Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Multiple Iexplore.exe in task manager


  • Please log in to reply
13 replies to this topic

#1 kg12

kg12

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:05 AM

Posted 10 June 2014 - 07:51 PM

Running XP.....got a virus last week that started multiple sessions of explorer, where videos and pop ups..ran several different malware removal tools and thought I got rid of everything. Pop ups are gone and explorer stopped running multiple windows. My problem now is iexplore.exe is running multiple processes in my task manager, computer is very slow now and programs shut down. I need help please in removing this virus or malware.

BC AdBot (Login to Remove)

 


m

#2 wpgwpg

wpgwpg

  • Members
  • 1,149 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:US of A
  • Local time:07:05 AM

Posted 10 June 2014 - 08:07 PM

 I'd back up any data I didn't want to lose, then restore to factory settings.  After that I'd strongly consider upgrading to Windows 7 or 8.1 or Linux since XP has been unsupported by MS for a couple of months now, and things are only going to get worse with it.  Linux is free and supported, and it runs well on XP computers.  The Mint and Ubuntu versions have Windows like user interfaces requiring little or no learning to start using, and they have Firefox and LibreOffice built in.

 

Good luck.


Everyone with a computer should back his system up to an external hard drive regularly.  :thumbsup:

#3 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,239 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:05 AM

Posted 10 June 2014 - 08:21 PM

If you have multiple IE processes open, and no IE windows open - then you've most likely got an infection that's "phoning home".

Then you should run these also

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



    Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • .
    .
    .
    ADW Cleaner

    Please download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
  • -- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on each one and uncheck any items you want to keep (except you cannot uncheck Chrome and Firefox preferences lines).


    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • .
    .
    .
    .
  • Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#4 kg12

kg12
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:05 AM

Posted 10 June 2014 - 08:27 PM

boopme,
I will complete these tasks tomorrow when I return to the office and get back at it. Thanks for the reply

#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,239 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:05 AM

Posted 10 June 2014 - 09:10 PM

OK.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 kg12

kg12
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:05 AM

Posted 11 June 2014 - 08:42 AM

boopme,

 

yesterday I installed a process blocker and I am blocking iexplore.exe process...it is working but that is just masking the problem, before i start your instructions do I need to remove the process blocker? should I remove the 5 different adware/malware programsI downloaded in teh past few days?



#7 kg12

kg12
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:05 AM

Posted 11 June 2014 - 04:28 PM

Here are the logs for everyhting but ESET...it is running now. I will post later..

Thanks

 

 

MiniToolBox by Farbar  Version: 11-06-2014
Ran by Viewer (administrator) on 11-06-2014 at 13:59:10
Running from "C:\Documents and Settings\Viewer\My Documents\Downloads"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


127.0.0.1       localhost

========================= IP Configuration: ================================

NVIDIA nForce Networking Controller = Local Area Connection (Connected)


# ----------------------------------
# Interface IP Configuration         
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=static addr=192.168.2.20 mask=255.255.255.0
set address name="Local Area Connection" gateway=192.168.2.1 gwmetric=0
set dns name="Local Area Connection" source=static addr=192.168.2.1 register=PRIMARY
set wins name="Local Area Connection" source=static addr=none


popd
# End of interface IP configuration




Windows IP Configuration



        Host Name . . . . . . . . . . . . : Viewer1

        Primary Dns Suffix  . . . . . . . :

        Node Type . . . . . . . . . . . . : Hybrid

        IP Routing Enabled. . . . . . . . : No

        WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter Local Area Connection:



        Connection-specific DNS Suffix  . :

        Description . . . . . . . . . . . : NVIDIA nForce Networking Controller

        Physical Address. . . . . . . . . : 00-1D-92-BC-04-3F

        Dhcp Enabled. . . . . . . . . . . : No

        IP Address. . . . . . . . . . . . : 192.168.2.20

        Subnet Mask . . . . . . . . . . . : 255.255.255.0

        Default Gateway . . . . . . . . . : 192.168.2.1

        DNS Servers . . . . . . . . . . . : 192.168.2.1

Server:  DD-WRT
Address:  192.168.2.1

Name:    google.com
Addresses:  65.196.188.21, 65.196.188.20, 65.196.188.27, 65.196.188.25
      65.196.188.22, 65.196.188.26, 65.196.188.23, 65.196.188.24



Pinging google.com [65.196.188.24] with 32 bytes of data:



Reply from 65.196.188.24: bytes=32 time=57ms TTL=59

Reply from 65.196.188.24: bytes=32 time=67ms TTL=59



Ping statistics for 65.196.188.24:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 57ms, Maximum = 67ms, Average = 62ms

Server:  DD-WRT
Address:  192.168.2.1

Name:    yahoo.com
Addresses:  206.190.36.45, 98.138.253.109, 98.139.183.24



Pinging yahoo.com [98.139.183.24] with 32 bytes of data:



Reply from 98.139.183.24: bytes=32 time=98ms TTL=53

Reply from 98.139.183.24: bytes=32 time=92ms TTL=53



Ping statistics for 98.139.183.24:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 92ms, Maximum = 98ms, Average = 95ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time=-9ms TTL=128

Reply from 127.0.0.1: bytes=32 time=-10ms TTL=128



Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = -10ms, Maximum = -9ms, Average = 2147483638ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 1d 92 bc 04 3f ...... NVIDIA nForce Networking Controller - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.2.1    192.168.2.20      20
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1      1
      192.168.2.0    255.255.255.0     192.168.2.20    192.168.2.20      20
     192.168.2.20  255.255.255.255        127.0.0.1       127.0.0.1      20
    192.168.2.255  255.255.255.255     192.168.2.20    192.168.2.20      20
        224.0.0.0        240.0.0.0     192.168.2.20    192.168.2.20      20
  255.255.255.255  255.255.255.255     192.168.2.20    192.168.2.20      1
Default Gateway:       192.168.2.1
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\system32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (06/10/2014 04:25:56 PM) (Source: SDFSSvc.exe) (User: )
Description: The service process could not connect to the service controller

Error: (06/10/2014 08:23:41 AM) (Source: Application Error) (User: )
Description: Faulting application explorer.exe, version 6.0.2900.5512, faulting module ntdll.dll, version 5.1.2600.6055, fault address 0x000673be.
Processing media-specific event for [explorer.exe!ws!]

Error: (06/09/2014 00:35:58 PM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle

Error: (06/09/2014 00:35:58 PM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle

Error: (06/09/2014 00:35:58 PM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle

Error: (06/09/2014 11:50:44 AM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle

Error: (06/09/2014 11:50:44 AM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle

Error: (06/09/2014 11:50:44 AM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle

Error: (06/09/2014 11:44:27 AM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle

Error: (06/09/2014 11:44:27 AM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle


System errors:
=============
Error: (06/11/2014 01:24:01 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
i8042prt

Error: (06/11/2014 11:16:07 AM) (Source: 0) (User: )
Description: \Device\Ide\IdePort0

Error: (06/10/2014 07:18:34 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
i8042prt

Error: (06/10/2014 07:18:34 PM) (Source: Service Control Manager) (User: )
Description: The Spybot-S&D 2 Security Center Service service failed to start due to the following error:
%%1053

Error: (06/10/2014 07:18:34 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the Spybot-S&D 2 Security Center Service service to connect.

Error: (06/10/2014 07:10:37 PM) (Source: 0) (User: )
Description: \Device\Ide\IdePort0

Error: (06/10/2014 07:09:23 PM) (Source: 0) (User: )
Description: \Device\Ide\IdePort0

Error: (06/10/2014 05:08:41 PM) (Source: 0) (User: )
Description: \Device\Ide\IdePort0

Error: (06/10/2014 04:45:21 PM) (Source: 0) (User: )
Description: \Device\Ide\IdePort0

Error: (06/10/2014 04:25:48 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
i8042prt


Microsoft Office Sessions:
=========================
Error: (06/10/2014 04:25:56 PM) (Source: SDFSSvc.exe)(User: )
Description: The service process could not connect to the service controller

Error: (06/10/2014 08:23:41 AM) (Source: Application Error)(User: )
Description: explorer.exe6.0.2900.5512ntdll.dll5.1.2600.6055000673be

Error: (06/09/2014 00:35:58 PM) (Source: QuickBooks)(User: )
Description: QuickBooksReturning NULL QBWinInstance Handle

Error: (06/09/2014 00:35:58 PM) (Source: QuickBooks)(User: )
Description: QuickBooksReturning NULL QBWinInstance Handle

Error: (06/09/2014 00:35:58 PM) (Source: QuickBooks)(User: )
Description: QuickBooksReturning NULL QBWinInstance Handle

Error: (06/09/2014 11:50:44 AM) (Source: QuickBooks)(User: )
Description: QuickBooksReturning NULL QBWinInstance Handle

Error: (06/09/2014 11:50:44 AM) (Source: QuickBooks)(User: )
Description: QuickBooksReturning NULL QBWinInstance Handle

Error: (06/09/2014 11:50:44 AM) (Source: QuickBooks)(User: )
Description: QuickBooksReturning NULL QBWinInstance Handle

Error: (06/09/2014 11:44:27 AM) (Source: QuickBooks)(User: )
Description: QuickBooksReturning NULL QBWinInstance Handle

Error: (06/09/2014 11:44:27 AM) (Source: QuickBooks)(User: )
Description: QuickBooksReturning NULL QBWinInstance Handle



=========================== Installed Programs ============================
Adobe AIR (HKLM\...\Adobe AIR) (Version: 2.7.1.19610 - Adobe Systems Incorporated)
Adobe AIR (Version: 2.7.1.19610 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 10 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 10.0.22.87 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.1.151 - Adobe Systems, Inc.)
Apple Application Support (HKLM\...\{EE6097DD-05F4-4178-9719-D3170BF098E8}) (Version: 1.4.1 - Apple Inc.)
Apple Software Update (HKLM\...\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}) (Version: 2.1.1.116 - Apple Inc.)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4592 - AVG Technologies)
AVG 2014 (Version: 14.0.3955 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4592 - AVG Technologies) Hidden
AVG Security Toolbar (HKLM\...\AVG Secure Search) (Version: 18.1.0.443 - AVG Technologies)
Catalina Savings Printer (HKLM\...\{37331C16-3E97-4A20-80D8-BFB43AB0E2FB}) (Version: 1.0.0 - Catalina Marketing Corp)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Dell Driver Download Manager (HKCU\...\f031ef6ac137efc5) (Version: 2.1.0.0 - Dell Inc.)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version:  - )
High Definition Audio Driver Package - KB888111 (HKLM\...\KB888111WXPSP2) (Version: 20040219.000000 - Microsoft Corporation)
iQ-VIEW 2.5.0.47 (HKLM\...\{FEBF864D-590C-489F-8F41-DC086F36CC99}) (Version: 2.5.0.47 - IMAGE Information Systems Ltd.)
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
join.me (HKCU\...\JoinMe) (Version: 1.7.0.131 - LogMeIn, Inc.)
Macrium Reflect Free Edition (HKLM\...\{7FD8A593-44BB-4B32-8164-601DE220256B}) (Version: 5.1.5870 - Paramount Software (UK) Ltd.)
MagSwipe Configuration Utility (HKLM\...\{80AE208A-51A4-474B-B354-7ED8FF168724}) (Version:  - )
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)
MediaShow 3.0 (HKLM\...\{D5A9B7C0-8751-11D8-9D75-000129760D75}) (Version:  - )
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version:  - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Base Smart Card Cryptographic Service Provider Package (HKLM\...\KB909520) (Version:  - Microsoft Corporation)
Microsoft Office 2003 Primary Interop Assemblies (HKLM\...\{91490409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.6553.0 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Management Objects (HKLM\...\{F5E87B12-3C27-452F-8E78-21D42164FD83}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime (HKLM\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime (Version: 8.0.60940.0 - Microsoft Corporation) Hidden
Mozilla Firefox 29.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 29.0.1 (x86 en-US)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 6.0 Parser (KB933579) (HKLM\...\{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}) (Version: 6.10.1200.0 - Microsoft Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5936 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.61.39 - NVIDIA Corporation)
NVIDIA PhysX (HKLM\...\{8A809006-C25A-4A3A-9DAB-94659BCDB107}) (Version: 9.10.0224 - NVIDIA Corporation)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
Pinnacle SeamLESS ™ (HKLM\...\{6CBA0F23-7F0F-4BCC-8137-CCEB713A7BCF}) (Version: 1.00.0000 - Pinnacle Management Group, Inc.)
Power2Go 4.0 (HKLM\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version:  - )
PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version:  - )
PowerProducer (HKLM\...\{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version:  - )
Process Blocker 1.0.1 (HKLM\...\{839344F7-B74B-4441-9493-0F13F5F276DB}) (Version: 1.0.1.0 - Softros Systems, Inc.)
QuickBooks (Version: 21.0.4014.904 - Intuit Inc.) Hidden
QuickBooks Premier: Accountant Edition 2011 (HKLM\...\{11E0AC7D-6823-4F67-865F-EE1C13D28C38}) (Version: 21.0.4014.904 - Intuit Inc.)
QuickTime (HKLM\...\{57752979-A1C9-4C02-856B-FBB27AC4E02C}) (Version: 7.69.80.9 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version:  - )
SeamLESS Accounting (HKCU\...\3de6b54b2198ebee) (Version: 3.1.3.2 - Pinnacle)
SQL Server System CLR Types (HKLM\...\{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}) (Version: 10.0.1600.22 - Microsoft Corporation)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2141007) (HKLM\...\KB2141007) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2467659) (HKLM\...\KB2467659) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2541763) (HKLM\...\KB2541763) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2607712) (HKLM\...\KB2607712) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2616676) (HKLM\...\KB2616676) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2641690) (HKLM\...\KB2641690) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2661254-v2) (HKLM\...\KB2661254-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB2718704) (HKLM\...\KB2718704) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2736233) (HKLM\...\KB2736233) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2863058) (HKLM\...\KB2863058) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2934207) (HKLM\...\KB2934207) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB951072-v2) (HKLM\...\KB951072-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB951978) (HKLM\...\KB951978) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB955839) (HKLM\...\KB955839) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB967715) (HKLM\...\KB967715) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971737) (HKLM\...\KB971737) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973687) (HKLM\...\KB973687) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB976749) (HKLM\...\KB976749) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB978207) (HKLM\...\KB978207) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB980182) (HKLM\...\KB980182) (Version: 1 - Microsoft Corporation)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version:  - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0059.1 - Microsoft Corporation)
Windows Imaging Component (HKLM\...\WIC) (Version: 3.0.0.0 - Microsoft Corporation)
Windows Presentation Foundation (Version: 3.0.6920.0 - Microsoft Corporation) Hidden
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
XML Paper Specification Shared Components Pack 1.0 (Version:  - Microsoft Corporation) Hidden

========================= Memory info: ===================================

Percentage of memory in use: 24%
Total physical RAM: 2047.25 MB
Available physical RAM: 1536.88 MB
Total Pagefile: 3331.59 MB
Available Pagefile: 2769.73 MB
Total Virtual: 2047.88 MB
Available Virtual: 1986.84 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:298.09 GB) (Free:227.24 GB) NTFS
2 Drive d: (QBPREM2014R3) (CDROM) (Total:0.59 GB) (Free:0 GB) CDFS

========================= Users: ========================================

User accounts for \\VIEWER1

Administrator            ASPNET                   Guest                    
HelpAssistant            IUSR_VIEWER1             IWAM_VIEWER1             
QB temp                  QBDataServiceUser21      SUPPORT_388945a0         
Viewer                   


**** End of log ****
MiniToolBox by Farbar  Version: 11-06-2014
Ran by Viewer (administrator) on 11-06-2014 at 13:59:10
Running from "C:\Documents and Settings\Viewer\My Documents\Downloads"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


127.0.0.1       localhost

========================= IP Configuration: ================================

NVIDIA nForce Networking Controller = Local Area Connection (Connected)


# ----------------------------------
# Interface IP Configuration         
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=static addr=192.168.2.20 mask=255.255.255.0
set address name="Local Area Connection" gateway=192.168.2.1 gwmetric=0
set dns name="Local Area Connection" source=static addr=192.168.2.1 register=PRIMARY
set wins name="Local Area Connection" source=static addr=none


popd
# End of interface IP configuration




Windows IP Configuration



        Host Name . . . . . . . . . . . . : Viewer1

        Primary Dns Suffix  . . . . . . . :

        Node Type . . . . . . . . . . . . : Hybrid

        IP Routing Enabled. . . . . . . . : No

        WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter Local Area Connection:



        Connection-specific DNS Suffix  . :

        Description . . . . . . . . . . . : NVIDIA nForce Networking Controller

        Physical Address. . . . . . . . . : 00-1D-92-BC-04-3F

        Dhcp Enabled. . . . . . . . . . . : No

        IP Address. . . . . . . . . . . . : 192.168.2.20

        Subnet Mask . . . . . . . . . . . : 255.255.255.0

        Default Gateway . . . . . . . . . : 192.168.2.1

        DNS Servers . . . . . . . . . . . : 192.168.2.1

Server:  DD-WRT
Address:  192.168.2.1

Name:    google.com
Addresses:  65.196.188.21, 65.196.188.20, 65.196.188.27, 65.196.188.25
      65.196.188.22, 65.196.188.26, 65.196.188.23, 65.196.188.24



Pinging google.com [65.196.188.24] with 32 bytes of data:



Reply from 65.196.188.24: bytes=32 time=57ms TTL=59

Reply from 65.196.188.24: bytes=32 time=67ms TTL=59



Ping statistics for 65.196.188.24:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 57ms, Maximum = 67ms, Average = 62ms

Server:  DD-WRT
Address:  192.168.2.1

Name:    yahoo.com
Addresses:  206.190.36.45, 98.138.253.109, 98.139.183.24



Pinging yahoo.com [98.139.183.24] with 32 bytes of data:



Reply from 98.139.183.24: bytes=32 time=98ms TTL=53

Reply from 98.139.183.24: bytes=32 time=92ms TTL=53



Ping statistics for 98.139.183.24:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 92ms, Maximum = 98ms, Average = 95ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time=-9ms TTL=128

Reply from 127.0.0.1: bytes=32 time=-10ms TTL=128



Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = -10ms, Maximum = -9ms, Average = 2147483638ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 1d 92 bc 04 3f ...... NVIDIA nForce Networking Controller - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.2.1    192.168.2.20      20
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1      1
      192.168.2.0    255.255.255.0     192.168.2.20    192.168.2.20      20
     192.168.2.20  255.255.255.255        127.0.0.1       127.0.0.1      20
    192.168.2.255  255.255.255.255     192.168.2.20    192.168.2.20      20
        224.0.0.0        240.0.0.0     192.168.2.20    192.168.2.20      20
  255.255.255.255  255.255.255.255     192.168.2.20    192.168.2.20      1
Default Gateway:       192.168.2.1
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\system32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (06/10/2014 04:25:56 PM) (Source: SDFSSvc.exe) (User: )
Description: The service process could not connect to the service controller

Error: (06/10/2014 08:23:41 AM) (Source: Application Error) (User: )
Description: Faulting application explorer.exe, version 6.0.2900.5512, faulting module ntdll.dll, version 5.1.2600.6055, fault address 0x000673be.
Processing media-specific event for [explorer.exe!ws!]

Error: (06/09/2014 00:35:58 PM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle

Error: (06/09/2014 00:35:58 PM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle

Error: (06/09/2014 00:35:58 PM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle

Error: (06/09/2014 11:50:44 AM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle

Error: (06/09/2014 11:50:44 AM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle

Error: (06/09/2014 11:50:44 AM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle

Error: (06/09/2014 11:44:27 AM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle

Error: (06/09/2014 11:44:27 AM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle


System errors:
=============
Error: (06/11/2014 01:24:01 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
i8042prt

Error: (06/11/2014 11:16:07 AM) (Source: 0) (User: )
Description: \Device\Ide\IdePort0

Error: (06/10/2014 07:18:34 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
i8042prt

Error: (06/10/2014 07:18:34 PM) (Source: Service Control Manager) (User: )
Description: The Spybot-S&D 2 Security Center Service service failed to start due to the following error:
%%1053

Error: (06/10/2014 07:18:34 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the Spybot-S&D 2 Security Center Service service to connect.

Error: (06/10/2014 07:10:37 PM) (Source: 0) (User: )
Description: \Device\Ide\IdePort0

Error: (06/10/2014 07:09:23 PM) (Source: 0) (User: )
Description: \Device\Ide\IdePort0

Error: (06/10/2014 05:08:41 PM) (Source: 0) (User: )
Description: \Device\Ide\IdePort0

Error: (06/10/2014 04:45:21 PM) (Source: 0) (User: )
Description: \Device\Ide\IdePort0

Error: (06/10/2014 04:25:48 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
i8042prt


Microsoft Office Sessions:
=========================
Error: (06/10/2014 04:25:56 PM) (Source: SDFSSvc.exe)(User: )
Description: The service process could not connect to the service controller

Error: (06/10/2014 08:23:41 AM) (Source: Application Error)(User: )
Description: explorer.exe6.0.2900.5512ntdll.dll5.1.2600.6055000673be

Error: (06/09/2014 00:35:58 PM) (Source: QuickBooks)(User: )
Description: QuickBooksReturning NULL QBWinInstance Handle

Error: (06/09/2014 00:35:58 PM) (Source: QuickBooks)(User: )
Description: QuickBooksReturning NULL QBWinInstance Handle

Error: (06/09/2014 00:35:58 PM) (Source: QuickBooks)(User: )
Description: QuickBooksReturning NULL QBWinInstance Handle

Error: (06/09/2014 11:50:44 AM) (Source: QuickBooks)(User: )
Description: QuickBooksReturning NULL QBWinInstance Handle

Error: (06/09/2014 11:50:44 AM) (Source: QuickBooks)(User: )
Description: QuickBooksReturning NULL QBWinInstance Handle

Error: (06/09/2014 11:50:44 AM) (Source: QuickBooks)(User: )
Description: QuickBooksReturning NULL QBWinInstance Handle

Error: (06/09/2014 11:44:27 AM) (Source: QuickBooks)(User: )
Description: QuickBooksReturning NULL QBWinInstance Handle

Error: (06/09/2014 11:44:27 AM) (Source: QuickBooks)(User: )
Description: QuickBooksReturning NULL QBWinInstance Handle



=========================== Installed Programs ============================
Adobe AIR (HKLM\...\Adobe AIR) (Version: 2.7.1.19610 - Adobe Systems Incorporated)
Adobe AIR (Version: 2.7.1.19610 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 10 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 10.0.22.87 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.1.151 - Adobe Systems, Inc.)
Apple Application Support (HKLM\...\{EE6097DD-05F4-4178-9719-D3170BF098E8}) (Version: 1.4.1 - Apple Inc.)
Apple Software Update (HKLM\...\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}) (Version: 2.1.1.116 - Apple Inc.)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4592 - AVG Technologies)
AVG 2014 (Version: 14.0.3955 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4592 - AVG Technologies) Hidden
AVG Security Toolbar (HKLM\...\AVG Secure Search) (Version: 18.1.0.443 - AVG Technologies)
Catalina Savings Printer (HKLM\...\{37331C16-3E97-4A20-80D8-BFB43AB0E2FB}) (Version: 1.0.0 - Catalina Marketing Corp)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Dell Driver Download Manager (HKCU\...\f031ef6ac137efc5) (Version: 2.1.0.0 - Dell Inc.)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version:  - )
High Definition Audio Driver Package - KB888111 (HKLM\...\KB888111WXPSP2) (Version: 20040219.000000 - Microsoft Corporation)
iQ-VIEW 2.5.0.47 (HKLM\...\{FEBF864D-590C-489F-8F41-DC086F36CC99}) (Version: 2.5.0.47 - IMAGE Information Systems Ltd.)
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
join.me (HKCU\...\JoinMe) (Version: 1.7.0.131 - LogMeIn, Inc.)
Macrium Reflect Free Edition (HKLM\...\{7FD8A593-44BB-4B32-8164-601DE220256B}) (Version: 5.1.5870 - Paramount Software (UK) Ltd.)
MagSwipe Configuration Utility (HKLM\...\{80AE208A-51A4-474B-B354-7ED8FF168724}) (Version:  - )
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)
MediaShow 3.0 (HKLM\...\{D5A9B7C0-8751-11D8-9D75-000129760D75}) (Version:  - )
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version:  - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Base Smart Card Cryptographic Service Provider Package (HKLM\...\KB909520) (Version:  - Microsoft Corporation)
Microsoft Office 2003 Primary Interop Assemblies (HKLM\...\{91490409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.6553.0 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Management Objects (HKLM\...\{F5E87B12-3C27-452F-8E78-21D42164FD83}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime (HKLM\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime (Version: 8.0.60940.0 - Microsoft Corporation) Hidden
Mozilla Firefox 29.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 29.0.1 (x86 en-US)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 6.0 Parser (KB933579) (HKLM\...\{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}) (Version: 6.10.1200.0 - Microsoft Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5936 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.61.39 - NVIDIA Corporation)
NVIDIA PhysX (HKLM\...\{8A809006-C25A-4A3A-9DAB-94659BCDB107}) (Version: 9.10.0224 - NVIDIA Corporation)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
Pinnacle SeamLESS ™ (HKLM\...\{6CBA0F23-7F0F-4BCC-8137-CCEB713A7BCF}) (Version: 1.00.0000 - Pinnacle Management Group, Inc.)
Power2Go 4.0 (HKLM\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version:  - )
PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version:  - )
PowerProducer (HKLM\...\{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version:  - )
Process Blocker 1.0.1 (HKLM\...\{839344F7-B74B-4441-9493-0F13F5F276DB}) (Version: 1.0.1.0 - Softros Systems, Inc.)
QuickBooks (Version: 21.0.4014.904 - Intuit Inc.) Hidden
QuickBooks Premier: Accountant Edition 2011 (HKLM\...\{11E0AC7D-6823-4F67-865F-EE1C13D28C38}) (Version: 21.0.4014.904 - Intuit Inc.)
QuickTime (HKLM\...\{57752979-A1C9-4C02-856B-FBB27AC4E02C}) (Version: 7.69.80.9 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version:  - )
SeamLESS Accounting (HKCU\...\3de6b54b2198ebee) (Version: 3.1.3.2 - Pinnacle)
SQL Server System CLR Types (HKLM\...\{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}) (Version: 10.0.1600.22 - Microsoft Corporation)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2141007) (HKLM\...\KB2141007) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2467659) (HKLM\...\KB2467659) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2541763) (HKLM\...\KB2541763) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2607712) (HKLM\...\KB2607712) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2616676) (HKLM\...\KB2616676) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2641690) (HKLM\...\KB2641690) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2661254-v2) (HKLM\...\KB2661254-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB2718704) (HKLM\...\KB2718704) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2736233) (HKLM\...\KB2736233) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2863058) (HKLM\...\KB2863058) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2934207) (HKLM\...\KB2934207) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB951072-v2) (HKLM\...\KB951072-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB951978) (HKLM\...\KB951978) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB955839) (HKLM\...\KB955839) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB967715) (HKLM\...\KB967715) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971737) (HKLM\...\KB971737) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973687) (HKLM\...\KB973687) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB976749) (HKLM\...\KB976749) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB978207) (HKLM\...\KB978207) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB980182) (HKLM\...\KB980182) (Version: 1 - Microsoft Corporation)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version:  - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0059.1 - Microsoft Corporation)
Windows Imaging Component (HKLM\...\WIC) (Version: 3.0.0.0 - Microsoft Corporation)
Windows Presentation Foundation (Version: 3.0.6920.0 - Microsoft Corporation) Hidden
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
XML Paper Specification Shared Components Pack 1.0 (Version:  - Microsoft Corporation) Hidden

========================= Memory info: ===================================

Percentage of memory in use: 24%
Total physical RAM: 2047.25 MB
Available physical RAM: 1536.88 MB
Total Pagefile: 3331.59 MB
Available Pagefile: 2769.73 MB
Total Virtual: 2047.88 MB
Available Virtual: 1986.84 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:298.09 GB) (Free:227.24 GB) NTFS
2 Drive d: (QBPREM2014R3) (CDROM) (Total:0.59 GB) (Free:0 GB) CDFS

========================= Users: ========================================

User accounts for \\VIEWER1

Administrator            ASPNET                   Guest                    
HelpAssistant            IUSR_VIEWER1             IWAM_VIEWER1             
QB temp                  QBDataServiceUser21      SUPPORT_388945a0         
Viewer                   


**** End of log ****

MiniToolBox by Farbar  Version: 11-06-2014

Ran by Viewer (administrator) on 11-06-2014 at 13:59:10

Running from "C:\Documents and Settings\Viewer\My Documents\Downloads"

Microsoft Windows XP Professional Service Pack 3 (X86)

Boot Mode: Normal

***************************************************************************

========================= Flush DNS: ===================================

 

Windows IP Configuration

 

 

Successfully flushed the DNS Resolver Cache.

 

========================= IE Proxy Settings: ==============================

Proxy is not enabled.

No Proxy Server is set.

 

"Reset IE Proxy Settings": IE Proxy Settings were reset.

 

========================= FF Proxy Settings: ==============================

 

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

 

127.0.0.1       localhost

 

========================= IP Configuration: ================================

 

NVIDIA nForce Networking Controller = Local Area Connection (Connected)

 

# ----------------------------------

# Interface IP Configuration        

# ----------------------------------

pushd interface ip

 

# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=static addr=192.168.2.20 mask=255.255.255.0

set address name="Local Area Connection" gateway=192.168.2.1 gwmetric=0

set dns name="Local Area Connection" source=static addr=192.168.2.1 register=PRIMARY

set wins name="Local Area Connection" source=static addr=none

 

popd

# End of interface IP configuration

 

 

Windows IP Configuration

 

        Host Name . . . . . . . . . . . . : Viewer1

        Primary Dns Suffix  . . . . . . . :

        Node Type . . . . . . . . . . . . : Hybrid

        IP Routing Enabled. . . . . . . . : No

        WINS Proxy Enabled. . . . . . . . : No

 

Ethernet adapter Local Area Connection:

 

        Connection-specific DNS Suffix  . :

        Description . . . . . . . . . . . : NVIDIA nForce Networking Controller

        Physical Address. . . . . . . . . : 00-1D-92-BC-04-3F

        Dhcp Enabled. . . . . . . . . . . : No

        IP Address. . . . . . . . . . . . : 192.168.2.20

        Subnet Mask . . . . . . . . . . . : 255.255.255.0

        Default Gateway . . . . . . . . . : 192.168.2.1

        DNS Servers . . . . . . . . . . . : 192.168.2.1

Server:  DD-WRT

Address:  192.168.2.1

 

Name:    google.com

Addresses:  65.196.188.21, 65.196.188.20, 65.196.188.27, 65.196.188.25

   65.196.188.22, 65.196.188.26, 65.196.188.23, 65.196.188.24

 

 

Pinging google.com [65.196.188.24] with 32 bytes of data:

 

 

Reply from 65.196.188.24: bytes=32 time=57ms TTL=59

 

Reply from 65.196.188.24: bytes=32 time=67ms TTL=59

 

 

Ping statistics for 65.196.188.24:

 

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

 

Approximate round trip times in milli-seconds:

 

    Minimum = 57ms, Maximum = 67ms, Average = 62ms

 

Server:  DD-WRT

Address:  192.168.2.1

Name:    yahoo.com

Addresses:  206.190.36.45, 98.138.253.109, 98.139.183.24

 

 

Pinging yahoo.com [98.139.183.24] with 32 bytes of data:

 

 

Reply from 98.139.183.24: bytes=32 time=98ms TTL=53

 

Reply from 98.139.183.24: bytes=32 time=92ms TTL=53

 

 

Ping statistics for 98.139.183.24:

 

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

 

Approximate round trip times in milli-seconds:

 

    Minimum = 92ms, Maximum = 98ms, Average = 95ms

 

 

Pinging 127.0.0.1 with 32 bytes of data:

 

 

Reply from 127.0.0.1: bytes=32 time=-9ms TTL=128

 

Reply from 127.0.0.1: bytes=32 time=-10ms TTL=128

 

 

Ping statistics for 127.0.0.1:

 

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

 

Approximate round trip times in milli-seconds:

 

    Minimum = -10ms, Maximum = -9ms, Average = 2147483638ms

 

===========================================================================

Interface List

0x1 ........................... MS TCP Loopback interface

0x2 ...00 1d 92 bc 04 3f ...... NVIDIA nForce Networking Controller - Packet Scheduler Miniport

===========================================================================

===========================================================================

Active Routes:

Network Destination        Netmask          Gateway       Interface  Metric

          0.0.0.0          0.0.0.0      192.168.2.1    192.168.2.20   20

        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1   1

      192.168.2.0    255.255.255.0     192.168.2.20    192.168.2.20   20

     192.168.2.20  255.255.255.255        127.0.0.1       127.0.0.1   20

    192.168.2.255  255.255.255.255     192.168.2.20    192.168.2.20   20

        224.0.0.0        240.0.0.0     192.168.2.20    192.168.2.20   20

  255.255.255.255  255.255.255.255     192.168.2.20    192.168.2.20   1

Default Gateway:       192.168.2.1

===========================================================================

Persistent Routes:

  None

========================= Winsock entries =====================================

Catalog5 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog5 02 C:\WINDOWS\system32\winrnr.dll [16896] (Microsoft Corporation)

Catalog5 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 02 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 04 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)

Catalog9 05 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)

Catalog9 06 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 07 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 08 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 09 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 10 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 11 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

 

========================= Event log errors: ===============================

 

Application errors:

==================

Error: (06/10/2014 04:25:56 PM) (Source: SDFSSvc.exe) (User: )

Description: The service process could not connect to the service controller

Error: (06/10/2014 08:23:41 AM) (Source: Application Error) (User: )

Description: Faulting application explorer.exe, version 6.0.2900.5512, faulting module ntdll.dll, version 5.1.2600.6055, fault address 0x000673be.

Processing media-specific event for [explorer.exe!ws!]

Error: (06/09/2014 00:35:58 PM) (Source: QuickBooks) (User: )

Description: An unexpected error has occured in "QuickBooks":

Returning NULL QBWinInstance Handle

Error: (06/09/2014 00:35:58 PM) (Source: QuickBooks) (User: )

Description: An unexpected error has occured in "QuickBooks":

Returning NULL QBWinInstance Handle

Error: (06/09/2014 00:35:58 PM) (Source: QuickBooks) (User: )

Description: An unexpected error has occured in "QuickBooks":

Returning NULL QBWinInstance Handle

Error: (06/09/2014 11:50:44 AM) (Source: QuickBooks) (User: )

Description: An unexpected error has occured in "QuickBooks":

Returning NULL QBWinInstance Handle

Error: (06/09/2014 11:50:44 AM) (Source: QuickBooks) (User: )

Description: An unexpected error has occured in "QuickBooks":

Returning NULL QBWinInstance Handle

Error: (06/09/2014 11:50:44 AM) (Source: QuickBooks) (User: )

Description: An unexpected error has occured in "QuickBooks":

Returning NULL QBWinInstance Handle

Error: (06/09/2014 11:44:27 AM) (Source: QuickBooks) (User: )

Description: An unexpected error has occured in "QuickBooks":

Returning NULL QBWinInstance Handle

Error: (06/09/2014 11:44:27 AM) (Source: QuickBooks) (User: )

Description: An unexpected error has occured in "QuickBooks":

Returning NULL QBWinInstance Handle

 

System errors:

=============

Error: (06/11/2014 01:24:01 PM) (Source: Service Control Manager) (User: )

Description: The following boot-start or system-start driver(s) failed to load:

i8042prt

 

Error: (06/11/2014 11:16:07 AM) (Source: 0) (User: )

Description: \Device\Ide\IdePort0

Error: (06/10/2014 07:18:34 PM) (Source: Service Control Manager) (User: )

Description: The following boot-start or system-start driver(s) failed to load:

i8042prt

Error: (06/10/2014 07:18:34 PM) (Source: Service Control Manager) (User: )

Description: The Spybot-S&D 2 Security Center Service service failed to start due to the following error:

%%1053

Error: (06/10/2014 07:18:34 PM) (Source: Service Control Manager) (User: )

Description: Timeout (30000 milliseconds) waiting for the Spybot-S&D 2 Security Center Service service to connect.

 

Error: (06/10/2014 07:10:37 PM) (Source: 0) (User: )

Description: \Device\Ide\IdePort0

Error: (06/10/2014 07:09:23 PM) (Source: 0) (User: )

Description: \Device\Ide\IdePort0

 

Error: (06/10/2014 05:08:41 PM) (Source: 0) (User: )

Description: \Device\Ide\IdePort0

Error: (06/10/2014 04:45:21 PM) (Source: 0) (User: )

Description: \Device\Ide\IdePort0

 

Error: (06/10/2014 04:25:48 PM) (Source: Service Control Manager) (User: )

Description: The following boot-start or system-start driver(s) failed to load:

i8042prt

 

Microsoft Office Sessions:

=========================

Error: (06/10/2014 04:25:56 PM) (Source: SDFSSvc.exe)(User: )

Description: The service process could not connect to the service controller

 

Error: (06/10/2014 08:23:41 AM) (Source: Application Error)(User: )

Description: explorer.exe6.0.2900.5512ntdll.dll5.1.2600.6055000673be

Error: (06/09/2014 00:35:58 PM) (Source: QuickBooks)(User: )

Description: QuickBooksReturning NULL QBWinInstance Handle

 

Error: (06/09/2014 00:35:58 PM) (Source: QuickBooks)(User: )

Description: QuickBooksReturning NULL QBWinInstance Handle

Error: (06/09/2014 00:35:58 PM) (Source: QuickBooks)(User: )

Description: QuickBooksReturning NULL QBWinInstance Handle

 

Error: (06/09/2014 11:50:44 AM) (Source: QuickBooks)(User: )

Description: QuickBooksReturning NULL QBWinInstance Handle

Error: (06/09/2014 11:50:44 AM) (Source: QuickBooks)(User: )

Description: QuickBooksReturning NULL QBWinInstance Handle

 

Error: (06/09/2014 11:50:44 AM) (Source: QuickBooks)(User: )

Description: QuickBooksReturning NULL QBWinInstance Handle

Error: (06/09/2014 11:44:27 AM) (Source: QuickBooks)(User: )

Description: QuickBooksReturning NULL QBWinInstance Handle

 

Error: (06/09/2014 11:44:27 AM) (Source: QuickBooks)(User: )

Description: QuickBooksReturning NULL QBWinInstance Handle

 

=========================== Installed Programs ============================

Adobe AIR (HKLM\...\Adobe AIR) (Version: 2.7.1.19610 - Adobe Systems Incorporated)

Adobe AIR (Version: 2.7.1.19610 - Adobe Systems Incorporated) Hidden

Adobe Flash Player 10 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 10.0.22.87 - Adobe Systems Incorporated)

Adobe Flash Player 13 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)

Adobe Reader XI (11.0.07) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)

Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.1.151 - Adobe Systems, Inc.)

Apple Application Support (HKLM\...\{EE6097DD-05F4-4178-9719-D3170BF098E8}) (Version: 1.4.1 - Apple Inc.)

Apple Software Update (HKLM\...\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}) (Version: 2.1.1.116 - Apple Inc.)

AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4592 - AVG Technologies)

AVG 2014 (Version: 14.0.3955 - AVG Technologies) Hidden

AVG 2014 (Version: 14.0.4592 - AVG Technologies) Hidden

AVG Security Toolbar (HKLM\...\AVG Secure Search) (Version: 18.1.0.443 - AVG Technologies)

Catalina Savings Printer (HKLM\...\{37331C16-3E97-4A20-80D8-BFB43AB0E2FB}) (Version: 1.0.0 - Catalina Marketing Corp)

Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)

Dell Driver Download Manager (HKCU\...\f031ef6ac137efc5) (Version: 2.1.0.0 - Dell Inc.)

ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version:  - )

High Definition Audio Driver Package - KB888111 (HKLM\...\KB888111WXPSP2) (Version: 20040219.000000 - Microsoft Corporation)

iQ-VIEW 2.5.0.47 (HKLM\...\{FEBF864D-590C-489F-8F41-DC086F36CC99}) (Version: 2.5.0.47 - IMAGE Information Systems Ltd.)

Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.510 - Oracle)

Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden

join.me (HKCU\...\JoinMe) (Version: 1.7.0.131 - LogMeIn, Inc.)

Macrium Reflect Free Edition (HKLM\...\{7FD8A593-44BB-4B32-8164-601DE220256B}) (Version: 5.1.5870 - Paramount Software (UK) Ltd.)

MagSwipe Configuration Utility (HKLM\...\{80AE208A-51A4-474B-B354-7ED8FF168724}) (Version:  - )

Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)

McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)

MediaShow 3.0 (HKLM\...\{D5A9B7C0-8751-11D8-9D75-000129760D75}) (Version:  - )

Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )

Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden

Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version:  - )

Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version:  - )

Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version:  - )

Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)

Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)

Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)

Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)

Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden

Microsoft Base Smart Card Cryptographic Service Provider Package (HKLM\...\KB909520) (Version:  - Microsoft Corporation)

Microsoft Office 2003 Primary Interop Assemblies (HKLM\...\{91490409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.6553.0 - Microsoft Corporation)

Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)

Microsoft Office Professional Edition 2003 (HKLM\...\{90110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)

Microsoft SQL Server 2008 Management Objects (HKLM\...\{F5E87B12-3C27-452F-8E78-21D42164FD83}) (Version: 10.0.1600.22 - Microsoft Corporation)

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual Studio 2005 Tools for Office Runtime (HKLM\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)

Microsoft Visual Studio 2005 Tools for Office Runtime (Version: 8.0.60940.0 - Microsoft Corporation) Hidden

Mozilla Firefox 29.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 29.0.1 (x86 en-US)) (Version: 29.0.1 - Mozilla)

Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)

MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)

MSXML 6.0 Parser (KB933579) (HKLM\...\{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}) (Version: 6.10.1200.0 - Microsoft Corporation)

NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5936 - NVIDIA Corporation)

NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.61.39 - NVIDIA Corporation)

NVIDIA PhysX (HKLM\...\{8A809006-C25A-4A3A-9DAB-94659BCDB107}) (Version: 9.10.0224 - NVIDIA Corporation)

OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden

Pinnacle SeamLESS ™ (HKLM\...\{6CBA0F23-7F0F-4BCC-8137-CCEB713A7BCF}) (Version: 1.00.0000 - Pinnacle Management Group, Inc.)

Power2Go 4.0 (HKLM\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version:  - )

PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version:  - )

PowerProducer (HKLM\...\{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version:  - )

Process Blocker 1.0.1 (HKLM\...\{839344F7-B74B-4441-9493-0F13F5F276DB}) (Version: 1.0.1.0 - Softros Systems, Inc.)

QuickBooks (Version: 21.0.4014.904 - Intuit Inc.) Hidden

QuickBooks Premier: Accountant Edition 2011 (HKLM\...\{11E0AC7D-6823-4F67-865F-EE1C13D28C38}) (Version: 21.0.4014.904 - Intuit Inc.)

QuickTime (HKLM\...\{57752979-A1C9-4C02-856B-FBB27AC4E02C}) (Version: 7.69.80.9 - Apple Inc.)

Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version:  - )

SeamLESS Accounting (HKCU\...\3de6b54b2198ebee) (Version: 3.1.3.2 - Pinnacle)

SQL Server System CLR Types (HKLM\...\{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}) (Version: 10.0.1600.22 - Microsoft Corporation)

swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden

Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB2141007) (HKLM\...\KB2141007) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB2467659) (HKLM\...\KB2467659) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB2541763) (HKLM\...\KB2541763) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB2607712) (HKLM\...\KB2607712) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB2616676) (HKLM\...\KB2616676) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB2641690) (HKLM\...\KB2641690) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB2661254-v2) (HKLM\...\KB2661254-v2) (Version: 2 - Microsoft Corporation)

Update for Windows XP (KB2718704) (HKLM\...\KB2718704) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB2736233) (HKLM\...\KB2736233) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB2863058) (HKLM\...\KB2863058) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB2934207) (HKLM\...\KB2934207) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB951072-v2) (HKLM\...\KB951072-v2) (Version: 2 - Microsoft Corporation)

Update for Windows XP (KB951978) (HKLM\...\KB951978) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB955839) (HKLM\...\KB955839) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB967715) (HKLM\...\KB967715) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB971737) (HKLM\...\KB971737) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB973687) (HKLM\...\KB973687) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB976749) (HKLM\...\KB976749) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB978207) (HKLM\...\KB978207) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB980182) (HKLM\...\KB980182) (Version: 1 - Microsoft Corporation)

Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)

WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden

Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)

Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version:  - Microsoft Corporation)

Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0059.1 - Microsoft Corporation)

Windows Imaging Component (HKLM\...\WIC) (Version: 3.0.0.0 - Microsoft Corporation)

Windows Presentation Foundation (Version: 3.0.6920.0 - Microsoft Corporation) Hidden

Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)

XML Paper Specification Shared Components Pack 1.0 (Version:  - Microsoft Corporation) Hidden

 

========================= Memory info: ===================================

 

Percentage of memory in use: 24%

Total physical RAM: 2047.25 MB

Available physical RAM: 1536.88 MB

Total Pagefile: 3331.59 MB

Available Pagefile: 2769.73 MB

Total Virtual: 2047.88 MB

Available Virtual: 1986.84 MB

 

========================= Partitions: =====================================

 

1 Drive c: () (Fixed) (Total:298.09 GB) (Free:227.24 GB) NTFS

2 Drive d: (QBPREM2014R3) (CDROM) (Total:0.59 GB) (Free:0 GB) CDFS

========================= Users: ========================================

User accounts for \\VIEWER1

Administrator            ASPNET                   Guest                   

HelpAssistant            IUSR_VIEWER1             IWAM_VIEWER1            

QB temp                  QBDataServiceUser21      SUPPORT_388945a0        

Viewer                  

 

**** End of log ****

# AdwCleaner v3.212 - Report created 11/06/2014 at 14:21:56

# Updated 05/06/2014 by Xplode

# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)

# Username : Viewer - VIEWER1

# Running from : C:\Documents and Settings\Viewer\My Documents\Downloads\AdwCleaner.exe

# Option : Clean

***** [ Services ] *****

Service Deleted : vToolbarUpdater18.1.0

***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Application Data\apn

Folder Deleted : C:\Documents and Settings\All Users\Application Data\Ask

Folder Deleted : C:\Documents and Settings\All Users\Application Data\AVG Secure Search

Folder Deleted : C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar

Folder Deleted : C:\Program Files\AVG Secure Search

Folder Deleted : C:\Program Files\Common Files\AVG Secure Search

Folder Deleted : C:\Documents and Settings\Guest\Local Settings\Application Data\AskToolbar

Folder Deleted : C:\Documents and Settings\Guest\Local Settings\Application Data\AVG Secure Search

Folder Deleted : C:\Documents and Settings\Guest\Application Data\AVG Secure Search

Folder Deleted : C:\Documents and Settings\QB temp\Local Settings\Application Data\AskToolbar

Folder Deleted : C:\Documents and Settings\QB temp\Local Settings\Application Data\AVG Secure Search

Folder Deleted : C:\Documents and Settings\QB temp\Local Settings\Application Data\AVG Security Toolbar

Folder Deleted : C:\Documents and Settings\QB temp\Application Data\AVG Secure Search

Folder Deleted : C:\Documents and Settings\Viewer\Local Settings\Application Data\AVG Secure Search

Folder Deleted : C:\Documents and Settings\Viewer\Local Settings\Application Data\AVG Security Toolbar

Folder Deleted : C:\Documents and Settings\Viewer\Application Data\AVG Secure Search

File Deleted : C:\Documents and Settings\QB temp\Application Data\Mozilla\Firefox\Profiles\w3mjqvz5.default\.autoreg

File Deleted : C:\Documents and Settings\Viewer\Application Data\Mozilla\Firefox\Profiles\d6uvrxru.default\searchplugins\Askcom.xml

File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml

***** [ Shortcuts ] *****

 

***** [ Registry ] *****

 

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof

Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE

Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI

Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1

Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj

Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1

Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd

Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1

Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol

Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi

Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1

Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE

Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]

Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{090ACFA1-1580-11D1-8AC0-00C0F00910F9}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B4E90801-B83C-11D0-8B40-00C0F00AE35A}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]

Key Deleted : HKCU\Software\AVG Secure Search

Key Deleted : HKCU\Software\AVG Security Toolbar

Key Deleted : HKLM\Software\AVG Secure Search

Key Deleted : HKLM\Software\AVG Security Toolbar

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search

***** [ Browsers ] *****

-\\ Internet Explorer v6.0.2900.5512

 

-\\ Mozilla Firefox v29.0.1 (en-US)

 

[ File : C:\Documents and Settings\QB temp\Application Data\Mozilla\Firefox\Profiles\w3mjqvz5.default\prefs.js ]

 

Line Deleted : user_pref("browser.search.defaultenginename", "Ask.com");

Line Deleted : user_pref("browser.search.selectedEngine", "Ask.com");

Line Deleted : user_pref("keyword.URL", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=ORJ&o=100000031&locale=en_US&apn_uid=6A648E87-DC43-4509-8375-6FAD61CE292D&apn_ptnrs=TV&apn_sauid=CE5D5A18-B6D0-4040-82F8[...]

Line Deleted : user_pref("browser.search.order.1", "Ask.com");

Line Deleted : user_pref("browser.search.defaultengine", "Ask.com");

Line Deleted : user_pref("extensions.asktb.ff-original-keyword-url", "hxxp://search.avg.com/route/?d=4bdf265d&v=6.103.018.001&i=23&tp=ab&iy=&ychte=us&lng=en-US&q=");

[ File : C:\Documents and Settings\Viewer\Application Data\Mozilla\Firefox\Profiles\d6uvrxru.default\prefs.js ]

Line Deleted : user_pref("browser.search.order.1", "Ask.com");

*************************

AdwCleaner[R0].txt - [9490 octets] - [11/06/2014 14:19:56]

AdwCleaner[S0].txt - [9609 octets] - [11/06/2014 14:21:56]

 

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [9669 octets] ##########

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.1.4 (04.06.2014:1)

OS: Microsoft Windows XP x86

Ran by Viewer on Wed 06/11/2014 at 14:39:19.84

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

~~~ Services

 

 

~~~ Registry Values

 

 

~~~ Registry Keys

 

 

~~~ Files

 

 

~~~ Folders

 

 

~~~ FireFox

 

Emptied folder: C:\Documents and Settings\Viewer\Application Data\mozilla\firefox\profiles\d6uvrxru.default\minidumps [1 files]

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Wed 06/11/2014 at 14:46:22.43

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,239 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:05 AM

Posted 11 June 2014 - 08:42 PM

Did TDSS find anything?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 kg12

kg12
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:05 AM

Posted 12 June 2014 - 09:09 AM

if I remember correct I ran it twice because AVG started back up in between scans with different programs.

Here is the first log from TDSS.

 

14:05:39.0828 0x04fc  TDSS rootkit removing tool 3.0.0.39 Jun  5 2014 20:35:54
14:05:45.0406 0x04fc  ============================================================
14:05:45.0406 0x04fc  Current date / time: 2014/06/11 14:05:45.0406
14:05:45.0406 0x04fc  SystemInfo:
14:05:45.0406 0x04fc  
14:05:45.0406 0x04fc  OS Version: 5.1.2600 ServicePack: 3.0
14:05:45.0406 0x04fc  Product type: Workstation
14:05:45.0406 0x04fc  ComputerName: VIEWER1
14:05:45.0406 0x04fc  UserName: Viewer
14:05:45.0406 0x04fc  Windows directory: C:\WINDOWS
14:05:45.0406 0x04fc  System windows directory: C:\WINDOWS
14:05:45.0406 0x04fc  Processor architecture: Intel x86
14:05:45.0406 0x04fc  Number of processors: 2
14:05:45.0406 0x04fc  Page size: 0x1000
14:05:45.0406 0x04fc  Boot type: Normal boot
14:05:45.0406 0x04fc  ============================================================
14:05:47.0281 0x04fc  KLMD registered as C:\WINDOWS\system32\drivers\37880505.sys
14:05:48.0062 0x04fc  System UUID: {95DFEBA3-E7E9-0815-0786-A45B18B7C094}
14:05:50.0109 0x04fc  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
14:05:50.0125 0x04fc  ============================================================
14:05:50.0125 0x04fc  \Device\Harddisk0\DR0:
14:05:50.0125 0x04fc  MBR partitions:
14:05:50.0125 0x04fc  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2542D682
14:05:50.0125 0x04fc  ============================================================
14:05:50.0156 0x04fc  C: <-> \Device\Harddisk0\DR0\Partition1
14:05:50.0156 0x04fc  ============================================================
14:05:50.0156 0x04fc  Initialize success
14:05:50.0156 0x04fc  ============================================================
14:05:53.0031 0x0f84  ============================================================
14:05:53.0031 0x0f84  Scan started
14:05:53.0046 0x0f84  Mode: Manual;
14:05:53.0046 0x0f84  ============================================================
14:05:53.0046 0x0f84  KSN ping started
14:05:55.0687 0x0f84  KSN ping finished: true
14:05:56.0390 0x0f84  ================ Scan system memory ========================
14:05:56.0390 0x0f84  System memory - ok
14:05:56.0390 0x0f84  ================ Scan services =============================
14:05:56.0812 0x0f84  Abiosdsk - ok
14:05:56.0859 0x0f84  [ 6ABB91494FE6C59089B9336452AB2EA3, FA28396820E44F991891042E051A4414485B54D456F252E03E3FFE1B4B4CF843 ] abp480n5        C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
14:05:56.0859 0x0f84  abp480n5 - ok
14:05:57.0156 0x0f84  [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
14:05:57.0203 0x0f84  ACPI - ok
14:05:57.0250 0x0f84  [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
14:05:57.0265 0x0f84  ACPIEC - ok
14:05:57.0406 0x0f84  [ 09E7C37DF4A911C8A9AA8BF88ACD10AA, E881E0BBDCED58F28E0BA8DC27372EDFFFF2C57EE31CD13A032FDC9F7C831B5A ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
14:05:57.0468 0x0f84  AdobeFlashPlayerUpdateSvc - ok
14:05:57.0515 0x0f84  [ 9A11864873DA202C996558B2106B0BBC, 4C68F1DBD1541291DD0FAB78DB42B25FA051CD9F55ED869173E3219CD31500C4 ] adpu160m        C:\WINDOWS\system32\DRIVERS\adpu160m.sys
14:05:57.0531 0x0f84  adpu160m - ok
14:05:57.0609 0x0f84  [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec             C:\WINDOWS\system32\drivers\aec.sys
14:05:57.0656 0x0f84  aec - ok
14:05:57.0750 0x0f84  [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
14:05:57.0796 0x0f84  AFD - ok
14:05:57.0828 0x0f84  [ 08FD04AA961BDC77FB983F328334E3D7, A784EC8A9EDB579262366B5A9AB177DB7BEC0A421BDE85431D0AD4959D5AF5E7 ] agp440          C:\WINDOWS\system32\DRIVERS\agp440.sys
14:05:57.0828 0x0f84  agp440 - ok
14:05:57.0843 0x0f84  [ 03A7E0922ACFE1B07D5DB2EEB0773063, 93EEA872A5642C95FF19C81F8EFFB9B52742A14DBF138784F0F713AD18C413ED ] agpCPQ          C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
14:05:57.0843 0x0f84  agpCPQ - ok
14:05:57.0875 0x0f84  [ C23EA9B5F46C7F7910DB3EAB648FF013, 92C84E9AF278A3B55D56C4F8E6C10E3EF1F7B336A44A018AED6DC51A46671F0B ] Aha154x         C:\WINDOWS\system32\DRIVERS\aha154x.sys
14:05:57.0890 0x0f84  Aha154x - ok
14:05:57.0906 0x0f84  [ 19DD0FB48B0C18892F70E2E7D61A1529, 95BA1568E8E08314508CA0E1F95555891E70399AEC312C793B46A841F56FFDCF ] aic78u2         C:\WINDOWS\system32\DRIVERS\aic78u2.sys
14:05:57.0906 0x0f84  aic78u2 - ok
14:05:57.0937 0x0f84  [ B7FE594A7468AA0132DEB03FB8E34326, BF0DC2B8C474DB151589BA9968264413521DDD9E7316B752B2FA40C24200FBE0 ] aic78xx         C:\WINDOWS\system32\DRIVERS\aic78xx.sys
14:05:57.0937 0x0f84  aic78xx - ok
14:05:57.0968 0x0f84  [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
14:05:57.0984 0x0f84  Alerter - ok
14:05:58.0015 0x0f84  [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG             C:\WINDOWS\System32\alg.exe
14:05:58.0015 0x0f84  ALG - ok
14:05:58.0031 0x0f84  [ 1140AB9938809700B46BB88E46D72A96, 369379ECC5941ACE984A7F31EAABB66A2E693EDBADA639B86D26FD681D45608E ] AliIde          C:\WINDOWS\system32\DRIVERS\aliide.sys
14:05:58.0031 0x0f84  AliIde - ok
14:05:58.0046 0x0f84  [ CB08AED0DE2DD889A8A820CD8082D83C, B1A9D493390AEDF6EFF8BCAA3B33EC31758452AB497C34C0728CDDA1D8DCBF2A ] alim1541        C:\WINDOWS\system32\DRIVERS\alim1541.sys
14:05:58.0062 0x0f84  alim1541 - ok
14:05:58.0078 0x0f84  [ 95B4FB835E28AA1336CEEB07FD5B9398, 36CD3B14EF78B01FB653B78187FAA63C4DD5F4137AC3B91D81256A350EEDCBC1 ] amdagp          C:\WINDOWS\system32\DRIVERS\amdagp.sys
14:05:58.0078 0x0f84  amdagp - ok
14:05:58.0093 0x0f84  [ 59301936898AE62245A6F09C0ABA9475, 4A094C3DCF7E62A467D591ECE1A72D7BCE358DC58045CA156D0B89C6555A7D17 ] AmdK8           C:\WINDOWS\system32\DRIVERS\AmdK8.sys
14:05:58.0093 0x0f84  AmdK8 - ok
14:05:58.0109 0x0f84  [ 79F5ADD8D24BD6893F2903A3E2F3FAD6, 9B179F0B6A559639D3AE3975CEBF2718294BE5743517BEE06586F0D258164C81 ] amsint          C:\WINDOWS\system32\DRIVERS\amsint.sys
14:05:58.0109 0x0f84  amsint - ok
14:05:58.0140 0x0f84  [ 116BFF96077A4A724E0AAB800525CEB5, 483C263B7E8183CFFC83DC4D422536FA40ADE7B3BD1709B8FAF99BE6A5A48995 ] AN983           C:\WINDOWS\system32\DRIVERS\AN983.sys
14:05:58.0156 0x0f84  AN983 - ok
14:05:58.0250 0x0f84  [ D8849F77C0B66226335A59D26CB4EDC6, 4990031453204C57E36E850252A39B05D6ECDAB9E71A8136FB4900F17E59C9CA ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
14:05:58.0312 0x0f84  AppMgmt - ok
14:05:58.0328 0x0f84  [ 62D318E9A0C8FC9B780008E724283707, 1A69806AB2BDECCEB5EB23A80700B3F98983D5D67F78839CBF269087FA460757 ] asc             C:\WINDOWS\system32\DRIVERS\asc.sys
14:05:58.0328 0x0f84  asc - ok
14:05:58.0343 0x0f84  [ 69EB0CC7714B32896CCBFD5EDCBEA447, 1CB506B5F71F84EFD26961010681D0A79AA7B266573378E3D2755125DF5D6BB6 ] asc3350p        C:\WINDOWS\system32\DRIVERS\asc3350p.sys
14:05:58.0343 0x0f84  asc3350p - ok
14:05:58.0359 0x0f84  [ 5D8DE112AA0254B907861E9E9C31D597, 557C93E82A71131D226267151C84B197503831A16263DDFE040E996B605CA9E8 ] asc3550         C:\WINDOWS\system32\DRIVERS\asc3550.sys
14:05:58.0359 0x0f84  asc3550 - ok
14:05:58.0531 0x0f84  [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
14:05:58.0578 0x0f84  aspnet_state - ok
14:05:58.0625 0x0f84  [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
14:05:58.0625 0x0f84  AsyncMac - ok
14:05:58.0671 0x0f84  [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
14:05:58.0671 0x0f84  atapi - ok
14:05:58.0671 0x0f84  Atdisk - ok
14:05:58.0921 0x0f84  [ 8759322FFC1A50569C1E5528EE8026B7, 4096F61F5C580622ABDC2FFC523FD81D667ACBD584074182134FB00E1EE43EC7 ] ati2mtag        C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
14:05:59.0171 0x0f84  ati2mtag - ok
14:05:59.0218 0x0f84  [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
14:05:59.0250 0x0f84  Atmarpc - ok
14:05:59.0296 0x0f84  [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
14:05:59.0296 0x0f84  AudioSrv - ok
14:05:59.0312 0x0f84  [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
14:05:59.0312 0x0f84  audstub - ok
14:05:59.0375 0x0f84  [ 383D7AEC7F1A44B81F2069DB9EE5F313, 3C6BFBA33245C95B65999C73E9EA6861D47A5C50561E4B93DB59DFB361B8711D ] Avgdiskx        C:\WINDOWS\system32\DRIVERS\avgdiskx.sys
14:05:59.0375 0x0f84  Avgdiskx - ok
14:06:00.0687 0x0f84  [ 561CE09C52F6E945ED4CE7E173D1F542, 25FB1B55E22D4DF3B03B6D395B6C4749C03B950139767FA095C24234BD962782 ] AVGIDSAgent     C:\Program Files\AVG\AVG2014\avgidsagent.exe
14:06:01.0843 0x0f84  AVGIDSAgent - ok
14:06:01.0937 0x0f84  [ E76F8CDCC1BF9952D165CA5D90025730, 2A1AE74A25782C4407CA665FC5E3F15BD3F823E44DF0BB4103EDDEA70D81D887 ] AVGIDSDriver    C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys
14:06:01.0937 0x0f84  AVGIDSDriver - ok
14:06:02.0015 0x0f84  [ 486A27CBB8314577A92BEFF025D52345, EBAD1BF93E5246680018DC9B110D0FDAB40D11B730D23CA56ECB5F39C9B6E6D1 ] AVGIDSHX        C:\WINDOWS\system32\DRIVERS\avgidshx.sys
14:06:02.0062 0x0f84  AVGIDSHX - ok
14:06:02.0093 0x0f84  [ B650C4774CAB608AAC9C650312DA2CBB, 20F3041B1D69BFDCBEDBCB07965B5FC8AB28C4FC8822A0D975FB5850A299A913 ] AVGIDSShim      C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys
14:06:02.0093 0x0f84  AVGIDSShim - ok
14:06:02.0171 0x0f84  [ B295472342FCD8E0D15FC099552BA89D, BDB6E0487DF37CDDFFC82F0C2BAF9A3F4FA67210AE9D76BD62499C4F6348EB19 ] Avgldx86        C:\WINDOWS\system32\DRIVERS\avgldx86.sys
14:06:02.0171 0x0f84  Avgldx86 - ok
14:06:02.0281 0x0f84  [ 624A328461D9A365C1B41BC2B8AA055E, FF8C99FFEF51F493525CDD875569165B69205F3008691B9DEE0029D04D0F7B55 ] Avglogx         C:\WINDOWS\system32\DRIVERS\avglogx.sys
14:06:02.0343 0x0f84  Avglogx - ok
14:06:02.0406 0x0f84  [ A7A3E71F9E4F6F93AEAE2B1A88A12FCB, 6724D7BEBC9F0504E794C395459B82486800D409D86E137AD9DE6A5B09DAFA19 ] Avgmfx86        C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
14:06:02.0421 0x0f84  Avgmfx86 - ok
14:06:02.0453 0x0f84  [ F2C626DD5CF3F2FACBBA053F465563EB, 15881EE4F08B713209C6088E148ECF2245349E3B99D266BFE60442DEEDB38F29 ] Avgrkx86        C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
14:06:02.0453 0x0f84  Avgrkx86 - ok
14:06:02.0531 0x0f84  [ 16EDEFD8D99936B2410D082A494D2E3F, B8D18E37FB931B67893F2B4F24D7B20BFC0AC4C45F5FBC5231B942A186D8B3EC ] Avgtdix         C:\WINDOWS\system32\DRIVERS\avgtdix.sys
14:06:02.0546 0x0f84  Avgtdix - ok
14:06:02.0593 0x0f84  [ E03A1466A8A7B869EBC90B179D777EA4, 5F4EBE04C9ACE28DE7AD34603998C282132B66BB9620017AF677A94BA2FE872E ] avgtp           C:\WINDOWS\system32\drivers\avgtpx86.sys
14:06:02.0593 0x0f84  avgtp - ok
14:06:02.0718 0x0f84  [ E5C581D358B62CF65776B8E4E17B9E5C, 955E4ECFD036330B139476CCCC7564B082C197D5E7577853E0C3D7B707EDB090 ] avgwd           C:\Program Files\AVG\AVG2014\avgwdsvc.exe
14:06:02.0796 0x0f84  avgwd - ok
14:06:02.0843 0x0f84  [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
14:06:02.0843 0x0f84  Beep - ok
14:06:03.0015 0x0f84  [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F299CA7BBAA3D1B4 ] BITS            C:\WINDOWS\system32\qmgr.dll
14:06:03.0187 0x0f84  BITS - ok
14:06:03.0265 0x0f84  [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] Browser         C:\WINDOWS\System32\browser.dll
14:06:03.0281 0x0f84  Browser - ok
14:06:03.0296 0x0f84  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf           C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
14:06:03.0312 0x0f84  cbidf - ok
14:06:03.0328 0x0f84  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
14:06:03.0328 0x0f84  cbidf2k - ok
14:06:03.0328 0x0f84  [ F3EC03299634490E97BBCE94CD2954C7, CDC85ADA27E0D501581CE6F28D7E1941E90411FA8E8F2C43A68BAA8CB78E85DD ] cd20xrnt        C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
14:06:03.0328 0x0f84  cd20xrnt - ok
14:06:03.0375 0x0f84  [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
14:06:03.0390 0x0f84  Cdaudio - ok
14:06:03.0421 0x0f84  [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
14:06:03.0437 0x0f84  Cdfs - ok
14:06:03.0468 0x0f84  [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
14:06:03.0500 0x0f84  Cdrom - ok
14:06:03.0500 0x0f84  Changer - ok
14:06:03.0546 0x0f84  [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] CiSvc           C:\WINDOWS\system32\cisvc.exe
14:06:03.0546 0x0f84  CiSvc - ok
14:06:03.0593 0x0f84  [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA8628CD4572CC9A43 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
14:06:03.0609 0x0f84  ClipSrv - ok
14:06:03.0656 0x0f84  [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:06:03.0765 0x0f84  clr_optimization_v2.0.50727_32 - ok
14:06:03.0859 0x0f84  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:06:03.0875 0x0f84  clr_optimization_v4.0.30319_32 - ok
14:06:03.0906 0x0f84  [ E5DCB56C533014ECBC556A8357C929D5, B2915C0C07EDBA59C5D02680804C4C2DE099D73DE0D0DD0CDA748F34F11057E0 ] CmdIde          C:\WINDOWS\system32\DRIVERS\cmdide.sys
14:06:03.0906 0x0f84  CmdIde - ok
14:06:03.0906 0x0f84  COMSysApp - ok
14:06:03.0953 0x0f84  CONQUESTSRV2 - ok
14:06:04.0000 0x0f84  [ 3EE529119EED34CD212A215E8C40D4B6, A6B71F3D4EE7358CA85F010E6271A6B72226D25DF30ED331DA830639ED3E9903 ] Cpqarray        C:\WINDOWS\system32\DRIVERS\cpqarray.sys
14:06:04.0000 0x0f84  Cpqarray - ok
14:06:04.0062 0x0f84  [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
14:06:04.0062 0x0f84  CryptSvc - ok
14:06:04.0140 0x0f84  [ E550E7418984B65A78299D248F0A7F36, 52F6BD1027E91F9A90AFAB82C7F2A0314B7E55262F5293D5F9F8F12135EDD88C ] dac2w2k         C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
14:06:04.0171 0x0f84  dac2w2k - ok
14:06:04.0203 0x0f84  [ 683789CAA3864EB46125AE86FF677D34, B725D026E069AD253192E21245260CBA44EF3C72781616A2CAD0BF0E2D86D510 ] dac960nt        C:\WINDOWS\system32\DRIVERS\dac960nt.sys
14:06:04.0203 0x0f84  dac960nt - ok
14:06:04.0359 0x0f84  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
14:06:04.0500 0x0f84  DcomLaunch - ok
14:06:04.0578 0x0f84  [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
14:06:04.0609 0x0f84  Dhcp - ok
14:06:04.0656 0x0f84  [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
14:06:04.0656 0x0f84  Disk - ok
14:06:04.0656 0x0f84  dmadmin - ok
14:06:04.0937 0x0f84  [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
14:06:05.0187 0x0f84  dmboot - ok
14:06:05.0250 0x0f84  [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
14:06:05.0281 0x0f84  dmio - ok
14:06:05.0296 0x0f84  [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
14:06:05.0296 0x0f84  dmload - ok
14:06:05.0343 0x0f84  [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver        C:\WINDOWS\System32\dmserver.dll
14:06:05.0343 0x0f84  dmserver - ok
14:06:05.0375 0x0f84  [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
14:06:05.0390 0x0f84  DMusic - ok
14:06:05.0453 0x0f84  [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
14:06:05.0453 0x0f84  Dnscache - ok
14:06:05.0531 0x0f84  [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
14:06:05.0578 0x0f84  Dot3svc - ok
14:06:05.0593 0x0f84  [ 40F3B93B4E5B0126F2F5C0A7A5E22660, 8AFFF28903037F5E36BB5352F2B236A217558FCC0146B23C787606C3F21243DB ] dpti2o          C:\WINDOWS\system32\DRIVERS\dpti2o.sys
14:06:05.0593 0x0f84  dpti2o - ok
14:06:05.0625 0x0f84  [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
14:06:05.0625 0x0f84  drmkaud - ok
14:06:05.0656 0x0f84  [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost         C:\WINDOWS\System32\eapsvc.dll
14:06:05.0671 0x0f84  EapHost - ok
14:06:05.0703 0x0f84  [ 6E883BF518296A40959131C2304AF714, FCBDAB6C9220742821D1A1711D39688889B578E0992F8B41945027DB23E92777 ] EL90XBC         C:\WINDOWS\system32\DRIVERS\el90xbc5.sys
14:06:05.0734 0x0f84  EL90XBC - ok
14:06:05.0781 0x0f84  [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc           C:\WINDOWS\System32\ersvc.dll
14:06:05.0781 0x0f84  ERSvc - ok
14:06:05.0859 0x0f84  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] Eventlog        C:\WINDOWS\system32\services.exe
14:06:05.0875 0x0f84  Eventlog - ok
14:06:06.0000 0x0f84  [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] EventSystem     C:\WINDOWS\system32\es.dll
14:06:06.0062 0x0f84  EventSystem - ok
14:06:06.0140 0x0f84  [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
14:06:06.0203 0x0f84  Fastfat - ok
14:06:06.0265 0x0f84  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
14:06:06.0296 0x0f84  FastUserSwitchingCompatibility - ok
14:06:06.0343 0x0f84  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys
14:06:06.0343 0x0f84  Fdc - ok
14:06:06.0406 0x0f84  [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
14:06:06.0406 0x0f84  Fips - ok
14:06:06.0421 0x0f84  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk        C:\WINDOWS\system32\DRIVERS\flpydisk.sys
14:06:06.0437 0x0f84  Flpydisk - ok
14:06:06.0515 0x0f84  [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
14:06:06.0531 0x0f84  FltMgr - ok
14:06:06.0656 0x0f84  [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
14:06:06.0656 0x0f84  FontCache3.0.0.0 - ok
14:06:06.0671 0x0f84  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
14:06:06.0671 0x0f84  Fs_Rec - ok
14:06:06.0734 0x0f84  [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
14:06:06.0750 0x0f84  Ftdisk - ok
14:06:06.0781 0x0f84  [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
14:06:06.0781 0x0f84  Gpc - ok
14:06:06.0843 0x0f84  [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
14:06:06.0859 0x0f84  HDAudBus - ok
14:06:06.0953 0x0f84  [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
14:06:06.0953 0x0f84  helpsvc - ok
14:06:06.0953 0x0f84  HidServ - ok
14:06:06.0984 0x0f84  [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
14:06:06.0984 0x0f84  HidUsb - ok
14:06:07.0031 0x0f84  [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
14:06:07.0046 0x0f84  hkmsvc - ok
14:06:07.0109 0x0f84  [ B028377DEA0546A5FCFBA928A8AEFAE0, FD7B34A6036AD443014B16394A5F051A298CEE4276D50525FB9F15A0D2684C8B ] hpn             C:\WINDOWS\system32\DRIVERS\hpn.sys
14:06:07.0109 0x0f84  hpn - ok
14:06:07.0234 0x0f84  [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
14:06:07.0328 0x0f84  HTTP - ok
14:06:07.0359 0x0f84  [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
14:06:07.0359 0x0f84  HTTPFilter - ok
14:06:07.0390 0x0f84  [ 9368670BD426EBEA5E8B18A62416EC28, 0ED865F8FB79F0B6309521925280E8640DB5CA6F75377434830536899734B6EE ] i2omgmt         C:\WINDOWS\system32\drivers\i2omgmt.sys
14:06:07.0390 0x0f84  i2omgmt - ok
14:06:07.0406 0x0f84  [ F10863BF1CCC290BABD1A09188AE49E0, BC038EAE6C8A76D56A5AD27035DC0369D6E766711E9FAA7467144370851F1615 ] i2omp           C:\WINDOWS\system32\DRIVERS\i2omp.sys
14:06:07.0406 0x0f84  i2omp - ok
14:06:07.0421 0x0f84  [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
14:06:07.0453 0x0f84  i8042prt - ok
14:06:07.0531 0x0f84  [ 580BFEC487C55264BFE3D60C3C24EEE1, 0EA6D0C92C94E9597F3C063F7636710CC1CBECE5A57A5B1C463B2BA5ACB4F061 ] iaStor          C:\WINDOWS\system32\DRIVERS\iaStor.sys
14:06:07.0609 0x0f84  iaStor - ok
14:06:08.0000 0x0f84  [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc           C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:06:08.0296 0x0f84  idsvc - ok
14:06:08.0390 0x0f84  [ DB3C22745C0DA4666F3BE31F1AF36B2F, 2FE9A0F157AF9FB3CA03B8D4E706213E63E388206A8C04EF4A84E0D7A364A3A6 ] IISADMIN        C:\WINDOWS\system32\inetsrv\inetinfo.exe
14:06:08.0390 0x0f84  IISADMIN - ok
14:06:08.0453 0x0f84  [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
14:06:08.0468 0x0f84  Imapi - ok
14:06:08.0562 0x0f84  [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService    C:\WINDOWS\system32\imapi.exe
14:06:08.0578 0x0f84  ImapiService - ok
14:06:08.0609 0x0f84  [ 4A40E045FAEE58631FD8D91AFC620719, 7A2FD81BD483821B3DA01B1CD7215423EDD719CBE3862C0342FF7D21A17AF437 ] ini910u         C:\WINDOWS\system32\DRIVERS\ini910u.sys
14:06:08.0609 0x0f84  ini910u - ok
14:06:10.0171 0x0f84  [ F7F3328544E1AC2E97CAEA9B39D9B9DE, 398E31FD98B79B88021EFB76CB2E741B9DF827AFDB3276DD1F147DBD5D35EC0D ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
14:06:10.0281 0x0f84  IntcAzAudAddService - ok
14:06:10.0296 0x0f84  [ B5466A9250342A7AA0CD1FBA13420678, 87E735C4E8924A883AB692D387A83BCBFAE6E165688336AE7AB488F7CA8D339E ] IntelIde        C:\WINDOWS\system32\DRIVERS\intelide.sys
14:06:10.0296 0x0f84  IntelIde - ok
14:06:10.0359 0x0f84  [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000F31ECE4EBC25E6 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
14:06:10.0375 0x0f84  intelppm - ok
14:06:10.0390 0x0f84  [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys
14:06:10.0406 0x0f84  Ip6Fw - ok
14:06:10.0453 0x0f84  [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
14:06:10.0468 0x0f84  IpFilterDriver - ok
14:06:10.0484 0x0f84  [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
14:06:10.0484 0x0f84  IpInIp - ok
14:06:10.0546 0x0f84  [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
14:06:10.0593 0x0f84  IpNat - ok
14:06:10.0656 0x0f84  [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
14:06:10.0687 0x0f84  IPSec - ok
14:06:10.0718 0x0f84  [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
14:06:10.0718 0x0f84  IRENUM - ok
14:06:10.0750 0x0f84  [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
14:06:10.0750 0x0f84  isapnp - ok
14:06:10.0906 0x0f84  [ B9436A665A8621073A12338B16D7BFD4, 1F1CB4758768BF7B7DDB27BF9DA944D869B561ABF7EC39CEC059044E10C1EA88 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
14:06:10.0937 0x0f84  JavaQuickStarterService - ok
14:06:10.0968 0x0f84  [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
14:06:10.0984 0x0f84  Kbdclass - ok
14:06:11.0031 0x0f84  [ 9EF487A186DEA361AA06913A75B3FA99, B94EBA4EC6D85E11C81AF9927E9EF0AF2E6FE134CFF1FDB0535B7C5A794B4261 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
14:06:11.0046 0x0f84  kbdhid - ok
14:06:11.0125 0x0f84  [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
14:06:11.0187 0x0f84  kmixer - ok
14:06:11.0250 0x0f84  [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
14:06:11.0250 0x0f84  KSecDD - ok
14:06:11.0312 0x0f84  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
14:06:11.0343 0x0f84  lanmanserver - ok
14:06:11.0437 0x0f84  [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
14:06:11.0468 0x0f84  lanmanworkstation - ok
14:06:11.0484 0x0f84  lbrtfdc - ok
14:06:11.0531 0x0f84  [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
14:06:11.0531 0x0f84  LmHosts - ok
14:06:12.0031 0x0f84  [ EFC1E960455913B91C51BB608D9AE2CB, 4B0062669D87585EF02D3E3740C98A39C15244CE1FCAFD57AF955CBA578257C5 ] MaxiVista_service_A C:\Documents and Settings\Viewer\Desktop\MaxiVistaViewerA.exe
14:06:12.0390 0x0f84  MaxiVista_service_A - ok
14:06:12.0546 0x0f84  [ 8566E3E7E14517C3142F9EBAF68C3CF4, 1E7A279B8EF1FA8C4D7DB0B72E031DDC39D82FC694A22808BD6C76EF98BB7BF1 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe
14:06:12.0625 0x0f84  McComponentHostService - ok
14:06:12.0671 0x0f84  [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
14:06:12.0687 0x0f84  Messenger - ok
14:06:12.0718 0x0f84  [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
14:06:12.0718 0x0f84  mnmdd - ok
14:06:12.0765 0x0f84  [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608EED0F50AF070D4 ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
14:06:12.0781 0x0f84  mnmsrvc - ok
14:06:12.0812 0x0f84  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
14:06:12.0812 0x0f84  Modem - ok
14:06:12.0843 0x0f84  [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
14:06:12.0843 0x0f84  Mouclass - ok
14:06:12.0875 0x0f84  [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
14:06:12.0890 0x0f84  mouhid - ok
14:06:12.0906 0x0f84  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
14:06:12.0906 0x0f84  MountMgr - ok
14:06:13.0000 0x0f84  [ E1B6FCAE82474FC071155263E2841D54, 341E2CEB1A86586730130311C4FAF86851151D5F08EF915A5F89B6C4094AE1F4 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
14:06:13.0062 0x0f84  MozillaMaintenance - ok
14:06:13.0093 0x0f84  [ 3F4BB95E5A44F3BE34824E8E7CAF0737, 9A4F9E63AA55B779AF3563C66C8E40D9C42FF3BB5F533F70905ADC7A44EA7DAD ] mraid35x        C:\WINDOWS\system32\DRIVERS\mraid35x.sys
14:06:13.0093 0x0f84  mraid35x - ok
14:06:13.0156 0x0f84  [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
14:06:13.0203 0x0f84  MRxDAV - ok
14:06:13.0390 0x0f84  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
14:06:13.0515 0x0f84  MRxSmb - ok
14:06:13.0578 0x0f84  [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F616301B30B858C724E8 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
14:06:13.0578 0x0f84  MSDTC - ok
14:06:13.0593 0x0f84  [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
14:06:13.0593 0x0f84  Msfs - ok
14:06:13.0609 0x0f84  MSIServer - ok
14:06:13.0656 0x0f84  [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
14:06:13.0656 0x0f84  MSKSSRV - ok
14:06:13.0671 0x0f84  [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
14:06:13.0671 0x0f84  MSPCLOCK - ok
14:06:13.0687 0x0f84  [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
14:06:13.0687 0x0f84  MSPQM - ok
14:06:13.0718 0x0f84  [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
14:06:13.0734 0x0f84  mssmbios - ok
14:06:13.0781 0x0f84  [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
14:06:13.0796 0x0f84  Mup - ok
14:06:13.0843 0x0f84  [ 216AC775320F64DE28CFEB7C179C4FF9, 12A9E0056E4BA11C55490CED9739806D08040860C37AEFE1FA8D5EDF074A74FB ] MXOPSWD         C:\WINDOWS\system32\DRIVERS\mxopswd.sys
14:06:13.0843 0x0f84  MXOPSWD - ok
14:06:13.0984 0x0f84  [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent        C:\WINDOWS\System32\qagentrt.dll
14:06:14.0078 0x0f84  napagent - ok
14:06:14.0187 0x0f84  [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
14:06:14.0234 0x0f84  NDIS - ok
14:06:14.0281 0x0f84  [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
14:06:14.0281 0x0f84  NdisTapi - ok
14:06:14.0296 0x0f84  [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
14:06:14.0296 0x0f84  Ndisuio - ok
14:06:14.0343 0x0f84  [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
14:06:14.0375 0x0f84  NdisWan - ok
14:06:14.0406 0x0f84  [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
14:06:14.0421 0x0f84  NDProxy - ok
14:06:14.0437 0x0f84  [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
14:06:14.0437 0x0f84  NetBIOS - ok
14:06:14.0500 0x0f84  [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
14:06:14.0562 0x0f84  NetBT - ok
14:06:14.0625 0x0f84  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE          C:\WINDOWS\system32\netdde.exe
14:06:14.0671 0x0f84  NetDDE - ok
14:06:14.0718 0x0f84  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
14:06:14.0718 0x0f84  NetDDEdsdm - ok
14:06:14.0765 0x0f84  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon        C:\WINDOWS\system32\lsass.exe
14:06:14.0765 0x0f84  Netlogon - ok
14:06:14.0843 0x0f84  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman          C:\WINDOWS\System32\netman.dll
14:06:14.0906 0x0f84  Netman - ok
14:06:15.0000 0x0f84  [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:06:15.0062 0x0f84  NetTcpPortSharing - ok
14:06:15.0171 0x0f84  [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] Nla             C:\WINDOWS\System32\mswsock.dll
14:06:15.0234 0x0f84  Nla - ok
14:06:15.0296 0x0f84  [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
14:06:15.0296 0x0f84  Npfs - ok
14:06:15.0484 0x0f84  [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
14:06:15.0656 0x0f84  Ntfs - ok
14:06:15.0687 0x0f84  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
14:06:15.0687 0x0f84  NtLmSsp - ok
14:06:15.0859 0x0f84  [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
14:06:16.0000 0x0f84  NtmsSvc - ok
14:06:16.0031 0x0f84  [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null            C:\WINDOWS\system32\drivers\Null.sys
14:06:16.0031 0x0f84  Null - ok
14:06:19.0281 0x0f84  [ 9F30A816039FD2167918E33263E54FE9, D093E2950FEF5BF79959C92FAEDE53E1316F42DF5AD79728EC864734A157F20B ] nv              C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
14:06:22.0531 0x0f84  nv - ok
14:06:22.0609 0x0f84  [ 947C4A0E7B25BCECC3B40F0F1070378B, 35107FE90A782097B9558E54EFA6101ACCE89943F44C7A9E75599E8878A9847B ] nvata           C:\WINDOWS\system32\DRIVERS\nvata.sys
14:06:22.0625 0x0f84  nvata - ok
14:06:22.0671 0x0f84  [ 4D6F0D3FB17C1BA64942F415C73ADCDB, 2F5B09418902DBC6596812240A15A4A49538E5A61C86CCA25CE8AE2A4FF6FC38 ] NVENETFD        C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
14:06:22.0687 0x0f84  NVENETFD - ok
14:06:22.0750 0x0f84  [ 049AA7021E5406E77F3535BE66635B74, 9BD192F4321CAEB349B8F10BA0E80A082D2F67E8AEC753A628EF0D0254F61EC4 ] NVHDA           C:\WINDOWS\system32\drivers\nvhda32.sys
14:06:22.0750 0x0f84  NVHDA - ok
14:06:22.0781 0x0f84  [ 921E63AA1E1A20302223D016ACAFB52B, 0873292870D0CDC19E53369BA06A5177C6C78295E818BEB002109057E283CB03 ] nvnetbus        C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
14:06:22.0781 0x0f84  nvnetbus - ok
14:06:22.0875 0x0f84  [ C26920B25ADB94A81DFF7FB5992F7118, 5C5717CD40A9ED62CD01EB4C33489D708499735CF1AF1D6F3AC31EC448D3861E ] NVSvc           C:\WINDOWS\system32\nvsvc32.exe
14:06:22.0890 0x0f84  NVSvc - ok
14:06:22.0921 0x0f84  [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
14:06:22.0921 0x0f84  NwlnkFlt - ok
14:06:22.0953 0x0f84  [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
14:06:22.0968 0x0f84  NwlnkFwd - ok
14:06:23.0078 0x0f84  [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC918BF6BE94A5C2 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:06:23.0125 0x0f84  ose - ok
14:06:23.0203 0x0f84  [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
14:06:23.0234 0x0f84  Parport - ok
14:06:23.0250 0x0f84  [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
14:06:23.0250 0x0f84  PartMgr - ok
14:06:23.0281 0x0f84  [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
14:06:23.0281 0x0f84  ParVdm - ok
14:06:23.0312 0x0f84  [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B22984804CEC269 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
14:06:23.0312 0x0f84  PCI - ok
14:06:23.0312 0x0f84  PCIDump - ok
14:06:23.0328 0x0f84  [ CCF5F451BB1A5A2A522A76E670000FF0, D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020198724042C9257 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
14:06:23.0328 0x0f84  PCIIde - ok
14:06:23.0406 0x0f84  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FCFEC1C8C987F617 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
14:06:23.0453 0x0f84  Pcmcia - ok
14:06:23.0453 0x0f84  PDCOMP - ok
14:06:23.0468 0x0f84  PDFRAME - ok
14:06:23.0468 0x0f84  PDRELI - ok
14:06:23.0484 0x0f84  PDRFRAME - ok
14:06:23.0500 0x0f84  [ 6C14B9C19BA84F73D3A86DBA11133101, 2CFB7E027E43C1B3890985DFD7987B23E4E3CC003E3FD2583E4A8AC1F8A13B26 ] perc2           C:\WINDOWS\system32\DRIVERS\perc2.sys
14:06:23.0500 0x0f84  perc2 - ok
14:06:23.0515 0x0f84  [ F50F7C27F131AFE7BEBA13E14A3B9416, C0498EA65B908C07A734324ED70DB27F434FAAA815DD02F1BC429A3AB6C663D5 ] perc2hib        C:\WINDOWS\system32\DRIVERS\perc2hib.sys
14:06:23.0515 0x0f84  perc2hib - ok
14:06:23.0578 0x0f84  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] PlugPlay        C:\WINDOWS\system32\services.exe
14:06:23.0578 0x0f84  PlugPlay - ok
14:06:23.0593 0x0f84  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
14:06:23.0593 0x0f84  PolicyAgent - ok
14:06:23.0656 0x0f84  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
14:06:23.0671 0x0f84  PptpMiniport - ok
14:06:24.0359 0x0f84  [ 8F41B2F7A96808BCAEF26EA953DB7671, 76D72891B78879B15F1B355B2DCB13FDBFA4395112FB68E5D5A90038CED05731 ] Process Blocker C:\Program Files\Softros Systems\Process Blocker\Process Blocker.exe
14:06:24.0406 0x0f84  Process Blocker - ok
14:06:24.0453 0x0f84  [ A32BEBAF723557681BFC6BD93E98BD26, 35039BA72A29F87B2CA37DCDE4EFDAABBDEAD8CE3EB8652ACC665994118145A6 ] Processor       C:\WINDOWS\system32\DRIVERS\processr.sys
14:06:24.0468 0x0f84  Processor - ok
14:06:24.0468 0x0f84  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
14:06:24.0468 0x0f84  ProtectedStorage - ok
14:06:24.0500 0x0f84  [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
14:06:24.0531 0x0f84  PSched - ok
14:06:24.0578 0x0f84  [ 7E47C56B10EE91BC46A98A8C0293D353, 9ADB6980728D46CF88482255DBD48B943A856AAC2789ABEECBA8AE9A1570809D ] PSMounterEx     C:\WINDOWS\system32\drivers\psmounterex.sys
14:06:24.0593 0x0f84  PSMounterEx - ok
14:06:24.0625 0x0f84  [ D252A1B7DE9D521B9F8C193AE2759850, BCE2F4E4EA37E56FA788A467653A74A5FD22BE3914E9E41B9B9F5B7EA9D2A960 ] pssnap          C:\WINDOWS\system32\DRIVERS\pssnap.sys
14:06:24.0625 0x0f84  pssnap - ok
14:06:24.0640 0x0f84  [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
14:06:24.0640 0x0f84  Ptilink - ok
14:06:24.0703 0x0f84  [ 119B221670D50C82BF203B673778F2D3, FC096329405669B06239FED869CDD585566A19F54F5484987EF4FE1C51921080 ] QBCFMonitorService C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
14:06:24.0703 0x0f84  QBCFMonitorService - ok
14:06:24.0765 0x0f84  [ 6BEE1814470DC12FA20C53DFC3C97EBB, 91E8C22E54A090966E9B96395392B2C03A32DB1AF8DB2289E2EA9460F0A76C0F ] QBFCService     C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
14:06:24.0781 0x0f84  QBFCService - ok
14:06:25.0234 0x0f84  [ 78AFB70DBE365BD6140E6740792AC3EA, 32DBFDA80C62B6752BB17F5A3843314ED33F8B77760B5691F910AD632EE5DD0F ] QBVSS           C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe
14:06:25.0578 0x0f84  QBVSS - ok
14:06:25.0625 0x0f84  [ 0A63FB54039EB5662433CABA3B26DBA7, A1FB923EB2D08D89D24E8AD7042BBED7CB1DBDA9A5B77BDD188E9913BADAB0EF ] ql1080          C:\WINDOWS\system32\DRIVERS\ql1080.sys
14:06:25.0625 0x0f84  ql1080 - ok
14:06:25.0640 0x0f84  [ 6503449E1D43A0FF0201AD5CB1B8C706, F1EFC2DE5998615CB182D7984366631FE956AE1ECA9AC777F26FCA2E6F2E05A6 ] Ql10wnt         C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
14:06:25.0640 0x0f84  Ql10wnt - ok
14:06:25.0671 0x0f84  [ 156ED0EF20C15114CA097A34A30D8A01, 7490B90D4C88B7A9BADB9473D4033535F054C797ABF6D542CB859DA5C9B2586A ] ql12160         C:\WINDOWS\system32\DRIVERS\ql12160.sys
14:06:25.0671 0x0f84  ql12160 - ok
14:06:25.0687 0x0f84  [ 70F016BEBDE6D29E864C1230A07CC5E6, 895BC2C888F6566086FC1399F499A401D447E57333BC9F9C6DBAFE0F117603D6 ] ql1240          C:\WINDOWS\system32\DRIVERS\ql1240.sys
14:06:25.0687 0x0f84  ql1240 - ok
14:06:25.0718 0x0f84  [ 907F0AEEA6BC451011611E732BD31FCF, F9E7023BD1042963110D0A613054D094437868B20779F23C316A38E4781A6152 ] ql1280          C:\WINDOWS\system32\DRIVERS\ql1280.sys
14:06:25.0718 0x0f84  ql1280 - ok
14:06:25.0796 0x0f84  QuickBooksDB21 - ok
14:06:25.0828 0x0f84  [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
14:06:25.0828 0x0f84  RasAcd - ok
14:06:25.0890 0x0f84  [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F31862656E96E2B20C ] RasAuto         C:\WINDOWS\System32\rasauto.dll
14:06:25.0921 0x0f84  RasAuto - ok
14:06:25.0953 0x0f84  [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
14:06:25.0984 0x0f84  Rasl2tp - ok
14:06:26.0078 0x0f84  [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] RasMan          C:\WINDOWS\System32\rasmans.dll
14:06:26.0140 0x0f84  RasMan - ok
14:06:26.0171 0x0f84  [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
14:06:26.0171 0x0f84  RasPppoe - ok
14:06:26.0187 0x0f84  [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
14:06:26.0203 0x0f84  Raspti - ok
14:06:26.0265 0x0f84  [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
14:06:26.0312 0x0f84  Rdbss - ok
14:06:26.0328 0x0f84  [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
14:06:26.0328 0x0f84  RDPCDD - ok
14:06:26.0406 0x0f84  [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
14:06:26.0484 0x0f84  rdpdr - ok
14:06:26.0562 0x0f84  [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
14:06:26.0640 0x0f84  RDPWD - ok
14:06:26.0734 0x0f84  [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944333039375AC08C ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
14:06:26.0765 0x0f84  RDSessMgr - ok
14:06:26.0796 0x0f84  [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
14:06:26.0812 0x0f84  redbook - ok
14:06:26.0937 0x0f84  [ 23F9FEFB64F1C9DC283EAD5D74B7BD3B, 17CD80B8DEE541036431BB039F46D384530DA6F64EA25FFE025734CD304EB049 ] ReflectService.exe C:\Program Files\Macrium\Reflect\ReflectService.exe
14:06:27.0000 0x0f84  ReflectService.exe - ok
14:06:27.0062 0x0f84  [ 7E699FF5F59B5D9DE5390E3C34C67CF5, 3FCF0442D80AB181FED4303E570378736AA1F8718C0B8B70F689A1E45200FFE4 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
14:06:27.0078 0x0f84  RemoteAccess - ok
14:06:27.0125 0x0f84  [ 5B19B557B0C188210A56A6B699D90B8F, 0FA880B81AE615206FD1738B83428AAA491D54B24168339DE6E87FDE8C6C14B0 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
14:06:27.0140 0x0f84  RemoteRegistry - ok
14:06:27.0171 0x0f84  [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC343561DC5EF9A360 ] RpcLocator      C:\WINDOWS\system32\locator.exe
14:06:27.0171 0x0f84  RpcLocator - ok
14:06:27.0328 0x0f84  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] RpcSs           C:\WINDOWS\system32\rpcss.dll
14:06:27.0343 0x0f84  RpcSs - ok
14:06:27.0421 0x0f84  [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP            C:\WINDOWS\system32\rsvp.exe
14:06:27.0437 0x0f84  RSVP - ok
14:06:27.0468 0x0f84  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] SamSs           C:\WINDOWS\system32\lsass.exe
14:06:27.0468 0x0f84  SamSs - ok
14:06:27.0515 0x0f84  [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
14:06:27.0515 0x0f84  SCardSvr - ok
14:06:27.0625 0x0f84  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
14:06:27.0671 0x0f84  Schedule - ok
14:06:27.0734 0x0f84  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
14:06:27.0734 0x0f84  Secdrv - ok
14:06:27.0765 0x0f84  [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] seclogon        C:\WINDOWS\System32\seclogon.dll
14:06:27.0765 0x0f84  seclogon - ok
14:06:27.0781 0x0f84  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] SENS            C:\WINDOWS\system32\sens.dll
14:06:27.0796 0x0f84  SENS - ok
14:06:27.0828 0x0f84  [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
14:06:27.0843 0x0f84  serenum - ok
14:06:27.0875 0x0f84  [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
14:06:27.0890 0x0f84  Serial - ok
14:06:27.0921 0x0f84  [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
14:06:27.0921 0x0f84  Sfloppy - ok
14:06:28.0078 0x0f84  [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
14:06:28.0171 0x0f84  SharedAccess - ok
14:06:28.0250 0x0f84  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
14:06:28.0250 0x0f84  ShellHWDetection - ok
14:06:28.0265 0x0f84  Simbad - ok
14:06:28.0328 0x0f84  [ 6B33D0EBD30DB32E27D1D78FE946A754, CDA3D082D370B079C06D943DA124D76BAF0C5DB264FB0C893148EF6322D2FABE ] sisagp          C:\WINDOWS\system32\DRIVERS\sisagp.sys
14:06:28.0328 0x0f84  sisagp - ok
14:06:28.0359 0x0f84  [ 83C0F71F86D3BDAF915685F3D568B20E, 10B24723914A5A9E27A592FD58DAE2207B6E49F13A17CD2B1477C51D2D609D2E ] Sparrow         C:\WINDOWS\system32\DRIVERS\sparrow.sys
14:06:28.0359 0x0f84  Sparrow - ok
14:06:28.0390 0x0f84  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
14:06:28.0390 0x0f84  splitter - ok
14:06:28.0421 0x0f84  [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
14:06:28.0437 0x0f84  Spooler - ok
14:06:28.0468 0x0f84  [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2CA532336CD2DFA ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
14:06:28.0484 0x0f84  sr - ok
14:06:28.0546 0x0f84  [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] srservice       C:\WINDOWS\system32\srsvc.dll
14:06:28.0593 0x0f84  srservice - ok
14:06:28.0750 0x0f84  [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
14:06:28.0859 0x0f84  Srv - ok
14:06:28.0921 0x0f84  [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
14:06:28.0937 0x0f84  SSDPSRV - ok
14:06:29.0078 0x0f84  [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
14:06:29.0171 0x0f84  stisvc - ok
14:06:29.0203 0x0f84  [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
14:06:29.0203 0x0f84  swenum - ok
14:06:29.0265 0x0f84  [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
14:06:29.0281 0x0f84  swmidi - ok
14:06:29.0281 0x0f84  SwPrv - ok
14:06:29.0312 0x0f84  [ 1FF3217614018630D0A6758630FC698C, 78A3075BBFF5D7ADEAC1527E65ACA8527BFC509DF124D44410BB46C4D96C96BB ] symc810         C:\WINDOWS\system32\DRIVERS\symc810.sys
14:06:29.0312 0x0f84  symc810 - ok
14:06:29.0328 0x0f84  [ 070E001D95CF725186EF8B20335F933C, B98B29FB01741AF3B4BB02C76A4D117EA04FE4CC4F8CDB491F9216931704A6D8 ] symc8xx         C:\WINDOWS\system32\DRIVERS\symc8xx.sys
14:06:29.0328 0x0f84  symc8xx - ok
14:06:29.0359 0x0f84  [ 80AC1C4ABBE2DF3B738BF15517A51F2C, CCF82D09C63F4FA98BCBEF3A1DC8C02D4269B78256D0B6213E815D9BBE174432 ] sym_hi          C:\WINDOWS\system32\DRIVERS\sym_hi.sys
14:06:29.0359 0x0f84  sym_hi - ok
14:06:29.0375 0x0f84  [ BF4FAB949A382A8E105F46EBB4937058, FE7C114A19D50E37463CDD3605C26105A779EEA79CB92BF98267C7BE809D853B ] sym_u3          C:\WINDOWS\system32\DRIVERS\sym_u3.sys
14:06:29.0375 0x0f84  sym_u3 - ok
14:06:29.0421 0x0f84  [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
14:06:29.0437 0x0f84  sysaudio - ok
14:06:29.0484 0x0f84  [ C7ABBC59B43274B1109DF6B24D617051, 4384CA0AA6CE9B603CF7DB775A3C721E46715D5B120B94FB57DEADAADE18535B ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
14:06:29.0500 0x0f84  SysmonLog - ok
14:06:29.0609 0x0f84  [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
14:06:29.0687 0x0f84  TapiSrv - ok
14:06:29.0843 0x0f84  [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
14:06:29.0968 0x0f84  Tcpip - ok
14:06:30.0015 0x0f84  [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
14:06:30.0015 0x0f84  TDPIPE - ok
14:06:30.0062 0x0f84  [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
14:06:30.0078 0x0f84  TDTCP - ok
14:06:30.0109 0x0f84  [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
14:06:30.0125 0x0f84  TermDD - ok
14:06:30.0250 0x0f84  [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] TermService     C:\WINDOWS\System32\termsrv.dll
14:06:30.0328 0x0f84  TermService - ok
14:06:30.0406 0x0f84  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] Themes          C:\WINDOWS\System32\shsvcs.dll
14:06:30.0406 0x0f84  Themes - ok
14:06:30.0468 0x0f84  [ DB7205804759FF62C34E3EFD8A4CC76A, 13A4248F528CE98ACA66898E56822E4FC49B11F491FF1F61A687BA601BF0A802 ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe
14:06:30.0500 0x0f84  TlntSvr - ok
14:06:30.0531 0x0f84  [ F2790F6AF01321B172AA62F8E1E187D9, 5644B5EFA0065C0CC9DB28E5520AAD2F4B3BCE48337F165BF9F166ECC164630C ] TosIde          C:\WINDOWS\system32\DRIVERS\toside.sys
14:06:30.0531 0x0f84  TosIde - ok
14:06:30.0593 0x0f84  [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] TrkWks          C:\WINDOWS\system32\trkwks.dll
14:06:30.0609 0x0f84  TrkWks - ok
14:06:30.0656 0x0f84  [ D85938F272D1BCF3DB3A31FC0A048928, 798328C8C06EEE7B0852E6D2B16C3AF24D529737ECA2E9725415261A5736D051 ] uagp35          C:\WINDOWS\system32\DRIVERS\uagp35.sys
14:06:30.0656 0x0f84  uagp35 - ok
14:06:30.0703 0x0f84  [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
14:06:30.0718 0x0f84  Udfs - ok
14:06:30.0750 0x0f84  [ 1B698A51CD528D8DA4FFAED66DFC51B9, FC3F12D25EE0E99AFE056502FCCFC052854699C21B99D559FAF1244F206DFB4F ] ultra           C:\WINDOWS\system32\DRIVERS\ultra.sys
14:06:30.0750 0x0f84  ultra - ok
14:06:30.0812 0x0f84  [ C81B8635DEE0D3EF5F64B3DD643023A5, 6D7438A5FB7168352099F726BD0980AD398A7CFE929B8D2BD362B238C1540D85 ] UMWdf           C:\WINDOWS\system32\wdfmgr.exe
14:06:30.0812 0x0f84  UMWdf - ok
14:06:30.0984 0x0f84  [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
14:06:31.0125 0x0f84  Update - ok
14:06:31.0203 0x0f84  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91, 7746916DB48E3F5B243B63C066596AD9037A494BF1AD935946DD04AC85D983DF ] upnphost        C:\WINDOWS\System32\upnphost.dll
14:06:31.0281 0x0f84  upnphost - ok
14:06:31.0296 0x0f84  [ 05365FB38FCA1E98F7A566AAAF5D1815, 16843048CEEC3DAA3B953A12FF1EE339E86783A08F2A56DA7F94AD9F9717D77D ] UPS             C:\WINDOWS\System32\ups.exe
14:06:31.0296 0x0f84  UPS - ok
14:06:31.0343 0x0f84  [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
14:06:31.0359 0x0f84  usbehci - ok
14:06:31.0375 0x0f84  [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
14:06:31.0406 0x0f84  usbhub - ok
14:06:31.0437 0x0f84  [ 0DAECCE65366EA32B162F85F07C6753B, 3C33AC2FC95E876933F2016CF0CDA2745491679728684DA8DF95A515CE4804BD ] usbohci         C:\WINDOWS\system32\DRIVERS\usbohci.sys
14:06:31.0453 0x0f84  usbohci - ok
14:06:31.0484 0x0f84  [ F8EDE2B6928970DCE3D5614C27D9E7F6, 6E5EBBC8B70C1D593634DAF0C190DEADFDA18C3CBC8F552A76F156F3869EF05B ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
14:06:31.0500 0x0f84  usbscan - ok
14:06:31.0546 0x0f84  [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
14:06:31.0562 0x0f84  USBSTOR - ok
14:06:31.0593 0x0f84  [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
14:06:31.0593 0x0f84  usbuhci - ok
14:06:31.0625 0x0f84  [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
14:06:31.0625 0x0f84  VgaSave - ok
14:06:31.0656 0x0f84  [ 754292CE5848B3738281B4F3607EAEF4, B0DCC9E9F8F78671FF878B493264C3B1DD2ED4A7167E3F5495F66ABF5FACB86C ] viaagp          C:\WINDOWS\system32\DRIVERS\viaagp.sys
14:06:31.0656 0x0f84  viaagp - ok
14:06:31.0671 0x0f84  [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E, FC7FFD53FCC0F81587EFF26A43C141D25C43DBC68311520CE2BCDD739CA58CA9 ] ViaIde          C:\WINDOWS\system32\DRIVERS\viaide.sys
14:06:31.0671 0x0f84  ViaIde - ok
14:06:31.0687 0x0f84  [ 4C8FCB5CC53AAB716D810740FE59D025, 010EAC43DBED700B73E4FC908FAAF9F6A0168EBBD5D86751E49BC33AAA18BFA4 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
14:06:31.0703 0x0f84  VolSnap - ok
14:06:31.0828 0x0f84  [ 7A9DB3A67C333BF0BD42E42B8596854B, D31A9A3B1AAAB373EDD73B674102395212FCB616F829E938B7B2B7BE7D4752C5 ] VSS             C:\WINDOWS\System32\vssvc.exe
14:06:31.0906 0x0f84  VSS - ok
14:06:32.0562 0x0f84  [ 7451065A6047CBF7332EB76F5ED5F362, 5ED16BE16EE8AAA99E7E22FF52174FC1D818535E5FD984FAA1A5A25B91936335 ] vToolbarUpdater18.1.0 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe
14:06:33.0125 0x0f84  vToolbarUpdater18.1.0 - ok
14:06:33.0203 0x0f84  [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] W32Time         C:\WINDOWS\system32\w32time.dll
14:06:33.0250 0x0f84  W32Time - ok
14:06:33.0281 0x0f84  [ DB3C22745C0DA4666F3BE31F1AF36B2F, 2FE9A0F157AF9FB3CA03B8D4E706213E63E388206A8C04EF4A84E0D7A364A3A6 ] W3SVC           C:\WINDOWS\system32\inetsrv\inetinfo.exe
14:06:33.0281 0x0f84  W3SVC - ok
14:06:33.0296 0x0f84  [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
14:06:33.0312 0x0f84  Wanarp - ok
14:06:33.0312 0x0f84  WDICA - ok
14:06:33.0359 0x0f84  [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
14:06:33.0390 0x0f84  wdmaud - ok
14:06:33.0437 0x0f84  [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] WebClient       C:\WINDOWS\System32\webclnt.dll
14:06:33.0437 0x0f84  WebClient - ok
14:06:33.0578 0x0f84  [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
14:06:33.0609 0x0f84  winmgmt - ok
14:06:33.0671 0x0f84  [ 6EAA72FD9EF993EC1FA9A06DE65105DA, 041525C664FB0F516DD6CCB1954379F631C60ECB8FA9BDFDF73FD091F1DA0D96 ] WmdmPmSN        C:\WINDOWS\system32\mspmsnsv.dll
14:06:33.0687 0x0f84  WmdmPmSN - ok
14:06:33.0937 0x0f84  [ E76F8807070ED04E7408A86D6D3A6137, BFCF5361B7335760A7AE4B6958DE516A27AC60AA09135A46F0B49F588FAFE3A0 ] Wmi             C:\WINDOWS\System32\advapi32.dll
14:06:33.0953 0x0f84  Wmi - ok
14:06:34.0015 0x0f84  [ E0673F1106E62A68D2257E376079F821, 12992F18C9653050B10DC61D12988067933FCFDF02123D3A7EF5DE607A785DDC ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
14:06:34.0046 0x0f84  WmiApSrv - ok
14:06:34.0390 0x0f84  [ 15673BD0B86150CB8E27766059C72A9B, 56C23289A8BFF4945EE532CF6D62D3EC81B827CA15A359F30A327789F9FE9CAF ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
14:06:34.0625 0x0f84  WPFFontCache_v0400 - ok
14:06:34.0687 0x0f84  [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D4476F57867FCC12A ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
14:06:34.0703 0x0f84  wscsvc - ok
14:06:34.0718 0x0f84  [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
14:06:34.0718 0x0f84  wuauserv - ok
14:06:34.0921 0x0f84  [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
14:06:35.0109 0x0f84  WZCSVC - ok
14:06:35.0171 0x0f84  [ 295D21F14C335B53CB8154E5B1F892B9, 9418477C2E3EA93E93D931A4EDD4500DA568FAD6040204B5201D1080203B0BBC ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
14:06:35.0218 0x0f84  xmlprov - ok
14:06:35.0234 0x0f84  ================ Scan global ===============================
14:06:35.0296 0x0f84  [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll
14:06:35.0421 0x0f84  [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
14:06:35.0593 0x0f84  [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
14:06:35.0656 0x0f84  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe
14:06:35.0656 0x0f84  [ Global ] - ok
14:06:35.0656 0x0f84  ================ Scan MBR ==================================
14:06:35.0687 0x0f84  [ 671B81004FDD1588FA9ED1331C9CECA9 ] \Device\Harddisk0\DR0
14:06:35.0937 0x0f84  \Device\Harddisk0\DR0 - ok
14:06:35.0937 0x0f84  ================ Scan VBR ==================================
14:06:35.0953 0x0f84  [ E12C7773EDD5E58FF087A0B70E673E5A ] \Device\Harddisk0\DR0\Partition1
14:06:35.0984 0x0f84  \Device\Harddisk0\DR0\Partition1 - detected Rootkit.Boot.Cidox.b ( 0 )
14:06:35.0984 0x0f84  \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - infected
14:06:38.0546 0x0f84  ================ Scan generic autorun ======================
14:06:38.0687 0x0f84  [ A81135541C9D4EBCE43EFA8AD31395B4, 96CF8E21B7838D8162C68825BC8C4747A4380ACB672FF73423CBEA3EF5590E4B ] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe
14:06:38.0718 0x0f84  MSConfig - ok
14:06:38.0718 0x0f84  NvCplDaemon - ok
14:06:39.0218 0x0f84  [ 3F08895556CA5302FC22D7715F560A6C, 1401E37590420866760800C4AC54C9EE8C9A6FCE297596E05A572F60768D6970 ] C:\Program Files\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_TB.exe
14:06:39.0640 0x0f84  AVG-Secure-Search-Update_JUNE2013_TB - ok
14:06:39.0671 0x0f84  spchecker - ok
14:06:40.0093 0x0f84  [ 3F08895556CA5302FC22D7715F560A6C, 1401E37590420866760800C4AC54C9EE8C9A6FCE297596E05A572F60768D6970 ] C:\Program Files\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_TB.exe
14:06:40.0125 0x0f84  AVG-Secure-Search-Update_JUNE2013_TB - ok
14:06:40.0140 0x0f84  spchecker - ok
14:06:40.0312 0x0f84  [ 0AEE5668EB59912F32FF245BFA72465F, 653978E365B0E72D34E8B3ED1BFCF0237B70B41396BD70EBBBEDB31AFD77857B ] C:\Program Files\QuickTime\QTTask.exe
14:06:40.0468 0x0f84  QuickTime Task - ok
14:06:40.0484 0x0f84  Waiting for KSN requests completion. In queue: 4
14:06:41.0484 0x0f84  Waiting for KSN requests completion. In queue: 4
14:06:42.0484 0x0f84  Waiting for KSN requests completion. In queue: 4
14:06:43.0484 0x0f84  Waiting for KSN requests completion. In queue: 4
14:06:44.0484 0x0f84  Waiting for KSN requests completion. In queue: 4
14:06:45.0484 0x0f84  Waiting for KSN requests completion. In queue: 4
14:06:46.0500 0x0f84  AV detected via SS1: AVG AntiVirus Free Edition 2014, 2014.0, enabled, updated
14:06:46.0500 0x0f84  Win FW state via NFM: disabled
14:06:48.0953 0x0f84  ============================================================
14:06:48.0953 0x0f84  Scan finished
14:06:48.0953 0x0f84  ============================================================
14:06:48.0968 0x092c  Detected object count: 1
14:06:48.0968 0x092c  Actual detected object count: 1
14:06:56.0218 0x092c  \Device\Harddisk0\DR0\Partition1 - copied to quarantine
14:06:56.0250 0x092c  \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - will be cured on reboot
14:06:56.0250 0x092c  \Device\Harddisk0\DR0\Partition1 - ok
14:06:56.0250 0x092c  \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - User select action: Cure
14:06:56.0906 0x092c  KLMD registered as C:\WINDOWS\system32\drivers\81672344.sys
14:07:20.0218 0x0ff0  Deinitialize success
 



#10 kg12

kg12
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:05 AM

Posted 12 June 2014 - 09:13 AM

ESET scan log.....

 

C:\Documents and Settings\Viewer\Local Settings\Application Data\etqlisff.exe    Win32/TrojanDownloader.Agent.AGV trojan    cleaned by deleting - quarantined
C:\Documents and Settings\Viewer\Local Settings\Application Data\pthaeneo.exe    a variant of Win32/Injector.BFQP trojan    cleaned by deleting - quarantined
C:\Documents and Settings\Viewer\My Documents\Downloads\ccsetup414.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application    deleted - quarantined
C:\WINDOWS\Temp\UpdateFlashPlayer_af4f8770.exe    Win32/Rovnix.F trojan    cleaned by deleting - quarantined
 



#11 kg12

kg12
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:05 AM

Posted 12 June 2014 - 09:16 AM

all scans are completed now...are there next steps or should running these have cleared it?



#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,239 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:05 AM

Posted 12 June 2014 - 09:16 AM

Ok.. You needed a reboot to remove the Rootkit found in TDSS. It could be the cause of the whole mess.

How is it now?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,239 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:05 AM

Posted 12 June 2014 - 09:23 AM

Also Uninstall this thru Control Panel
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.510 - Oracle)

Empty your temp folders using TFC (Temporary File Cleaner)
  • Please download TFC by Old Timer and save it to your desktop.
    alternate download link
  • Save any unsaved work. (TFC will close ALL open programs including your browser!)
  • Double-click on TFC.exe to run it. (If you are using Vista, right-click on the file and choose "Run As Administrator".)
  • Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
  • Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway allowing Windows to load normally (not into Safe Mode) to ensure a complete clean.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#14 kg12

kg12
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:05 AM

Posted 12 June 2014 - 02:49 PM

removed process blocke adn as of this point we are running smoothly....looks like your instructions have cleared iexplore.exe from my PC...very much appreciated...any other steps I need to take? any suggestions for malware or antivirus I should be running?

 

Thanks






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users