Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

An Infection Is Hiding!


  • Please log in to reply
23 replies to this topic

#1 Ms. E

Ms. E

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Indiana
  • Local time:01:12 PM

Posted 20 January 2012 - 06:05 PM

Mod Edit: Merged 3 topics initated by OP in AII ~ Hamluis.

I am going to do the best I can to explain this problem, as I do believe an earlier infection MAY BE causing these recent problems.

I started noticing that every time I searched on Google, I would get redirected to odd search sites. I used Malwarebytes and it found some trojans and removed them. However, the Google redirect continued.....actually ANY search engine I used would give me a redirect. I found away around the search problem by copying the link, pasting it and moving on. No other problems that I was "aware" of.

About a month after, I started getting a blue screen. Scanned, researched and suddenly they stopped. None others since then.

So yesterday, I grab my laptop, go to open IE9 and it pops up and withing 10 seconds the error window pops us telling me IE has encountered a problem and needs to close. Then the "Microsoft is searching for a solution" (which I never got) window closes. Try again, it flashes open and immediately closes. I ran Avira (full scan) as well as Malwarebytes (full scan) which turned up nothing. I tried downloading Google Chrome (via my daughters flash drive) and it did the exact thing that IE did.

Couldn't get into safe mode (F8) would'nt work. Finally found another site that helped me get to Safe Mode via changing my settings. Safe mode helped nothing. I have tried system restore, which comes back "system restore was not able to complete.....". I have run every self fix test Microsoft has to offer and everything is fine. I did all of my computer's self scans for hard drive etc.....all came out fine. I updated all drivers. TRIED to use my HP recovery tool but it is nowhere to be found on my computer.......so I stated looking around and alot of my files are empty. And to top everything off, I now have no sound when I try and play music or videos. The microsoft sounds, I can hear.....but nothing from the internet. (I checked everything there, it's all enabled, drivers updated) And the videos tend to freeze while still playing (hope that makes sense!)

I am ready to toss this thing out the window! Unless I can find some sort of solution I can pull off myself, I'm taking it in to *gulp* the shop. Here's my computer and OS info:

HP Pavilian G71-442 NR Notebook
Intel Graphics Media Accelerator 4500M
Windows 7

Thanks so much in advance! I am FAR from being a computer geek, but can handle step by step tasks.

Edited by hamluis, 23 January 2012 - 01:35 PM.
Merged topics.


BC AdBot (Login to Remove)

 


#2 Ms. E

Ms. E
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Indiana
  • Local time:01:12 PM

Posted 21 January 2012 - 01:11 PM

I have remembered some other things......since no one has attempted to step into this mess I call my computer....LOL!

I did try the rtkillers (back when the Google redirects started) to no avail. And I know everything is connecting to the internet fine because my anti virus and malwarebytes updates with no problems. I am getting a browser now by going through the contol panel, into internet setting, add-ons and clicking the link at the bottom to "find more browser tools".....then I have IE and it doesn't crash. I just can't opn anything from my desktop or through command or anything.

*sigh*

Thanks again.

Edited by Ms. E, 21 January 2012 - 01:11 PM.


#3 Ms. E

Ms. E
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Indiana
  • Local time:01:12 PM

Posted 22 January 2012 - 01:30 PM

I posted 3 days ago here My link and no one dared to even venture into the craziness I call my laptop....who could blame you?! it sounds like I need a priest rather than a computer wiz, like you!

Oh, you see, but now my computer is running fine! Browsers are opening from my destop and I have video sound back. What did I do, you may ask? NOTHING! No updates, no scans, nothing...nada. Now this is the same thing that happened when I was getting the blue screen a few months ago.....was never able to "fix" it, though I ran a ton of scans etc.....one day it just stopped.

I still have files that when I open say "empty"....like much of my Microsoft Office and my HP Helper stuff and I can never get my HP self fixes to load and work.I still have search engine redirects.....but other than that, everything is running fine.

Sometimes I feel as if someone is remotely playing with my computer and watching from afar, rubbing their hands together in anticipation of me throwing my laptop into the yard and stomping on it.

So if anyone out there.....and I mean ANYONE has any suggestions as to what's going on here on the other side of the rabbit hole, this lady would be forever appreciative! ;-)

Have an amazing day!

#4 jburd1800

jburd1800

  • Members
  • 565 posts
  • OFFLINE
  •  
  • Local time:02:12 PM

Posted 22 January 2012 - 01:38 PM

Just above your current post is a link if you haven't had a response in 3 days. I'd post there...

“May the sun bring you new energy by day, may the moon softly restore you by night, may the rain wash away your worries, may the breeze blow new strength into your being, may you walk gently thorugh the world and know it's beauty all the days of your life.”


#5 Ms. E

Ms. E
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Indiana
  • Local time:01:12 PM

Posted 22 January 2012 - 11:58 PM

Just above your current post is a link if you haven't had a response in 3 days. I'd post there...



Thank you!

#6 Ms. E

Ms. E
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Indiana
  • Local time:01:12 PM

Posted 23 January 2012 - 01:10 PM

No help so far, Thanks!!

http://www.bleepingcomputer.com/forums/topic439438.html/page__p__2566495__fromsearch__1#entry2566495

#7 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,699 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:11:12 AM

Posted 23 January 2012 - 01:12 PM

Download Security Check from HERE, and save it to your Desktop.

* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.

=============================================================================

Please download Farbar Service Scanner and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

====================================================================================

Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size
Click Go and post the result.

=============================================================================

Download Malwarebytes' Anti-Malware (aka MBAM): https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/ to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

=============================================================================

Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
Click the "Scan" button to start scan.
On completion of the scan click "Save log", save it to your desktop and post in your next reply.

NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#8 jburd1800

jburd1800

  • Members
  • 565 posts
  • OFFLINE
  •  
  • Local time:02:12 PM

Posted 23 January 2012 - 01:22 PM

I'm not seeing the post...

Edited by jburd1800, 23 January 2012 - 04:46 PM.

“May the sun bring you new energy by day, may the moon softly restore you by night, may the rain wash away your worries, may the breeze blow new strength into your being, may you walk gently thorugh the world and know it's beauty all the days of your life.”


#9 Ms. E

Ms. E
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Indiana
  • Local time:01:12 PM

Posted 23 January 2012 - 09:46 PM

Thanks a million Broni!! I will scan tomorrow and have the results up as soon as they are finished. You rock!

#10 Ms. E

Ms. E
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Indiana
  • Local time:01:12 PM

Posted 24 January 2012 - 01:43 PM

Here we go.......


Results of screen317's Security Check version 0.99.24
Windows 7 x64 (UAC is enabled)
Internet Explorer 9
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Enabled!
Avira AntiVir Personal - Free Antivirus
WMI entry may not exist for antivirus; attempting automatic update.
Avira successfully updated!
```````````````````````````````
Anti-malware/Other Utilities Check:

Java™ 6 Update 30
````````````````````````````````
Process Check:
objlist.exe by Laurent

Avira Antivir avgnt.exe
Avira Antivir avguard.exe
Comodo Firewall cmdagent.exe
Comodo Firewall cfp.exe
windows defender MpCmdRun.exe
``````````End of Log````````````



NEXT......


Farbar Service Scanner Version: 18-01-2012 01
Ran by Edie (administrator) on 24-01-2012 at 12:17:44
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall"=DWORD:0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall"=DWORD:0


System Restore:
============
SDRSVC Service is not running. Checking service configuration:
The start type of SDRSVC service is OK.
The ImagePath of SDRSVC service is OK.
The ServiceDll of SDRSVC service is OK.

VSS Service is not running. Checking service configuration:
The start type of VSS service is OK.
The ImagePath of VSS service is OK.


System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
===========

File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****


NEXT........

Malwarebytes Anti-Malware 1.60.0.1800
www.malwarebytes.org

Database version: v2012.01.19.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Edie :: EDIE-PC [administrator]

1/24/2012 12:24:49
mbam-log-2012-01-24 (12-24-49).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 409231
Time elapsed: 1 hour(s), 8 minute(s), 36 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


NEXT......


MiniToolBox by Farbar Version: 18-01-2012
Ran by Edie (administrator) on 24-01-2012 at 12:20:04
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================



========================= IP Configuration: ================================

Atheros AR9285 802.11b/g/n WiFi Adapter = Wireless Network Connection (Connected)
Realtek RTL8102E/RTL8103E Family PCI-E Fast Ethernet NIC (NDIS 6.20) = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Edie-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : gateway.2wire.net

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : gateway.2wire.net
Description . . . . . . . . . . . : Atheros AR9285 802.11b/g/n WiFi Adapter
Physical Address. . . . . . . . . : C4-17-FE-BB-CF-41
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::20f7:6e07:40fe:d81b%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.70(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, January 24, 2012 11:34:23
Lease Expires . . . . . . . . . . : Wednesday, January 25, 2012 11:34:24
Default Gateway . . . . . . . . . : 192.168.1.254
DHCP Server . . . . . . . . . . . : 192.168.1.254
DHCPv6 IAID . . . . . . . . . . . : 331618302
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-68-A2-8D-C8-0A-A9-20-E3-4A
DNS Servers . . . . . . . . . . . : 192.168.1.254
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek RTL8102E/RTL8103E Family PCI-E Fast Ethernet NIC (NDIS 6.20)
Physical Address. . . . . . . . . : C8-0A-A9-20-E3-4A
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.gateway.2wire.net:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:180a:23c:9cf7:3123(Preferred)
Link-local IPv6 Address . . . . . : fe80::180a:23c:9cf7:3123%13(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 12:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : gateway.2wire.net
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: home
Address: 192.168.1.254

Name: google.com
Addresses: 74.125.225.48
74.125.225.49
74.125.225.50
74.125.225.51
74.125.225.52


Pinging google.com [74.125.225.112] with 32 bytes of data:
Reply from 74.125.225.112: bytes=32 time=29ms TTL=53
Reply from 74.125.225.112: bytes=32 time=26ms TTL=53

Ping statistics for 74.125.225.112:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 26ms, Maximum = 29ms, Average = 27ms
Server: home
Address: 192.168.1.254

Name: yahoo.com
Addresses: 209.191.122.70
72.30.2.43
98.137.149.56
98.139.180.149


Pinging yahoo.com [98.137.149.56] with 32 bytes of data:
Reply from 98.137.149.56: bytes=32 time=116ms TTL=54
Reply from 98.137.149.56: bytes=32 time=123ms TTL=54

Ping statistics for 98.137.149.56:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 116ms, Maximum = 123ms, Average = 119ms
Server: home
Address: 192.168.1.254

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
12...c4 17 fe bb cf 41 ......Atheros AR9285 802.11b/g/n WiFi Adapter
10...c8 0a a9 20 e3 4a ......Realtek RTL8102E/RTL8103E Family PCI-E Fast Ethernet NIC (NDIS 6.20)
1...........................Software Loopback Interface 1
16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
11...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.70 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.70 281
192.168.1.70 255.255.255.255 On-link 192.168.1.70 281
192.168.1.255 255.255.255.255 On-link 192.168.1.70 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.70 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.70 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
13 58 ::/0 On-link
1 306 ::1/128 On-link
13 58 2001::/32 On-link
13 306 2001:0:4137:9e76:180a:23c:9cf7:3123/128
On-link
12 281 fe80::/64 On-link
13 306 fe80::/64 On-link
13 306 fe80::180a:23c:9cf7:3123/128
On-link
12 281 fe80::20f7:6e07:40fe:d81b/128
On-link
1 306 ff00::/8 On-link
13 306 ff00::/8 On-link
12 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/24/2012 11:34:26 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (01/24/2012 11:34:26 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (01/23/2012 11:19:23 PM) (Source: Application Hang) (User: )
Description: The program chrome.exe version 16.0.912.75 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 940

Start Time: 01ccda4f21da173d

Termination Time: 26

Application Path: C:\Users\Edie\AppData\Local\Google\Chrome\Application\chrome.exe

Report Id: 8623943c-4642-11e1-bb69-c80aa920e34a

Error: (01/23/2012 11:17:33 PM) (Source: Application Hang) (User: )
Description: The program chrome.exe version 16.0.912.75 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 104c

Start Time: 01ccda4e19097be9

Termination Time: 11

Application Path: C:\Users\Edie\AppData\Local\Google\Chrome\Application\chrome.exe

Report Id: 3e0c3b6e-4642-11e1-bb69-c80aa920e34a

Error: (01/23/2012 11:26:39 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (01/23/2012 11:26:39 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (01/22/2012 00:21:34 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (01/22/2012 00:21:34 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (01/21/2012 00:16:38 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (01/21/2012 00:16:38 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.


System errors:
=============
Error: (01/23/2012 01:21:03 PM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer RAC-HP
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{193CCEE5-3420-4EA3-95DA-6D4766F6077C}.
The master browser is stopping or an election is being forced.

Error: (01/20/2012 03:45:04 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (01/20/2012 00:06:23 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (01/19/2012 09:40:20 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (01/19/2012 09:40:20 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (01/19/2012 09:40:20 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (01/19/2012 09:38:14 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (01/19/2012 09:38:13 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (01/19/2012 09:38:13 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (01/19/2012 09:38:13 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
4500_G510nz_Help (Version: 000.0.439.000)
4500G510nz (Version: 000.0.439.000)
4500G510nz_Software_Min (Version: 000.0.423.000)
64 Bit HP CIO Components Installer (Version: 7.2.8)
Acrobat.com (Version: 1.6.65)
ActiveCheck component for HP Active Support Library (Version: 3.0.0.2)
Adobe AIR (Version: 1.5.0.7220)
Adobe Flash Player 11 ActiveX 64-bit (Version: 11.1.102.55)
Adobe Reader 9.2 MUI (Version: 9.2.0)
Adobe Shockwave Player (Version: 11.0)
AI RoboForm (All Users)
Amazon Add to Wish List IE Extension 1.2 (Version: 1.2)
Atheros Driver Installation Program (Version: 5.2)
Audacity 1.3.13 (Unicode)
Avira AntiVir Personal - Free Antivirus (Version: 10.2.0.704)
BufferChm (Version: 130.0.331.000)
COMODO Internet Security (Version: 5.5.64714.1383)
Compatibility Pack for the 2007 Office system (Version: 12.0.6425.1000)
CyberLink DVD Suite (Version: 7.0.2111)
CyberLink MediaShow (Version: 4.1.3325)
CyberLink PowerDVD 8 (Version: 8.0.1.1005)
CyberLink YouCam (Version: 3.0.2201)
Destinations (Version: 130.0.0.0)
DeviceDiscovery (Version: 130.0.372.000)
DocMgr (Version: 130.0.000.000)
DocProc (Version: 13.0.0.0)
Fax (Version: 130.0.418.000)
FlipShare (Version: 5.8.11.0)
Google Chrome (Version: 16.0.912.75)
GPBaseService2 (Version: 130.0.371.000)
Hewlett-Packard ACLM.NET v1.1.0.0 (Version: 1.00.0000)
HP Advisor (Version: 3.3.9512.3162)
HP Customer Experience Enhancements (Version: 6.0.1.3)
HP Customer Participation Program 13.0 (Version: 13.0)
HP Document Manager 2.0 (Version: 2.0)
HP Games (Version: 1.0.0.71)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP Officejet 4500 G510n-z (Version: 13.0)
HP Product Detection (Version: 11.10.1000)
HP Quick Launch Buttons (Version: 6.50.7.1)
HP Setup (Version: 1.2.3560.3170)
HP Smart Web Printing (Version: 131.1.35898)
HP Smart Web Printing 4.5 (Version: 4.5)
HP Solution Center 13.0 (Version: 13.0)
HP Support Assistant (Version: 4.2.5.3)
HP Update (Version: 5.003.001.001)
HP User Guides 0148 (Version: 1.01.0005)
HP Wireless Assistant (Version: 3.50.9.1)
HPAsset component for HP Active Support Library (Version: 3.0.0.3)
HPDiagnosticAlert (Version: 1.00.0000)
HPProductAssistant (Version: 130.0.371.000)
HPSSupply (Version: 130.0.371.000)
IDT Audio (Version: 1.0.6230.0)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.1883)
Internet Explorer (Enable DEP)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 15 (64-bit) (Version: 6.0.150)
Java™ 6 Update 30 (Version: 6.0.300)
Java™ SE Development Kit 6 Update 15 (64-bit) (Version: 1.6.0.150)
Junk Mail filter update (Version: 14.0.8089.726)
LabelPrint (Version: 2.5.2111)
Lexmark X5100 Series
LightScribe System Software (Version: 1.18.8.1)
LSI HDA Modem (Version: 2.1.94)
Malwarebytes Anti-Malware version 1.60.0.1800 (Version: 1.60.0.1800)
MarketResearch (Version: 130.0.374.000)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Live Search Toolbar (Version: 3.0.566.0)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6425.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6425.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6425.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Suite Activation Assistant (Version: 2.9)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Silverlight (Version: 4.0.60831.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Works (Version: 9.7.0621)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
muvee Reveal (Version: 7.0.43.12698)
Network64 (Version: 130.0.374.000)
Network64 (Version: 140.0.221.000)
NirSoft BlueScreenView
OCR Software by I.R.I.S. 13.0 (Version: 13.0)
Power2Go (Version: 6.0.3311)
PowerDirector (Version: 7.0.3311)
QLBCASL (Version: 6.40.17.2)
Realtek 8136 8168 8169 Ethernet Driver (Version: 1.00.0007)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30104)
Recovery Manager (Version: 5.5.2214)
Scan (Version: 13.0.0.0)
Shop for HP Supplies (Version: 13.0)
SolutionCenter (Version: 130.0.373.000)
Status (Version: 130.0.373.000)
Synaptics Pointing Device Driver (Version: 13.2.4.12)
Toolbox (Version: 130.0.648.000)
TrayApp (Version: 130.0.376.000)
Update for 2007 Microsoft Office System (KB2284654)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
WebReg (Version: 130.0.132.017)
Windows Live Call (Version: 14.0.8064.0206)
Windows Live Communications Platform (Version: 14.0.8064.206)
Windows Live Essentials (Version: 14.0.8089.0726)
Windows Live Essentials (Version: 14.0.8089.726)
Windows Live Mail (Version: 14.0.8089.0726)
Windows Live Messenger (Version: 14.0.8089.0726)
Windows Live Movie Maker (Version: 14.0.8091.0730)
Windows Live Photo Gallery (Version: 14.0.8081.709)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8089.0726)
Yahoo! Toolbar

========================= Devices: ================================

Name: Officejet 4500 G510n-z
Description: Officejet 4500 G510n-z
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Officejet 4500 G510n-z
Description: Officejet 4500 G510n-z
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


========================= Memory info: ===================================

Percentage of memory in use: 37%
Total physical RAM: 3002.93 MB
Available physical RAM: 1866.22 MB
Total Pagefile: 6004.05 MB
Available Pagefile: 4485.07 MB
Total Virtual: 4095.88 MB
Available Virtual: 3967.97 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:285.35 GB) (Free:227.25 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:12.54 GB) (Free:2.1 GB) NTFS

========================= Users: ========================================

User accounts for \\EDIE-PC

Administrator Edie Guest

========================= Minidump Files ==================================

No minidump file found

**** End of log ****



Thanks! :-)

#11 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,699 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:11:12 AM

Posted 24 January 2012 - 01:46 PM

...and aswMBR...

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#12 Ms. E

Ms. E
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Indiana
  • Local time:01:12 PM

Posted 24 January 2012 - 01:58 PM

...and aswMBR...


working on opening it since it's a dat file, I've having problems opening it. Any suggestions on what to use? THX!

#13 Ms. E

Ms. E
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Indiana
  • Local time:01:12 PM

Posted 24 January 2012 - 01:59 PM

Nevermind......brain fart. Here it is...

aswMBR version 0.9.9.1509 Copyright© 2011 AVAST Software
Run date: 2012-01-24 13:54:47
-----------------------------
13:54:47.860 OS Version: Windows x64 6.1.7601 Service Pack 1
13:54:47.860 Number of processors: 2 586 0x170A
13:54:47.860 ComputerName: EDIE-PC UserName: Edie
13:54:50.216 Initialize success
13:55:06.259 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
13:55:06.274 Disk 0 Vendor: Hitachi_HTS725032A9A364 PC3OC72E Size: 305245MB BusType: 11
13:55:06.290 Disk 0 MBR read successfully
13:55:06.306 Disk 0 MBR scan
13:55:06.306 Disk 0 TDL4@MBR code has been found
13:55:06.306 Disk 0 MBR hidden
13:55:06.321 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
13:55:06.337 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 292203 MB offset 409600
13:55:06.368 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 12841 MB offset 598841344
13:55:06.368 Disk 0 MBR [TDL4] **ROOTKIT**
13:55:06.384 Disk 0 trace - called modules:
13:55:06.384
13:55:06.399 Scan finished successfully
13:55:45.399 Disk 0 MBR has been saved successfully to "C:\Users\Edie\Desktop\MBR.dat"
13:55:45.415 The log file has been saved successfully to "C:\Users\Edie\Desktop\aswMBR-text.txt"

#14 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,699 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:11:12 AM

Posted 24 January 2012 - 02:10 PM

Download TDSSKiller and save it to your desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#15 Ms. E

Ms. E
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Indiana
  • Local time:01:12 PM

Posted 24 January 2012 - 02:26 PM

Had a blue screen crash right before running this. It found something on my hard drive.....so "cure" was the default.....clicked continue...reboot....here's the log:

14:16:27.0724 2548 TDSS rootkit removing tool 2.7.7.0 Jan 24 2012 16:44:27
14:16:28.0098 2548 ============================================================
14:16:28.0098 2548 Current date / time: 2012/01/24 14:16:28.0098
14:16:28.0098 2548 SystemInfo:
14:16:28.0098 2548
14:16:28.0098 2548 OS Version: 6.1.7601 ServicePack: 1.0
14:16:28.0098 2548 Product type: Workstation
14:16:28.0098 2548 ComputerName: EDIE-PC
14:16:28.0098 2548 UserName: Edie
14:16:28.0098 2548 Windows directory: C:\Windows
14:16:28.0098 2548 System windows directory: C:\Windows
14:16:28.0098 2548 Running under WOW64
14:16:28.0098 2548 Processor architecture: Intel x64
14:16:28.0098 2548 Number of processors: 2
14:16:28.0098 2548 Page size: 0x1000
14:16:28.0098 2548 Boot type: Normal boot
14:16:28.0098 2548 ============================================================
14:16:30.0579 2548 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:16:30.0688 2548 Initialize success
14:16:33.0746 5108 ============================================================
14:16:33.0746 5108 Scan started
14:16:33.0746 5108 Mode: Manual;
14:16:33.0746 5108 ============================================================
14:16:36.0975 5108 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
14:16:36.0990 5108 1394ohci - ok
14:16:37.0334 5108 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
14:16:37.0334 5108 ACPI - ok
14:16:37.0692 5108 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
14:16:37.0692 5108 AcpiPmi - ok
14:16:38.0067 5108 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
14:16:38.0067 5108 adp94xx - ok
14:16:38.0426 5108 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
14:16:38.0441 5108 adpahci - ok
14:16:38.0784 5108 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
14:16:38.0784 5108 adpu320 - ok
14:16:39.0159 5108 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
14:16:39.0159 5108 AFD - ok
14:16:39.0564 5108 AgereSoftModem (af4748ef93416159459769a24a0053af) C:\Windows\system32\DRIVERS\agrsm64.sys
14:16:39.0580 5108 AgereSoftModem - ok
14:16:39.0923 5108 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
14:16:39.0923 5108 agp440 - ok
14:16:40.0282 5108 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
14:16:40.0282 5108 aliide - ok
14:16:40.0610 5108 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
14:16:40.0610 5108 amdide - ok
14:16:40.0953 5108 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
14:16:40.0953 5108 AmdK8 - ok
14:16:41.0296 5108 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
14:16:41.0296 5108 AmdPPM - ok
14:16:41.0639 5108 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
14:16:41.0639 5108 amdsata - ok
14:16:41.0998 5108 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
14:16:41.0998 5108 amdsbs - ok
14:16:42.0341 5108 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
14:16:42.0341 5108 amdxata - ok
14:16:42.0731 5108 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
14:16:42.0731 5108 AppID - ok
14:16:43.0106 5108 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
14:16:43.0106 5108 arc - ok
14:16:43.0449 5108 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
14:16:43.0449 5108 arcsas - ok
14:16:43.0808 5108 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
14:16:43.0808 5108 AsyncMac - ok
14:16:44.0151 5108 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
14:16:44.0151 5108 atapi - ok
14:16:44.0541 5108 athr (38562a6a9cb10844759eaf2b01a7fcd3) C:\Windows\system32\DRIVERS\athrx.sys
14:16:44.0572 5108 athr - ok
14:16:44.0931 5108 avgntflt (b1224e6b086cd6548315b04ab575a23e) C:\Windows\system32\DRIVERS\avgntflt.sys
14:16:44.0931 5108 avgntflt - ok
14:16:45.0274 5108 avipbb (ed45f12cfa62b83765c9c1496758cc87) C:\Windows\system32\DRIVERS\avipbb.sys
14:16:45.0274 5108 avipbb - ok
14:16:45.0664 5108 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
14:16:45.0664 5108 b06bdrv - ok
14:16:46.0007 5108 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
14:16:46.0023 5108 b57nd60a - ok
14:16:46.0382 5108 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
14:16:46.0382 5108 Beep - ok
14:16:46.0928 5108 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
14:16:46.0928 5108 blbdrive - ok
14:16:47.0271 5108 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
14:16:47.0271 5108 bowser - ok
14:16:47.0630 5108 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:16:47.0630 5108 BrFiltLo - ok
14:16:47.0957 5108 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:16:47.0957 5108 BrFiltUp - ok
14:16:48.0316 5108 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
14:16:48.0332 5108 Brserid - ok
14:16:48.0690 5108 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
14:16:48.0690 5108 BrSerWdm - ok
14:16:49.0034 5108 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
14:16:49.0034 5108 BrUsbMdm - ok
14:16:49.0377 5108 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
14:16:49.0377 5108 BrUsbSer - ok
14:16:49.0736 5108 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
14:16:49.0736 5108 BTHMODEM - ok
14:16:50.0094 5108 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
14:16:50.0094 5108 cdfs - ok
14:16:50.0438 5108 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
14:16:50.0453 5108 cdrom - ok
14:16:50.0812 5108 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
14:16:50.0812 5108 circlass - ok
14:16:51.0093 5108 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
14:16:51.0093 5108 CLFS - ok
14:16:51.0483 5108 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
14:16:51.0483 5108 CmBatt - ok
14:16:51.0888 5108 cmdGuard (efd76d1c9a28b75ff05b23cb0e7f79cd) C:\Windows\system32\DRIVERS\cmdguard.sys
14:16:51.0888 5108 cmdGuard - ok
14:16:52.0434 5108 cmdHlp (4b5b1688ab86ebced4bef8d337e9a722) C:\Windows\system32\DRIVERS\cmdhlp.sys
14:16:52.0434 5108 cmdHlp - ok
14:16:53.0058 5108 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
14:16:53.0058 5108 cmdide - ok
14:16:53.0558 5108 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
14:16:53.0573 5108 CNG - ok
14:16:53.0948 5108 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
14:16:53.0948 5108 Compbatt - ok
14:16:54.0306 5108 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
14:16:54.0306 5108 CompositeBus - ok
14:16:54.0650 5108 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
14:16:54.0650 5108 crcdisk - ok
14:16:55.0040 5108 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
14:16:55.0040 5108 DfsC - ok
14:16:55.0414 5108 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
14:16:55.0414 5108 discache - ok
14:16:55.0773 5108 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
14:16:55.0788 5108 Disk - ok
14:16:56.0178 5108 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
14:16:56.0178 5108 Dot4 - ok
14:16:56.0553 5108 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\DRIVERS\Dot4Prt.sys
14:16:56.0553 5108 Dot4Print - ok
14:16:56.0896 5108 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
14:16:56.0896 5108 dot4usb - ok
14:16:57.0255 5108 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
14:16:57.0255 5108 drmkaud - ok
14:16:57.0629 5108 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
14:16:57.0629 5108 DXGKrnl - ok
14:16:58.0066 5108 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
14:16:58.0113 5108 ebdrv - ok
14:16:58.0503 5108 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
14:16:58.0503 5108 elxstor - ok
14:16:58.0846 5108 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
14:16:58.0846 5108 ErrDev - ok
14:16:59.0205 5108 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
14:16:59.0220 5108 exfat - ok
14:16:59.0564 5108 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
14:16:59.0564 5108 fastfat - ok
14:16:59.0938 5108 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
14:16:59.0938 5108 fdc - ok
14:17:00.0312 5108 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
14:17:00.0312 5108 FileInfo - ok
14:17:00.0656 5108 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
14:17:00.0656 5108 Filetrace - ok
14:17:01.0014 5108 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
14:17:01.0014 5108 flpydisk - ok
14:17:01.0373 5108 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
14:17:01.0373 5108 FltMgr - ok
14:17:01.0732 5108 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
14:17:01.0732 5108 FsDepends - ok
14:17:02.0075 5108 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
14:17:02.0075 5108 Fs_Rec - ok
14:17:02.0434 5108 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
14:17:02.0434 5108 fvevol - ok
14:17:02.0793 5108 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
14:17:02.0809 5108 gagp30kx - ok
14:17:03.0183 5108 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
14:17:03.0183 5108 hcw85cir - ok
14:17:03.0542 5108 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
14:17:03.0542 5108 HdAudAddService - ok
14:17:03.0916 5108 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
14:17:03.0916 5108 HDAudBus - ok
14:17:04.0275 5108 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
14:17:04.0275 5108 HidBatt - ok
14:17:04.0618 5108 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
14:17:04.0618 5108 HidBth - ok
14:17:04.0993 5108 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
14:17:04.0993 5108 HidIr - ok
14:17:05.0367 5108 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
14:17:05.0367 5108 HidUsb - ok
14:17:05.0788 5108 HpqKbFiltr (9af482d058be59cc28bce52e7c4b747c) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
14:17:05.0788 5108 HpqKbFiltr - ok
14:17:06.0178 5108 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
14:17:06.0178 5108 HpSAMD - ok
14:17:06.0568 5108 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
14:17:06.0568 5108 HTTP - ok
14:17:06.0943 5108 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
14:17:06.0943 5108 hwpolicy - ok
14:17:07.0301 5108 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
14:17:07.0317 5108 i8042prt - ok
14:17:07.0691 5108 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
14:17:07.0691 5108 iaStorV - ok
14:17:08.0206 5108 igfx (3c3f27002abc69c5afe29cbe6cf7addf) C:\Windows\system32\DRIVERS\igdkmd64.sys
14:17:08.0269 5108 igfx - ok
14:17:08.0643 5108 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
14:17:08.0643 5108 iirsp - ok
14:17:09.0002 5108 inspect (efff0afd27cc97bf0e5e0bab78419de7) C:\Windows\system32\DRIVERS\inspect.sys
14:17:09.0002 5108 inspect - ok
14:17:09.0361 5108 IntcHdmiAddService (88a20fa54c73ded4e8dac764e9130ae9) C:\Windows\system32\drivers\IntcHdmi.sys
14:17:09.0361 5108 IntcHdmiAddService - ok
14:17:09.0704 5108 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
14:17:09.0704 5108 intelide - ok
14:17:10.0063 5108 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
14:17:10.0063 5108 intelppm - ok
14:17:10.0421 5108 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:17:10.0421 5108 IpFilterDriver - ok
14:17:10.0780 5108 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
14:17:10.0780 5108 IPMIDRV - ok
14:17:11.0139 5108 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
14:17:11.0155 5108 IPNAT - ok
14:17:11.0498 5108 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
14:17:11.0513 5108 IRENUM - ok
14:17:11.0872 5108 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
14:17:11.0872 5108 isapnp - ok
14:17:11.0950 5108 iscFlash (cda1ac2ffc8603859702a2c7df5bbd36) C:\SwSetup\sp51527\iscflashx64.sys
14:17:11.0950 5108 iscFlash - ok
14:17:12.0325 5108 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
14:17:12.0325 5108 iScsiPrt - ok
14:17:12.0699 5108 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
14:17:12.0699 5108 kbdclass - ok
14:17:13.0058 5108 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
14:17:13.0058 5108 kbdhid - ok
14:17:13.0432 5108 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
14:17:13.0432 5108 KSecDD - ok
14:17:13.0791 5108 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
14:17:13.0791 5108 KSecPkg - ok
14:17:14.0150 5108 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
14:17:14.0150 5108 ksthunk - ok
14:17:14.0540 5108 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
14:17:14.0540 5108 lltdio - ok
14:17:14.0899 5108 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
14:17:14.0899 5108 LSI_FC - ok
14:17:15.0257 5108 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
14:17:15.0257 5108 LSI_SAS - ok
14:17:15.0616 5108 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:17:15.0616 5108 LSI_SAS2 - ok
14:17:15.0975 5108 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:17:15.0975 5108 LSI_SCSI - ok
14:17:16.0381 5108 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
14:17:16.0381 5108 luafv - ok
14:17:16.0755 5108 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
14:17:16.0755 5108 megasas - ok
14:17:17.0098 5108 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
14:17:17.0098 5108 MegaSR - ok
14:17:18.0471 5108 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
14:17:18.0471 5108 Modem - ok
14:17:19.0298 5108 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
14:17:19.0298 5108 monitor - ok
14:17:19.0813 5108 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
14:17:19.0813 5108 mouclass - ok
14:17:21.0248 5108 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
14:17:21.0248 5108 mouhid - ok
14:17:21.0700 5108 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
14:17:21.0700 5108 mountmgr - ok
14:17:22.0153 5108 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
14:17:22.0168 5108 mpio - ok
14:17:23.0026 5108 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
14:17:23.0042 5108 mpsdrv - ok
14:17:24.0149 5108 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
14:17:24.0165 5108 MRxDAV - ok
14:17:24.0898 5108 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
14:17:24.0898 5108 mrxsmb - ok
14:17:25.0943 5108 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:17:25.0943 5108 mrxsmb10 - ok
14:17:26.0942 5108 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:17:26.0957 5108 mrxsmb20 - ok
14:17:27.0784 5108 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
14:17:27.0784 5108 msahci - ok
14:17:28.0673 5108 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
14:17:28.0673 5108 msdsm - ok
14:17:29.0875 5108 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
14:17:29.0875 5108 Msfs - ok
14:17:30.0670 5108 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
14:17:30.0670 5108 mshidkmdf - ok
14:17:31.0169 5108 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
14:17:31.0169 5108 msisadrv - ok
14:17:32.0573 5108 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
14:17:32.0605 5108 MSKSSRV - ok
14:17:33.0151 5108 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
14:17:33.0151 5108 MSPCLOCK - ok
14:17:33.0884 5108 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
14:17:33.0884 5108 MSPQM - ok
14:17:34.0648 5108 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
14:17:34.0648 5108 MsRPC - ok
14:17:35.0771 5108 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
14:17:35.0771 5108 mssmbios - ok
14:17:36.0629 5108 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
14:17:36.0645 5108 MSTEE - ok
14:17:37.0238 5108 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
14:17:37.0238 5108 MTConfig - ok
14:17:37.0971 5108 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
14:17:37.0971 5108 Mup - ok
14:17:38.0611 5108 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
14:17:38.0626 5108 NativeWifiP - ok
14:17:39.0188 5108 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
14:17:39.0203 5108 NDIS - ok
14:17:39.0734 5108 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
14:17:39.0734 5108 NdisCap - ok
14:17:40.0342 5108 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
14:17:40.0342 5108 NdisTapi - ok
14:17:41.0013 5108 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
14:17:41.0013 5108 Ndisuio - ok
14:17:41.0621 5108 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
14:17:41.0621 5108 NdisWan - ok
14:17:42.0277 5108 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
14:17:42.0292 5108 NDProxy - ok
14:17:43.0228 5108 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
14:17:43.0228 5108 NetBIOS - ok
14:17:44.0227 5108 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
14:17:44.0242 5108 NetBT - ok
14:17:46.0707 5108 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys
14:17:46.0832 5108 netw5v64 - ok
14:17:48.0127 5108 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
14:17:48.0142 5108 nfrd960 - ok
14:17:50.0061 5108 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
14:17:50.0061 5108 Npfs - ok
14:17:50.0669 5108 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
14:17:50.0669 5108 nsiproxy - ok
14:17:52.0136 5108 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
14:17:52.0151 5108 Ntfs - ok
14:17:52.0916 5108 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
14:17:52.0916 5108 Null - ok
14:17:53.0977 5108 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
14:17:53.0977 5108 nvraid - ok
14:17:54.0913 5108 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
14:17:54.0913 5108 nvstor - ok
14:17:55.0973 5108 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
14:17:55.0973 5108 nv_agp - ok
14:17:56.0582 5108 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
14:17:56.0582 5108 ohci1394 - ok
14:17:57.0128 5108 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
14:17:57.0128 5108 Parport - ok
14:17:58.0157 5108 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
14:17:58.0157 5108 partmgr - ok
14:17:59.0078 5108 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
14:17:59.0109 5108 pci - ok
14:18:00.0279 5108 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
14:18:00.0279 5108 pciide - ok
14:18:01.0059 5108 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
14:18:01.0059 5108 pcmcia - ok
14:18:02.0073 5108 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
14:18:02.0073 5108 pcw - ok
14:18:03.0867 5108 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
14:18:03.0883 5108 PEAUTH - ok
14:18:05.0755 5108 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
14:18:05.0755 5108 PptpMiniport - ok
14:18:06.0893 5108 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
14:18:06.0893 5108 Processor - ok
14:18:07.0907 5108 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
14:18:07.0923 5108 Psched - ok
14:18:08.0625 5108 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
14:18:08.0656 5108 ql2300 - ok
14:18:09.0655 5108 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
14:18:09.0655 5108 ql40xx - ok
14:18:10.0357 5108 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
14:18:10.0357 5108 QWAVEdrv - ok
14:18:11.0714 5108 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
14:18:11.0714 5108 RasAcd - ok
14:18:12.0416 5108 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
14:18:12.0416 5108 RasAgileVpn - ok
14:18:13.0055 5108 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
14:18:13.0055 5108 Rasl2tp - ok
14:18:13.0633 5108 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
14:18:13.0648 5108 RasPppoe - ok
14:18:14.0179 5108 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
14:18:14.0194 5108 RasSstp - ok
14:18:14.0771 5108 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
14:18:14.0787 5108 rdbss - ok
14:18:15.0785 5108 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
14:18:15.0785 5108 rdpbus - ok
14:18:16.0363 5108 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
14:18:16.0363 5108 RDPCDD - ok
14:18:17.0002 5108 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
14:18:17.0002 5108 RDPENCDD - ok
14:18:18.0157 5108 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
14:18:18.0157 5108 RDPREFMP - ok
14:18:18.0640 5108 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
14:18:18.0640 5108 RDPWD - ok
14:18:19.0202 5108 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
14:18:19.0576 5108 rdyboost - ok
14:18:20.0091 5108 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
14:18:20.0091 5108 rspndr - ok
14:18:20.0590 5108 RSUSBSTOR - ok
14:18:21.0089 5108 RTL8167 (abcb5a38a0d85bdf69b7877e1ad1eed5) C:\Windows\system32\DRIVERS\Rt64win7.sys
14:18:21.0105 5108 RTL8167 - ok
14:18:21.0901 5108 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
14:18:21.0901 5108 sbp2port - ok
14:18:22.0415 5108 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
14:18:22.0415 5108 scfilter - ok
14:18:22.0946 5108 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
14:18:22.0946 5108 sdbus - ok
14:18:24.0007 5108 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
14:18:24.0007 5108 secdrv - ok
14:18:24.0677 5108 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
14:18:24.0677 5108 Serenum - ok
14:18:25.0910 5108 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
14:18:25.0910 5108 Serial - ok
14:18:26.0456 5108 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
14:18:26.0456 5108 sermouse - ok
14:18:27.0470 5108 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
14:18:27.0470 5108 sffdisk - ok
14:18:28.0312 5108 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
14:18:28.0312 5108 sffp_mmc - ok
14:18:29.0155 5108 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
14:18:29.0155 5108 sffp_sd - ok
14:18:29.0950 5108 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
14:18:29.0950 5108 sfloppy - ok
14:18:31.0214 5108 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:18:31.0541 5108 SiSRaid2 - ok
14:18:35.0239 5108 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
14:18:35.0239 5108 SiSRaid4 - ok
14:18:36.0471 5108 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
14:18:36.0471 5108 Smb - ok
14:18:36.0923 5108 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
14:18:36.0939 5108 spldr - ok
14:18:37.0859 5108 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
14:18:37.0859 5108 srv - ok
14:18:38.0671 5108 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
14:18:38.0671 5108 srv2 - ok
14:18:39.0591 5108 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
14:18:39.0607 5108 SrvHsfHDA - ok
14:18:41.0572 5108 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
14:18:41.0635 5108 SrvHsfV92 - ok
14:18:43.0538 5108 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
14:18:43.0538 5108 SrvHsfWinac - ok
14:18:44.0552 5108 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
14:18:44.0552 5108 srvnet - ok
14:18:47.0079 5108 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
14:18:47.0079 5108 stexstor - ok
14:18:48.0343 5108 STHDA (dffbc024dfc7bb05b2129e05cbc7a201) C:\Windows\system32\DRIVERS\stwrt64.sys
14:18:48.0405 5108 STHDA - ok
14:18:49.0201 5108 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys
14:18:49.0201 5108 StillCam - ok
14:18:49.0856 5108 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
14:18:49.0856 5108 swenum - ok
14:18:50.0683 5108 SynTP (929c9fa0b18ad2ebc8340591c4bf00ff) C:\Windows\system32\DRIVERS\SynTP.sys
14:18:50.0683 5108 SynTP - ok
14:18:51.0275 5108 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
14:18:51.0307 5108 Tcpip - ok
14:18:52.0009 5108 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
14:18:52.0040 5108 TCPIP6 - ok
14:18:52.0664 5108 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
14:18:52.0664 5108 tcpipreg - ok
14:18:53.0366 5108 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
14:18:53.0366 5108 TDPIPE - ok
14:18:54.0052 5108 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
14:18:54.0052 5108 TDTCP - ok
14:18:54.0629 5108 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
14:18:54.0629 5108 tdx - ok
14:18:55.0269 5108 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
14:18:55.0269 5108 TermDD - ok
14:18:55.0878 5108 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
14:18:55.0878 5108 tssecsrv - ok
14:18:56.0517 5108 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
14:18:56.0517 5108 TsUsbFlt - ok
14:18:57.0094 5108 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
14:18:57.0094 5108 tunnel - ok
14:18:57.0765 5108 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
14:18:57.0765 5108 uagp35 - ok
14:18:58.0452 5108 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
14:18:58.0452 5108 udfs - ok
14:18:59.0325 5108 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
14:18:59.0325 5108 uliagpkx - ok
14:19:00.0277 5108 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
14:19:00.0277 5108 umbus - ok
14:19:00.0807 5108 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
14:19:00.0807 5108 UmPass - ok
14:19:01.0384 5108 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
14:19:01.0384 5108 usbccgp - ok
14:19:01.0930 5108 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
14:19:01.0930 5108 usbcir - ok
14:19:02.0601 5108 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
14:19:02.0601 5108 usbehci - ok
14:19:03.0849 5108 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
14:19:03.0849 5108 usbhub - ok
14:19:04.0567 5108 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
14:19:04.0567 5108 usbohci - ok
14:19:05.0784 5108 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
14:19:05.0784 5108 usbprint - ok
14:19:06.0454 5108 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
14:19:06.0454 5108 usbscan - ok
14:19:07.0032 5108 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:19:07.0032 5108 USBSTOR - ok
14:19:07.0468 5108 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
14:19:07.0468 5108 usbuhci - ok
14:19:08.0186 5108 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
14:19:08.0217 5108 usbvideo - ok
14:19:08.0935 5108 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
14:19:08.0935 5108 vdrvroot - ok
14:19:10.0120 5108 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
14:19:10.0136 5108 vga - ok
14:19:11.0041 5108 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
14:19:11.0041 5108 VgaSave - ok
14:19:12.0180 5108 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
14:19:12.0180 5108 vhdmp - ok
14:19:13.0240 5108 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
14:19:13.0256 5108 viaide - ok
14:19:14.0223 5108 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
14:19:14.0223 5108 volmgr - ok
14:19:15.0222 5108 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
14:19:15.0222 5108 volmgrx - ok
14:19:16.0251 5108 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
14:19:16.0267 5108 volsnap - ok
14:19:17.0156 5108 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
14:19:17.0156 5108 vsmraid - ok
14:19:17.0983 5108 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
14:19:17.0983 5108 vwifibus - ok
14:19:19.0106 5108 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
14:19:19.0106 5108 vwififlt - ok
14:19:19.0746 5108 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
14:19:19.0746 5108 WacomPen - ok
14:19:21.0072 5108 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
14:19:21.0072 5108 WANARP - ok
14:19:21.0103 5108 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
14:19:21.0118 5108 Wanarpv6 - ok
14:19:22.0460 5108 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
14:19:22.0460 5108 Wd - ok
14:19:22.0990 5108 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
14:19:22.0990 5108 Wdf01000 - ok
14:19:23.0536 5108 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
14:19:23.0536 5108 WfpLwf - ok
14:19:24.0036 5108 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
14:19:24.0036 5108 WIMMount - ok
14:19:24.0706 5108 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
14:19:24.0706 5108 WinUsb - ok
14:19:25.0221 5108 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
14:19:25.0221 5108 WmiAcpi - ok
14:19:25.0736 5108 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
14:19:25.0736 5108 ws2ifsl - ok
14:19:26.0422 5108 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
14:19:26.0422 5108 WudfPf - ok
14:19:27.0109 5108 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
14:19:27.0109 5108 WUDFRd - ok
14:19:27.0733 5108 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys
14:19:27.0733 5108 yukonw7 - ok
14:19:27.0811 5108 MBR (0x1B8) (6f9a1d528242bc09104b85e0becf5554) \Device\Harddisk0\DR0
14:19:27.0842 5108 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.a ) - infected
14:19:27.0842 5108 \Device\Harddisk0\DR0 - detected Rootkit.Boot.SST.a (0)
14:19:27.0858 5108 Boot (0x1200) (f6b21c2112f6622363767a917592de8f) \Device\Harddisk0\DR0\Partition0
14:19:27.0858 5108 \Device\Harddisk0\DR0\Partition0 - ok
14:19:27.0873 5108 Boot (0x1200) (8ebf1d0f104d21b450f81c6168c5f1b7) \Device\Harddisk0\DR0\Partition1
14:19:27.0889 5108 \Device\Harddisk0\DR0\Partition1 - ok
14:19:27.0920 5108 Boot (0x1200) (a5a99d6f413636149c2c4e9d56e9b922) \Device\Harddisk0\DR0\Partition2
14:19:27.0951 5108 \Device\Harddisk0\DR0\Partition2 - ok
14:19:27.0951 5108 ============================================================
14:19:27.0951 5108 Scan finished
14:19:27.0951 5108 ============================================================
14:19:27.0982 4276 Detected object count: 1
14:19:27.0982 4276 Actual detected object count: 1
14:20:12.0099 4276 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.a ) - will be cured on reboot
14:20:12.0099 4276 \Device\Harddisk0\DR0 - ok
14:20:12.0115 4276 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.a ) - User select action: Cure
14:20:17.0372 3880 Deinitialize success




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users