Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can you tell me if this strange link my Mom clicked is just SPAM or MALWARE?


  • Please log in to reply
9 replies to this topic

#1 WECpoker

WECpoker

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:34 AM

Posted 29 January 2013 - 01:19 AM

Hi

My Mom was just sent a email this evening from a known-email address (former client who she does not speak to any more due to nasty dispute and she is a known crazy person) that had some SPAM/Malware link that she clicked. Here is a copy of the email with certain info redacted. With all the addresses sent to it appears some bot or other entity besides the email owner sent it. When I first saw it I thought it was a chain letter, but it makes no sense with the link.

Posted Image

Note that when I hover the mouse over the link it does give that address, of course I did not click the link myself. I did some research and found that a Romanian Hotel has the address floris-minotel.ro but I could not determine what the welliuya.php was and thought maybe the experts might know more information on this.

I currently have her running MalwareBytes, and then told her to run her Norton Scan after that. There are no symptoms on her computer because it just happened within the last hour or so. She did say when she clicked the link it took a long time to load, and she closed it off before she got to the page.

Any insight beyond this?

Thank You for your assistance.

Edited by WECpoker, 29 January 2013 - 01:28 AM.


BC AdBot (Login to Remove)

 


#2 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,962 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:07:34 AM

Posted 29 January 2013 - 02:27 AM

I scanned the link with ScanURL, and according to them it's clean; however, something may have slipped past them. I note that the scanner didn't scan the full link, but rather the domain only - a serious oversight if you ask me. I also scanned with AVG Threat Labs, and they did the same thing with the same results.

Results page: http://scanurl.net/?u=http%3A%2F%2Ffloris-minotel.ro%2Fwelliuya.php&uesb=Check+This+URL#results

I note that the gibberish past the php didn't get included in the link in that e-mail which is good. One look at that e-mail, and I instantly identified it as spam.

I have done a Google search on welliuya.php and found a fair number website URLs with that appended along with the ? and a series of letters. Those URLs are in URLquery search results. Two of those results pages indicate TDS. One of those two also indicates IFrame injection. Whatever welliuya.php is, it's not legit.

That's the extent of what I can discover at this point. Another with more skills in scanning for malware on a system will need to assist you in determining if your mother's system is indeed compromised.

Orange Blossom :cherry:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript

#3 WECpoker

WECpoker
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:34 AM

Posted 29 January 2013 - 03:30 AM

Hi Orange Blossom,

Thank You for your response. I do not know why my Mom would ever click on this type of link as I constantly warn her about this type of email and it concerns me. She is 70+ but works on the computer every day and uses craigslist, ebay, email and other programs. I had also looked up welliuya.php but did not realize what a URLquery was in the Google results and did not understand its possible significance.

Do I wait in this thread for further assistance?

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:34 AM

Posted 30 January 2013 - 01:04 PM

Hello WECpoker,lets run some tools and see what they show.

Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results.



MiniToolBox
Please download MiniToolBox, save it to your desktop and run it.Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
>>>

ADW Cleaner

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

>>>>

I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image
      icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

NOTE:Sometimes if ESET finds no infections it will not create a log.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 WECpoker

WECpoker
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:34 AM

Posted 31 January 2013 - 02:24 AM

Hello WECpoker,lets run some tools and see what they show.


Thank You boopme. Tomorrow I will go over these procedures step-by-step with my Mom and then post the results here. I may have to go over there and do it myself if she can not get it done. But I will post back here ASAP.

Appreciate the assistance.

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:34 AM

Posted 31 January 2013 - 09:53 AM

Sounds good,I'll check back.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 WECpoker

WECpoker
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:34 AM

Posted 02 February 2013 - 05:10 AM

Sounds good,I'll check back.


Hi boopme

Went over there this evening to get this done for her. Here are the logs (note: There was no log for ESET). If they are disjointed it is because I emailed them to myself:




16:35:16.0685 3556 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
16:35:17.0340 3556 ============================================================
16:35:17.0340 3556 Current date / time: 2013/02/01 16:35:17.0340
16:35:17.0340 3556 SystemInfo:
16:35:17.0340 3556
16:35:17.0340 3556 OS Version: 6.0.6002 ServicePack: 2.0
16:35:17.0340 3556 Product type: Workstation
16:35:17.0340 3556 ComputerName: BETTE-PC
16:35:17.0340 3556 UserName: Bette
16:35:17.0340 3556 Windows directory: C:\Windows
16:35:17.0340 3556 System windows directory: C:\Windows
16:35:17.0340 3556 Processor architecture: Intel x86
16:35:17.0340 3556 Number of processors: 1
16:35:17.0340 3556 Page size: 0x1000
16:35:17.0340 3556 Boot type: Normal boot
16:35:17.0340 3556 ============================================================
16:35:19.0088 3556 Drive \Device\Harddisk0\DR0 - Size: 0x3A35294400 (232.83 Gb), SectorSize: 0x200,

Cylinders: 0x76BA, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
16:35:19.0290 3556 Drive \Device\Harddisk1\DR1 - Size: 0x783F6200 (1.88 Gb), SectorSize: 0x200,

Cylinders: 0xF5, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
16:35:19.0306 3556 ============================================================
16:35:19.0306 3556 \Device\Harddisk0\DR0:
16:35:19.0306 3556 MBR partitions:
16:35:19.0306 3556 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum

0x1E00000
16:35:19.0306 3556 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1E14000, BlocksNum

0x1B394800
16:35:19.0306 3556 \Device\Harddisk1\DR1:
16:35:19.0306 3556 MBR partitions:
16:35:19.0306 3556 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x4, StartLBA 0x1F80, BlocksNum

0x3C0030
16:35:19.0306 3556 ============================================================
16:35:19.0415 3556 C: <-> \Device\Harddisk0\DR0\Partition2
16:35:19.0462 3556 D: <-> \Device\Harddisk0\DR0\Partition1
16:35:19.0462 3556 ============================================================
16:35:19.0462 3556 Initialize success
16:35:19.0462 3556 ============================================================
16:36:00.0657 5236 ============================================================
16:36:00.0657 5236 Scan started
16:36:00.0657 5236 Mode: Manual; TDLFS;
16:36:00.0657 5236 ============================================================
16:36:02.0373 5236 ================ Scan system memory ========================
16:36:02.0373 5236 System memory - ok
16:36:02.0373 5236 ================ Scan services =============================
16:36:02.0826 5236 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32

\drivers\acpi.sys
16:36:02.0826 5236 ACPI - ok
16:36:02.0950 5236 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32

\drivers\adp94xx.sys
16:36:02.0982 5236 adp94xx - ok
16:36:03.0060 5236 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32

\drivers\adpahci.sys
16:36:03.0075 5236 adpahci - ok
16:36:03.0106 5236 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32

\drivers\adpu160m.sys
16:36:03.0106 5236 adpu160m - ok
16:36:03.0153 5236 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32

\drivers\adpu320.sys
16:36:03.0169 5236 adpu320 - ok
16:36:03.0200 5236 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32

\aelupsvc.dll
16:36:03.0216 5236 AeLookupSvc - ok
16:36:03.0278 5236 [ 330A1E4DF07C2E29949ED8631CD8828E ] AERTFilters C:\Windows\system32

\AERTSrv.exe
16:36:03.0278 5236 AERTFilters - ok
16:36:03.0356 5236 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32

\drivers\afd.sys
16:36:03.0403 5236 AFD - ok
16:36:03.0434 5236 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32

\drivers\agp440.sys
16:36:03.0450 5236 agp440 - ok
16:36:03.0481 5236 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32

\drivers\djsvs.sys
16:36:03.0496 5236 aic78xx - ok
16:36:03.0543 5236 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
16:36:03.0559 5236 ALG - ok
16:36:03.0590 5236 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32

\drivers\aliide.sys
16:36:03.0606 5236 aliide - ok
16:36:03.0637 5236 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32

\drivers\amdagp.sys
16:36:03.0637 5236 amdagp - ok
16:36:03.0652 5236 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32

\drivers\amdide.sys
16:36:03.0652 5236 amdide - ok
16:36:03.0684 5236 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32

\drivers\amdk7.sys
16:36:03.0699 5236 AmdK7 - ok
16:36:03.0746 5236 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32

\drivers\amdk8.sys
16:36:03.0746 5236 AmdK8 - ok
16:36:03.0902 5236 [ 85180CF88C5EBAD73B452A43A004CA51 ] AOL ACS C:\Program Files\Common

Files\AOL\ACS\AOLAcsd.exe
16:36:03.0918 5236 AOL ACS - ok
16:36:03.0964 5236 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32

\appinfo.dll
16:36:03.0980 5236 Appinfo - ok
16:36:04.0011 5236 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32

\drivers\arc.sys
16:36:04.0027 5236 arc - ok
16:36:04.0058 5236 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32

\drivers\arcsas.sys
16:36:04.0074 5236 arcsas - ok
16:36:04.0105 5236 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32

\DRIVERS\asyncmac.sys
16:36:04.0120 5236 AsyncMac - ok
16:36:04.0152 5236 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32

\drivers\atapi.sys
16:36:04.0152 5236 atapi - ok
16:36:04.0230 5236 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32

\Audiosrv.dll
16:36:04.0245 5236 AudioEndpointBuilder - ok
16:36:04.0261 5236 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32

\Audiosrv.dll
16:36:04.0276 5236 Audiosrv - ok
16:36:04.0323 5236 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32

\drivers\Beep.sys
16:36:04.0339 5236 Beep - ok
16:36:04.0432 5236 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
16:36:04.0432 5236 BFE - ok
16:36:04.0651 5236 [ D2A55F5FE6B716913FB573872F2E5944 ] BHDrvx86

C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28

\Definitions\BASHDefs\20130116.013\BHDrvx86.sys
16:36:04.0729 5236 BHDrvx86 - ok
16:36:04.0822 5236 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32

\qmgr.dll
16:36:04.0900 5236 BITS - ok
16:36:04.0947 5236 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32

\drivers\blbdrive.sys
16:36:04.0978 5236 blbdrive - ok
16:36:05.0025 5236 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32

\DRIVERS\bowser.sys
16:36:05.0025 5236 bowser - ok
16:36:05.0056 5236 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32

\drivers\brfiltlo.sys
16:36:05.0072 5236 BrFiltLo - ok
16:36:05.0103 5236 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32

\drivers\brfiltup.sys
16:36:05.0134 5236 BrFiltUp - ok
16:36:05.0181 5236 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32

\browser.dll
16:36:05.0197 5236 Browser - ok
16:36:05.0290 5236 [ 7FDC0A90C231874253C0F4AC4343E288 ] BrSerIb C:\Windows\system32

\DRIVERS\BrSerIb.sys
16:36:05.0337 5236 BrSerIb - ok
16:36:05.0400 5236 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32

\drivers\brserid.sys
16:36:05.0415 5236 Brserid - ok
16:36:05.0446 5236 [ 1A5FC78E41840EDF79D65EC16EFF2787 ] BrSerIf C:\Windows\system32

\Drivers\BrSerIf.sys
16:36:05.0446 5236 BrSerIf - ok
16:36:05.0478 5236 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32

\drivers\brserwdm.sys
16:36:05.0493 5236 BrSerWdm - ok
16:36:05.0540 5236 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32

\drivers\brusbmdm.sys
16:36:05.0556 5236 BrUsbMdm - ok
16:36:05.0587 5236 [ A24C7B39602218F8DBDB2B6704325FC7 ] BrUsbSer C:\Windows\system32

\Drivers\BrUsbSer.sys
16:36:05.0587 5236 BrUsbSer - ok
16:36:05.0634 5236 [ F5390255C73F8CB4995BDC687555FD19 ] BrUsbSIb C:\Windows\system32

\DRIVERS\BrUsbSIb.sys
16:36:05.0634 5236 BrUsbSIb - ok
16:36:05.0696 5236 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32

\drivers\bthmodem.sys
16:36:05.0696 5236 BTHMODEM - ok
16:36:05.0836 5236 [ ACE85AF1C31F68BDFEE9333F6592917E ] ccSet_NAV C:\Windows\system32

\drivers\NAV\1309000.009\ccSetx86.sys
16:36:05.0836 5236 ccSet_NAV - ok
16:36:05.0868 5236 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32

\DRIVERS\cdfs.sys
16:36:05.0868 5236 cdfs - ok
16:36:05.0930 5236 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32

\DRIVERS\cdrom.sys
16:36:05.0946 5236 cdrom - ok
16:36:05.0961 5236 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32

\certprop.dll
16:36:05.0977 5236 CertPropSvc - ok
16:36:06.0008 5236 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32

\drivers\circlass.sys
16:36:06.0039 5236 circlass - ok
16:36:06.0070 5236 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32

\CLFS.sys
16:36:06.0070 5236 CLFS - ok
16:36:06.0180 5236 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32

C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:36:06.0226 5236 clr_optimization_v2.0.50727_32 - ok
16:36:06.0304 5236 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32

C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:36:06.0320 5236 clr_optimization_v4.0.30319_32 - ok
16:36:06.0351 5236 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32

\drivers\cmdide.sys
16:36:06.0367 5236 cmdide - ok
16:36:06.0382 5236 [ 4FC0A44DA7603229E1A9454126A59EFD ] Compbatt C:\Windows\system32

\drivers\compbatt.sys
16:36:06.0398 5236 Compbatt - ok
16:36:06.0414 5236 COMSysApp - ok
16:36:06.0429 5236 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32

\drivers\crcdisk.sys
16:36:06.0429 5236 crcdisk - ok
16:36:06.0460 5236 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32

\drivers\crusoe.sys
16:36:06.0460 5236 Crusoe - ok
16:36:06.0507 5236 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32

\cryptsvc.dll
16:36:06.0523 5236 CryptSvc - ok
16:36:06.0616 5236 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32

\rpcss.dll
16:36:06.0710 5236 DcomLaunch - ok
16:36:06.0788 5236 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32

\Drivers\dfsc.sys
16:36:06.0804 5236 DfsC - ok
16:36:07.0147 5236 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32

\DFSR.exe
16:36:07.0443 5236 DFSR - ok
16:36:07.0506 5236 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32

\dhcpcsvc.dll
16:36:07.0521 5236 Dhcp - ok
16:36:07.0584 5236 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32

\drivers\disk.sys
16:36:07.0599 5236 disk - ok
16:36:07.0677 5236 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32

\dnsrslvr.dll
16:36:07.0693 5236 Dnscache - ok
16:36:07.0833 5236 [ 0840ABBBDF438691EE65A20040635CBE ] DockLoginService C:\Program

Files\Dell\DellDock\DockLogin.exe
16:36:07.0896 5236 DockLoginService - ok
16:36:07.0974 5236 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32

\dot3svc.dll
16:36:07.0989 5236 dot3svc - ok
16:36:08.0036 5236 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
16:36:08.0052 5236 DPS - ok
16:36:08.0098 5236 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32

\drivers\drmkaud.sys
16:36:08.0130 5236 drmkaud - ok
16:36:08.0317 5236 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32

\drivers\dxgkrnl.sys
16:36:08.0348 5236 DXGKrnl - ok
16:36:08.0457 5236 [ 04944F4FC4F0477185F5D26AE0DDB90E ] e1express C:\Windows\system32

\DRIVERS\e1e6032.sys
16:36:08.0457 5236 e1express - ok
16:36:08.0535 5236 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32

\DRIVERS\E1G60I32.sys
16:36:08.0629 5236 E1G60 - ok
16:36:08.0676 5236 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32

\eapsvc.dll
16:36:08.0691 5236 EapHost - ok
16:36:08.0769 5236 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32

\drivers\ecache.sys
16:36:08.0769 5236 Ecache - ok
16:36:08.0894 5236 [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl C:\Program Files\Common

Files\Symantec Shared\EENGINE\eeCtrl.sys
16:36:08.0925 5236 eeCtrl - ok
16:36:09.0019 5236 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32

\drivers\elxstor.sys
16:36:09.0050 5236 elxstor - ok
16:36:09.0206 5236 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32

\emdmgmt.dll
16:36:09.0206 5236 EMDMgmt - ok
16:36:09.0253 5236 [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Program Files\Common

Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
16:36:09.0268 5236 EraserUtilRebootDrv - ok
16:36:09.0300 5236 [ F2A80DE2D1B7116052C09CB4D4CA1416 ] ErrDev C:\Windows\system32

\drivers\errdev.sys
16:36:09.0300 5236 ErrDev - ok
16:36:09.0440 5236 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
16:36:09.0440 5236 EventSystem - ok
16:36:09.0487 5236 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32

\drivers\exfat.sys
16:36:09.0487 5236 exfat - ok
16:36:09.0534 5236 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32

\drivers\fastfat.sys
16:36:09.0549 5236 fastfat - ok
16:36:09.0596 5236 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32

\DRIVERS\fdc.sys
16:36:09.0596 5236 fdc - ok
16:36:09.0674 5236 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32

\fdPHost.dll
16:36:09.0690 5236 fdPHost - ok
16:36:09.0721 5236 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32

\fdrespub.dll
16:36:09.0736 5236 FDResPub - ok
16:36:09.0768 5236 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32

\drivers\fileinfo.sys
16:36:09.0783 5236 FileInfo - ok
16:36:09.0830 5236 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32

\drivers\filetrace.sys
16:36:09.0830 5236 Filetrace - ok
16:36:09.0877 5236 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32

\DRIVERS\flpydisk.sys
16:36:09.0877 5236 flpydisk - ok
16:36:09.0986 5236 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32

\drivers\fltmgr.sys
16:36:10.0002 5236 FltMgr - ok
16:36:10.0158 5236 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32

\FntCache.dll
16:36:10.0173 5236 FontCache - ok
16:36:10.0298 5236 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0

C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
16:36:10.0314 5236 FontCache3.0.0.0 - ok
16:36:10.0392 5236 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32

\drivers\Fs_Rec.sys
16:36:10.0423 5236 Fs_Rec - ok
16:36:10.0454 5236 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32

\drivers\gagp30kx.sys
16:36:10.0501 5236 gagp30kx - ok
16:36:10.0688 5236 [ 37331304E89A773B1A86FE681FCA150D ] GameConsoleService C:\Program

Files\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe
16:36:10.0735 5236 GameConsoleService - ok
16:36:10.0938 5236 [ 9F5F2F0FB0A7F5AA9F16B9A7B6DAD89F ] GoogleDesktopManager-051210-111108

C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
16:36:11.0047 5236 GoogleDesktopManager-051210-111108 - ok
16:36:11.0140 5236 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32

\gpsvc.dll
16:36:11.0172 5236 gpsvc - ok
16:36:11.0250 5236 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program

Files\Google\Update\GoogleUpdate.exe
16:36:11.0250 5236 gupdate - ok
16:36:11.0265 5236 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program

Files\Google\Update\GoogleUpdate.exe
16:36:11.0265 5236 gupdatem - ok
16:36:11.0390 5236 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program

Files\Google\Common\Google Updater\GoogleUpdaterService.exe
16:36:11.0406 5236 gusvc - ok
16:36:11.0546 5236 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32

\DRIVERS\HDAudBus.sys
16:36:11.0593 5236 HDAudBus - ok
16:36:11.0640 5236 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32

\drivers\hidbth.sys
16:36:11.0655 5236 HidBth - ok
16:36:11.0671 5236 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32

\drivers\hidir.sys
16:36:11.0671 5236 HidIr - ok
16:36:11.0733 5236 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32

\hidserv.dll
16:36:11.0749 5236 hidserv - ok
16:36:11.0780 5236 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32

\DRIVERS\hidusb.sys
16:36:11.0796 5236 HidUsb - ok
16:36:11.0827 5236 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32

\kmsvc.dll
16:36:11.0858 5236 hkmsvc - ok
16:36:11.0905 5236 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32

\drivers\hpcisss.sys
16:36:11.0920 5236 HpCISSs - ok
16:36:12.0014 5236 [ 0EEECA26C8D4BDE2A4664DB058A81937 ] HTTP C:\Windows\system32

\drivers\HTTP.sys
16:36:12.0030 5236 HTTP - ok
16:36:12.0076 5236 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32

\drivers\i2omp.sys
16:36:12.0092 5236 i2omp - ok
16:36:12.0108 5236 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32

\DRIVERS\i8042prt.sys
16:36:12.0108 5236 i8042prt - ok
16:36:12.0217 5236 [ 997E8F5939F2D12CD9F2E6B395724C16 ] iaStor C:\Windows\system32

\drivers\iastor.sys
16:36:12.0264 5236 iaStor - ok
16:36:12.0342 5236 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32

\drivers\iastorv.sys
16:36:12.0357 5236 iaStorV - ok
16:36:12.0451 5236 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc

C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
16:36:12.0591 5236 idsvc - ok
16:36:12.0732 5236 [ 404FB2AAF532BC7BBACC8880BE401C74 ] IDSVix86

C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28

\Definitions\IPSDefs\20130131.001\IDSvix86.sys
16:36:12.0763 5236 IDSVix86 - ok
16:36:13.0184 5236 [ 9378D57E2B96C0A185D844770AD49948 ] igfx C:\Windows\system32

\DRIVERS\igdkmd32.sys
16:36:13.0683 5236 igfx - ok
16:36:13.0730 5236 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32

\drivers\iirsp.sys
16:36:13.0730 5236 iirsp - ok
16:36:13.0824 5236 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32

\ikeext.dll
16:36:13.0824 5236 IKEEXT - ok
16:36:14.0167 5236 [ F8F53C5449F15B23D4C61D51D2701DA8 ] IntcAzAudAddService C:\Windows\system32

\drivers\RTKVHDA.sys
16:36:14.0604 5236 IntcAzAudAddService - ok
16:36:14.0666 5236 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32

\DRIVERS\intelide.sys
16:36:14.0666 5236 intelide - ok
16:36:14.0682 5236 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32

\DRIVERS\intelppm.sys
16:36:14.0713 5236 intelppm - ok
16:36:14.0884 5236 [ 3DC635B66DD7412E1C9C3A77B8D78F25 ] IntuitUpdateService C:\Program Files\Common

Files\Intuit\Update Service\IntuitUpdateService.exe
16:36:14.0884 5236 IntuitUpdateService - ok
16:36:14.0994 5236 [ 1663A135865F0BA6E853353E98E67F2A ] IntuitUpdateServiceV4 C:\Program

Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
16:36:14.0994 5236 IntuitUpdateServiceV4 - ok
16:36:15.0040 5236 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32

\ipbusenum.dll
16:36:15.0087 5236 IPBusEnum - ok
16:36:15.0118 5236 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32

\DRIVERS\ipfltdrv.sys
16:36:15.0118 5236 IpFilterDriver - ok
16:36:15.0181 5236 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32

\iphlpsvc.dll
16:36:15.0196 5236 iphlpsvc - ok
16:36:15.0212 5236 IpInIp - ok
16:36:15.0306 5236 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32

\drivers\ipmidrv.sys
16:36:15.0321 5236 IPMIDRV - ok
16:36:15.0368 5236 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32

\DRIVERS\ipnat.sys
16:36:15.0368 5236 IPNAT - ok
16:36:15.0415 5236 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32

\drivers\irenum.sys
16:36:15.0415 5236 IRENUM - ok
16:36:15.0462 5236 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32

\drivers\isapnp.sys
16:36:15.0477 5236 isapnp - ok
16:36:15.0540 5236 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32

\DRIVERS\msiscsi.sys
16:36:15.0540 5236 iScsiPrt - ok
16:36:15.0555 5236 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32

\drivers\iteatapi.sys
16:36:15.0586 5236 iteatapi - ok
16:36:15.0602 5236 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32

\drivers\iteraid.sys
16:36:15.0618 5236 iteraid - ok
16:36:15.0649 5236 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32

\DRIVERS\kbdclass.sys
16:36:15.0649 5236 kbdclass - ok
16:36:15.0680 5236 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32

\DRIVERS\kbdhid.sys
16:36:15.0696 5236 kbdhid - ok
16:36:15.0727 5236 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32

\lsass.exe
16:36:15.0742 5236 KeyIso - ok
16:36:15.0836 5236 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32

\Drivers\ksecdd.sys
16:36:15.0852 5236 KSecDD - ok
16:36:15.0930 5236 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32

\msdtckrm.dll
16:36:15.0945 5236 KtmRm - ok
16:36:15.0992 5236 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32

\srvsvc.dll
16:36:16.0008 5236 LanmanServer - ok
16:36:16.0070 5236 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32

\wkssvc.dll
16:36:16.0086 5236 LanmanWorkstation - ok
16:36:16.0148 5236 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32

\DRIVERS\lltdio.sys
16:36:16.0164 5236 lltdio - ok
16:36:16.0226 5236 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32

\lltdsvc.dll
16:36:16.0226 5236 lltdsvc - ok
16:36:16.0273 5236 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32

\lmhsvc.dll
16:36:16.0273 5236 lmhosts - ok
16:36:16.0304 5236 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32

\drivers\lsi_fc.sys
16:36:16.0366 5236 LSI_FC - ok
16:36:16.0398 5236 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32

\drivers\lsi_sas.sys
16:36:16.0398 5236 LSI_SAS - ok
16:36:16.0429 5236 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32

\drivers\lsi_scsi.sys
16:36:16.0444 5236 LSI_SCSI - ok
16:36:16.0476 5236 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32

\drivers\luafv.sys
16:36:16.0491 5236 luafv - ok
16:36:16.0507 5236 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32

\drivers\megasas.sys
16:36:16.0522 5236 megasas - ok
16:36:16.0554 5236 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32

\drivers\megasr.sys
16:36:16.0585 5236 MegaSR - ok
16:36:16.0632 5236 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32

\mmcss.dll
16:36:16.0647 5236 MMCSS - ok
16:36:16.0663 5236 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32

\drivers\modem.sys
16:36:16.0678 5236 Modem - ok
16:36:16.0710 5236 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32

\DRIVERS\monitor.sys
16:36:16.0710 5236 monitor - ok
16:36:16.0756 5236 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32

\DRIVERS\mouclass.sys
16:36:16.0756 5236 mouclass - ok
16:36:16.0803 5236 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32

\DRIVERS\mouhid.sys
16:36:16.0803 5236 mouhid - ok
16:36:16.0850 5236 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32

\drivers\mountmgr.sys
16:36:16.0850 5236 MountMgr - ok
16:36:16.0866 5236 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32

\drivers\mpio.sys
16:36:16.0897 5236 mpio - ok
16:36:16.0928 5236 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32

\drivers\mpsdrv.sys
16:36:16.0944 5236 mpsdrv - ok
16:36:17.0022 5236 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32

\mpssvc.dll
16:36:17.0037 5236 MpsSvc - ok
16:36:17.0053 5236 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32

\drivers\mraid35x.sys
16:36:17.0084 5236 Mraid35x - ok
16:36:17.0115 5236 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32

\drivers\mrxdav.sys
16:36:17.0146 5236 MRxDAV - ok
16:36:17.0209 5236 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32

\DRIVERS\mrxsmb.sys
16:36:17.0209 5236 mrxsmb - ok
16:36:17.0318 5236 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32

\DRIVERS\mrxsmb10.sys
16:36:17.0318 5236 mrxsmb10 - ok
16:36:17.0349 5236 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32

\DRIVERS\mrxsmb20.sys
16:36:17.0380 5236 mrxsmb20 - ok
16:36:17.0427 5236 [ F70590424EEFBF5C27A40C67AFDB8383 ] msahci C:\Windows\system32

\drivers\msahci.sys
16:36:17.0443 5236 msahci - ok
16:36:17.0458 5236 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32

\drivers\msdsm.sys
16:36:17.0474 5236 msdsm - ok
16:36:17.0505 5236 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32

\msdtc.exe
16:36:17.0521 5236 MSDTC - ok
16:36:17.0552 5236 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32

\drivers\Msfs.sys
16:36:17.0552 5236 Msfs - ok
16:36:17.0583 5236 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32

\drivers\msisadrv.sys
16:36:17.0583 5236 msisadrv - ok
16:36:17.0614 5236 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32

\iscsiexe.dll
16:36:17.0630 5236 MSiSCSI - ok
16:36:17.0646 5236 msiserver - ok
16:36:17.0692 5236 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32

\drivers\MSKSSRV.sys
16:36:17.0692 5236 MSKSSRV - ok
16:36:17.0724 5236 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32

\drivers\MSPCLOCK.sys
16:36:17.0724 5236 MSPCLOCK - ok
16:36:17.0755 5236 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32

\drivers\MSPQM.sys
16:36:17.0755 5236 MSPQM - ok
16:36:17.0817 5236 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32

\drivers\MsRPC.sys
16:36:17.0817 5236 MsRPC - ok
16:36:17.0911 5236 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32

\DRIVERS\mssmbios.sys
16:36:17.0911 5236 mssmbios - ok
16:36:17.0926 5236 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32

\drivers\MSTEE.sys
16:36:17.0942 5236 MSTEE - ok
16:36:17.0973 5236 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32

\Drivers\mup.sys
16:36:17.0973 5236 Mup - ok
16:36:18.0051 5236 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32

\qagentRT.dll
16:36:18.0051 5236 napagent - ok
16:36:18.0114 5236 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32

\DRIVERS\nwifi.sys
16:36:18.0129 5236 NativeWifiP - ok
16:36:18.0270 5236 [ F2840DBFE9322F35557219AE82CC4597 ] NAV C:\Program Files\Norton

AntiVirus\Engine\19.9.0.9\ccSvcHst.exe
16:36:18.0270 5236 NAV - ok
16:36:18.0426 5236 [ 7D7A3BC6640C1A0D1442816B30856928 ] NAVENG

C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28

\Definitions\VirusDefs\20130131.032\NAVENG.SYS
16:36:18.0457 5236 NAVENG - ok
16:36:18.0582 5236 [ 28494C43D62AA7584BDCA2FADFBC4D11 ] NAVEX15

C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28

\Definitions\VirusDefs\20130131.032\NAVEX15.SYS
16:36:18.0691 5236 NAVEX15 - ok
16:36:18.0784 5236 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32

\drivers\ndis.sys
16:36:18.0784 5236 NDIS - ok
16:36:18.0831 5236 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32

\DRIVERS\ndistapi.sys
16:36:18.0862 5236 NdisTapi - ok
16:36:18.0878 5236 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32

\DRIVERS\ndisuio.sys
16:36:18.0894 5236 Ndisuio - ok
16:36:18.0925 5236 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32

\DRIVERS\ndiswan.sys
16:36:18.0925 5236 NdisWan - ok
16:36:18.0940 5236 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32

\drivers\NDProxy.sys
16:36:18.0956 5236 NDProxy - ok
16:36:19.0003 5236 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32

\DRIVERS\netbios.sys
16:36:19.0003 5236 NetBIOS - ok
16:36:19.0081 5236 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32

\DRIVERS\netbt.sys
16:36:19.0112 5236 netbt - ok
16:36:19.0143 5236 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32

\lsass.exe
16:36:19.0143 5236 Netlogon - ok
16:36:19.0221 5236 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32

\netman.dll
16:36:19.0237 5236 Netman - ok
16:36:19.0299 5236 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32

\netprofm.dll
16:36:19.0315 5236 netprofm - ok
16:36:19.0377 5236 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing

C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:36:19.0393 5236 NetTcpPortSharing - ok
16:36:19.0440 5236 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32

\drivers\nfrd960.sys
16:36:19.0455 5236 nfrd960 - ok
16:36:19.0502 5236 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32

\nlasvc.dll
16:36:19.0502 5236 NlaSvc - ok
16:36:19.0564 5236 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32

\drivers\Npfs.sys
16:36:19.0564 5236 Npfs - ok
16:36:19.0596 5236 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32

\nsisvc.dll
16:36:19.0611 5236 nsi - ok
16:36:19.0658 5236 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32

\drivers\nsiproxy.sys
16:36:19.0658 5236 nsiproxy - ok
16:36:19.0954 5236 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32

\drivers\Ntfs.sys
16:36:19.0970 5236 Ntfs - ok
16:36:20.0001 5236 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32

\drivers\ntrigdigi.sys
16:36:20.0017 5236 ntrigdigi - ok
16:36:20.0048 5236 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32

\drivers\Null.sys
16:36:20.0048 5236 Null - ok
16:36:20.0079 5236 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32

\drivers\nvraid.sys
16:36:20.0095 5236 nvraid - ok
16:36:20.0142 5236 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32

\drivers\nvstor.sys
16:36:20.0157 5236 nvstor - ok
16:36:20.0188 5236 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32

\drivers\nv_agp.sys
16:36:20.0188 5236 nv_agp - ok
16:36:20.0204 5236 NwlnkFlt - ok
16:36:20.0220 5236 NwlnkFwd - ok
16:36:20.0251 5236 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32

\drivers\ohci1394.sys
16:36:20.0266 5236 ohci1394 - ok
16:36:20.0391 5236 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32

\p2psvc.dll
16:36:20.0422 5236 p2pimsvc - ok
16:36:20.0454 5236 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32

\p2psvc.dll
16:36:20.0454 5236 p2psvc - ok
16:36:20.0500 5236 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32

\drivers\parport.sys
16:36:20.0532 5236 Parport - ok
16:36:20.0578 5236 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32

\drivers\partmgr.sys
16:36:20.0594 5236 partmgr - ok
16:36:20.0625 5236 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32

\drivers\parvdm.sys
16:36:20.0641 5236 Parvdm - ok
16:36:20.0672 5236 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32

\pcasvc.dll
16:36:20.0688 5236 PcaSvc - ok
16:36:20.0750 5236 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32

\drivers\pci.sys
16:36:20.0750 5236 pci - ok
16:36:20.0781 5236 [ 1636D43F10416AEB483BC6001097B26C ] pciide C:\Windows\system32

\drivers\pciide.sys
16:36:20.0781 5236 pciide - ok
16:36:20.0859 5236 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32

\drivers\pcmcia.sys
16:36:20.0859 5236 pcmcia - ok
16:36:21.0046 5236 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32

\drivers\peauth.sys
16:36:21.0062 5236 PEAUTH - ok
16:36:21.0249 5236 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
16:36:21.0579 5236 pla - ok
16:36:21.0694 5236 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32

\umpnpmgr.dll
16:36:21.0699 5236 PlugPlay - ok
16:36:21.0834 5236 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32

\p2psvc.dll
16:36:21.0844 5236 PNRPAutoReg - ok
16:36:21.0869 5236 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32

\p2psvc.dll
16:36:21.0874 5236 PNRPsvc - ok
16:36:21.0969 5236 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32

\ipsecsvc.dll
16:36:21.0984 5236 PolicyAgent - ok
16:36:22.0044 5236 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32

\DRIVERS\raspptp.sys
16:36:22.0064 5236 PptpMiniport - ok
16:36:22.0114 5236 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32

\drivers\processr.sys
16:36:22.0144 5236 Processor - ok
16:36:22.0204 5236 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32

\profsvc.dll
16:36:22.0219 5236 ProfSvc - ok
16:36:22.0244 5236 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32

\lsass.exe
16:36:22.0249 5236 ProtectedStorage - ok
16:36:22.0299 5236 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32

\DRIVERS\pacer.sys
16:36:22.0314 5236 PSched - ok
16:36:22.0409 5236 [ A6A7AD767BF5141665F5C675F671B3E1 ] PSI_SVC_2 c:\Program Files\Common

Files\Protexis\License Service\PsiService_2.exe
16:36:22.0434 5236 PSI_SVC_2 - ok
16:36:22.0459 5236 [ 03E0FE281823BA64B3782F5B38950E73 ] PxHelp20 C:\Windows\system32

\Drivers\PxHelp20.sys
16:36:22.0474 5236 PxHelp20 - ok
16:36:22.0669 5236 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32

\drivers\ql2300.sys
16:36:22.0699 5236 ql2300 - ok
16:36:22.0734 5236 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32

\drivers\ql40xx.sys
16:36:22.0744 5236 ql40xx - ok
16:36:22.0799 5236 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32

\qwave.dll
16:36:22.0814 5236 QWAVE - ok
16:36:22.0839 5236 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32

\drivers\qwavedrv.sys
16:36:22.0849 5236 QWAVEdrv - ok
16:36:23.0124 5236 [ E642B131FB74CAF4BB8A014F31113142 ] R300 C:\Windows\system32

\DRIVERS\atikmdag.sys
16:36:23.0864 5236 R300 - ok
16:36:23.0904 5236 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32

\DRIVERS\rasacd.sys
16:36:23.0904 5236 RasAcd - ok
16:36:23.0944 5236 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32

\rasauto.dll
16:36:23.0954 5236 RasAuto - ok
16:36:23.0989 5236 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32

\DRIVERS\rasl2tp.sys
16:36:24.0004 5236 Rasl2tp - ok
16:36:24.0089 5236 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32

\rasmans.dll
16:36:24.0104 5236 RasMan - ok
16:36:24.0159 5236 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32

\DRIVERS\raspppoe.sys
16:36:24.0169 5236 RasPppoe - ok
16:36:24.0249 5236 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32

\DRIVERS\rassstp.sys
16:36:24.0286 5236 RasSstp - ok
16:36:24.0348 5236 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32

\DRIVERS\rdbss.sys
16:36:24.0364 5236 rdbss - ok
16:36:24.0426 5236 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32

\DRIVERS\RDPCDD.sys
16:36:24.0442 5236 RDPCDD - ok
16:36:24.0504 5236 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32

\drivers\rdpdr.sys
16:36:24.0520 5236 rdpdr - ok
16:36:24.0551 5236 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32

\drivers\rdpencdd.sys
16:36:24.0551 5236 RDPENCDD - ok
16:36:24.0644 5236 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32

\drivers\RDPWD.sys
16:36:24.0644 5236 RDPWD - ok
16:36:24.0722 5236 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32

\mprdim.dll
16:36:24.0738 5236 RemoteAccess - ok
16:36:24.0785 5236 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32

\regsvc.dll
16:36:24.0832 5236 RemoteRegistry - ok
16:36:24.0894 5236 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32

\locator.exe
16:36:24.0910 5236 RpcLocator - ok
16:36:24.0988 5236 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32

\rpcss.dll
16:36:24.0988 5236 RpcSs - ok
16:36:25.0066 5236 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32

\DRIVERS\rspndr.sys
16:36:25.0081 5236 rspndr - ok
16:36:25.0112 5236 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32

\lsass.exe
16:36:25.0112 5236 SamSs - ok
16:36:25.0128 5236 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32

\drivers\sbp2port.sys
16:36:25.0144 5236 sbp2port - ok
16:36:25.0190 5236 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32

\SCardSvr.dll
16:36:25.0237 5236 SCardSvr - ok
16:36:25.0393 5236 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32

\schedsvc.dll
16:36:25.0409 5236 Schedule - ok
16:36:25.0456 5236 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32

\certprop.dll
16:36:25.0456 5236 SCPolicySvc - ok
16:36:25.0502 5236 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32

\SDRSVC.dll
16:36:25.0502 5236 SDRSVC - ok
16:36:25.0534 5236 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32

\drivers\secdrv.sys
16:36:25.0565 5236 secdrv - ok
16:36:25.0580 5236 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32

\seclogon.dll
16:36:25.0612 5236 seclogon - ok
16:36:25.0643 5236 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32

\sens.dll
16:36:25.0643 5236 SENS - ok
16:36:25.0674 5236 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32

\drivers\serenum.sys
16:36:25.0690 5236 Serenum - ok
16:36:25.0768 5236 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32

\drivers\serial.sys
16:36:25.0799 5236 Serial - ok
16:36:25.0814 5236 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32

\drivers\sermouse.sys
16:36:25.0830 5236 sermouse - ok
16:36:25.0955 5236 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32

\sessenv.dll
16:36:25.0955 5236 SessionEnv - ok
16:36:25.0986 5236 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32

\drivers\sffdisk.sys
16:36:25.0986 5236 sffdisk - ok
16:36:26.0033 5236 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32

\drivers\sffp_mmc.sys
16:36:26.0033 5236 sffp_mmc - ok
16:36:26.0064 5236 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32

\drivers\sffp_sd.sys
16:36:26.0095 5236 sffp_sd - ok
16:36:26.0111 5236 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32

\drivers\sfloppy.sys
16:36:26.0126 5236 sfloppy - ok
16:36:26.0282 5236 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32

\ipnathlp.dll
16:36:26.0298 5236 SharedAccess - ok
16:36:26.0376 5236 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32

\shsvcs.dll
16:36:26.0392 5236 ShellHWDetection - ok
16:36:26.0438 5236 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32

\drivers\sisagp.sys
16:36:26.0454 5236 sisagp - ok
16:36:26.0470 5236 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32

\drivers\sisraid2.sys
16:36:26.0485 5236 SiSRaid2 - ok
16:36:26.0532 5236 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32

\drivers\sisraid4.sys
16:36:26.0548 5236 SiSRaid4 - ok
16:36:27.0499 5236 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32

\SLsvc.exe
16:36:28.0279 5236 slsvc - ok
16:36:28.0326 5236 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32

\SLUINotify.dll
16:36:28.0357 5236 SLUINotify - ok
16:36:28.0404 5236 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32

\DRIVERS\smb.sys
16:36:28.0435 5236 Smb - ok
16:36:28.0513 5236 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32

\snmptrap.exe
16:36:28.0529 5236 SNMPTRAP - ok
16:36:28.0591 5236 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32

\drivers\spldr.sys
16:36:28.0591 5236 spldr - ok
16:36:28.0669 5236 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32

\spoolsv.exe
16:36:28.0700 5236 Spooler - ok
16:36:28.0872 5236 [ 777115C9CC675BD98127660712D2F784 ] sprtsvc_DellSupportCenter C:\Program

Files\Dell Support Center\bin\sprtsvc.exe
16:36:28.0950 5236 sprtsvc_DellSupportCenter - ok
16:36:29.0044 5236 sprtsvc_quickcare - ok
16:36:29.0262 5236 [ 7BB297CADA42903328E92425D9761DA6 ] SRTSP C:\Windows\System32

\Drivers\NAV\1309000.009\SRTSP.SYS
16:36:29.0324 5236 SRTSP - ok
16:36:29.0371 5236 [ 475FCF0F28D845BF1C8ABAC27F19003E ] SRTSPX C:\Windows\system32

\drivers\NAV\1309000.009\SRTSPX.SYS
16:36:29.0387 5236 SRTSPX - ok
16:36:29.0496 5236 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32

\DRIVERS\srv.sys
16:36:29.0512 5236 srv - ok
16:36:29.0605 5236 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32

\DRIVERS\srv2.sys
16:36:29.0621 5236 srv2 - ok
16:36:29.0652 5236 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32

\DRIVERS\srvnet.sys
16:36:29.0652 5236 srvnet - ok
16:36:29.0730 5236 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32

\ssdpsrv.dll
16:36:29.0761 5236 SSDPSRV - ok
16:36:29.0808 5236 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32

\sstpsvc.dll
16:36:29.0870 5236 SstpSvc - ok
16:36:30.0042 5236 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32

\wiaservc.dll
16:36:30.0120 5236 stisvc - ok
16:36:30.0260 5236 [ 1D0063597C3666404FCF97698ABEB019 ] stllssvr C:\Program Files\Common

Files\SureThing Shared\stllssvr.exe
16:36:30.0307 5236 stllssvr - ok
16:36:30.0479 5236 [ 9A97B7024E2CA4D42046BF272997E14C ] SupportSoft RemoteAssist C:\Program

Files\Common Files\SupportSoft\bin\ssrc.exe
16:36:30.0604 5236 SupportSoft RemoteAssist - ok
16:36:30.0650 5236 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32

\DRIVERS\swenum.sys
16:36:30.0682 5236 swenum - ok
16:36:30.0760 5236 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32

\swprv.dll
16:36:30.0838 5236 swprv - ok
16:36:30.0900 5236 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32

\drivers\symc8xx.sys
16:36:30.0916 5236 Symc8xx - ok
16:36:31.0087 5236 [ 690FA0E61B90084C4D9A721BD4F3D779 ] SymDS C:\Windows\system32

\drivers\NAV\1309000.009\SYMDS.SYS
16:36:31.0274 5236 SymDS - ok
16:36:31.0571 5236 [ 8F88EDB211B12537D2DC2A6D73D6067C ] SymEFA C:\Windows\system32

\drivers\NAV\1309000.009\SYMEFA.SYS
16:36:31.0727 5236 SymEFA - ok
16:36:31.0852 5236 [ 555FB450FE6908600310E990738B41D6 ] SymEvent C:\Windows\system32

\Drivers\SYMEVENT.SYS
16:36:31.0930 5236 SymEvent - ok
16:36:32.0054 5236 [ 2C356CCA706505CF63CBE39D532B9236 ] SymIRON C:\Windows\system32

\drivers\NAV\1309000.009\Ironx86.SYS
16:36:32.0164 5236 SymIRON - ok
16:36:32.0366 5236 [ 40C6E6417C8B7D7FCF82CFBE71525795 ] SYMTDIv C:\Windows\System32

\Drivers\NAV\1309000.009\SYMTDIV.SYS
16:36:32.0444 5236 SYMTDIv - ok
16:36:32.0507 5236 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32

\drivers\sym_hi.sys
16:36:32.0554 5236 Sym_hi - ok
16:36:32.0585 5236 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32

\drivers\sym_u3.sys
16:36:32.0616 5236 Sym_u3 - ok
16:36:32.0834 5236 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32

\sysmain.dll
16:36:33.0022 5236 SysMain - ok
16:36:33.0131 5236 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32

\TabSvc.dll
16:36:33.0193 5236 TabletInputService - ok
16:36:33.0256 5236 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32

\tapisrv.dll
16:36:33.0271 5236 TapiSrv - ok
16:36:33.0318 5236 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32

\tbssvc.dll
16:36:33.0318 5236 TBS - ok
16:36:33.0505 5236 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip C:\Windows\system32

\drivers\tcpip.sys
16:36:33.0521 5236 Tcpip - ok
16:36:33.0552 5236 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6 C:\Windows\system32

\DRIVERS\tcpip.sys
16:36:33.0552 5236 Tcpip6 - ok
16:36:33.0661 5236 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32

\drivers\tcpipreg.sys
16:36:33.0677 5236 tcpipreg - ok
16:36:33.0724 5236 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32

\drivers\tdpipe.sys
16:36:33.0724 5236 TDPIPE - ok
16:36:33.0755 5236 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32

\drivers\tdtcp.sys
16:36:33.0770 5236 TDTCP - ok
16:36:33.0802 5236 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32

\DRIVERS\tdx.sys
16:36:33.0817 5236 tdx - ok
16:36:33.0911 5236 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32

\DRIVERS\termdd.sys
16:36:33.0973 5236 TermDD - ok
16:36:34.0192 5236 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32

\termsrv.dll
16:36:34.0472 5236 TermService - ok
16:36:34.0488 5236 tgsrvc_quickcare - ok
16:36:34.0566 5236 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32

\shsvcs.dll
16:36:34.0566 5236 Themes - ok
16:36:34.0628 5236 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32

\mmcss.dll
16:36:34.0644 5236 THREADORDER - ok
16:36:34.0706 5236 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32

\trkwks.dll
16:36:34.0753 5236 TrkWks - ok
16:36:34.0940 5236 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller

C:\Windows\servicing\TrustedInstaller.exe
16:36:34.0956 5236 TrustedInstaller - ok
16:36:35.0096 5236 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32

\DRIVERS\tssecsrv.sys
16:36:35.0268 5236 tssecsrv - ok
16:36:35.0315 5236 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32

\DRIVERS\tunmp.sys
16:36:35.0346 5236 tunmp - ok
16:36:35.0486 5236 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32

\DRIVERS\tunnel.sys
16:36:35.0518 5236 tunnel - ok
16:36:35.0611 5236 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32

\drivers\uagp35.sys
16:36:35.0642 5236 uagp35 - ok
16:36:35.0752 5236 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32

\DRIVERS\udfs.sys
16:36:35.0798 5236 udfs - ok
16:36:35.0908 5236 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32

\UI0Detect.exe
16:36:35.0939 5236 UI0Detect - ok
16:36:35.0970 5236 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32

\drivers\uliagpkx.sys
16:36:35.0986 5236 uliagpkx - ok
16:36:36.0064 5236 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32

\drivers\uliahci.sys
16:36:36.0095 5236 uliahci - ok
16:36:36.0126 5236 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32

\drivers\ulsata.sys
16:36:36.0142 5236 UlSata - ok
16:36:36.0188 5236 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32

\drivers\ulsata2.sys
16:36:36.0204 5236 ulsata2 - ok
16:36:36.0220 5236 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32

\DRIVERS\umbus.sys
16:36:36.0235 5236 umbus - ok
16:36:36.0298 5236 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32

\upnphost.dll
16:36:36.0313 5236 upnphost - ok
16:36:36.0376 5236 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32

\DRIVERS\usbccgp.sys
16:36:36.0391 5236 usbccgp - ok
16:36:36.0407 5236 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32

\drivers\usbcir.sys
16:36:36.0422 5236 usbcir - ok
16:36:36.0469 5236 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32

\DRIVERS\usbehci.sys
16:36:36.0500 5236 usbehci - ok
16:36:36.0578 5236 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32

\DRIVERS\usbhub.sys
16:36:36.0641 5236 usbhub - ok
16:36:36.0703 5236 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32

\drivers\usbohci.sys
16:36:36.0750 5236 usbohci - ok
16:36:36.0781 5236 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32

\DRIVERS\usbprint.sys
16:36:36.0797 5236 usbprint - ok
16:36:36.0875 5236 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32

\DRIVERS\usbscan.sys
16:36:36.0890 5236 usbscan - ok
16:36:36.0968 5236 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32

\DRIVERS\USBSTOR.SYS
16:36:36.0984 5236 USBSTOR - ok
16:36:37.0000 5236 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32

\DRIVERS\usbuhci.sys
16:36:37.0015 5236 usbuhci - ok
16:36:37.0078 5236 [ 830D5D8456B822C1247C1E59B4C464FA ] USB_RNDIS C:\Windows\system32

\DRIVERS\usb8023.sys
16:36:37.0140 5236 USB_RNDIS - ok
16:36:37.0187 5236 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32

\uxsms.dll
16:36:37.0202 5236 UxSms - ok
16:36:37.0280 5236 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
16:36:37.0296 5236 vds - ok
16:36:37.0343 5236 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32

\DRIVERS\vgapnp.sys
16:36:37.0343 5236 vga - ok
16:36:37.0421 5236 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32

\drivers\vga.sys
16:36:37.0436 5236 VgaSave - ok
16:36:37.0468 5236 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32

\drivers\viaagp.sys
16:36:37.0483 5236 viaagp - ok
16:36:37.0514 5236 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32

\drivers\viac7.sys
16:36:37.0546 5236 ViaC7 - ok
16:36:37.0561 5236 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32

\drivers\viaide.sys
16:36:37.0561 5236 viaide - ok
16:36:37.0577 5236 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32

\drivers\volmgr.sys
16:36:37.0592 5236 volmgr - ok
16:36:37.0686 5236 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32

\drivers\volmgrx.sys
16:36:37.0686 5236 volmgrx - ok
16:36:37.0748 5236 [ 786DB5771F05EF300390399F626BF30A ] volsnap C:\Windows\system32

\drivers\volsnap.sys
16:36:37.0764 5236 volsnap - ok
16:36:37.0795 5236 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32

\drivers\vsmraid.sys
16:36:37.0811 5236 vsmraid - ok
16:36:38.0014 5236 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32

\vssvc.exe
16:36:38.0029 5236 VSS - ok
16:36:38.0092 5236 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32

\w32time.dll
16:36:38.0092 5236 W32Time - ok
16:36:38.0170 5236 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32

\drivers\wacompen.sys
16:36:38.0216 5236 WacomPen - ok
16:36:38.0248 5236 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32

\DRIVERS\wanarp.sys
16:36:38.0248 5236 Wanarp - ok
16:36:38.0279 5236 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32

\DRIVERS\wanarp.sys
16:36:38.0279 5236 Wanarpv6 - ok
16:36:38.0326 5236 [ 0A716C08CB13C3A8F4F51E882DBF7416 ] wanatw C:\Windows\system32

\DRIVERS\wanatw4.sys
16:36:38.0326 5236 wanatw - ok
16:36:38.0528 5236 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32

\wcncsvc.dll
16:36:38.0638 5236 wcncsvc - ok
16:36:38.0716 5236 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32

\WcsPlugInService.dll
16:36:38.0731 5236 WcsPlugInService - ok
16:36:38.0778 5236 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32

\drivers\wd.sys
16:36:38.0794 5236 Wd - ok
16:36:38.0996 5236 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32

\drivers\Wdf01000.sys
16:36:39.0012 5236 Wdf01000 - ok
16:36:39.0028 5236 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:36:39.0043 5236 WdiServiceHost - ok
16:36:39.0059 5236 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:36:39.0059 5236 WdiSystemHost - ok
16:36:39.0121 5236 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32

\webclnt.dll
16:36:39.0137 5236 WebClient - ok
16:36:39.0184 5236 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32

\wecsvc.dll
16:36:39.0184 5236 Wecsvc - ok
16:36:39.0246 5236 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32

\wercplsupport.dll
16:36:39.0246 5236 wercplsupport - ok
16:36:39.0293 5236 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32

\WerSvc.dll
16:36:39.0308 5236 WerSvc - ok
16:36:39.0386 5236 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows

Defender\mpsvc.dll
16:36:39.0402 5236 WinDefend - ok
16:36:39.0418 5236 WinHttpAutoProxySvc - ok
16:36:39.0542 5236 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32

\wbem\WMIsvc.dll
16:36:39.0558 5236 Winmgmt - ok
16:36:39.0792 5236 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32

\WsmSvc.dll
16:36:39.0823 5236 WinRM - ok
16:36:39.0964 5236 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32

\wlansvc.dll
16:36:39.0964 5236 Wlansvc - ok
16:36:40.0042 5236 [ 48CA581C12022AC60FE82E2B96FBF5D4 ] WmiAcpi C:\Windows\system32

\drivers\wmiacpi.sys
16:36:40.0057 5236 WmiAcpi - ok
16:36:40.0104 5236 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32

\wbem\WmiApSrv.exe
16:36:40.0104 5236 wmiApSrv - ok
16:36:40.0244 5236 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows

Media Player\wmpnetwk.exe
16:36:40.0276 5236 WMPNetworkSvc - ok
16:36:40.0354 5236 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32

\wpcsvc.dll
16:36:40.0369 5236 WPCSvc - ok
16:36:40.0478 5236 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32

\wpdbusenum.dll
16:36:40.0494 5236 WPDBusEnum - ok
16:36:40.0728 5236 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400

C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
16:36:40.0744 5236 WPFFontCache_v0400 - ok
16:36:40.0759 5236 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32

\drivers\ws2ifsl.sys
16:36:40.0775 5236 ws2ifsl - ok
16:36:40.0806 5236 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\System32

\wscsvc.dll
16:36:40.0806 5236 wscsvc - ok
16:36:40.0822 5236 WSearch - ok
16:36:41.0165 5236 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32

\wuaueng.dll
16:36:41.0227 5236 wuauserv - ok
16:36:41.0274 5236 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32

\drivers\WudfPf.sys
16:36:41.0290 5236 WudfPf - ok
16:36:41.0321 5236 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32

\DRIVERS\WUDFRd.sys
16:36:41.0336 5236 WUDFRd - ok
16:36:41.0383 5236 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32

\WUDFSvc.dll
16:36:41.0430 5236 wudfsvc - ok
16:36:41.0461 5236 ================ Scan global ===============================
16:36:41.0633 5236 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
16:36:41.0773 5236 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
16:36:41.0851 5236 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
16:36:41.0929 5236 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
16:36:41.0992 5236 [Global] - ok
16:36:41.0992 5236 ================ Scan MBR ==================================
16:36:42.0007 5236 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
16:36:48.0122 5236 \Device\Harddisk0\DR0 - ok
16:36:48.0169 5236 [ 671B81004FDD1588FA9ED1331C9CECA9 ] \Device\Harddisk1\DR1
16:37:02.0506 5236 \Device\Harddisk1\DR1 - ok
16:37:02.0506 5236 ================ Scan VBR ==================================
16:37:02.0537 5236 [ 1798A3CF4B5FA0F83CB5B41D40A0A065 ] \Device\Harddisk0\DR0\Partition1
16:37:02.0584 5236 \Device\Harddisk0\DR0\Partition1 - ok
16:37:02.0615 5236 [ 68208E32C76B866F8D15A436120C3EE3 ] \Device\Harddisk0\DR0\Partition2
16:37:02.0740 5236 \Device\Harddisk0\DR0\Partition2 - ok
16:37:02.0755 5236 ============================================================
16:37:02.0755 5236 Scan finished
16:37:02.0755 5236 ============================================================
16:37:02.0771 5204 Detected object count: 0
16:37:02.0771 5204 Actual detected object count: 0
16:38:24.0163 6076 Deinitialize success





MiniToolBox by Farbar Version:10-01-2013
Ran by Bette (administrator) on 01-02-2013 at 16:41:08
Running from "C:\Users\Bette\Desktop"
Windows Vista ™ Home Basic Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================

Actiontec Gateway = Local Area Connection 3 (Connected)
Intel® 82562V-2 10/100 Network Connection = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Bette-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : domain.actdsltmp

Ethernet adapter Local Area Connection 3:

Connection-specific DNS Suffix . : domain.actdsltmp
Description . . . . . . . . . . . : Actiontec Gateway #2
Physical Address. . . . . . . . . : 00-0F-B3-31-07-43
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::879:eb0d:cb85:10ae%15(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.4(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Friday, February 01, 2013 8:00:57 AM
Lease Expires . . . . . . . . . . : Saturday, February 02, 2013 4:30:05 PM
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 318771123
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-2D-7F-3D-00-21-9B-0C-53-40
DNS Servers . . . . . . . . . . . : 192.168.0.1
205.171.3.25
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® 82562V-2 10/100 Network Connection
Physical Address. . . . . . . . . : 00-21-9B-0C-53-40
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 6:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{97E88A56-C39F-4C3F-A6F6-07FC162B71FB}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.domain.actdsltmp
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.0.1

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
Pinging google.com [74.125.224.166] with 32 bytes of data:Reply from 74.125.224.166: bytes=32

time=66ms TTL=57Reply from 74.125.224.166: bytes=32 time=68ms TTL=57Ping statistics for

74.125.224.166: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times

in milli-seconds: Minimum = 66ms, Maximum = 68ms, Average = 67msDNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.0.1

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
Pinging yahoo.com [206.190.36.45] with 32 bytes of data:Reply from 206.190.36.45: bytes=32

time=105ms TTL=53Reply from 206.190.36.45: bytes=32 time=113ms TTL=53Ping statistics for

206.190.36.45: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times

in milli-seconds: Minimum = 105ms, Maximum = 113ms, Average = 109msPinging 127.0.0.1 with 32

bytes of data:Reply from 127.0.0.1: bytes=32 time<1ms TTL=128Reply from 127.0.0.1: bytes=32 time<1ms

TTL=128Ping statistics for 127.0.0.1: Packets: Sent = 2, Received = 2, Lost = 0 (0%

loss),Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average =

0ms===========================================================================
Interface List
15 ...00 0f b3 31 07 43 ...... Actiontec Gateway #2
11 ...00 21 9b 0c 53 40 ...... Intel® 82562V

-2 10/100 Network Connection
1 ........................... Software Loopback Interface 1
12 ...00

00 00 00 00 00 00 e0 isatap.{97E88A56-C39F-4C3F-A6F6-07FC162B71FB}
10 ...02 00 54 55 4e 01 ......

Teredo Tunneling Pseudo-Interface
16 ...00 00 00 00 00 00 00 e0 isatap.domain.actdsltmp
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.4 30
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.4 286
192.168.0.4 255.255.255.255 On-link 192.168.0.4 286
192.168.0.255 255.255.255.255 On-link 192.168.0.4 286
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.4 286
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.4 286
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
15 286 fe80::/64 On-link
15 286 fe80::879:eb0d:cb85:10ae/128
On-link
1 306 ff00::/8 On-link
15 286 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [19968] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (02/01/2013 04:35:40 PM) (Source: MsiInstaller) (User: Bette-PC)
Description: Product: Microsoft Works - Update 'Security Update for Microsoft Works 9 (KB2754670)'

could not be installed. Error code 1603. Windows Installer can create logs to help troubleshoot

issues with installing software packages. Use the following link for instructions on turning on

logging support: http://go.microsoft.com/fwlink/?LinkId=23127

Error: (02/01/2013 04:35:39 PM) (Source: MsiInstaller) (User: Bette-PC)
Description: Product: Microsoft Works -- Error 1706.No valid source could be found for product

Microsoft Works. The Windows installer cannot continue.

Error: (02/01/2013 08:02:30 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance

ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/31/2013 07:59:49 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance

ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/30/2013 08:58:31 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance

ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/29/2013 10:04:35 PM) (Source: Application Hang) (User: )
Description: The program waol.exe version 9.6.0.2 stopped interacting with Windows and was closed.

To see if more information about the problem is available, check the problem history in the Problem

Reports and Solutions control panel.
Process ID: 108
Start Time: 01cdfe3c73228760
Termination Time: 140

Error: (01/28/2013 10:38:50 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance

ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/28/2013 00:06:23 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance

ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/27/2013 08:05:03 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance

ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/26/2013 05:24:24 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance

ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (02/01/2013 04:39:30 PM) (Source: DCOM) (User: Bette-PC)
Description: application-specificLocalActivation{8BC3F05E-D86B-11D0-A075-00C04FB68820}Bette-

PCBetteS-1-5-21-3079715695-878179480-2839264254-1000LocalHost (Using LRPC)

Error: (02/01/2013 04:39:30 PM) (Source: DCOM) (User: Bette-PC)
Description: application-specificLocalActivation{8BC3F05E-D86B-11D0-A075-00C04FB68820}Bette-

PCBetteS-1-5-21-3079715695-878179480-2839264254-1000LocalHost (Using LRPC)

Error: (02/01/2013 04:39:30 PM) (Source: DCOM) (User: Bette-PC)
Description: application-specificLocalActivation{8BC3F05E-D86B-11D0-A075-00C04FB68820}Bette-

PCBetteS-1-5-21-3079715695-878179480-2839264254-1000LocalHost (Using LRPC)

Error: (02/01/2013 04:39:30 PM) (Source: DCOM) (User: Bette-PC)
Description: application-specificLocalActivation{8BC3F05E-D86B-11D0-A075-00C04FB68820}Bette-

PCBetteS-1-5-21-3079715695-878179480-2839264254-1000LocalHost (Using LRPC)

Error: (02/01/2013 04:39:30 PM) (Source: DCOM) (User: Bette-PC)
Description: application-specificLocalActivation{8BC3F05E-D86B-11D0-A075-00C04FB68820}Bette-

PCBetteS-1-5-21-3079715695-878179480-2839264254-1000LocalHost (Using LRPC)

Error: (02/01/2013 04:39:30 PM) (Source: DCOM) (User: Bette-PC)
Description: application-specificLocalActivation{8BC3F05E-D86B-11D0-A075-00C04FB68820}Bette-

PCBetteS-1-5-21-3079715695-878179480-2839264254-1000LocalHost (Using LRPC)

Error: (02/01/2013 04:39:30 PM) (Source: DCOM) (User: Bette-PC)
Description: application-specificLocalActivation{8BC3F05E-D86B-11D0-A075-00C04FB68820}Bette-

PCBetteS-1-5-21-3079715695-878179480-2839264254-1000LocalHost (Using LRPC)

Error: (02/01/2013 04:38:47 PM) (Source: DCOM) (User: Bette-PC)
Description: application-specificLocalActivation{8BC3F05E-D86B-11D0-A075-00C04FB68820}Bette-

PCBetteS-1-5-21-3079715695-878179480-2839264254-1000LocalHost (Using LRPC)

Error: (02/01/2013 04:38:47 PM) (Source: DCOM) (User: Bette-PC)
Description: application-specificLocalActivation{8BC3F05E-D86B-11D0-A075-00C04FB68820}Bette-

PCBetteS-1-5-21-3079715695-878179480-2839264254-1000LocalHost (Using LRPC)

Error: (02/01/2013 04:38:47 PM) (Source: DCOM) (User: Bette-PC)
Description: application-specificLocalActivation{8BC3F05E-D86B-11D0-A075-00C04FB68820}Bette-

PCBetteS-1-5-21-3079715695-878179480-2839264254-1000LocalHost (Using LRPC)


Microsoft Office Sessions:
=========================
Error: (02/01/2013 04:35:40 PM) (Source: MsiInstaller)(User: Bette-PC)
Description: Microsoft WorksSecurity Update for Microsoft Works 9 (KB2754670)1603(NULL)(NULL)

Error: (02/01/2013 04:35:39 PM) (Source: MsiInstaller)(User: Bette-PC)
Description: Product: Microsoft Works -- Error 1706.No valid source could be found for product

Microsoft Works. The Windows installer cannot continue.(NULL)(NULL)(NULL)(NULL)

Error: (02/01/2013 08:02:30 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance

ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/31/2013 07:59:49 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance

ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/30/2013 08:58:31 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance

ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/29/2013 10:04:35 PM) (Source: Application Hang)(User: )
Description: waol.exe9.6.0.210801cdfe3c73228760140

Error: (01/28/2013 10:38:50 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance

ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/28/2013 00:06:23 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance

ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/27/2013 08:05:03 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance

ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/26/2013 05:24:24 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance

ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
Date: 2013-01-29 00:10:05.851
Description: Code Integrity is unable to verify the image integrity of the file

\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-

binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys because the set of per-page

image hashes could not be found on the system.

Date: 2013-01-29 00:10:05.087
Description: Code Integrity is unable to verify the image integrity of the file

\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-

binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys because the set of per-page

image hashes could not be found on the system.

Date: 2013-01-29 00:10:04.276
Description: Code Integrity is unable to verify the image integrity of the file

\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-

binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys because the set of per-page

image hashes could not be found on the system.

Date: 2013-01-29 00:10:03.511
Description: Code Integrity is unable to verify the image integrity of the file

\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-

binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys because the set of per-page

image hashes could not be found on the system.

Date: 2013-01-29 00:10:02.747
Description: Code Integrity is unable to verify the image integrity of the file

\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-

binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys because the set of per-page

image hashes could not be found on the system.

Date: 2013-01-29 00:10:01.967
Description: Code Integrity is unable to verify the image integrity of the file

\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-

binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys because the set of per-page

image hashes could not be found on the system.

Date: 2013-01-29 00:09:43.216
Description: Code Integrity is unable to verify the image integrity of the file

\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-securestartup-

core_31bf3856ad364e35_6.0.6001.18000_none_34daa5e8f21ef8d2\fveapi.dll because the set of per-page

image hashes could not be found on the system.

Date: 2013-01-29 00:09:42.451
Description: Code Integrity is unable to verify the image integrity of the file

\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-securestartup-

core_31bf3856ad364e35_6.0.6001.18000_none_34daa5e8f21ef8d2\fveapi.dll because the set of per-page

image hashes could not be found on the system.

Date: 2013-01-29 00:09:41.640
Description: Code Integrity is unable to verify the image integrity of the file

\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-securestartup-

core_31bf3856ad364e35_6.0.6001.18000_none_34daa5e8f21ef8d2\fveapi.dll because the set of per-page

image hashes could not be found on the system.

Date: 2013-01-29 00:09:40.876
Description: Code Integrity is unable to verify the image integrity of the file

\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-securestartup-

core_31bf3856ad364e35_6.0.6001.18000_none_34daa5e8f21ef8d2\fveapi.dll because the set of per-page

image hashes could not be found on the system.


=========================== Installed Programs ============================

Acrobat.com (Version: 0.0.0)
Acrobat.com (Version: 1.1.377)
Actiontec Gateway
Adobe AIR (Version: 3.0.0.4080)
Adobe Flash Player 10 Plugin (Version: 10.0.32.18)
Adobe Flash Player 11 ActiveX (Version: 11.0.1.152)
Adobe Reader 9.5.3 (Version: 9.5.3)
AnswerWorks 5.0 English Runtime (Version: 008.000.0003)
AOL Mail and AIM Gadget (Version: 1.0.0)
AOL Toolbar
AOL Uninstaller (Choose which Products to Remove)
Auslogics Disk Defrag (Version: version 3.1)
Brother MFL-Pro Suite (Version: 1.00)
Browser Address Error Redirector (Version: 1.00.0000)
CCleaner (Version: 3.23)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Corel Visual Intelligence (Version: 1.0)
Coupon Printer for Windows (Version: 4.0)
Coupon Printer for Windows (Version: 5.0.0.0)
DealFinder (Version: 2.0.4)
Dell-eBay (Version: 1.00.0000)
Dell Best of Web (Version: 1.00.0000)
Dell DataSafe Online (Version: 1.2.0009)
Dell Dock (Version: 1.0.0)
Dell Driver Download Manager - 1 (Version: 2.1.0.0)
Dell Driver Download Manager (Version: 1.0.0.0)
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell Support Center (Support Software) (Version: 2.2.09085)
DELL0703 (Version: 1.0.0)
Download Updater (AOL LLC)
ffdshow [rev 2527] [2008-12-19] (Version: 1.0)
Free Registry Defrag
Google Chrome (Version: 24.0.1312.57)
Google Desktop (Version: 5.9.1005.12335)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3607.2246)
Google Update Helper (Version: 1.3.21.123)
Intel® Graphics Media Accelerator Driver
Intel® PRO Network Connections 12.1.11.0 (Version: )
Java™ 6 Update 16 (Version: 6.0.160)
Java™ 6 Update 17 (Version: 6.0.170)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft VC9 runtime libraries (Version: 1.0.0)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Works (Version: 9.7.0621)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Norton AntiVirus (Version: 19.9.0.9)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
OpenOffice.org 3.1 (Version: 3.1.9420)
PayPal Plug-In (Version: 2.2.26.0)
PayPal Plug-In (Version: 2.2.3.0)
Peachtree Complete Accounting 2005 (Version: 12.00.00)
PowerDVD (Version: 7.0)
Qwest Installer (Version: 1.0)
Qwest Quickcare 2.7 (Version: 2.7.1002.1512)
Realtek High Definition Audio Driver
Roxio Creator Audio (Version: 3.7.0)
Roxio Creator Copy (Version: 3.7.0)
Roxio Creator Data (Version: 3.7.0)
Roxio Creator DE (Version: 10.1)
Roxio Creator DE (Version: 3.7.0)
Roxio Creator Tools (Version: 3.7.0)
Roxio Express Labeler 3 (Version: 3.2.1)
Roxio Update Manager (Version: 6.0.0)
RTC Client API v1.2 (Version: 1.2.0000)
ShopAtHome.com Helper (Version: 7.0.1.0)
ShopAtHome.com Toolbar (Version: 7.0.1.0)
Stamps.com
Stamps.com (Version: 8.5.0.1920)
TurboTax 2008
TurboTax 2008 waziper (Version: 008.000.0118)
TurboTax 2008 WinPerFedFormset (Version: 008.000.0341)
TurboTax 2008 WinPerProgramHelp (Version: 008.000.0219)
TurboTax 2008 WinPerReleaseEngine (Version: 008.000.0197)
TurboTax 2008 WinPerTaxSupport (Version: 008.000.1007)
TurboTax 2008 WinPerUserEducation (Version: 008.000.0433)
TurboTax 2008 wrapper (Version: 008.000.0065)
TurboTax 2009
TurboTax 2009 waziper (Version: 009.000.0990)
TurboTax 2009 WinPerFedFormset (Version: 009.000.2881)
TurboTax 2009 WinPerReleaseEngine (Version: 009.000.0328)
TurboTax 2009 WinPerTaxSupport (Version: 009.000.0245)
TurboTax 2009 wrapper (Version: 009.000.0145)
TurboTax 2010
TurboTax 2010 waziper (Version: 010.000.1275)
TurboTax 2010 WinPerFedFormset (Version: 010.000.5821)
TurboTax 2010 WinPerReleaseEngine (Version: 010.000.0501)
TurboTax 2010 WinPerTaxSupport (Version: 010.000.0222)
TurboTax 2010 wrapper (Version: 010.000.0157)
TurboTax 2011
TurboTax 2011 waziper (Version: 011.000.1607)
TurboTax 2011 WinPerFedFormset (Version: 011.000.2999)
TurboTax 2011 WinPerReleaseEngine (Version: 011.000.0495)
TurboTax 2011 WinPerTaxSupport (Version: 011.000.0214)
TurboTax 2011 wrapper (Version: 011.000.0121)
Uninstall AOL Emergency Connect Utility 1.0
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Viewpoint Media Player
Vivitar Experience Image Manager
WildTangent Games (Version: 1.0.0.71)
WordPerfect Lightning - EN (Version: 1.0)
WordPerfect Lightning - IPM (Version: 1.0)
WordPerfect Lightning - Messages (Version: 1.0)
WordPerfect Lightning - MSOM (Version: 1.1)
WordPerfect Lightning (Version: 1.0)
WordPerfect Office X4
WordPerfect Office X4 - Common (Version: 14.0)
WordPerfect Office X4 - Content (Version: 14.0)
WordPerfect Office X4 - EN (Version: 14.0)
WordPerfect Office X4 - Filters (Version: 14.0)
WordPerfect Office X4 - Graphics (Version: 14.0)
WordPerfect Office X4 - ICA (Version: 14.0)
WordPerfect Office X4 - IPM (Version: 14.0)
WordPerfect Office X4 - IPM HSE EN (Version: 14.0)
WordPerfect Office X4 - Migration Manager (Version: 14.0)
WordPerfect Office X4 - PerfectExperts (Version: 14.0)
WordPerfect Office X4 - PR (Version: 14.0)
WordPerfect Office X4 - QP (Version: 14.0)
WordPerfect Office X4 - Skins (Version: 14.0)
WordPerfect Office X4 - System (Version: 14.0)
WordPerfect Office X4 - WP (Version: 14.0)
WordPerfect Office X4 (Version: 14.0)
WordPerfect OfficeReady (Version: 1.0)

========================= Memory info: ===================================

Percentage of memory in use: 62%
Total physical RAM: 2036.45 MB
Available physical RAM: 759.77 MB
Total Pagefile: 4309.99 MB
Available Pagefile: 2792.81 MB
Total Virtual: 2047.88 MB
Available Virtual: 1946.48 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:217.79 GB) (Free:152.21 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:15 GB) (Free:7.3 GB) NTFS
4 Drive f: () (Removable) (Total:1.87 GB) (Free:1.84 GB) FAT

========================= Users: ========================================

User accounts for \\BETTE-PC

Administrator Bette Guest


**** End of log ****






# AdwCleaner v2.109 - Logfile created 02/01/2013 at 16:46:43
# Updated 26/01/2013 by Xplode
# Operating system : Windows Vista ™ Home Basic Service Pack 2 (32 bits)
# User : Bette - BETTE-PC
# Boot Mode : Normal
# Running from : C:\Users\Bette\Desktop\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Users\Public\Desktop\eBay.lnk
Folder Deleted : C:\Program Files\Common Files\Software Update Utility
Folder Deleted : C:\Program Files\Viewpoint
Folder Deleted : C:\ProgramData\Viewpoint

***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-

48701376298E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App

Management\ARPCache\SoftwareUpdUtility
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App

Management\ARPCache\ViewpointMediaPlayer
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7B089B94-D1DC-4C6B-87E1-

8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D433A9D0-8267-40CB-8AD5-24F22FA5373F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler
Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdate
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Key Deleted : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook
Key Deleted : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1
Key Deleted : HKLM\Software\MetaStream
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-

00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-

AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-

49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-

87E1-8156E22C1D96}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18

\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18

\Components\305B09CE8C53A214DB58887F62F25536
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Deleted : HKLM\Software\Viewpoint
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{98279C38-DE4B-4BCF-

93C9-8EC26069D6F4}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Google Chrome v24.0.1312.57

File : C:\Users\Bette\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [7523 octets] - [01/02/2013 16:46:43]

########## EOF - C:\AdwCleaner[S1].txt - [7583 octets] ##########

#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:34 AM

Posted 02 February 2013 - 09:54 AM

This looks good now. I would just clean the Temp files now.

Please download TFC (Temp File Cleaner) by Old Timer and save it to your desktop.
alternate download link
  • Save any unsaved work. TFC will close ALL open programs including your browser!
  • Double-click on TFC.exe to run it. If you are using Vista, right-click on the file and choose Run As Administrator.
  • Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
  • TFC will clear out all temp folders for all user accounts (temp, IE temp, Java, FF, Opera, Chrome, Safari), including Administrator, All Users, LocalService, NetworkService, and any other accounts in the user folder.
  • Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway to ensure a complete clean.
Note: It is normal for the computer to be slow to boot after running TFC cleaner the first time.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 WECpoker

WECpoker
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:34 AM

Posted 02 February 2013 - 12:55 PM

This looks good now. I would just clean the Temp files now.


Thank You for your help. You guys are a bright spot in a tough World.

#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:34 AM

Posted 02 February 2013 - 09:43 PM

Thank you and thanks for visiting!
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users