Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

APNSTUB.EXE removal


  • This topic is locked This topic is locked
20 replies to this topic

#1 FerretLaw

FerretLaw

  • Members
  • 120 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:07:36 PM

Posted 17 October 2011 - 11:55 AM

I tried to install a couple of game files this morning and received error message on all of them that apnstub.exe is not a valid win32 application. Researching the problem on the internet, I learned it's installed by Avira & Ask.com and has something to do with collecting data and transmitting it to ask.com. Not nice, but whatever. Now it's interfering with installation of programs so I became aware if it. Searching from the start menu won't find it. I traced the path and found it in the temp directory noted, deleted everything there and it won't go. It, avira & ask are not located on my uninstall program list in control panel. The file itself, in the temp directory, in properties has a toggle to remove permissions but won't do it, citing lack of permission. Further net research says it's installed in the system itself and you can't gain access to get rid of it. I've never installed Avira, I use AVG. AVG doesn't detect it. The only references to removal are on the Avira forums and say to install avira then use their uninstall program??? More concerning, when I click to go to process, it opens task manager to explorer.exe. Has it hijacked by OS? Windows 7, i7 Dell laptop XPS.

Help is much appreciated.

BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,679 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:07:36 PM

Posted 17 October 2011 - 04:55 PM

Download Security Check from HERE, and save it to your Desktop.

* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.

=============================================================================

Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size
Click Go and post the result.

=============================================================================

Download Malwarebytes' Anti-Malware (aka MBAM): https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/ to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

=============================================================================

Please download GMER from one of the following locations and save it to your desktop:
  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.

    Posted Image
  • GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and be sure to re-enable your anti-virus, Firewall and any other security programs you had disabled.

IMPORTANT! If for some reason GMER refuses to run, try again.
If it still fails, try to UN-check "Devices" in right pane.
If still no joy, try to run it from Safe Mode.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#3 FerretLaw

FerretLaw
  • Topic Starter

  • Members
  • 120 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:07:36 PM

Posted 17 October 2011 - 07:55 PM

Results of screen317's Security Check version 0.99.7
Windows 7 (UAC is enabled)
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Enabled!
AVG PC Tuneup 2011
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

AVG PC Tuneup 2011
Java™ 6 Update 27
Out of date Java installed!
Adobe Flash Player 10.3.183.5
Adobe Reader X (10.1.1)
Mozilla Firefox (x86 en-US..) Firefox Out of Date!
````````````````````````````````
Process Check:
objlist.exe by Laurent

AVG avgwdsvc.exe
AVG avgtray.exe
``````````End of Log````````````



MiniToolBox by Farbar
Ran by Pyx (administrator) on 17-10-2011 at 20:48:36
Windows 7 Home Premium Service Pack 1 (X64)

***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

========================= Hosts content: =================================



========================= IP Configuration: ================================

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : MININT-G9KA72G
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : BC-77-37-9B-81-CA
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Bluetooth Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : BC-77-37-9B-81-CD
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® Centrino® Wireless-N 1030
Physical Address. . . . . . . . . : BC-77-37-9B-81-C9
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 14-FE-B5-B1-75-D8
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::6133:9a44:8f54:56ad%11(Preferred)
IPv4 Address. . . . . . . . . . . : 10.10.10.39(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Monday, October 17, 2011 8:30:23 PM
Lease Expires . . . . . . . . . . : Friday, October 21, 2011 8:30:24 PM
Default Gateway . . . . . . . . . : 10.10.10.1
DHCP Server . . . . . . . . . . . : 10.10.10.1
DHCPv6 IAID . . . . . . . . . . . : 236256949
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-A8-13-E4-14-FE-B5-B1-75-D8
DNS Servers . . . . . . . . . . . : 10.10.10.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{053F0A66-E9F3-4607-9893-54DBE0D969F4}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:2072:1cbc:9d91:80fd(Preferred)
Link-local IPv6 Address . . . . . : fe80::2072:1cbc:9d91:80fd%15(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: control
Address: 10.10.10.1

Name: google.com
Addresses: 72.14.204.147
72.14.204.105
72.14.204.99
72.14.204.103
72.14.204.104


Pinging google.com [72.14.204.147] with 32 bytes of data:
Reply from 72.14.204.147: bytes=32 time=13ms TTL=54
Reply from 72.14.204.147: bytes=32 time=11ms TTL=54

Ping statistics for 72.14.204.147:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 11ms, Maximum = 13ms, Average = 12ms
Server: control
Address: 10.10.10.1

Name: yahoo.com
Addresses: 98.139.180.149
209.191.122.70
67.195.160.76
72.30.2.43
98.137.149.56


Pinging yahoo.com [98.139.180.149] with 32 bytes of data:
Reply from 98.139.180.149: bytes=32 time=30ms TTL=48
Reply from 98.139.180.149: bytes=32 time=50ms TTL=47

Ping statistics for 98.139.180.149:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 30ms, Maximum = 50ms, Average = 40ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
16...bc 77 37 9b 81 ca ......Microsoft Virtual WiFi Miniport Adapter
14...bc 77 37 9b 81 cd ......Bluetooth Device (Personal Area Network)
12...bc 77 37 9b 81 c9 ......Intel® Centrino® Wireless-N 1030
11...14 fe b5 b1 75 d8 ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
15...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.10.10.1 10.10.10.39 20
10.10.10.0 255.255.255.0 On-link 10.10.10.39 276
10.10.10.39 255.255.255.255 On-link 10.10.10.39 276
10.10.10.255 255.255.255.255 On-link 10.10.10.39 276
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 10.10.10.39 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 10.10.10.39 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
15 58 ::/0 On-link
1 306 ::1/128 On-link
15 58 2001::/32 On-link
15 306 2001:0:4137:9e76:2072:1cbc:9d91:80fd/128
On-link
11 276 fe80::/64 On-link
15 306 fe80::/64 On-link
15 306 fe80::2072:1cbc:9d91:80fd/128
On-link
11 276 fe80::6133:9a44:8f54:56ad/128
On-link
1 306 ff00::/8 On-link
15 306 ff00::/8 On-link
11 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/17/2011 08:28:58 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/17/2011 06:08:56 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.

Error: (10/17/2011 06:08:37 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1".Error in manifest or policy file "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" on line WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Please use sxstrace.exe for detailed diagnosis.

Error: (10/17/2011 10:35:26 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/16/2011 04:35:08 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/16/2011 09:07:58 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/15/2011 09:05:16 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.

Error: (10/15/2011 09:04:51 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1".Error in manifest or policy file "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" on line WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Please use sxstrace.exe for detailed diagnosis.

Error: (10/14/2011 09:16:37 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/14/2011 10:29:36 AM) (Source: Software Protection Platform Service) (User: )
Description: Acquisition of genuine ticket failed (hr=0x80072EE7) for template Id 66c92734-d682-4d71-983e-d6ec3f16059f


System errors:
=============
Error: (10/11/2011 01:12:32 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 1:11:35 PM on ?10/?11/?2011 was unexpected.

Error: (10/09/2011 10:15:04 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (10/09/2011 10:15:03 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (09/30/2011 06:49:03 PM) (Source: Service Control Manager) (User: )
Description: The UPnP Device Host service failed to start due to the following error:
%%1069

Error: (09/30/2011 06:49:03 PM) (Source: Service Control Manager) (User: )
Description: The upnphost service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error:
%%50

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (09/24/2011 00:48:44 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (09/24/2011 00:48:43 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (09/11/2011 00:31:11 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR3.

Error: (09/11/2011 00:31:09 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR3.

Error: (09/01/2011 09:33:24 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.


Microsoft Office Sessions:
=========================
Error: (10/17/2011 08:28:58 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/17/2011 06:08:56 PM) (Source: SideBySide)(User: )
Description: c:\program files (x86)\microsoft\search enhancement pack\search helper\searchhelper.dllc:\program files (x86)\microsoft\search enhancement pack\search helper\searchhelper.dll2

Error: (10/17/2011 06:08:37 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"c:\program files (x86)\windows live\photo gallery\MovieMaker.Exec:\program files (x86)\windows live\photo gallery\WLMFDS.DLL8

Error: (10/17/2011 10:35:26 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/16/2011 04:35:08 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/16/2011 09:07:58 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/15/2011 09:05:16 PM) (Source: SideBySide)(User: )
Description: c:\program files (x86)\microsoft\search enhancement pack\search helper\searchhelper.dllc:\program files (x86)\microsoft\search enhancement pack\search helper\searchhelper.dll2

Error: (10/15/2011 09:04:51 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"c:\program files (x86)\windows live\photo gallery\MovieMaker.Exec:\program files (x86)\windows live\photo gallery\WLMFDS.DLL8

Error: (10/14/2011 09:16:37 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/14/2011 10:29:36 AM) (Source: Software Protection Platform Service)(User: )
Description: hr=0x80072EE766c92734-d682-4d71-983e-d6ec3f16059f


=========================== Installed Programs ============================

A Tale in the Desert (Version: 1.00)
Adobe Flash Player 10 ActiveX (Version: 10.3.183.7)
Adobe Flash Player 10 Plugin (Version: 10.3.183.5)
Adobe Reader X (10.1.1) (Version: 10.1.1)
Advanced Audio FX Engine (Version: 1.12.05)
Apple Application Support (Version: 1.4.1)
Apple Software Update (Version: 2.1.1.116)
AVG 2011 (Version: 10.0.1411)
AVG 2011 (Version: 10.0.1522)
AVG PC Tuneup 2011 (Version: 10.0.0.26)
BitTorrent (Version: 7.2.1)
CyberLink PowerDVD 9.5 (Version: 9.5.1.3426)
Definition update for Microsoft Office 2010 (KB982726)
Dell Webcam Central (Version: 1.40.05)
DirectX 9 Runtime (Version: 1.00.0000)
DVD Flick 1.3.0.7 (Version: 1.3.0.7)
Envisioneer Express 7 (Version: 7.0)
GoToAssist Corporate (Version: 9.1.0.615)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 27 (Version: 6.0.270)
Junk Mail filter update (Version: 14.0.8089.726)
Live! Cam Avatar Creator (Version: 4.6.3009.1)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Home and Student 2010 (Version: 14.0.4763.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.4763.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.4763.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.4763.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Single Image 2010 (Version: 14.0.4763.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Outlook Social Connector (KB2289116) ªº§ó·s
Microsoft Search Enhancement Pack (Version: 1.2.123.0)
Microsoft Silverlight (Version: 3.0.40624.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Monopoly Build-a-lot Edition
Mozilla Firefox 6.0.2 (x86 en-US) (Version: 6.0.2)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NVIDIA Display Control Panel (Version: 6.14.12.6721)
ooVoo (Version: 3.0.7008)
PhotoShowExpress (Version: 2.0.063)
Pioneer Lands (Version: 32.0.0.0)
Plan3D (Version: 1.0.43)
Quickset64 (Version: 11.0.10)
QuickTime (Version: 7.69.80.9)
RBVirtualFolder64Inst (Version: 1.00.0000)
Realtek High Definition Audio Driver (Version: 6.0.1.6312)
Restaurant Empire (Version: 32.0.0.0)
Restaurant Empire 2 (Version: 100)
Roll
Roxio Activation Module (Version: 1.0)
Roxio BackOnTrack (Version: 1.3.3)
Roxio Burn (Version: 1.8)
Roxio Creator Starter (Version: 1.0.439)
Roxio Creator Starter (Version: 12.1.77.0)
Roxio Creator Starter (Version: 5.0.0)
Roxio Express Labeler 3 (Version: 3.2.2)
Roxio File Backup (Version: 1.3.2)
Royal Envoy™ (Version: 32.0.0.0)
Sonic CinePlayer Decoder Pack (Version: 4.3.0)
Star Crossed Love (Version: 32.0.0.0)
Synaptics Pointing Device Driver (Version: 15.1.15.0)
Tropix (Version: 32.0.0.0)
Tropix™ 2 - The Quest for the Golden Banana (Version: 32.0.0.0)
Update for Microsoft Office 2010 (KB2202188)
Update for Microsoft Office 2010 (KB2413186)
Update for Microsoft OneNote 2010 (KB2433299)
Update for Microsoft Outlook Social Connector (KB2289116)
Virtual Villagers - The Secret City (Version: 1.0)
Virtual Villagers 2 (Version: 1.0)
Virtual Villagers 4 - The Tree of Life (Version: 1.0)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
VLC media player 1.1.11 (Version: 1.1.11)
Westward Kingdoms version 1.000 (Version: 1.000)
Windows Live Call (Version: 14.0.8064.0206)
Windows Live Communications Platform (Version: 14.0.8064.206)
Windows Live Essentials (Version: 14.0.8089.0726)
Windows Live Essentials (Version: 14.0.8089.726)
Windows Live Mail (Version: 14.0.8089.0726)
Windows Live Messenger (Version: 14.0.8089.0726)
Windows Live Movie Maker (Version: 14.0.8091.0730)
Windows Live Photo Gallery (Version: 14.0.8081.709)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live Toolbar (Version: 14.0.8064.206)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8089.0726)
WinZip 15.5 (Version: 15.5.9510)

========================= Memory info: ===================================

Percentage of memory in use: 22%
Total physical RAM: 8106.17 MB
Available physical RAM: 6253.34 MB
Total Pagefile: 16210.54 MB
Available Pagefile: 14331.71 MB
Total Virtual: 4095.88 MB
Available Virtual: 3973.43 MB

========================= Partitions: =====================================

1 Drive c: (OSDisk) (Fixed) (Total:452.09 GB) (Free:250.08 GB) NTFS
2 Drive d: (Recovery) (Fixed) (Total:13.67 GB) (Free:7.29 GB) NTFS

========================= Users: ========================================

User accounts for \\MININT-G9KA72G

Administrator Guest Pyx


**** End of log ****


Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 7969

Windows 6.1.7601 Service Pack 1
Internet Explorer 8.0.7601.17514

10/17/2011 8:52:20 PM
mbam-log-2011-10-17 (20-52-20).txt

Scan type: Quick scan
Objects scanned: 174949
Time elapsed: 1 minute(s), 21 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

#4 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,679 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:07:36 PM

Posted 17 October 2011 - 08:04 PM

...and GMER...

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#5 FerretLaw

FerretLaw
  • Topic Starter

  • Members
  • 120 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:07:36 PM

Posted 17 October 2011 - 08:14 PM

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2011-10-17 21:10:53
Windows 6.1.7601 Service Pack 1
Running: 77x61djc.exe


---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\bc77379b81cd
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\bc77379b81cd (not active ControlSet)

---- EOF - GMER 1.0.15 ----


***

I posted the reply just before I shut down to run GMER.

#6 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,679 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:07:36 PM

Posted 17 October 2011 - 08:16 PM

Download Autoruns for Windows: http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx
No installation required.
Simply unzip Autoruns.zip file, and double click on autoruns.exe file to run the program.
Go File>Save, and save it as AutoRuns.txt file to know location.
You must select Text from drop-down menu as a file type:

Posted Image

Upload the file(s) here: http://www.filedropper.com/
Post download link (copy URL: link):
Posted Image

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#7 FerretLaw

FerretLaw
  • Topic Starter

  • Members
  • 120 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:07:36 PM

Posted 17 October 2011 - 08:22 PM

<a href=http://www.filedropper.com/autoruns><img src=http://www.filedropper.com/download_button.png width=127 height=145 border=0/></a><br /><div style=font-size:9px;font-family:Arial, Helvetica, sans-serif;width:127px;font-color:#44a854;> <a href=http://www.filedropper.com >file storage</a></div>

#8 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,679 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:07:36 PM

Posted 17 October 2011 - 08:27 PM

Nothing there.

Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2

64-bit users go HERE
  • Double-click SystemLook.exe to run it.
  • Vista\Win 7 users:: Right click on SystemLook.exe, click Run As Administrator
  • Copy the content of the following box and paste it into the main textfield:
    :filefind
    apnstub*
    :regfind
    apnstub*
    
  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#9 FerretLaw

FerretLaw
  • Topic Starter

  • Members
  • 120 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:07:36 PM

Posted 17 October 2011 - 08:29 PM

SystemLook 30.07.11 by jpshortstuff
Log created at 21:29 on 17/10/2011 by Pyx
Administrator - Elevation successful
WARNING: SystemLook running under WOW64. Use SystemLook_x64 for accurate results.

========== filefind ==========

Searching for "apnstub*"
C:\Users\Pyx\AppData\Local\Temp\ApnStub.exe --a---- 0 bytes [18:09 15/09/2011] [15:05 04/10/2011] (Unable to calculate MD5)

========== regfind ==========

Searching for "apnstub*"
No data found.

-= EOF =-

#10 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,679 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:07:36 PM

Posted 17 October 2011 - 08:35 PM

It looks like a malicious file.

Download TDSSKiller and save it to your desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#11 FerretLaw

FerretLaw
  • Topic Starter

  • Members
  • 120 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:07:36 PM

Posted 17 October 2011 - 08:35 PM

It's in the temp directory:

C:\Users\Pyx\AppData\Local\Temp

Both files ApnStub and ApnToolbarInstaller, both listed as applications. When I deleted the content of the directory before, there was a debug file and the ApnStub application file that wouldn't delete. I clicked on it to open properties, it has toggles to disable & remove but says I don't have permission. C:\Users\Pyx\AppData\Local\Temp\ApnStub.exe

#12 FerretLaw

FerretLaw
  • Topic Starter

  • Members
  • 120 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:07:36 PM

Posted 17 October 2011 - 08:37 PM

The default values, which can't be changed, list System, MININT-*letters & numbers*\Pyx and Adminstrator

#13 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,679 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:07:36 PM

Posted 17 October 2011 - 08:38 PM

I understand. That's why it looks malicious to me.
No .exe file should be present in temp folder.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#14 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,679 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:07:36 PM

Posted 17 October 2011 - 08:38 PM

Go ahead with TDSSKiller.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#15 FerretLaw

FerretLaw
  • Topic Starter

  • Members
  • 120 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:07:36 PM

Posted 17 October 2011 - 08:39 PM

21:38:15.0454 3824 TDSS rootkit removing tool 2.6.10.0 Oct 17 2011 15:43:23
21:38:15.0916 3824 ============================================================
21:38:15.0916 3824 Current date / time: 2011/10/17 21:38:15.0916
21:38:15.0916 3824 SystemInfo:
21:38:15.0916 3824
21:38:15.0916 3824 OS Version: 6.1.7601 ServicePack: 1.0
21:38:15.0916 3824 Product type: Workstation
21:38:15.0916 3824 ComputerName: MININT-G9KA72G
21:38:15.0916 3824 UserName: Pyx
21:38:15.0916 3824 Windows directory: C:\Windows
21:38:15.0916 3824 System windows directory: C:\Windows
21:38:15.0916 3824 Running under WOW64
21:38:15.0916 3824 Processor architecture: Intel x64
21:38:15.0916 3824 Number of processors: 4
21:38:15.0916 3824 Page size: 0x1000
21:38:15.0916 3824 Boot type: Normal boot
21:38:15.0916 3824 ============================================================
21:38:16.0414 3824 Initialize success
21:38:18.0949 4956 ============================================================
21:38:18.0949 4956 Scan started
21:38:18.0949 4956 Mode: Manual;
21:38:18.0949 4956 ============================================================
21:38:19.0544 4956 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
21:38:19.0548 4956 1394ohci - ok
21:38:19.0594 4956 Acceler (e0065cbf1a25c015c218457d2cd522b9) C:\Windows\system32\DRIVERS\Accelern.sys
21:38:19.0595 4956 Acceler - ok
21:38:19.0642 4956 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
21:38:19.0647 4956 ACPI - ok
21:38:19.0690 4956 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
21:38:19.0692 4956 AcpiPmi - ok
21:38:19.0750 4956 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
21:38:19.0758 4956 adp94xx - ok
21:38:19.0797 4956 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
21:38:19.0802 4956 adpahci - ok
21:38:19.0834 4956 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
21:38:19.0855 4956 adpu320 - ok
21:38:19.0933 4956 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
21:38:19.0941 4956 AFD - ok
21:38:19.0976 4956 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
21:38:19.0978 4956 agp440 - ok
21:38:20.0006 4956 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
21:38:20.0007 4956 aliide - ok
21:38:20.0031 4956 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
21:38:20.0031 4956 amdide - ok
21:38:20.0084 4956 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
21:38:20.0086 4956 AmdK8 - ok
21:38:20.0127 4956 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
21:38:20.0129 4956 AmdPPM - ok
21:38:20.0194 4956 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
21:38:20.0196 4956 amdsata - ok
21:38:20.0234 4956 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
21:38:20.0238 4956 amdsbs - ok
21:38:20.0272 4956 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
21:38:20.0272 4956 amdxata - ok
21:38:20.0309 4956 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
21:38:20.0311 4956 AppID - ok
21:38:20.0344 4956 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
21:38:20.0346 4956 arc - ok
21:38:20.0378 4956 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
21:38:20.0381 4956 arcsas - ok
21:38:20.0433 4956 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
21:38:20.0434 4956 AsyncMac - ok
21:38:20.0486 4956 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
21:38:20.0488 4956 atapi - ok
21:38:20.0593 4956 AVGIDSDriver (e6671e90d38c88764412e07c9d9b3d63) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
21:38:20.0594 4956 AVGIDSDriver - ok
21:38:20.0653 4956 AVGIDSEH (1553b388e0f0462c25ad8f30c3c29e83) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
21:38:20.0654 4956 AVGIDSEH - ok
21:38:20.0679 4956 AVGIDSFilter (dca426a66739e75f51a72160dfb945ad) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
21:38:20.0680 4956 AVGIDSFilter - ok
21:38:20.0755 4956 Avgldx64 (ff7383388a7d2283dae5831abc2b0720) C:\Windows\system32\DRIVERS\avgldx64.sys
21:38:20.0757 4956 Avgldx64 - ok
21:38:20.0797 4956 Avgmfx64 (997d002827d3e3dcbbb25bf46db161ab) C:\Windows\system32\DRIVERS\avgmfx64.sys
21:38:20.0797 4956 Avgmfx64 - ok
21:38:20.0852 4956 Avgrkx64 (bccfe3374c887075cde2ac8fdb1cb2f8) C:\Windows\system32\DRIVERS\avgrkx64.sys
21:38:20.0853 4956 Avgrkx64 - ok
21:38:20.0891 4956 Avgtdia (0d49adcebe243b79366ea523b647519a) C:\Windows\system32\DRIVERS\avgtdia.sys
21:38:20.0893 4956 Avgtdia - ok
21:38:20.0963 4956 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
21:38:20.0970 4956 b06bdrv - ok
21:38:21.0022 4956 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
21:38:21.0027 4956 b57nd60a - ok
21:38:21.0080 4956 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
21:38:21.0081 4956 Beep - ok
21:38:21.0124 4956 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
21:38:21.0125 4956 blbdrive - ok
21:38:21.0189 4956 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
21:38:21.0191 4956 bowser - ok
21:38:21.0223 4956 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
21:38:21.0225 4956 BrFiltLo - ok
21:38:21.0252 4956 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
21:38:21.0252 4956 BrFiltUp - ok
21:38:21.0290 4956 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
21:38:21.0295 4956 Brserid - ok
21:38:21.0318 4956 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
21:38:21.0319 4956 BrSerWdm - ok
21:38:21.0342 4956 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
21:38:21.0343 4956 BrUsbMdm - ok
21:38:21.0367 4956 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
21:38:21.0368 4956 BrUsbSer - ok
21:38:21.0441 4956 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
21:38:21.0443 4956 BthEnum - ok
21:38:21.0467 4956 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
21:38:21.0468 4956 BTHMODEM - ok
21:38:21.0511 4956 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
21:38:21.0513 4956 BthPan - ok
21:38:21.0563 4956 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
21:38:21.0572 4956 BTHPORT - ok
21:38:21.0629 4956 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
21:38:21.0631 4956 BTHUSB - ok
21:38:21.0668 4956 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
21:38:21.0671 4956 cdfs - ok
21:38:21.0785 4956 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
21:38:21.0788 4956 cdrom - ok
21:38:21.0834 4956 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
21:38:21.0836 4956 circlass - ok
21:38:21.0876 4956 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
21:38:21.0881 4956 CLFS - ok
21:38:21.0916 4956 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
21:38:21.0918 4956 CmBatt - ok
21:38:21.0935 4956 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
21:38:21.0937 4956 cmdide - ok
21:38:21.0959 4956 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
21:38:21.0966 4956 CNG - ok
21:38:21.0996 4956 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
21:38:21.0997 4956 Compbatt - ok
21:38:22.0014 4956 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
21:38:22.0016 4956 CompositeBus - ok
21:38:22.0045 4956 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
21:38:22.0048 4956 crcdisk - ok
21:38:22.0117 4956 CtClsFlt (ed5cf92396a62f4c15110dcdb5e854d9) C:\Windows\system32\DRIVERS\CtClsFlt.sys
21:38:22.0121 4956 CtClsFlt - ok
21:38:22.0145 4956 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
21:38:22.0147 4956 DfsC - ok
21:38:22.0173 4956 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
21:38:22.0175 4956 discache - ok
21:38:22.0231 4956 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
21:38:22.0233 4956 Disk - ok
21:38:22.0277 4956 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
21:38:22.0279 4956 drmkaud - ok
21:38:22.0324 4956 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
21:38:22.0331 4956 DXGKrnl - ok
21:38:22.0413 4956 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
21:38:22.0481 4956 ebdrv - ok
21:38:22.0523 4956 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
21:38:22.0530 4956 elxstor - ok
21:38:22.0539 4956 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
21:38:22.0540 4956 ErrDev - ok
21:38:22.0567 4956 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
21:38:22.0570 4956 exfat - ok
21:38:22.0607 4956 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
21:38:22.0612 4956 fastfat - ok
21:38:22.0623 4956 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
21:38:22.0624 4956 fdc - ok
21:38:22.0654 4956 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
21:38:22.0657 4956 FileInfo - ok
21:38:22.0671 4956 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
21:38:22.0673 4956 Filetrace - ok
21:38:22.0682 4956 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
21:38:22.0683 4956 flpydisk - ok
21:38:22.0706 4956 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
21:38:22.0710 4956 FltMgr - ok
21:38:22.0744 4956 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
21:38:22.0746 4956 FsDepends - ok
21:38:22.0763 4956 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
21:38:22.0764 4956 Fs_Rec - ok
21:38:22.0788 4956 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
21:38:22.0792 4956 fvevol - ok
21:38:22.0823 4956 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
21:38:22.0825 4956 gagp30kx - ok
21:38:22.0863 4956 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
21:38:22.0865 4956 hcw85cir - ok
21:38:22.0893 4956 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
21:38:22.0895 4956 HDAudBus - ok
21:38:22.0915 4956 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
21:38:22.0918 4956 HidBatt - ok
21:38:22.0935 4956 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
21:38:22.0937 4956 HidBth - ok
21:38:22.0953 4956 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
21:38:22.0955 4956 HidIr - ok
21:38:22.0989 4956 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
21:38:22.0990 4956 HidUsb - ok
21:38:23.0014 4956 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
21:38:23.0016 4956 HpSAMD - ok
21:38:23.0044 4956 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
21:38:23.0068 4956 HTTP - ok
21:38:23.0083 4956 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
21:38:23.0084 4956 hwpolicy - ok
21:38:23.0118 4956 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
21:38:23.0120 4956 i8042prt - ok
21:38:23.0153 4956 iaStor (d469b77687e12fe43e344806740b624d) C:\Windows\system32\drivers\iaStor.sys
21:38:23.0156 4956 iaStor - ok
21:38:23.0198 4956 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
21:38:23.0205 4956 iaStorV - ok
21:38:23.0470 4956 igfx (66dc0ce2d1867b8178eaa0e11930dbd7) C:\Windows\system32\DRIVERS\igdkmd64.sys
21:38:23.0711 4956 igfx - ok
21:38:23.0750 4956 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
21:38:23.0753 4956 iirsp - ok
21:38:23.0779 4956 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\drivers\Impcd.sys
21:38:23.0782 4956 Impcd - ok
21:38:23.0864 4956 IntcAzAudAddService (8fed6428fde53d7f4c105095f22524be) C:\Windows\system32\drivers\RTKVHD64.sys
21:38:23.0886 4956 IntcAzAudAddService - ok
21:38:23.0920 4956 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
21:38:23.0926 4956 IntcDAud - ok
21:38:23.0947 4956 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
21:38:23.0949 4956 intelide - ok
21:38:23.0973 4956 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
21:38:23.0974 4956 intelppm - ok
21:38:24.0010 4956 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:38:24.0012 4956 IpFilterDriver - ok
21:38:24.0026 4956 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
21:38:24.0028 4956 IPMIDRV - ok
21:38:24.0062 4956 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
21:38:24.0064 4956 IPNAT - ok
21:38:24.0093 4956 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
21:38:24.0094 4956 IRENUM - ok
21:38:24.0113 4956 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
21:38:24.0114 4956 isapnp - ok
21:38:24.0144 4956 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
21:38:24.0149 4956 iScsiPrt - ok
21:38:24.0177 4956 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
21:38:24.0177 4956 kbdclass - ok
21:38:24.0197 4956 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
21:38:24.0198 4956 kbdhid - ok
21:38:24.0218 4956 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
21:38:24.0220 4956 KSecDD - ok
21:38:24.0241 4956 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
21:38:24.0244 4956 KSecPkg - ok
21:38:24.0256 4956 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
21:38:24.0258 4956 ksthunk - ok
21:38:24.0295 4956 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
21:38:24.0297 4956 lltdio - ok
21:38:24.0316 4956 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
21:38:24.0318 4956 LSI_FC - ok
21:38:24.0334 4956 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
21:38:24.0337 4956 LSI_SAS - ok
21:38:24.0353 4956 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
21:38:24.0355 4956 LSI_SAS2 - ok
21:38:24.0380 4956 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
21:38:24.0382 4956 LSI_SCSI - ok
21:38:24.0423 4956 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
21:38:24.0426 4956 luafv - ok
21:38:24.0497 4956 mcdbus (79d51e7f5926e8ce1b3ebecebae28cff) C:\Windows\system32\DRIVERS\mcdbus.sys
21:38:24.0502 4956 mcdbus - ok
21:38:24.0539 4956 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
21:38:24.0541 4956 megasas - ok
21:38:24.0588 4956 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
21:38:24.0593 4956 MegaSR - ok
21:38:24.0633 4956 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
21:38:24.0634 4956 MEIx64 - ok
21:38:24.0661 4956 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
21:38:24.0662 4956 Modem - ok
21:38:24.0694 4956 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
21:38:24.0695 4956 monitor - ok
21:38:24.0722 4956 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
21:38:24.0723 4956 mouclass - ok
21:38:24.0769 4956 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
21:38:24.0771 4956 mouhid - ok
21:38:24.0801 4956 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
21:38:24.0803 4956 mountmgr - ok
21:38:24.0835 4956 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
21:38:24.0838 4956 mpio - ok
21:38:24.0882 4956 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
21:38:24.0884 4956 mpsdrv - ok
21:38:24.0936 4956 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
21:38:24.0940 4956 MRxDAV - ok
21:38:25.0003 4956 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
21:38:25.0007 4956 mrxsmb - ok
21:38:25.0044 4956 mrxsmb10 (2086d463bd371d8a37d153897430916d) C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:38:25.0049 4956 mrxsmb10 - ok
21:38:25.0103 4956 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:38:25.0105 4956 mrxsmb20 - ok
21:38:25.0150 4956 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
21:38:25.0152 4956 msahci - ok
21:38:25.0194 4956 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
21:38:25.0198 4956 msdsm - ok
21:38:25.0233 4956 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
21:38:25.0235 4956 Msfs - ok
21:38:25.0265 4956 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
21:38:25.0266 4956 mshidkmdf - ok
21:38:25.0302 4956 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
21:38:25.0303 4956 msisadrv - ok
21:38:25.0359 4956 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
21:38:25.0361 4956 MSKSSRV - ok
21:38:25.0398 4956 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
21:38:25.0399 4956 MSPCLOCK - ok
21:38:25.0428 4956 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
21:38:25.0429 4956 MSPQM - ok
21:38:25.0463 4956 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
21:38:25.0470 4956 MsRPC - ok
21:38:25.0497 4956 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
21:38:25.0498 4956 mssmbios - ok
21:38:25.0528 4956 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
21:38:25.0531 4956 MSTEE - ok
21:38:25.0551 4956 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
21:38:25.0552 4956 MTConfig - ok
21:38:25.0587 4956 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
21:38:25.0587 4956 Mup - ok
21:38:25.0649 4956 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
21:38:25.0655 4956 NativeWifiP - ok
21:38:25.0705 4956 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
21:38:25.0727 4956 NDIS - ok
21:38:25.0754 4956 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
21:38:25.0757 4956 NdisCap - ok
21:38:25.0790 4956 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
21:38:25.0791 4956 NdisTapi - ok
21:38:25.0830 4956 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
21:38:25.0833 4956 Ndisuio - ok
21:38:25.0863 4956 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
21:38:25.0867 4956 NdisWan - ok
21:38:25.0906 4956 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
21:38:25.0907 4956 NDProxy - ok
21:38:25.0941 4956 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
21:38:25.0943 4956 NetBIOS - ok
21:38:25.0972 4956 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
21:38:25.0976 4956 NetBT - ok
21:38:26.0217 4956 NETwNs64 (5d262402b0634c998f8cbcead7dd8676) C:\Windows\system32\DRIVERS\NETwNs64.sys
21:38:26.0391 4956 NETwNs64 - ok
21:38:26.0442 4956 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
21:38:26.0444 4956 nfrd960 - ok
21:38:26.0475 4956 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
21:38:26.0477 4956 Npfs - ok
21:38:26.0506 4956 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
21:38:26.0507 4956 nsiproxy - ok
21:38:26.0579 4956 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
21:38:26.0612 4956 Ntfs - ok
21:38:26.0642 4956 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
21:38:26.0644 4956 Null - ok
21:38:26.0685 4956 nusb3hub (0ebc9d13cd96c15b1b18d8678a609e4b) C:\Windows\system32\DRIVERS\nusb3hub.sys
21:38:26.0688 4956 nusb3hub - ok
21:38:26.0723 4956 nusb3xhc (7bdec000d56d485021d9c1e63c2f81ca) C:\Windows\system32\DRIVERS\nusb3xhc.sys
21:38:26.0726 4956 nusb3xhc - ok
21:38:26.0788 4956 NVHDA (857fb74754ebff94ee3ad40788740916) C:\Windows\system32\drivers\nvhda64v.sys
21:38:26.0792 4956 NVHDA - ok
21:38:27.0094 4956 nvlddmkm (d5dea2c1865cab9ee6aa29cf9e79a2ce) C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:38:27.0201 4956 nvlddmkm - ok
21:38:27.0266 4956 nvpciflt (5ef70f7714c664bcf50edfc141dea9b8) C:\Windows\system32\DRIVERS\nvpciflt.sys
21:38:27.0267 4956 nvpciflt - ok
21:38:27.0331 4956 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
21:38:27.0335 4956 nvraid - ok
21:38:27.0400 4956 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
21:38:27.0403 4956 nvstor - ok
21:38:27.0474 4956 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
21:38:27.0477 4956 nv_agp - ok
21:38:27.0511 4956 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
21:38:27.0513 4956 ohci1394 - ok
21:38:27.0557 4956 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
21:38:27.0559 4956 Parport - ok
21:38:27.0585 4956 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
21:38:27.0587 4956 partmgr - ok
21:38:27.0590 4956 PCDSRVC{67F2314B-25F2B3C0-06020101}_0 - ok
21:38:27.0634 4956 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
21:38:27.0637 4956 pci - ok
21:38:27.0673 4956 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
21:38:27.0674 4956 pciide - ok
21:38:27.0709 4956 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
21:38:27.0712 4956 pcmcia - ok
21:38:27.0747 4956 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
21:38:27.0748 4956 pcw - ok
21:38:27.0780 4956 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
21:38:27.0789 4956 PEAUTH - ok
21:38:27.0865 4956 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
21:38:27.0867 4956 PptpMiniport - ok
21:38:27.0898 4956 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
21:38:27.0900 4956 Processor - ok
21:38:27.0937 4956 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
21:38:27.0939 4956 Psched - ok
21:38:27.0979 4956 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
21:38:27.0980 4956 PxHlpa64 - ok
21:38:28.0047 4956 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
21:38:28.0084 4956 ql2300 - ok
21:38:28.0110 4956 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
21:38:28.0112 4956 ql40xx - ok
21:38:28.0144 4956 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
21:38:28.0146 4956 QWAVEdrv - ok
21:38:28.0167 4956 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
21:38:28.0168 4956 RasAcd - ok
21:38:28.0221 4956 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
21:38:28.0223 4956 RasAgileVpn - ok
21:38:28.0261 4956 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
21:38:28.0263 4956 Rasl2tp - ok
21:38:28.0310 4956 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
21:38:28.0312 4956 RasPppoe - ok
21:38:28.0337 4956 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
21:38:28.0339 4956 RasSstp - ok
21:38:28.0380 4956 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
21:38:28.0384 4956 rdbss - ok
21:38:28.0412 4956 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
21:38:28.0414 4956 rdpbus - ok
21:38:28.0450 4956 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
21:38:28.0451 4956 RDPCDD - ok
21:38:28.0475 4956 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
21:38:28.0477 4956 RDPENCDD - ok
21:38:28.0500 4956 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
21:38:28.0501 4956 RDPREFMP - ok
21:38:28.0533 4956 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
21:38:28.0537 4956 RDPWD - ok
21:38:28.0573 4956 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
21:38:28.0576 4956 rdyboost - ok
21:38:28.0627 4956 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
21:38:28.0630 4956 RFCOMM - ok
21:38:28.0687 4956 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
21:38:28.0689 4956 rspndr - ok
21:38:28.0740 4956 RTL8167 (a73ed14670220307874ad6bc2f279349) C:\Windows\system32\DRIVERS\Rt64win7.sys
21:38:28.0742 4956 RTL8167 - ok
21:38:28.0779 4956 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
21:38:28.0786 4956 sbp2port - ok
21:38:28.0826 4956 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
21:38:28.0827 4956 scfilter - ok
21:38:28.0882 4956 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\DRIVERS\sdbus.sys
21:38:28.0884 4956 sdbus - ok
21:38:28.0925 4956 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
21:38:28.0927 4956 secdrv - ok
21:38:28.0982 4956 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
21:38:28.0984 4956 Serenum - ok
21:38:29.0017 4956 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
21:38:29.0019 4956 Serial - ok
21:38:29.0058 4956 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
21:38:29.0059 4956 sermouse - ok
21:38:29.0088 4956 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
21:38:29.0090 4956 sffdisk - ok
21:38:29.0125 4956 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
21:38:29.0127 4956 sffp_mmc - ok
21:38:29.0156 4956 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\DRIVERS\sffp_sd.sys
21:38:29.0158 4956 sffp_sd - ok
21:38:29.0182 4956 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
21:38:29.0183 4956 sfloppy - ok
21:38:29.0217 4956 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
21:38:29.0219 4956 SiSRaid2 - ok
21:38:29.0261 4956 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
21:38:29.0264 4956 SiSRaid4 - ok
21:38:29.0304 4956 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
21:38:29.0306 4956 Smb - ok
21:38:29.0363 4956 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
21:38:29.0364 4956 spldr - ok
21:38:29.0415 4956 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
21:38:29.0422 4956 srv - ok
21:38:29.0458 4956 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
21:38:29.0464 4956 srv2 - ok
21:38:29.0515 4956 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
21:38:29.0519 4956 srvnet - ok
21:38:29.0565 4956 stdcfltn (92e7f6666633d2dd91d527503daa7be0) C:\Windows\system32\DRIVERS\stdcfltn.sys
21:38:29.0565 4956 stdcfltn - ok
21:38:29.0595 4956 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
21:38:29.0597 4956 stexstor - ok
21:38:29.0654 4956 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
21:38:29.0654 4956 swenum - ok
21:38:29.0720 4956 SynTP (5e3b232a614339399acc71fa3aaaaa6b) C:\Windows\system32\DRIVERS\SynTP.sys
21:38:29.0729 4956 SynTP - ok
21:38:29.0826 4956 Tcpip (92ce29d95ac9dd2d0ee9061d551ba250) C:\Windows\system32\drivers\tcpip.sys
21:38:29.0839 4956 Tcpip - ok
21:38:29.0942 4956 TCPIP6 (92ce29d95ac9dd2d0ee9061d551ba250) C:\Windows\system32\DRIVERS\tcpip.sys
21:38:29.0954 4956 TCPIP6 - ok
21:38:30.0014 4956 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
21:38:30.0016 4956 tcpipreg - ok
21:38:30.0048 4956 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
21:38:30.0050 4956 TDPIPE - ok
21:38:30.0073 4956 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
21:38:30.0074 4956 TDTCP - ok
21:38:30.0105 4956 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
21:38:30.0108 4956 tdx - ok
21:38:30.0136 4956 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
21:38:30.0137 4956 TermDD - ok
21:38:30.0173 4956 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
21:38:30.0174 4956 tssecsrv - ok
21:38:30.0209 4956 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
21:38:30.0212 4956 TsUsbFlt - ok
21:38:30.0238 4956 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
21:38:30.0239 4956 TsUsbGD - ok
21:38:30.0272 4956 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
21:38:30.0275 4956 tunnel - ok
21:38:30.0305 4956 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
21:38:30.0307 4956 uagp35 - ok
21:38:30.0341 4956 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
21:38:30.0347 4956 udfs - ok
21:38:30.0398 4956 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
21:38:30.0399 4956 uliagpkx - ok
21:38:30.0437 4956 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
21:38:30.0438 4956 umbus - ok
21:38:30.0469 4956 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
21:38:30.0470 4956 UmPass - ok
21:38:30.0518 4956 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
21:38:30.0520 4956 usbccgp - ok
21:38:30.0557 4956 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
21:38:30.0559 4956 usbcir - ok
21:38:30.0594 4956 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
21:38:30.0596 4956 usbehci - ok
21:38:30.0627 4956 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
21:38:30.0632 4956 usbhub - ok
21:38:30.0689 4956 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
21:38:30.0691 4956 usbohci - ok
21:38:30.0736 4956 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
21:38:30.0738 4956 usbprint - ok
21:38:30.0794 4956 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:38:30.0797 4956 USBSTOR - ok
21:38:30.0834 4956 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
21:38:30.0836 4956 usbuhci - ok
21:38:30.0890 4956 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
21:38:30.0893 4956 usbvideo - ok
21:38:30.0932 4956 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
21:38:30.0932 4956 vdrvroot - ok
21:38:30.0968 4956 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
21:38:30.0970 4956 vga - ok
21:38:31.0004 4956 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
21:38:31.0006 4956 VgaSave - ok
21:38:31.0044 4956 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
21:38:31.0048 4956 vhdmp - ok
21:38:31.0079 4956 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
21:38:31.0081 4956 viaide - ok
21:38:31.0110 4956 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
21:38:31.0112 4956 volmgr - ok
21:38:31.0153 4956 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
21:38:31.0158 4956 volmgrx - ok
21:38:31.0186 4956 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
21:38:31.0190 4956 volsnap - ok
21:38:31.0240 4956 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
21:38:31.0243 4956 vsmraid - ok
21:38:31.0275 4956 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
21:38:31.0277 4956 vwifibus - ok
21:38:31.0314 4956 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
21:38:31.0316 4956 vwififlt - ok
21:38:31.0355 4956 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
21:38:31.0357 4956 vwifimp - ok
21:38:31.0385 4956 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
21:38:31.0386 4956 WacomPen - ok
21:38:31.0426 4956 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
21:38:31.0428 4956 WANARP - ok
21:38:31.0431 4956 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
21:38:31.0432 4956 Wanarpv6 - ok
21:38:31.0467 4956 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
21:38:31.0469 4956 Wd - ok
21:38:31.0508 4956 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
21:38:31.0517 4956 Wdf01000 - ok
21:38:31.0567 4956 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
21:38:31.0569 4956 WfpLwf - ok
21:38:31.0597 4956 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
21:38:31.0598 4956 WIMMount - ok
21:38:31.0648 4956 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
21:38:31.0649 4956 WmiAcpi - ok
21:38:31.0683 4956 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
21:38:31.0686 4956 ws2ifsl - ok
21:38:31.0727 4956 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
21:38:31.0729 4956 WudfPf - ok
21:38:31.0775 4956 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
21:38:31.0778 4956 WUDFRd - ok
21:38:31.0810 4956 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
21:38:31.0820 4956 \Device\Harddisk0\DR0 - ok
21:38:31.0828 4956 Boot (0x1200) (5b49d7c6a7d0a8f1c2e3f412cb6be6d5) \Device\Harddisk0\DR0\Partition0
21:38:31.0830 4956 \Device\Harddisk0\DR0\Partition0 - ok
21:38:31.0862 4956 Boot (0x1200) (495a11bbf2011c02bbc00c3607104fc0) \Device\Harddisk0\DR0\Partition1
21:38:31.0866 4956 \Device\Harddisk0\DR0\Partition1 - ok
21:38:31.0866 4956 ============================================================
21:38:31.0866 4956 Scan finished
21:38:31.0866 4956 ============================================================
21:38:31.0871 4492 Detected object count: 0
21:38:31.0871 4492 Actual detected object count: 0




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users