uniqs 3043 |
|
|
|
|
[Trojan] Google redirect then more all pc's on Uverse network.MBam no logger detects, Eset scan for several hours, no detect, no log?
>>> MBam Log:
Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org
Database version: v2012.05.31.04
Windows 7 Service Pack 1 x86 NTFS Internet Explorer 9.0.8112.16421 Sharon :: SHARON7 [administrator]
5/31/2012 11:23:24 AM mbam-log-2012-05-31 (11-23-24).txt
Scan type: Full scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P Scan options disabled: Objects scanned: 332546 Time elapsed: 49 minute(s), 51 second(s)
Memory Processes Detected: 0 (No malicious items detected)
Memory Modules Detected: 0 (No malicious items detected)
Registry Keys Detected: 0 (No malicious items detected)
Registry Values Detected: 0 (No malicious items detected)
Registry Data Items Detected: 0 (No malicious items detected)
Folders Detected: 0 (No malicious items detected)
Files Detected: 0 (No malicious items detected)
(end) | actions · 2012-Jun-6 8:20 pm · (locked) | lilhurricaneCrunchin' For Cures Numquam oblita join:2003-01-11 Purple Zone |
Re: [Trojan] Google redirect then more all pc's on Uverse networLet's get this opened for easier analysis... What are your remaining symptoms..if any?
OTL logfile created on: 6/1/2012 10:59:21 AM - Run 1 OTL by OldTimer - Version 3.2.45.0 Folder = C:\Users\Sharon\Desktop Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.97 Gb Total Physical Memory | 1.11 Gb Available Physical Memory | 56.69% Memory free 3.93 Gb Paging File | 2.66 Gb Available in Paging File | 67.68% Paging File free Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 224.86 Gb Total Space | 137.45 Gb Free Space | 61.13% Space Free | Partition Type: NTFS Drive Z: | 465.76 Gb Total Space | 2.91 Gb Free Space | 0.62% Space Free | Partition Type: NTFS
Computer Name: SHARON7 | User Name: Sharon | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - [2012/06/01 10:58:24 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Sharon\Desktop\OTL.exe PRC - [2012/05/26 14:05:41 | 000,949,104 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe PRC - [2012/03/21 21:16:10 | 001,318,816 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe PRC - [2012/03/20 13:11:32 | 000,151,880 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\mfevtps.exe PRC - [2012/03/20 13:05:00 | 000,161,632 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\Mcafee\SystemCore\mfefire.exe PRC - [2012/03/20 13:04:32 | 000,166,288 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\Mcafee\SystemCore\mcshield.exe PRC - [2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe PRC - [2010/11/20 07:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2009/08/07 06:29:36 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe PRC - [2009/03/31 17:01:42 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) -- C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe
[color=#E56717]========== Modules (No Company Name) ==========[/color]
MOD - [2012/05/07 10:09:21 | 008,797,856 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_2_202_235.dll MOD - [2010/02/10 19:10:10 | 000,141,824 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
SRV - File not found [On_Demand | Stopped] -- C:\Users\Sharon\AppData\Local\Temp\VNZIT.exe -- (VNZIT) SRV - File not found [On_Demand | Stopped] -- C:\Users\Sharon\AppData\Local\Temp\OPAVSYBA.exe -- (OPAVSYBA) SRV - File not found [On_Demand | Stopped] -- C:\Users\Sharon\AppData\Local\Temp\EAH.exe -- (EAH) SRV - File not found [Auto | Stopped] -- C:\Windows\reset.exe /s -- (.EsetTrialReset) SRV - [2012/05/07 10:09:26 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012/03/22 19:29:08 | 000,361,976 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS) SRV - [2012/03/20 13:11:32 | 000,151,880 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\System32\mfevtps.exe -- (mfevtp) SRV - [2012/03/20 13:05:00 | 000,161,632 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire) SRV - [2012/03/20 13:04:32 | 000,166,288 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield) SRV - [2012/03/14 10:19:46 | 000,045,056 | ---- | M] (Intuit) [Auto | Stopped] -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService) SRV - [2011/08/25 17:53:00 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe -- (IntuitUpdateServiceV4) SRV - [2011/08/19 21:31:14 | 001,248,256 | ---- | M] (Intuit Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe -- (QBVSS) SRV - [2011/08/19 21:30:58 | 000,061,440 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService) SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McProxy) SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McNASvc) SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McNaiAnn) SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (mcmscsvc) SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc) SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service) SRV - [2010/11/20 07:19:33 | 000,068,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\Mcx2Svc.dll -- (Mcx2Svc) SRV - [2010/08/23 20:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService) SRV - [2010/03/18 13:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetTcpPortSharing) SRV - [2010/03/18 13:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetTcpActivator) SRV - [2010/03/18 13:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetPipeActivator) SRV - [2010/03/18 13:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetMsmqActivator) SRV - [2010/02/25 14:24:38 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc) SRV - [2009/08/07 06:29:36 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R) SRV - [2009/07/13 20:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009/07/13 20:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2009/07/13 20:15:41 | 000,075,264 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\mprdim.dll -- (RemoteAccess) SRV - [2009/07/13 20:15:33 | 000,300,544 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\ipnathlp.dll -- (SharedAccess) SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009/03/31 17:01:42 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe -- (AERTFilters)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (mfeavfk01) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Sharon\AppData\Local\Temp\mfe_rr.sys -- (MFE_RR) DRV - File not found [Kernel | Auto | Stopped] -- C:\Program Files\LogMeIn\x86\RaInfo.sys -- (LMIInfo) DRV - [2012/02/22 13:29:46 | 000,464,304 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk) DRV - [2012/02/22 13:29:46 | 000,340,920 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfefirek.sys -- (mfefirek) DRV - [2012/02/22 13:29:46 | 000,180,848 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk) DRV - [2012/02/22 13:29:46 | 000,169,608 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\mfewfpk.sys -- (mfewfpk) DRV - [2012/02/22 13:29:46 | 000,121,544 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeapfk.sys -- (mfeapfk) DRV - [2012/02/22 13:29:46 | 000,087,656 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdet.sys -- (mferkdet) DRV - [2012/02/22 13:29:46 | 000,064,912 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfenlfk.sys -- (mfenlfk) DRV - [2012/02/22 13:29:46 | 000,059,456 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk) DRV - [2012/02/22 13:29:46 | 000,057,600 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\cfwids.sys -- (cfwids) DRV - [2012/02/07 20:00:42 | 000,083,360 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP) DRV - [2010/11/20 05:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2010/11/20 04:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2010/11/20 03:42:28 | 000,246,784 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\udfs.sys -- (udfs) DRV - [2010/05/18 16:54:50 | 000,013,408 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\radpms.sys -- (radpms) DRV - [2010/01/27 12:22:02 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver) DRV - [2009/07/20 13:26:00 | 000,027,648 | ---- | M] (Realtek ) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\RtNdPt60.sys -- (RtNdPt60) DRV - [2009/07/17 02:37:06 | 000,049,904 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BVRPMPR5.SYS -- (BVRPMPR5) DRV - [2009/07/13 20:20:28 | 000,022,096 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\crcdisk.sys -- (crcdisk) DRV - [2009/07/13 18:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ws2ifsl.sys -- (ws2ifsl) DRV - [2009/07/13 18:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\serial.sys -- (Serial) DRV - [2009/07/13 18:11:15 | 000,070,656 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\cdfs.sys -- (cdfs) DRV - [2009/05/21 14:18:54 | 000,089,048 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\jraid.sys -- (JRAID) DRV - [2008/10/24 13:54:00 | 000,035,328 | ---- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtTeam60.sys -- (TEAM) Realtek Virtual Miniport Driver for Teaming (NDIS 6.2) DRV - [2008/10/24 13:54:00 | 000,035,328 | ---- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtTeam60.sys -- (RTTEAMPT) Realtek Teaming Protocol Driver (NDIS 6.2) DRV - [2008/04/01 14:33:16 | 000,019,456 | ---- | M] (LeapFrog) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\FlyUsb.sys -- (FlyUsb) DRV - [2007/12/03 13:19:00 | 000,019,968 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtVlan60.sys -- (VLAN) Realtek Virtual Miniport Driver for VLAN (NDIS 6.2) DRV - [2007/12/03 13:19:00 | 000,019,968 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtVlan60.sys -- (RTVLANPT) Realtek Vlan Protocol Driver (NDIS 6.2)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKLM\..\SearchScopes,DefaultScope = {F9261AC1-61C5-45E9-9939-9A94AEB38A07} IE - HKLM\..\SearchScopes\{F9261AC1-61C5-45E9-9939-9A94AEB38A07}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLSDF8&pc=MDDS&src=IE-SearchBox
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) IE - HKCU\..\SearchScopes,DefaultScope = {C6116413-4D1E-491E-9B8A-94A4A90C9E90} IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searc} IE - HKCU\..\SearchScopes\{C6116413-4D1E-491E-9B8A-94A4A90C9E90}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
[color=#E56717]========== FireFox ==========[/color]
FF - prefs.js..browser.search.defaultenginename: "Yahoo" FF - prefs.js..browser.search.defaulturl: "http://search.yahoo.com/search?ei=UTF-8&fr=ytff-&p=" FF - prefs.js..browser.search.param.yahoo-fr: "moz2-ytff-" FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "moz2-ytff-" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "https://encrypted.google.com/" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?ei=UTF-8&fr=ytff-&p=" FF - prefs.js..network.proxy.type: 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~1\mcafee\msc\npmcsn~1.dll () FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/08/26 17:39:52 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files\Common Files\McAfee\SystemCore [2012/05/30 22:08:10 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2012/05/26 06:13:13 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/05/23 21:09:39 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/05/24 15:36:32 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/11/11 09:15:29 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/08/26 17:39:52 | 000,000,000 | ---D | M]
[2010/06/16 17:10:20 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Sharon\AppData\Roaming\Mozilla\Extensions [2010/02/28 16:16:20 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Sharon\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2012/05/02 11:41:16 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Sharon\AppData\Roaming\Mozilla\Firefox\Profiles\tuedc105.default\extensions [2012/05/23 21:09:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2012/05/26 06:13:13 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES\MCAFEE\SITEADVISOR [2012/04/20 20:19:34 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2012/04/11 18:03:06 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2012/04/20 20:18:25 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2012/04/20 20:18:25 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
[color=#E56717]========== Chrome ==========[/color]
CHR - default_search_provider: Google () CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
O1 HOSTS File: ([2009/06/10 16:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found. O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\Mcafee\SystemCore\ScriptSn.20120525175844.dll (McAfee, Inc.) O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.) O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites) O15 - HKCU\..Trusted Domains: lorexddns.net ([lakehouse] http in Trusted sites) O15 - HKCU\..Trusted Domains: mcafee.com ([us] https in Trusted sites) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C8B78E81-FB2C-40D7-822C-8E88CBC7FB72}: DhcpNameServer = 192.168.1.254 O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O18 - Protocol\Handler\intu-help-qb5 {867FCB77-9823-4cd6-8210-D85F968D466F} - C:\Program Files\Intuit\QuickBooks 2010\HelpAsyncPluggableProtocol.dll (Intuit, Inc.) O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl.dll (McAfee, Inc.) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/06/10 16:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2012/06/01 10:58:24 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\Sharon\Desktop\OTL.exe [2012/05/30 22:13:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012/05/30 22:13:31 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2012/05/30 22:13:30 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2012/05/30 22:12:02 | 010,063,000 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Sharon\Desktop\mbam-setup-1.61.0.1400.exe [2012/05/30 14:15:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip [2012/05/30 14:15:19 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip [2012/05/26 14:05:50 | 000,000,000 | ---D | C] -- C:\Users\Sharon\AppData\Roaming\Opera [2012/05/26 14:05:50 | 000,000,000 | ---D | C] -- C:\Users\Sharon\AppData\Local\Opera [2012/05/26 14:05:40 | 000,000,000 | ---D | C] -- C:\Program Files\Opera [2012/05/25 20:27:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LanTricks [2012/05/25 20:27:57 | 000,000,000 | ---D | C] -- C:\Program Files\LanTricks [2012/05/25 20:26:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trogon Software [2012/05/25 20:26:27 | 000,000,000 | ---D | C] -- C:\Program Files\Trogon Software [2012/05/25 17:59:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee [2012/05/25 17:58:43 | 000,009,608 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfeclnk.sys [2012/05/25 17:58:15 | 000,340,920 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfefirek.sys [2012/05/25 17:58:15 | 000,180,848 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfeavfk.sys [2012/05/25 17:58:15 | 000,169,608 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfewfpk.sys [2012/05/25 17:58:15 | 000,087,656 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mferkdet.sys [2012/05/25 17:58:15 | 000,064,912 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfenlfk.sys [2012/05/25 17:58:15 | 000,059,456 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfebopk.sys [2012/05/25 17:58:15 | 000,057,600 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\cfwids.sys [2012/05/25 17:52:55 | 000,151,880 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\mfevtps.exe [2012/05/24 15:45:58 | 000,000,000 | ---D | C] -- C:\Registry Backups from ccleaner [2012/05/24 15:41:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2012/05/24 15:40:13 | 000,000,000 | ---D | C] -- C:\Windows\pss [2012/05/23 20:50:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Mcafee [2012/05/23 20:50:15 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee.com [2012/05/23 20:50:10 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee [2012/05/23 13:39:47 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee [2012/05/23 00:08:29 | 000,000,000 | ---D | C] -- C:\Program Files\SuperScan [2012/05/08 19:40:54 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prevhost.exe [2012/05/08 19:40:51 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll [2012/05/08 19:40:50 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll [2012/05/08 19:40:48 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll [2012/05/08 19:40:48 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll [2012/05/08 19:40:47 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll [2012/05/08 19:40:46 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscntrs.dll [2012/05/08 19:40:38 | 000,148,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\storport.sys [2012/05/08 19:40:37 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fsutil.exe [2012/05/08 19:40:24 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll [2012/05/08 19:40:21 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys [2012/05/08 19:40:21 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys [2012/05/08 19:40:07 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl [2012/05/08 19:40:04 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe [2012/05/08 19:40:02 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll [2012/05/08 19:39:31 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll [2012/05/08 19:38:23 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys [2012/05/08 19:37:35 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll [2012/05/08 17:42:29 | 000,000,000 | ---D | C] -- C:\Users\Sharon\Documents\SJC Money Managers [2012/05/08 17:20:43 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe [2012/05/08 17:20:42 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe [2012/05/08 17:20:41 | 002,343,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2012/05/08 17:20:28 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll [2012/05/02 11:23:50 | 000,000,000 | ---D | C] -- C:\Users\Sharon\AppData\Roaming\Malwarebytes [2012/05/02 11:23:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [3 C:\Users\Sharon\*.tmp files -> C:\Users\Sharon\*.tmp -> ]
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2012/06/01 10:58:24 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Sharon\Desktop\OTL.exe [2012/06/01 10:53:28 | 000,007,642 | ---- | M] () -- C:\Users\Sharon\AppData\Local\resmon.resmoncfg [2012/06/01 10:09:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012/05/31 20:02:13 | 000,001,830 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Center.lnk [2012/05/30 22:30:00 | 000,000,458 | ---- | M] () -- C:\Windows\tasks\fba_Quicken.job [2012/05/30 22:13:42 | 000,001,097 | ---- | M] () -- C:\Users\Sharon\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk [2012/05/30 22:12:58 | 010,063,000 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Sharon\Desktop\mbam-setup-1.61.0.1400.exe [2012/05/30 22:12:10 | 000,014,240 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012/05/30 22:12:10 | 000,014,240 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012/05/30 22:04:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012/05/30 22:04:40 | 1583,075,328 | -HS- | M] () -- C:\hiberfil.sys [2012/05/30 22:00:00 | 000,000,478 | ---- | M] () -- C:\Windows\tasks\fba_Quickbooks.job [2012/05/30 21:32:42 | 000,662,972 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012/05/30 21:32:42 | 000,121,840 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012/05/30 21:31:40 | 000,000,031 | ---- | M] () -- C:\Windows\System32\bbcap.err [2012/05/30 14:16:47 | 067,120,641 | ---- | M] () -- C:\Users\Sharon\Desktop\Desktop.7z [2012/05/26 12:20:42 | 000,000,051 | RH-- | M] () -- C:\Users\Sharon\Desktop\GetSusp.opt [2012/05/25 20:28:00 | 000,001,037 | ---- | M] () -- C:\Users\Sharon\Application Data\Microsoft\Internet Explorer\Quick Launch\LanSpy.lnk [2012/05/23 21:09:40 | 000,001,013 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2012/05/23 00:04:56 | 000,000,000 | ---- | M] () -- C:\Users\Sharon\Desktop\ipscan.csv [2012/05/22 23:37:20 | 000,000,030 | RH-- | M] () -- C:\GetSusp.opt [2012/05/17 23:24:28 | 000,078,408 | ---- | M] () -- C:\Users\Sharon\Documents\ip log.xml [2012/05/16 19:01:03 | 000,000,000 | ---- | M] () -- C:\Windows\System32\HP_192.168.1.75_MY85QHJ1P604YG [2012/05/14 08:14:54 | 000,002,503 | ---- | M] () -- C:\Users\Sharon\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk [2012/05/14 08:14:54 | 000,002,479 | ---- | M] () -- C:\Users\Public\Desktop\Safari.lnk [2012/05/11 11:18:03 | 000,000,000 | -H-- | M] () -- C:\Users\Sharon\Documents\Default.rdp [2012/05/09 09:40:53 | 039,051,264 | ---- | M] () -- C:\Users\Sharon\qdatarsi (Backup May 09,2012 09 40 AM).QBB [2012/05/08 20:09:31 | 000,427,864 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012/05/08 15:50:08 | 001,251,639 | ---- | M] () -- C:\Users\Sharon\Desktop\photo.JPG [2012/05/07 14:14:05 | 000,721,251 | ---- | M] () -- C:\Users\Sharon\Desktop\Lawn Builders Contract.pdf [2012/05/07 10:09:25 | 000,419,488 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2012/05/07 10:09:21 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2012/05/02 15:44:44 | 000,019,276 | -H-- | M] () -- C:\Users\Sharon\Documents\Database.kdb [3 C:\Users\Sharon\*.tmp files -> C:\Users\Sharon\*.tmp -> ]
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2012/05/30 22:13:42 | 000,001,097 | ---- | C] () -- C:\Users\Sharon\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk [2012/05/30 14:16:20 | 067,120,641 | ---- | C] () -- C:\Users\Sharon\Desktop\Desktop.7z [2012/05/26 14:05:46 | 000,001,793 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk [2012/05/25 20:28:00 | 000,001,037 | ---- | C] () -- C:\Users\Sharon\Application Data\Microsoft\Internet Explorer\Quick Launch\LanSpy.lnk [2012/05/25 17:59:40 | 000,001,830 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Center.lnk [2012/05/24 01:09:48 | 000,000,000 | ---- | C] () -- C:\Users\Sharon\Desktop\ipscan.csv [2012/05/24 01:09:47 | 000,021,398 | RH-- | C] () -- C:\Users\Sharon\Desktop\dell.sdr [2012/05/23 21:09:40 | 000,001,013 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2012/05/22 23:34:11 | 000,000,051 | RH-- | C] () -- C:\Users\Sharon\Desktop\GetSusp.opt [2012/05/22 23:33:49 | 000,000,030 | RH-- | C] () -- C:\GetSusp.opt [2012/05/17 23:24:28 | 000,078,408 | ---- | C] () -- C:\Users\Sharon\Documents\ip log.xml [2012/05/16 19:01:03 | 000,000,000 | ---- | C] () -- C:\Windows\System32\HP_192.168.1.75_MY85QHJ1P604YG [2012/05/14 08:14:54 | 000,002,479 | ---- | C] () -- C:\Users\Public\Desktop\Safari.lnk [2012/05/11 12:12:35 | 000,021,403 | ---- | C] () -- C:\Users\Sharon\Desktop\Another Obituary.pdf [2012/05/11 12:10:34 | 002,390,517 | ---- | C] () -- C:\Users\Sharon\Desktop\strip-poker.wmv [2012/05/11 12:10:23 | 008,001,451 | ---- | C] () -- C:\Users\Sharon\Desktop\Mrs.Hughes.wmv [2012/05/11 11:18:03 | 000,000,000 | -H-- | C] () -- C:\Users\Sharon\Documents\Default.rdp [2012/05/09 09:40:37 | 039,051,264 | ---- | C] () -- C:\Users\Sharon\qdatarsi (Backup May 09,2012 09 40 AM).QBB [2012/05/08 15:50:07 | 001,251,639 | ---- | C] () -- C:\Users\Sharon\Desktop\photo.JPG [2012/05/07 14:14:05 | 000,721,251 | ---- | C] () -- C:\Users\Sharon\Desktop\Lawn Builders Contract.pdf [2012/05/01 18:52:26 | 000,007,642 | ---- | C] () -- C:\Users\Sharon\AppData\Local\resmon.resmoncfg [2012/04/16 16:28:36 | 000,000,307 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc [2011/08/26 17:23:42 | 000,210,775 | ---- | C] () -- C:\Windows\hpoins21.dat [2011/08/26 17:23:42 | 000,005,474 | ---- | C] () -- C:\Windows\hpomdl21.dat [2011/05/08 21:15:21 | 000,000,064 | ---- | C] () -- C:\Windows\System32\rp_stats.dat [2011/05/08 21:15:21 | 000,000,044 | ---- | C] () -- C:\Windows\System32\rp_rules.dat [2011/02/11 18:40:40 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll [2010/11/19 13:17:09 | 000,210,871 | ---- | C] () -- C:\Windows\hpoins21.dat.temp [2010/08/25 20:30:02 | 000,439,308 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin [2010/08/25 20:30:00 | 000,982,240 | ---- | C] () -- C:\Windows\System32\igkrng500.bin [2010/08/25 20:30:00 | 000,092,356 | ---- | C] () -- C:\Windows\System32\igfcg500m.bin [2010/08/02 18:25:45 | 000,000,090 | ---- | C] () -- C:\Windows\QBChanUtil_Trigger.ini [2010/06/16 17:22:50 | 000,037,673 | -H-- | C] () -- C:\Users\Sharon\AppData\Roaming\Comma Separated Values (Windows).ADR [2010/06/02 15:57:49 | 000,010,232 | -H-- | C] () -- C:\Users\Sharon\AppData\Roaming\Comma Separated Values (Windows).CAL
[color=#E56717]========== LOP Check ==========[/color]
[2012/05/30 21:35:07 | 000,000,000 | -H-D | M] -- C:\Users\Sharon\AppData\Roaming\Blueberry [2010/09/27 14:59:15 | 000,000,000 | -H-D | M] -- C:\Users\Sharon\AppData\Roaming\Dream Aquarium [2012/05/30 21:35:51 | 000,000,000 | ---D | M] -- C:\Users\Sharon\AppData\Roaming\Dropbox [2012/05/01 20:01:38 | 000,000,000 | ---D | M] -- C:\Users\Sharon\AppData\Roaming\ESET [2012/04/16 07:55:37 | 000,000,000 | ---D | M] -- C:\Users\Sharon\AppData\Roaming\Eye-Fi [2011/05/06 16:43:07 | 000,000,000 | ---D | M] -- C:\Users\Sharon\AppData\Roaming\Foxit [2011/05/06 16:43:07 | 000,000,000 | ---D | M] -- C:\Users\Sharon\AppData\Roaming\Foxit Software [2011/05/06 16:43:07 | 000,000,000 | ---D | M] -- C:\Users\Sharon\AppData\Roaming\KeePass [2011/01/05 20:06:13 | 000,000,000 | -H-D | M] -- C:\Users\Sharon\AppData\Roaming\LogSys [2012/05/26 14:05:50 | 000,000,000 | ---D | M] -- C:\Users\Sharon\AppData\Roaming\Opera [2011/05/06 07:29:39 | 000,000,000 | ---D | M] -- C:\Users\Sharon\AppData\Roaming\Sammsoft [2011/05/06 16:41:28 | 000,000,000 | ---D | M] -- C:\Users\Sharon\AppData\Roaming\Softland [2011/05/06 16:43:09 | 000,000,000 | ---D | M] -- C:\Users\Sharon\AppData\Roaming\Thunderbird [2012/02/01 11:49:18 | 000,000,000 | ---D | M] -- C:\Users\Sharon\AppData\Roaming\Titanium [2012/05/30 22:00:00 | 000,000,478 | ---- | M] () -- C:\Windows\Tasks\fba_Quickbooks.job [2012/05/30 22:30:00 | 000,000,458 | ---- | M] () -- C:\Windows\Tasks\fba_Quicken.job [2011/12/27 20:42:54 | 000,032,594 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[color=#E56717]========== Purity Check ==========[/color]
[color=#E56717]========== Alternate Data Streams ==========[/color]
@Alternate Data Stream - 143 bytes -> C:\Users\Sharon\FW Application Radio-Systems-Whitehurst_CLW TX-DAL6050.eml:OECustomProperty @Alternate Data Stream - 143 bytes -> C:\Users\Sharon\FW Application Radio-Systems-Whitehurst_CLW TX-DAL6050(4).eml:OECustomProperty @Alternate Data Stream - 143 bytes -> C:\Users\Sharon\FW Application Radio-Systems-Whitehurst_CLW TX-DAL6050(3).eml:OECustomProperty @Alternate Data Stream - 143 bytes -> C:\Users\Sharon\FW Application Radio-Systems-Whitehurst_CLW TX-DAL6050(2).eml:OECustomProperty @Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:0CFF5F08 | actions · 2012-Jun-6 9:11 pm · (locked) | lilhurricane |
OTL Extras logfile created on: 6/1/2012 10:59:21 AM - Run 1 OTL by OldTimer - Version 3.2.45.0 Folder = C:\Users\Sharon\Desktop Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.97 Gb Total Physical Memory | 1.11 Gb Available Physical Memory | 56.69% Memory free 3.93 Gb Paging File | 2.66 Gb Available in Paging File | 67.68% Paging File free Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 224.86 Gb Total Space | 137.45 Gb Free Space | 61.13% Space Free | Partition Type: NTFS Drive Z: | 465.76 Gb Total Space | 2.91 Gb Free Space | 0.62% Space Free | Partition Type: NTFS
Computer Name: SHARON7 | User Name: Sharon | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
[color=#E56717]========== File Associations ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)
[HKEY_CURRENT_USER\SOFTWARE\Classes\] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[color=#E56717]========== Shell Spawning ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software) https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[color=#E56717]========== Security Center Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "AntiSpywareOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[color=#E56717]========== Firewall Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0
[color=#E56717]========== Authorized Applications List ==========[/color]
[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{097AB111-72D8-406C-862A-2AC8DDF764C3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{11FA0AAA-A90F-410C-9DF2-E9854257EFD2}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{27455A80-4F94-4B6B-A0D8-5261FAA3C44C}" = lport=445 | protocol=6 | dir=in | app=system | "{46437B78-94A8-4E1A-8380-660A68D007A9}" = lport=10243 | protocol=6 | dir=in | app=system | "{881427DD-5245-49DF-9396-A3E10F716AB9}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{9FE13053-82F1-4BBF-BCD5-A379AD595FEC}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{A2EE8F3B-0EF8-4474-86B2-E235024D5077}" = lport=2869 | protocol=6 | dir=in | app=system | "{A36F9C33-D953-47D2-BCF6-27625FC31C92}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{C47D4B3C-01E2-42E7-93F4-F69230715AB5}" = rport=10243 | protocol=6 | dir=out | app=system | "{CE0C0568-BFBD-47A3-A083-FE06A86AC117}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
[color=#E56717]========== Vista Active Application Exception List ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{07DC2417-D8D6-4914-8045-EA9165C5A5C2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{0D1C5FD6-D7C2-4372-A8F0-EFD05FA3354C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{189F1AF1-0990-4E6C-8F79-265B296476F7}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{1E257621-F985-4075-82C3-217A0D473160}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | "{28C0A47C-07D3-4F84-8BD1-BFB1119B0D03}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{30AC75C4-35F1-4FCE-9608-B2CA684A02C4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{3591343A-9AB1-47F8-9E6F-570704384F25}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | "{3D29E1C6-50CD-4818-A7C6-CF5D6D855681}" = protocol=6 | dir=out | app=system | "{41388EB8-C52C-4E6E-855B-CA8EFA520254}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{4F7018C2-9E97-4418-9F07-1C605F1B42E2}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe | "{4F9E2E74-D12F-4D90-9B4B-C16AEB41379A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{56BEF90A-78CB-450D-AEBB-2CC0888C99B3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{5AFF7957-4E37-4FEC-A4E8-F6A2C50450CA}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe | "{BA5ADF63-4C6E-46CC-B593-4CBA31AA93C6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{C5B08BE8-C0AA-4D70-8DF6-25171150E6CC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{FD5C303F-2A91-4F4F-AEC5-8476156FD049}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{05BDC796-3451-4F81-B91D-E98F7ADA76C2}" = TurboTax 2010 WinPerTaxSupport "{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data "{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE 10.3 "{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended "{0A1E0BDA-5E8F-436d-8BE5-7E97C5CB899D}" = Quicken 2012 "{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status "{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan "{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch "{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer "{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}" = iSEEK AnswerWorks English Runtime "{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp "{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool "{20EFC9AA-BBC1-4DFD-81FF-99654F71CBF8}" = HPPhotoSmartDiscLabel_PrintOnDisc "{22057D8D-7CC8-46FF-AD8C-9BD24F9014F3}" = QuickBooks Pro 2012 "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{23B8A91D-680B-462B-87AD-3D70F7341731}" = iTunes "{25E202D1-D8E7-46AF-B4B0-157D9993A93E}" = QuickBooks "{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31 "{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm "{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery "{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager "{3138EAD3-700B-4A10-B617-B3F8096EE30D}" = Dell Edoc Viewer "{376FA830-EAA2-012B-AD6B-000000000000}" = TurboTax 2009 whiiper "{3782EC09-4000-475E-8A59-9CABD6F03B4C}" = TurboTax 2010 WinPerFedFormset "{3881DB80-EAA2-012B-ADAE-000000000000}" = TurboTax 2009 WinPerFedFormset "{388E4B09-3E71-4649-8921-F44A3A2954A7}" = Microsoft Visual Studio 2005 Tools for Office Runtime "{38975F50-EAA2-012B-ADB4-000000000000}" = TurboTax 2009 WinPerReleaseEngine "{38A34630-EAA2-012B-ADB6-000000000000}" = TurboTax 2009 WinPerTaxSupport "{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3C5A81D0-EAA2-012B-AE9F-000000000000}" = TurboTax 2009 wrapper "{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy "{3D5044A5-97B8-45C0-B956-BB2376569188}" = Windows Live Movie Maker "{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg "{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax "{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter "{4D0AF541-AEB5-42C0-ADB5-09F7D6F7640F}" = TurboTax 2010 whiiper "{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport "{4F2FCCCF-29F3-44B9-886F-6D16F8417522}" = TurboTax 2010 wrapper "{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies "{5A3F6A80-7913-475E-8B96-477A952CFA43}" = SupportSoft Assisted Service "{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2 "{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail "{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3 "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD DX "{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1 "{685B0843-6C8D-4E42-B60D-2B86B45526E0}" = PS_AIO_02_Software_Min "{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox "{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK "{7236672F-6430-439E-9B27-27EDEAF1D676}" = Realtek Ethernet Diagnostic Utility "{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio "{75247E38-5C9B-45D6-ADF8-E11CB56B4990}" = Network "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour "{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime "{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials "{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert "{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86) "{8DD67529-BA26-4D12-97A8-3853D0C4B67D}" = Dell Backup and Recovery Manager "{8F9216E8-21AC-4307-AE08-F5CBBCBEFE53}_is1" = Trogon MAC Scanner version 2.4 "{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007 "{90120000-0015-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007 "{90120000-0016-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007 "{90120000-0018-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007 "{90120000-0019-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007 "{90120000-001A-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007 "{90120000-001B-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_ULTIMATER_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_ULTIMATER_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_ULTIMATER_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007 "{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007 "{90120000-0044-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}_ULTIMATER_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007 "{90120000-00A1-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007 "{90120000-00BA-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007 "{90120000-0114-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007 "{90120000-0115-0409-0000-0000000FF1CE}_ULTIMATER_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007 "{90120000-0117-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager "{91120000-002E-0000-0000-0000000FF1CE}" = Microsoft Office Ultimate 2007 "{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3) "{926BD0E8-24A3-41D2-AF9B-340F1A37ED12}" = MobileMe Control Panel "{94F8D42D-BB31-4858-9705-7D756D8D9655}" = PS_AIO_02_Software "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{988329F4-A1A1-4D51-803C-EF2725A97627}" = HP Photosmart All-In-One Driver Software 13.0 Rel. 2 "{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc "{A525E00B-6609-442E-9DCD-64453C233E8D}" = TurboTax 2010 WinPerReleaseEngine "{A80FA752-C491-4ED9-ABF0-4278563160B2}" = 32 Bit HP CIO Components Installer "{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger "{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.1 "{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0 "{B28635AB-1DF3-4F07-BFEA-975D911B549B}" = hpphotosmartdisclabelplugin "{B4B2096B-B13E-408E-8985-BD07463D5487}" = PS_AIO_02_ProductContext "{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy "{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86) "{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations "{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant "{c600ab3d-8b64-41df-bf36-b3d87ce0706b}" = C7200_Help "{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari "{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget "{CAF5B770-082F-40C4-853D-3973BB81BDAA}" = TurboTax 2011 WinPerTaxSupport "{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery "{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential "{D86B0E2E-DF9A-441C-AF77-8D1A0FF00FA6}" = AIO_Scan "{D9D8F2CF-FE2D-4644-9762-01F916FE90A9}" = HPPhotoSmartDiscLabel_PaperLabel "{DA7DF8E2-4B8F-4286-97FE-DE3FFFE9B728}" = iCloud "{DBCC73BA-C69A-4BF5-B4BF-F07501EE7039}" = AnswerWorks 5.0 English Runtime "{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting "{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update "{E463E171-4082-4744-A466-F7CBE8502789}" = TurboTax 2011 WinPerReleaseEngine "{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support "{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE 10.3 "{EE556A3E-EB37-4392-9637-BAA8EC2F47FA}" = TurboTax 2011 wrapper "{EE5926BD-9590-48A3-AB1E-C1C49575823D}" = C7200 "{EFC04D3F-A152-47E7-8517-EE0F6201AFEF}" = Apple Mobile Device Support "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call "{FAD3D68B-2F9C-459B-AA79-C04B9090FD72}" = TurboTax 2011 WinPerFedFormset "7-Zip" = 7-Zip 9.20 "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "CCleaner" = CCleaner "CrossLoop_is1" = CrossLoop 2.60 "DVDFab 8_is1" = DVDFab 8.0.7.3 (29/01/2011) "Foxit Creator" = Foxit Creator "Foxit Reader" = Foxit Reader "HDMI" = Intel(R) Graphics Media Accelerator Driver "HP Imaging Device Functions" = HP Imaging Device Functions 13.0 "HP Photosmart Essential" = HP Photosmart Essential 3.5 "HP Smart Web Printing" = HP Smart Web Printing 4.51 "HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0 "HPExtendedCapabilities" = HP Customer Participation Program 13.0 "HPOCR" = OCR Software by I.R.I.S. 13.0 "KeePass Password Safe_is1" = KeePass Password Safe 1.18 "LanSpy_is1" = LanSpy "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft Visual Studio 2005 Tools for Office Runtime" = Microsoft Visual Studio 2005 Tools for Office Runtime "MozBackup" = MozBackup 1.4.10 "Mozilla Firefox 12.0 (x86 en-US)" = Mozilla Firefox 12.0 (x86 en-US) "Mozilla Thunderbird 12.0.1 (x86 en-US)" = Mozilla Thunderbird 12.0.1 (x86 en-US) "MSC" = McAfee SecurityCenter "Opera 11.64.1403" = Opera 11.64 "Picasa 3" = Picasa 3 "Power Audio Recorder_is1" = Power Audio Recorder 2.00 "TurboTax 2009" = TurboTax 2009 "TurboTax 2010" = TurboTax 2010 "TurboTax 2011" = TurboTax 2011 "TVWiz" = Intel(R) TV Wizard "ULTIMATER" = Microsoft Office Ultimate 2007 "WinLiveSuite_Wave3" = Windows Live Essentials "WinRAR archiver" = WinRAR archiver
[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Google Chrome" = Google Chrome
[color=#E56717]========== Last 10 Event Log Errors ==========[/color]
[ Application Events ] Error - 5/23/2012 5:34:35 PM | Computer Name = Sharon7 | Source = Application Error | ID = 1000 Description = Faulting application name: chrome.exe, version: 0.0.0.0, time stamp: 0x4bc2ca37 Faulting module name: chrome.dll, version: 5.0.375.3, time stamp: 0x4bc2c9ec Exception code: 0xc0000005 Fault offset: 0x008171ad Faulting process id: 0x58c Faulting application start time: 0x01cd39115ced88f6 Faulting application path: C:\Users\Sharon\AppData\Local\Google\Chrome\Application\chrome.exe Faulting module path: C:\Users\Sharon\AppData\Local\Google\Chrome\Application\5.0.375.3\chrome.dll Report Id: 16ae0e8d-a51f-11e1-8824-0002721ceb78
Error - 5/23/2012 6:22:03 PM | Computer Name = Sharon7 | Source = Application Error | ID = 1000 Description = Faulting application name: chrome.exe, version: 0.0.0.0, time stamp: 0x4bc2ca37 Faulting module name: chrome.dll, version: 5.0.375.3, time stamp: 0x4bc2c9ec Exception code: 0xc0000005 Fault offset: 0x008171ad Faulting process id: 0xca8 Faulting application start time: 0x01cd392bd7c4346e Faulting application path: C:\Users\Sharon\AppData\Local\Google\Chrome\Application\chrome.exe Faulting module path: C:\Users\Sharon\AppData\Local\Google\Chrome\Application\5.0.375.3\chrome.dll Report Id: b848f143-a525-11e1-8824-0002721ceb78
Error - 5/24/2012 3:22:04 AM | Computer Name = Sharon7 | Source = SideBySide | ID = 16842785 Description = Activation context generation failed for "c:\program files\LeapFrog\leapfrog connect\tagusbdrivers\DPInst64.exe". Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 5/24/2012 3:22:14 AM | Computer Name = Sharon7 | Source = SideBySide | ID = 16842815 Description = Activation context generation failed for "c:\program files\mozbackup\dll\DelZip179.dll".Error in manifest or policy file "c:\program files\mozbackup\dll\DelZip179.dll" on line 8. The value "*" of attribute "language" in element "assemblyIdentity" is invalid.
Error - 5/25/2012 4:22:23 PM | Computer Name = Sharon7 | Source = SideBySide | ID = 16842785 Description = Activation context generation failed for "c:\program files\LeapFrog\leapfrog connect\tagusbdrivers\DPInst64.exe". Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 5/25/2012 4:22:32 PM | Computer Name = Sharon7 | Source = SideBySide | ID = 16842815 Description = Activation context generation failed for "c:\program files\mozbackup\dll\DelZip179.dll".Error in manifest or policy file "c:\program files\mozbackup\dll\DelZip179.dll" on line 8. The value "*" of attribute "language" in element "assemblyIdentity" is invalid.
Error - 5/26/2012 7:59:48 AM | Computer Name = Sharon7 | Source = SideBySide | ID = 16842785 Description = Activation context generation failed for "c:\program files\LeapFrog\leapfrog connect\tagusbdrivers\DPInst64.exe". Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 5/26/2012 8:02:31 AM | Computer Name = Sharon7 | Source = SideBySide | ID = 16842815 Description = Activation context generation failed for "c:\program files\mozbackup\dll\DelZip179.dll".Error in manifest or policy file "c:\program files\mozbackup\dll\DelZip179.dll" on line 8. The value "*" of attribute "language" in element "assemblyIdentity" is invalid.
Error - 5/29/2012 10:58:11 AM | Computer Name = Sharon7 | Source = Application Error | ID = 1000 Description = Faulting application name: rescue_system-common-en.exe, version: 2.1.0.16, time stamp: 0x4bdad87d Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc0000005 Fault offset: 0x00000000 Faulting process id: 0x338 Faulting application start time: 0x01cd3dab66be6cc3 Faulting application path: D:\Tools\rescue_system-common-en.exe Faulting module path: unknown Report Id: b506514d-a99e-11e1-bfca-e3986482748d
Error - 5/29/2012 11:03:04 AM | Computer Name = Sharon7 | Source = Application Error | ID = 1000 Description = Faulting application name: rescue_system-common-en.exe, version: 2.1.0.16, time stamp: 0x4bdad87d Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc0000005 Fault offset: 0x00000000 Faulting process id: 0x59c Faulting application start time: 0x01cd3dac0c4693bb Faulting application path: D:\Tools\rescue_system-common-en.exe Faulting module path: unknown Report Id: 63b723b2-a99f-11e1-a085-89f7c243b481
[ OSession Events ] Error - 1/26/2012 5:15:47 AM | Computer Name = Sharon7 | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 34285 seconds with 2820 seconds of active time. This session ended with a crash.
[ System Events ] Error - 5/30/2012 10:53:47 PM | Computer Name = Sharon7 | Source = Service Control Manager | ID = 7000 Description = The Eset Trial Reset service failed to start due to the following error: %%2
Error - 5/30/2012 10:53:48 PM | Computer Name = Sharon7 | Source = Service Control Manager | ID = 7000 Description = The LMIGuardianSvc service failed to start due to the following error: %%2
Error - 5/30/2012 10:53:48 PM | Computer Name = Sharon7 | Source = Service Control Manager | ID = 7000 Description = The LogMeIn Kernel Information Provider service failed to start due to the following error: %%3
Error - 5/30/2012 10:58:20 PM | Computer Name = Sharon7 | Source = Service Control Manager | ID = 7034 Description = The Andrea RT Filters Service service terminated unexpectedly. It has done this 1 time(s).
Error - 5/30/2012 11:04:49 PM | Computer Name = Sharon7 | Source = Service Control Manager | ID = 7000 Description = The Eset Trial Reset service failed to start due to the following error: %%2
Error - 5/30/2012 11:04:49 PM | Computer Name = Sharon7 | Source = Service Control Manager | ID = 7000 Description = The LogMeIn Kernel Information Provider service failed to start due to the following error: %%3
Error - 5/31/2012 12:29:42 PM | Computer Name = Sharon7 | Source = Service Control Manager | ID = 7034 Description = The Intuit Update Service service terminated unexpectedly. It has done this 1 time(s).
Error - 5/31/2012 12:29:47 PM | Computer Name = Sharon7 | Source = Service Control Manager | ID = 7034 Description = The Intuit Update Service v4 service terminated unexpectedly. It has done this 1 time(s).
Error - 5/31/2012 12:30:05 PM | Computer Name = Sharon7 | Source = Service Control Manager | ID = 7034 Description = The QBCFMonitorService service terminated unexpectedly. It has done this 1 time(s).
Error - 5/31/2012 12:30:11 PM | Computer Name = Sharon7 | Source = Service Control Manager | ID = 7034 Description = The QBIDPService service terminated unexpectedly. It has done this 1 time(s). | actions · 2012-Jun-6 9:11 pm · (locked) | lilhurricane |
to ccolvard
Results of screen317's Security Check version 0.99.41 Windows 7 Service Pack 1 x86 [color=red](UAC is disabled!)[/color] Internet Explorer 9 [u]``````````````Antivirus/Firewall Check:``````````````[/u] Windows Firewall Enabled! McAfee Anti-Virus and Anti-Spyware [size=1]WMI entry may not exist for antivirus; attempting automatic update.[/size] [u]`````````Anti-malware/Other Utilities Check:`````````[/u] LanSpy Malwarebytes Anti-Malware version 1.61.0.1400 CCleaner Java(TM) 6 Update 31 [color=red]Java version out of date![/color] Adobe Flash Player 11.2.202.235 Adobe Reader 9 [color=red]Adobe Reader out of date![/color] Mozilla Firefox (12.0) Mozilla Thunderbird (12.0.1) Google Chrome 5.0.375.3 Google Chrome plugins... [u]````````Process Check: objlist.exe by Laurent````````[/u] [u]`````````````````System Health check`````````````````[/u] Total Fragmentation on Drive C: 0% [u]````````````````````End of Log``````````````````````[/u]
ESETSmartInstaller@High as downloader log: Can not open internetESETSmartInstaller@High as downloader log: all ok # version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=61ce2b6245943a41a389efd5ac48cf7a # end=finished # remove_checked=true # archives_checked=true # unwanted_checked=true # unsafe_checked=true # antistealth_checked=true # utc_time=2012-06-06 11:14:24 # local_time=2012-06-06 06:14:24 (-0600, Central Daylight Time) # country="United States" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=5121 16777213 100 75 937361 39390382 0 0 # compatibility_mode=5893 16776574 100 94 764135 90555311 0 0 # compatibility_mode=8192 67108863 100 0 0 0 0 0 # scanned=149368 # found=0 # cleaned=0 # scan_time=13943 | actions · 2012-Jun-6 9:12 pm · (locked) | |
This PC has been disconnected from the network and cleaned as above. If I leave it on it seems to start using a lot of network resources. Last time I cleaned Mcafee found trojan and rootkit killer found about 18 files.
Prior to that it was using eset which was reporting nothing. Now I've switch all to uverse mcafee secuirty suite and changed IP ranges on router and gateway address. Other machines present IE, Firefox redirect after time on network. Same for this machine. Seems to come back after running on network.
Cleaing tools seem to stop working or detecting.
The other thing is that it blocks certian security related sites like kaspersky, mcafee, bleeping computer, etc... Nothing seems to be going on at the moment. But, it has not been connect to the network for very long.
Thanks
Chris | actions · 2012-Jun-6 9:59 pm · (locked) | lilhurricaneCrunchin' For Cures Numquam oblita join:2003-01-11 Purple Zone |
Is this pc used in a work environment? Or a home network? | actions · 2012-Jun-6 10:20 pm · (locked) | |
Home office. This PC has the accounting programs on it.
Thanks | actions · 2012-Jun-6 10:41 pm · (locked) | lilhurricaneCrunchin' For Cures Numquam oblita join:2003-01-11 Purple Zone |
Then, if you could also download and run TDSS Killer (#4), posting the log in your next reply - it would be appreciated We'll need the entire log, even if you 'think/see' nothing detected. » Security Cleanup FAQ » Rootkit Detection Applications | actions · 2012-Jun-6 10:47 pm · (locked) | |
Here is the log file. I did not take any action and skipped the quarantine of the detected files. >>> File to big, attached. | actions · 2012-Jun-6 11:00 pm · (locked) | lilhurricaneCrunchin' For Cures Numquam oblita join:2003-01-11 Purple Zone |
21:55:26.0464 7564 TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16 21:55:28.0484 7564 ============================================================ 21:55:28.0484 7564 Current date / time: 2012/06/06 21:55:28.0484 21:55:28.0484 7564 SystemInfo: 21:55:28.0484 7564 21:55:28.0484 7564 OS Version: 6.1.7601 ServicePack: 1.0 21:55:28.0484 7564 Product type: Workstation 21:55:28.0484 7564 ComputerName: SHARON7 21:55:28.0484 7564 UserName: Sharon 21:55:28.0484 7564 Windows directory: C:\Windows 21:55:28.0484 7564 System windows directory: C:\Windows 21:55:28.0484 7564 Processor architecture: Intel x86 21:55:28.0484 7564 Number of processors: 2 21:55:28.0484 7564 Page size: 0x1000 21:55:28.0484 7564 Boot type: Normal boot 21:55:28.0484 7564 ============================================================ 21:55:29.0832 7564 Drive \Device\Harddisk0\DR0 - Size: 0x3A35294400 (232.83 Gb), SectorSize: 0x200, Cylinders: 0x76BA, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 21:55:29.0863 7564 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 21:55:29.0910 7564 ============================================================ 21:55:29.0910 7564 \Device\Harddisk0\DR0: 21:55:29.0910 7564 MBR partitions: 21:55:29.0910 7564 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0xFDB000 21:55:29.0910 7564 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xFEF000, BlocksNum 0x1C1B9800 21:55:29.0910 7564 \Device\Harddisk1\DR1: 21:55:29.0910 7564 MBR partitions: 21:55:29.0910 7564 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A384800 21:55:29.0910 7564 ============================================================ 21:55:29.0941 7564 C: \Device\Harddisk0\DR0\Partition1 21:55:29.0956 7564 Z: \Device\Harddisk1\DR1\Partition0 21:55:29.0956 7564 ============================================================ 21:55:29.0956 7564 Initialize success 21:55:29.0956 7564 ============================================================ 21:56:03.0909 5536 ============================================================ 21:56:03.0909 5536 Scan started 21:56:03.0909 5536 Mode: Manual; SigCheck; TDLFS; 21:56:03.0909 5536 ============================================================ 21:56:04.0664 5536 .EsetTrialReset - ok 21:56:04.0804 5536 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys 21:56:04.0945 5536 1394ohci - ok 21:56:04.0976 5536 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys 21:56:04.0991 5536 ACPI - ok 21:56:05.0023 5536 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys 21:56:05.0114 5536 AcpiPmi - ok 21:56:05.0209 5536 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe 21:56:05.0231 5536 AdobeFlashPlayerUpdateSvc - ok 21:56:05.0294 5536 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys 21:56:05.0326 5536 adp94xx - ok 21:56:05.0356 5536 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys 21:56:05.0386 5536 adpahci - ok 21:56:05.0406 5536 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys 21:56:05.0421 5536 adpu320 - ok 21:56:05.0449 5536 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll 21:56:05.0506 5536 AeLookupSvc - ok 21:56:05.0556 5536 AERTFilters (7a841462ad4749f8a07b27ae8e8947b8) C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe 21:56:05.0634 5536 AERTFilters - ok 21:56:05.0696 5536 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys 21:56:05.0774 5536 AFD - ok 21:56:05.0805 5536 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys 21:56:05.0821 5536 agp440 - ok 21:56:05.0852 5536 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys 21:56:05.0868 5536 aic78xx - ok 21:56:05.0899 5536 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe 21:56:05.0961 5536 ALG - ok 21:56:05.0961 5536 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys 21:56:05.0992 5536 aliide - ok 21:56:06.0008 5536 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys 21:56:06.0008 5536 amdagp - ok 21:56:06.0024 5536 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys 21:56:06.0039 5536 amdide - ok 21:56:06.0055 5536 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys 21:56:06.0102 5536 AmdK8 - ok 21:56:06.0117 5536 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys 21:56:06.0148 5536 AmdPPM - ok 21:56:06.0211 5536 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys 21:56:06.0226 5536 amdsata - ok 21:56:06.0258 5536 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys 21:56:06.0273 5536 amdsbs - ok 21:56:06.0289 5536 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys 21:56:06.0304 5536 amdxata - ok 21:56:06.0336 5536 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys 21:56:06.0445 5536 AppID - ok 21:56:06.0460 5536 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll 21:56:06.0528 5536 AppIDSvc - ok 21:56:06.0559 5536 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll 21:56:06.0606 5536 Appinfo - ok 21:56:06.0731 5536 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 21:56:06.0731 5536 Apple Mobile Device - ok 21:56:06.0762 5536 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys 21:56:06.0793 5536 arc - ok 21:56:06.0809 5536 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys 21:56:06.0824 5536 arcsas - ok 21:56:06.0933 5536 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe 21:56:06.0949 5536 aspnet_state - ok 21:56:06.0965 5536 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys 21:56:07.0074 5536 AsyncMac - ok 21:56:07.0121 5536 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys 21:56:07.0136 5536 atapi - ok 21:56:07.0214 5536 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll 21:56:07.0277 5536 AudioEndpointBuilder - ok 21:56:07.0277 5536 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll 21:56:07.0308 5536 Audiosrv - ok 21:56:07.0386 5536 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll 21:56:07.0479 5536 AxInstSV - ok 21:56:07.0526 5536 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys 21:56:07.0586 5536 b06bdrv - ok 21:56:07.0619 5536 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys 21:56:07.0681 5536 b57nd60x - ok 21:56:07.0726 5536 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll 21:56:07.0791 5536 BDESVC - ok 21:56:07.0799 5536 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys 21:56:07.0836 5536 Beep - ok 21:56:07.0901 5536 BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll 21:56:07.0969 5536 BFE - ok 21:56:08.0013 5536 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\System32\qmgr.dll 21:56:08.0091 5536 BITS - ok 21:56:08.0106 5536 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys 21:56:08.0137 5536 blbdrive - ok 21:56:08.0262 5536 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe 21:56:08.0293 5536 Bonjour Service - ok 21:56:08.0340 5536 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys 21:56:08.0371 5536 bowser - ok 21:56:08.0371 5536 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys 21:56:08.0449 5536 BrFiltLo - ok 21:56:08.0465 5536 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys 21:56:08.0517 5536 BrFiltUp - ok 21:56:08.0548 5536 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll 21:56:08.0610 5536 Browser - ok 21:56:08.0626 5536 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys 21:56:08.0688 5536 Brserid - ok 21:56:08.0704 5536 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys 21:56:08.0735 5536 BrSerWdm - ok 21:56:08.0751 5536 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys 21:56:08.0782 5536 BrUsbMdm - ok 21:56:08.0798 5536 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys 21:56:08.0829 5536 BrUsbSer - ok 21:56:08.0891 5536 BthEnum (2865a5c8e98c70c605f417908cebb3a4) C:\Windows\system32\drivers\BthEnum.sys 21:56:08.0954 5536 BthEnum - ok 21:56:08.0969 5536 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys 21:56:09.0000 5536 BTHMODEM - ok 21:56:09.0036 5536 BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\Windows\system32\DRIVERS\bthpan.sys 21:56:09.0074 5536 BthPan - ok 21:56:09.0144 5536 BTHPORT (c2fbf6d271d9a94d839c416bf186ead9) C:\Windows\System32\Drivers\BTHport.sys 21:56:09.0199 5536 BTHPORT - ok 21:56:09.0231 5536 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll 21:56:09.0281 5536 bthserv - ok 21:56:09.0314 5536 BTHUSB (c81e9413a25a439f436b1d4b6a0cf9e9) C:\Windows\System32\Drivers\BTHUSB.sys 21:56:09.0346 5536 BTHUSB - ok 21:56:09.0416 5536 BVRPMPR5 (248dfa5762dde38dfddbbd44149e9d7a) C:\Windows\system32\drivers\BVRPMPR5.SYS 21:56:09.0436 5536 BVRPMPR5 ( UnsignedFile.Multi.Generic ) - warning 21:56:09.0436 5536 BVRPMPR5 - detected UnsignedFile.Multi.Generic (1) 21:56:09.0471 5536 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys 21:56:09.0509 5536 cdfs - ok 21:56:09.0550 5536 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\drivers\cdrom.sys 21:56:09.0597 5536 cdrom - ok 21:56:09.0628 5536 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll 21:56:09.0690 5536 CertPropSvc - ok 21:56:09.0753 5536 cfwids (1c7b1e36f3ced9e4b0b13385e627fe8b) C:\Windows\system32\drivers\cfwids.sys 21:56:10.0282 5536 cfwids - ok 21:56:10.0307 5536 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys 21:56:10.0322 5536 circlass - ok 21:56:10.0352 5536 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys 21:56:10.0367 5536 CLFS - ok 21:56:10.0447 5536 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 21:56:10.0465 5536 clr_optimization_v2.0.50727_32 - ok 21:56:10.0723 5536 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 21:56:10.0770 5536 clr_optimization_v4.0.30319_32 - ok 21:56:10.0785 5536 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys 21:56:10.0832 5536 CmBatt - ok 21:56:10.0879 5536 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys 21:56:10.0894 5536 cmdide - ok 21:56:10.0941 5536 CNG (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys 21:56:10.0972 5536 CNG - ok 21:56:10.0988 5536 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys 21:56:11.0004 5536 Compbatt - ok 21:56:11.0050 5536 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys 21:56:11.0097 5536 CompositeBus - ok 21:56:11.0113 5536 COMSysApp - ok 21:56:11.0128 5536 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys 21:56:11.0144 5536 crcdisk - ok 21:56:11.0191 5536 CryptSvc (a585bebf7d054bd9618eda0922d5484a) C:\Windows\system32\cryptsvc.dll 21:56:11.0300 5536 CryptSvc - ok 21:56:11.0331 5536 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll 21:56:11.0409 5536 DcomLaunch - ok 21:56:11.0440 5536 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll 21:56:11.0509 5536 defragsvc - ok 21:56:11.0557 5536 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys 21:56:11.0602 5536 DfsC - ok 21:56:11.0667 5536 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll 21:56:11.0744 5536 Dhcp - ok 21:56:11.0772 5536 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys 21:56:11.0812 5536 discache - ok 21:56:11.0842 5536 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys 21:56:11.0862 5536 Disk - ok 21:56:11.0904 5536 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll 21:56:11.0947 5536 Dnscache - ok 21:56:11.0993 5536 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll 21:56:12.0071 5536 dot3svc - ok 21:56:12.0134 5536 Dot4 (b5e479eb83707dd698f66953e922042c) C:\Windows\system32\DRIVERS\Dot4.sys 21:56:12.0181 5536 Dot4 - ok 21:56:12.0227 5536 Dot4Print (caefd09b6a6249c53a67d55a9a9fcabf) C:\Windows\system32\DRIVERS\Dot4Prt.sys 21:56:12.0259 5536 Dot4Print - ok 21:56:12.0274 5536 dot4usb (cf491ff38d62143203c065260567e2f7) C:\Windows\system32\DRIVERS\dot4usb.sys 21:56:12.0305 5536 dot4usb - ok 21:56:12.0337 5536 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll 21:56:12.0415 5536 DPS - ok 21:56:12.0446 5536 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys 21:56:12.0477 5536 drmkaud - ok 21:56:12.0544 5536 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys 21:56:12.0591 5536 DXGKrnl - ok 21:56:12.0700 5536 EAH - ok 21:56:12.0716 5536 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll 21:56:12.0778 5536 EapHost - ok 21:56:12.0966 5536 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys 21:56:13.0064 5536 ebdrv - ok 21:56:13.0174 5536 EFS (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe 21:56:13.0226 5536 EFS - ok 21:56:13.0309 5536 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe 21:56:13.0381 5536 ehRecvr - ok 21:56:13.0409 5536 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe 21:56:13.0429 5536 ehSched - ok 21:56:13.0504 5536 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys 21:56:13.0529 5536 elxstor - ok 21:56:13.0575 5536 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys 21:56:13.0607 5536 ErrDev - ok 21:56:13.0653 5536 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll 21:56:13.0700 5536 EventSystem - ok 21:56:13.0716 5536 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys 21:56:13.0747 5536 exfat - ok 21:56:13.0778 5536 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys 21:56:13.0825 5536 fastfat - ok 21:56:13.0903 5536 Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe 21:56:13.0965 5536 Fax - ok 21:56:13.0981 5536 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys 21:56:14.0012 5536 fdc - ok 21:56:14.0043 5536 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll 21:56:14.0090 5536 fdPHost - ok 21:56:14.0106 5536 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll 21:56:14.0121 5536 FDResPub - ok 21:56:14.0137 5536 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys 21:56:14.0153 5536 FileInfo - ok 21:56:14.0153 5536 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys 21:56:14.0184 5536 Filetrace - ok 21:56:14.0199 5536 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys 21:56:14.0215 5536 flpydisk - ok 21:56:14.0262 5536 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys 21:56:14.0277 5536 FltMgr - ok 21:56:14.0324 5536 FlyUsb (85e5ad3a9d56fd6f92db5fc9ca62e2e4) C:\Windows\system32\DRIVERS\FlyUsb.sys 21:56:14.0355 5536 FlyUsb ( UnsignedFile.Multi.Generic ) - warning 21:56:14.0355 5536 FlyUsb - detected UnsignedFile.Multi.Generic (1) 21:56:14.0418 5536 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll 21:56:14.0496 5536 FontCache - ok 21:56:14.0579 5536 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 21:56:14.0594 5536 FontCache3.0.0.0 - ok 21:56:14.0610 5536 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys 21:56:14.0626 5536 FsDepends - ok 21:56:14.0672 5536 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\Windows\system32\drivers\Fs_Rec.sys 21:56:14.0688 5536 Fs_Rec - ok 21:56:14.0750 5536 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys 21:56:14.0782 5536 fvevol - ok 21:56:14.0797 5536 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys 21:56:14.0813 5536 gagp30kx - ok 21:56:14.0844 5536 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 21:56:14.0844 5536 GEARAspiWDM - ok 21:56:14.0906 5536 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll 21:56:14.0953 5536 gpsvc - ok 21:56:15.0047 5536 gusvc (c1b577b2169900f4cf7190c39f085794) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe 21:56:15.0078 5536 gusvc - ok 21:56:15.0094 5536 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys 21:56:15.0140 5536 hcw85cir - ok 21:56:15.0187 5536 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys 21:56:15.0234 5536 HDAudBus - ok 21:56:15.0234 5536 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys 21:56:15.0268 5536 HidBatt - ok 21:56:15.0285 5536 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys 21:56:15.0313 5536 HidBth - ok 21:56:15.0330 5536 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys 21:56:15.0365 5536 HidIr - ok 21:56:15.0390 5536 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll 21:56:15.0443 5536 hidserv - ok 21:56:15.0483 5536 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\drivers\hidusb.sys 21:56:15.0515 5536 HidUsb - ok 21:56:15.0558 5536 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll 21:56:15.0593 5536 hkmsvc - ok 21:56:15.0638 5536 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll 21:56:15.0698 5536 HomeGroupListener - ok 21:56:15.0743 5536 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll 21:56:15.0820 5536 HomeGroupProvider - ok 21:56:15.0955 5536 hpqcxs08 (1dae5c46d42b02a6d5862e1482efb390) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll 21:56:15.0986 5536 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning 21:56:15.0986 5536 hpqcxs08 - detected UnsignedFile.Multi.Generic (1) 21:56:16.0033 5536 hpqddsvc (99e8eef42fe2f4af29b08c3355dd7685) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll 21:56:16.0048 5536 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning 21:56:16.0048 5536 hpqddsvc - detected UnsignedFile.Multi.Generic (1) 21:56:16.0126 5536 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys 21:56:16.0142 5536 HpSAMD - ok 21:56:16.0235 5536 HPSLPSVC (79737e0f7d25de8405cb34d4c9882253) C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL 21:56:16.0282 5536 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning 21:56:16.0282 5536 HPSLPSVC - detected UnsignedFile.Multi.Generic (1) 21:56:16.0360 5536 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys 21:56:16.0407 5536 HTTP - ok 21:56:16.0407 5536 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys 21:56:16.0423 5536 hwpolicy - ok 21:56:16.0469 5536 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys 21:56:16.0501 5536 i8042prt - ok 21:56:16.0630 5536 IAANTMON (0e899d0db39617aa0b2f992e7e95b5eb) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe 21:56:16.0662 5536 IAANTMON - ok 21:56:16.0693 5536 iaStor (01446278d4563b3013c92830ae6cbb26) C:\Windows\system32\DRIVERS\iaStor.sys 21:56:16.0708 5536 iaStor - ok 21:56:16.0755 5536 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys 21:56:16.0786 5536 iaStorV - ok 21:56:16.0911 5536 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 21:56:16.0952 5536 idsvc - ok 21:56:17.0470 5536 igfx (dce0b53570703cce580d066f89ef58cd) C:\Windows\system32\DRIVERS\igdkmd32.sys 21:56:17.0709 5536 igfx - ok 21:56:17.0834 5536 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys 21:56:17.0849 5536 iirsp - ok 21:56:17.0927 5536 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll | actions · 2012-Jun-6 11:14 pm · (locked) | lilhurricane |
21:56:17.0990 5536 IKEEXT - ok 21:56:18.0146 5536 IntcAzAudAddService (8b27c21412ae4404eb0acfe1d98579ec) C:\Windows\system32\drivers\RTKVHDA.sys 21:56:18.0208 5536 IntcAzAudAddService - ok 21:56:18.0333 5536 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys 21:56:18.0349 5536 intelide - ok 21:56:18.0364 5536 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys 21:56:18.0411 5536 intelppm - ok 21:56:18.0541 5536 IntuitUpdateService (3dc635b66dd7412e1c9c3a77b8d78f25) C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe 21:56:18.0556 5536 IntuitUpdateService - ok 21:56:18.0634 5536 IntuitUpdateServiceV4 (1663a135865f0ba6e853353e98e67f2a) C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe 21:56:18.0650 5536 IntuitUpdateServiceV4 - ok 21:56:18.0681 5536 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll 21:56:18.0728 5536 IPBusEnum - ok 21:56:18.0744 5536 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys 21:56:18.0775 5536 IpFilterDriver - ok 21:56:18.0853 5536 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll 21:56:18.0884 5536 iphlpsvc - ok 21:56:18.0931 5536 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys 21:56:18.0962 5536 IPMIDRV - ok 21:56:18.0993 5536 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys 21:56:19.0040 5536 IPNAT - ok 21:56:19.0149 5536 iPod Service (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe 21:56:19.0196 5536 iPod Service - ok 21:56:19.0212 5536 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys 21:56:19.0243 5536 IRENUM - ok 21:56:19.0274 5536 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys 21:56:19.0290 5536 isapnp - ok 21:56:19.0336 5536 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys 21:56:19.0368 5536 iScsiPrt - ok 21:56:19.0383 5536 JRAID (d7b5b5c5130b775ec7e32edd780d737f) C:\Windows\system32\DRIVERS\jraid.sys 21:56:19.0434 5536 JRAID - ok 21:56:19.0461 5536 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys 21:56:19.0471 5536 kbdclass - ok 21:56:19.0509 5536 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys 21:56:19.0626 5536 kbdhid - ok 21:56:19.0656 5536 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe 21:56:19.0674 5536 KeyIso - ok 21:56:19.0714 5536 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys 21:56:19.0734 5536 KSecDD - ok 21:56:19.0776 5536 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys 21:56:19.0799 5536 KSecPkg - ok 21:56:19.0831 5536 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll 21:56:19.0876 5536 KtmRm - ok 21:56:19.0939 5536 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\system32\srvsvc.dll 21:56:20.0001 5536 LanmanServer - ok 21:56:20.0032 5536 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll 21:56:20.0095 5536 LanmanWorkstation - ok 21:56:20.0126 5536 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys 21:56:20.0173 5536 lltdio - ok 21:56:20.0220 5536 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll 21:56:20.0274 5536 lltdsvc - ok 21:56:20.0289 5536 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll 21:56:20.0311 5536 lmhosts - ok 21:56:20.0384 5536 LMIInfo - ok 21:56:20.0424 5536 lmimirr (4477689e2d8ae6b78ba34c9af4cc1ed1) C:\Windows\system32\DRIVERS\lmimirr.sys 21:56:20.0439 5536 lmimirr - ok 21:56:20.0466 5536 LMIRfsClientNP - ok 21:56:20.0481 5536 LMIRfsDriver (3faa563ddf853320f90259d455a01d79) C:\Windows\system32\drivers\LMIRfsDriver.sys 21:56:20.0496 5536 LMIRfsDriver - ok 21:56:20.0521 5536 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys 21:56:20.0534 5536 LSI_FC - ok 21:56:20.0544 5536 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys 21:56:20.0559 5536 LSI_SAS - ok 21:56:20.0575 5536 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys 21:56:20.0591 5536 LSI_SAS2 - ok 21:56:20.0591 5536 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys 21:56:20.0606 5536 LSI_SCSI - ok 21:56:20.0653 5536 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys 21:56:20.0700 5536 luafv - ok 21:56:20.0793 5536 McAfee SiteAdvisor Service (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe 21:56:20.0825 5536 McAfee SiteAdvisor Service - ok 21:56:20.0825 5536 McMPFSvc (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe 21:56:20.0840 5536 McMPFSvc - ok 21:56:20.0856 5536 mcmscsvc (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe 21:56:20.0856 5536 mcmscsvc - ok 21:56:20.0871 5536 McNaiAnn (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe 21:56:20.0871 5536 McNaiAnn - ok 21:56:20.0903 5536 McNASvc (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe 21:56:20.0915 5536 McNASvc - ok 21:56:21.0020 5536 McODS (42117cbc4849a5cf11129912dabbdeca) C:\Program Files\McAfee\VirusScan\mcods.exe 21:56:21.0043 5536 McODS - ok 21:56:21.0063 5536 McProxy (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe 21:56:21.0075 5536 McProxy - ok 21:56:21.0123 5536 McShield (593fa4c378818ece76ba64a11ad56cf2) C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe 21:56:21.0150 5536 McShield - ok 21:56:21.0193 5536 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll 21:56:21.0218 5536 Mcx2Svc - ok 21:56:21.0235 5536 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys 21:56:21.0248 5536 megasas - ok 21:56:21.0278 5536 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys 21:56:21.0300 5536 MegaSR - ok 21:56:21.0345 5536 mfeapfk (43c31bdf404a6d7a7ac1bfd5ead2a566) C:\Windows\system32\drivers\mfeapfk.sys 21:56:21.0363 5536 mfeapfk - ok 21:56:21.0425 5536 mfeavfk (c1dc5f42d3367f33b6451be78b38bd46) C:\Windows\system32\drivers\mfeavfk.sys 21:56:21.0453 5536 mfeavfk - ok 21:56:21.0480 5536 mfeavfk01 - ok 21:56:21.0576 5536 mfebopk (0435c43f4c2be01b84868ad2a906397b) C:\Windows\system32\drivers\mfebopk.sys 21:56:21.0592 5536 mfebopk - ok 21:56:21.0654 5536 mfefire (7e1f8b1bdc8240f08bd358b3a466c005) C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe 21:56:21.0686 5536 mfefire - ok 21:56:21.0748 5536 mfefirek (4ea6ff90015424517843e931448e00f1) C:\Windows\system32\drivers\mfefirek.sys 21:56:21.0779 5536 mfefirek - ok 21:56:21.0842 5536 mfehidk (d1e998748ba24a731106611d535c6bbf) C:\Windows\system32\drivers\mfehidk.sys 21:56:21.0873 5536 mfehidk - ok 21:56:21.0888 5536 mfenlfk (ac04a618aef3de0fce91c766f9e069da) C:\Windows\system32\DRIVERS\mfenlfk.sys 21:56:21.0904 5536 mfenlfk - ok 21:56:21.0951 5536 mferkdet (f454a13377f0a006d20a8c14a753c432) C:\Windows\system32\drivers\mferkdet.sys 21:56:21.0966 5536 mferkdet - ok 21:56:22.0029 5536 mfevtp (b10c4efd40810c08f4b44df2efcb54f7) C:\Windows\system32\mfevtps.exe 21:56:22.0044 5536 mfevtp - ok 21:56:22.0091 5536 mfewfpk (f284337aedb7483df8a5fa840647e2b0) C:\Windows\system32\drivers\mfewfpk.sys 21:56:22.0122 5536 mfewfpk - ok 21:56:22.0216 5536 MFE_RR - ok 21:56:22.0310 5536 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe 21:56:22.0325 5536 Microsoft Office Groove Audit Service - ok 21:56:22.0356 5536 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll 21:56:22.0403 5536 MMCSS - ok 21:56:22.0434 5536 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys 21:56:22.0481 5536 Modem - ok 21:56:22.0528 5536 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys 21:56:22.0564 5536 monitor - ok 21:56:22.0611 5536 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\drivers\mouclass.sys 21:56:22.0627 5536 mouclass - ok 21:56:22.0658 5536 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys 21:56:22.0689 5536 mouhid - ok 21:56:22.0736 5536 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys 21:56:22.0751 5536 mountmgr - ok 21:56:22.0783 5536 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys 21:56:22.0829 5536 mpio - ok 21:56:22.0845 5536 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys 21:56:22.0892 5536 mpsdrv - ok 21:56:22.0954 5536 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll 21:56:23.0017 5536 MpsSvc - ok 21:56:23.0063 5536 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys 21:56:23.0095 5536 MRxDAV - ok 21:56:23.0141 5536 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys 21:56:23.0173 5536 mrxsmb - ok 21:56:23.0219 5536 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys 21:56:23.0251 5536 mrxsmb10 - ok 21:56:23.0266 5536 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys 21:56:23.0282 5536 mrxsmb20 - ok 21:56:23.0313 5536 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys 21:56:23.0329 5536 msahci - ok 21:56:23.0370 5536 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys 21:56:23.0382 5536 msdsm - ok 21:56:23.0410 5536 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe 21:56:23.0455 5536 MSDTC - ok 21:56:23.0485 5536 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys 21:56:23.0510 5536 Msfs - ok 21:56:23.0522 5536 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys 21:56:23.0560 5536 mshidkmdf - ok 21:56:23.0592 5536 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys 21:56:23.0612 5536 msisadrv - ok 21:56:23.0645 5536 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll 21:56:23.0692 5536 MSiSCSI - ok 21:56:23.0695 5536 msiserver - ok 21:56:23.0715 5536 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys 21:56:23.0750 5536 MSKSSRV - ok 21:56:23.0780 5536 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys 21:56:23.0832 5536 MSPCLOCK - ok 21:56:23.0837 5536 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys 21:56:23.0884 5536 MSPQM - ok 21:56:23.0900 5536 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys 21:56:23.0931 5536 MsRPC - ok 21:56:23.0962 5536 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys 21:56:23.0978 5536 mssmbios - ok 21:56:23.0993 5536 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys 21:56:24.0009 5536 MSTEE - ok 21:56:24.0009 5536 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys 21:56:24.0040 5536 MTConfig - ok 21:56:24.0056 5536 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys 21:56:24.0071 5536 Mup - ok 21:56:24.0118 5536 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll 21:56:24.0180 5536 napagent - ok 21:56:24.0212 5536 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys 21:56:24.0243 5536 NativeWifiP - ok 21:56:24.0321 5536 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys 21:56:24.0352 5536 NDIS - ok 21:56:24.0368 5536 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys 21:56:24.0399 5536 NdisCap - ok 21:56:24.0414 5536 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys 21:56:24.0461 5536 NdisTapi - ok 21:56:24.0492 5536 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys 21:56:24.0539 5536 Ndisuio - ok 21:56:24.0580 5536 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys 21:56:24.0612 5536 NdisWan - ok 21:56:24.0640 5536 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys 21:56:24.0675 5536 NDProxy - ok 21:56:24.0720 5536 Net Driver HPZ12 (a081cb6fb9a12668f233eb5414be3a0e) C:\Windows\system32\HPZinw12.dll 21:56:24.0737 5536 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning 21:56:24.0737 5536 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1) 21:56:24.0770 5536 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys 21:56:24.0810 5536 NetBIOS - ok 21:56:24.0842 5536 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys 21:56:24.0887 5536 NetBT - ok 21:56:24.0925 5536 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe 21:56:24.0947 5536 Netlogon - ok 21:56:24.0997 5536 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll 21:56:25.0062 5536 Netman - ok 21:56:25.0170 5536 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 21:56:25.0197 5536 NetMsmqActivator - ok 21:56:25.0202 5536 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 21:56:25.0217 5536 NetPipeActivator - ok 21:56:25.0242 5536 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll 21:56:25.0282 5536 netprofm - ok 21:56:25.0285 5536 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 21:56:25.0295 5536 NetTcpActivator - ok 21:56:25.0297 5536 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 21:56:25.0310 5536 NetTcpPortSharing - ok 21:56:25.0347 5536 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys 21:56:25.0367 5536 nfrd960 - ok 21:56:25.0415 5536 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll 21:56:25.0465 5536 NlaSvc - ok 21:56:25.0482 5536 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys 21:56:25.0505 5536 Npfs - ok 21:56:25.0515 5536 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll 21:56:25.0540 5536 nsi - ok 21:56:25.0547 5536 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys 21:56:25.0575 5536 nsiproxy - ok 21:56:25.0669 5536 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys 21:56:25.0731 5536 Ntfs - ok 21:56:25.0841 5536 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys 21:56:25.0887 5536 Null - ok 21:56:25.0919 5536 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys 21:56:25.0934 5536 nvraid - ok 21:56:25.0950 5536 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys 21:56:25.0981 5536 nvstor - ok 21:56:26.0012 5536 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys 21:56:26.0043 5536 nv_agp - ok 21:56:26.0137 5536 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 21:56:26.0168 5536 odserv - ok 21:56:26.0215 5536 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys 21:56:26.0246 5536 ohci1394 - ok 21:56:26.0340 5536 OPAVSYBA - ok 21:56:26.0402 5536 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 21:56:26.0418 5536 ose - ok 21:56:26.0465 5536 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll 21:56:26.0496 5536 p2pimsvc - ok 21:56:26.0527 5536 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll 21:56:26.0610 5536 p2psvc - ok 21:56:26.0719 5536 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys 21:56:26.0735 5536 Parport - ok 21:56:26.0766 5536 partmgr (3f34a1b4c5f6475f320c275e63afce9b) C:\Windows\system32\drivers\partmgr.sys 21:56:26.0797 5536 partmgr - ok 21:56:26.0813 5536 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys 21:56:26.0844 5536 Parvdm - ok 21:56:26.0860 5536 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll 21:56:26.0906 5536 PcaSvc - ok 21:56:26.0938 5536 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys 21:56:26.0969 5536 pci - ok 21:56:26.0969 5536 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys 21:56:26.0984 5536 pciide - ok 21:56:27.0000 5536 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys 21:56:27.0031 5536 pcmcia - ok 21:56:27.0047 5536 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys 21:56:27.0047 5536 pcw - ok 21:56:27.0094 5536 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys 21:56:27.0156 5536 PEAUTH - ok 21:56:27.0265 5536 pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll 21:56:27.0333 5536 pla - ok 21:56:27.0455 5536 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll 21:56:27.0498 5536 PlugPlay - ok 21:56:27.0558 5536 Pml Driver HPZ12 (65bc271f337637731d3c71455ae1f476) C:\Windows\system32\HPZipm12.dll 21:56:27.0578 5536 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning 21:56:27.0578 5536 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1) 21:56:27.0598 5536 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll 21:56:27.0630 5536 PNRPAutoReg - ok 21:56:27.0660 5536 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll 21:56:27.0675 5536 PNRPsvc - ok 21:56:27.0720 5536 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll 21:56:27.0775 5536 PolicyAgent - ok 21:56:27.0803 5536 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll 21:56:27.0818 5536 Power - ok 21:56:27.0865 5536 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys 21:56:27.0927 5536 PptpMiniport - ok 21:56:27.0943 5536 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys 21:56:27.0974 5536 Processor - ok 21:56:28.0021 5536 ProfSvc (43ca4ccc22d52fb58e8988f0198851d0) C:\Windows\system32\profsvc.dll 21:56:28.0068 5536 ProfSvc - ok 21:56:28.0099 5536 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe 21:56:28.0115 5536 ProtectedStorage - ok 21:56:28.0130 5536 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys 21:56:28.0177 5536 Psched - ok 21:56:28.0224 5536 PxHelp20 (40fedd328f98245ad201cf5f9f311724) C:\Windows\system32\Drivers\PxHelp20.sys 21:56:28.0239 5536 PxHelp20 - ok 21:56:28.0349 5536 QBCFMonitorService (933d92f0bd1d7a9835cd8a8b1235a11e) C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe 21:56:28.0349 5536 QBCFMonitorService ( UnsignedFile.Multi.Generic ) - warning 21:56:28.0349 5536 QBCFMonitorService - detected UnsignedFile.Multi.Generic (1) 21:56:28.0427 5536 QBFCService (6bee1814470dc12fa20c53dfc3c97ebb) C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe 21:56:28.0427 5536 QBFCService ( UnsignedFile.Multi.Generic ) - warning 21:56:28.0427 5536 QBFCService - detected UnsignedFile.Multi.Generic (1) 21:56:28.0577 5536 QBVSS (25fc19badf78b7fb1d835aac4b0b91a5) C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe 21:56:28.0612 5536 QBVSS ( UnsignedFile.Multi.Generic ) - warning 21:56:28.0612 5536 QBVSS - detected UnsignedFile.Multi.Generic (1) 21:56:28.0790 5536 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys 21:56:28.0835 5536 ql2300 - ok 21:56:28.0925 5536 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys 21:56:28.0945 5536 ql40xx - ok 21:56:28.0977 5536 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll 21:56:29.0025 5536 QWAVE - ok 21:56:29.0040 5536 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys 21:56:29.0067 5536 QWAVEdrv - ok 21:56:29.0115 5536 radpms (b953369c5ef43615f1bfa9cea69fc9aa) C:\Windows\system32\DRIVERS\radpms.sys 21:56:29.0130 5536 radpms - ok 21:56:29.0150 5536 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys 21:56:29.0187 5536 RasAcd - ok 21:56:29.0222 5536 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys 21:56:29.0267 5536 RasAgileVpn - ok 21:56:29.0300 5536 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll 21:56:29.0352 5536 RasAuto - ok 21:56:29.0370 5536 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys 21:56:29.0417 5536 Rasl2tp - ok 21:56:29.0472 5536 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll 21:56:29.0540 5536 RasMan - ok 21:56:29.0560 5536 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys 21:56:29.0572 5536 RasPppoe - ok 21:56:29.0603 5536 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys 21:56:29.0634 5536 RasSstp - ok 21:56:29.0666 5536 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys 21:56:29.0728 5536 rdbss - ok 21:56:29.0744 5536 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys 21:56:29.0775 5536 rdpbus - ok 21:56:29.0806 5536 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys 21:56:29.0853 5536 RDPCDD - ok 21:56:29.0884 5536 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys 21:56:29.0931 5536 RDPENCDD - ok 21:56:29.0946 5536 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys 21:56:29.0962 5536 RDPREFMP - ok 21:56:29.0993 5536 RDPWD (244c83332f44589ae98fc347f11b2693) C:\Windows\system32\drivers\RDPWD.sys 21:56:30.0056 5536 RDPWD - ok 21:56:30.0102 5536 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys 21:56:30.0118 5536 rdyboost - ok 21:56:30.0149 5536 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll 21:56:30.0180 5536 RemoteAccess - ok 21:56:30.0209 5536 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll 21:56:30.0259 5536 RemoteRegistry - ok 21:56:30.0321 5536 RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) C:\Windows\system32\DRIVERS\rfcomm.sys 21:56:30.0379 5536 RFCOMM - ok 21:56:30.0419 5536 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll 21:56:30.0456 5536 RpcEptMapper - ok 21:56:30.0476 5536 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe 21:56:30.0511 5536 RpcLocator - ok 21:56:30.0561 5536 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll 21:56:30.0589 5536 RpcSs - ok 21:56:30.0620 5536 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys 21:56:30.0652 5536 rspndr - ok 21:56:30.0683 5536 RTL8167 (26a9d6227d12b9d9da5a81bb9b55d810) C:\Windows\system32\DRIVERS\Rt86win7.sys 21:56:30.0745 5536 RTL8167 - ok 21:56:30.0761 5536 RtNdPt60 (f2fec929e9fa9902f0bb52a4522068d4) C:\Windows\system32\DRIVERS\RtNdPt60.sys 21:56:30.0792 5536 RtNdPt60 - ok 21:56:30.0808 5536 RTTEAMPT (d78d74c6ed83339910ccca7e68534222) C:\Windows\system32\DRIVERS\RtTeam60.sys 21:56:30.0839 5536 RTTEAMPT - ok 21:56:30.0854 5536 RTVLANPT (e6472a4007fb17d27d4091abd657a291) C:\Windows\system32\DRIVERS\RtVlan60.sys 21:56:30.0901 5536 RTVLANPT - ok 21:56:30.0948 5536 SamSs (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe 21:56:30.0979 5536 SamSs - ok 21:56:31.0026 5536 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys 21:56:31.0042 5536 sbp2port - ok 21:56:31.0073 5536 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll 21:56:31.0104 5536 SCardSvr - ok 21:56:31.0151 5536 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys 21:56:31.0198 5536 scfilter - ok 21:56:31.0260 5536 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll 21:56:31.0334 5536 Schedule - ok 21:56:31.0366 5536 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll 21:56:31.0399 5536 SCPolicySvc - ok 21:56:31.0444 5536 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll 21:56:31.0504 5536 SDRSVC - ok 21:56:31.0531 5536 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 21:56:31.0579 5536 secdrv - ok 21:56:31.0606 5536 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll 21:56:31.0661 5536 seclogon - ok 21:56:31.0686 5536 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll 21:56:31.0736 5536 SENS - ok 21:56:31.0761 5536 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll 21:56:31.0766 5536 SensrSvc - ok 21:56:31.0782 5536 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys 21:56:31.0813 5536 Serenum - ok 21:56:31.0844 5536 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys 21:56:31.0875 5536 Serial - ok 21:56:31.0907 5536 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys 21:56:31.0938 5536 sermouse - ok 21:56:31.0985 5536 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll 21:56:32.0047 5536 SessionEnv - ok 21:56:32.0078 5536 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys 21:56:32.0109 5536 sffdisk - ok 21:56:32.0125 5536 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys | actions · 2012-Jun-6 11:14 pm · (locked) | lilhurricane |
21:56:32.0141 5536 sffp_mmc - ok 21:56:32.0156 5536 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys 21:56:32.0187 5536 sffp_sd - ok 21:56:32.0219 5536 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys 21:56:32.0234 5536 sfloppy - ok 21:56:32.0265 5536 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll 21:56:32.0312 5536 SharedAccess - ok 21:56:32.0359 5536 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll 21:56:32.0406 5536 ShellHWDetection - ok 21:56:32.0437 5536 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys 21:56:32.0453 5536 sisagp - ok 21:56:32.0468 5536 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys 21:56:32.0484 5536 SiSRaid2 - ok 21:56:32.0499 5536 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys 21:56:32.0499 5536 SiSRaid4 - ok 21:56:32.0531 5536 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys 21:56:32.0546 5536 Smb - ok 21:56:32.0587 5536 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe 21:56:32.0602 5536 SNMPTRAP - ok 21:56:32.0610 5536 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys 21:56:32.0622 5536 spldr - ok 21:56:32.0677 5536 Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe 21:56:32.0745 5536 Spooler - ok 21:56:32.0935 5536 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe 21:56:33.0020 5536 sppsvc - ok 21:56:33.0145 5536 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll 21:56:33.0197 5536 sppuinotify - ok 21:56:33.0260 5536 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys 21:56:33.0307 5536 srv - ok 21:56:33.0332 5536 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys 21:56:33.0347 5536 srv2 - ok 21:56:33.0370 5536 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys 21:56:33.0382 5536 srvnet - ok 21:56:33.0415 5536 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll 21:56:33.0447 5536 SSDPSRV - ok 21:56:33.0460 5536 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll 21:56:33.0495 5536 SstpSvc - ok 21:56:33.0520 5536 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys 21:56:33.0532 5536 stexstor - ok 21:56:33.0560 5536 StillCam (edb05bd63148796f23ea78506404a538) C:\Windows\system32\DRIVERS\serscan.sys 21:56:33.0582 5536 StillCam - ok 21:56:33.0629 5536 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll 21:56:33.0660 5536 StiSvc - ok 21:56:33.0738 5536 stllssvr (e476c66713c842f58e61a95826ed1d57) C:\Program Files\Common Files\SureThing Shared\stllssvr.exe 21:56:33.0754 5536 stllssvr - ok 21:56:33.0785 5536 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys 21:56:33.0816 5536 swenum - ok 21:56:33.0848 5536 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll 21:56:33.0894 5536 swprv - ok 21:56:33.0988 5536 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll 21:56:34.0050 5536 SysMain - ok 21:56:34.0082 5536 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll 21:56:34.0113 5536 TabletInputService - ok 21:56:34.0160 5536 TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll 21:56:34.0222 5536 TapiSrv - ok 21:56:34.0253 5536 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll 21:56:34.0284 5536 TBS - ok 21:56:34.0425 5536 Tcpip (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\drivers\tcpip.sys 21:56:34.0456 5536 Tcpip - ok 21:56:34.0612 5536 TCPIP6 (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\DRIVERS\tcpip.sys 21:56:34.0643 5536 TCPIP6 - ok 21:56:34.0737 5536 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys 21:56:34.0784 5536 tcpipreg - ok 21:56:34.0830 5536 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys 21:56:34.0862 5536 TDPIPE - ok 21:56:34.0893 5536 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys 21:56:34.0908 5536 TDTCP - ok 21:56:34.0940 5536 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys 21:56:34.0986 5536 tdx - ok 21:56:35.0018 5536 TEAM (d78d74c6ed83339910ccca7e68534222) C:\Windows\system32\DRIVERS\RtTeam60.sys 21:56:35.0033 5536 TEAM - ok 21:56:35.0064 5536 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys 21:56:35.0096 5536 TermDD - ok 21:56:35.0142 5536 TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll 21:56:35.0189 5536 TermService - ok 21:56:35.0220 5536 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll 21:56:35.0236 5536 Themes - ok 21:56:35.0292 5536 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll 21:56:35.0329 5536 THREADORDER - ok 21:56:35.0377 5536 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll 21:56:35.0447 5536 TrkWks - ok 21:56:35.0517 5536 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe 21:56:35.0597 5536 TrustedInstaller - ok 21:56:35.0612 5536 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys 21:56:35.0634 5536 tssecsrv - ok 21:56:35.0682 5536 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys 21:56:35.0729 5536 TsUsbFlt - ok 21:56:35.0776 5536 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys 21:56:35.0807 5536 tunnel - ok 21:56:35.0838 5536 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys 21:56:35.0854 5536 uagp35 - ok 21:56:35.0901 5536 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys 21:56:35.0963 5536 udfs - ok 21:56:35.0994 5536 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe 21:56:36.0026 5536 UI0Detect - ok 21:56:36.0072 5536 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys 21:56:36.0088 5536 uliagpkx - ok 21:56:36.0150 5536 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\DRIVERS\umbus.sys 21:56:36.0166 5536 umbus - ok 21:56:36.0197 5536 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys 21:56:36.0228 5536 UmPass - ok 21:56:36.0260 5536 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll 21:56:36.0291 5536 upnphost - ok 21:56:36.0322 5536 USBAAPL (eafe1e00739afe6c51487a050e772e17) C:\Windows\system32\Drivers\usbaapl.sys 21:56:36.0353 5536 USBAAPL - ok 21:56:36.0400 5536 usbaudio (1d9f2bd026e8e2d45033a4df3f16b78c) C:\Windows\system32\drivers\usbaudio.sys 21:56:36.0431 5536 usbaudio - ok 21:56:36.0462 5536 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\drivers\usbccgp.sys 21:56:36.0494 5536 usbccgp - ok 21:56:36.0540 5536 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys 21:56:36.0572 5536 usbcir - ok 21:56:36.0587 5536 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys 21:56:36.0603 5536 usbehci - ok 21:56:36.0643 5536 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys 21:56:36.0673 5536 usbhub - ok 21:56:36.0693 5536 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys 21:56:36.0726 5536 usbohci - ok 21:56:36.0746 5536 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys 21:56:36.0761 5536 usbprint - ok 21:56:36.0798 5536 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys 21:56:36.0831 5536 usbscan - ok 21:56:36.0871 5536 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS 21:56:36.0906 5536 USBSTOR - ok 21:56:36.0926 5536 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\DRIVERS\usbuhci.sys 21:56:36.0938 5536 usbuhci - ok 21:56:37.0006 5536 usbvideo (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\Windows\System32\Drivers\usbvideo.sys 21:56:37.0041 5536 usbvideo - ok 21:56:37.0068 5536 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll 21:56:37.0118 5536 UxSms - ok 21:56:37.0148 5536 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe 21:56:37.0161 5536 VaultSvc - ok 21:56:37.0203 5536 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys 21:56:37.0223 5536 vdrvroot - ok 21:56:37.0278 5536 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe 21:56:37.0321 5536 vds - ok 21:56:37.0346 5536 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys 21:56:37.0368 5536 vga - ok 21:56:37.0383 5536 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys 21:56:37.0421 5536 VgaSave - ok 21:56:37.0453 5536 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys 21:56:37.0483 5536 vhdmp - ok 21:56:37.0536 5536 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys 21:56:37.0556 5536 viaagp - ok 21:56:37.0568 5536 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys 21:56:37.0593 5536 ViaC7 - ok 21:56:37.0593 5536 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys 21:56:37.0609 5536 viaide - ok 21:56:37.0640 5536 VLAN (e6472a4007fb17d27d4091abd657a291) C:\Windows\system32\DRIVERS\RtVLAN60.sys 21:56:37.0640 5536 VLAN - ok 21:56:37.0734 5536 VNZIT - ok 21:56:37.0765 5536 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys 21:56:37.0796 5536 volmgr - ok 21:56:37.0827 5536 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys 21:56:37.0859 5536 volmgrx - ok 21:56:37.0890 5536 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys 21:56:37.0921 5536 volsnap - ok 21:56:37.0952 5536 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys 21:56:37.0983 5536 vsmraid - ok 21:56:38.0077 5536 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe 21:56:38.0139 5536 VSS - ok 21:56:38.0155 5536 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys 21:56:38.0186 5536 vwifibus - ok 21:56:38.0217 5536 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll 21:56:38.0264 5536 W32Time - ok 21:56:38.0295 5536 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys 21:56:38.0327 5536 WacomPen - ok 21:56:38.0373 5536 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys 21:56:38.0420 5536 WANARP - ok 21:56:38.0420 5536 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys 21:56:38.0436 5536 Wanarpv6 - ok 21:56:38.0572 5536 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\Windows\system32\Wat\WatAdminSvc.exe 21:56:38.0610 5536 WatAdminSvc - ok 21:56:38.0797 5536 wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe 21:56:38.0922 5536 wbengine - ok 21:56:38.0953 5536 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll 21:56:38.0984 5536 WbioSrvc - ok 21:56:39.0031 5536 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll 21:56:39.0062 5536 wcncsvc - ok 21:56:39.0078 5536 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll 21:56:39.0125 5536 WcsPlugInService - ok 21:56:39.0172 5536 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys 21:56:39.0187 5536 Wd - ok 21:56:39.0223 5536 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys 21:56:39.0251 5536 Wdf01000 - ok 21:56:39.0266 5536 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll 21:56:39.0313 5536 WdiServiceHost - ok 21:56:39.0318 5536 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll 21:56:39.0333 5536 WdiSystemHost - ok 21:56:39.0376 5536 WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll 21:56:39.0428 5536 WebClient - ok 21:56:39.0453 5536 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll 21:56:39.0501 5536 Wecsvc - ok 21:56:39.0508 5536 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll 21:56:39.0543 5536 wercplsupport - ok 21:56:39.0568 5536 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll 21:56:39.0593 5536 WerSvc - ok 21:56:39.0621 5536 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys 21:56:39.0646 5536 WfpLwf - ok 21:56:39.0658 5536 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys 21:56:39.0671 5536 WIMMount - ok 21:56:39.0756 5536 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll 21:56:39.0803 5536 WinDefend - ok 21:56:39.0803 5536 WinHttpAutoProxySvc - ok 21:56:39.0865 5536 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll 21:56:39.0896 5536 Winmgmt - ok 21:56:39.0990 5536 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll 21:56:40.0052 5536 WinRM - ok 21:56:40.0146 5536 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys 21:56:40.0177 5536 WinUsb - ok 21:56:40.0255 5536 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll 21:56:40.0286 5536 Wlansvc - ok 21:56:40.0317 5536 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys 21:56:40.0317 5536 WmiAcpi - ok 21:56:40.0364 5536 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe 21:56:40.0395 5536 wmiApSrv - ok 21:56:40.0520 5536 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe 21:56:40.0551 5536 WMPNetworkSvc - ok 21:56:40.0664 5536 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll 21:56:40.0707 5536 WPCSvc - ok 21:56:40.0747 5536 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll 21:56:40.0809 5536 WPDBusEnum - ok 21:56:40.0834 5536 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys 21:56:40.0879 5536 ws2ifsl - ok 21:56:40.0897 5536 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\System32\wscsvc.dll 21:56:40.0914 5536 wscsvc - ok 21:56:40.0917 5536 WSearch - ok 21:56:41.0042 5536 wuauserv (3026418a50c5b4761befa632cedb7406) C:\Windows\system32\wuaueng.dll 21:56:41.0094 5536 wuauserv - ok 21:56:41.0222 5536 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys 21:56:41.0269 5536 WudfPf - ok 21:56:41.0285 5536 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys 21:56:41.0332 5536 WUDFRd - ok 21:56:41.0378 5536 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll 21:56:41.0410 5536 wudfsvc - ok 21:56:41.0441 5536 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll 21:56:41.0472 5536 WwanSvc - ok 21:56:41.0503 5536 MBR (0x1B8) (cdb4de4bbd714f152979da2dcbef57eb) \Device\Harddisk0\DR0 21:56:41.0768 5536 \Device\Harddisk0\DR0 - ok 21:56:41.0768 5536 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1 21:56:41.0831 5536 \Device\Harddisk1\DR1 - ok 21:56:41.0831 5536 Boot (0x1200) (1dd5213d6b9553531742bca1f482e899) \Device\Harddisk0\DR0\Partition0 21:56:41.0831 5536 \Device\Harddisk0\DR0\Partition0 - ok 21:56:41.0862 5536 Boot (0x1200) (684cf6b56728a69dd244fd1d813ac8f5) \Device\Harddisk0\DR0\Partition1 21:56:41.0862 5536 \Device\Harddisk0\DR0\Partition1 - ok 21:56:41.0878 5536 Boot (0x1200) (e0cd749a6effe2c835a3722b062cdc29) \Device\Harddisk1\DR1\Partition0 21:56:41.0878 5536 \Device\Harddisk1\DR1\Partition0 - ok 21:56:41.0878 5536 ============================================================ 21:56:41.0878 5536 Scan finished 21:56:41.0878 5536 ============================================================ 21:56:41.0878 4280 Detected object count: 10 21:56:41.0878 4280 Actual detected object count: 10 21:56:58.0720 4280 BVRPMPR5 ( UnsignedFile.Multi.Generic ) - skipped by user 21:56:58.0720 4280 BVRPMPR5 ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:56:58.0720 4280 FlyUsb ( UnsignedFile.Multi.Generic ) - skipped by user 21:56:58.0720 4280 FlyUsb ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:56:58.0720 4280 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user 21:56:58.0720 4280 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:56:58.0735 4280 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user 21:56:58.0735 4280 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:56:58.0735 4280 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user 21:56:58.0735 4280 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:56:58.0735 4280 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user 21:56:58.0735 4280 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:56:58.0735 4280 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user 21:56:58.0735 4280 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:56:58.0735 4280 QBCFMonitorService ( UnsignedFile.Multi.Generic ) - skipped by user 21:56:58.0735 4280 QBCFMonitorService ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:56:58.0735 4280 QBFCService ( UnsignedFile.Multi.Generic ) - skipped by user 21:56:58.0735 4280 QBFCService ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:56:58.0735 4280 QBVSS ( UnsignedFile.Multi.Generic ) - skipped by user 21:56:58.0735 4280 QBVSS ( UnsignedFile.Multi.Generic ) - User select action: Skip | actions · 2012-Jun-6 11:14 pm · (locked) |
1 recommendation |
to ccolvard
I want to confirm the detects by TDSS Killer. Please download and run RootRepeal. Post the log in this thread. You'll find links and instructions here: » Security Cleanup FAQ » Rootkit Detection Applications | actions · 2012-Jun-7 10:58 am · (locked) | |
The program will not run. Tried renaming, downloading into another folder and renaming and no go.
ROOTREPEAL CRASH REPORT ------------------------- Windows Version: Windows Vista SP1 Exception Code: 0xc0000005 Exception Address: 0x00429d13 Attempt to write to address: 0x005ec000
ROOTREPEAL CRASH REPORT ------------------------- Windows Version: Windows Vista SP1 Exception Code: 0xc0000005 Exception Address: 0x76f363f8 Attempt to read from address: 0x4e7306d2
ROOTREPEAL CRASH REPORT ------------------------- Windows Version: Windows Vista SP1 Exception Code: 0xc0000005 Exception Address: 0x76f363f8 Attempt to read from address: 0x4e7306d2 | actions · 2012-Jun-7 11:21 am · (locked) | |
to ccolvard
Ok, abandon RootRepeal and we'll check three of the files elsewhere. I'm not sure they are truly infected, but need to confirm or deny.
Please go to http://www.virustotal.com/
Press the 'Browse' button to the right of the yellow box.
Navigate to the file(s) listed below, one at a time (if more than one file). Press the 'Open' button in the file dialog box or double click on the file name. The file name and path should appear in the yellow box.
C:\Windows\system32\drivers\BVRPMPR5.SYS C:\Windows\system32\DRIVERS\FlyUsb.sys C:\Windows\system32\ListSvc.dll
Click on the Send File button
Note: If you can't find the file, let me know in your next post.
Once the Scan is completed, a Web page will open with the scan results. Copy and paste the address of that webpage from the address bar of your browser into your next post in this thread. Note that you can also copy and paste the contents of the webpage if you find that easier.
If the file has been previously scanned, the results webpage will show: "File has already been submitted:"
Press the "View Last Report" button then copy and paste the address of that webpage from the address bar of your browser into your next post in this thread.
If there is more than one file listed for scanning, press the Another File button at the bottom of the page. Repeat this procedure until all files listed have been scanned. | actions · 2012-Jun-7 12:25 pm · (locked) | |
| actions · 2012-Jun-7 12:38 pm · (locked) |
your moderator at work
hidden :
| ccolvard |
Re: [Trojan] Google redirect then more all pc's on Uverse networWhat should be done next? | actions · 2012-Jun-8 12:16 pm · (locked) |
1 recommendation |
to ccolvard
Thanks. I suspected as much. I want to do a scan with using Kaspersky rescue disk to eliminate any OS corruption. The Kaspersky Rescue Disk is a bootable CD or USB based version of Kaspersky Antivirus. You will find full instructions for download and use at the following links: CD based: » support.kaspersky.com/fa ··· 08282484USB Based: » support.kaspersky.com/fa ··· 08282163Note: Please post the log (krd-log.txt) in your next reply | actions · 2012-Jun-8 12:54 pm · (locked) | |
| actions · 2012-Jun-8 9:46 pm · (locked) | lilhurricaneCrunchin' For Cures Numquam oblita join:2003-01-11 Purple Zone |
Objects Scan: completed 15 days ago (events: 56, objects: 1495167, time: 01:57:30) 5/24/12 3:27 PM Task completed 5/24/12 3:11 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_4.3.3_8J2_Restore.ipsw Read error 5/24/12 3:11 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_4.3.5_8L1_Restore.ipsw Read error 5/24/12 3:11 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_5.0_9A334_Restore.ipsw Read error 5/24/12 3:11 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_4.3.5_8L1_Restore.ipsw/038-2288-002.dmg Read error 5/24/12 3:11 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_5.0_9A334_Restore.ipsw/018-7879-364.dmg Read error 5/24/12 3:11 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_4.3.3_8J2_Restore.ipsw/038-1423-003.dmg Read error 5/24/12 3:10 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPad Software Updates/iPad1,1_5.1_9B176_Restore.ipsw Read error 5/24/12 3:10 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPad Software Updates/iPad1,1_4.3.5_8L1_Restore.ipsw Read error 5/24/12 3:10 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPad Software Updates/iPad1,1_4.3.3_8J3_Restore.ipsw Read error 5/24/12 3:10 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPad Software Updates/iPad1,1_5.1_9B176_Restore.ipsw/038-1767-167.dmg Read error 5/24/12 3:10 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPad Software Updates/iPad1,1_4.3.5_8L1_Restore.ipsw/038-2272-002.dmg Read error 5/24/12 3:10 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPad Software Updates/iPad1,1_4.3.3_8J3_Restore.ipsw/038-1421-004.dmg Read error 5/24/12 3:07 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_4.3.5_8L1_Restore.ipsw Read error 5/24/12 3:07 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_5.1.1_9B206_Restore.ipsw Read error 5/24/12 3:07 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_5.0_9A334_Restore.ipsw Read error 5/24/12 3:07 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_4.3.5_8L1_Restore.ipsw/038-2288-002.dmg Read error 5/24/12 3:07 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_5.1.1_9B206_Restore.ipsw/038-4292-008.dmg Read error 5/24/12 3:07 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_5.0_9A334_Restore.ipsw/018-7879-364.dmg Read error 5/24/12 3:06 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPad Software Updates/iPad1,1_5.1_9B176_Restore.ipsw Read error 5/24/12 3:06 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_4.3.3_8J2_Restore.ipsw Read error 5/24/12 3:06 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_4.3.3_8J2_Restore.ipsw/038-1423-003.dmg Read error 5/24/12 3:06 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPad Software Updates/iPad1,1_5.1_9B176_Restore.ipsw/038-1767-167.dmg Read error 5/24/12 3:05 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPad Software Updates/iPad1,1_4.3.3_8J3_Restore.ipsw Read error 5/24/12 3:05 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPad Software Updates/iPad1,1_4.3.5_8L1_Restore.ipsw Read error 5/24/12 3:05 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPad Software Updates/iPad1,1_4.3.5_8L1_Restore.ipsw/038-2272-002.dmg Read error 5/24/12 3:05 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPad Software Updates/iPad1,1_4.3.3_8J3_Restore.ipsw/038-1421-004.dmg Read error 5/24/12 1:53 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_4.3.5_8L1_Restore.ipsw Read error 5/24/12 1:53 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_4.3.3_8J2_Restore.ipsw Read error 5/24/12 1:53 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_5.0_9A334_Restore.ipsw Read error 5/24/12 1:53 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_4.3.3_8J2_Restore.ipsw/038-1423-003.dmg Read error 5/24/12 1:53 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_4.3.5_8L1_Restore.ipsw/038-2288-002.dmg Read error 5/24/12 1:53 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_5.0_9A334_Restore.ipsw/018-7879-364.dmg Read error 5/24/12 1:52 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPad Software Updates/iPad1,1_5.1_9B176_Restore.ipsw Read error 5/24/12 1:52 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPad Software Updates/iPad1,1_4.3.3_8J3_Restore.ipsw Read error 5/24/12 1:52 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPad Software Updates/iPad1,1_4.3.5_8L1_Restore.ipsw Read error 5/24/12 1:52 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPad Software Updates/iPad1,1_4.3.3_8J3_Restore.ipsw/038-1421-004.dmg Read error 5/24/12 1:52 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPad Software Updates/iPad1,1_5.1_9B176_Restore.ipsw/038-1767-167.dmg Read error 5/24/12 1:52 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPad Software Updates/iPad1,1_4.3.5_8L1_Restore.ipsw/038-2272-002.dmg Read error 5/24/12 1:48 PM Processing error C:/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_5.0_9A334_Restore.ipsw Read error 5/24/12 1:48 PM Processing error C:/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_4.3.5_8L1_Restore.ipsw Read error 5/24/12 1:48 PM Processing error C:/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_5.1.1_9B206_Restore.ipsw Read error 5/24/12 1:48 PM Processing error C:/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_5.0_9A334_Restore.ipsw/018-7879-364.dmg Read error 5/24/12 1:48 PM Processing error C:/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_4.3.5_8L1_Restore.ipsw/038-2288-002.dmg Read error 5/24/12 1:48 PM Processing error C:/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_5.1.1_9B206_Restore.ipsw/038-4292-008.dmg Read error 5/24/12 1:48 PM Processing error C:/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_4.3.3_8J2_Restore.ipsw Read error 5/24/12 1:48 PM Processing error C:/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPad Software Updates/iPad1,1_5.1_9B176_Restore.ipsw Read error 5/24/12 1:48 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/Documents/Downloads/QuickBooksPro2010.exe/ThirdParty/DotNET35/dotnetmsp/x86/netfx3.0-kb948610-v6001-x86.msu Read error 5/24/12 1:48 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/Documents/Downloads/QuickBooksPro2010.exe/ThirdParty/DotNET35/dotnetmsp/x86/netfx3.0-kb948610-v6001-x86.msu/WSUSSCAN.cab Read error 5/24/12 1:48 PM Processing error C:/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_4.3.3_8J2_Restore.ipsw/038-1423-003.dmg Read error 5/24/12 1:48 PM Processing error C:/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPad Software Updates/iPad1,1_5.1_9B176_Restore.ipsw/038-1767-167.dmg Read error 5/24/12 1:47 PM Processing error C:/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPad Software Updates/iPad1,1_4.3.3_8J3_Restore.ipsw Read error 5/24/12 1:47 PM Processing error C:/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPad Software Updates/iPad1,1_4.3.5_8L1_Restore.ipsw Read error 5/24/12 1:47 PM Processing error C:/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPad Software Updates/iPad1,1_4.3.3_8J3_Restore.ipsw/038-1421-004.dmg Read error 5/24/12 1:47 PM Processing error C:/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPad Software Updates/iPad1,1_4.3.5_8L1_Restore.ipsw/038-2272-002.dmg Read error 5/24/12 1:29 PM Task started Objects Scan: completed 15 days ago (events: 40, objects: 1723034, time: 02:17:13) 5/24/12 6:21 PM Task completed 5/24/12 5:57 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_5.1.1_9B206_Restore.ipsw Read error 5/24/12 5:57 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_5.0_9A334_Restore.ipsw Read error 5/24/12 5:57 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_5.1.1_9B206_Restore.ipsw/038-4292-008.dmg Read error 5/24/12 5:57 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_5.0_9A334_Restore.ipsw/018-7879-364.dmg Read error 5/24/12 5:56 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_4.3.5_8L1_Restore.ipsw Read error 5/24/12 5:56 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_4.3.5_8L1_Restore.ipsw/038-2288-002.dmg Read error 5/24/12 5:48 PM Processing error C:/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_4.3.5_8L1_Restore.ipsw Read error 5/24/12 5:48 PM Processing error C:/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_5.0_9A334_Restore.ipsw Read error 5/24/12 5:48 PM Processing error C:/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_4.3.5_8L1_Restore.ipsw/038-2288-002.dmg Read error 5/24/12 5:48 PM Processing error C:/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_5.0_9A334_Restore.ipsw/018-7879-364.dmg Read error 5/24/12 5:48 PM Processing error C:/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPad Software Updates/iPad1,1_5.1_9B176_Restore.ipsw Read error 5/24/12 5:48 PM Processing error C:/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_4.3.3_8J2_Restore.ipsw Read error 5/24/12 5:48 PM Processing error C:/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPad Software Updates/iPad1,1_5.1_9B176_Restore.ipsw/038-1767-167.dmg Read error 5/24/12 5:48 PM Processing error C:/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_4.3.3_8J2_Restore.ipsw/038-1423-003.dmg Read error 5/24/12 5:47 PM Processing error C:/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPad Software Updates/iPad1,1_4.3.3_8J3_Restore.ipsw Read error 5/24/12 5:47 PM Processing error C:/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPad Software Updates/iPad1,1_4.3.5_8L1_Restore.ipsw Read error 5/24/12 5:47 PM Processing error C:/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPad Software Updates/iPad1,1_4.3.3_8J3_Restore.ipsw/038-1421-004.dmg Read error 5/24/12 5:47 PM Processing error C:/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPad Software Updates/iPad1,1_4.3.5_8L1_Restore.ipsw/038-2272-002.dmg Read error 5/24/12 5:10 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_5.1.1_9B206_Restore.ipsw Read error 5/24/12 5:10 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_5.0_9A334_Restore.ipsw Read error 5/24/12 5:10 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_5.1.1_9B206_Restore.ipsw/038-4292-008.dmg Read error 5/24/12 5:10 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_5.0_9A334_Restore.ipsw/018-7879-364.dmg Read error 5/24/12 5:10 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_4.3.5_8L1_Restore.ipsw Read error 5/24/12 5:10 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_4.3.3_8J2_Restore.ipsw Read error 5/24/12 5:10 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_4.3.5_8L1_Restore.ipsw/038-2288-002.dmg Read error 5/24/12 5:10 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_4.3.3_8J2_Restore.ipsw/038-1423-003.dmg Read error 5/24/12 5:01 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_5.0_9A334_Restore.ipsw Read error 5/24/12 5:01 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_4.3.5_8L1_Restore.ipsw Read error 5/24/12 5:01 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_5.0_9A334_Restore.ipsw/018-7879-364.dmg Read error 5/24/12 5:01 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_4.3.5_8L1_Restore.ipsw/038-2288-002.dmg Read error 5/24/12 5:01 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_4.3.3_8J2_Restore.ipsw Read error 5/24/12 5:01 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPad Software Updates/iPad1,1_5.1_9B176_Restore.ipsw Read error 5/24/12 5:01 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_4.3.3_8J2_Restore.ipsw/038-1423-003.dmg Read error 5/24/12 5:01 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPad Software Updates/iPad1,1_5.1_9B176_Restore.ipsw/038-1767-167.dmg Read error 5/24/12 5:00 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPad Software Updates/iPad1,1_4.3.5_8L1_Restore.ipsw Read error 5/24/12 5:00 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPad Software Updates/iPad1,1_4.3.3_8J3_Restore.ipsw Read error 5/24/12 5:00 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPad Software Updates/iPad1,1_4.3.5_8L1_Restore.ipsw/038-2272-002.dmg Read error 5/24/12 5:00 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPad Software Updates/iPad1,1_4.3.3_8J3_Restore.ipsw/038-1421-004.dmg Read error 5/24/12 4:04 PM Task started Objects Scan: completed 14 days ago (events: 50, objects: 1467517, time: 02:01:56) 5/24/12 11:08 PM Task completed 5/24/12 10:47 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_4.3.3_8J2_Restore.ipsw Read error 5/24/12 10:47 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_4.3.5_8L1_Restore.ipsw Read error 5/24/12 10:47 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_5.0_9A334_Restore.ipsw Read error 5/24/12 10:47 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_5.0_9A334_Restore.ipsw/018-7879-364.dmg Read error 5/24/12 10:47 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_4.3.3_8J2_Restore.ipsw/038-1423-003.dmg Read error 5/24/12 10:47 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_4.3.5_8L1_Restore.ipsw/038-2288-002.dmg Read error 5/24/12 10:46 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPad Software Updates/iPad1,1_4.3.3_8J3_Restore.ipsw Read error 5/24/12 10:46 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPad Software Updates/iPad1,1_5.1_9B176_Restore.ipsw Read error 5/24/12 10:46 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPad Software Updates/iPad1,1_4.3.5_8L1_Restore.ipsw Read error 5/24/12 10:46 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPad Software Updates/iPad1,1_4.3.3_8J3_Restore.ipsw/038-1421-004.dmg Read error 5/24/12 10:46 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPad Software Updates/iPad1,1_5.1_9B176_Restore.ipsw/038-1767-167.dmg Read error 5/24/12 10:46 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPad Software Updates/iPad1,1_4.3.5_8L1_Restore.ipsw/038-2272-002.dmg Read error 5/24/12 10:42 PM Processing error C:/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_5.0_9A334_Restore.ipsw Read error 5/24/12 10:42 PM Processing error C:/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_4.3.5_8L1_Restore.ipsw Read error 5/24/12 10:42 PM Processing error C:/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_4.3.5_8L1_Restore.ipsw/038-2288-002.dmg Read error 5/24/12 10:42 PM Processing error C:/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_5.0_9A334_Restore.ipsw/018-7879-364.dmg Read error 5/24/12 10:42 PM Processing error C:/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPad Software Updates/iPad1,1_5.1_9B176_Restore.ipsw Read error 5/24/12 10:42 PM Processing error C:/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_4.3.3_8J2_Restore.ipsw Read error 5/24/12 10:42 PM Processing error C:/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_4.3.3_8J2_Restore.ipsw/038-1423-003.dmg Read error 5/24/12 10:42 PM Processing error C:/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPad Software Updates/iPad1,1_5.1_9B176_Restore.ipsw/038-1767-167.dmg Read error 5/24/12 10:41 PM Processing error C:/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPad Software Updates/iPad1,1_4.3.5_8L1_Restore.ipsw Read error 5/24/12 10:41 PM Processing error C:/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPad Software Updates/iPad1,1_4.3.3_8J3_Restore.ipsw Read error 5/24/12 10:41 PM Processing error C:/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPad Software Updates/iPad1,1_4.3.5_8L1_Restore.ipsw/038-2272-002.dmg Read error 5/24/12 10:41 PM Processing error C:/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPad Software Updates/iPad1,1_4.3.3_8J3_Restore.ipsw/038-1421-004.dmg Read error 5/24/12 10:08 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_4.3.3_8J2_Restore.ipsw Read error 5/24/12 10:08 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_4.3.5_8L1_Restore.ipsw Read error 5/24/12 10:08 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_5.0_9A334_Restore.ipsw Read error 5/24/12 10:08 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_4.3.3_8J2_Restore.ipsw/038-1423-003.dmg Read error 5/24/12 10:08 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_4.3.5_8L1_Restore.ipsw/038-2288-002.dmg Read error 5/24/12 10:08 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_5.0_9A334_Restore.ipsw/018-7879-364.dmg Read error 5/24/12 10:08 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPad Software Updates/iPad1,1_4.3.3_8J3_Restore.ipsw Read error 5/24/12 10:08 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPad Software Updates/iPad1,1_5.1_9B176_Restore.ipsw Read error 5/24/12 10:08 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPad Software Updates/iPad1,1_4.3.5_8L1_Restore.ipsw Read error 5/24/12 10:08 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPad Software Updates/iPad1,1_4.3.3_8J3_Restore.ipsw/038-1421-004.dmg Read error 5/24/12 10:08 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPad Software Updates/iPad1,1_4.3.5_8L1_Restore.ipsw/038-2272-002.dmg Read error 5/24/12 10:08 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPad Software Updates/iPad1,1_5.1_9B176_Restore.ipsw/038-1767-167.dmg Read error 5/24/12 10:04 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_5.0_9A334_Restore.ipsw Read error 5/24/12 10:04 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_4.3.5_8L1_Restore.ipsw Read error 5/24/12 10:04 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_4.3.5_8L1_Restore.ipsw/038-2288-002.dmg Read error 5/24/12 10:04 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_5.0_9A334_Restore.ipsw/018-7879-364.dmg Read error 5/24/12 10:03 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPad Software Updates/iPad1,1_5.1_9B176_Restore.ipsw Read error 5/24/12 10:03 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_4.3.3_8J2_Restore.ipsw Read error 5/24/12 10:03 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_4.3.3_8J2_Restore.ipsw/038-1423-003.dmg Read error 5/24/12 10:03 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPad Software Updates/iPad1,1_5.1_9B176_Restore.ipsw/038-1767-167.dmg Read error 5/24/12 10:03 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPad Software Updates/iPad1,1_4.3.3_8J3_Restore.ipsw Read error 5/24/12 10:03 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPad Software Updates/iPad1,1_4.3.5_8L1_Restore.ipsw Read error 5/24/12 10:03 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPad Software Updates/iPad1,1_4.3.5_8L1_Restore.ipsw/038-2272-002.dmg Read error 5/24/12 10:03 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPad Software Updates/iPad1,1_4.3.3_8J3_Restore.ipsw/038-1421-004.dmg Read error 5/24/12 9:06 PM Task started Objects Scan: completed 1 hour ago (events: 60, objects: 3701994, time: 04:56:03) 6/8/12 1:55 PM Task started 6/8/12 2:25 PM Processing error C:/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPad Software Updates/iPad1,1_5.1_9B176_Restore.ipsw/038-1767-167.dmg Read error 6/8/12 2:25 PM Processing error C:/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPad Software Updates/iPad1,1_4.3.5_8L1_Restore.ipsw/038-2272-002.dmg Read error 6/8/12 2:25 PM Processing error C:/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPad Software Updates/iPad1,1_5.1_9B176_Restore.ipsw Read error 6/8/12 2:25 PM Processing error C:/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPad Software Updates/iPad1,1_4.3.5_8L1_Restore.ipsw Read error 6/8/12 2:25 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/Documents/Downloads/QuickBooksPro2010.exe/QBooks/data1.cab/zrush_shiprush4_qb.ocx Read error 6/8/12 2:25 PM Processing error C:/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_4.3.5_8L1_Restore.ipsw/038-2288-002.dmg Read error 6/8/12 2:25 PM Processing error C:/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_4.3.5_8L1_Restore.ipsw Read error 6/8/12 2:26 PM Processing error C:/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_5.1.1_9B206_Restore.ipsw/038-4292-008.dmg Read error 6/8/12 2:26 PM Processing error C:/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_5.0_9A334_Restore.ipsw/018-7879-364.dmg Read error 6/8/12 2:26 PM Processing error C:/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_5.1.1_9B206_Restore.ipsw Read error 6/8/12 2:26 PM Processing error C:/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_5.0_9A334_Restore.ipsw Read error 6/8/12 2:35 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPad Software Updates/iPad1,1_5.1_9B176_Restore.ipsw/038-1767-167.dmg Read error 6/8/12 2:35 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPad Software Updates/iPad1,1_4.3.5_8L1_Restore.ipsw/038-2272-002.dmg Read error 6/8/12 2:35 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPad Software Updates/iPad1,1_5.1_9B176_Restore.ipsw Read error 6/8/12 2:35 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPad Software Updates/iPad1,1_4.3.5_8L1_Restore.ipsw Read error 6/8/12 2:37 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_5.0_9A334_Restore.ipsw/018-7879-364.dmg Read error 6/8/12 2:37 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_5.1.1_9B206_Restore.ipsw/038-4292-008.dmg Read error 6/8/12 2:37 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_5.0_9A334_Restore.ipsw Read error 6/8/12 2:37 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_5.1.1_9B206_Restore.ipsw Read error 6/8/12 2:38 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/Documents/Downloads/Downloads.rar Read error 6/8/12 3:34 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPad Software Updates/iPad1,1_4.3.3_8J3_Restore.ipsw/038-1421-004.dmg Read error 6/8/12 3:34 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPad Software Updates/iPad1,1_4.3.3_8J3_Restore.ipsw Read error 6/8/12 3:34 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPad Software Updates/iPad1,1_4.3.5_8L1_Restore.ipsw/038-2272-002.dmg Read error 6/8/12 3:34 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPad Software Updates/iPad1,1_4.3.5_8L1_Restore.ipsw Read error 6/8/12 3:34 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPad Software Updates/iPad1,1_5.1_9B176_Restore.ipsw/038-1767-167.dmg Read error 6/8/12 3:34 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPad Software Updates/iPad1,1_5.1_9B176_Restore.ipsw Read error 6/8/12 3:34 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_4.3.3_8J2_Restore.ipsw/038-1423-003.dmg Read error 6/8/12 3:34 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_4.3.3_8J2_Restore.ipsw Read error 6/8/12 3:34 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_4.3.5_8L1_Restore.ipsw/038-2265-002.dmg Read error 6/8/12 3:34 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone1,2_4.2.1_8C148_Restore.ipsw/038-0015-002.dmg Read error 6/8/12 3:34 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_4.3.5_8L1_Restore.ipsw Read error 6/8/12 3:34 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone1,2_4.2.1_8C148_Restore.ipsw Read error 6/8/12 3:34 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_5.1.1_9B206_Restore.ipsw/038-4292-008.dmg Read error 6/8/12 3:34 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_5.1.1_9B206_Restore.ipsw Read error 6/8/12 3:34 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_5.0_9A334_Restore.ipsw Read error 6/8/12 3:43 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_5.0_9A334_Restore.ipsw/018-7879-364.dmg Read error 6/8/12 3:43 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_5.1.1_9B206_Restore.ipsw/038-4292-008.dmg Read error 6/8/12 3:43 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_5.1.1_9B206_Restore.ipsw Read error 6/8/12 3:43 PM Processing error /mnt/MountedDevices/PD-2BD2C32A-00000001FDE00000/Users/Sharon/AppData/Roaming/Apple Computer/iTunes/iPhone Software Updates/iPhone3,1_5.0_9A334_Restore.ipsw Read error 6/8/12 4:07 PM Processing error Z:/SHARON7/Backup Set 2011-10-30 190005/Backup Files 2011-10-30 190005/Backup files 24.zip/C/Users/Sharon/Music/iTunes/Mobile Applications/Feed Me! 2.0.ipa/Payload/FeedMe-Release-EN-US-svn8152.app/Data/sharedassets0.assets Read error 6/8/12 4:07 PM Processing error Z:/SHARON7/Backup Set 2011-10-30 190005/Backup Files 2011-10-30 190005/Backup files 24.zip/C/Users/Sharon/Music/iTunes/Mobile Applications/Feed Me! 2.0.ipa/Payload/FeedMe-Release-EN-US-svn8152.app/Data/sharedassets0.assets Read error 6/8/12 4:07 PM Processing error Z:/SHARON7/Backup Set 2011-10-30 190005/Backup Files 2011-10-30 190005/Backup files 24.zip/C/Users/Sharon/Music/iTunes/Mobile Applications/Feed Me! 2.0.ipa Read error 6/8/12 4:28 PM Processing error Z:/SHARON7/Backup Set 2011-12-04 190005/Backup Files 2011-12-04 190005/Backup files 30.zip/C/Users/Sharon/Music/iTunes/Mobile Applications/Feed Me! 2.0.ipa/Payload/FeedMe-Release-EN-US-svn8152.app/Data/sharedassets0.assets Read error 6/8/12 4:28 PM Processing error Z:/SHARON7/Backup Set 2011-12-04 190005/Backup Files 2011-12-04 190005/Backup files 27.zip/C/Users/Sharon/Documents/Downloads/QuickBooksPro2010.exe/QBooks/data1.cab/qbformhelp.chm Read error 6/8/12 4:28 PM Processing error Z:/SHARON7/Backup Set 2011-12-04 190005/Backup Files 2011-12-04 190005/Backup files 27.zip/C/Users/Sharon/Documents/Downloads/QuickBooksPro2010.exe/QBooks/data1.cab/DIRECTD.PDF Read error 6/8/12 4:28 PM Processing error Z:/SHARON7/Backup Set 2011-12-04 190005/Backup Files 2011-12-04 190005/Backup files 27.zip/C/Users/Sharon/Documents/Downloads/QuickBooksPro2010.exe/QBooks/data1.cab/zrush_shiprush4_qb.ocx Read error 6/8/12 4:28 PM Processing error Z:/SHARON7/Backup Set 2011-12-04 190005/Backup Files 2011-12-04 190005/Backup files 27.zip/C/Users/Sharon/Documents/Downloads/QuickBooksPro2010.exe/QBooks/data1.cab/afterinstall_acc.swf Read error 6/8/12 4:28 PM Processing error Z:/SHARON7/Backup Set 2011-12-04 190005/Backup Files 2011-12-04 190005/Backup files 27.zip/C/Users/Sharon/Documents/Downloads/QuickBooksPro2010.exe/QBooks/data1.cab/afterinstall_es.swf Read error 6/8/12 4:28 PM Processing error Z:/SHARON7/Backup Set 2011-12-04 190005/Backup Files 2011-12-04 190005/Backup files 27.zip/C/Users/Sharon/Documents/Downloads/QuickBooksPro2010.exe/QBooks/data1.cab/ccpkimpost.swf Read error 6/8/12 4:28 PM Processing error Z:/SHARON7/Backup Set 2011-12-04 190005/Backup Files 2011-12-04 190005/Backup files 27.zip/C/Users/Sharon/Documents/Downloads/QuickBooksPro2010.exe/QBooks/data1.cab/NozHelp.chm Read error 6/8/12 4:28 PM Processing error Z:/SHARON7/Backup Set 2011-12-04 190005/Backup Files 2011-12-04 190005/Backup files 30.zip/C/Users/Sharon/Music/iTunes/Mobile Applications/Feed Me! 2.0.ipa/Payload/FeedMe-Release-EN-US-svn8152.app/Data/sharedassets0.assets Read error 6/8/12 4:28 PM Processing error Z:/SHARON7/Backup Set 2011-12-04 190005/Backup Files 2011-12-04 190005/Backup files 30.zip/C/Users/Sharon/Music/iTunes/Mobile Applications/Feed Me! 2.0.ipa Read error 6/8/12 5:50 PM Processing error Z:/SHARON7/Backup Set 2012-03-18 190005/Backup Files 2012-03-18 190005/Backup files 31.zip/C/Users/Sharon/Music/iTunes/Mobile Applications/Feed Me! 2.0.ipa/Payload/FeedMe-Release-EN-US-svn8152.app/Data/sharedassets0.assets Read error 6/8/12 5:50 PM Processing error Z:/SHARON7/Backup Set 2012-03-18 190005/Backup Files 2012-03-18 190005/Backup files 31.zip/C/Users/Sharon/Music/iTunes/Mobile Applications/Feed Me! 2.0.ipa/Payload/FeedMe-Release-EN-US-svn8152.app/Data/sharedassets0.assets Read error 6/8/12 5:50 PM Processing error Z:/SHARON7/Backup Set 2012-03-18 190005/Backup Files 2012-03-18 190005/Backup files 31.zip/C/Users/Sharon/Music/iTunes/Mobile Applications/Feed Me! 2.0.ipa Read error 6/8/12 6:18 PM Processing error Z:/SHARON7/Backup Set 2012-05-07 090606/Backup Files 2012-05-07 090606/Backup files 32.zip/C/Users/Sharon/Music/iTunes/Mobile Applications/Feed Me! 2.0.ipa/Payload/FeedMe-Release-EN-US-svn8152.app/Data/sharedassets0.assets Read error 6/8/12 6:18 PM Processing error Z:/SHARON7/Backup Set 2012-05-07 090606/Backup Files 2012-05-07 090606/Backup files 32.zip/C/Users/Sharon/Music/iTunes/Mobile Applications/Feed Me! 2.0.ipa/Payload/FeedMe-Release-EN-US-svn8152.app/Data/sharedassets0.assets Read error 6/8/12 6:18 PM Processing error Z:/SHARON7/Backup Set 2012-05-07 090606/Backup Files 2012-05-07 090606/Backup files 32.zip/C/Users/Sharon/Music/iTunes/Mobile Applications/Feed Me! 2.0.ipa Read error 6/8/12 6:51 PM Task completed | actions · 2012-Jun-8 10:48 pm · (locked) | |
to ccolvard
Thanks for the Kaspersky log. I'm not seeing any signs of malware in what we have done so far.
On the redirect, is it everytime you search using Google?
Does it go to the same site, or type of site?
Does it affect all browsers?
Any other symptoms, beyond the redirect? | actions · 2012-Jun-9 11:16 am · (locked) | |
Hi:
Yes, the redirect was solved at least most of the time by switching to mcafee and encrypted google search.
The other symptoms are many srvhost.exe sessions running, some connect outside of network IP range, many TCP connections to unknown addresses. Seems to do this after being online for several hours (not at first).
Don't seem to be able to run win update all the time, fails.
Other issues shrinking size (or resolution of screen) and automatic shut down when I start suspending the srvhost processes.
Mcafee shows trojan detects, then no quarantine or ability to find again. | actions · 2012-Jun-9 2:17 pm · (locked) |
1 recommendation |
to ccolvard
You may be dealing with a combination of issues and I'm no sure they are all malware related. Some may be hardware related but there is no way to tell currently.
A high number of svchost.exe in the Task Manager is not unusual for Windows 7. I have seen over ten on my computer. Not all are necessarily using the internet.
Your best option is to reformat and re-install. Do a full reformat, not the 'quickee' version. Make sure you backup all your data first.
A fresh start will give you a reference point to eliminate, or include, hardware as a possible source.
Let me know your choice. If you decide against reformatting, we need to cleanup regardless of the next step. | actions · 2012-Jun-9 8:19 pm · (locked) |
|