Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

google redirects and random music/sounds


  • This topic is locked This topic is locked
4 replies to this topic

#1 matt2012

matt2012

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:10:08 AM

Posted 20 November 2011 - 10:00 PM

it has been a long time since I ran into an infection that I could not get rid of with the free tools available on the internet but this one has beat me :(

I get redirected when clicking on links in google and every once in a while, normally when internet explorer is open for a long time, I get random music/advertisments playing through the speakers. the processor usage jumps to 50-60% when this happens.

there is a program that hangs at shutdown and you have to froce it to close but there is nothing display about what program.

I have tried everything I know to find the cluprit but nothing works. I am turning to you...the malware removal gods for help.

teach me, mold me..I am blank slate.


windows 7 home premium
IE 9

Edited by matt2012, 20 November 2011 - 10:01 PM.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:08 AM

Posted 20 November 2011 - 11:08 PM

Hello and welcome. You may have a couple items.

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.


Next run MBAM (MalwareBytes):

Please download Malwarebytes Anti-Malware and save it to your desktop.
Download Link 1
Download Link 2MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
    For instructions with screenshots, please refer to the How to use Malwarebytes' Anti-Malware Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
  • Make sure the "Perform Quick Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  • Exit MBAM when done.
Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.

Troubleshoot Malwarebytes' Anti-Malware



Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
Be sure to download TDSSKiller.exe (2.6.11.0) from Kaspersky's website and not TDSSKiller.zip which appears to be an older version 2.3.2.2 of the tool.
  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.


If TDSSKiller does not run, try renaming it. To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to these[/color] instructions. [color=green]In some cases it may be necessary to redownload TDSSKiller and randomly rename it before downloading and saving to the computer.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 matt2012

matt2012
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:10:08 AM

Posted 21 November 2011 - 08:15 PM

Malwarebytes was clean and TDSS was clean

Never used Minitoolbox hope these logs help




MiniToolBox by Farbar
Ran by Kristin (administrator) on 21-11-2011 at 20:02:51
Windows 7 Home Premium Service Pack 1 (X64)

***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
Hosts file not detected in the default directory
========================= IP Configuration: ================================

Atheros AR8152 PCI-E Fast Ethernet Controller = Local Area Connection (Connected)
VMware Virtual Ethernet Adapter for VMnet1 = VMware Network Adapter VMnet1 (Connected)
VMware Virtual Ethernet Adapter for VMnet8 = VMware Network Adapter VMnet8 (Connected)
Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC = Wireless Network Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add address name="VMware Network Adapter VMnet1" address=192.168.190.1 mask=255.255.255.0
add address name="VMware Network Adapter VMnet8" address=192.168.80.1 mask=255.255.255.0


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Kristin-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : neo.rr.com

Wireless LAN adapter Wireless Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC
Physical Address. . . . . . . . . : 1C-65-9D-A9-AF-36
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : neo.rr.com
Description . . . . . . . . . . . : Atheros AR8152 PCI-E Fast Ethernet Controller
Physical Address. . . . . . . . . : 60-EB-69-9C-10-A8
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::f8bf:fc40:bfa5:4d22%10(Preferred)
IPv4 Address. . . . . . . . . . . : 75.179.31.179(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.240.0
Lease Obtained. . . . . . . . . . : Monday, November 21, 2011 7:59:57 PM
Lease Expires . . . . . . . . . . : Monday, November 21, 2011 8:34:04 PM
Default Gateway . . . . . . . . . : 75.179.16.1
DHCP Server . . . . . . . . . . . : 10.52.64.1
DHCPv6 IAID . . . . . . . . . . . : 241232745
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-8A-70-54-60-EB-69-9C-10-A8
DNS Servers . . . . . . . . . . . : 209.18.47.61
209.18.47.62
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter VMware Network Adapter VMnet1:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : VMware Virtual Ethernet Adapter for VMnet1
Physical Address. . . . . . . . . : 00-50-56-C0-00-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::a861:3750:f0af:7850%15(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.190.1(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
DHCPv6 IAID . . . . . . . . . . . : 536891478
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-8A-70-54-60-EB-69-9C-10-A8
DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter VMware Network Adapter VMnet8:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : VMware Virtual Ethernet Adapter for VMnet8
Physical Address. . . . . . . . . : 00-50-56-C0-00-08
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::e0e1:f000:4d39:32de%16(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.80.1(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
DHCPv6 IAID . . . . . . . . . . . : 570445910
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-8A-70-54-60-EB-69-9C-10-A8
DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.neo.rr.com:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : neo.rr.com
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter 6TO4 Adapter:

Connection-specific DNS Suffix . : neo.rr.com
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2002:4bb3:1fb3::4bb3:1fb3(Preferred)
Default Gateway . . . . . . . . . : 2002:c058:6301::c058:6301
DNS Servers . . . . . . . . . . . : 209.18.47.61
209.18.47.62
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{10076129-97D3-469B-85C3-FB8E0542657E}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{A10D40E1-5A17-49FB-BEB3-E17B99737F77}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{7C048F88-6266-47B8-B360-AE6797AA513C}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: dns-cac-lb-01.rr.com
Address: 209.18.47.61

Name: google.com
Addresses: 74.125.225.83
74.125.225.84
74.125.225.80
74.125.225.81
74.125.225.82


Pinging google.com [74.125.225.84] with 32 bytes of data:
Reply from 74.125.225.84: bytes=32 time=33ms TTL=50
Reply from 74.125.225.84: bytes=32 time=31ms TTL=50

Ping statistics for 74.125.225.84:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 31ms, Maximum = 33ms, Average = 32ms
Server: dns-cac-lb-01.rr.com
Address: 209.18.47.61

Name: yahoo.com
Addresses: 98.137.149.56
98.139.180.149
209.191.122.70
72.30.2.43


Pinging yahoo.com [98.137.149.56] with 32 bytes of data:
Reply from 98.137.149.56: bytes=32 time=86ms TTL=46
Reply from 98.137.149.56: bytes=32 time=122ms TTL=46

Ping statistics for 98.137.149.56:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 86ms, Maximum = 122ms, Average = 104ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
11...1c 65 9d a9 af 36 ......Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC
10...60 eb 69 9c 10 a8 ......Atheros AR8152 PCI-E Fast Ethernet Controller
15...00 50 56 c0 00 01 ......VMware Virtual Ethernet Adapter for VMnet1
16...00 50 56 c0 00 08 ......VMware Virtual Ethernet Adapter for VMnet8
1...........................Software Loopback Interface 1
13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
20...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 75.179.16.1 75.179.31.179 20
75.179.16.0 255.255.240.0 On-link 75.179.31.179 276
75.179.31.179 255.255.255.255 On-link 75.179.31.179 276
75.179.31.255 255.255.255.255 On-link 75.179.31.179 276
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.80.0 255.255.255.0 On-link 192.168.80.1 276
192.168.80.1 255.255.255.255 On-link 192.168.80.1 276
192.168.80.255 255.255.255.255 On-link 192.168.80.1 276
192.168.190.0 255.255.255.0 On-link 192.168.190.1 276
192.168.190.1 255.255.255.255 On-link 192.168.190.1 276
192.168.190.255 255.255.255.255 On-link 192.168.190.1 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 75.179.31.179 276
224.0.0.0 240.0.0.0 On-link 192.168.190.1 276
224.0.0.0 240.0.0.0 On-link 192.168.80.1 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 75.179.31.179 276
255.255.255.255 255.255.255.255 On-link 192.168.190.1 276
255.255.255.255 255.255.255.255 On-link 192.168.80.1 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
20 1125 ::/0 2002:c058:6301::c058:6301
1 306 ::1/128 On-link
20 1025 2002::/16 On-link
20 281 2002:4bb3:1fb3::4bb3:1fb3/128
On-link
10 276 fe80::/64 On-link
15 276 fe80::/64 On-link
16 276 fe80::/64 On-link
15 276 fe80::a861:3750:f0af:7850/128
On-link
16 276 fe80::e0e1:f000:4d39:32de/128
On-link
10 276 fe80::f8bf:fc40:bfa5:4d22/128
On-link
1 306 ff00::/8 On-link
10 276 ff00::/8 On-link
15 276 ff00::/8 On-link
16 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 08 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Program Files (x86)\VMware\VMware Player\vsocklib.dll [346736] (VMware, Inc.)
Catalog9 12 C:\Program Files (x86)\VMware\VMware Player\vsocklib.dll [346736] (VMware, Inc.)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 08 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Program Files (x86)\VMware\VMware Player\x64\vsocklib.dll [446576] (VMware, Inc.)
x64-Catalog9 12 C:\Program Files (x86)\VMware\VMware Player\x64\vsocklib.dll [446576] (VMware, Inc.)

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/21/2011 11:42:52 AM) (Source: Toshiba App Place) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (11/20/2011 08:50:38 PM) (Source: Toshiba App Place) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (11/20/2011 06:24:39 PM) (Source: Application Hang) (User: )
Description: The program mbam.exe version 1.51.0.1118 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: b20

Start Time: 01cca7db25b6cdce

Termination Time: 7

Application Path: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

Report Id:

Error: (11/20/2011 05:43:51 PM) (Source: Toshiba App Place) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (11/20/2011 04:43:14 PM) (Source: Toshiba App Place) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (11/18/2011 11:27:13 PM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 9.0.8112.16421, time stamp: 0x4d76255d
Faulting module name: AcroRd32.dll_unloaded, version: 0.0.0.0, time stamp: 0x4c6584e8
Exception code: 0xc000041d
Fault offset: 0x69b48155
Faulting process id: 0xa84
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (11/18/2011 11:27:00 PM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 9.0.8112.16421, time stamp: 0x4d76255d
Faulting module name: AcroRd32.dll_unloaded, version: 0.0.0.0, time stamp: 0x4c6584e8
Exception code: 0xc0000005
Fault offset: 0x69b48155
Faulting process id: 0xa84
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (11/16/2011 10:20:27 PM) (Source: Application Error) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0000000000e440ae
Faulting process id: 0xb08
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3

Error: (11/15/2011 10:58:17 PM) (Source: Application Error) (User: )
Description: Faulting application name: RootkitRevealer.exe, version: 1.71.0.0, time stamp: 0x44e255aa
Faulting module name: RootkitRevealer.exe, version: 1.71.0.0, time stamp: 0x44e255aa
Exception code: 0xc0000005
Fault offset: 0x000040cd
Faulting process id: 0x14c4
Faulting application start time: 0xRootkitRevealer.exe0
Faulting application path: RootkitRevealer.exe1
Faulting module path: RootkitRevealer.exe2
Report Id: RootkitRevealer.exe3

Error: (11/15/2011 10:57:51 PM) (Source: Application Error) (User: )
Description: Faulting application name: RootkitRevealer.exe, version: 1.71.0.0, time stamp: 0x44e255aa
Faulting module name: RootkitRevealer.exe, version: 1.71.0.0, time stamp: 0x44e255aa
Exception code: 0xc0000005
Fault offset: 0x000040cd
Faulting process id: 0xc04
Faulting application start time: 0xRootkitRevealer.exe0
Faulting application path: RootkitRevealer.exe1
Faulting module path: RootkitRevealer.exe2
Report Id: RootkitRevealer.exe3


System errors:
=============
Error: (11/21/2011 08:00:02 PM) (Source: Microsoft-Windows-DNS-Client) (User: NETWORK SERVICE)
Description: There was an error while attempting to read the local hosts file.

Error: (11/21/2011 07:59:58 PM) (Source: Microsoft-Windows-DNS-Client) (User: NETWORK SERVICE)
Description: There was an error while attempting to read the local hosts file.

Error: (11/21/2011 07:59:57 PM) (Source: Microsoft-Windows-DNS-Client) (User: NETWORK SERVICE)
Description: There was an error while attempting to read the local hosts file.

Error: (11/21/2011 07:59:57 PM) (Source: Microsoft-Windows-DNS-Client) (User: NETWORK SERVICE)
Description: There was an error while attempting to read the local hosts file.

Error: (11/21/2011 07:59:55 PM) (Source: Microsoft-Windows-DNS-Client) (User: NETWORK SERVICE)
Description: There was an error while attempting to read the local hosts file.

Error: (11/21/2011 07:53:30 PM) (Source: Microsoft-Windows-DNS-Client) (User: NETWORK SERVICE)
Description: There was an error while attempting to read the local hosts file.

Error: (11/21/2011 07:52:35 PM) (Source: Microsoft-Windows-DNS-Client) (User: NETWORK SERVICE)
Description: There was an error while attempting to read the local hosts file.

Error: (11/21/2011 07:52:32 PM) (Source: Microsoft-Windows-DNS-Client) (User: NETWORK SERVICE)
Description: There was an error while attempting to read the local hosts file.

Error: (11/21/2011 07:52:31 PM) (Source: Microsoft-Windows-DNS-Client) (User: NETWORK SERVICE)
Description: There was an error while attempting to read the local hosts file.

Error: (11/21/2011 07:52:31 PM) (Source: Microsoft-Windows-DNS-Client) (User: NETWORK SERVICE)
Description: There was an error while attempting to read the local hosts file.


Microsoft Office Sessions:
=========================
Error: (11/21/2011 11:42:52 AM) (Source: Toshiba App Place)(User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (11/20/2011 08:50:38 PM) (Source: Toshiba App Place)(User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (11/20/2011 06:24:39 PM) (Source: Application Hang)(User: )
Description: mbam.exe1.51.0.1118b2001cca7db25b6cdce7C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

Error: (11/20/2011 05:43:51 PM) (Source: Toshiba App Place)(User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (11/20/2011 04:43:14 PM) (Source: Toshiba App Place)(User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (11/18/2011 11:27:13 PM) (Source: Application Error)(User: )
Description: iexplore.exe9.0.8112.164214d76255dAcroRd32.dll_unloaded0.0.0.04c6584e8c000041d69b48155a8401cca6690dd29d9dC:\Program Files (x86)\Internet Explorer\iexplore.exeAcroRd32.dllc0511af4-1266-11e1-99d4-005056c00008

Error: (11/18/2011 11:27:00 PM) (Source: Application Error)(User: )
Description: iexplore.exe9.0.8112.164214d76255dAcroRd32.dll_unloaded0.0.0.04c6584e8c000000569b48155a8401cca6690dd29d9dC:\Program Files (x86)\Internet Explorer\iexplore.exeAcroRd32.dllb8cfc6e3-1266-11e1-99d4-005056c00008

Error: (11/16/2011 10:20:27 PM) (Source: Application Error)(User: )
Description: Explorer.EXE6.1.7601.175674d672ee4unknown0.0.0.000000000c00000050000000000e440aeb0801cca33e91a359fcC:\windows\Explorer.EXEunknown17ebf3ae-10cb-11e1-99d4-005056c00008

Error: (11/15/2011 10:58:17 PM) (Source: Application Error)(User: )
Description: RootkitRevealer.exe1.71.0.044e255aaRootkitRevealer.exe1.71.0.044e255aac0000005000040cd14c401cca413f8ba06e9C:\Users\Kristin\Desktop\New folder\RootkitRevealer.exeC:\Users\Kristin\Desktop\New folder\RootkitRevealer.exe3680c0ec-1007-11e1-99d4-005056c00008

Error: (11/15/2011 10:57:51 PM) (Source: Application Error)(User: )
Description: RootkitRevealer.exe1.71.0.044e255aaRootkitRevealer.exe1.71.0.044e255aac0000005000040cdc0401cca413e99fb7b2C:\Users\Kristin\Desktop\New folder\RootkitRevealer.exeC:\Users\Kristin\Desktop\New folder\RootkitRevealer.exe275f4d94-1007-11e1-99d4-005056c00008


=========================== Installed Programs ============================

Adobe Flash Player 10 Plugin (Version: 10.1.82.76)
Adobe Flash Player 11 ActiveX (Version: 11.0.1.152)
Adobe Reader 9.3.4 (Version: 9.3.4)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (Version: 1.0.0.26)
avast! Free Antivirus (Version: 6.0.1289.0)
Best Buy pc app (Version: 3.0.0.0)
Caesar 3
CDBurnerXP (Version: 4.3.9.2783)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
Conexant HD Audio (Version: 4.119.0.60)
D3DX10 (Version: 15.4.2368.0902)
Definition update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Google Chrome (Version: 15.0.874.121)
Google Update Helper (Version: 1.3.21.79)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.2189)
Intel® Management Engine Components (Version: 6.0.0.1179)
Intel® Rapid Storage Technology (Version: 9.6.1.1001)
Java™ 6 Update 17 (Version: 6.0.170)
Junk Mail filter update (Version: 15.4.3502.0922)
Kaspersky Anti-Virus 2011 (Version: 11.0.2.556)
Label@Once 1.0 (Version: 1.0)
Malwarebytes' Anti-Malware version 1.51.2.1300 (Version: 1.51.2.1300)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Home and Student 2010 (Version: 14.0.4763.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.4763.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.4763.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.4763.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Single Image 2010 (Version: 14.0.4763.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Silverlight (Version: 4.0.60831.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
mIRC (Version: 7.19)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
PlayReady PC Runtime amd64 (Version: 1.3.0)
PlayReady PC Runtime x86 (Version: 1.3.0)
Rapala Pro Fishing (Version: 1.0.0)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30113)
Realtek WLAN Driver (Version: 2.00.0011)
Synaptics Pointing Device Driver (Version: 15.0.8.1)
tools-windows (Version: 8.4.6.16648)
Toshiba App Place (Version: 1.0.6.3)
TOSHIBA Application Installer (Version: 9.0.1.1)
TOSHIBA Assist (Version: 3.00.11)
Toshiba Book Place (Version: 2.0.5271)
TOSHIBA Bulletin Board (Version: 1.6.06.64)
TOSHIBA Disc Creator (Version: 2.1.0.2 for x64)
TOSHIBA eco Utility (Version: 1.2.7.64)
TOSHIBA Face Recognition (Version: 3.1.3.64)
TOSHIBA Hardware Setup (Version: 4.03.02.00)
TOSHIBA HDD/SSD Alert (Version: 3.1.64.6)
TOSHIBA Media Controller (Version: 1.0.80.3.64)
TOSHIBA Media Controller Plug-in (Version: 1.0.4.9)
TOSHIBA PC Health Monitor (Version: 1.6.0.64)
TOSHIBA Quality Application (Version: 1.0.3)
TOSHIBA Recovery Media Creator (Version: 2.1.0.4 for x64)
TOSHIBA ReelTime (Version: 1.6.05.64)
TOSHIBA Service Station (Version: 2.1.40)
TOSHIBA Supervisor Password (Version: 4.03.02.00)
TOSHIBA Value Added Package (Version: 1.3.19.64)
TOSHIBA Web Camera Application (Version: 1.1.1.15)
ToshibaRegistration (Version: 1.0.4)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft Office 2010 (KB2202188)
Update for Microsoft Office 2010 (KB2413186)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2523113)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft OneNote 2010 (KB2493983)
Update for Microsoft Outlook Social Connector (KB2583935)
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
VMware Player (Version: 3.1.4.16648)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinRAR 4.10 beta 3 (64-bit) (Version: 4.10.3)

========================= Memory info: ===================================

Percentage of memory in use: 54%
Total physical RAM: 2933.86 MB
Available physical RAM: 1346.96 MB
Total Pagefile: 5865.91 MB
Available Pagefile: 4012.96 MB
Total Virtual: 4095.88 MB
Available Virtual: 3960.58 MB

========================= Partitions: =====================================

1 Drive c: (TI106033W0C) (Fixed) (Total:284.9 GB) (Free:249.13 GB) NTFS

========================= Users: ========================================

User accounts for \\KRISTIN-PC

__vmware_user__ Administrator Guest
Kristin

========================= Minidump Files ==================================

No minidump file found

**** End of log ****


Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 8202

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

11/21/2011 8:09:59 PM
mbam-log-2011-11-21 (20-09-58).txt

Scan type: Quick scan
Objects scanned: 178019
Time elapsed: 4 minute(s), 38 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


20:11:33.0606 4784 TDSS rootkit removing tool 2.6.19.0 Nov 16 2011 12:18:50
20:11:34.0152 4784 ============================================================
20:11:34.0152 4784 Current date / time: 2011/11/21 20:11:34.0152
20:11:34.0152 4784 SystemInfo:
20:11:34.0152 4784
20:11:34.0152 4784 OS Version: 6.1.7601 ServicePack: 1.0
20:11:34.0152 4784 Product type: Workstation
20:11:34.0152 4784 ComputerName: KRISTIN-PC
20:11:34.0152 4784 UserName: Kristin
20:11:34.0152 4784 Windows directory: C:\windows
20:11:34.0152 4784 System windows directory: C:\windows
20:11:34.0152 4784 Running under WOW64
20:11:34.0152 4784 Processor architecture: Intel x64
20:11:34.0152 4784 Number of processors: 2
20:11:34.0152 4784 Page size: 0x1000
20:11:34.0152 4784 Boot type: Normal boot
20:11:34.0152 4784 ============================================================
20:11:34.0511 4784 Initialize success
20:11:47.0615 3236 ============================================================
20:11:47.0615 3236 Scan started
20:11:47.0615 3236 Mode: Manual;
20:11:47.0615 3236 ============================================================
20:11:48.0161 3236 1394ohci (a87d604aea360176311474c87a63bb88) C:\windows\system32\drivers\1394ohci.sys
20:11:48.0161 3236 1394ohci - ok
20:11:48.0208 3236 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\windows\system32\drivers\ACPI.sys
20:11:48.0208 3236 ACPI - ok
20:11:48.0302 3236 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\windows\system32\drivers\acpipmi.sys
20:11:48.0317 3236 AcpiPmi - ok
20:11:48.0380 3236 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\DRIVERS\adp94xx.sys
20:11:48.0380 3236 adp94xx - ok
20:11:48.0489 3236 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\DRIVERS\adpahci.sys
20:11:48.0489 3236 adpahci - ok
20:11:48.0551 3236 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\DRIVERS\adpu320.sys
20:11:48.0551 3236 adpu320 - ok
20:11:48.0676 3236 AFD (d5b031c308a409a0a576bff4cf083d30) C:\windows\system32\drivers\afd.sys
20:11:48.0692 3236 AFD - ok
20:11:48.0801 3236 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\drivers\agp440.sys
20:11:48.0801 3236 agp440 - ok
20:11:48.0926 3236 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\drivers\aliide.sys
20:11:48.0926 3236 aliide - ok
20:11:48.0957 3236 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\drivers\amdide.sys
20:11:48.0957 3236 amdide - ok
20:11:49.0035 3236 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\DRIVERS\amdk8.sys
20:11:49.0050 3236 AmdK8 - ok
20:11:49.0066 3236 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\DRIVERS\amdppm.sys
20:11:49.0066 3236 AmdPPM - ok
20:11:49.0097 3236 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\windows\system32\drivers\amdsata.sys
20:11:49.0113 3236 amdsata - ok
20:11:49.0191 3236 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\DRIVERS\amdsbs.sys
20:11:49.0191 3236 amdsbs - ok
20:11:49.0253 3236 amdxata (540daf1cea6094886d72126fd7c33048) C:\windows\system32\drivers\amdxata.sys
20:11:49.0253 3236 amdxata - ok
20:11:49.0347 3236 AppID (89a69c3f2f319b43379399547526d952) C:\windows\system32\drivers\appid.sys
20:11:49.0362 3236 AppID - ok
20:11:49.0425 3236 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\DRIVERS\arc.sys
20:11:49.0425 3236 arc - ok
20:11:49.0534 3236 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\DRIVERS\arcsas.sys
20:11:49.0534 3236 arcsas - ok
20:11:49.0643 3236 aswFsBlk (5a68b880c16ad5a6aa20b49a47ffff24) C:\windows\system32\drivers\aswFsBlk.sys
20:11:49.0643 3236 aswFsBlk - ok
20:11:49.0674 3236 aswMonFlt (230613be2d3da8053879be5ed2848f2d) C:\windows\system32\drivers\aswMonFlt.sys
20:11:49.0674 3236 aswMonFlt - ok
20:11:49.0737 3236 aswRdr (0dc1996ae4178d7d14744ef6b3082313) C:\windows\system32\drivers\aswRdr.sys
20:11:49.0737 3236 aswRdr - ok
20:11:49.0815 3236 aswSnx (b6ff911c23775cdfdd49612d92637af4) C:\windows\system32\drivers\aswSnx.sys
20:11:49.0830 3236 aswSnx - ok
20:11:49.0924 3236 aswSP (5a590d8516376aed1829fc07d3bdaa4b) C:\windows\system32\drivers\aswSP.sys
20:11:49.0924 3236 aswSP - ok
20:11:49.0955 3236 aswTdi (3239c0082fb0c1c4ee323730b85690a5) C:\windows\system32\drivers\aswTdi.sys
20:11:49.0955 3236 aswTdi - ok
20:11:50.0064 3236 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys
20:11:50.0064 3236 AsyncMac - ok
20:11:50.0111 3236 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\drivers\atapi.sys
20:11:50.0111 3236 atapi - ok
20:11:50.0283 3236 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\DRIVERS\bxvbda.sys
20:11:50.0283 3236 b06bdrv - ok
20:11:50.0408 3236 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys
20:11:50.0408 3236 b57nd60a - ok
20:11:50.0454 3236 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys
20:11:50.0454 3236 Beep - ok
20:11:50.0548 3236 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys
20:11:50.0548 3236 blbdrive - ok
20:11:50.0595 3236 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\windows\system32\DRIVERS\bowser.sys
20:11:50.0595 3236 bowser - ok
20:11:50.0642 3236 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\DRIVERS\BrFiltLo.sys
20:11:50.0642 3236 BrFiltLo - ok
20:11:50.0720 3236 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\DRIVERS\BrFiltUp.sys
20:11:50.0720 3236 BrFiltUp - ok
20:11:50.0782 3236 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys
20:11:50.0798 3236 Brserid - ok
20:11:50.0860 3236 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys
20:11:50.0860 3236 BrSerWdm - ok
20:11:50.0922 3236 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys
20:11:50.0922 3236 BrUsbMdm - ok
20:11:50.0954 3236 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys
20:11:50.0954 3236 BrUsbSer - ok
20:11:50.0969 3236 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\DRIVERS\bthmodem.sys
20:11:50.0969 3236 BTHMODEM - ok
20:11:51.0047 3236 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys
20:11:51.0047 3236 cdfs - ok
20:11:51.0125 3236 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\windows\system32\drivers\cdrom.sys
20:11:51.0125 3236 cdrom - ok
20:11:51.0203 3236 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\DRIVERS\circlass.sys
20:11:51.0203 3236 circlass - ok
20:11:51.0281 3236 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys
20:11:51.0281 3236 CLFS - ok
20:11:51.0406 3236 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys
20:11:51.0406 3236 CmBatt - ok
20:11:51.0437 3236 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\drivers\cmdide.sys
20:11:51.0437 3236 cmdide - ok
20:11:51.0546 3236 CNG (d5fea92400f12412b3922087c09da6a5) C:\windows\system32\Drivers\cng.sys
20:11:51.0562 3236 CNG - ok
20:11:51.0671 3236 CnxtHdAudService (25c58ee97be0416a373e3e4f855206b5) C:\windows\system32\drivers\CHDRT64.sys
20:11:51.0687 3236 CnxtHdAudService - ok
20:11:51.0796 3236 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\DRIVERS\compbatt.sys
20:11:51.0796 3236 Compbatt - ok
20:11:51.0812 3236 CompositeBus (03edb043586cceba243d689bdda370a8) C:\windows\system32\drivers\CompositeBus.sys
20:11:51.0827 3236 CompositeBus - ok
20:11:51.0921 3236 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\DRIVERS\crcdisk.sys
20:11:51.0921 3236 crcdisk - ok
20:11:52.0061 3236 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\windows\system32\Drivers\dfsc.sys
20:11:52.0061 3236 DfsC - ok
20:11:52.0124 3236 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys
20:11:52.0124 3236 discache - ok
20:11:52.0233 3236 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\DRIVERS\disk.sys
20:11:52.0233 3236 Disk - ok
20:11:52.0280 3236 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys
20:11:52.0280 3236 drmkaud - ok
20:11:52.0358 3236 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\windows\System32\drivers\dxgkrnl.sys
20:11:52.0373 3236 DXGKrnl - ok
20:11:52.0545 3236 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\DRIVERS\evbda.sys
20:11:52.0638 3236 ebdrv - ok
20:11:52.0763 3236 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\DRIVERS\elxstor.sys
20:11:52.0763 3236 elxstor - ok
20:11:52.0872 3236 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\drivers\errdev.sys
20:11:52.0872 3236 ErrDev - ok
20:11:52.0935 3236 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys
20:11:52.0950 3236 exfat - ok
20:11:53.0028 3236 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys
20:11:53.0044 3236 fastfat - ok
20:11:53.0075 3236 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\DRIVERS\fdc.sys
20:11:53.0075 3236 fdc - ok
20:11:53.0169 3236 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys
20:11:53.0169 3236 FileInfo - ok
20:11:53.0200 3236 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys
20:11:53.0200 3236 Filetrace - ok
20:11:53.0247 3236 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\DRIVERS\flpydisk.sys
20:11:53.0247 3236 flpydisk - ok
20:11:53.0356 3236 FltMgr (da6b67270fd9db3697b20fce94950741) C:\windows\system32\drivers\fltmgr.sys
20:11:53.0356 3236 FltMgr - ok
20:11:53.0403 3236 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys
20:11:53.0403 3236 FsDepends - ok
20:11:53.0481 3236 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\windows\system32\drivers\Fs_Rec.sys
20:11:53.0481 3236 Fs_Rec - ok
20:11:53.0528 3236 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\windows\system32\DRIVERS\fvevol.sys
20:11:53.0543 3236 fvevol - ok
20:11:53.0637 3236 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\DRIVERS\gagp30kx.sys
20:11:53.0637 3236 gagp30kx - ok
20:11:53.0777 3236 hcmon (d5fa01185a7d5a65724fd87b34e53f5b) C:\windows\system32\drivers\hcmon.sys
20:11:53.0777 3236 hcmon - ok
20:11:53.0824 3236 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys
20:11:53.0840 3236 hcw85cir - ok
20:11:53.0933 3236 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\windows\system32\drivers\HdAudio.sys
20:11:53.0949 3236 HdAudAddService - ok
20:11:53.0996 3236 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\windows\system32\drivers\HDAudBus.sys
20:11:53.0996 3236 HDAudBus - ok
20:11:54.0089 3236 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\windows\system32\DRIVERS\HECIx64.sys
20:11:54.0089 3236 HECIx64 - ok
20:11:54.0120 3236 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\DRIVERS\HidBatt.sys
20:11:54.0120 3236 HidBatt - ok
20:11:54.0136 3236 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\DRIVERS\hidbth.sys
20:11:54.0152 3236 HidBth - ok
20:11:54.0245 3236 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\DRIVERS\hidir.sys
20:11:54.0261 3236 HidIr - ok
20:11:54.0323 3236 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\windows\system32\drivers\hidusb.sys
20:11:54.0323 3236 HidUsb - ok
20:11:54.0432 3236 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\windows\system32\drivers\HpSAMD.sys
20:11:54.0432 3236 HpSAMD - ok
20:11:54.0510 3236 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\windows\system32\drivers\HTTP.sys
20:11:54.0526 3236 HTTP - ok
20:11:54.0604 3236 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\windows\system32\drivers\hwpolicy.sys
20:11:54.0620 3236 hwpolicy - ok
20:11:54.0666 3236 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\drivers\i8042prt.sys
20:11:54.0666 3236 i8042prt - ok
20:11:54.0776 3236 iaStor (5e60dd5f090ab4a563c7204c289c4650) C:\windows\system32\DRIVERS\iaStor.sys
20:11:54.0791 3236 iaStor - ok
20:11:54.0885 3236 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\windows\system32\drivers\iaStorV.sys
20:11:54.0900 3236 iaStorV - ok
20:11:55.0212 3236 igfx (1be8d9ca4f2363b8e8015621878e0043) C:\windows\system32\DRIVERS\igdkmd64.sys
20:11:55.0400 3236 igfx - ok
20:11:55.0493 3236 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\DRIVERS\iirsp.sys
20:11:55.0493 3236 iirsp - ok
20:11:55.0587 3236 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\windows\system32\DRIVERS\Impcd.sys
20:11:55.0587 3236 Impcd - ok
20:11:55.0649 3236 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\drivers\intelide.sys
20:11:55.0665 3236 intelide - ok
20:11:55.0712 3236 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys
20:11:55.0727 3236 intelppm - ok
20:11:55.0805 3236 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\windows\system32\DRIVERS\ipfltdrv.sys
20:11:55.0805 3236 IpFilterDriver - ok
20:11:55.0899 3236 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\windows\system32\drivers\IPMIDrv.sys
20:11:55.0899 3236 IPMIDRV - ok
20:11:55.0992 3236 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys
20:11:55.0992 3236 IPNAT - ok
20:11:56.0024 3236 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys
20:11:56.0039 3236 IRENUM - ok
20:11:56.0055 3236 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\drivers\isapnp.sys
20:11:56.0055 3236 isapnp - ok
20:11:56.0133 3236 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\windows\system32\drivers\msiscsi.sys
20:11:56.0133 3236 iScsiPrt - ok
20:11:56.0195 3236 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\drivers\kbdclass.sys
20:11:56.0195 3236 kbdclass - ok
20:11:56.0258 3236 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\windows\system32\drivers\kbdhid.sys
20:11:56.0273 3236 kbdhid - ok
20:11:56.0414 3236 KL1 (8d7120743a0973ceab548b475c9d4289) C:\windows\system32\DRIVERS\kl1.sys
20:11:56.0414 3236 KL1 - ok
20:11:56.0523 3236 kl2 (cd146d8e525d6eebdcaf24120a8ab9ce) C:\windows\system32\DRIVERS\kl2.sys
20:11:56.0523 3236 kl2 - ok
20:11:56.0632 3236 KLIF (c1786c2f8de0f62e076f7ef8dea4e87a) C:\windows\system32\DRIVERS\klif.sys
20:11:56.0632 3236 KLIF - ok
20:11:56.0757 3236 KLIM6 (2a64b3a9eed93a2e96537b67c079fc96) C:\windows\system32\DRIVERS\klim6.sys
20:11:56.0757 3236 KLIM6 - ok
20:11:56.0835 3236 klmouflt (9468d07e91ba136d82415f5dfc1fe168) C:\windows\system32\DRIVERS\klmouflt.sys
20:11:56.0835 3236 klmouflt - ok
20:11:56.0897 3236 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\windows\system32\Drivers\ksecdd.sys
20:11:56.0897 3236 KSecDD - ok
20:11:56.0944 3236 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\windows\system32\Drivers\ksecpkg.sys
20:11:56.0960 3236 KSecPkg - ok
20:11:57.0038 3236 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys
20:11:57.0038 3236 ksthunk - ok
20:11:57.0100 3236 L1C (55480b9c63f3f91a8ebbadcbf28fe581) C:\windows\system32\DRIVERS\L1C62x64.sys
20:11:57.0100 3236 L1C - ok
20:11:57.0209 3236 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys
20:11:57.0209 3236 lltdio - ok
20:11:57.0318 3236 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\DRIVERS\lsi_fc.sys
20:11:57.0334 3236 LSI_FC - ok
20:11:57.0350 3236 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\DRIVERS\lsi_sas.sys
20:11:57.0350 3236 LSI_SAS - ok
20:11:57.0365 3236 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\DRIVERS\lsi_sas2.sys
20:11:57.0365 3236 LSI_SAS2 - ok
20:11:57.0474 3236 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\DRIVERS\lsi_scsi.sys
20:11:57.0474 3236 LSI_SCSI - ok
20:11:57.0506 3236 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys
20:11:57.0506 3236 luafv - ok
20:11:57.0584 3236 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\DRIVERS\megasas.sys
20:11:57.0599 3236 megasas - ok
20:11:57.0646 3236 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\DRIVERS\MegaSR.sys
20:11:57.0646 3236 MegaSR - ok
20:11:57.0740 3236 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys
20:11:57.0755 3236 Modem - ok
20:11:57.0786 3236 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys
20:11:57.0786 3236 monitor - ok
20:11:57.0880 3236 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys
20:11:57.0880 3236 mouclass - ok
20:11:57.0958 3236 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys
20:11:57.0958 3236 mouhid - ok
20:11:58.0036 3236 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\windows\system32\drivers\mountmgr.sys
20:11:58.0036 3236 mountmgr - ok
20:11:58.0114 3236 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\windows\system32\drivers\mpio.sys
20:11:58.0114 3236 mpio - ok
20:11:58.0145 3236 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys
20:11:58.0145 3236 mpsdrv - ok
20:11:58.0223 3236 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\windows\system32\drivers\mrxdav.sys
20:11:58.0239 3236 MRxDAV - ok
20:11:58.0317 3236 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\windows\system32\DRIVERS\mrxsmb.sys
20:11:58.0317 3236 mrxsmb - ok
20:11:58.0364 3236 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\windows\system32\DRIVERS\mrxsmb10.sys
20:11:58.0364 3236 mrxsmb10 - ok
20:11:58.0457 3236 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\windows\system32\DRIVERS\mrxsmb20.sys
20:11:58.0457 3236 mrxsmb20 - ok
20:11:58.0504 3236 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\windows\system32\drivers\msahci.sys
20:11:58.0504 3236 msahci - ok
20:11:58.0551 3236 msdsm (db801a638d011b9633829eb6f663c900) C:\windows\system32\drivers\msdsm.sys
20:11:58.0551 3236 msdsm - ok
20:11:58.0660 3236 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys
20:11:58.0660 3236 Msfs - ok
20:11:58.0707 3236 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys
20:11:58.0707 3236 mshidkmdf - ok
20:11:58.0722 3236 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\drivers\msisadrv.sys
20:11:58.0738 3236 msisadrv - ok
20:11:58.0832 3236 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys
20:11:58.0832 3236 MSKSSRV - ok
20:11:58.0878 3236 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys
20:11:58.0878 3236 MSPCLOCK - ok
20:11:58.0894 3236 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys
20:11:58.0894 3236 MSPQM - ok
20:11:58.0941 3236 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\windows\system32\drivers\MsRPC.sys
20:11:58.0941 3236 MsRPC - ok
20:11:59.0034 3236 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\drivers\mssmbios.sys
20:11:59.0034 3236 mssmbios - ok
20:11:59.0081 3236 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys
20:11:59.0081 3236 MSTEE - ok
20:11:59.0159 3236 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\DRIVERS\MTConfig.sys
20:11:59.0159 3236 MTConfig - ok
20:11:59.0190 3236 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys
20:11:59.0190 3236 Mup - ok
20:11:59.0300 3236 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys
20:11:59.0300 3236 NativeWifiP - ok
20:11:59.0378 3236 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\windows\system32\drivers\ndis.sys
20:11:59.0393 3236 NDIS - ok
20:11:59.0471 3236 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys
20:11:59.0471 3236 NdisCap - ok
20:11:59.0502 3236 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys
20:11:59.0502 3236 NdisTapi - ok
20:11:59.0549 3236 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\windows\system32\DRIVERS\ndisuio.sys
20:11:59.0565 3236 Ndisuio - ok
20:11:59.0643 3236 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\windows\system32\DRIVERS\ndiswan.sys
20:11:59.0643 3236 NdisWan - ok
20:11:59.0690 3236 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\windows\system32\drivers\NDProxy.sys
20:11:59.0690 3236 NDProxy - ok
20:11:59.0736 3236 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys
20:11:59.0736 3236 NetBIOS - ok
20:11:59.0814 3236 NetBT (09594d1089c523423b32a4229263f068) C:\windows\system32\DRIVERS\netbt.sys
20:11:59.0814 3236 NetBT - ok
20:11:59.0970 3236 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\DRIVERS\nfrd960.sys
20:11:59.0970 3236 nfrd960 - ok
20:12:00.0033 3236 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys
20:12:00.0033 3236 Npfs - ok
20:12:00.0126 3236 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys
20:12:00.0126 3236 nsiproxy - ok
20:12:00.0204 3236 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\windows\system32\drivers\Ntfs.sys
20:12:00.0236 3236 Ntfs - ok
20:12:00.0314 3236 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys
20:12:00.0314 3236 Null - ok
20:12:00.0360 3236 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\windows\system32\drivers\nvraid.sys
20:12:00.0360 3236 nvraid - ok
20:12:00.0454 3236 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\windows\system32\drivers\nvstor.sys
20:12:00.0454 3236 nvstor - ok
20:12:00.0485 3236 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\drivers\nv_agp.sys
20:12:00.0501 3236 nv_agp - ok
20:12:00.0563 3236 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\drivers\ohci1394.sys
20:12:00.0563 3236 ohci1394 - ok
20:12:00.0672 3236 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\DRIVERS\parport.sys
20:12:00.0688 3236 Parport - ok
20:12:00.0750 3236 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\windows\system32\drivers\partmgr.sys
20:12:00.0750 3236 partmgr - ok
20:12:00.0797 3236 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\windows\system32\drivers\pci.sys
20:12:00.0813 3236 pci - ok
20:12:00.0844 3236 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\drivers\pciide.sys
20:12:00.0860 3236 pciide - ok
20:12:00.0906 3236 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\DRIVERS\pcmcia.sys
20:12:00.0906 3236 pcmcia - ok
20:12:00.0938 3236 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys
20:12:00.0938 3236 pcw - ok
20:12:00.0969 3236 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys
20:12:00.0984 3236 PEAUTH - ok
20:12:01.0094 3236 PGEffect (663962900e7fea522126ba287715bb4a) C:\windows\system32\DRIVERS\pgeffect.sys
20:12:01.0094 3236 PGEffect - ok
20:12:01.0187 3236 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\windows\system32\DRIVERS\raspptp.sys
20:12:01.0187 3236 PptpMiniport - ok
20:12:01.0281 3236 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\DRIVERS\processr.sys
20:12:01.0281 3236 Processor - ok
20:12:01.0343 3236 Psched (0557cf5a2556bd58e26384169d72438d) C:\windows\system32\DRIVERS\pacer.sys
20:12:01.0343 3236 Psched - ok
20:12:01.0437 3236 QIOMem (c8fcb4899f8b70cc34e0d9876a80963c) C:\windows\system32\DRIVERS\QIOMem.sys
20:12:01.0437 3236 QIOMem - ok
20:12:01.0515 3236 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\DRIVERS\ql2300.sys
20:12:01.0546 3236 ql2300 - ok
20:12:01.0624 3236 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\DRIVERS\ql40xx.sys
20:12:01.0624 3236 ql40xx - ok
20:12:01.0655 3236 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys
20:12:01.0671 3236 QWAVEdrv - ok
20:12:01.0686 3236 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys
20:12:01.0686 3236 RasAcd - ok
20:12:01.0796 3236 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys
20:12:01.0796 3236 RasAgileVpn - ok
20:12:01.0842 3236 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\windows\system32\DRIVERS\rasl2tp.sys
20:12:01.0842 3236 Rasl2tp - ok
20:12:01.0967 3236 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys
20:12:01.0967 3236 RasPppoe - ok
20:12:01.0983 3236 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys
20:12:01.0998 3236 RasSstp - ok
20:12:02.0030 3236 rdbss (77f665941019a1594d887a74f301fa2f) C:\windows\system32\DRIVERS\rdbss.sys
20:12:02.0030 3236 rdbss - ok
20:12:02.0139 3236 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\DRIVERS\rdpbus.sys
20:12:02.0139 3236 rdpbus - ok
20:12:02.0170 3236 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys
20:12:02.0170 3236 RDPCDD - ok
20:12:02.0201 3236 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys
20:12:02.0201 3236 RDPENCDD - ok
20:12:02.0279 3236 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys
20:12:02.0279 3236 RDPREFMP - ok
20:12:02.0310 3236 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\windows\system32\drivers\RDPWD.sys
20:12:02.0326 3236 RDPWD - ok
20:12:02.0373 3236 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\windows\system32\drivers\rdyboost.sys
20:12:02.0373 3236 rdyboost - ok
20:12:02.0498 3236 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys
20:12:02.0498 3236 rspndr - ok
20:12:02.0544 3236 RSUSBSTOR (3ceee53bbf8ba284ff44585cec0162fe) C:\windows\system32\Drivers\RtsUStor.sys
20:12:02.0544 3236 RSUSBSTOR - ok
20:12:02.0654 3236 rtl8192Ce (b89c0601a05e1140ac96fa965d94c340) C:\windows\system32\DRIVERS\rtl8192Ce.sys
20:12:02.0669 3236 rtl8192Ce - ok
20:12:02.0763 3236 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\windows\system32\drivers\sbp2port.sys
20:12:02.0763 3236 sbp2port - ok
20:12:02.0810 3236 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\windows\system32\DRIVERS\scfilter.sys
20:12:02.0810 3236 scfilter - ok
20:12:02.0934 3236 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys
20:12:02.0934 3236 secdrv - ok
20:12:02.0981 3236 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\DRIVERS\serenum.sys
20:12:02.0997 3236 Serenum - ok
20:12:03.0012 3236 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\DRIVERS\serial.sys
20:12:03.0028 3236 Serial - ok
20:12:03.0122 3236 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\DRIVERS\sermouse.sys
20:12:03.0122 3236 sermouse - ok
20:12:03.0168 3236 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\drivers\sffdisk.sys
20:12:03.0168 3236 sffdisk - ok
20:12:03.0215 3236 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\drivers\sffp_mmc.sys
20:12:03.0215 3236 sffp_mmc - ok
20:12:03.0309 3236 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\windows\system32\drivers\sffp_sd.sys
20:12:03.0309 3236 sffp_sd - ok
20:12:03.0356 3236 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\DRIVERS\sfloppy.sys
20:12:03.0371 3236 sfloppy - ok
20:12:03.0465 3236 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\DRIVERS\SiSRaid2.sys
20:12:03.0480 3236 SiSRaid2 - ok
20:12:03.0496 3236 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\DRIVERS\sisraid4.sys
20:12:03.0496 3236 SiSRaid4 - ok
20:12:03.0512 3236 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys
20:12:03.0512 3236 Smb - ok
20:12:03.0652 3236 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys
20:12:03.0652 3236 spldr - ok
20:12:03.0699 3236 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\windows\system32\DRIVERS\srv.sys
20:12:03.0714 3236 srv - ok
20:12:03.0824 3236 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\windows\system32\DRIVERS\srv2.sys
20:12:03.0824 3236 srv2 - ok
20:12:03.0886 3236 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\windows\system32\DRIVERS\VSTAZL6.SYS
20:12:03.0886 3236 SrvHsfHDA - ok
20:12:04.0026 3236 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\windows\system32\DRIVERS\VSTDPV6.SYS
20:12:04.0058 3236 SrvHsfV92 - ok
20:12:04.0151 3236 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\windows\system32\DRIVERS\VSTCNXT6.SYS
20:12:04.0167 3236 SrvHsfWinac - ok
20:12:04.0292 3236 srvnet (27e461f0be5bff5fc737328f749538c3) C:\windows\system32\DRIVERS\srvnet.sys
20:12:04.0292 3236 srvnet - ok
20:12:04.0354 3236 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\DRIVERS\stexstor.sys
20:12:04.0354 3236 stexstor - ok
20:12:04.0448 3236 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\drivers\swenum.sys
20:12:04.0448 3236 swenum - ok
20:12:04.0494 3236 SynTP (470c47daba9ca3966f0ab3f835d7d135) C:\windows\system32\DRIVERS\SynTP.sys
20:12:04.0510 3236 SynTP - ok
20:12:04.0650 3236 Tcpip (f0e98c00a09fdf791525829a1d14240f) C:\windows\system32\drivers\tcpip.sys
20:12:04.0682 3236 Tcpip - ok
20:12:04.0806 3236 TCPIP6 (f0e98c00a09fdf791525829a1d14240f) C:\windows\system32\DRIVERS\tcpip.sys
20:12:04.0822 3236 TCPIP6 - ok
20:12:04.0916 3236 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\windows\system32\drivers\tcpipreg.sys
20:12:04.0931 3236 tcpipreg - ok
20:12:04.0994 3236 tdcmdpst (fd542b661bd22fa69ca789ad0ac58c29) C:\windows\system32\DRIVERS\tdcmdpst.sys
20:12:05.0009 3236 tdcmdpst - ok
20:12:05.0072 3236 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys
20:12:05.0072 3236 TDPIPE - ok
20:12:05.0118 3236 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\windows\system32\drivers\tdtcp.sys
20:12:05.0118 3236 TDTCP - ok
20:12:05.0165 3236 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\windows\system32\DRIVERS\tdx.sys
20:12:05.0181 3236 tdx - ok
20:12:05.0243 3236 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\windows\system32\drivers\termdd.sys
20:12:05.0243 3236 TermDD - ok
20:12:05.0415 3236 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\windows\system32\DRIVERS\tssecsrv.sys
20:12:05.0415 3236 tssecsrv - ok
20:12:05.0446 3236 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\windows\system32\drivers\tsusbflt.sys
20:12:05.0462 3236 TsUsbFlt - ok
20:12:05.0571 3236 tunnel (3566a8daafa27af944f5d705eaa64894) C:\windows\system32\DRIVERS\tunnel.sys
20:12:05.0571 3236 tunnel - ok
20:12:05.0602 3236 TVALZ (550b567f9364d8f7684c3fb3ea665a72) C:\windows\system32\DRIVERS\TVALZ_O.SYS
20:12:05.0602 3236 TVALZ - ok
20:12:05.0696 3236 TVALZFL (9c7191f4b2e49bff47a6c1144b5923fa) C:\windows\system32\DRIVERS\TVALZFL.sys
20:12:05.0696 3236 TVALZFL - ok
20:12:05.0727 3236 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\DRIVERS\uagp35.sys
20:12:05.0727 3236 uagp35 - ok
20:12:05.0774 3236 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\windows\system32\DRIVERS\udfs.sys
20:12:05.0789 3236 udfs - ok
20:12:05.0914 3236 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\drivers\uliagpkx.sys
20:12:05.0914 3236 uliagpkx - ok
20:12:05.0961 3236 umbus (dc54a574663a895c8763af0fa1ff7561) C:\windows\system32\drivers\umbus.sys
20:12:05.0961 3236 umbus - ok
20:12:06.0070 3236 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\DRIVERS\umpass.sys
20:12:06.0070 3236 UmPass - ok
20:12:06.0132 3236 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\windows\system32\DRIVERS\usbccgp.sys
20:12:06.0132 3236 usbccgp - ok
20:12:06.0242 3236 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\drivers\usbcir.sys
20:12:06.0242 3236 usbcir - ok
20:12:06.0273 3236 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\windows\system32\drivers\usbehci.sys
20:12:06.0288 3236 usbehci - ok
20:12:06.0382 3236 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\windows\system32\DRIVERS\usbhub.sys
20:12:06.0398 3236 usbhub - ok
20:12:06.0429 3236 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\windows\system32\drivers\usbohci.sys
20:12:06.0429 3236 usbohci - ok
20:12:06.0460 3236 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys
20:12:06.0476 3236 usbprint - ok
20:12:06.0554 3236 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\windows\system32\drivers\USBSTOR.SYS
20:12:06.0569 3236 USBSTOR - ok
20:12:06.0585 3236 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\windows\system32\drivers\usbuhci.sys
20:12:06.0585 3236 usbuhci - ok
20:12:06.0663 3236 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\windows\System32\Drivers\usbvideo.sys
20:12:06.0663 3236 usbvideo - ok
20:12:06.0756 3236 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\drivers\vdrvroot.sys
20:12:06.0756 3236 vdrvroot - ok
20:12:06.0834 3236 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys
20:12:06.0834 3236 vga - ok
20:12:06.0850 3236 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys
20:12:06.0850 3236 VgaSave - ok
20:12:06.0944 3236 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\windows\system32\drivers\vhdmp.sys
20:12:06.0944 3236 vhdmp - ok
20:12:07.0006 3236 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\drivers\viaide.sys
20:12:07.0006 3236 viaide - ok
20:12:07.0115 3236 vmci (4c8a14dbd410b510a88f77cb645f2c2a) C:\windows\system32\drivers\vmci.sys
20:12:07.0115 3236 vmci - ok
20:12:07.0162 3236 vmkbd (ffc30caeeb2fc5fee8568cff74edeaed) C:\windows\system32\drivers\VMkbd.sys
20:12:07.0162 3236 vmkbd - ok
20:12:07.0256 3236 VMnetAdapter (9d54f1339e78c95bf3d9939ebcb66378) C:\windows\system32\DRIVERS\vmnetadapter.sys
20:12:07.0256 3236 VMnetAdapter - ok
20:12:07.0287 3236 VMnetBridge (fb54ef3aa613d2832fd3812e7cb2fc75) C:\windows\system32\DRIVERS\vmnetbridge.sys
20:12:07.0287 3236 VMnetBridge - ok
20:12:07.0318 3236 VMnetuserif (d0b809f6a9fb437c2b880c3ca8c10780) C:\windows\system32\drivers\vmnetuserif.sys
20:12:07.0318 3236 VMnetuserif - ok
20:12:07.0396 3236 vmx86 (541a6d6536710fd0602ec3aa24a81756) C:\windows\system32\drivers\vmx86.sys
20:12:07.0412 3236 vmx86 - ok
20:12:07.0458 3236 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\windows\system32\drivers\volmgr.sys
20:12:07.0474 3236 volmgr - ok
20:12:07.0521 3236 volmgrx (a255814907c89be58b79ef2f189b843b) C:\windows\system32\drivers\volmgrx.sys
20:12:07.0521 3236 volmgrx - ok
20:12:07.0599 3236 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\windows\system32\drivers\volsnap.sys
20:12:07.0614 3236 volsnap - ok
20:12:07.0692 3236 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\DRIVERS\vsmraid.sys
20:12:07.0692 3236 vsmraid - ok
20:12:07.0786 3236 vstor2-ws60 (e61c910e2ddf4797c1b1f9239636e894) C:\Program Files (x86)\VMware\VMware Player\vstor2-ws60.sys
20:12:07.0786 3236 vstor2-ws60 - ok
20:12:07.0864 3236 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys
20:12:07.0864 3236 vwifibus - ok
20:12:07.0911 3236 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys
20:12:07.0911 3236 vwififlt - ok
20:12:07.0973 3236 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\DRIVERS\wacompen.sys
20:12:07.0973 3236 WacomPen - ok
20:12:08.0051 3236 WANARP (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
20:12:08.0051 3236 WANARP - ok
20:12:08.0067 3236 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
20:12:08.0067 3236 Wanarpv6 - ok
20:12:08.0145 3236 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\DRIVERS\wd.sys
20:12:08.0145 3236 Wd - ok
20:12:08.0207 3236 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys
20:12:08.0223 3236 Wdf01000 - ok
20:12:08.0363 3236 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys
20:12:08.0363 3236 WfpLwf - ok
20:12:08.0394 3236 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys
20:12:08.0394 3236 WIMMount - ok
20:12:08.0535 3236 WinUsb (fe88b288356e7b47b74b13372add906d) C:\windows\system32\DRIVERS\WinUsb.sys
20:12:08.0550 3236 WinUsb - ok
20:12:08.0597 3236 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\drivers\wmiacpi.sys
20:12:08.0597 3236 WmiAcpi - ok
20:12:08.0706 3236 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys
20:12:08.0706 3236 ws2ifsl - ok
20:12:08.0769 3236 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\windows\system32\drivers\WudfPf.sys
20:12:08.0769 3236 WudfPf - ok
20:12:08.0878 3236 WUDFRd (cf8d590be3373029d57af80914190682) C:\windows\system32\DRIVERS\WUDFRd.sys
20:12:08.0894 3236 WUDFRd - ok
20:12:08.0956 3236 MBR (0x1B8) (5b5e648d12fcadc244c1ec30318e1eb9) \Device\Harddisk0\DR0
20:12:08.0972 3236 \Device\Harddisk0\DR0 - ok
20:12:08.0987 3236 Boot (0x1200) (6a4047103c82b68602958f46eec19e17) \Device\Harddisk0\DR0\Partition0
20:12:08.0987 3236 \Device\Harddisk0\DR0\Partition0 - ok
20:12:08.0987 3236 ============================================================
20:12:08.0987 3236 Scan finished
20:12:08.0987 3236 ============================================================
20:12:09.0003 5792 Detected object count: 0
20:12:09.0003 5792 Actual detected object count: 0
20:12:47.0223 1612 Deinitialize success

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:08 AM

Posted 21 November 2011 - 11:38 PM

OK, looking at the issues and erors I feel you have a BootKit infection. This requires a specific removal.

We need a deeper look. Please go here....
Preparation Guide ,do steps 6 - 9.

Create a DDS log and post it in the new topic explained in step 9,which is here Virus, Trojan, Spyware, and Malware Removal Logs and not in this topic,thanks.
If Gmer won't run,skip it and move on.
Include a link back to this topic.

Let me know if that went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,962 posts
  • ONLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:11:08 AM

Posted 26 November 2011 - 03:18 AM

Hello,

Now that you have posted a log here: http://www.bleepingcomputer.com/forums/topic429341.html you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a MRT Team member, nor should you ask for help elsewhere. Doing so can result in system changes which may not show in the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the MRT Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the MRT Team members are EXTREMELY busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the MRT Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRT Team member is already assisting you and not open the thread to respond.

Please be patient. It may take several days to get a response but your log will be reviewed and answered as soon as possible. I advise checking your topic once a day for responses as the e-mail notification system is unreliable.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

To avoid confusion, I am closing this topic. Good luck with your log.

Orange Blossom :cherry:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users