Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojan horse Crypt.ANVH


  • Please log in to reply
50 replies to this topic

#1 DSpell200

DSpell200

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:03:49 AM

Posted 21 January 2012 - 02:29 PM

okay I was playing an online MMORPG and suddenly I get a threat detected window from my AVG. I had a trojan get at this driver about a month ago and used a system restore to a prior update, scanned my computer with both AVG and Malwarebytes and until recently I didn't have any issue with this driver. HELP?

I went ahead and used virus total, here's the results:

SHA256: a335513a7b8f9f59901fcb94d85fa944f2c7c3ac0c6402d36392f312c095f9ed
SHA1: 89095e94e44382c1f3e24b2d0c4013e6226734fe
MD5: ac621328d0ae811ae9ee4d31b493d500
File size: 76.5 KB ( 78336 bytes )
File type: Win32 DLL
Detection ratio: 25 / 43
Analysis date: 2012-01-21 19:21:45 UTC ( 1 minute ago )

AhnLab-V3 - 20120121
AntiVir TR/Offend.kdv.511605.1 20120120
Antiy-AVL Trojan/Win32.Genome.gen 20120120
Avast Win32:Aluroot-B [Rtk] 20120121
AVG Crypt.ANVH 20120121
BitDefender Trojan.Generic.KDV.510347 20120121
ByteHero - 20120111
CAT-QuickHeal - 20120121
ClamAV - 20120121
Commtouch - 20120120
Comodo UnclassifiedMalware 20120120
DrWeb - 20120121
Emsisoft Trojan.Crypt!IK 20120121
eSafe Win32.Trojan 20120120
eTrust-Vet Win32/FakeAV.USJ 20120121
F-Prot - 20120120
F-Secure Trojan.Generic.KDV.510347 20120121
Fortinet W32/ZAccess.K!tr.rkit 20120121
GData Trojan.Generic.KDV.510347 20120121
Ikarus Trojan.Crypt 20120121
Jiangmin - 20120121
K7AntiVirus Riskware 20120120
Kaspersky Virus.Win32.ZAccess.k 20120121
McAfee Generic.grp!fj 20120121
McAfee-GW-Edition Generic.grp!fj 20120120
Microsoft - 20120121
NOD32 Win32/Sirefef.DA 20120121
Norman W32/Suspicious_Gen5.CFME 20120121
nProtect - 20120121
Panda Generic Trojan 20120121
PCTools - 20120121
Prevx - 20120121
Rising - 20120118
Sophos - 20120121
SUPERAntiSpyware Trojan.Agent/Gen-Sirefef 20120121
Symantec WS.Reputation.1 20120121
TheHacker Trojan/Kryptik.hd 20120120
TrendMicro - 20120121
TrendMicro-HouseCall - 20120121
VBA32 - 20120120
VIPRE Trojan.Win32.Generic!BT 20120121
ViRobot - 20120121
VirusBuster Rootkit.Kryptik!UVQoyqDivNY 20120120

Edited by DSpell200, 21 January 2012 - 04:06 PM.


BC AdBot (Login to Remove)

 


#2 DSpell200

DSpell200
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:03:49 AM

Posted 21 January 2012 - 04:04 PM

oops, wrong forum to post in sorry about that.

#3 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,707 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:02:49 AM

Posted 21 January 2012 - 10:48 PM

Welcome aboard Posted Image

Download Security Check from HERE, and save it to your Desktop.

* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.

=============================================================================

Please download Farbar Service Scanner and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

====================================================================================

Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size
Click Go and post the result.

=============================================================================

Download Malwarebytes' Anti-Malware (aka MBAM): https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/ to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

=============================================================================

Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
Click the "Scan" button to start scan.
On completion of the scan click "Save log", save it to your desktop and post in your next reply.

NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#4 DSpell200

DSpell200
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:03:49 AM

Posted 22 January 2012 - 01:07 AM

I'll start up on this tomorrow after work - I presume I should scan with each program one at a time?

#5 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,707 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:02:49 AM

Posted 22 January 2012 - 02:40 PM

Yes.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#6 DSpell200

DSpell200
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:03:49 AM

Posted 22 January 2012 - 05:38 PM

Results of screen317's Security Check version 0.99.24
Windows 7 x86 (UAC is enabled)
Internet Explorer 8 Out of date!
``````````````````````````````
Antivirus/Firewall Check:

Windows Security Center service is not running! This report may not be accurate!
AVG 2012
AVG Security Toolbar
AVG 2012
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

Java™ 6 Update 14
Out of date Java installed!
````````````````````````````````
Process Check:
objlist.exe by Laurent

AVG avgwdsvc.exe
AVG avgtray.exe
AVG avgrsx.exe
AVG avgnsx.exe
AVG avgemc.exe
``````````End of Log````````````


=======================

Farbar Service Scanner Version: 18-01-2012 01
Ran by tjgagner (administrator) on 22-01-2012 at 16:28:51
Microsoft Windows 7 Home Premium (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============
MpsSvc Service is not running. Checking service configuration:
Checking Start type: Attention! Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: Attention! Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: Attention! Unable to open MpsSvc registry key. The service key does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: Attention! Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: Attention! Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: Attention! Unable to open bfe registry key. The service key does not exist.

mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.


Firewall Disabled Policy:
==================


System Restore:
============
SDRSVC Service is not running. Checking service configuration:
The start type of SDRSVC service is OK.
The ImagePath of SDRSVC service is OK.
The ServiceDll of SDRSVC service is OK.

VSS Service is not running. Checking service configuration:
The start type of VSS service is OK.
The ImagePath of VSS service is OK.


System Restore Disabled Policy:
========================


Security Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: Attention! Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: Attention! Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: Attention! Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
===========

File Check:
========
C:\windows\system32\nsisvc.dll => MD5 is legit
C:\windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\windows\system32\dhcpcore.dll => MD5 is legit
C:\windows\system32\Drivers\afd.sys => MD5 is legit
C:\windows\system32\Drivers\tdx.sys => MD5 is legit
C:\windows\system32\Drivers\tcpip.sys
[2011-11-08 17:31] - [2011-09-29 09:43] - 1285488 ____A (Microsoft Corporation) 56C198AC82EFA622DD93E9E43575F79C

C:\windows\system32\dnsrslvr.dll
[2011-04-12 12:53] - [2011-03-02 23:29] - 0132608 ____A (Microsoft Corporation) B15BE77A2BACF9C3177D27518AFE26A9

C:\windows\system32\mpssvc.dll
[2009-07-13 17:53] - [2009-07-13 19:15] - 0565760 ____A (Microsoft Corporation) 5CD996CECF45CBC3E8D109C86B82D69E

C:\windows\system32\bfe.dll
[2009-07-13 17:54] - [2009-07-13 19:14] - 0493568 ____A (Microsoft Corporation) 85AC71C045CEB054ED48A7841AAE0C11

C:\windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\windows\system32\SDRSVC.dll
[2009-07-13 17:23] - [2009-07-13 19:16] - 0125952 ____A (Microsoft Corporation) 5FD90ABDBFAEE85986802622CBB03446

C:\windows\system32\vssvc.exe
[2009-07-13 17:24] - [2009-07-13 19:14] - 1025536 ____A (Microsoft Corporation) 7EA2BCD94D9CFAF4C556F5CC94532A6C

C:\windows\system32\wscsvc.dll
[2011-02-09 18:53] - [2010-12-20 23:38] - 0073728 ____A (Microsoft Corporation) A661A76333057B383A06E65F0073222F

C:\windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\windows\system32\wuaueng.dll
[2009-07-13 18:15] - [2009-07-13 19:16] - 1912832 ____A (Microsoft Corporation) A33408CC036F9C08142B11BE5E93F0A1

C:\windows\system32\qmgr.dll
[2009-07-13 17:30] - [2009-07-13 19:16] - 0589312 ____A (Microsoft Corporation) 53F476476F55A27F580661BDE09C4EC4

C:\windows\system32\es.dll => MD5 is legit
C:\windows\system32\cryptsvc.dll
[2009-07-13 17:33] - [2009-07-13 19:15] - 0135680 ____A (Microsoft Corporation) 9C231178CE4FB385F4B54B0A9080B8A4

C:\windows\system32\svchost.exe => MD5 is legit
C:\windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

==========================

MiniToolBox by Farbar Version: 18-01-2012
Ran by tjgagner (administrator) on 22-01-2012 at 16:36:49
Microsoft Windows 7 Home Premium (X86)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.
Hosts file not detected in the default directory
========================= IP Configuration: ================================

Realtek RTL8187SE Wireless LAN PCIE Network Adapter = Wireless Network Connection (Connected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : tjgagner-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek RTL8187SE Wireless LAN PCIE Network Adapter
Physical Address. . . . . . . . . : 00-26-B6-3D-95-0C
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::848b:f85a:74da:8ee4%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.3(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Sunday, January 22, 2012 4:12:05 PM
Lease Expires . . . . . . . . . . : Monday, January 23, 2012 4:12:12 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 301999798
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-86-36-AF-00-26-6C-31-EA-74
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : ks.cox.net
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : 00-26-6C-31-EA-74
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{17F12823-A3E7-40F0-9851-8DE4DF032126}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter 6TO4 Adapter:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.ks.cox.net:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 192.168.1.1

Name: google.com
Addresses: 74.125.227.49
74.125.227.50
74.125.227.51
74.125.227.52
74.125.227.48


Pinging google.com [74.125.227.48] with 32 bytes of data:
Reply from 74.125.227.48: bytes=32 time=31ms TTL=56
Reply from 74.125.227.48: bytes=32 time=33ms TTL=56

Ping statistics for 74.125.227.48:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 31ms, Maximum = 33ms, Average = 32ms
Server: UnKnown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 72.30.2.43
98.137.149.56
98.139.180.149
209.191.122.70


Pinging yahoo.com [209.191.122.70] with 32 bytes of data:
Reply from 209.191.122.70: bytes=32 time=54ms TTL=55
Reply from 209.191.122.70: bytes=32 time=48ms TTL=55

Ping statistics for 209.191.122.70:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 48ms, Maximum = 54ms, Average = 51ms
Server: UnKnown
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Request timed out.
Request timed out.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
12...00 26 b6 3d 95 0c ......Realtek RTL8187SE Wireless LAN PCIE Network Adapter
11...00 26 6c 31 ea 74 ......Realtek PCIe FE Family Controller
1...........................Software Loopback Interface 1
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
13...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
15...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.3 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.3 281
192.168.1.3 255.255.255.255 On-link 192.168.1.3 281
192.168.1.255 255.255.255.255 On-link 192.168.1.3 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.3 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.3 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
12 281 fe80::/64 On-link
12 281 fe80::848b:f85a:74da:8ee4/128
On-link
1 306 ff00::/8 On-link
12 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
Catalog5 02 mswsock.dll [File Not found] ()
Catalog5 03 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog9 01 mswsock.dll [File Not found] ()
Catalog9 02 mswsock.dll [File Not found] ()
Catalog9 03 mswsock.dll [File Not found] ()
Catalog9 04 mswsock.dll [File Not found] ()
Catalog9 05 mswsock.dll [File Not found] ()
Catalog9 06 mswsock.dll [File Not found] ()
Catalog9 07 mswsock.dll [File Not found] ()
Catalog9 08 mswsock.dll [File Not found] ()
Catalog9 09 mswsock.dll [File Not found] ()
Catalog9 10 mswsock.dll [File Not found] ()
Catalog9 11 mswsock.dll [File Not found] ()
Catalog9 12 mswsock.dll [File Not found] ()
Catalog9 13 mswsock.dll [File Not found] ()
Catalog9 14 mswsock.dll [File Not found] ()
Catalog9 15 mswsock.dll [File Not found] ()
Catalog9 16 mswsock.dll [File Not found] ()
Catalog9 17 mswsock.dll [File Not found] ()
Catalog9 18 mswsock.dll [File Not found] ()
Catalog9 19 mswsock.dll [File Not found] ()
Catalog9 20 mswsock.dll [File Not found] ()
Catalog9 21 mswsock.dll [File Not found] ()
Catalog9 22 mswsock.dll [File Not found] ()
Catalog9 23 mswsock.dll [File Not found] ()
Catalog9 24 mswsock.dll [File Not found] ()
Catalog9 25 mswsock.dll [File Not found] ()
Catalog9 26 mswsock.dll [File Not found] ()
Catalog9 27 mswsock.dll [File Not found] ()
Catalog9 28 mswsock.dll [File Not found] ()

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/20/2012 10:55:13 PM) (Source: Application Hang) (User: )
Description: The program MapleStory.exe version 1.0.0.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 10e8

Start Time: 01ccd7f7fe663bf3

Termination Time: 14

Application Path: C:\Nexon\MapleStory\MapleStory.exe

Report Id: 1620909b-43ec-11e1-abff-00266c31ea74

Error: (01/20/2012 03:42:08 AM) (Source: Application Error) (User: )
Description: Faulting application name: MapleStory.exe, version: 1.0.0.1, time stamp: 0x4f16869d
Faulting module name: MapleStory.exe, version: 1.0.0.1, time stamp: 0x4f16869d
Exception code: 0xc0000005
Fault offset: 0x007a5c96
Faulting process id: 0x101c
Faulting application start time: 0xMapleStory.exe0
Faulting application path: MapleStory.exe1
Faulting module path: MapleStory.exe2
Report Id: MapleStory.exe3

Error: (01/15/2012 04:11:53 PM) (Source: Software Protection Platform Service) (User: )
Description: Acquisition of genuine ticket failed (hr=0x80072EE7) for template Id 66c92734-d682-4d71-983e-d6ec3f16059f

Error: (01/15/2012 04:11:53 PM) (Source: Software Protection Platform Service) (User: )
Description: License acquisition failure details.
hr=0x80072EE7

Error: (01/13/2012 01:12:06 AM) (Source: Application Error) (User: )
Description: Faulting application name: ping.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc964
Faulting module name: ntdll.dll, version: 6.1.7600.16915, time stamp: 0x4ec49caf
Exception code: 0xc0000374
Fault offset: 0x000c33bb
Faulting process id: 0x1ca0
Faulting application start time: 0xping.exe0
Faulting application path: ping.exe1
Faulting module path: ping.exe2
Report Id: ping.exe3

Error: (01/12/2012 04:19:48 PM) (Source: Application Error) (User: )
Description: Faulting application name: ping.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc964
Faulting module name: jvm.dll, version: 14.0.0.16, time stamp: 0x4a15ac93
Exception code: 0xc0000005
Fault offset: 0x001d1516
Faulting process id: 0x196c
Faulting application start time: 0xping.exe0
Faulting application path: ping.exe1
Faulting module path: ping.exe2
Report Id: ping.exe3

Error: (01/12/2012 04:04:07 PM) (Source: Application Error) (User: )
Description: Faulting application name: oiu0.6221899964331804.exe, version: 5.1.2522.0, time stamp: 0x4b1174cb
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x003018b4
Faulting process id: 0x138c
Faulting application start time: 0xoiu0.6221899964331804.exe0
Faulting application path: oiu0.6221899964331804.exe1
Faulting module path: oiu0.6221899964331804.exe2
Report Id: oiu0.6221899964331804.exe3

Error: (01/12/2012 03:58:45 PM) (Source: TOSHIBA Service Station) (User: )
Description: The following module failed to stop processing: Alerts. Error: Operation failed.

Error: (01/05/2012 03:50:00 PM) (Source: Lavasoft Ad-Aware Service) (User: )
Description: Only one instance of service process is allowed.

Error: (01/03/2012 00:28:00 PM) (Source: Application Error) (User: )
Description: Faulting application name: MapleStory.exe, version: 1.0.0.1, time stamp: 0x4edfa022
Faulting module name: MapleStory.exe, version: 1.0.0.1, time stamp: 0x4edfa022
Exception code: 0xc0000005
Fault offset: 0x007a5256
Faulting process id: 0x12a4
Faulting application start time: 0xMapleStory.exe0
Faulting application path: MapleStory.exe1
Faulting module path: MapleStory.exe2
Report Id: MapleStory.exe3


System errors:
=============
Error: (01/22/2012 04:22:00 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Listener service terminated with service-specific error %%-2147023143.

Error: (01/22/2012 04:12:20 PM) (Source: Microsoft-Windows-DNS-Client) (User: NETWORK SERVICE)
Description: There was an error while attempting to read the local hosts file.

Error: (01/22/2012 04:12:03 PM) (Source: Microsoft-Windows-DNS-Client) (User: NETWORK SERVICE)
Description: There was an error while attempting to read the local hosts file.

Error: (01/22/2012 04:12:02 PM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

Error: (01/22/2012 04:12:01 PM) (Source: Service Control Manager) (User: )
Description: The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

Error: (01/22/2012 04:12:00 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (01/22/2012 04:12:00 PM) (Source: Microsoft-Windows-DNS-Client) (User: NETWORK SERVICE)
Description: There was an error while attempting to read the local hosts file.

Error: (01/22/2012 04:11:52 PM) (Source: atikmdag) (User: )
Description: Display is not active

Error: (01/22/2012 04:11:52 PM) (Source: atikmdag) (User: )
Description: CPLIB :: General - Invalid Parameter

Error: (01/21/2012 01:20:32 PM) (Source: DCOM) (User: tjgagner)
Description: application-specificLocalActivation{D3DCB472-7261-43CE-924B-0704BD730D5F}{D3DCB472-7261-43CE-924B-0704BD730D5F}tjgagner-PCtjgagnerS-1-5-21-2810614227-4013714154-1567490593-1001LocalHost (Using LRPC)


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

7-Zip 4.65
Acrobat.com (Version: 2.0.0)
Acrobat.com (Version: 2.0.0.0)
Action Replay Code Manager
Adobe AIR (Version: 1.5.3.9130)
Adobe Flash Player 11 ActiveX (Version: 11.1.102.55)
Adobe Reader 9.4.4 (Version: 9.4.4)
AIM 7
AIM Toolbar
ATI Catalyst Install Manager (Version: 3.0.732.0)
Audacity 1.3.12 (Unicode)
AVG 2012 (Version: 12.0.1901)
AVG 2012 (Version: 12.0.2109)
AVG 2012 (Version: 2012.0.1901)
AVG Security Toolbar (Version: 10.0.0.7)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2009.0729.2238.38827)
Catalyst Control Center Graphics Full Existing (Version: 2009.0729.2238.38827)
Catalyst Control Center Graphics Full New (Version: 2009.0729.2238.38827)
Catalyst Control Center Graphics Light (Version: 2009.0729.2238.38827)
Catalyst Control Center Graphics Previews Common (Version: 2009.0729.2238.38827)
Catalyst Control Center Graphics Previews Vista (Version: 2009.0729.2238.38827)
Catalyst Control Center InstallProxy (Version: 2009.0729.2238.38827)
Catalyst Control Center Localization All (Version: 2009.0729.2238.38827)
ccc-core-static (Version: 2009.0729.2238.38827)
ccc-utility (Version: 2009.0729.2238.38827)
CCC Help Chinese Standard (Version: 2009.0729.2237.38827)
CCC Help Chinese Traditional (Version: 2009.0729.2237.38827)
CCC Help Czech (Version: 2009.0729.2237.38827)
CCC Help Danish (Version: 2009.0729.2237.38827)
CCC Help Dutch (Version: 2009.0729.2237.38827)
CCC Help English (Version: 2009.0729.2237.38827)
CCC Help Finnish (Version: 2009.0729.2237.38827)
CCC Help French (Version: 2009.0729.2237.38827)
CCC Help German (Version: 2009.0729.2237.38827)
CCC Help Greek (Version: 2009.0729.2237.38827)
CCC Help Hungarian (Version: 2009.0729.2237.38827)
CCC Help Italian (Version: 2009.0729.2237.38827)
CCC Help Japanese (Version: 2009.0729.2237.38827)
CCC Help Korean (Version: 2009.0729.2237.38827)
CCC Help Norwegian (Version: 2009.0729.2237.38827)
CCC Help Polish (Version: 2009.0729.2237.38827)
CCC Help Portuguese (Version: 2009.0729.2237.38827)
CCC Help Russian (Version: 2009.0729.2237.38827)
CCC Help Spanish (Version: 2009.0729.2237.38827)
CCC Help Swedish (Version: 2009.0729.2237.38827)
CCC Help Thai (Version: 2009.0729.2237.38827)
CCC Help Turkish (Version: 2009.0729.2237.38827)
Compatibility Pack for the 2007 Office system (Version: 12.0.6425.1000)
Download Updater (AOL LLC)
Free Audio CD Burner version 1.4.7
Free DVD Video Burner version 2.1
Free Video to DVD Converter version 1.4
Free Video to MP3 Converter version 4.0
Free YouTube Download version 3.0.16.923
Free YouTube to iPod Converter version 3.10.11.923
Free YouTube to MP3 Converter version 3.10.14.1206
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.2.2427.2330)
Google Update Helper (Version: 1.3.21.79)
Java™ 6 Update 14 (Version: 6.0.140)
Junk Mail filter update (Version: 14.0.8089.726)
Label@Once 1.0 (Version: 1.0)
LAME v3.98.3 for Audacity
Lexmark 4200 Series
LSI V92 MOH Application
Malwarebytes Anti-Malware version 1.60.0.1800 (Version: 1.60.0.1800)
MapleStory
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Home and Student 2007 (Version: 12.0.6425.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6425.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Suite Activation Assistant (Version: 2.9)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Silverlight (Version: 4.0.60831.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft VC9 runtime libraries (Version: 2.0.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Works (Version: 9.7.0621)
Microsoft XNA Framework Redistributable 4.0 (Version: 4.0.20823.0)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
MyToshiba (Version: 2.2.0.3)
NetZero Launcher (Version: 2.01)
Nexon Game Manager
Pando Media Booster (Version: 2.3.5.6)
PlayReady PC Runtime x86 (Version: 1.3.0)
Quickbooks Financial Center (Version: 2.02)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer
Realtek Ethernet Controller Driver (Version: 1.00.0008)
Realtek High Definition Audio Driver (Version: 6.0.1.5904)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30101)
Realtek WLAN Driver (Version: 2.00.0006)
RealUpgrade 1.1 (Version: 1.1.0)
Scrabble3D (Version: 3.1.0.23)
Skype Launcher (Version: 2.01)
Synaptics Pointing Device Driver (Version: 13.2.6.1)
Toshiba Application and Driver Installer (Version: 9.0.0.9)
TOSHIBA Assist (Version: 2.01.11)
TOSHIBA ConfigFree (Version: 8.0.21)
TOSHIBA Disc Creator (Version: 2.1.0.1)
TOSHIBA DVD PLAYER (Version: 3.01.0.07-A)
TOSHIBA eco Utility (Version: 1.1.7.0)
TOSHIBA Extended Tiles for Windows Mobility Center (Version: 1.01.00)
TOSHIBA Face Recognition (Version: 3.1.0.32)
TOSHIBA Hardware Setup (Version: 2.00.11)
TOSHIBA HDD/SSD Alert (Version: 3.1.0.0)
TOSHIBA Internal Modem Region Select Utility (Version: 2.3.0.01)
Toshiba Online Backup (Version: 1.2.0.35)
TOSHIBA PC Health Monitor (Version: 1.4.1.0)
Toshiba Quality Application (Version: 1.001.0000)
TOSHIBA Recovery Media Creator (Version: 2.1.0.2)
TOSHIBA Service Station (Version: 2.1.33)
TOSHIBA Software Modem (Version: 2.2.97)
TOSHIBA Speech System Applications (Version: 1.00.2518)
TOSHIBA Speech System SR Engine(U.S.) Version1.0
TOSHIBA Speech System TTS Engine(U.S.) Version1.0
TOSHIBA Supervisor Password (Version: 2.00.09)
TOSHIBA Value Added Package (Version: 1.2.26)
TOSHIBA Web Camera Application (Version: 1.1.1.4)
ToshibaRegistration (Version: 1.0.3)
Uninstall 1.0.0.1
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
WildTangent Games (Version: 1.0.0.71)
Winamp (Version: 5.62 )
Winamp Detector Plug-in (Version: 1.0.0.1)
Winamp Toolbar
Windows Live Call (Version: 14.0.8064.0206)
Windows Live Communications Platform (Version: 14.0.8098.930)
Windows Live Essentials (Version: 14.0.8089.0726)
Windows Live Essentials (Version: 14.0.8089.726)
Windows Live Mail (Version: 14.0.8089.0726)
Windows Live Messenger (Version: 14.0.8089.0726)
Windows Live Movie Maker (Version: 14.0.8091.0730)
Windows Live Photo Gallery (Version: 14.0.8081.709)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8089.0726)
Yugioh Virtual Dueling (Version: 9.0)

========================= Memory info: ===================================

Percentage of memory in use: 34%
Total physical RAM: 2812.17 MB
Available physical RAM: 1846.95 MB
Total Pagefile: 5622.61 MB
Available Pagefile: 4346.91 MB
Total Virtual: 2047.88 MB
Available Virtual: 1941.8 MB

========================= Partitions: =====================================

1 Drive c: (TI103426W0D) (Fixed) (Total:288.71 GB) (Free:188.27 GB) NTFS

========================= Users: ========================================

User accounts for \\TJGAGNER-PC

Administrator Guest tjgagner


**** End of log ****

#7 DSpell200

DSpell200
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:03:49 AM

Posted 22 January 2012 - 05:53 PM

Malwarebytes Anti-Malware 1.60.0.1800
www.malwarebytes.org

Database version: v2012.01.22.04

Windows 7 x86 NTFS
Internet Explorer 8.0.7600.16385
tjgagner :: TJGAGNER-PC [administrator]

1/22/2012 4:40:01 PM
mbam-log-2012-01-22 (16-40-01).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 181106
Time elapsed: 9 minute(s), 30 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 2
C:\Users\tjgagner\AppData\Local\Temp\vrm.dll (Trojan.FakeMS) -> Quarantined and deleted successfully.
C:\Users\tjgagner\AppData\Local\Temp\nhwzxrzbwy (Trojan.FakeMS) -> Quarantined and deleted successfully.

(end)


==========================

I'll edit this post with other scans after I reboot. Also - as soon as malwarebytes started scanning my avg resident shield popped up alerting me of the Trojan horse Crypt.ANVH (if that helps any).

==============================

aswMBR version 0.9.9.1297 Copyright© 2011 AVAST Software
Run date: 2012-01-22 17:02:36
-----------------------------
17:02:36.593 OS Version: Windows 6.1.7600
17:02:36.593 Number of processors: 2 586 0x602
17:02:36.593 ComputerName: TJGAGNER-PC UserName: tjgagner
17:03:06.982 Initialize success
17:03:48.109 AVAST engine defs: 12012201
17:03:55.894 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1
17:03:55.894 Disk 0 Vendor: TOSHIBA_MK3263GSX FG020M Size: 305245MB BusType: 11
17:03:55.909 Disk 0 MBR read successfully
17:03:55.925 Disk 0 MBR scan
17:03:55.941 Disk 0 Windows VISTA default MBR code
17:03:55.941 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 1500 MB offset 2048
17:03:55.972 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 295636 MB offset 3074048
17:03:56.019 Disk 0 Partition 3 00 17 Hidd HPFS/NTFS NTFS 8108 MB offset 608536576
17:03:56.065 Disk 0 scanning sectors +625141760
17:03:56.159 Disk 0 scanning C:\windows\system32\drivers
17:03:58.624 File: C:\windows\system32\drivers\dfsc.sys **INFECTED** Win32:Aluroot-B [Rtk]
17:04:09.263 Disk 0 trace - called modules:
17:04:09.279 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS PCIIDEX.SYS msahci.sys
17:04:09.794 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x860bf030]
17:04:09.809 3 CLASSPNP.SYS[8ae0459e] -> nt!IofCallDriver -> [0x861b8c10]
17:04:09.825 5 ACPI.sys[8a9ae3b2] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-1[0x861b8030]
17:04:13.553 AVAST engine scan C:\windows
17:04:16.533 AVAST engine scan C:\windows\system32
17:05:52.894 AVAST engine scan C:\windows\system32\drivers
17:05:55.203 File: C:\windows\system32\drivers\dfsc.sys **INFECTED** Win32:Aluroot-B [Rtk]
17:06:05.530 AVAST engine scan C:\Users\tjgagner
17:08:58.878 Disk 0 MBR has been saved successfully to "C:\Users\tjgagner\Desktop\MBR.dat"
17:08:58.909 The log file has been saved successfully to "C:\Users\tjgagner\Desktop\aswMBR.txt"

Edited by DSpell200, 22 January 2012 - 06:09 PM.


#8 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,707 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:02:49 AM

Posted 22 January 2012 - 06:01 PM

Don't edit.
I'm not getting any email notification about editing.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#9 DSpell200

DSpell200
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:03:49 AM

Posted 22 January 2012 - 06:11 PM

oh, well I just did the edit, but I'll post the last scan (the one after the MBAM scan) again:

aswMBR version 0.9.9.1297 Copyright© 2011 AVAST Software
Run date: 2012-01-22 17:02:36
-----------------------------
17:02:36.593 OS Version: Windows 6.1.7600
17:02:36.593 Number of processors: 2 586 0x602
17:02:36.593 ComputerName: TJGAGNER-PC UserName: tjgagner
17:03:06.982 Initialize success
17:03:48.109 AVAST engine defs: 12012201
17:03:55.894 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1
17:03:55.894 Disk 0 Vendor: TOSHIBA_MK3263GSX FG020M Size: 305245MB BusType: 11
17:03:55.909 Disk 0 MBR read successfully
17:03:55.925 Disk 0 MBR scan
17:03:55.941 Disk 0 Windows VISTA default MBR code
17:03:55.941 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 1500 MB offset 2048
17:03:55.972 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 295636 MB offset 3074048
17:03:56.019 Disk 0 Partition 3 00 17 Hidd HPFS/NTFS NTFS 8108 MB offset 608536576
17:03:56.065 Disk 0 scanning sectors +625141760
17:03:56.159 Disk 0 scanning C:\windows\system32\drivers
17:03:58.624 File: C:\windows\system32\drivers\dfsc.sys **INFECTED** Win32:Aluroot-B [Rtk]
17:04:09.263 Disk 0 trace - called modules:
17:04:09.279 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS PCIIDEX.SYS msahci.sys
17:04:09.794 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x860bf030]
17:04:09.809 3 CLASSPNP.SYS[8ae0459e] -> nt!IofCallDriver -> [0x861b8c10]
17:04:09.825 5 ACPI.sys[8a9ae3b2] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-1[0x861b8030]
17:04:13.553 AVAST engine scan C:\windows
17:04:16.533 AVAST engine scan C:\windows\system32
17:05:52.894 AVAST engine scan C:\windows\system32\drivers
17:05:55.203 File: C:\windows\system32\drivers\dfsc.sys **INFECTED** Win32:Aluroot-B [Rtk]
17:06:05.530 AVAST engine scan C:\Users\tjgagner
17:08:58.878 Disk 0 MBR has been saved successfully to "C:\Users\tjgagner\Desktop\MBR.dat"
17:08:58.909 The log file has been saved successfully to "C:\Users\tjgagner\Desktop\aswMBR.txt"

#10 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,707 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:02:49 AM

Posted 22 January 2012 - 06:32 PM

Download TDSSKiller and save it to your desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#11 DSpell200

DSpell200
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:03:49 AM

Posted 22 January 2012 - 06:38 PM

17:36:43.0625 4324 TDSS rootkit removing tool 2.7.6.0 Jan 19 2012 13:09:04
17:36:43.0953 4324 ============================================================
17:36:43.0953 4324 Current date / time: 2012/01/22 17:36:43.0953
17:36:43.0953 4324 SystemInfo:
17:36:43.0953 4324
17:36:43.0953 4324 OS Version: 6.1.7600 ServicePack: 0.0
17:36:43.0953 4324 Product type: Workstation
17:36:43.0953 4324 ComputerName: TJGAGNER-PC
17:36:43.0953 4324 UserName: tjgagner
17:36:43.0953 4324 Windows directory: C:\windows
17:36:43.0953 4324 System windows directory: C:\windows
17:36:43.0953 4324 Processor architecture: Intel x86
17:36:43.0953 4324 Number of processors: 2
17:36:43.0953 4324 Page size: 0x1000
17:36:43.0953 4324 Boot type: Normal boot
17:36:43.0953 4324 ============================================================
17:36:45.0607 4324 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
17:36:45.0638 4324 Initialize success
17:36:53.0781 5708 ============================================================
17:36:53.0781 5708 Scan started
17:36:53.0781 5708 Mode: Manual;
17:36:53.0781 5708 ============================================================
17:36:56.0215 5708 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\windows\system32\DRIVERS\1394ohci.sys
17:36:56.0215 5708 1394ohci - ok
17:36:56.0355 5708 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\windows\system32\DRIVERS\ACPI.sys
17:36:56.0355 5708 ACPI - ok
17:36:56.0464 5708 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\windows\system32\DRIVERS\acpipmi.sys
17:36:56.0464 5708 AcpiPmi - ok
17:36:56.0620 5708 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\windows\system32\DRIVERS\adp94xx.sys
17:36:56.0620 5708 adp94xx - ok
17:36:56.0761 5708 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\windows\system32\DRIVERS\adpahci.sys
17:36:56.0776 5708 adpahci - ok
17:36:56.0901 5708 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\windows\system32\DRIVERS\adpu320.sys
17:36:56.0901 5708 adpu320 - ok
17:36:57.0057 5708 AFD (0db7a48388d54d154ebec120461a0fcd) C:\windows\system32\drivers\afd.sys
17:36:57.0057 5708 AFD - ok
17:36:57.0197 5708 AgereSoftModem (07758c2196a62f207f77556311e7459a) C:\windows\system32\DRIVERS\AGRSM.sys
17:36:57.0213 5708 AgereSoftModem - ok
17:36:57.0322 5708 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\windows\system32\DRIVERS\agp440.sys
17:36:57.0322 5708 agp440 - ok
17:36:57.0416 5708 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\windows\system32\DRIVERS\djsvs.sys
17:36:57.0416 5708 aic78xx - ok
17:36:57.0587 5708 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\windows\system32\DRIVERS\aliide.sys
17:36:57.0587 5708 aliide - ok
17:36:57.0759 5708 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\windows\system32\DRIVERS\amdagp.sys
17:36:57.0775 5708 amdagp - ok
17:36:57.0884 5708 amdide (cd5914170297126b6266860198d1d4f0) C:\windows\system32\DRIVERS\amdide.sys
17:36:57.0884 5708 amdide - ok
17:36:57.0993 5708 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\windows\system32\DRIVERS\amdk8.sys
17:36:57.0993 5708 AmdK8 - ok
17:36:58.0118 5708 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\windows\system32\DRIVERS\amdppm.sys
17:36:58.0118 5708 AmdPPM - ok
17:36:58.0258 5708 amdsata (19ce906b4cdc11fc4fef5745f33a63b6) C:\windows\system32\drivers\amdsata.sys
17:36:58.0258 5708 amdsata - ok
17:36:58.0383 5708 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\windows\system32\DRIVERS\amdsbs.sys
17:36:58.0399 5708 amdsbs - ok
17:36:58.0508 5708 amdxata (869e67d66be326a5a9159fba8746fa70) C:\windows\system32\drivers\amdxata.sys
17:36:58.0508 5708 amdxata - ok
17:36:58.0633 5708 AppID (feb834c02ce1e84b6a38f953ca067706) C:\windows\system32\drivers\appid.sys
17:36:58.0633 5708 AppID - ok
17:36:58.0789 5708 arc (2932004f49677bd84dbc72edb754ffb3) C:\windows\system32\DRIVERS\arc.sys
17:36:58.0789 5708 arc - ok
17:36:58.0804 5708 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\windows\system32\DRIVERS\arcsas.sys
17:36:58.0820 5708 arcsas - ok
17:36:58.0945 5708 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\windows\system32\DRIVERS\asyncmac.sys
17:36:58.0945 5708 AsyncMac - ok
17:36:59.0038 5708 atapi (338c86357871c167a96ab976519bf59e) C:\windows\system32\DRIVERS\atapi.sys
17:36:59.0038 5708 atapi - ok
17:36:59.0194 5708 athr (76bab0c824e2d05b940c4dd40a9b08bf) C:\windows\system32\DRIVERS\athr.sys
17:36:59.0210 5708 athr - ok
17:36:59.0444 5708 atikmdag (c97be8350fbcb1960b22fad2e6c2b514) C:\windows\system32\DRIVERS\atikmdag.sys
17:36:59.0584 5708 atikmdag - ok
17:36:59.0709 5708 AtiPcie (b73c832088dd54b55e04ff6f9646ad8c) C:\windows\system32\DRIVERS\AtiPcie.sys
17:36:59.0709 5708 AtiPcie - ok
17:36:59.0865 5708 AVGIDSDriver (f6878b90a8a9795116bce335238e65af) C:\windows\system32\DRIVERS\AVGIDSDriver.Sys
17:36:59.0881 5708 AVGIDSDriver - ok
17:37:00.0005 5708 AVGIDSEH (19a08a6728a6e02099d64268218cd799) C:\windows\system32\DRIVERS\AVGIDSEH.Sys
17:37:00.0005 5708 AVGIDSEH - ok
17:37:00.0130 5708 AVGIDSFilter (f8927ab1dd086edeff2924a64dc89869) C:\windows\system32\DRIVERS\AVGIDSFilter.Sys
17:37:00.0130 5708 AVGIDSFilter - ok
17:37:00.0239 5708 AVGIDSShim (dadca567891033dcf2ec4a3f9da46ae4) C:\windows\system32\DRIVERS\AVGIDSShim.Sys
17:37:00.0255 5708 AVGIDSShim - ok
17:37:00.0395 5708 Avgldx86 (bf8118cd5e2255387b715b534d64acd1) C:\windows\system32\DRIVERS\avgldx86.sys
17:37:00.0411 5708 Avgldx86 - ok
17:37:00.0551 5708 Avgmfx86 (1c77ef67f196466adc9924cb288afe87) C:\windows\system32\DRIVERS\avgmfx86.sys
17:37:00.0551 5708 Avgmfx86 - ok
17:37:00.0676 5708 Avgrkx86 (f2038ed7284b79dcef581468121192a9) C:\windows\system32\DRIVERS\avgrkx86.sys
17:37:00.0692 5708 Avgrkx86 - ok
17:37:00.0832 5708 Avgtdix (a6d562b612216d8d02a35ebeb92366bd) C:\windows\system32\DRIVERS\avgtdix.sys
17:37:00.0832 5708 Avgtdix - ok
17:37:01.0004 5708 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\windows\system32\DRIVERS\bxvbdx.sys
17:37:01.0004 5708 b06bdrv - ok
17:37:01.0129 5708 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\windows\system32\DRIVERS\b57nd60x.sys
17:37:01.0144 5708 b57nd60x - ok
17:37:01.0472 5708 Beep (505506526a9d467307b3c393dedaf858) C:\windows\system32\drivers\Beep.sys
17:37:01.0472 5708 Beep - ok
17:37:01.0565 5708 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\windows\system32\DRIVERS\blbdrive.sys
17:37:01.0581 5708 blbdrive - ok
17:37:01.0675 5708 bowser (9a5c671b7fbae4865149bb11f59b91b2) C:\windows\system32\DRIVERS\bowser.sys
17:37:01.0675 5708 bowser - ok
17:37:01.0737 5708 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\windows\system32\DRIVERS\BrFiltLo.sys
17:37:01.0737 5708 BrFiltLo - ok
17:37:01.0799 5708 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\windows\system32\DRIVERS\BrFiltUp.sys
17:37:01.0799 5708 BrFiltUp - ok
17:37:01.0909 5708 Brserid (845b8ce732e67f3b4133164868c666ea) C:\windows\System32\Drivers\Brserid.sys
17:37:01.0924 5708 Brserid - ok
17:37:02.0018 5708 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\windows\System32\Drivers\BrSerWdm.sys
17:37:02.0018 5708 BrSerWdm - ok
17:37:02.0111 5708 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\windows\System32\Drivers\BrUsbMdm.sys
17:37:02.0111 5708 BrUsbMdm - ok
17:37:02.0221 5708 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\windows\System32\Drivers\BrUsbSer.sys
17:37:02.0221 5708 BrUsbSer - ok
17:37:02.0314 5708 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\windows\system32\DRIVERS\bthmodem.sys
17:37:02.0314 5708 BTHMODEM - ok
17:37:02.0470 5708 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\windows\system32\DRIVERS\cdfs.sys
17:37:02.0470 5708 cdfs - ok
17:37:02.0595 5708 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\windows\system32\DRIVERS\cdrom.sys
17:37:02.0595 5708 cdrom - ok
17:37:02.0735 5708 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\windows\system32\DRIVERS\circlass.sys
17:37:02.0735 5708 circlass - ok
17:37:02.0813 5708 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\windows\system32\CLFS.sys
17:37:02.0829 5708 CLFS - ok
17:37:02.0969 5708 CmBatt (dea805815e587dad1dd2c502220b5616) C:\windows\system32\DRIVERS\CmBatt.sys
17:37:02.0969 5708 CmBatt - ok
17:37:03.0063 5708 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\windows\system32\DRIVERS\cmdide.sys
17:37:03.0079 5708 cmdide - ok
17:37:03.0172 5708 CNG (1b675691ed940766149c93e8f4488d68) C:\windows\system32\Drivers\cng.sys
17:37:03.0188 5708 CNG - ok
17:37:03.0328 5708 Compbatt (a6023d3823c37043986713f118a89bee) C:\windows\system32\DRIVERS\compbatt.sys
17:37:03.0328 5708 Compbatt - ok
17:37:03.0500 5708 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\windows\system32\DRIVERS\CompositeBus.sys
17:37:03.0500 5708 CompositeBus - ok
17:37:03.0718 5708 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\windows\system32\DRIVERS\crcdisk.sys
17:37:03.0718 5708 crcdisk - ok
17:37:03.0905 5708 discache (1a050b0274bfb3890703d490f330c0da) C:\windows\system32\drivers\discache.sys
17:37:03.0905 5708 discache - ok
17:37:04.0077 5708 Disk (565003f326f99802e68ca78f2a68e9ff) C:\windows\system32\DRIVERS\disk.sys
17:37:04.0077 5708 Disk - ok
17:37:04.0217 5708 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\windows\system32\drivers\drmkaud.sys
17:37:04.0217 5708 drmkaud - ok
17:37:04.0280 5708 DXGKrnl (1679a4669326cb1a67cc95658d273234) C:\windows\System32\drivers\dxgkrnl.sys
17:37:04.0295 5708 DXGKrnl - ok
17:37:04.0405 5708 EagleNT - ok
17:37:04.0561 5708 EagleXNt - ok
17:37:04.0810 5708 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\windows\system32\DRIVERS\evbdx.sys
17:37:04.0904 5708 ebdrv - ok
17:37:05.0060 5708 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\windows\system32\DRIVERS\elxstor.sys
17:37:05.0075 5708 elxstor - ok
17:37:05.0169 5708 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\windows\system32\DRIVERS\errdev.sys
17:37:05.0169 5708 ErrDev - ok
17:37:05.0294 5708 exfat (2dc9108d74081149cc8b651d3a26207f) C:\windows\system32\drivers\exfat.sys
17:37:05.0294 5708 exfat - ok
17:37:05.0403 5708 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\windows\system32\drivers\fastfat.sys
17:37:05.0403 5708 fastfat - ok
17:37:05.0528 5708 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\windows\system32\DRIVERS\fdc.sys
17:37:05.0528 5708 fdc - ok
17:37:05.0637 5708 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\windows\system32\drivers\fileinfo.sys
17:37:05.0637 5708 FileInfo - ok
17:37:05.0746 5708 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\windows\system32\drivers\filetrace.sys
17:37:05.0746 5708 Filetrace - ok
17:37:05.0840 5708 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\windows\system32\DRIVERS\flpydisk.sys
17:37:05.0840 5708 flpydisk - ok
17:37:05.0949 5708 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\windows\system32\drivers\fltmgr.sys
17:37:05.0949 5708 FltMgr - ok
17:37:06.0074 5708 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\windows\system32\drivers\FsDepends.sys
17:37:06.0074 5708 FsDepends - ok
17:37:06.0183 5708 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\windows\system32\drivers\Fs_Rec.sys
17:37:06.0183 5708 Fs_Rec - ok
17:37:06.0308 5708 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\windows\system32\DRIVERS\fvevol.sys
17:37:06.0308 5708 fvevol - ok
17:37:06.0433 5708 FwLnk (0f76e205bdc60364f08a5949082771ca) C:\windows\system32\DRIVERS\FwLnk.sys
17:37:06.0433 5708 FwLnk - ok
17:37:06.0542 5708 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\windows\system32\DRIVERS\gagp30kx.sys
17:37:06.0557 5708 gagp30kx - ok
17:37:06.0745 5708 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\windows\system32\drivers\hcw85cir.sys
17:37:06.0760 5708 hcw85cir - ok
17:37:06.0885 5708 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\windows\system32\drivers\HdAudio.sys
17:37:06.0901 5708 HdAudAddService - ok
17:37:06.0994 5708 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\windows\system32\DRIVERS\HDAudBus.sys
17:37:07.0010 5708 HDAudBus - ok
17:37:07.0103 5708 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\windows\system32\DRIVERS\HidBatt.sys
17:37:07.0103 5708 HidBatt - ok
17:37:07.0213 5708 HidBth (89448f40e6df260c206a193a4683ba78) C:\windows\system32\DRIVERS\hidbth.sys
17:37:07.0213 5708 HidBth - ok
17:37:07.0353 5708 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\windows\system32\DRIVERS\hidir.sys
17:37:07.0353 5708 HidIr - ok
17:37:07.0493 5708 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\windows\system32\DRIVERS\hidusb.sys
17:37:07.0493 5708 HidUsb - ok
17:37:07.0634 5708 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\windows\system32\DRIVERS\HpSAMD.sys
17:37:07.0634 5708 HpSAMD - ok
17:37:07.0743 5708 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\windows\system32\drivers\HTTP.sys
17:37:07.0759 5708 HTTP - ok
17:37:07.0852 5708 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\windows\system32\drivers\hwpolicy.sys
17:37:07.0852 5708 hwpolicy - ok
17:37:07.0977 5708 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\windows\system32\DRIVERS\i8042prt.sys
17:37:07.0977 5708 i8042prt - ok
17:37:08.0117 5708 iaStorV (71f1a494fedf4b33c02c4a6a28d6d9e9) C:\windows\system32\drivers\iaStorV.sys
17:37:08.0133 5708 iaStorV - ok
17:37:08.0258 5708 iirsp (4173ff5708f3236cf25195fecd742915) C:\windows\system32\DRIVERS\iirsp.sys
17:37:08.0258 5708 iirsp - ok
17:37:08.0507 5708 IntcAzAudAddService (e4a2e810cb2607c9c159c0dfb0bd4c88) C:\windows\system32\drivers\RTKVHDA.sys
17:37:08.0523 5708 IntcAzAudAddService - ok
17:37:08.0632 5708 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\windows\system32\DRIVERS\intelide.sys
17:37:08.0632 5708 intelide - ok
17:37:08.0757 5708 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\windows\system32\DRIVERS\intelppm.sys
17:37:08.0757 5708 intelppm - ok
17:37:08.0866 5708 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\windows\system32\DRIVERS\ipfltdrv.sys
17:37:08.0882 5708 IpFilterDriver - ok
17:37:08.0975 5708 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\windows\system32\DRIVERS\IPMIDrv.sys
17:37:08.0975 5708 IPMIDRV - ok
17:37:09.0085 5708 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\windows\system32\drivers\ipnat.sys
17:37:09.0085 5708 IPNAT - ok
17:37:09.0209 5708 IRENUM (42996cff20a3084a56017b7902307e9f) C:\windows\system32\drivers\irenum.sys
17:37:09.0209 5708 IRENUM - ok
17:37:09.0319 5708 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\windows\system32\DRIVERS\isapnp.sys
17:37:09.0319 5708 isapnp - ok
17:37:09.0428 5708 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\windows\system32\DRIVERS\msiscsi.sys
17:37:09.0428 5708 iScsiPrt - ok
17:37:09.0553 5708 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\windows\system32\DRIVERS\kbdclass.sys
17:37:09.0553 5708 kbdclass - ok
17:37:09.0709 5708 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\windows\system32\DRIVERS\kbdhid.sys
17:37:09.0709 5708 kbdhid - ok
17:37:09.0818 5708 KSecDD (e36a061ec11b373826905b21be10948f) C:\windows\system32\Drivers\ksecdd.sys
17:37:09.0818 5708 KSecDD - ok
17:37:09.0927 5708 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) C:\windows\system32\Drivers\ksecpkg.sys
17:37:09.0927 5708 KSecPkg - ok
17:37:10.0052 5708 Lavasoft Kernexplorer - ok
17:37:10.0177 5708 Lbd (336abe8721cbc3110f1c6426da633417) C:\windows\system32\DRIVERS\Lbd.sys
17:37:10.0177 5708 Lbd - ok
17:37:10.0301 5708 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\windows\system32\DRIVERS\lltdio.sys
17:37:10.0301 5708 lltdio - ok
17:37:10.0442 5708 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\windows\system32\DRIVERS\lsi_fc.sys
17:37:10.0442 5708 LSI_FC - ok
17:37:10.0551 5708 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\windows\system32\DRIVERS\lsi_sas.sys
17:37:10.0551 5708 LSI_SAS - ok
17:37:10.0676 5708 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\windows\system32\DRIVERS\lsi_sas2.sys
17:37:10.0676 5708 LSI_SAS2 - ok
17:37:10.0754 5708 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\windows\system32\DRIVERS\lsi_scsi.sys
17:37:10.0754 5708 LSI_SCSI - ok
17:37:10.0769 5708 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\windows\system32\drivers\luafv.sys
17:37:10.0785 5708 luafv - ok
17:37:10.0894 5708 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\windows\system32\DRIVERS\megasas.sys
17:37:10.0894 5708 megasas - ok
17:37:11.0019 5708 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\windows\system32\DRIVERS\MegaSR.sys
17:37:11.0019 5708 MegaSR - ok
17:37:11.0128 5708 Modem (f001861e5700ee84e2d4e52c712f4964) C:\windows\system32\drivers\modem.sys
17:37:11.0128 5708 Modem - ok
17:37:11.0206 5708 monitor (79d10964de86b292320e9dfe02282a23) C:\windows\system32\DRIVERS\monitor.sys
17:37:11.0206 5708 monitor - ok
17:37:11.0300 5708 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\windows\system32\DRIVERS\mouclass.sys
17:37:11.0300 5708 mouclass - ok
17:37:11.0425 5708 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\windows\system32\DRIVERS\mouhid.sys
17:37:11.0425 5708 mouhid - ok
17:37:11.0471 5708 mountmgr (921c18727c5920d6c0300736646931c2) C:\windows\system32\drivers\mountmgr.sys
17:37:11.0471 5708 mountmgr - ok
17:37:11.0518 5708 mpio (2af5997438c55fb79d33d015c30e1974) C:\windows\system32\DRIVERS\mpio.sys
17:37:11.0518 5708 mpio - ok
17:37:11.0534 5708 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\windows\system32\drivers\mpsdrv.sys
17:37:11.0549 5708 mpsdrv - ok
17:37:11.0565 5708 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\windows\system32\drivers\mrxdav.sys
17:37:11.0565 5708 MRxDAV - ok
17:37:11.0612 5708 mrxsmb (ca7570e42522e24324a12161db14ec02) C:\windows\system32\DRIVERS\mrxsmb.sys
17:37:11.0612 5708 mrxsmb - ok
17:37:11.0705 5708 mrxsmb10 (f965c3ab2b2ae5c378f4562486e35051) C:\windows\system32\DRIVERS\mrxsmb10.sys
17:37:11.0705 5708 mrxsmb10 - ok
17:37:11.0830 5708 mrxsmb20 (25c38264a3c72594dd21d355d70d7a5d) C:\windows\system32\DRIVERS\mrxsmb20.sys
17:37:11.0830 5708 mrxsmb20 - ok
17:37:11.0924 5708 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\windows\system32\DRIVERS\msahci.sys
17:37:11.0939 5708 msahci - ok
17:37:11.0955 5708 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\windows\system32\DRIVERS\msdsm.sys
17:37:11.0955 5708 msdsm - ok
17:37:12.0064 5708 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\windows\system32\drivers\Msfs.sys
17:37:12.0064 5708 Msfs - ok
17:37:12.0080 5708 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\windows\System32\drivers\mshidkmdf.sys
17:37:12.0080 5708 mshidkmdf - ok
17:37:12.0173 5708 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\windows\system32\DRIVERS\msisadrv.sys
17:37:12.0173 5708 msisadrv - ok
17:37:12.0283 5708 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\windows\system32\drivers\MSKSSRV.sys
17:37:12.0283 5708 MSKSSRV - ok
17:37:12.0298 5708 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\windows\system32\drivers\MSPCLOCK.sys
17:37:12.0298 5708 MSPCLOCK - ok
17:37:12.0314 5708 MSPQM (f456e973590d663b1073e9c463b40932) C:\windows\system32\drivers\MSPQM.sys
17:37:12.0314 5708 MSPQM - ok
17:37:12.0329 5708 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\windows\system32\drivers\MsRPC.sys
17:37:12.0329 5708 MsRPC - ok
17:37:12.0439 5708 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\windows\system32\DRIVERS\mssmbios.sys
17:37:12.0439 5708 mssmbios - ok
17:37:12.0548 5708 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\windows\system32\drivers\MSTEE.sys
17:37:12.0548 5708 MSTEE - ok
17:37:12.0641 5708 MTConfig (33599130f44e1f34631cea241de8ac84) C:\windows\system32\DRIVERS\MTConfig.sys
17:37:12.0641 5708 MTConfig - ok
17:37:12.0657 5708 Mup (159fad02f64e6381758c990f753bcc80) C:\windows\system32\Drivers\mup.sys
17:37:12.0673 5708 Mup - ok
17:37:12.0797 5708 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\windows\system32\DRIVERS\nwifi.sys
17:37:12.0813 5708 NativeWifiP - ok
17:37:12.0938 5708 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\windows\system32\drivers\ndis.sys
17:37:12.0953 5708 NDIS - ok
17:37:13.0047 5708 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\windows\system32\DRIVERS\ndiscap.sys
17:37:13.0063 5708 NdisCap - ok
17:37:13.0187 5708 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\windows\system32\DRIVERS\ndistapi.sys
17:37:13.0187 5708 NdisTapi - ok
17:37:13.0297 5708 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\windows\system32\DRIVERS\ndisuio.sys
17:37:13.0312 5708 Ndisuio - ok
17:37:13.0406 5708 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\windows\system32\DRIVERS\ndiswan.sys
17:37:13.0406 5708 NdisWan - ok
17:37:13.0531 5708 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\windows\system32\drivers\NDProxy.sys
17:37:13.0531 5708 NDProxy - ok
17:37:13.0655 5708 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\windows\system32\DRIVERS\netbios.sys
17:37:13.0655 5708 NetBIOS - ok
17:37:13.0765 5708 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\windows\system32\DRIVERS\netbt.sys
17:37:13.0780 5708 NetBT - ok
17:37:13.0905 5708 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\windows\system32\DRIVERS\nfrd960.sys
17:37:13.0905 5708 nfrd960 - ok
17:37:14.0045 5708 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\windows\system32\drivers\Npfs.sys
17:37:14.0045 5708 Npfs - ok
17:37:14.0092 5708 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\windows\system32\drivers\nsiproxy.sys
17:37:14.0092 5708 nsiproxy - ok
17:37:14.0233 5708 Ntfs (187002ce05693c306f43c873f821381f) C:\windows\system32\drivers\Ntfs.sys
17:37:14.0248 5708 Ntfs - ok
17:37:14.0357 5708 Null (f9756a98d69098dca8945d62858a812c) C:\windows\system32\drivers\Null.sys
17:37:14.0357 5708 Null - ok
17:37:14.0435 5708 nvraid (f1b0bed906f97e16f6d0c3629d2f21c6) C:\windows\system32\drivers\nvraid.sys
17:37:14.0451 5708 nvraid - ok
17:37:14.0513 5708 nvstor (4520b63899e867f354ee012d34e11536) C:\windows\system32\drivers\nvstor.sys
17:37:14.0529 5708 nvstor - ok
17:37:14.0638 5708 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\windows\system32\DRIVERS\nv_agp.sys
17:37:14.0638 5708 nv_agp - ok
17:37:14.0763 5708 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\windows\system32\DRIVERS\ohci1394.sys
17:37:14.0763 5708 ohci1394 - ok
17:37:14.0903 5708 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\windows\system32\DRIVERS\parport.sys
17:37:14.0903 5708 Parport - ok
17:37:14.0997 5708 partmgr (ff4218952b51de44fe910953a3e686b9) C:\windows\system32\drivers\partmgr.sys
17:37:14.0997 5708 partmgr - ok
17:37:15.0091 5708 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\windows\system32\DRIVERS\parvdm.sys
17:37:15.0091 5708 Parvdm - ok
17:37:15.0106 5708 pci (c858cb77c577780ecc456a892e7e7d0f) C:\windows\system32\DRIVERS\pci.sys
17:37:15.0106 5708 pci - ok
17:37:15.0200 5708 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\windows\system32\DRIVERS\pciide.sys
17:37:15.0200 5708 pciide - ok
17:37:15.0293 5708 pcmcia (f396431b31693e71e8a80687ef523506) C:\windows\system32\DRIVERS\pcmcia.sys
17:37:15.0309 5708 pcmcia - ok
17:37:15.0403 5708 pcw (250f6b43d2b613172035c6747aeeb19f) C:\windows\system32\drivers\pcw.sys
17:37:15.0403 5708 pcw - ok
17:37:15.0434 5708 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\windows\system32\drivers\peauth.sys
17:37:15.0434 5708 PEAUTH - ok
17:37:15.0496 5708 PGEffect (1b5011dd8d57f53aed31ff0f7d635802) C:\windows\system32\DRIVERS\pgeffect.sys
17:37:15.0496 5708 PGEffect - ok
17:37:15.0652 5708 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\windows\system32\DRIVERS\raspptp.sys
17:37:15.0652 5708 PptpMiniport - ok
17:37:15.0761 5708 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\windows\system32\DRIVERS\processr.sys
17:37:15.0761 5708 Processor - ok
17:37:15.0886 5708 Psched (6270ccae2a86de6d146529fe55b3246a) C:\windows\system32\DRIVERS\pacer.sys
17:37:15.0902 5708 Psched - ok
17:37:16.0027 5708 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\windows\system32\DRIVERS\ql2300.sys
17:37:16.0058 5708 ql2300 - ok
17:37:16.0151 5708 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\windows\system32\DRIVERS\ql40xx.sys
17:37:16.0151 5708 ql40xx - ok
17:37:16.0229 5708 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\windows\system32\drivers\qwavedrv.sys
17:37:16.0229 5708 QWAVEdrv - ok
17:37:16.0245 5708 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\windows\system32\DRIVERS\rasacd.sys
17:37:16.0245 5708 RasAcd - ok
17:37:16.0323 5708 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\windows\system32\DRIVERS\AgileVpn.sys
17:37:16.0323 5708 RasAgileVpn - ok
17:37:16.0432 5708 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\windows\system32\DRIVERS\rasl2tp.sys
17:37:16.0432 5708 Rasl2tp - ok
17:37:16.0573 5708 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\windows\system32\DRIVERS\raspppoe.sys
17:37:16.0573 5708 RasPppoe - ok
17:37:16.0697 5708 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\windows\system32\DRIVERS\rassstp.sys
17:37:16.0697 5708 RasSstp - ok
17:37:16.0807 5708 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\windows\system32\DRIVERS\rdbss.sys
17:37:16.0807 5708 rdbss - ok
17:37:16.0916 5708 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\windows\system32\DRIVERS\rdpbus.sys
17:37:16.0916 5708 rdpbus - ok
17:37:16.0931 5708 RDPCDD (1e016846895b15a99f9a176a05029075) C:\windows\system32\DRIVERS\RDPCDD.sys
17:37:16.0931 5708 RDPCDD - ok
17:37:17.0041 5708 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\windows\system32\drivers\rdpencdd.sys
17:37:17.0041 5708 RDPENCDD - ok
17:37:17.0072 5708 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\windows\system32\drivers\rdprefmp.sys
17:37:17.0072 5708 RDPREFMP - ok
17:37:17.0087 5708 RDPWD (801371ba9782282892d00aadb08ee367) C:\windows\system32\drivers\RDPWD.sys
17:37:17.0087 5708 RDPWD - ok
17:37:17.0212 5708 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\windows\system32\drivers\rdyboost.sys
17:37:17.0228 5708 rdyboost - ok
17:37:17.0384 5708 rspndr (032b0d36ad92b582d869879f5af5b928) C:\windows\system32\DRIVERS\rspndr.sys
17:37:17.0384 5708 rspndr - ok
17:37:17.0462 5708 RSUSBSTOR - ok
17:37:17.0524 5708 RTL8167 (6465166dd9b2f841dabad16abdadbe98) C:\windows\system32\DRIVERS\Rt86win7.sys
17:37:17.0524 5708 RTL8167 - ok
17:37:17.0633 5708 RTL8187Se (5bd298bdf62e6a8a0fc69f73a82a52bb) C:\windows\system32\DRIVERS\RTL8187Se.sys
17:37:17.0649 5708 RTL8187Se - ok
17:37:17.0711 5708 RtsUIR - ok
17:37:17.0836 5708 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\windows\system32\DRIVERS\sbp2port.sys
17:37:17.0836 5708 sbp2port - ok
17:37:17.0945 5708 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\windows\system32\DRIVERS\scfilter.sys
17:37:17.0945 5708 scfilter - ok
17:37:18.0070 5708 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\drivers\secdrv.sys
17:37:18.0070 5708 secdrv - ok
17:37:18.0211 5708 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\windows\system32\DRIVERS\serenum.sys
17:37:18.0211 5708 Serenum - ok
17:37:18.0335 5708 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\windows\system32\DRIVERS\serial.sys
17:37:18.0335 5708 Serial - ok
17:37:18.0429 5708 sermouse (79bffb520327ff916a582dfea17aa813) C:\windows\system32\DRIVERS\sermouse.sys
17:37:18.0429 5708 sermouse - ok
17:37:18.0554 5708 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\windows\system32\DRIVERS\sffdisk.sys
17:37:18.0554 5708 sffdisk - ok
17:37:18.0569 5708 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\windows\system32\DRIVERS\sffp_mmc.sys
17:37:18.0569 5708 sffp_mmc - ok
17:37:18.0585 5708 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) C:\windows\system32\DRIVERS\sffp_sd.sys
17:37:18.0585 5708 sffp_sd - ok
17:37:18.0601 5708 sfloppy (db96666cc8312ebc45032f30b007a547) C:\windows\system32\DRIVERS\sfloppy.sys
17:37:18.0601 5708 sfloppy - ok
17:37:18.0694 5708 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\windows\system32\DRIVERS\sisagp.sys
17:37:18.0694 5708 sisagp - ok
17:37:18.0803 5708 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\windows\system32\DRIVERS\SiSRaid2.sys
17:37:18.0819 5708 SiSRaid2 - ok
17:37:18.0835 5708 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\windows\system32\DRIVERS\sisraid4.sys
17:37:18.0835 5708 SiSRaid4 - ok
17:37:18.0944 5708 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\windows\system32\DRIVERS\smb.sys
17:37:18.0944 5708 Smb - ok
17:37:19.0100 5708 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\windows\system32\drivers\spldr.sys
17:37:19.0100 5708 spldr - ok
17:37:19.0178 5708 srv (c4a027b8c0bd3fc0699f41fa5e9e0c87) C:\windows\system32\DRIVERS\srv.sys
17:37:19.0193 5708 srv - ok
17:37:19.0318 5708 srv2 (414bb592cad8a79649d01f9d94318fb3) C:\windows\system32\DRIVERS\srv2.sys
17:37:19.0318 5708 srv2 - ok
17:37:19.0443 5708 srvnet (ff207d67700aa18242aaf985d3e7d8f4) C:\windows\system32\DRIVERS\srvnet.sys
17:37:19.0459 5708 srvnet - ok
17:37:19.0568 5708 stexstor (db32d325c192b801df274bfd12a7e72b) C:\windows\system32\DRIVERS\stexstor.sys
17:37:19.0568 5708 stexstor - ok
17:37:19.0677 5708 swenum (e58c78a848add9610a4db6d214af5224) C:\windows\system32\DRIVERS\swenum.sys
17:37:19.0677 5708 swenum - ok
17:37:19.0802 5708 SynTP (8bd10dc8809dc69a1c5a795cb10add76) C:\windows\system32\DRIVERS\SynTP.sys
17:37:19.0817 5708 SynTP - ok
17:37:20.0020 5708 Tcpip (56c198ac82efa622dd93e9e43575f79c) C:\windows\system32\drivers\tcpip.sys
17:37:20.0036 5708 Tcpip - ok
17:37:20.0223 5708 TCPIP6 (56c198ac82efa622dd93e9e43575f79c) C:\windows\system32\DRIVERS\tcpip.sys
17:37:20.0239 5708 TCPIP6 - ok
17:37:20.0348 5708 tcpipreg (e64444523add154f86567c469bc0b17f) C:\windows\system32\drivers\tcpipreg.sys
17:37:20.0348 5708 tcpipreg - ok
17:37:20.0488 5708 tdcmdpst (4084ea00d50c858d6f9038f86ae2e2d0) C:\windows\system32\DRIVERS\tdcmdpst.sys
17:37:20.0488 5708 tdcmdpst - ok
17:37:20.0582 5708 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\windows\system32\drivers\tdpipe.sys
17:37:20.0582 5708 TDPIPE - ok
17:37:20.0597 5708 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\windows\system32\drivers\tdtcp.sys
17:37:20.0597 5708 TDTCP - ok
17:37:20.0644 5708 tdx (cb39e896a2a83702d1737bfd402b3542) C:\windows\system32\DRIVERS\tdx.sys
17:37:20.0644 5708 tdx - ok
17:37:20.0753 5708 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\windows\system32\DRIVERS\termdd.sys
17:37:20.0753 5708 TermDD - ok
17:37:20.0956 5708 tos_sps32 (969377943fe7284609babbab4e06b93c) C:\windows\system32\DRIVERS\tos_sps32.sys
17:37:20.0956 5708 tos_sps32 - ok
17:37:21.0097 5708 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\windows\system32\DRIVERS\tssecsrv.sys
17:37:21.0097 5708 tssecsrv - ok
17:37:21.0221 5708 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\windows\system32\DRIVERS\tunnel.sys
17:37:21.0221 5708 tunnel - ok
17:37:21.0331 5708 TVALZ (fc24015b4052600c324c43e3a79c0664) C:\windows\system32\DRIVERS\TVALZ_O.SYS
17:37:21.0331 5708 TVALZ - ok
17:37:21.0455 5708 TVALZFL (866462f5ae3f375ef83ef9dce436031c) C:\windows\system32\DRIVERS\TVALZFL.sys
17:37:21.0471 5708 TVALZFL - ok
17:37:21.0533 5708 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\windows\system32\DRIVERS\uagp35.sys
17:37:21.0549 5708 uagp35 - ok
17:37:21.0643 5708 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\windows\system32\DRIVERS\udfs.sys
17:37:21.0658 5708 udfs - ok
17:37:21.0767 5708 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\windows\system32\DRIVERS\uliagpkx.sys
17:37:21.0767 5708 uliagpkx - ok
17:37:21.0892 5708 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\windows\system32\DRIVERS\umbus.sys
17:37:21.0892 5708 umbus - ok
17:37:22.0001 5708 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\windows\system32\DRIVERS\umpass.sys
17:37:22.0001 5708 UmPass - ok
17:37:22.0111 5708 usbccgp (c31ae588e403042632dc796cf09e30b0) C:\windows\system32\DRIVERS\usbccgp.sys
17:37:22.0111 5708 usbccgp - ok
17:37:22.0189 5708 USBCCID - ok
17:37:22.0235 5708 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\windows\system32\DRIVERS\usbcir.sys
17:37:22.0235 5708 usbcir - ok
17:37:22.0360 5708 usbehci (e4c436d914768ce965d5e659ba7eebd8) C:\windows\system32\DRIVERS\usbehci.sys
17:37:22.0360 5708 usbehci - ok
17:37:22.0485 5708 usbhub (bdcd7156ec37448f08633fd899823620) C:\windows\system32\DRIVERS\usbhub.sys
17:37:22.0501 5708 usbhub - ok
17:37:22.0641 5708 USBIO (f90d8f845095fcd6924e3d751c04e442) C:\windows\system32\Drivers\usbio.sys
17:37:22.0641 5708 USBIO - ok
17:37:22.0750 5708 usbohci (eb2d819a639015253c871cda09d91d58) C:\windows\system32\DRIVERS\usbohci.sys
17:37:22.0766 5708 usbohci - ok
17:37:22.0859 5708 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\windows\system32\DRIVERS\usbprint.sys
17:37:22.0875 5708 usbprint - ok
17:37:23.0000 5708 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\windows\system32\DRIVERS\usbscan.sys
17:37:23.0000 5708 usbscan - ok
17:37:23.0109 5708 USBSTOR (1c4287739a93594e57e2a9e6a3ed7353) C:\windows\system32\DRIVERS\USBSTOR.SYS
17:37:23.0109 5708 USBSTOR - ok
17:37:23.0218 5708 usbuhci (22480bf4e5a09192e5e30ba4dde79fa4) C:\windows\system32\drivers\usbuhci.sys
17:37:23.0218 5708 usbuhci - ok
17:37:23.0343 5708 usbvideo (b5f6a992d996282b7fae7048e50af83a) C:\windows\System32\Drivers\usbvideo.sys
17:37:23.0343 5708 usbvideo - ok
17:37:23.0499 5708 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\windows\system32\DRIVERS\vdrvroot.sys
17:37:23.0499 5708 vdrvroot - ok
17:37:23.0515 5708 vga (17c408214ea61696cec9c66e388b14f3) C:\windows\system32\DRIVERS\vgapnp.sys
17:37:23.0530 5708 vga - ok
17:37:23.0530 5708 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\windows\System32\drivers\vga.sys
17:37:23.0546 5708 VgaSave - ok
17:37:23.0577 5708 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\windows\system32\DRIVERS\vhdmp.sys
17:37:23.0577 5708 vhdmp - ok
17:37:23.0671 5708 viaagp (c829317a37b4bea8f39735d4b076e923) C:\windows\system32\DRIVERS\viaagp.sys
17:37:23.0671 5708 viaagp - ok
17:37:23.0780 5708 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\windows\system32\DRIVERS\viac7.sys
17:37:23.0780 5708 ViaC7 - ok
17:37:23.0873 5708 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\windows\system32\DRIVERS\viaide.sys
17:37:23.0873 5708 viaide - ok
17:37:23.0967 5708 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\windows\system32\DRIVERS\volmgr.sys
17:37:23.0967 5708 volmgr - ok
17:37:23.0998 5708 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\windows\system32\drivers\volmgrx.sys
17:37:23.0998 5708 volmgrx - ok
17:37:24.0092 5708 volsnap (58df9d2481a56edde167e51b334d44fd) C:\windows\system32\DRIVERS\volsnap.sys
17:37:24.0107 5708 volsnap - ok
17:37:24.0217 5708 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\windows\system32\DRIVERS\vsmraid.sys
17:37:24.0232 5708 vsmraid - ok
17:37:24.0373 5708 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\windows\system32\DRIVERS\vwifibus.sys
17:37:24.0373 5708 vwifibus - ok
17:37:24.0435 5708 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\windows\system32\DRIVERS\vwififlt.sys
17:37:24.0435 5708 vwififlt - ok
17:37:24.0544 5708 WacomPen (de3721e89c653aa281428c8a69745d90) C:\windows\system32\DRIVERS\wacompen.sys
17:37:24.0544 5708 WacomPen - ok
17:37:24.0653 5708 WANARP (692a712062146e96d28ba0b7d75de31b) C:\windows\system32\DRIVERS\wanarp.sys
17:37:24.0653 5708 WANARP - ok
17:37:24.0669 5708 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\windows\system32\DRIVERS\wanarp.sys
17:37:24.0669 5708 Wanarpv6 - ok
17:37:24.0856 5708 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\windows\system32\DRIVERS\wd.sys
17:37:24.0856 5708 Wd - ok
17:37:24.0965 5708 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\windows\system32\drivers\Wdf01000.sys
17:37:24.0965 5708 Wdf01000 - ok
17:37:25.0137 5708 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\windows\system32\DRIVERS\wfplwf.sys
17:37:25.0137 5708 WfpLwf - ok
17:37:25.0231 5708 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\windows\system32\drivers\wimmount.sys
17:37:25.0231 5708 WIMMount - ok
17:37:25.0387 5708 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\windows\system32\DRIVERS\wmiacpi.sys
17:37:25.0387 5708 WmiAcpi - ok
17:37:25.0433 5708 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\windows\system32\drivers\ws2ifsl.sys
17:37:25.0433 5708 ws2ifsl - ok
17:37:25.0449 5708 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\windows\system32\drivers\WudfPf.sys
17:37:25.0465 5708 WudfPf - ok
17:37:25.0465 5708 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\windows\system32\DRIVERS\WUDFRd.sys
17:37:25.0480 5708 WUDFRd - ok
17:37:25.0527 5708 MBR (0x1B8) (5b5e648d12fcadc244c1ec30318e1eb9) \Device\Harddisk0\DR0
17:37:25.0589 5708 \Device\Harddisk0\DR0 - ok
17:37:25.0605 5708 Boot (0x1200) (5d23c7fb3ae2f4e4543dcf7c11664442) \Device\Harddisk0\DR0\Partition0
17:37:25.0621 5708 \Device\Harddisk0\DR0\Partition0 - ok
17:37:25.0621 5708 ============================================================
17:37:25.0621 5708 Scan finished
17:37:25.0621 5708 ============================================================
17:37:25.0636 2644 Detected object count: 0
17:37:25.0636 2644 Actual detected object count: 0

#12 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,707 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:02:49 AM

Posted 22 January 2012 - 06:40 PM

Please run Farbar Service Scanner FSS).
Type the following in the edit box after "Search:".

dfsc.sys

Click Search Files button and post the log (FSS.txt) it makes to your reply.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#13 DSpell200

DSpell200
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:03:49 AM

Posted 22 January 2012 - 06:43 PM

do I need anything checked besides the Internet Services when I go to search via FSS?

#14 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,707 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:02:49 AM

Posted 22 January 2012 - 07:30 PM

No.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#15 DSpell200

DSpell200
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:03:49 AM

Posted 22 January 2012 - 08:27 PM

if a note pad pops up from FSS does that mean the program is finished with the search? I ask as one did pop up, however the FFS program states that "search is in progress, please wait..."

here's what it had pop up:

Farbar Service Scanner Version: 18-01-2012 01
Ran by tjgagner (administrator) on 22-01-2012 at 19:19:07
Windows 7 Home Premium (X86)

************************************************
================== Search: "dfsc.sys" ===================

Edited by DSpell200, 22 January 2012 - 08:41 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users