Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

STOP: c0000135 {Unable To Locate Component}


  • This topic is locked This topic is locked
68 replies to this topic

#1 slo_805

slo_805

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Local time:04:20 AM

Posted 13 November 2011 - 03:57 AM

Hi,
Ive got a toshiba sattelite m305-s4848 that is stuck in a constant bootloop. I cant get into safe mode or last know good configuration will not work. I have also tried startup repair with no luck. My operating system is vista home premium 64 bit. I have tried booting into every option in Windows recovery error and the only time I can get a bsod is in safe mode with networking. The message I receive is "STOP: c0000135 {Unable To Locate Component} This application has failed to start because consrv was not found. Re-installing the application may fix this problem.

Thanks in advance for any information or help with this.

Edited by Orange Blossom, 13 November 2011 - 12:05 PM.
Moved to log forum. ~ OB


BC AdBot (Login to Remove)

 


#2 hamluis

hamluis

    Moderator


  • Moderator
  • 55,542 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:07:20 AM

Posted 13 November 2011 - 11:54 AM

Please be patient, I will request assistance from the BC malware personnel. since it appears that this may be related to malware.

Louis

Edited by hamluis, 13 November 2011 - 11:55 AM.


#3 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,703 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:02:20 PM

Posted 13 November 2011 - 12:00 PM

Hello slo_805,

Welcome to Bleeping Computer. I will be assisting you with the issue.

The computer is infected and once we remove it it will boot again. But first we need a log.

For x32 (x86) bit systems download Farbar Recovery Scan Tool and save it to a flash drive.
For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.
To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.
On the System Recovery Options menu you will get the following options:
Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt
[*]Select Command Prompt
[*]In the command window type in notepad and press Enter.
[*]The notepad opens. Under File menu select Open.
[*]Select "Computer" and find your flash drive letter and close the notepad.
[*]In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
Note: Replace letter e with the drive letter of your flash drive.
[*]The tool will start to run.
[*]When the tool opens click Yes to disclaimer.
[*]Press Scan button.
[*]It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.[/list]

#4 slo_805

slo_805
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Local time:04:20 AM

Posted 13 November 2011 - 01:12 PM

Hello farbar,

Thank you for taking your time to help me with this issue.


Scan result of Farbars's Recovery Tool (FRST written by farbar) Version 2.2.7
Ran by SYSTEM at 2011-11-13 10:05:26
Running from F:\
Windows Vista ™ Home Premium Service Pack 1 (X64) OS Language: English(US)
The current controlset is ControlSet001

========================== Registry (Whitelisted) =============

HKLM\...\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe [151064 2008-06-25] (Intel Corporation)
HKLM\...\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe [209432 2008-06-25] (Intel Corporation)
HKLM\...\Run: [Persistence] C:\Windows\system32\igfxpers.exe [181784 2008-06-25] (Intel Corporation)
HKLM\...\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1216808 2007-11-29] (Synaptics, Inc.)
HKLM\...\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide [1584184 2008-01-20] (Microsoft Corporation)
HKLM\...\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe [52560 2007-12-06] (TOSHIBA Corporation)
HKLM-x32\...\Run: [cfFncEnabler.exe] cfFncEnabler.exe [x]
HKLM-x32\...\Run: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TSS.exe" /hide [1242424 2008-08-04] (TOSHIBA Corporation)
HKLM-x32\...\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start [417792 2008-07-31] (Chicony)
HKLM-x32\...\Run: [] [x]
HKLM-x32\...\Run: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [236016 2008-09-19] (Sonic Solutions)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [248040 2010-02-18] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [421160 2010-09-01] (Apple Inc.)
HKLM-x32\...\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe [x]
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [37296 2011-09-07] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [937920 2011-03-29] (Adobe Systems Incorporated)
HKU\Default\...\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem [1555968 2009-04-10] (Microsoft Corporation)
HKU\Default\...\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter [x]
HKU\Default\...\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [432640 2008-04-24] (TOSHIBA)
HKU\Default User\...\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem [1555968 2009-04-10] (Microsoft Corporation)
HKU\Default User\...\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter [x]
HKU\Default User\...\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [432640 2008-04-24] (TOSHIBA)
HKU\Judy\...\Run: [ISUSPM] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler [205480 2007-08-30] (Macrovision Corporation)
HKU\Judy\...\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856 2008-08-20] (Google Inc.)
HKU\Judy\...\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe [138240 2008-01-20] (Microsoft Corporation)
Winlogon\Notify\igfxcui: igfxdev.dll (Intel Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{C7D5745B-F81F-45E9-B369-4D85B27C0821}: [NameServer]208.67.222.222,208.67.220.220
SubSystems: [Windows] ==> ZeroAccess

==================== Services (Whitelisted) ======

2 ccEvtMgr; "C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon [149352 2008-02-18] (Symantec Corporation)
2 ccSetMgr; "C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon [149352 2008-02-18] (Symantec Corporation)
2 CLTNetCnService; "C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon [149352 2008-02-18] (Symantec Corporation)
3 DFSR; C:\Windows\System32\DFSR.exe [3433472 2009-04-10] (Microsoft Corporation)
2 Dhcp; C:\Windows\System32\dhcpcsvc.dll [268288 2009-04-10] (Microsoft Corporation)
2 ehstart; C:\Windows\ehome\ehstart.dll [15360 2006-11-02] (Microsoft Corporation)
2 EMDMgmt; C:\Windows\System32\emdmgmt.dll [399360 2009-04-10] (Microsoft Corporation)
2 LiveUpdate Notice; "C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon [149352 2008-02-18] (Symantec Corporation)
2 MotoConnect Service; C:\Program Files (x86)\Motorola\MotoConnectService\MotoConnectService.exe [91392 2010-01-27] ()
2 o2flash; "C:\Program Files (x86)\O2Micro Flash Memory Card Driver\o2flash.exe" [65536 2007-02-12] (O2Micro International)
3 p2pimsvc; C:\Windows\System32\p2psvc.dll [836608 2009-04-10] (Microsoft Corporation)
3 PNRPAutoReg; C:\Windows\System32\p2psvc.dll [836608 2009-04-10] (Microsoft Corporation)
3 PNRPsvc; C:\Windows\System32\p2psvc.dll [836608 2009-04-10] (Microsoft Corporation)
2 rpcnetp; C:\Windows\System32\rpcnetp.exe [17408 2011-11-13] ()
2 slsvc; C:\Windows\System32\SLsvc.exe [2582016 2009-04-10] (Microsoft Corporation)
3 SLUINotify; C:\Windows\System32\SLUINotify.dll [73216 2009-04-10] (Microsoft Corporation)
3 SmartFaceVWatchSrv; "C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe" [84992 2008-04-24] (Toshiba)
3 Symantec Core LC; C:\PROGRA~2\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe [1245064 2008-08-20] ()
2 TetherBerry; C:\Program Files (x86)\TetherBerry\TBService.exe [49056 2009-08-13] ()
2 Themes; C:\Windows\System32\shsvcs.dll [302080 2009-07-10] (Microsoft Corporation)
2 TNaviSrv; C:\Program Files (x86)\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe [83312 2008-07-18] (TOSHIBA Corporation)
2 TOSHIBA Bluetooth Service; C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [158568 2008-04-11] (TOSHIBA CORPORATION)
2 TOSHIBA SMART Log Service; "C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe" [175104 2007-12-03] (TOSHIBA Corporation)
2 UleadBurningHelper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-08-23] (Ulead Systems, Inc.)
3 WPFFontCache_v0400; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [1020768 2010-03-18] (Microsoft Corporation)
3 AVG Security Toolbar Service; C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [x]
2 AVGIDSAgent; "C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe" [x]
2 avgwd; "C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe" [x]

========================== Drivers (Whitelisted) =============

4 adpu160m; C:\Windows\System32\drivers\adpu160m.sys [126520 2008-01-20] (Adaptec, Inc.)
3 COH_Mon; \??\C:\Windows\system32\Drivers\COH_Mon.sys [25424 2008-07-30] (Symantec Corporation)
3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [95544 2011-08-11] (DEVGURU Co., LTD.(www.devguru.co.kr))
0 Ecache; C:\Windows\System32\drivers\ecache.sys [155112 2009-04-10] (Microsoft Corporation)
4 HpCISSs; C:\Windows\System32\drivers\hpcisss.sys [47672 2008-01-20] (Hewlett-Packard Company)
4 i2omp; C:\Windows\System32\drivers\i2omp.sys [35896 2008-01-20] (Microsoft Corporation)
1 IDSvia64; \??\C:\PROGRA~3\Symantec\DEFINI~1\SymcData\ipsdefs\20081010.001\IDSvia64.sys [368688 2008-10-03] (Symantec Corporation)
4 iteatapi; C:\Windows\System32\drivers\iteatapi.sys [37480 2006-11-02] (Integrated Technology Express, Inc.)
4 iteraid; C:\Windows\System32\drivers\iteraid.sys [37480 2006-11-02] (Integrated Technology Express, Inc.)
4 KR10I64; C:\Windows\System32\drivers\kr10i64.sys [248320 2006-11-09] (TOSHIBA CORPORATION)
4 KR10N64; C:\Windows\System32\drivers\kr10n64.sys [237568 2006-11-09] (TOSHIBA CORPORATION)
3 MotDev; C:\Windows\System32\DRIVERS\motodrv.sys [53632 2009-05-08] (Motorola Inc)
4 Mraid35x; C:\Windows\System32\drivers\mraid35x.sys [39016 2006-11-02] (LSI Logic Corporation)
3 O2MDRDR; C:\Windows\System32\DRIVERS\o2mdx64.sys [62040 2008-04-15] (O2Micro )
3 O2SDRDR; C:\Windows\System32\DRIVERS\o2sdx64.sys [51928 2008-04-08] (O2Micro )
3 pnetmdm; C:\Windows\System32\DRIVERS\pnetmdm64.sys [17920 2007-03-07] (June Fabrics Technology)
3 QIOMem; C:\Windows\System32\DRIVERS\QIOMem.sys [9728 2007-04-09] (TOSHIBA)
3 qrkis; C:\Windows\System32\DRIVERS\qrkis.sys [50856 2009-07-31] (Tether)
4 SiSRaid2; C:\Windows\System32\drivers\sisraid2.sys [45624 2008-01-20] (Microsoft Corporation)
3 SRTSP; C:\Windows\System32\Drivers\SRTSP64.SYS [440880 2008-01-31] (Symantec Corporation)
3 SRTSPL; C:\Windows\System32\Drivers\SRTSPL64.SYS [476720 2008-01-31] (Symantec Corporation)
1 SRTSPX; C:\Windows\System32\Drivers\SRTSPX64.SYS [32304 2008-01-31] (Symantec Corporation)
3 ssadmdfl; C:\Windows\System32\DRIVERS\ssadmdfl.sys [16872 2011-01-12] (MCCI Corporation)
3 ssadserd; C:\Windows\System32\DRIVERS\ssadserd.sys [145384 2011-01-12] (MCCI Corporation)
3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [203320 2011-08-11] (DEVGURU Co., LTD.(www.devguru.co.kr))
4 Symc8xx; C:\Windows\System32\drivers\symc8xx.sys [49256 2006-11-02] (LSI Logic)
3 SYMDNS; C:\Windows\System32\Drivers\SYMDNS.SYS [16432 2008-02-05] (Symantec Corporation)
3 SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [172080 2008-08-20] (Symantec Corporation)
3 SYMFW; C:\Windows\System32\Drivers\SYMFW.SYS [144944 2008-02-05] (Symantec Corporation)
1 SymIM; C:\Windows\System32\DRIVERS\SymIMv.sys [28720 2008-02-19] (Symantec Corporation)
3 SYMNDISV; C:\Windows\System32\Drivers\SYMNDISV.SYS [48176 2008-02-05] (Symantec Corporation)
3 SYMREDRV; C:\Windows\System32\Drivers\SYMREDRV.SYS [28720 2008-02-05] (Symantec Corporation)
1 SYMTDI; C:\Windows\System32\Drivers\SYMTDI.SYS [271408 2008-02-05] (Symantec Corporation)
4 Sym_hi; C:\Windows\System32\drivers\sym_hi.sys [44648 2006-11-02] (LSI Logic)
4 Sym_u3; C:\Windows\System32\drivers\sym_u3.sys [48232 2006-11-02] (LSI Logic)
3 SynTP; C:\Windows\System32\DRIVERS\SynTP.sys [320048 2007-11-29] (Synaptics, Inc.)
3 tunmp; C:\Windows\System32\DRIVERS\tunmp.sys [18432 2008-01-20] (Microsoft Corporation)
4 uliahci; C:\Windows\System32\drivers\uliahci.sys [284728 2008-01-20] (ULi Electronics Inc.)
4 UlSata; C:\Windows\System32\drivers\ulsata.sys [148072 2006-11-02] (Promise Technology, Inc.)
4 ulsata2; C:\Windows\System32\drivers\ulsata2.sys [174696 2008-01-20] (Promise Technology, Inc.)
3 USB28xxBGA; C:\Windows\System32\DRIVERS\emBDA64.sys [648320 2008-07-16] (eMPIA Technology, Inc.)
3 USB28xxOEM; C:\Windows\System32\DRIVERS\emOEM64.sys [392320 2008-07-16] (eMPIA Technology, Inc.)
3 usb_rndisx; C:\Windows\System32\DRIVERS\usb8023x.sys [19456 2009-04-10] (Microsoft Corporation)
3 UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [20520 2008-06-26] (Chicony Electronics Co., Ltd.)
3 WpdUsb; C:\Windows\System32\DRIVERS\wpdusb.sys [46592 2009-09-30] (Microsoft Corporation)
3 yukonx64; C:\Windows\System32\DRIVERS\yk60x64.sys [404992 2008-07-25] (Marvell)
3 AVGIDSDriver; C:\Windows\System32\DRIVERS\AVGIDSDriver.Sys [x]
0 AVGIDSEH; C:\Windows\System32\DRIVERS\AVGIDSEH.Sys [x]
3 AVGIDSFilter; C:\Windows\System32\DRIVERS\AVGIDSFilter.Sys [x]
1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [x]
1 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [x]
0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [x]
1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [x]
1 eeCtrl; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [x]
3 EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
3 IpInIp; C:\Windows\System32\DRIVERS\ipinip.sys [x]
3 msiserver; C:\Windows\System32\msiexec /V [x]
3 NAVENG; \??\C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20081013.003\ENG64.SYS [x]
3 NAVEX15; \??\C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20081013.003\EX64.SYS [x]
3 NwlnkFlt; C:\Windows\System32\DRIVERS\nwlnkflt.sys [x]
3 NwlnkFwd; C:\Windows\System32\DRIVERS\nwlnkfwd.sys [x]
2 OpenLibSys; \??\C:\Program Files (x86)\NXP\FM Radio\OpenLibSysX64.sys [x]
3 Tosrfcom; [x]

========================== NetSvcs (Whitelisted) ===========

============ One Month Created Files and Folders ==============

2011-11-13 10:05 - 2011-11-13 10:05 - 0000000 ____D C:\FRST
2011-11-13 00:13 - 2011-11-13 00:13 - 4153274368 __ASH C:\hiberfil.sys
2011-11-11 23:45 - 2011-11-11 23:45 - 0000000 ____D C:\Users\Judy\Desktop\A.S.A.P - Copy
2011-11-07 15:52 - 2011-11-07 15:52 - 0000000 ____D C:\Emergency
2011-11-06 23:17 - 2011-11-13 00:11 - 14523348 ____A C:\Windows\ntbtlog.txt
2011-11-06 23:05 - 2011-11-06 23:05 - 0028672 ____A C:\bcd_backup
2011-11-06 23:05 - 2011-11-06 23:05 - 0025600 ___AH C:\bcd_backup.LOG
2011-11-06 23:05 - 2011-11-06 23:05 - 0000000 ___AH C:\bcd_backup.LOG2
2011-11-06 23:05 - 2011-11-06 23:05 - 0000000 ___AH C:\bcd_backup.LOG1
2011-11-06 21:30 - 2011-11-06 21:30 - 1024226 ____A C:\Users\Judy\Documents\cc_20111106_212957.reg
2011-11-06 21:20 - 2011-11-06 21:20 - 3511776 ____A (Piriform Ltd) C:\Users\Judy\Downloads\ccsetup312.exe
2011-11-06 13:27 - 2011-11-06 13:27 - 0017408 ____A C:\Windows\SysWOW64\rpcnetp.dll
2011-11-06 13:25 - 2011-11-13 00:11 - 0017408 ____A C:\Windows\SysWOW64\rpcnetp.exe
2011-10-23 18:27 - 2011-10-23 18:27 - 0016260 ____A C:\Windows\SysWOW64\hs_err_pid1788.log
2011-10-17 02:44 - 2011-10-17 02:46 - 0001888 ____A C:\Users\Public\Desktop\Adobe Reader 9.lnk
2011-10-17 02:01 - 2011-08-31 21:34 - 17781760 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2011-10-17 02:01 - 2011-08-31 21:24 - 2309120 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2011-10-17 02:01 - 2011-08-31 21:24 - 10886144 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2011-10-17 02:01 - 2011-08-31 21:18 - 1344512 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2011-10-17 02:01 - 2011-08-31 21:17 - 1389056 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2011-10-17 02:01 - 2011-08-31 21:16 - 0237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2011-10-17 02:01 - 2011-08-31 21:15 - 0085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2011-10-17 02:01 - 2011-08-31 21:14 - 0818176 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2011-10-17 02:01 - 2011-08-31 21:12 - 2382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2011-10-17 02:01 - 2011-08-31 21:12 - 2143744 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2011-10-17 02:01 - 2011-08-31 21:12 - 0096256 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2011-10-17 02:01 - 2011-08-31 21:08 - 0248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2011-10-17 02:01 - 2011-08-31 18:36 - 12275200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2011-10-17 02:01 - 2011-08-31 18:35 - 1798144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2011-10-17 02:01 - 2011-08-31 18:33 - 9704960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2011-10-17 02:01 - 2011-08-31 18:28 - 1126912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2011-10-17 02:01 - 2011-08-31 18:28 - 1102848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2011-10-17 02:01 - 2011-08-31 18:27 - 0231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2011-10-17 02:01 - 2011-08-31 18:26 - 0065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2011-10-17 02:01 - 2011-08-31 18:24 - 0716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2011-10-17 02:01 - 2011-08-31 18:23 - 1791488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2011-10-17 02:01 - 2011-08-31 18:23 - 0072704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2011-10-17 02:01 - 2011-08-31 18:22 - 2382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2011-10-17 02:01 - 2011-08-31 18:21 - 0176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2011-10-16 13:32 - 2009-10-09 13:56 - 0020480 ____A (Microsoft Corporation) C:\Windows\svchost.exe
2011-10-16 12:56 - 2011-09-06 05:56 - 2764288 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2011-10-16 12:56 - 2011-08-25 08:20 - 0735744 ____A (Microsoft Corporation) C:\Windows\System32\UIAutomationCore.dll
2011-10-16 12:56 - 2011-08-25 08:19 - 0847360 ____A (Microsoft Corporation) C:\Windows\System32\oleaut32.dll
2011-10-16 12:56 - 2011-08-25 08:19 - 0332288 ____A (Microsoft Corporation) C:\Windows\System32\oleacc.dll
2011-10-16 12:56 - 2011-08-25 08:15 - 0555520 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2011-10-16 12:56 - 2011-08-25 08:14 - 0563712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2011-10-16 12:56 - 2011-08-25 08:14 - 0238080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2011-10-16 12:56 - 2011-08-25 05:54 - 0004096 ____A (Microsoft Corporation) C:\Windows\System32\oleaccrc.dll
2011-10-16 12:56 - 2011-08-25 05:31 - 0004096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\oleaccrc.dll
2011-10-16 12:54 - 2011-07-29 08:08 - 0375808 ____A (Microsoft Corporation) C:\Windows\System32\psisdecd.dll
2011-10-16 12:54 - 2011-07-29 08:08 - 0289792 ____A (Microsoft Corporation) C:\Windows\System32\psisrndr.ax
2011-10-16 12:54 - 2011-07-29 08:06 - 0100352 ____A (Microsoft Corporation) C:\Windows\System32\Mpeg2Data.ax
2011-10-16 12:54 - 2011-07-29 08:06 - 0073216 ____A (Microsoft Corporation) C:\Windows\System32\MSDvbNP.ax
2011-10-16 12:54 - 2011-07-29 08:01 - 0293376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2011-10-16 12:54 - 2011-07-29 08:01 - 0217088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2011-10-16 12:54 - 2011-07-29 08:00 - 0069632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Mpeg2Data.ax
2011-10-16 12:54 - 2011-07-29 08:00 - 0057856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSDvbNP.ax

============ 3 Months Modified Files and Folders =============

2011-11-13 10:05 - 2011-11-13 10:05 - 0000000 ____D C:\FRST
2011-11-13 00:13 - 2011-11-13 00:13 - 4153274368 __ASH C:\hiberfil.sys
2011-11-13 00:11 - 2011-11-06 23:17 - 14523348 ____A C:\Windows\ntbtlog.txt
2011-11-13 00:11 - 2011-11-06 13:25 - 0017408 ____A C:\Windows\SysWOW64\rpcnetp.exe
2011-11-13 00:11 - 2011-03-11 09:22 - 0017408 ____A C:\Windows\System32\rpcnetp.exe
2011-11-12 00:19 - 2006-11-02 05:33 - 0000000 ____D C:\Windows\PolicyDefinitions
2011-11-11 23:45 - 2011-11-11 23:45 - 0000000 ____D C:\Users\Judy\Desktop\A.S.A.P - Copy
2011-11-11 23:43 - 2008-12-28 14:56 - 0000000 ____D C:\PCRMAVG
2011-11-11 21:38 - 2006-11-02 05:33 - 0000000 ____D C:\Program Files\Windows NT
2011-11-07 15:52 - 2011-11-07 15:52 - 0000000 ____D C:\Emergency
2011-11-06 23:05 - 2011-11-06 23:05 - 0028672 ____A C:\bcd_backup
2011-11-06 23:05 - 2011-11-06 23:05 - 0025600 ___AH C:\bcd_backup.LOG
2011-11-06 23:05 - 2011-11-06 23:05 - 0000000 ___AH C:\bcd_backup.LOG2
2011-11-06 23:05 - 2011-11-06 23:05 - 0000000 ___AH C:\bcd_backup.LOG1
2011-11-06 22:10 - 2006-11-02 07:07 - 0000000 ____D C:\Program Files (x86)\Windows Photo Gallery
2011-11-06 21:39 - 2008-09-06 11:37 - 1727388 ____A C:\Windows\WindowsUpdate.log
2011-11-06 21:39 - 2006-11-02 07:42 - 0032570 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2011-11-06 21:39 - 2006-11-02 07:42 - 0000006 ___AH C:\Windows\Tasks\SA.DAT
2011-11-06 21:39 - 2006-11-02 07:22 - 0003616 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2011-11-06 21:39 - 2006-11-02 07:22 - 0003616 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2011-11-06 21:38 - 2008-12-29 01:21 - 0000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2011-11-06 21:32 - 2010-02-09 16:10 - 0000000 ____D C:\Windows\pss
2011-11-06 21:30 - 2011-11-06 21:30 - 1024226 ____A C:\Users\Judy\Documents\cc_20111106_212957.reg
2011-11-06 21:28 - 2009-11-22 14:50 - 0000000 ____D C:\Windows\Minidump
2011-11-06 21:28 - 2008-08-20 17:42 - 0000000 ____D C:\Windows\Panther
2011-11-06 21:21 - 2010-02-09 15:10 - 0000000 ____D C:\Program Files (x86)\CCleaner
2011-11-06 21:20 - 2011-11-06 21:20 - 3511776 ____A (Piriform Ltd) C:\Users\Judy\Downloads\ccsetup312.exe
2011-11-06 21:15 - 2010-11-30 20:54 - 0000894 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2011-11-06 19:24 - 2010-11-30 20:54 - 0000890 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2011-11-06 19:22 - 2011-02-08 19:26 - 0000000 ___HD C:\Recycle.Bin
2011-11-06 19:18 - 2010-11-10 03:26 - 0000000 ____D C:\Windows\System32\Drivers\PCRMAVG
2011-11-06 19:10 - 2006-11-02 05:33 - 0000000 ____D C:\Windows\System32\config\TxR
2011-11-06 19:10 - 2006-11-02 04:46 - 0703388 ____A C:\Windows\System32\PerfStringBackup.INI
2011-11-06 19:05 - 2008-08-20 18:24 - 0000000 ____D C:\Program Files (x86)\Google
2011-11-06 18:32 - 2008-10-10 14:24 - 0000000 ____D C:\users\Judy
2011-11-06 14:24 - 2006-11-02 04:33 - 81526784 ____A C:\Windows\System32\config\software_previous
2011-11-06 14:24 - 2006-11-02 04:33 - 58195968 ____A C:\Windows\System32\config\components_previous
2011-11-06 14:24 - 2006-11-02 04:33 - 20709376 ____A C:\Windows\System32\config\system_previous
2011-11-06 14:24 - 2006-11-02 04:33 - 0524288 ____A C:\Windows\System32\config\default_previous
2011-11-06 14:24 - 2006-11-02 04:33 - 0262144 ____A C:\Windows\System32\config\security_previous
2011-11-06 14:24 - 2006-11-02 04:33 - 0262144 ____A C:\Windows\System32\config\sam_previous
2011-11-06 14:20 - 2009-09-13 09:44 - 0000000 ____D C:\Program Files (x86)\Mozilla Firefox
2011-11-06 14:20 - 2006-11-02 05:34 - 0000000 ____D C:\Windows\System32\spool
2011-11-06 14:20 - 2006-11-02 05:34 - 0000000 ____D C:\Windows\System32\Msdtc
2011-11-06 14:20 - 2006-11-02 05:33 - 0000000 ____D C:\Windows\rescache
2011-11-06 14:20 - 2006-11-02 05:33 - 0000000 ____D C:\Windows\registration
2011-11-06 14:19 - 2011-08-05 13:39 - 0000000 ____D C:\Windows\Hewlett-Packard
2011-11-06 14:19 - 2011-07-21 22:25 - 0000000 ____D C:\android-sdk-windows
2011-11-06 14:19 - 2011-07-12 10:50 - 0000000 ____D C:\Program Files\SAMSUNG
2011-11-06 14:19 - 2011-05-20 17:13 - 0000000 ____D C:\Users\All Users\AVG Security Toolbar
2011-11-06 14:19 - 2011-05-20 17:13 - 0000000 ____D C:\ProgramData\AVG Security Toolbar
2011-11-06 14:19 - 2011-02-24 03:06 - 0000000 ____D C:\Windows\SysWOW64\WindowsPowerShell
2011-11-06 14:19 - 2011-02-24 03:06 - 0000000 ____D C:\Windows\System32\WindowsPowerShell
2011-11-06 14:19 - 2011-02-05 19:42 - 0000000 ____D C:\Program Files (x86)\Veetle
2011-11-06 13:39 - 2010-05-24 17:53 - 0000000 ____D C:\Users\Judy\AppData\Local\Deployment
2011-11-06 13:27 - 2011-11-06 13:27 - 0017408 ____A C:\Windows\SysWOW64\rpcnetp.dll
2011-10-31 04:39 - 2008-11-10 21:43 - 0000000 ____D C:\Program Files (x86)\Microsoft Office
2011-10-31 04:39 - 2008-09-06 11:43 - 0000000 ____D C:\Users\All Users\Microsoft Help
2011-10-31 04:39 - 2008-09-06 11:43 - 0000000 ____D C:\ProgramData\Microsoft Help
2011-10-23 18:27 - 2011-10-23 18:27 - 0016260 ____A C:\Windows\SysWOW64\hs_err_pid1788.log
2011-10-18 15:27 - 2011-02-01 20:20 - 0000000 ____D C:\Users\Judy\Desktop\A.S.A.P
2011-10-17 17:13 - 2010-11-10 03:28 - 0000831 ____A C:\Users\Public\Desktop\AVG 2011.lnk
2011-10-17 02:46 - 2011-10-17 02:44 - 0001888 ____A C:\Users\Public\Desktop\Adobe Reader 9.lnk
2011-10-17 02:42 - 2011-03-12 20:25 - 0044544 ____A (Absolute Software Corp.) C:\Windows\SysWOW64\agremove.exe
2011-10-17 02:38 - 2006-11-02 07:21 - 0443808 ____A C:\Windows\System32\FNTCACHE.DAT
2011-10-17 02:16 - 2006-11-02 04:35 - 50086344 ____A (Microsoft Corporation) C:\Windows\System32\mrt.exe
2011-10-09 12:29 - 2010-11-10 03:26 - 0000000 ____D C:\Users\All Users\AVG10
2011-10-09 12:29 - 2010-11-10 03:26 - 0000000 ____D C:\ProgramData\AVG10
2011-10-08 19:28 - 2011-10-08 19:28 - 0000000 ____D C:\Windows\system64
2011-10-08 04:26 - 2011-07-08 10:31 - 0000000 ____D C:\Users\Judy\Downloads\Droid Charge
2011-10-07 23:55 - 2011-10-07 23:55 - 0000000 ____D C:\Users\Public\Documents\Verizon_Android
2011-09-24 07:43 - 2011-05-30 12:15 - 0000859 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk
2011-09-24 07:38 - 2011-09-24 07:36 - 13983976 ____A (Mozilla) C:\Users\Judy\Downloads\Firefox Setup 6.0.2.exe
2011-09-16 21:44 - 2011-09-05 09:52 - 0000000 ____D C:\Users\Judy\Downloads\Samsung Galaxy Tab 10.1
2011-09-12 13:48 - 2011-09-12 13:48 - 0029038 ____A C:\Users\Judy\Downloads\ANT%201583907.pdf
2011-09-06 05:56 - 2011-10-16 12:56 - 2764288 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2011-09-05 10:04 - 2006-11-02 05:33 - 0000000 ___SD C:\Windows\Downloaded Program Files
2011-09-05 10:04 - 2006-11-02 05:33 - 0000000 ___RD C:\Windows\Offline Web Pages
2011-09-05 10:02 - 2011-09-05 10:02 - 3695416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2011-09-05 10:02 - 2011-09-05 10:02 - 3695416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2011-09-05 10:02 - 2011-09-05 10:02 - 1492992 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2011-09-05 10:02 - 2011-09-05 10:02 - 1427456 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2011-09-05 10:02 - 2011-09-05 10:02 - 0697344 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2011-09-05 10:02 - 2011-09-05 10:02 - 0603648 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2011-09-05 10:02 - 2011-09-05 10:02 - 0580608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2011-09-05 10:02 - 2011-09-05 10:02 - 0534528 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2011-09-05 10:02 - 2011-09-05 10:02 - 0452608 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2011-09-05 10:02 - 2011-09-05 10:02 - 0448512 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2011-09-05 10:02 - 2011-09-05 10:02 - 0434176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2011-09-05 10:02 - 2011-09-05 10:02 - 0420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2011-09-05 10:02 - 2011-09-05 10:02 - 0403248 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2011-09-05 10:02 - 2011-09-05 10:02 - 0367104 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2011-09-05 10:02 - 2011-09-05 10:02 - 0353792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2011-09-05 10:02 - 2011-09-05 10:02 - 0353584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2011-09-05 10:02 - 2011-09-05 10:02 - 0282112 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2011-09-05 10:02 - 2011-09-05 10:02 - 0267776 ____A (Microsoft Corporation) C:\Windows\System32\ieaksie.dll
2011-09-05 10:02 - 2011-09-05 10:02 - 0249344 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2011-09-05 10:02 - 2011-09-05 10:02 - 0227840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2011-09-05 10:02 - 2011-09-05 10:02 - 0223232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2011-09-05 10:02 - 2011-09-05 10:02 - 0222208 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2011-09-05 10:02 - 2011-09-05 10:02 - 0203776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2011-09-05 10:02 - 2011-09-05 10:02 - 0197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2011-09-05 10:02 - 2011-09-05 10:02 - 0173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2011-09-05 10:02 - 2011-09-05 10:02 - 0165888 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2011-09-05 10:02 - 2011-09-05 10:02 - 0163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2011-09-05 10:02 - 2011-09-05 10:02 - 0163840 ____A (Microsoft Corporation) C:\Windows\System32\ieakui.dll
2011-09-05 10:02 - 2011-09-05 10:02 - 0162304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2011-09-05 10:02 - 2011-09-05 10:02 - 0161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2011-09-05 10:02 - 2011-09-05 10:02 - 0160256 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2011-09-05 10:02 - 2011-09-05 10:02 - 0160256 ____A (Microsoft Corporation) C:\Windows\System32\ieakeng.dll
2011-09-05 10:02 - 2011-09-05 10:02 - 0152064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2011-09-05 10:02 - 2011-09-05 10:02 - 0150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2011-09-05 10:02 - 2011-09-05 10:02 - 0149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2011-09-05 10:02 - 2011-09-05 10:02 - 0145920 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2011-09-05 10:02 - 2011-09-05 10:02 - 0142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2011-09-05 10:02 - 2011-09-05 10:02 - 0136192 ____A (Microsoft Corporation) C:\Windows\System32\advpack.dll
2011-09-05 10:02 - 2011-09-05 10:02 - 0135168 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2011-09-05 10:02 - 2011-09-05 10:02 - 0130560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2011-09-05 10:02 - 2011-09-05 10:02 - 0123392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2011-09-05 10:02 - 2011-09-05 10:02 - 0118784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2011-09-05 10:02 - 2011-09-05 10:02 - 0114176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\advpack.dll
2011-09-05 10:02 - 2011-09-05 10:02 - 0114176 ____A (Microsoft Corporation) C:\Windows\System32\admparse.dll
2011-09-05 10:02 - 2011-09-05 10:02 - 0111616 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2011-09-05 10:02 - 2011-09-05 10:02 - 0110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2011-09-05 10:02 - 2011-09-05 10:02 - 0103936 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2011-09-05 10:02 - 2011-09-05 10:02 - 0101888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2011-09-05 10:02 - 2011-09-05 10:02 - 0091648 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2011-09-05 10:02 - 2011-09-05 10:02 - 0089088 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2011-09-05 10:02 - 2011-09-05 10:02 - 0089088 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2011-09-05 10:02 - 2011-09-05 10:02 - 0086528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2011-09-05 10:02 - 2011-09-05 10:02 - 0085504 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2011-09-05 10:02 - 2011-09-05 10:02 - 0082432 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2011-09-05 10:02 - 2011-09-05 10:02 - 0078848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2011-09-05 10:02 - 2011-09-05 10:02 - 0076800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2011-09-05 10:02 - 2011-09-05 10:02 - 0076800 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2011-09-05 10:02 - 2011-09-05 10:02 - 0074752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2011-09-05 10:02 - 2011-09-05 10:02 - 0074752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2011-09-05 10:02 - 2011-09-05 10:02 - 0074240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2011-09-05 10:02 - 2011-09-05 10:02 - 0072822 ____A C:\Windows\SysWOW64\ieuinit.inf
2011-09-05 10:02 - 2011-09-05 10:02 - 0072822 ____A C:\Windows\System32\ieuinit.inf
2011-09-05 10:02 - 2011-09-05 10:02 - 0066048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2011-09-05 10:02 - 2011-09-05 10:02 - 0065024 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2011-09-05 10:02 - 2011-09-05 10:02 - 0063488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2011-09-05 10:02 - 2011-09-05 10:02 - 0055296 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2011-09-05 10:02 - 2011-09-05 10:02 - 0054272 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2011-09-05 10:02 - 2011-09-05 10:02 - 0049664 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2011-09-05 10:02 - 2011-09-05 10:02 - 0048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2011-09-05 10:02 - 2011-09-05 10:02 - 0048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2011-09-05 10:02 - 2011-09-05 10:02 - 0041472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2011-09-05 10:02 - 2011-09-05 10:02 - 0039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2011-09-05 10:02 - 2011-09-05 10:02 - 0035840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2011-09-05 10:02 - 2011-09-05 10:02 - 0031744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2011-09-05 10:02 - 2011-09-05 10:02 - 0030720 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2011-09-05 10:02 - 2011-09-05 10:02 - 0023552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2011-09-05 10:02 - 2011-09-05 10:02 - 0012288 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2011-09-05 10:02 - 2011-09-05 10:02 - 0011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2011-09-05 10:02 - 2011-09-05 10:02 - 0010752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2011-09-05 10:02 - 2011-09-05 10:02 - 0010752 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2011-09-05 10:02 - 2006-11-02 04:16 - 0008798 ____A C:\Windows\SysWOW64\icrav03.rat
2011-09-05 10:02 - 2006-11-02 04:16 - 0001988 ____A C:\Windows\SysWOW64\ticrf.rat
2011-09-05 10:02 - 2006-11-01 22:36 - 0008798 ____A C:\Windows\System32\icrav03.rat
2011-09-05 10:02 - 2006-11-01 22:36 - 0001988 ____A C:\Windows\System32\ticrf.rat
2011-08-31 21:34 - 2011-10-17 02:01 - 17781760 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2011-08-31 21:24 - 2011-10-17 02:01 - 2309120 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2011-08-31 21:24 - 2011-10-17 02:01 - 10886144 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2011-08-31 21:18 - 2011-10-17 02:01 - 1344512 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2011-08-31 21:17 - 2011-10-17 02:01 - 1389056 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2011-08-31 21:16 - 2011-10-17 02:01 - 0237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2011-08-31 21:15 - 2011-10-17 02:01 - 0085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2011-08-31 21:14 - 2011-10-17 02:01 - 0818176 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2011-08-31 21:12 - 2011-10-17 02:01 - 2382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2011-08-31 21:12 - 2011-10-17 02:01 - 2143744 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2011-08-31 21:12 - 2011-10-17 02:01 - 0096256 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2011-08-31 21:08 - 2011-10-17 02:01 - 0248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2011-08-31 18:36 - 2011-10-17 02:01 - 12275200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2011-08-31 18:35 - 2011-10-17 02:01 - 1798144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2011-08-31 18:33 - 2011-10-17 02:01 - 9704960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2011-08-31 18:28 - 2011-10-17 02:01 - 1126912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2011-08-31 18:28 - 2011-10-17 02:01 - 1102848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2011-08-31 18:27 - 2011-10-17 02:01 - 0231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2011-08-31 18:26 - 2011-10-17 02:01 - 0065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2011-08-31 18:24 - 2011-10-17 02:01 - 0716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2011-08-31 18:23 - 2011-10-17 02:01 - 1791488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2011-08-31 18:23 - 2011-10-17 02:01 - 0072704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2011-08-31 18:22 - 2011-10-17 02:01 - 2382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2011-08-31 18:21 - 2011-10-17 02:01 - 0176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2011-08-25 08:20 - 2011-10-16 12:56 - 0735744 ____A (Microsoft Corporation) C:\Windows\System32\UIAutomationCore.dll
2011-08-25 08:19 - 2011-10-16 12:56 - 0847360 ____A (Microsoft Corporation) C:\Windows\System32\oleaut32.dll
2011-08-25 08:19 - 2011-10-16 12:56 - 0332288 ____A (Microsoft Corporation) C:\Windows\System32\oleacc.dll
2011-08-25 08:15 - 2011-10-16 12:56 - 0555520 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2011-08-25 08:14 - 2011-10-16 12:56 - 0563712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2011-08-25 08:14 - 2011-10-16 12:56 - 0238080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2011-08-25 05:54 - 2011-10-16 12:56 - 0004096 ____A (Microsoft Corporation) C:\Windows\System32\oleaccrc.dll
2011-08-25 05:31 - 2011-10-16 12:56 - 0004096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\oleaccrc.dll

========================= Known DLLs (Whitelisted) ============


========================= Bamital & volsnap Check ============

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

========================= Memory info ======================

Percentage of memory in use: 14%
Total physical RAM: 3959.93 MB
Available physical RAM: 3377.95 MB
Total Pagefile: 3713.43 MB
Available Pagefile: 3354.8 MB
Total Virtual: 8192 MB
Available Virtual: 8191.91 MB

======================= Partitions =========================

1 Drive c: (SQ004828V03) (Fixed) (Total:231.42 GB) (Free:155.05 GB) NTFS
2 Drive d: () (CDROM) (Total:3.92 GB) (Free:0 GB) CDFS
3 Drive e: (TOSHIBA SYSTEM VOLUME) (Fixed) (Total:1.46 GB) (Free:1.3 GB) NTFS
4 Drive f: () (Removable) (Total:3.74 GB) (Free:3.7 GB) FAT32
5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

==========================================================

Last Boot: 2011-11-06 21:40

======================= End Of Log ==========================

#5 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,703 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:02:20 PM

Posted 13 November 2011 - 01:52 PM

Well done.

Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy. Right-click in the open notepad and select Paste). Save it on the flashdrive as fixlist.txt

start
SubSystems: [Windows] ==> ZeroAccess
2011-10-16 13:32 - 2009-10-09 13:56 - 0020480 ____A (Microsoft Corporation) C:\Windows\svchost.exe
end

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Now please enter System Recovery Options.

Run FRST64 and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

Also restart, let the computer boot normally and tell me how it went.

#6 slo_805

slo_805
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Local time:04:20 AM

Posted 13 November 2011 - 02:56 PM

Fix result of Farbars's Recovery Tool (FRST written by farbar Version 2.2.7)
Ran by SYSTEM at 2011-11-13 11:45:17 R:1
Running from F:\

==============================================

HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Session Manager\SubSystems\\Windows Value was restored.
C:\Windows\svchost.exe moved successfully.

==== End of Fixlog ====




It worked. I was able to boot into normal mode. The computer is asking me to restart my computer to apply these changes.



#7 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,703 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:02:20 PM

Posted 13 November 2011 - 03:14 PM

The computer is asking me to restart my computer to apply these changes.

I hope it is not Windows update, it is not time to update.

#8 slo_805

slo_805
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Local time:04:20 AM

Posted 13 November 2011 - 03:21 PM

Should I run any scans or do anything before shuting down or restarting my computer. Before the bootloop I was given an update aswell. It looks like a windows defender update.

Thanks again for your time.

Edited by slo_805, 13 November 2011 - 03:33 PM.


#9 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,703 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:02:20 PM

Posted 13 November 2011 - 03:31 PM

It might be too late but we try.

  • Turn off Windows automatic updates as it might lead to unexpected results at this stage:
    • Go to start > All Programs > Windows Update.
    • In the left pane select "Change Settings".
    • In the right pane check "Never Check for Updates"
    • Click OK.
  • Please download MiniToolBox and save it to your desktop and run it.

    Checkmark following checkboxes:
    • List Winsock Entries
    Click Go and post the result (Result.txt) that pops up. A copy of result.txt will be saved in the same directory the tool is run.
  • Please download Malwarebytes' Anti-Malware from one of these locations:
    malwarebytes.org
    majorgeeks.com
    • Double Click mbam-setup.exe to install the application.
    • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
    • If an update is found, it will download and install the latest version.
    • Once the program has loaded, select "Perform Quick Scan", then click Scan.
    • The scan may take some time to finish,so please be patient.
    • When the scan is complete, click OK, then Show Results to view the results.
    • Make sure that everything is checked, and click Remove Selected.
    • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
    • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
    • Copy&Paste the MBAM log.

Please post the logs before restarting.

#10 slo_805

slo_805
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Local time:04:20 AM

Posted 13 November 2011 - 03:53 PM

MiniToolBox by Farbar
Ran by Judy (administrator) on 13-11-2011 at 12:51:08
Windows ™ Vista Home Premium Service Pack 2 (X64)

***************************************************************************
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 mswsock.dll [File Not found] ()
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
Catalog9 01 mswsock.dll [File Not found] ()
Catalog9 02 mswsock.dll [File Not found] ()
Catalog9 03 mswsock.dll [File Not found] ()
Catalog9 04 mswsock.dll [File Not found] ()
Catalog9 05 mswsock.dll [File Not found] ()
Catalog9 06 mswsock.dll [File Not found] ()
Catalog9 07 mswsock.dll [File Not found] ()
Catalog9 08 mswsock.dll [File Not found] ()
Catalog9 09 mswsock.dll [File Not found] ()
Catalog9 10 mswsock.dll [File Not found] ()
x64-Catalog5 01 mswsock.dll [File Not found] ()
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [62976] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [78848] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [78848] (Microsoft Corporation)
x64-Catalog5 05 mswsock.dll [File Not found] ()
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [27648] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [193824] (Apple Inc.)
x64-Catalog9 01 mswsock.dll [File Not found] ()
x64-Catalog9 02 mswsock.dll [File Not found] ()
x64-Catalog9 03 mswsock.dll [File Not found] ()
x64-Catalog9 04 mswsock.dll [File Not found] ()
x64-Catalog9 05 mswsock.dll [File Not found] ()
x64-Catalog9 06 mswsock.dll [File Not found] ()
x64-Catalog9 07 mswsock.dll [File Not found] ()
x64-Catalog9 08 mswsock.dll [File Not found] ()
x64-Catalog9 09 mswsock.dll [File Not found] ()
x64-Catalog9 10 mswsock.dll [File Not found] ()

**** End of log ****


Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 8154

Windows 6.0.6002 Service Pack 2
Internet Explorer 9.0.8112.16421

11/13/2011 12:49:08 PM
mbam-log-2011-11-13 (12-49-08).txt

Scan type: Quick scan
Objects scanned: 173619
Time elapsed: 2 minute(s), 47 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 1
Files Infected: 4

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (PUM.Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
c:\Recycle.Bin (Trojan.Spyeyes) -> Quarantined and deleted successfully.

Files Infected:
c:\Windows\System32\config\systemprofile\AppData\Roaming\Adobe\shed\thr1.chm (Malware.Trace) -> Quarantined and deleted successfully.
c:\Windows\System32\config\systemprofile\AppData\Roaming\Adobe\plugs\mmc121.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
c:\Windows\System32\config\systemprofile\AppData\Roaming\Adobe\plugs\mmc74.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
c:\Recycle.Bin\4710b865723d944 (Trojan.Spyeyes) -> Quarantined and deleted successfully.

#11 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,703 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:02:20 PM

Posted 13 November 2011 - 04:00 PM

Now please do the following:

  • Run command Prompt as Administrator. To do that:
    Go to Start and type cmd.exe in the Search box.
    It gives you cmd.exe in the upper part. Right-click cmd.exe and select "Run As Administrator".
    Copy the following command, right-click in the open Command prompt window and select Paste the press Enter:

    netsh winsock reset

    Close the command window.
  • Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default).
    Select Continue.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log have a name like: TDSSKiller.Version_Date_Time_log.txt.


#12 slo_805

slo_805
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Local time:04:20 AM

Posted 13 November 2011 - 04:09 PM

13:02:58.0164 4724 TDSS rootkit removing tool 2.6.18.0 Nov 11 2011 15:47:15
13:02:58.0973 4724 ============================================================
13:02:58.0973 4724 Current date / time: 2011/11/13 13:02:58.0973
13:02:58.0973 4724 SystemInfo:
13:02:58.0973 4724
13:02:58.0973 4724 OS Version: 6.0.6002 ServicePack: 2.0
13:02:58.0973 4724 Product type: Workstation
13:02:58.0973 4724 ComputerName: DEE
13:02:58.0974 4724 UserName: Judy
13:02:58.0974 4724 Windows directory: C:\Windows
13:02:58.0974 4724 System windows directory: C:\Windows
13:02:58.0974 4724 Running under WOW64
13:02:58.0974 4724 Processor architecture: Intel x64
13:02:58.0974 4724 Number of processors: 2
13:02:58.0974 4724 Page size: 0x1000
13:02:58.0974 4724 Boot type: Normal boot
13:02:58.0974 4724 ============================================================
13:02:59.0727 4724 Initialize success
13:04:41.0582 4436 ============================================================
13:04:41.0582 4436 Scan started
13:04:41.0582 4436 Mode: Manual;
13:04:41.0582 4436 ============================================================
13:04:42.0273 4436 ACPI (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys
13:04:42.0278 4436 ACPI - ok
13:04:42.0481 4436 adp94xx (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys
13:04:42.0490 4436 adp94xx - ok
13:04:42.0632 4436 adpahci (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys
13:04:42.0638 4436 adpahci - ok
13:04:42.0731 4436 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys
13:04:42.0736 4436 adpu160m - ok
13:04:42.0787 4436 adpu320 (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys
13:04:42.0791 4436 adpu320 - ok
13:04:42.0968 4436 AFD (0cc146c4addea45791b18b1e2659f4a9) C:\Windows\system32\drivers\afd.sys
13:04:42.0977 4436 AFD - ok
13:04:43.0107 4436 agp440 (f6f6793b7f17b550ecfdbd3b229173f7) C:\Windows\system32\drivers\agp440.sys
13:04:43.0109 4436 agp440 - ok
13:04:43.0205 4436 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys
13:04:43.0208 4436 aic78xx - ok
13:04:43.0312 4436 aliide (157d0898d4b73f075ce9fa26b482df98) C:\Windows\system32\drivers\aliide.sys
13:04:43.0313 4436 aliide - ok
13:04:43.0402 4436 amdide (970fa5059e61e30d25307b99903e991e) C:\Windows\system32\drivers\amdide.sys
13:04:43.0403 4436 amdide - ok
13:04:43.0522 4436 AmdK8 (cdc3632a3a5ea4dbb83e46076a3165a1) C:\Windows\system32\drivers\amdk8.sys
13:04:43.0524 4436 AmdK8 - ok
13:04:43.0666 4436 androidusb (4de0d5d747a73797c95a97dcce5018b5) C:\Windows\system32\Drivers\ssadadb.sys
13:04:43.0667 4436 androidusb - ok
13:04:43.0826 4436 arc (ba8417d4765f3988ff921f30f630e303) C:\Windows\system32\drivers\arc.sys
13:04:43.0829 4436 arc - ok
13:04:43.0970 4436 arcsas (9d41c435619733b34cc16a511e644b11) C:\Windows\system32\drivers\arcsas.sys
13:04:43.0973 4436 arcsas - ok
13:04:44.0050 4436 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys
13:04:44.0052 4436 AsyncMac - ok
13:04:44.0101 4436 atapi (e68d9b3a3905619732f7fe039466a623) C:\Windows\system32\drivers\atapi.sys
13:04:44.0103 4436 atapi - ok
13:04:44.0296 4436 AVGIDSDriver - ok
13:04:44.0323 4436 AVGIDSEH - ok
13:04:44.0337 4436 AVGIDSFilter - ok
13:04:44.0352 4436 Avgldx64 - ok
13:04:44.0366 4436 Avgmfx64 - ok
13:04:44.0396 4436 Avgrkx64 - ok
13:04:44.0406 4436 Avgtdia - ok
13:04:44.0468 4436 blbdrive (79feeb40056683f8f61398d81dda65d2) C:\Windows\system32\drivers\blbdrive.sys
13:04:44.0469 4436 blbdrive - ok
13:04:44.0661 4436 bowser (2348447a80920b2493a9b582a23e81e1) C:\Windows\system32\DRIVERS\bowser.sys
13:04:44.0677 4436 bowser - ok
13:04:44.0758 4436 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys
13:04:44.0759 4436 BrFiltLo - ok
13:04:44.0797 4436 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys
13:04:44.0798 4436 BrFiltUp - ok
13:04:44.0944 4436 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys
13:04:44.0946 4436 Brserid - ok
13:04:45.0013 4436 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys
13:04:45.0014 4436 BrSerWdm - ok
13:04:45.0037 4436 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys
13:04:45.0038 4436 BrUsbMdm - ok
13:04:45.0141 4436 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys
13:04:45.0157 4436 BrUsbSer - ok
13:04:45.0235 4436 BTHMODEM (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys
13:04:45.0237 4436 BTHMODEM - ok
13:04:45.0347 4436 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys
13:04:45.0350 4436 cdfs - ok
13:04:45.0448 4436 cdrom (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys
13:04:45.0451 4436 cdrom - ok
13:04:45.0587 4436 circlass (02ea568d498bbdd4ba55bf3fce34d456) C:\Windows\system32\drivers\circlass.sys
13:04:45.0624 4436 circlass - ok
13:04:45.0742 4436 CLFS (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys
13:04:45.0768 4436 CLFS - ok
13:04:45.0965 4436 CmBatt (b52d9a14ce4101577900a364ba86f3df) C:\Windows\system32\DRIVERS\CmBatt.sys
13:04:45.0968 4436 CmBatt - ok
13:04:46.0011 4436 cmdide (e5d5499a1c50a54b5161296b6afe6192) C:\Windows\system32\drivers\cmdide.sys
13:04:46.0012 4436 cmdide - ok
13:04:46.0107 4436 CnxtHdAudService (5a220d86c6e0dd92ea0ea157ed3ca267) C:\Windows\system32\drivers\CHDRT64.sys
13:04:46.0114 4436 CnxtHdAudService - ok
13:04:46.0265 4436 COH_Mon (4ac0614de43f8787ec1556560c752af8) C:\Windows\system32\Drivers\COH_Mon.sys
13:04:46.0267 4436 COH_Mon - ok
13:04:46.0314 4436 Compbatt (7fb8ad01db0eabe60c8a861531a8f431) C:\Windows\system32\DRIVERS\compbatt.sys
13:04:46.0315 4436 Compbatt - ok
13:04:46.0410 4436 crcdisk (a8585b6412253803ce8efcbd6d6dc15c) C:\Windows\system32\drivers\crcdisk.sys
13:04:46.0414 4436 crcdisk - ok
13:04:46.0568 4436 DfsC (8b722ba35205c71e7951cdc4cdbade19) C:\Windows\system32\Drivers\dfsc.sys
13:04:46.0585 4436 DfsC - ok
13:04:46.0734 4436 dg_ssudbus (f551cbb5db009b980a03f64b09946f75) C:\Windows\system32\DRIVERS\ssudbus.sys
13:04:46.0737 4436 dg_ssudbus - ok
13:04:46.0870 4436 disk (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys
13:04:46.0873 4436 disk - ok
13:04:47.0021 4436 Dot4 (74c02b1717740c3b8039539e23e4b53f) C:\Windows\system32\DRIVERS\Dot4.sys
13:04:47.0026 4436 Dot4 - ok
13:04:47.0134 4436 Dot4Print (08321d1860235bf42cf2854234337aea) C:\Windows\system32\DRIVERS\Dot4Prt.sys
13:04:47.0143 4436 Dot4Print - ok
13:04:47.0216 4436 dot4usb (4adccf0124f2b6911d3786a5d0e779e5) C:\Windows\system32\DRIVERS\dot4usb.sys
13:04:47.0218 4436 dot4usb - ok
13:04:47.0408 4436 drmkaud (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys
13:04:47.0424 4436 drmkaud - ok
13:04:47.0510 4436 DXGKrnl (b8e554e502d5123bc111f99d6a2181b4) C:\Windows\System32\drivers\dxgkrnl.sys
13:04:47.0526 4436 DXGKrnl - ok
13:04:47.0689 4436 E1G60 (264cee7b031a9d6c827f3d0cb031f2fe) C:\Windows\system32\DRIVERS\E1G6032E.sys
13:04:47.0692 4436 E1G60 - ok
13:04:47.0797 4436 Ecache (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys
13:04:47.0800 4436 Ecache - ok
13:04:47.0905 4436 eeCtrl - ok
13:04:48.0113 4436 elxstor (c4636d6e10469404ab5308d9fd45ed07) C:\Windows\system32\drivers\elxstor.sys
13:04:48.0122 4436 elxstor - ok
13:04:48.0228 4436 EraserUtilRebootDrv - ok
13:04:48.0371 4436 ErrDev (bc3a58e938bb277e46bf4b3003b01abd) C:\Windows\system32\drivers\errdev.sys
13:04:48.0373 4436 ErrDev - ok
13:04:48.0465 4436 exfat (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys
13:04:48.0471 4436 exfat - ok
13:04:48.0629 4436 fastfat (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys
13:04:48.0635 4436 fastfat - ok
13:04:48.0748 4436 fdc (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys
13:04:48.0751 4436 fdc - ok
13:04:48.0864 4436 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys
13:04:48.0867 4436 FileInfo - ok
13:04:48.0914 4436 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys
13:04:48.0916 4436 Filetrace - ok
13:04:49.0016 4436 flpydisk (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
13:04:49.0030 4436 flpydisk - ok
13:04:49.0146 4436 FltMgr (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys
13:04:49.0155 4436 FltMgr - ok
13:04:49.0333 4436 Fs_Rec (29d99e860a1ca0a03c6a733fdd0da703) C:\Windows\system32\drivers\Fs_Rec.sys
13:04:49.0335 4436 Fs_Rec - ok
13:04:49.0377 4436 gagp30kx (c8e416668d3dc2be3d4fe4c79224997f) C:\Windows\system32\drivers\gagp30kx.sys
13:04:49.0380 4436 gagp30kx - ok
13:04:49.0410 4436 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\Drivers\GEARAspiWDM.sys
13:04:49.0412 4436 GEARAspiWDM - ok
13:04:49.0574 4436 HdAudAddService (df45f8142dc6df9d18c39b3effbd0409) C:\Windows\system32\drivers\HdAudio.sys
13:04:49.0582 4436 HdAudAddService - ok
13:04:49.0726 4436 HDAudBus (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys
13:04:49.0751 4436 HDAudBus - ok
13:04:49.0869 4436 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys
13:04:49.0872 4436 HidBth - ok
13:04:49.0914 4436 HidIr (4e77a77e2c986e8f88f996bb3e1ad829) C:\Windows\system32\drivers\hidir.sys
13:04:49.0916 4436 HidIr - ok
13:04:49.0994 4436 HidUsb (443bdd2d30bb4f00795c797e2cf99edf) C:\Windows\system32\DRIVERS\hidusb.sys
13:04:49.0997 4436 HidUsb - ok
13:04:50.0228 4436 HpCISSs (d7109a1e6bd2dfdbcba72a6bc626a13b) C:\Windows\system32\drivers\hpcisss.sys
13:04:50.0231 4436 HpCISSs - ok
13:04:50.0303 4436 HTTP (098f1e4e5c9cb5b0063a959063631610) C:\Windows\system32\drivers\HTTP.sys
13:04:50.0320 4436 HTTP - ok
13:04:50.0453 4436 i2omp (da94c854cea5fac549d4e1f6e88349e8) C:\Windows\system32\drivers\i2omp.sys
13:04:50.0454 4436 i2omp - ok
13:04:50.0526 4436 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys
13:04:50.0528 4436 i8042prt - ok
13:04:50.0569 4436 iaStor (1d004cb1da6323b1f55caef7f94b61d9) C:\Windows\system32\DRIVERS\iaStor.sys
13:04:50.0572 4436 iaStor - ok
13:04:50.0666 4436 iaStorV (3e3bf3627d886736d0b4e90054f929f6) C:\Windows\system32\drivers\iastorv.sys
13:04:50.0671 4436 iaStorV - ok
13:04:50.0811 4436 IDSvia64 (5bff303b2edce7ebc133fb802be6cb13) C:\PROGRA~3\Symantec\DEFINI~1\SymcData\ipsdefs\20081010.001\IDSvia64.sys
13:04:50.0814 4436 IDSvia64 - ok
13:04:51.0246 4436 igfx (663e7364f650a915d415eeb2da98d86a) C:\Windows\system32\DRIVERS\igdkmd64.sys
13:04:51.0444 4436 igfx - ok
13:04:51.0610 4436 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys
13:04:51.0612 4436 iirsp - ok
13:04:51.0706 4436 intelide (df797a12176f11b2d301c5b234bb200e) C:\Windows\system32\drivers\intelide.sys
13:04:51.0708 4436 intelide - ok
13:04:51.0747 4436 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys
13:04:51.0748 4436 intelppm - ok
13:04:51.0899 4436 IpFilterDriver (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:04:51.0902 4436 IpFilterDriver - ok
13:04:51.0974 4436 IpInIp - ok
13:04:52.0115 4436 IPMIDRV (9c2ee2e6e5a7203bfae15c299475ec67) C:\Windows\system32\drivers\ipmidrv.sys
13:04:52.0118 4436 IPMIDRV - ok
13:04:52.0241 4436 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys
13:04:52.0245 4436 IPNAT - ok
13:04:52.0322 4436 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys
13:04:52.0323 4436 IRENUM - ok
13:04:52.0386 4436 isapnp (0672bfcedc6fc468a2b0500d81437f4f) C:\Windows\system32\drivers\isapnp.sys
13:04:52.0387 4436 isapnp - ok
13:04:52.0525 4436 iScsiPrt (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys
13:04:52.0533 4436 iScsiPrt - ok
13:04:52.0645 4436 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys
13:04:52.0646 4436 iteatapi - ok
13:04:52.0758 4436 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys
13:04:52.0759 4436 iteraid - ok
13:04:52.0788 4436 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys
13:04:52.0790 4436 kbdclass - ok
13:04:52.0831 4436 kbdhid (dbdf75d51464fbc47d0104ec3d572c05) C:\Windows\system32\DRIVERS\kbdhid.sys
13:04:52.0832 4436 kbdhid - ok
13:04:53.0112 4436 KR10I64 (7c999f96b239e214154db3c808e6736a) C:\Windows\system32\drivers\kr10i64.sys
13:04:53.0134 4436 KR10I64 - ok
13:04:53.0375 4436 KR10N64 (8cb9a9164d4e789424f943fa718fa3f2) C:\Windows\system32\drivers\kr10n64.sys
13:04:53.0381 4436 KR10N64 - ok
13:04:53.0437 4436 KSecDD (476e2c1dcea45895994bef11c2a98715) C:\Windows\system32\Drivers\ksecdd.sys
13:04:53.0448 4436 KSecDD - ok
13:04:53.0574 4436 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys
13:04:53.0576 4436 ksthunk - ok
13:04:53.0613 4436 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys
13:04:53.0615 4436 lltdio - ok
13:04:53.0660 4436 LSI_FC (acbe1af32d3123e330a07bfbc5ec4a9b) C:\Windows\system32\drivers\lsi_fc.sys
13:04:53.0674 4436 LSI_FC - ok
13:04:53.0774 4436 LSI_SAS (799ffb2fc4729fa46d2157c0065b3525) C:\Windows\system32\drivers\lsi_sas.sys
13:04:53.0777 4436 LSI_SAS - ok
13:04:53.0815 4436 LSI_SCSI (f445ff1daad8a226366bfaf42551226b) C:\Windows\system32\drivers\lsi_scsi.sys
13:04:53.0818 4436 LSI_SCSI - ok
13:04:53.0847 4436 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys
13:04:53.0850 4436 luafv - ok
13:04:54.0258 4436 megasas (5c5cd6aaced32fb26c3fb34b3dcf972f) C:\Windows\system32\drivers\megasas.sys
13:04:54.0274 4436 megasas - ok
13:04:54.0666 4436 MegaSR (859bc2436b076c77c159ed694acfe8f8) C:\Windows\system32\drivers\megasr.sys
13:04:54.0678 4436 MegaSR - ok
13:04:55.0283 4436 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys
13:04:55.0286 4436 Modem - ok
13:04:55.0422 4436 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys
13:04:55.0424 4436 monitor - ok
13:04:55.0553 4436 MotDev (3cc500c9b0e4d476802d277353cb2c89) C:\Windows\system32\DRIVERS\motodrv.sys
13:04:55.0568 4436 MotDev - ok
13:04:55.0726 4436 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys
13:04:55.0728 4436 mouclass - ok
13:04:55.0798 4436 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys
13:04:55.0799 4436 mouhid - ok
13:04:55.0835 4436 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys
13:04:55.0851 4436 MountMgr - ok
13:04:56.0086 4436 mpio (f8276eb8698142884498a528dfea8478) C:\Windows\system32\drivers\mpio.sys
13:04:56.0128 4436 mpio - ok
13:04:56.0417 4436 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys
13:04:56.0453 4436 mpsdrv - ok
13:04:56.0518 4436 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys
13:04:56.0536 4436 Mraid35x - ok
13:04:56.0657 4436 MRxDAV (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys
13:04:56.0699 4436 MRxDAV - ok
13:04:56.0869 4436 mrxsmb (1485811b320ff8c7edad1caebb1c6c2b) C:\Windows\system32\DRIVERS\mrxsmb.sys
13:04:56.0903 4436 mrxsmb - ok
13:04:57.0489 4436 mrxsmb10 (3b929a60c833fc615fd97fba82bc7632) C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:04:57.0497 4436 mrxsmb10 - ok
13:04:57.0621 4436 mrxsmb20 (c64ab3e1f53b4f5b5bb6d796b2d7bec3) C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:04:57.0625 4436 mrxsmb20 - ok
13:04:57.0690 4436 msahci (730b784962d22d2c6481eae2370e7c8c) C:\Windows\system32\drivers\msahci.sys
13:04:57.0692 4436 msahci - ok
13:04:57.0744 4436 msdsm (264bbb4aaf312a485f0e44b65a6b7202) C:\Windows\system32\drivers\msdsm.sys
13:04:57.0748 4436 msdsm - ok
13:04:57.0877 4436 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys
13:04:57.0879 4436 Msfs - ok
13:04:57.0955 4436 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys
13:04:57.0957 4436 msisadrv - ok
13:04:58.0112 4436 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys
13:04:58.0114 4436 MSKSSRV - ok
13:04:58.0170 4436 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys
13:04:58.0172 4436 MSPCLOCK - ok
13:04:58.0210 4436 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys
13:04:58.0212 4436 MSPQM - ok
13:04:58.0343 4436 MsRPC (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys
13:04:58.0352 4436 MsRPC - ok
13:04:58.0466 4436 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys
13:04:58.0469 4436 mssmbios - ok
13:04:58.0550 4436 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys
13:04:58.0552 4436 MSTEE - ok
13:04:58.0651 4436 Mup (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys
13:04:58.0671 4436 Mup - ok
13:04:58.0732 4436 NativeWifiP (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys
13:04:58.0738 4436 NativeWifiP - ok
13:04:58.0800 4436 NAVENG - ok
13:04:58.0806 4436 NAVEX15 - ok
13:04:58.0988 4436 NDIS (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys
13:04:59.0008 4436 NDIS - ok
13:04:59.0095 4436 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys
13:04:59.0107 4436 NdisTapi - ok
13:04:59.0143 4436 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys
13:04:59.0145 4436 Ndisuio - ok
13:04:59.0190 4436 NdisWan (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys
13:04:59.0196 4436 NdisWan - ok
13:04:59.0305 4436 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys
13:04:59.0307 4436 NDProxy - ok
13:04:59.0337 4436 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys
13:04:59.0340 4436 NetBIOS - ok
13:04:59.0421 4436 netbt (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys
13:04:59.0428 4436 netbt - ok
13:04:59.0722 4436 NETw5v64 (93915c41a0dbbd121a0fad2835e43776) C:\Windows\system32\DRIVERS\NETw5v64.sys
13:04:59.0888 4436 NETw5v64 - ok
13:05:00.0010 4436 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys
13:05:00.0012 4436 nfrd960 - ok
13:05:00.0054 4436 Npfs (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys
13:05:00.0056 4436 Npfs - ok
13:05:00.0075 4436 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys
13:05:00.0077 4436 nsiproxy - ok
13:05:00.0187 4436 Ntfs (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys
13:05:00.0253 4436 Ntfs - ok
13:05:00.0405 4436 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys
13:05:00.0407 4436 Null - ok
13:05:00.0447 4436 nvraid (2c040b7ada5b06f6facadac8514aa034) C:\Windows\system32\drivers\nvraid.sys
13:05:00.0451 4436 nvraid - ok
13:05:00.0482 4436 nvstor (f7ea0fe82842d05eda3efdd376dbfdba) C:\Windows\system32\drivers\nvstor.sys
13:05:00.0485 4436 nvstor - ok
13:05:00.0613 4436 nv_agp (19067ca93075ef4823e3938a686f532f) C:\Windows\system32\drivers\nv_agp.sys
13:05:00.0618 4436 nv_agp - ok
13:05:00.0650 4436 NwlnkFlt - ok
13:05:00.0663 4436 NwlnkFwd - ok
13:05:00.0774 4436 O2MDRDR (6531dced1f12f8863f5c335c4a89a02e) C:\Windows\system32\DRIVERS\o2mdx64.sys
13:05:00.0776 4436 O2MDRDR - ok
13:05:00.0881 4436 O2SDRDR (e91b345d7e8ffaf29164b81311623941) C:\Windows\system32\DRIVERS\o2sdx64.sys
13:05:00.0883 4436 O2SDRDR - ok
13:05:00.0936 4436 ohci1394 (b5b1ce65ac15bbd11c0619e3ef7cfc28) C:\Windows\system32\DRIVERS\ohci1394.sys
13:05:00.0938 4436 ohci1394 - ok
13:05:01.0001 4436 OpenLibSys - ok
13:05:01.0165 4436 Parport (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\drivers\parport.sys
13:05:01.0167 4436 Parport - ok
13:05:01.0232 4436 partmgr (f9b5eda4c17a2be7663f064dbf0fe254) C:\Windows\system32\drivers\partmgr.sys
13:05:01.0234 4436 partmgr - ok
13:05:01.0339 4436 pci (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys
13:05:01.0344 4436 pci - ok
13:05:01.0392 4436 pciide (8d618c829034479985a9ed56106cc732) C:\Windows\system32\DRIVERS\pciide.sys
13:05:01.0393 4436 pciide - ok
13:05:01.0499 4436 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys
13:05:01.0503 4436 pcmcia - ok
13:05:01.0551 4436 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys
13:05:01.0564 4436 PEAUTH - ok
13:05:01.0700 4436 pnetmdm (06841f5cd8410b6bdc0b5a631b8f8787) C:\Windows\system32\DRIVERS\pnetmdm64.sys
13:05:01.0701 4436 pnetmdm - ok
13:05:01.0788 4436 PptpMiniport (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys
13:05:01.0791 4436 PptpMiniport - ok
13:05:01.0906 4436 Processor (5080e59ecee0bc923f14018803aa7a01) C:\Windows\system32\drivers\processr.sys
13:05:01.0908 4436 Processor - ok
13:05:01.0999 4436 PSched (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys
13:05:02.0002 4436 PSched - ok
13:05:02.0154 4436 PxHlpa64 (a6bf0a9b5a30d743623ca0d3be35df05) C:\Windows\system32\Drivers\PxHlpa64.sys
13:05:02.0157 4436 PxHlpa64 - ok
13:05:02.0201 4436 QIOMem (030176bd0b4aaea01a651b51efe295bb) C:\Windows\system32\DRIVERS\QIOMem.sys
13:05:02.0203 4436 QIOMem - ok
13:05:02.0401 4436 ql2300 (0b83f4e681062f3839be2ec1d98fd94a) C:\Windows\system32\drivers\ql2300.sys
13:05:02.0434 4436 ql2300 - ok
13:05:02.0580 4436 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys
13:05:02.0584 4436 ql40xx - ok
13:05:02.0637 4436 qrkis (e92ca234469cc386ad81b9db924fe9d4) C:\Windows\system32\DRIVERS\qrkis.sys
13:05:02.0639 4436 qrkis - ok
13:05:02.0737 4436 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys
13:05:02.0748 4436 QWAVEdrv - ok
13:05:02.0778 4436 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys
13:05:02.0780 4436 RasAcd - ok
13:05:02.0865 4436 Rasl2tp (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys
13:05:02.0870 4436 Rasl2tp - ok
13:05:02.0989 4436 RasPppoe (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys
13:05:02.0992 4436 RasPppoe - ok
13:05:03.0043 4436 RasSstp (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys
13:05:03.0047 4436 RasSstp - ok
13:05:03.0100 4436 rdbss (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys
13:05:03.0108 4436 rdbss - ok
13:05:03.0218 4436 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys
13:05:03.0220 4436 RDPCDD - ok
13:05:03.0265 4436 rdpdr (c045d1fb111c28df0d1be8d4bda22c06) C:\Windows\system32\drivers\rdpdr.sys
13:05:03.0274 4436 rdpdr - ok
13:05:03.0378 4436 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys
13:05:03.0380 4436 RDPENCDD - ok
13:05:03.0469 4436 RDPWD (b1d741c87cea8d7282146366cc9c3f81) C:\Windows\system32\drivers\RDPWD.sys
13:05:03.0476 4436 RDPWD - ok
13:05:03.0638 4436 RimUsb (5790bca445cc40df8b38c2c48608aac2) C:\Windows\system32\Drivers\RimUsb_AMD64.sys
13:05:03.0640 4436 RimUsb - ok
13:05:03.0732 4436 RimVSerPort (0de22421179d5a8440b68517ddf2b051) C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
13:05:03.0735 4436 RimVSerPort - ok
13:05:03.0785 4436 ROOTMODEM (6a0cf73b019cbc9255e23c9192ec3702) C:\Windows\system32\Drivers\RootMdm.sys
13:05:03.0787 4436 ROOTMODEM - ok
13:05:03.0940 4436 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys
13:05:03.0959 4436 rspndr - ok
13:05:04.0001 4436 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys
13:05:04.0005 4436 sbp2port - ok
13:05:04.0176 4436 sdbus (b42ee50f7d24f837f925332eb349eca5) C:\Windows\system32\DRIVERS\sdbus.sys
13:05:04.0180 4436 sdbus - ok
13:05:04.0229 4436 Serenum (f71bfe7ac6c52273b7c82cbf1bb2a222) C:\Windows\system32\drivers\serenum.sys
13:05:04.0231 4436 Serenum - ok
13:05:04.0269 4436 Serial (e62fac91ee288db29a9696a9d279929c) C:\Windows\system32\drivers\serial.sys
13:05:04.0290 4436 Serial - ok
13:05:04.0429 4436 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys
13:05:04.0431 4436 sermouse - ok
13:05:04.0465 4436 sffdisk (14d4b4465193a87c127933978e8c4106) C:\Windows\system32\drivers\sffdisk.sys
13:05:04.0467 4436 sffdisk - ok
13:05:04.0488 4436 sffp_mmc (7073aee3f82f3d598e3825962aa98ab2) C:\Windows\system32\drivers\sffp_mmc.sys
13:05:04.0491 4436 sffp_mmc - ok
13:05:04.0612 4436 sffp_sd (35e59ebe4a01a0532ed67975161c7b82) C:\Windows\system32\drivers\sffp_sd.sys
13:05:04.0614 4436 sffp_sd - ok
13:05:04.0654 4436 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys
13:05:04.0657 4436 sfloppy - ok
13:05:04.0692 4436 SiSRaid2 (7a5de502aeb719d4594c6471060a78b3) C:\Windows\system32\drivers\sisraid2.sys
13:05:04.0695 4436 SiSRaid2 - ok
13:05:04.0841 4436 SiSRaid4 (3a2f769fab9582bc720e11ea1dfb184d) C:\Windows\system32\drivers\sisraid4.sys
13:05:04.0844 4436 SiSRaid4 - ok
13:05:04.0973 4436 Smb (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys
13:05:04.0988 4436 Smb - ok
13:05:05.0106 4436 spldr (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys
13:05:05.0108 4436 spldr - ok
13:05:05.0179 4436 SRTSP (7e4cc24a23262a84ae99dbffef69a6b0) C:\Windows\system32\Drivers\SRTSP64.SYS
13:05:05.0192 4436 SRTSP - ok
13:05:05.0299 4436 SRTSPL (8b1dedeba049a3e1daf8219eec87eb00) C:\Windows\system32\Drivers\SRTSPL64.SYS
13:05:05.0313 4436 SRTSPL - ok
13:05:05.0418 4436 SRTSPX (3db35652e4460da6730bb44908fa39cb) C:\Windows\system32\Drivers\SRTSPX64.SYS
13:05:05.0435 4436 SRTSPX - ok
13:05:05.0510 4436 srv (880a57fccb571ebd063d4dd50e93e46d) C:\Windows\system32\DRIVERS\srv.sys
13:05:05.0523 4436 srv - ok
13:05:05.0654 4436 srv2 (a1ad14a6d7a37891fffeca35ebbb0730) C:\Windows\system32\DRIVERS\srv2.sys
13:05:05.0673 4436 srv2 - ok
13:05:05.0713 4436 srvnet (4bed62f4fa4d8300973f1151f4c4d8a7) C:\Windows\system32\DRIVERS\srvnet.sys
13:05:05.0718 4436 srvnet - ok
13:05:05.0763 4436 ssadbus (d52282225d5bd73a9cbf420699d1a0fe) C:\Windows\system32\DRIVERS\ssadbus.sys
13:05:05.0768 4436 ssadbus - ok
13:05:05.0906 4436 ssadmdfl (f7936ac6e8437e10e1ae488ce21f3086) C:\Windows\system32\DRIVERS\ssadmdfl.sys
13:05:05.0927 4436 ssadmdfl - ok
13:05:05.0970 4436 ssadmdm (1fe033372a58c67b3ecca903fc637b36) C:\Windows\system32\DRIVERS\ssadmdm.sys
13:05:05.0976 4436 ssadmdm - ok
13:05:06.0072 4436 ssadserd (5eb7da2f72b90c8398df9d7a82e43fcb) C:\Windows\system32\DRIVERS\ssadserd.sys
13:05:06.0088 4436 ssadserd - ok
13:05:06.0244 4436 ssudmdm (90c3d4d7b7f8f4b722ebf40b2304ab66) C:\Windows\system32\DRIVERS\ssudmdm.sys
13:05:06.0251 4436 ssudmdm - ok
13:05:06.0309 4436 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys
13:05:06.0311 4436 swenum - ok
13:05:06.0361 4436 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys
13:05:06.0363 4436 Symc8xx - ok
13:05:06.0456 4436 SYMDNS (9e65ac70e4528ab6db53b5f1bb1a3520) C:\Windows\System32\Drivers\SYMDNS.SYS
13:05:06.0458 4436 SYMDNS - ok
13:05:06.0549 4436 SymEvent (70c8d165063eb76f1a373b74456d2aab) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
13:05:06.0555 4436 SymEvent - ok
13:05:06.0618 4436 SYMFW (b9e27e6a85bcecaec4b82649a9e99ae5) C:\Windows\System32\Drivers\SYMFW.SYS
13:05:06.0624 4436 SYMFW - ok
13:05:06.0730 4436 SymIM (93526d381fcff03e666b767e2a920ac9) C:\Windows\system32\DRIVERS\SymIMv.sys
13:05:06.0732 4436 SymIM - ok
13:05:06.0760 4436 SYMNDISV (7d9f8388933a31a8468751b556bb1c41) C:\Windows\System32\Drivers\SYMNDISV.SYS
13:05:06.0762 4436 SYMNDISV - ok
13:05:06.0853 4436 SYMREDRV (c082fc0d3dd1f990d120049a2285b33c) C:\Windows\System32\Drivers\SYMREDRV.SYS
13:05:06.0855 4436 SYMREDRV - ok
13:05:06.0913 4436 SYMTDI (4ea607f6fb7288acf624fa4078f93ac7) C:\Windows\System32\Drivers\SYMTDI.SYS
13:05:06.0921 4436 SYMTDI - ok
13:05:07.0022 4436 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys
13:05:07.0024 4436 Sym_hi - ok
13:05:07.0081 4436 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys
13:05:07.0083 4436 Sym_u3 - ok
13:05:07.0219 4436 SynTP (8de55385370e47f0e851c9bd6c310e9d) C:\Windows\system32\DRIVERS\SynTP.sys
13:05:07.0229 4436 SynTP - ok
13:05:07.0441 4436 Tcpip (4dad14118fbcf7c609f2a4ce21fbcc5f) C:\Windows\system32\drivers\tcpip.sys
13:05:07.0466 4436 Tcpip - ok
13:05:07.0674 4436 Tcpip6 (4dad14118fbcf7c609f2a4ce21fbcc5f) C:\Windows\system32\DRIVERS\tcpip.sys
13:05:07.0697 4436 Tcpip6 - ok
13:05:07.0839 4436 tcpipreg (c7e72a4071ee0200e3c075dacfb2b334) C:\Windows\system32\drivers\tcpipreg.sys
13:05:07.0841 4436 tcpipreg - ok
13:05:07.0904 4436 tdcmdpst (d45586a9facb2c9708b10e491ef748a6) C:\Windows\system32\DRIVERS\tdcmdpst.sys
13:05:07.0923 4436 tdcmdpst - ok
13:05:07.0966 4436 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys
13:05:07.0968 4436 TDPIPE - ok
13:05:08.0080 4436 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys
13:05:08.0082 4436 TDTCP - ok
13:05:08.0151 4436 tdx (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys
13:05:08.0155 4436 tdx - ok
13:05:08.0206 4436 TermDD (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys
13:05:08.0209 4436 TermDD - ok
13:05:08.0375 4436 Tosrfcom - ok
13:05:08.0441 4436 tosrfec (9fb4aa68d4e833c795994513bc9e3aca) C:\Windows\system32\DRIVERS\tosrfec.sys
13:05:08.0463 4436 tosrfec - ok
13:05:08.0597 4436 tos_sps64 (dd50a5df5f7b29fdb6b5fea728c43dc3) C:\Windows\system32\DRIVERS\tos_sps64.sys
13:05:08.0612 4436 tos_sps64 - ok
13:05:08.0690 4436 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys
13:05:08.0701 4436 tssecsrv - ok
13:05:08.0772 4436 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys
13:05:08.0788 4436 tunmp - ok
13:05:08.0894 4436 tunnel (30a9b3f45ad081bffc3bcaa9c812b609) C:\Windows\system32\DRIVERS\tunnel.sys
13:05:08.0914 4436 tunnel - ok
13:05:08.0978 4436 TVALZ (9a744cc3d804ec38a6c2c65bc3c6fcd8) C:\Windows\system32\DRIVERS\TVALZ_O.SYS
13:05:08.0981 4436 TVALZ - ok
13:05:09.0056 4436 uagp35 (fec266ef401966311744bd0f359f7f56) C:\Windows\system32\drivers\uagp35.sys
13:05:09.0059 4436 uagp35 - ok
13:05:09.0111 4436 udfs (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys
13:05:09.0120 4436 udfs - ok
13:05:09.0292 4436 uliagpkx (4ec9447ac3ab462647f60e547208ca00) C:\Windows\system32\drivers\uliagpkx.sys
13:05:09.0295 4436 uliagpkx - ok
13:05:09.0328 4436 uliahci (697f0446134cdc8f99e69306184fbbb4) C:\Windows\system32\drivers\uliahci.sys
13:05:09.0337 4436 uliahci - ok
13:05:09.0476 4436 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys
13:05:09.0482 4436 UlSata - ok
13:05:09.0531 4436 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys
13:05:09.0537 4436 ulsata2 - ok
13:05:09.0571 4436 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys
13:05:09.0585 4436 umbus - ok
13:05:09.0763 4436 USB28xxBGA (001a988aa2cf5f2e9f66297bced33337) C:\Windows\system32\DRIVERS\emBDA64.sys
13:05:09.0781 4436 USB28xxBGA - ok
13:05:09.0921 4436 USB28xxOEM (40c06678a583930f15956e27504b9ff6) C:\Windows\system32\DRIVERS\emOEM64.sys
13:05:09.0932 4436 USB28xxOEM - ok
13:05:10.0086 4436 USBAAPL64 (cd03479f2da26500b203ed075c146a7a) C:\Windows\system32\Drivers\usbaapl64.sys
13:05:10.0089 4436 USBAAPL64 - ok
13:05:10.0174 4436 usbccgp (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys
13:05:10.0178 4436 usbccgp - ok
13:05:10.0272 4436 usbcir (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys
13:05:10.0276 4436 usbcir - ok
13:05:10.0371 4436 usbehci (827e44de934a736ea31e91d353eb126f) C:\Windows\system32\DRIVERS\usbehci.sys
13:05:10.0381 4436 usbehci - ok
13:05:10.0462 4436 usbhub (bb35cd80a2ececfadc73569b3d70c7d1) C:\Windows\system32\DRIVERS\usbhub.sys
13:05:10.0471 4436 usbhub - ok
13:05:10.0558 4436 usbohci (eba14ef0c07cec233f1529c698d0d154) C:\Windows\system32\drivers\usbohci.sys
13:05:10.0561 4436 usbohci - ok
13:05:10.0646 4436 usbprint (28b693b6d31e7b9332c1bdcefef228c1) C:\Windows\system32\DRIVERS\usbprint.sys
13:05:10.0649 4436 usbprint - ok
13:05:10.0709 4436 usbscan (ea0bf666868964fbe8cb10e50c97b9f1) C:\Windows\system32\DRIVERS\usbscan.sys
13:05:10.0712 4436 usbscan - ok
13:05:10.0820 4436 USBSTOR (b854c1558fca0c269a38663e8b59b581) C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:05:10.0824 4436 USBSTOR - ok
13:05:10.0879 4436 usbuhci (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys
13:05:10.0881 4436 usbuhci - ok
13:05:11.0018 4436 usbvideo (fc33099877790d51b0927b7039059855) C:\Windows\system32\Drivers\usbvideo.sys
13:05:11.0024 4436 usbvideo - ok
13:05:11.0137 4436 usb_rndisx (1e36bb1a3c5aaf2aa9fa9a126df8c16c) C:\Windows\system32\DRIVERS\usb8023x.sys
13:05:11.0138 4436 usb_rndisx - ok
13:05:11.0204 4436 UVCFTR (56ed086f1300ecb1e6f67ac43955e5e9) C:\Windows\system32\Drivers\UVCFTR_S.SYS
13:05:11.0222 4436 UVCFTR - ok
13:05:11.0282 4436 vga (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys
13:05:11.0283 4436 vga - ok
13:05:11.0350 4436 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys
13:05:11.0367 4436 VgaSave - ok
13:05:11.0418 4436 viaide (8294b6c3fdb6c33f24e150de647ecdaa) C:\Windows\system32\drivers\viaide.sys
13:05:11.0420 4436 viaide - ok
13:05:11.0463 4436 volmgr (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys
13:05:11.0465 4436 volmgr - ok
13:05:11.0568 4436 volmgrx (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys
13:05:11.0576 4436 volmgrx - ok
13:05:11.0704 4436 volsnap (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys
13:05:11.0710 4436 volsnap - ok
13:05:11.0789 4436 vsmraid (a68f455ed2673835209318dd61bfbb0e) C:\Windows\system32\drivers\vsmraid.sys
13:05:11.0793 4436 vsmraid - ok
13:05:11.0827 4436 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys
13:05:11.0829 4436 WacomPen - ok
13:05:11.0953 4436 Wanarp (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
13:05:11.0955 4436 Wanarp - ok
13:05:11.0961 4436 Wanarpv6 (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
13:05:11.0962 4436 Wanarpv6 - ok
13:05:12.0016 4436 Wd (0c17a0816f65b89e362e682ad5e7266e) C:\Windows\system32\drivers\wd.sys
13:05:12.0035 4436 Wd - ok
13:05:12.0114 4436 Wdf01000 (d02e7e4567da1e7582fbf6a91144b0df) C:\Windows\system32\drivers\Wdf01000.sys
13:05:12.0132 4436 Wdf01000 - ok
13:05:12.0465 4436 WinUSB (7f2f9e48566b2087f2aaad258cb2a8d4) C:\Windows\system32\DRIVERS\WinUSB.sys
13:05:12.0488 4436 WinUSB - ok
13:05:12.0593 4436 WmiAcpi (e18aebaaa5a773fe11aa2c70f65320f5) C:\Windows\system32\DRIVERS\wmiacpi.sys
13:05:12.0618 4436 WmiAcpi - ok
13:05:12.0729 4436 WpdUsb (5e2401b3fc1089c90e081291357371a9) C:\Windows\system32\DRIVERS\wpdusb.sys
13:05:12.0755 4436 WpdUsb - ok
13:05:12.0854 4436 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys
13:05:12.0855 4436 ws2ifsl - ok
13:05:12.0961 4436 WUDFRd (501a65252617b495c0f1832f908d54d8) C:\Windows\system32\DRIVERS\WUDFRd.sys
13:05:12.0964 4436 WUDFRd - ok
13:05:13.0024 4436 yukonx64 (595733500423567d301f013605e3f083) C:\Windows\system32\DRIVERS\yk60x64.sys
13:05:13.0034 4436 yukonx64 - ok
13:05:13.0059 4436 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
13:05:13.0079 4436 \Device\Harddisk0\DR0 - ok
13:05:13.0088 4436 Boot (0x1200) (0651fe47c91093fd24bd40d358592e21) \Device\Harddisk0\DR0\Partition0
13:05:13.0090 4436 \Device\Harddisk0\DR0\Partition0 - ok
13:05:13.0091 4436 ============================================================
13:05:13.0091 4436 Scan finished
13:05:13.0091 4436 ============================================================
13:05:13.0093 2504 Detected object count: 0
13:05:13.0093 2504 Actual detected object count: 0

#13 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,703 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:02:20 PM

Posted 13 November 2011 - 04:13 PM

Now try the reboot as we have no other option left and the system is pretty clean.

#14 slo_805

slo_805
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Local time:04:20 AM

Posted 13 November 2011 - 04:58 PM

The reboot went through with no problems. Should I go back and turn windows update on? Also is there anything else I need to do now?

#15 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,703 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:02:20 PM

Posted 13 November 2011 - 05:04 PM

Please wait a while, when we are done you may enable the automatic update.

There are some AVG leftover we want to remove and also take a look at vulnerabilities.

Please download OTL by OldTimer.
  • Save it to your desktop.
  • Double click on the OTL icon on your desktop.
  • Check the "Scan All Users" checkbox.
  • Check the "Standard Output".
  • Click Run Scan button.
  • Two reports will open:
    • OTL.txt <-- Will be opened
    • Extra.txt <-- Will be minimized
  • Copy and paste OTL.txt and attach Extra.txt to your reply.

FYI: It is too late here and I'm going to sleep. I see log over over tomorrow and we will round off.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users