Quarantined and deleted successfully.
HKCR\CMaidCtlApp.MaidCtrl.1 (Adware.ClosetMaid) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{7FE26BE2-B923-4B41-9834-E84DA1CC1F96} (Adware.ClosetMaid) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7FE26BE2-B923-4B41-9834-E84DA1CC1F96} (Adware.ClosetMaid) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{7FE26BE2-B923-4B41-9834-E84DA1CC1F96} (Adware.ClosetMaid) -> Quarantined and deleted successfully.

Registry Values Detected: 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\WINDOWS\DOWNLOADED PROGRAM FILES\CMAIDCTL.OCX (Adware.ClosetMaid) -> Data: 1 -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 2
C:\WINDOWS\Downloaded Program Files\CMAIDCTL.OCX (Adware.ClosetMaid) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\config\systemprofile\Application Data\fvgqad.dat (Malware.Trace) -> Quarantined and deleted successfully.

(end)

#9 buddysixstar

buddysixstar
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:08:03 PM

Posted 11 January 2013 - 12:28 AM

MiniToolBox by Farbar Version:10-01-2013
Ran by David (administrator) on 11-01-2013 at 00:25:12
Running from "C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\OOIL19K9"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================


127.0.0.1 localhost

========================= IP Configuration: ================================

Intel® 82578DM Gigabit Network Connection = Local Area Connection 3 (Connected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection 3"

set address name="Local Area Connection 3" source=dhcp
set dns name="Local Area Connection 3" source=dhcp register=PRIMARY
set wins name="Local Area Connection 3" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : HP-DAVID

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Mixed

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter Local Area Connection 3:



Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Intel® 82578DM Gigabit Network Connection

Physical Address. . . . . . . . . : 2C-27-D7-2A-DC-14

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.0.4

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.0.1

DHCP Server . . . . . . . . . . . : 192.168.0.1

DNS Servers . . . . . . . . . . . : 63.130.182.53

63.130.182.54

Lease Obtained. . . . . . . . . . : Friday, January 11, 2013 12:19:03 AM

Lease Expires . . . . . . . . . . : Saturday, January 12, 2013 12:19:03 AM

Server: goldfish.tciway.tc
Address: 63.130.182.53

Name: google.com
Addresses: 173.194.37.71, 173.194.37.72, 173.194.37.73, 173.194.37.78
173.194.37.64, 173.194.37.65, 173.194.37.66, 173.194.37.67, 173.194.37.68
173.194.37.69, 173.194.37.70



Pinging google.com [173.194.37.70] with 32 bytes of data:



Reply from 173.194.37.70: bytes=32 time=37ms TTL=54

Reply from 173.194.37.70: bytes=32 time=34ms TTL=54



Ping statistics for 173.194.37.70:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 34ms, Maximum = 37ms, Average = 35ms

Server: goldfish.tciway.tc
Address: 63.130.182.53

Name: yahoo.com
Addresses: 98.138.253.109, 98.139.183.24, 72.30.38.140



Pinging yahoo.com [72.30.38.140] with 32 bytes of data:



Reply from 72.30.38.140: bytes=32 time=167ms TTL=51

Reply from 72.30.38.140: bytes=32 time=96ms TTL=51



Ping statistics for 72.30.38.140:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 96ms, Maximum = 167ms, Average = 131ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...2c 27 d7 2a dc 14 ...... Intel® 82578DM Gigabit Network Connection - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.4 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.0.0 255.255.255.0 192.168.0.4 192.168.0.4 20
192.168.0.4 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.0.255 255.255.255.255 192.168.0.4 192.168.0.4 20
224.0.0.0 240.0.0.0 192.168.0.4 192.168.0.4 20
255.255.255.255 255.255.255.255 192.168.0.4 192.168.0.4 1
Default Gateway: 192.168.0.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/09/2013 04:43:27 PM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 0x80070003, P2 moac, P3 cachereset, P4 4.1.522.0, P5 unspecified, P6 unspecified, P7 unspecified, P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

Error: (01/09/2013 04:40:25 PM) (Source: Microsoft Security Client) (User: )
Description: mssecurityclientsetup.exe4.1.522.00x8004ff52common client setup outcomesetresultdatapoints0security essentialsNILNILNIL

Error: (01/09/2013 04:40:24 PM) (Source: Microsoft Security Client Setup) (User: )
Description: HRESULT:0x8004FF52
Description:. 0x8004FF52. Programs: Microsoft Forefront Client Security Antimalware Service

Error: (01/07/2013 01:46:39 PM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks Accountant 2011":
DBConnPool::HandleConnectionError errorCode:-6069, dbCode:-103 from file:'.\.\src\ConnPool.cpp' at line 1038 from function:'DBMgr::DBConnPool::init'

Error: (01/07/2013 01:46:39 PM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks Accountant 2011":
Connection String:CON=QBConnectionPool-Probe-QB_data_engine_21; ;DBF=C:\Documents and Settings\All Users\Documents\Intuit\QuickBooks\Company Files\LEEWARD OWNERS ASSOCIATION LIMITED.QBW;ENG=QB_data_engine_21;DBN=535860a6e9a742e0952b77dd626db87d

Error: (01/07/2013 01:46:39 PM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks Accountant 2011":
Connection Error:Invalid user ID or password

Error: (01/07/2013 01:46:09 PM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle

Error: (01/07/2013 01:46:09 PM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle

Error: (01/07/2013 01:46:09 PM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle

Error: (01/03/2013 04:55:43 PM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module adawaretb.dll, version 5.0.8.248, fault address 0x00039174.
Processing media-specific event for [iexplore.exe!ws!]


System errors:
=============
Error: (01/11/2013 00:20:42 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
atapi
i8042prt
PCIIde
ppa3

Error: (01/11/2013 00:20:42 AM) (Source: Service Control Manager) (User: )
Description: The HP CUE DeviceDiscovery Service service hung on starting.

Error: (01/10/2013 06:09:20 PM) (Source: DCOM) (User: HP-DAVID)
Description: Unable to start a DCOM Server: {078AEF33-C48A-49F7-AFF3-A0EE810BFE7C}.
The error:
"%%2"
Happened while starting this command:
C:\WINDOWS\system32\igfxsrvc.exe -Embedding

Error: (01/10/2013 06:09:20 PM) (Source: DCOM) (User: HP-DAVID)
Description: Unable to start a DCOM Server: {C2BFE331-6739-4270-86C9-493D9A04CD38}.
The error:
"%%2"
Happened while starting this command:
C:\WINDOWS\system32\igfxsrvc.exe -Embedding

Error: (01/10/2013 06:09:16 PM) (Source: DCOM) (User: HP-DAVID)
Description: Unable to start a DCOM Server: {078AEF33-C48A-49F7-AFF3-A0EE810BFE7C}.
The error:
"%%2"
Happened while starting this command:
C:\WINDOWS\system32\igfxsrvc.exe -Embedding

Error: (01/10/2013 06:09:16 PM) (Source: DCOM) (User: HP-DAVID)
Description: Unable to start a DCOM Server: {C2BFE331-6739-4270-86C9-493D9A04CD38}.
The error:
"%%2"
Happened while starting this command:
C:\WINDOWS\system32\igfxsrvc.exe -Embedding

Error: (01/10/2013 11:05:13 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
i8042prt

Error: (01/10/2013 11:05:13 AM) (Source: Service Control Manager) (User: )
Description: The HP CUE DeviceDiscovery Service service hung on starting.

Error: (01/10/2013 06:57:02 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
i8042prt

Error: (01/10/2013 06:57:02 AM) (Source: Service Control Manager) (User: )
Description: The HP CUE DeviceDiscovery Service service hung on starting.


Microsoft Office Sessions:
=========================
Error: (05/06/2011 08:46:23 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6555.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 57 seconds with 0 seconds of active time. This session ended with a crash.

Error: (10/15/2010 09:08:42 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6539.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1162 seconds with 360 seconds of active time. This session ended with a crash.

Error: (10/12/2010 06:52:24 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6539.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 21193 seconds with 2700 seconds of active time. This session ended with a crash.

Error: (01/06/2010 07:08:50 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 176 seconds with 60 seconds of active time. This session ended with a crash.

Error: (12/25/2009 00:47:27 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 13 seconds with 0 seconds of active time. This session ended with a crash.

Error: (10/14/2009 02:41:23 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 55 seconds with 0 seconds of active time. This session ended with a crash.

Error: (06/01/2009 10:25:31 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6423.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 958 seconds with 600 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

2007 Microsoft Office system (Version: 12.0.6612.1000)
32 Bit HP BiDi Channel Components Installer (Version: 1.1.0.2)
32 Bit HP CIO Components Installer (Version: 1.0.0)
Acrobat.com (Version: 2.1.0)
Acrobat.com (Version: 2.1.0.0)
Active Disk
Adobe AIR (Version: 1.5.3.9130)
Adobe Flash Player 10 ActiveX (Version: 10.3.181.34)
Adobe Reader 9.3.2 (Version: 9.3.2)
Apple Application Support (Version: 2.1.9)
Apple Mobile Device Support (Version: 5.2.0.6)
Apple Software Update (Version: 2.1.3.127)
AutoUpdate (Version: 1.1)
BlackBerry Desktop Software 6.0 (Version: 6.0.0.43)
BufferChm (Version: 100.0.170.000)
CameraHelperMsi (Version: 13.10.1217.0)
CP_AtenaShokunin1Config (Version: 45.4.131.000)
cp_dwShrek2Albums1 (Version: 45.4.157.000)
cp_dwShrek2Cards1 (Version: 45.4.157.000)
CreativeProjects (Version: 45.4.157.000)
CreativeProjectsTemplates (Version: 45.4.157.000)
Critical Update for Windows Media Player 11 (KB959772)
CueTour (Version: 45.4.157.000)
CustomerResearchQFolder (Version: 1.00.0000)
Dell Driver Download Manager (Version: 2.1.0.0)
Destination Component (Version: 100.0.0.0)
DeviceDiscovery (Version: 100.0.190.000)
DeviceManagementQFolder (Version: 1.00.0000)
DivX Codec (Version: 6.8.2)
DivX Converter (Version: 6.6.0)
DivX Player (Version: 6.8.1)
DivX Plus Web Player (Version: 2.0.0)
DocProc (Version: 10.0.0.0)
DocProcQFolder (Version: 1.00.0000)
DocumentViewer (Version: 45.4.157.000)
erLT (Version: 1.20.138.34)
ESET Online Scanner v3
getPlus®_ocx
Google Chrome (Version: 23.0.1271.97)
Google Earth (Version: 4.2.198.2451)
Google SketchUp Viewer (Version: 9.9.999)
Google Update Helper (Version: 1.3.21.123)
High Definition Audio Driver Package - KB888111 (Version: 20040219.000000)
Highlight Viewer (Windows Live Toolbar) (Version: 03.01.0146)
Home Designer Architectural 2014 (Version: 15.1.0.0)
Home Designer Tutorial Training Videos (Version: 0.0.0.0)
HP Color LaserJet CM1312 MFP Series 5.0 (Version: 5.0)
HP Customer Participation Program 10.0 (Version: 10.0)
HP Help and Support (Version: 4.2.0010)
HP Image Zone 4.7 (Version: 4.7)
HP Imaging Device Functions 10.0 (Version: 10.0)
HP Photosmart Essential 2.5 (Version: 1.02.0000)
HP Photosmart Essential 2.5 (Version: 2.5)
HP Smart Web Printing (Version: 3.5)
HP Unload DLL Patch (Version: 1.00.0000)
HP Update (Version: 4.000.007.003)
hppCLJCM1312 (Version: 001.000.00131)
hppFaxDrvCM1312 (Version: 005.000.00001)
hppFaxUtilityCM1312 (Version: 001.000.00130)
hppFonts (Version: 001.001.00061)
hppManualsCM1312 (Version: 001.000.00135)
hppscanCM1312 (Version: 001.000.00131)
hppScanToCM1312 (Version: 001.000.00128)
hppSendFaxCM1312 (Version: 005.000.00001)
hppusgCM1312 (Version: 1.1.0.1)
HPSSupply (Version: 100.0.170.000)
HPSystemDiagnostics (Version: 1.6.0.0)
InstantShare (Version: 45.4.157.000)
Intel® Network Connections 15.2.89.2 (Version: 15.2.89.2)
Intel® Rapid Storage Technology (Version: 10.1.0.1008)
InterVideo WinDVD (Version: 5.0-B11.285)
IomegaWare 4.0.2
iTunes (Version: 10.6.3.25)
Java Auto Updater (Version: 2.0.2.4)
Java™ 6 Update 22 (Version: 6.0.220)
Landscaping and Deck Designer 8 (Version: 8.5.1.15)
LightScribe 1.4.142.1 (Version: 1.4.142.1)
Logitech Vid HD (Version: 7.2 (7240))
Logitech Webcam Software (Version: 2.0)
LWS Facebook (Version: 13.10.1216.0)
LWS Gallery (Version: 13.10.1216.0)
LWS Help_main (Version: 13.10.1224.0)
LWS Launcher (Version: 13.10.1224.0)
LWS Motion Detection (Version: 13.10.1218.0)
LWS Pictures And Video (Version: 13.10.1218.0)
LWS Twitter (Version: 13.00.1216.0)
LWS Video Mask Maker (Version: 13.10.1216.0)
LWS VideoEffects (Version: 13.00.1774.0)
LWS Webcam Software (Version: 13.00.1774.0)
LWS WLM Plugin (Version: 1.00.1774.0)
LWS YouTube Plugin (Version: 13.10.1216.0)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
Map Button (Windows Live Toolbar) (Version: 03.01.0146)
MarketResearch (Version: 100.0.170.000)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2742597)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office 2007 Primary Interop Assemblies (Version: 12.0.4518.1014)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Professional Hybrid 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs (Version: 12.0.4518.1014)
Microsoft Security Client (Version: 4.1.0522.0)
Microsoft Security Essentials (Version: 4.1.522.0)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft Software Update for Web Folders (English) 12 (Version: 12.0.6612.1000)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual Studio 2005 Tools for Office Runtime (Version: 8.0.60940.0)
MSN
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
MSXML 6.0 Parser (KB933579) (Version: 6.10.1200.0)
Nikon Message Center (Version: 0.91.000)
NVIDIA Control Panel 306.79 (Version: 306.79)
NVIDIA Graphics Driver 306.79 (Version: 306.79)
NVIDIA Install Application (Version: 2.1002.85.551)
NVIDIA nView 136.53 (Version: 136.53)
OCR Software by I.R.I.S. 10.0 (Version: 10.0)
overland (Version: 2.1.5)
Photodex Presenter
PhotoGallery (Version: 45.4.157.000)
Photomatix Pro version 4.2.5b (Version: 4.2.5b)
PictureProject (Version: 1.0)
PictureProject In Touch Downloader 1.0 (Version: 1.0)
ProShow Producer
PSSWCORE (Version: 2.02.0000)
QuickBooks (Version: 20.0.4014.807)
QuickBooks (Version: 21.0.4009.904)
QuickBooks Premier: Accountant Edition 2011 (Version: 21.0.4009.904)
QuickBooks Pro 2010 (Version: 20.0.4014.807)
QuickProjects (Version: 5.35.0.047)
Realtek High Definition Audio Driver (Version: 5.10.0.6291)
RealtyServer Application Suite (Version: 6.0.1)
Rosetta Stone 2.1.5.3A (Version: 2.1.5.3)
Roxio Audio Module (Version: 2.0.4)
Roxio Copy Module (Version: 2.0.4)
Roxio Data Module (Version: 2.0.4)
Roxio DLA (Version: 5.2.0)
Roxio Express Labeler (Version: 2.0.0)
Roxio MyDVD Plus (Version: 6.1.3)
Roxio Update Manager (Version: 3.0.0)
Safari (Version: 5.33.19.4)
Scan (Version: 10.1.0.0)
SDMSSplash (Version: 1.0.0)
Segoe UI (Version: 14.0.4327.805)
Shop for HP Supplies (Version: 10.0)
SkinsHP1 (Version: 45.4.157.000)
SkinsHP2 (Version: 5.35.0.043)
Skype™ 5.10 (Version: 5.10.116)
Smart Menus (Windows Live Toolbar) (Version: 03.01.0146)
SmartWebPrintingOC (Version: 100.0.189.000)
Software Setup
SUPERAntiSpyware (Version: 5.5.1016)
Top Producer Editor
Top Producer Outlook Connector 1.2.1 (Version: 1.2.1)
Tour Builder (Version: 1.8.0.3241)
TrayApp (Version: 100.0.170.000)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2760586) 32-Bit Edition
Update for Windows Internet Explorer 8 (KB972636) (Version: 1)
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
Update for Windows Internet Explorer 8 (KB976749) (Version: 1)
Update for Windows Internet Explorer 8 (KB980182) (Version: 1)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676-v2) (Version: 2)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB943729)
Update for Windows XP (KB951072-v2) (Version: 2)
Update for Windows XP (KB951618-v2) (Version: 2)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB961503) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
VC80CRTRedist - 8.0.50727.4053 (Version: 1.1.0)
VideoToolkit01 (Version: 100.0.128.000)
Visual Studio 2005 Tools for Office Second Edition Runtime
WebFldrs XP (Version: 9.50.7523)
WebReg (Version: 100.0.170.000)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.9.0040.0)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Imaging Component (Version: 3.0.0.0)
Windows Internet Explorer 7 (Version: 20061107.210142)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live Favorites for Windows Live Toolbar (Version: 03.01.0146)
Windows Live Messenger (Version: 14.0.8117.0416)
Windows Live Sign-in Assistant (Version: 5.000.818.6)
Windows Live Toolbar (Version: 14.0.8117.416)
Windows Live Toolbar Extension (Windows Live Toolbar) (Version: 03.01.0146)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Media Format 11 runtime
Windows Media Format SDK Hotfix - KB891122
Windows PowerShell™ 1.0 (Version: 2)
Windows Presentation Foundation (Version: 3.0.6920.0)
Windows XP Service Pack 3 (Version: 20080414.031525)
XML Paper Specification Shared Components Pack 1.0
Xvid 1.1.3 final uninstall (Version: 1.1)

========================= Memory info: ===================================

Percentage of memory in use: 38%
Total physical RAM: 3575.18 MB
Available physical RAM: 2206.96 MB
Total Pagefile: 6985.56 MB
Available Pagefile: 5211.66 MB
Total Virtual: 2047.88 MB
Available Virtual: 1973.78 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:465.75 GB) (Free:355.06 GB) NTFS
2 Drive d: (Nikon D300) (CDROM) (Total:4.34 GB) (Free:0 GB) UDF
4 Drive g: (New Volume) (Fixed) (Total:298.09 GB) (Free:136.97 GB) NTFS

========================= Users: ========================================

User accounts for \\HP-DAVID

Administrator ASPNET David
Guest HelpAssistant SUPPORT_388945a0

========================= Restore Points ==================================

13-12-2012 16:21:23 System Checkpoint
14-12-2012 09:36:23 Software Distribution Service 3.0
14-12-2012 18:01:00 Software Distribution Service 3.0
15-12-2012 05:08:43 Software Distribution Service 3.0
15-12-2012 18:01:14 Software Distribution Service 3.0
16-12-2012 02:31:49 Software Distribution Service 3.0
16-12-2012 18:01:50 Software Distribution Service 3.0
17-12-2012 00:02:43 Software Distribution Service 3.0
17-12-2012 18:01:10 Software Distribution Service 3.0
17-12-2012 22:55:37 Microsoft Forefront Client Security Checkpoint
18-12-2012 17:51:54 Software Distribution Service 3.0
19-12-2012 13:30:27 Software Distribution Service 3.0
19-12-2012 18:01:03 Software Distribution Service 3.0
19-12-2012 18:12:17 Restore Operation
19-12-2012 18:19:39 Software Distribution Service 3.0
20-12-2012 14:47:54 Software Distribution Service 3.0
21-12-2012 08:43:07 Software Distribution Service 3.0
21-12-2012 16:00:31 Software Distribution Service 3.0
21-12-2012 18:01:02 Software Distribution Service 3.0
29-12-2012 00:48:29 Software Distribution Service 3.0
29-12-2012 18:01:03 Software Distribution Service 3.0
30-12-2012 16:33:52 Software Distribution Service 3.0
31-12-2012 12:44:35 Software Distribution Service 3.0
31-12-2012 18:01:02 Software Distribution Service 3.0
01-01-2013 07:24:34 Software Distribution Service 3.0
01-01-2013 18:01:01 Software Distribution Service 3.0
02-01-2013 01:19:51 Software Distribution Service 3.0
02-01-2013 18:01:03 Software Distribution Service 3.0
03-01-2013 18:00:59 Software Distribution Service 3.0
04-01-2013 14:33:10 Software Distribution Service 3.0
04-01-2013 16:00:22 Software Distribution Service 3.0
05-01-2013 09:35:45 Software Distribution Service 3.0
05-01-2013 18:01:00 Software Distribution Service 3.0
06-01-2013 03:13:40 Software Distribution Service 3.0
06-01-2013 18:01:02 Software Distribution Service 3.0
06-01-2013 23:55:47 Software Distribution Service 3.0
07-01-2013 18:01:00 Software Distribution Service 3.0
08-01-2013 16:16:01 Software Distribution Service 3.0
09-01-2013 16:00:23 Software Distribution Service 3.0
09-01-2013 18:01:43 Software Distribution Service 3.0
09-01-2013 21:17:20 Removed Ad-Aware Antivirus.
09-01-2013 21:20:59 Removed Bonjour
09-01-2013 21:28:13 Removed MobileMe Control Panel
09-01-2013 21:40:01 Removed Microsoft Forefront Client Security Antimalware Service
10-01-2013 23:01:37 System Checkpoint

**** End of log ****

#10 buddysixstar

buddysixstar
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:08:03 PM

Posted 11 January 2013 - 12:31 AM

Farbar Service Scanner Version: 05-01-2013
Ran by David (administrator) on 11-01-2013 at 00:29:37
Running from "C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\U0T64FCT"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is set to Disabled. The default start type is Auto.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
Gpc(6) IPSec(4) NetBT(5) PSched(7) Tcpip(3)
0x0A0000000A000000090000000800000004000000010000000200000003000000050000000600000007000000


**** End of log ****

#11 buddysixstar

buddysixstar
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:08:03 PM

Posted 11 January 2013 - 12:43 AM

# AdwCleaner v2.105 - Logfile created 01/11/2013 at 00:37:22
# Updated 08/01/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : David - HP-DAVID
# Boot Mode : Normal
# Running from : C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\BV3W9D6G\adwcleaner[1].exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\user.js
File Deleted : C:\WINDOWS\Tasks\Browser Manager.job
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Browser Manager
Folder Deleted : C:\Documents and Settings\David\Application Data\Babylon

***** [Registry] *****

Key Deleted : HKCU\Software\Headlight
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

-\\ Google Chrome v23.0.1271.97

File : C:\Documents and Settings\David\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [1129 octets] - [11/01/2013 00:37:22]

########## EOF - C:\AdwCleaner[S1].txt - [1189 octets] ##########

#12 buddysixstar

buddysixstar
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:08:03 PM

Posted 11 January 2013 - 01:05 AM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.4.2 (01.08.2013:1)
OS: Microsoft Windows XP x86
Ran by David on Fri 01/11/2013 at 0:45:54.06
Blog: http://thisisudax.blogspot.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\DisplayName
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\URL



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] C:\eula.1028.txt
Successfully deleted: [File] C:\eula.1031.txt
Successfully deleted: [File] C:\eula.1033.txt
Successfully deleted: [File] C:\eula.1036.txt
Successfully deleted: [File] C:\eula.1040.txt
Successfully deleted: [File] C:\eula.1041.txt
Successfully deleted: [File] C:\eula.1042.txt
Successfully deleted: [File] C:\eula.2052.txt
Successfully deleted: [File] C:\install.res.1028.dll
Successfully deleted: [File] C:\install.res.1031.dll
Successfully deleted: [File] C:\install.res.1033.dll
Successfully deleted: [File] C:\install.res.1036.dll
Successfully deleted: [File] C:\install.res.1040.dll
Successfully deleted: [File] C:\install.res.1041.dll
Successfully deleted: [File] C:\install.res.1042.dll
Successfully deleted: [File] C:\install.res.2052.dll
Successfully deleted: [File] C:\install.res.3082.dll



~~~ Folders





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 01/11/2013 at 0:56:38.81
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:03 PM

Posted 11 January 2013 - 01:50 AM

Please run malwarebytes and post the new log

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#14 buddysixstar

buddysixstar
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:08:03 PM

Posted 11 January 2013 - 09:44 PM

Malwarebytes Anti-Malware (Trial) 1.70.0.1100
www.malwarebytes.org

Database version: v2013.01.11.15

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
David :: HP-DAVID [administrator]

Protection: Enabled

1/11/2013 8:00:56 PM
mbam-log-2013-01-11 (20-00-56).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 444690
Time elapsed: 1 hour(s), 23 minute(s), 32 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#15 buddysixstar

buddysixstar
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:08:03 PM

Posted 11 January 2013 - 09:52 PM

Rkill 2.4.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 01/11/2013 09:48:18 PM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 3

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\PROGRA~1\Iomega\System32\AppServices.exe (PID: 696) [SFI]

1 proccess terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* Security Center (wscsvc) is not Running.
Startup Type set to: Disabled

* Update [Missing Service]

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost

Program finished at: 01/11/2013 09:48:57 PM
Execution time: 0 hours(s), 0 minute(s), and 38 seconds(s)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users