Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Computer doesn't work unless in safe mode


  • This topic is locked This topic is locked
25 replies to this topic

#1 tierra

tierra

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:California
  • Local time:01:32 PM

Posted 27 February 2012 - 01:17 AM

When I try to start my computer normally it just restarts. I do not have a blue screen. Originally, I had problems with the computer freezing up immediately after logging on. Now it won't boot up normally at all. I also can't access control panel, use the search on my computer, or run malwarebytes, even in safe mode. All of these things cause my computer to freeze up. Thanks in advance!

.
DDS (Ver_2011-08-26.01) - NTFSx86 NETWORK
Internet Explorer: 7.0.6002.18005 BrowserJavaVersion: 1.6.0_26
Run by Jessica at 17:47:38 on 2012-02-26
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2939.2166 [GMT -8:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\Explorer.EXE
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Users\Jessica\Desktop\Defogger.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.toshibadirect.com/dpdstart
uDefault_Page_URL = hxxp://www.toshibadirect.com/dpdstart
mDefault_Page_URL = hxxp://www.toshibadirect.com/dpdstart
uInternet Settings,ProxyOverride = *.local
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program files\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~2\office14\GROOVEEX.DLL
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~2\office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
uRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\FlashUtil10t_Plugin.exe -update plugin
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
mRun: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
mRun: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
mRun: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [NDSTray.exe] NDSTray.exe
mRun: [cfFncEnabler.exe] cfFncEnabler.exe
mRun: [PCMAgent] "c:\program files\cyberlink\powercinema for toshiba\PCMAgent.exe"
mRun: [CLMLServer] "c:\program files\cyberlink\powercinema for toshiba\kernel\clml\CLMLSvc.exe"
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [Skytel] Skytel.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\avastu~1.lnk - c:\program files\avast software\avast\AvastUI.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
IE: Se&nd to OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
LSP: c:\windows\system32\wpclsp.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{127A02B2-D631-441C-9517-9850EC94E878} : DhcpNameServer = 209.18.47.61 209.18.47.62
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Notify: igfxcui - igfxdev.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~2\office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\jessica\appdata\roaming\mozilla\firefox\profiles\g6sgbfzy.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.gaiaonline.com/mygaia/
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\progra~1\micros~2\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\micros~2\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\google\update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\users\jessica\appdata\locallow\unity\webplayer\loader\npUnity3D32.dll
.
============= SERVICES / DRIVERS ===============
.
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\logmein hamachi\hamachi-2.exe [2012-2-2 1373576]
R3 FwLnk;FwLnk Driver;c:\windows\system32\drivers\FwLnk.sys [2008-8-14 7168]
R3 NETw5v32;Intel® Wireless WiFi Link Adapter Driver for Windows Vista 32 Bit ;c:\windows\system32\drivers\NETw5v32.sys [2008-4-28 3658752]
R3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\ScreamingBAudio.sys [2010-7-1 34896]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-4-16 435032]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-4-16 314456]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-4-16 20568]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-4-16 55128]
S2 avast! Antivirus;avast! Antivirus;"c:\program files\avast software\avast\avastsvc.exe" --> c:\program files\avast software\avast\AvastSvc.exe [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-1-3 135664]
S2 PEVSystemStart;PEVSystemStart;c:\combofix\pev.3XE [2011-6-25 256000]
S2 TeamViewer6;TeamViewer 6;c:\program files\teamviewer\version6\TeamViewer_Service.exe [2011-10-4 2358656]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-1-3 135664]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2012-2-8 40776]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\microsoft office\office14\GROOVE.EXE [2010-1-21 30963576]
S3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\windows\system32\drivers\nx6000.sys [2010-12-13 30576]
S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
S3 pbfilter;pbfilter;c:\program files\peerblock\pbfilter.sys [2011-6-27 20080]
S3 SwitchBoard;Adobe SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S4 ConfigFree Service;ConfigFree Service;c:\program files\toshiba\configfree\CFSvcs.exe [2008-7-10 40960]
S4 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2011-4-16 1153368]
S4 TMachInfo;TMachInfo;c:\program files\toshiba\toshiba service station\TMachInfo.exe [2008-8-14 46392]
S4 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service;c:\program files\toshiba\smartlogservice\TosIPCSrv.exe [2007-12-3 126976]
.
=============== Created Last 30 ================
.
2012-02-27 01:13:58 -------- d-sh--w- C:\found.008
2012-02-27 00:54:02 -------- d-----w- C:\$WINDOWS.~BT
2012-02-15 09:04:04 -------- d-s---w- C:\ComboFix
2012-02-15 06:02:08 -------- d-sh--w- C:\found.007
2012-02-15 05:34:42 98816 ----a-w- c:\windows\sed.exe
2012-02-15 05:34:42 518144 ----a-w- c:\windows\SWREG.exe
2012-02-15 05:34:42 256000 ----a-w- c:\windows\PEV.exe
2012-02-15 05:34:42 208896 ----a-w- c:\windows\MBR.exe
2012-02-11 18:18:12 924632 ----a-w- c:\program files\mozilla firefox\firefox.exe
2012-02-11 18:18:12 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2012-02-09 01:47:10 -------- d-----w- c:\program files\Uniblue
2012-02-09 01:14:19 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2012-02-09 01:14:19 -------- d-----w- c:\users\jessica\appdata\roaming\Malwarebytes
2012-02-09 01:14:14 -------- d-----w- c:\programdata\Malwarebytes
2012-02-09 01:14:13 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-02-09 01:14:13 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-02-09 01:13:34 9502424 ----a-w- C:\mbam--setup-1.60.1.1000.exe
2012-02-09 00:53:21 -------- d-----w- c:\users\jessica\appdata\roaming\TeamViewer
2012-02-08 21:45:04 -------- d-sh--w- C:\found.006
2012-02-08 21:36:50 -------- d-----w- c:\users\jessica\appdata\roaming\Uniblue
2012-02-08 21:36:46 -------- dc-h--w- c:\programdata\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}
2012-02-08 21:36:30 -------- d-----w- c:\users\jessica\appdata\local\PackageAware
2012-02-08 02:57:15 26176 ---ha-w- c:\windows\system32\hamachi.sys
2012-02-08 02:56:55 -------- d-----w- c:\program files\LogMeIn Hamachi
2012-01-28 22:35:50 -------- d-----w- c:\program files\Amnesia - The Dark Descent
2012-01-28 21:26:30 -------- d-----w- c:\users\jessica\appdata\roaming\Screaming Bee
2012-01-28 21:23:41 -------- d-----w- c:\programdata\Screaming Bee
2012-01-28 21:23:41 -------- d-----w- c:\program files\Screaming Bee
.
==================== Find3M ====================
.
.
============= FINISH: 17:49:02.15 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,392 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:32 PM

Posted 27 February 2012 - 04:20 PM

Greetings tierra and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you!


===================================================


Ground Rules:

  • First, I would also like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met. :)
  • Please do not run any tools or take anys steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me about it.
  • When you post your reply, do not use the Posted Image button but use the Posted Image button instead.
  • In the upper right hand corner of the topic you will see the Posted Image button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
  • Now let's get started :thumbup2:

===================================================


I noticed Combofix was run unsupervised on this computer on 2-15. Please locate the log at C:\combofix.txt and copy/paste that information in a reply so I can review it. It will also take a bit of time to review the information you have already posted.


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • combofix.txt

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#3 tierra

tierra
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:California
  • Local time:01:32 PM

Posted 27 February 2012 - 06:15 PM

When I ran Combofix it did not finish so there is no combofix.txt. Should I run it again then?

#4 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,392 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:32 PM

Posted 27 February 2012 - 06:19 PM

Greetings tierra

Did you check for that file anyway? It may not have created a log but we need to check.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#5 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,392 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:32 PM

Posted 27 February 2012 - 07:29 PM

Greetings tierra,


I would like us to address the boot issue first. Please perform the following steps for me.


===================================================


Panda USB Vaccine

--------------------

Please download and use Panda USB Vaccine.

Alternate download link 1
Alternate download link 2

  • Double-click on USBVaccineSetup.exe to install the program to C:\Program Files\Panda USB Vaccine.
  • Read and accept the license agreement, then click Next.
  • When setup completes, make sure "Launch Panda USB Vaccine" is checked and click Finish to open the program.
  • Click the Vaccinate computer button. It should now show a green checkmark and confirm Computer vaccinated.
  • Hold down the Shift key and insert your USB flash drive.
  • When the name of the drive appears in the dialog box, click the button to Vaccinate USB drive(s).
  • Exit the program when done
Note: Computer Vaccination will prevent any AutoRun file from running, regardless of whether the removable device is infected or not. USB Vaccination disables the autorun file so it cannot be read, modified or replaced and creates an AUTORUN_.INF as protection against malicious code. The Panda Resarch Blog advises that once USB drives have been vaccinated, they cannot be reversed except with a format. If you do this, be sure to back up your data files first or they will be lost during the formatting process.


===================================================


Farbar's Recovery Scan Tool

--------------------

I would like you to run Farbar's Recovery Scan Tool to check your MBR. For this you will need a USB flash drive.

For x32 (x86) bit systems download Farbar Recovery Scan Tool and save it to a flash drive.
For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to a flash drive.

Plug the flashdrive into the infected PC and we will enter the System Recovery Options one of the two following ways:

To enter System Recovery Options from the Advanced Boot Options:

  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select English as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.
To enter System Recovery Options by using Windows installation disc:

  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select English as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.
Once you are in the System Recovery Options menu you will get the following options:

Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt

  • Select Command Prompt
  • In the command window type in Notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select Computer and find your flash drive letter and close the notepad.
  • In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
    Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.

===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • FRST.txt

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#6 tierra

tierra
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:California
  • Local time:01:32 PM

Posted 27 February 2012 - 08:21 PM

I cannot access the contents of the flash drive to post FRST.txt. It says "E:\ Application not found." when I double-click the flash drive in My Computer.

#7 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,392 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:32 PM

Posted 27 February 2012 - 08:27 PM

It may be that the drive letter of your USB device is not "E". If you don't know the letter of the flash drive on your computer you can insert it in Safe Mode and it should show the drive letter in "My Computer.

This is from the instructions.

Note: Replace letter e with the drive letter of your flash drive.


Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#8 tierra

tierra
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:California
  • Local time:01:32 PM

Posted 27 February 2012 - 08:38 PM

When I plug the flash drive in e:\ is what shows up in My Computer. There isn't any other drives listed besides c:\, d:\, and e:\. I'm already in Safe Mode with Networking. Should I try it in just Safe mode?

#9 tierra

tierra
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:California
  • Local time:01:32 PM

Posted 27 February 2012 - 09:06 PM

Scan result of Farbar Recovery Scan Tool (FRST written by farbar) Version: 27-02-2012
Ran by SYSTEM at 27-02-2012 17:13:35
Running from F:\
Windows Vista ™ Home Premium Service Pack 1 (X86) OS Language: English(US)
The current controlset is ControlSet001

========================== Registry (Whitelisted) =============

HKLM\...\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe [150040 2008-06-25] (Intel Corporation)
HKLM\...\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe [170520 2008-06-25] (Intel Corporation)
HKLM\...\Run: [Persistence] C:\Windows\system32\igfxpers.exe [145944 2008-06-25] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] RtHDVCpl.exe [x]
HKLM\...\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE [431456 2008-02-06] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe [54608 2007-10-31] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe [448080 2007-06-15] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe [716800 2008-03-19] (TOSHIBA Corporation)
HKLM\...\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide [1008184 2008-01-20] (Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1348904 2008-08-14] (Synaptics, Inc.)
HKLM\...\Run: [NDSTray.exe] NDSTray.exe [x]
HKLM\...\Run: [cfFncEnabler.exe] cfFncEnabler.exe [x]
HKLM\...\Run: [PCMAgent] "C:\Program Files\CyberLink\PowerCinema for TOSHIBA\PCMAgent.exe" [143360 2007-12-13] (CyberLink Corp.)
HKLM\...\Run: [CLMLServer] "C:\Program Files\CyberLink\PowerCinema for TOSHIBA\Kernel\CLML\CLMLSvc.exe" [188416 2008-07-10] (CyberLink)
HKLM\...\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM\...\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui [x]
HKLM\...\Run: [Skytel] Skytel.exe [x]
HKU\Default\...\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter [x]
HKU\Default\...\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [430080 2008-04-24] (TOSHIBA)
HKU\Default User\...\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter [x]
HKU\Default User\...\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [430080 2008-04-24] (TOSHIBA)
HKU\Guest\...\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter [x]
HKU\Guest\...\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [430080 2008-04-24] (TOSHIBA)
HKU\Jessica\...\Policies\system: [LogonHoursAction] 2
HKU\Jessica\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\Jessica\...\Policies\system: [disableregistrytools] 0
HKU\Michelle\...\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [430080 2008-04-24] (TOSHIBA)
HKU\Michelle\...\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2144088 2009-01-26] (Safer Networking Limited)
HKU\Michelle\...\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background [x]
HKU\Michelle\...\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent [x]
HKU\Michelle\...\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized [x]
HKU\Michelle\...\Policies\system: [LogonHoursAction] 2
HKU\Michelle\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
Winlogon\Notify\igfxcui: igfxdev.dll (Intel Corporation)

================================ Services (Whitelisted) ==================

4 AgereModemAudio; C:\Windows\system32\agrsmsvc.exe [9216 2006-10-05] (Agere Systems)
4 ConfigFree Service; "C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe" [40960 2008-07-10] (TOSHIBA CORPORATION)
4 EvtEng; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [815104 2008-04-30] (Intel® Corporation)
4 FLEXnet Licensing Service; "C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe" [655624 2011-06-18] (Acresso Software Inc.)
4 GameConsoleService; "C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe" [164600 2008-05-28] (WildTangent, Inc.)
2 gupdate; "C:\Program Files\Google\Update\GoogleUpdate.exe" /svc [135664 2011-01-03] (Google Inc.)
3 gupdatem; "C:\Program Files\Google\Update\GoogleUpdate.exe" /medsvc [135664 2011-01-03] (Google Inc.)
2 Hamachi2Svc; "C:\Program Files\LogMeIn Hamachi\hamachi-2.exe" -s [1373576 2012-02-02] (LogMeIn Inc.)
3 Microsoft SharePoint Workspace Audit Service; "C:\Program Files\Microsoft Office\Office14\GROOVE.EXE" /auditservice [30963576 2010-01-21] (Microsoft Corporation)
4 RegSrvc; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [466944 2008-04-30] (Intel® Corporation)
4 SBSDWSCService; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
3 SwitchBoard; "C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [517096 2010-02-19] (Adobe Systems Incorporated)
4 TMachInfo; C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [46392 2008-08-04] (TOSHIBA Corporation)
4 TNaviSrv; C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe [83312 2008-07-18] (TOSHIBA Corporation)
4 TODDSrv; C:\Windows\system32\TODDSrv.exe [129632 2007-11-21] (TOSHIBA Corporation)
4 TosCoSrv; "C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe" [431456 2008-02-06] (TOSHIBA Corporation)
4 TOSHIBA SMART Log Service; "C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe" [126976 2007-12-03] (TOSHIBA Corporation)
4 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-08-23] (Ulead Systems, Inc.)
2 avast! Antivirus; "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" [x]

========================== Drivers (Whitelisted) =============

3 AgereSoftModem; C:\Windows\System32\DRIVERS\AGRSM.sys [1161888 2006-11-28] (Agere Systems)
2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [20568 2011-11-28] (AVAST Software)
2 aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [55128 2011-11-28] (AVAST Software)
1 aswRdr; C:\Windows\System32\Drivers\aswRdr.sys [34392 2011-11-28] (AVAST Software)
1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [435032 2011-11-28] (AVAST Software)
1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [314456 2011-11-28] (AVAST Software)
1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [52952 2011-11-28] (AVAST Software)
3 FwLnk; C:\Windows\System32\DRIVERS\FwLnk.sys [7168 2006-11-20] (TOSHIBA Corporation)
3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
4 KR10I; C:\Windows\System32\drivers\kr10i.sys [219264 2006-11-08] (TOSHIBA CORPORATION)
4 KR10N; C:\Windows\System32\drivers\kr10n.sys [211072 2006-11-08] (TOSHIBA CORPORATION)
3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\mbamswissarmy.sys [40776 2012-02-23] (Malwarebytes Corporation)
4 Mraid35x; C:\Windows\System32\drivers\mraid35x.sys [33384 2006-11-02] (LSI Logic Corporation)
3 MSHUSBVideo; C:\Windows\System32\Drivers\nx6000.sys [30576 2010-12-13] (Microsoft Corporation)
3 NETw5v32; C:\Windows\System32\DRIVERS\NETw5v32.sys [3658752 2008-04-28] (Intel Corporation)
3 pbfilter; \??\C:\Program Files\PeerBlock\pbfilter.sys [20080 2010-11-06] ()
2 PEVSystemStart; "C:\ComboFix\pev.3XE" EXEC /i "C:\ComboFix\HIDEC.3XE" "C:\ComboFix\SWREG.3XE" ACL "HKEY_LOCAL_MACHINE\System\CurrentControlSet\Enum\Root\LEGACY_Beep" /RESET /Q [518144 2000-08-30] (SteelWerX)
2 rimmptsk; C:\Windows\System32\DRIVERS\rimmptsk.sys [46592 2008-02-15] (REDC)
2 rimsptsk; C:\Windows\System32\DRIVERS\rimsptsk.sys [43008 2007-07-30] (REDC)
2 rismxdp; C:\Windows\System32\DRIVERS\rixdptsk.sys [38400 2007-07-30] (REDC)
3 RTL8169; C:\Windows\System32\DRIVERS\Rtlh86.sys [259176 2010-06-23] (Realtek )
3 SCREAMINGBDRIVER; C:\Windows\System32\drivers\ScreamingBAudio.sys [34896 2010-07-01] (Screaming Bee LLC)
4 SiSRaid2; C:\Windows\System32\drivers\sisraid2.sys [41016 2008-01-20] (Microsoft Corporation)
4 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2011-06-18] (Duplex Secure Ltd.)
3 tdcmdpst; C:\Windows\System32\DRIVERS\tdcmdpst.sys [24200 2007-12-14] (TOSHIBA Corporation.)
3 tosrfec; C:\Windows\System32\DRIVERS\tosrfec.sys [9216 2006-10-23] (TOSHIBA Corporation)
0 tos_sps32; C:\Windows\System32\DRIVERS\tos_sps32.sys [279376 2008-07-18] (TOSHIBA Corporation)
0 TVALZ; C:\Windows\System32\DRIVERS\TVALZ_O.SYS [23640 2007-11-09] (TOSHIBA Corporation)
4 UlSata; C:\Windows\System32\drivers\ulsata.sys [98408 2006-11-02] (Promise Technology, Inc.)
4 ulsata2; C:\Windows\System32\drivers\ulsata2.sys [115816 2008-01-20] (Promise Technology, Inc.)
3 UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [18432 2007-12-17] (Chicony Electronics Co., Ltd.)
3 catchme; \??\C:\Users\Jessica\AppData\Local\Temp\catchme.sys [x]
3 IpInIp; C:\Windows\System32\DRIVERS\ipinip.sys [x]
3 NwlnkFlt; C:\Windows\System32\DRIVERS\nwlnkflt.sys [x]
3 NwlnkFwd; C:\Windows\System32\DRIVERS\nwlnkfwd.sys [x]
3 Tosrfcom; [x]

========================== NetSvcs (Whitelisted) ===========

============ One Month Created Files and Folders ==============

2012-02-27 17:13 - 2012-02-27 17:13 - 0000000 ____D C:\FRST
2012-02-27 17:02 - 2012-02-27 17:02 - 0862468 ____A C:\Users\Jessica\Desktop\FRST.exe
2012-02-27 16:54 - 2012-02-27 16:54 - 0000000 ____D C:\Users\All Users\Panda Security
2012-02-27 16:54 - 2012-02-27 16:54 - 0000000 ____D C:\ProgramData\Panda Security
2012-02-27 16:54 - 2012-02-27 16:54 - 0000000 ____D C:\Program Files\Panda USB Vaccine
2012-02-27 16:48 - 2012-02-27 16:48 - 0848856 ____A (Panda Security ) C:\Users\Jessica\Desktop\USBVaccineSetup.exe
2012-02-26 21:56 - 2012-02-26 21:56 - 0000461 ____A C:\Users\Jessica\Desktop\forum post.txt
2012-02-26 20:27 - 2012-02-26 20:27 - 0005672 ____A C:\Users\Jessica\Desktop\ark.txt
2012-02-26 18:21 - 2012-02-26 18:21 - 0016982 ____A C:\Users\Jessica\Desktop\attach.txt
2012-02-26 18:21 - 2012-02-26 18:21 - 0013368 ____A C:\Users\Jessica\Desktop\dds.txt
2012-02-26 17:52 - 2012-02-26 17:52 - 0302592 ____A C:\Users\Jessica\Desktop\rcptffjm.exe
2012-02-26 17:46 - 2012-02-26 17:46 - 0000020 ____A C:\Users\Jessica\defogger_reenable
2012-02-26 17:45 - 2012-02-26 17:45 - 0050477 ____A C:\Users\Jessica\Desktop\Defogger.exe
2012-02-26 17:13 - 2012-02-26 17:13 - 0000000 __SHD C:\found.008
2012-02-26 16:54 - 2012-02-26 16:54 - 0000000 ____D C:\$WINDOWS.~BT
2012-02-24 22:37 - 2012-02-24 22:37 - 0773400 ____A C:\Users\Jessica\Desktop\Prius_Downloader.exe
2012-02-23 16:39 - 2012-02-23 16:39 - 0607260 ____R (Swearware) C:\Users\Jessica\Desktop\dds.scr
2012-02-23 15:55 - 2012-02-26 16:53 - 0001890 ____A C:\Windows\diagwrn.xml
2012-02-23 15:55 - 2012-02-26 16:53 - 0001890 ____A C:\Windows\diagerr.xml
2012-02-23 14:49 - 2012-02-23 14:50 - 0000000 ____D C:\Users\Jessica\Desktop\ESET NOD 32 Anti-Virus 4.0.468.0
2012-02-23 00:22 - 2012-02-23 15:51 - 0000000 ____D C:\Users\Jessica\Desktop\Windows.7.HomePremium+Ultimate.SP1.32+64Bit.(2011-10-12)
2012-02-22 17:42 - 2012-02-22 17:42 - 0000694 ____A C:\Users\Jessica\Desktop\perfect life.txt
2012-02-22 14:18 - 2012-02-22 14:18 - 0138952 ____A C:\Windows\Minidump\Mini022212-01.dmp
2012-02-16 17:06 - 2012-02-16 17:06 - 0138952 ____A C:\Windows\Minidump\Mini021612-01.dmp
2012-02-15 01:04 - 2012-02-15 01:07 - 0000000 ___SD C:\ComboFix
2012-02-14 22:02 - 2012-02-14 22:02 - 0000000 __SHD C:\found.007
2012-02-14 21:34 - 2012-02-14 21:34 - 0000000 ____D C:\Windows\ERDNT
2012-02-14 21:34 - 2011-06-25 22:45 - 0256000 ____A C:\Windows\PEV.exe
2012-02-14 21:34 - 2010-11-07 09:20 - 0208896 ____A C:\Windows\MBR.exe
2012-02-14 21:34 - 2009-04-19 20:56 - 0060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
2012-02-14 21:34 - 2000-08-30 16:00 - 0518144 ____A (SteelWerX) C:\Windows\SWREG.exe
2012-02-14 21:34 - 2000-08-30 16:00 - 0406528 ____A (SteelWerX) C:\Windows\SWSC.exe
2012-02-14 21:34 - 2000-08-30 16:00 - 0098816 ____A C:\Windows\sed.exe
2012-02-14 21:34 - 2000-08-30 16:00 - 0080412 ____A C:\Windows\grep.exe
2012-02-14 21:34 - 2000-08-30 16:00 - 0068096 ____A C:\Windows\zip.exe
2012-02-14 21:30 - 2012-02-14 21:34 - 0000000 ____D C:\Qoobox
2012-02-14 21:17 - 2012-02-14 21:17 - 4403246 ____R (Swearware) C:\Users\Jessica\Desktop\ComboFix.exe
2012-02-12 02:50 - 2012-02-12 02:50 - 0270142 ____A C:\Users\Jessica\Desktop\Minecraft.exe
2012-02-11 10:18 - 2012-02-11 10:18 - 0000857 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk
2012-02-11 10:16 - 2012-02-11 10:18 - 15795360 ____A (Mozilla) C:\Users\Jessica\Downloads\Firefox Setup 10.0.1.exe
2012-02-08 21:29 - 2009-07-21 12:34 - 0003554 ____A C:\Users\Jessica\Desktop\Activate Sound in SafeMode.reg
2012-02-08 21:29 - 2009-07-21 12:30 - 0083784 ____A C:\Users\Jessica\Desktop\Safe-Mode Help.png
2012-02-08 21:27 - 2012-02-08 21:27 - 0069939 ____A C:\Users\Jessica\Desktop\Activate Sound in SafeMode.zip
2012-02-08 17:47 - 2012-02-08 17:47 - 0000000 ____D C:\Program Files\Uniblue
2012-02-08 17:14 - 2012-02-23 20:54 - 0040776 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbamswissarmy.sys
2012-02-08 17:14 - 2012-02-08 17:14 - 0000000 ____D C:\Users\Jessica\AppData\Roaming\Malwarebytes
2012-02-08 17:14 - 2012-02-08 17:14 - 0000000 ____D C:\Users\All Users\Malwarebytes
2012-02-08 17:14 - 2012-02-08 17:14 - 0000000 ____D C:\ProgramData\Malwarebytes
2012-02-08 17:14 - 2012-02-08 17:14 - 0000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2012-02-08 17:14 - 2011-12-10 15:24 - 0020464 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2012-02-08 17:13 - 2012-02-08 17:13 - 9502424 ____A (Malwarebytes Corporation ) C:\mbam--setup-1.60.1.1000.exe
2012-02-08 16:53 - 2012-02-08 16:53 - 0000000 ____D C:\Users\Jessica\AppData\Roaming\TeamViewer
2012-02-08 16:39 - 2012-02-08 16:39 - 0000175 ____A C:\Users\Jessica\AppData\Local\rahistory.xml
2012-02-08 16:39 - 2012-02-08 16:39 - 0000000 ____D C:\Users\Jessica\Documents\Remote Assistance Logs
2012-02-08 15:13 - 2012-01-10 14:36 - 0638784 ____A (Sysinternals - www.sysinternals.com) C:\Users\Jessica\Desktop\autoruns.exe
2012-02-08 15:13 - 2012-01-10 14:36 - 0557888 ____A (Sysinternals - www.sysinternals.com) C:\Users\Jessica\Desktop\autorunsc.exe
2012-02-08 15:13 - 2011-11-05 12:52 - 0049648 ____A C:\Users\Jessica\Desktop\autoruns.chm
2012-02-08 15:12 - 2012-02-08 15:12 - 0534659 ____A C:\Users\Jessica\Desktop\Autoruns.zip
2012-02-08 13:45 - 2012-02-08 13:45 - 0000000 __SHD C:\found.006
2012-02-08 13:36 - 2012-02-11 09:53 - 0000336 ____A C:\Windows\Tasks\RegistryBooster.job
2012-02-08 13:36 - 2012-02-08 13:36 - 0000000 __HDC C:\Users\All Users\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}
2012-02-08 13:36 - 2012-02-08 13:36 - 0000000 __HDC C:\ProgramData\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}
2012-02-08 13:36 - 2012-02-08 13:36 - 0000000 ____D C:\Users\Jessica\AppData\Roaming\Uniblue
2012-02-08 13:36 - 2012-02-08 13:36 - 0000000 ____D C:\Users\Jessica\AppData\Local\PackageAware
2012-02-07 18:57 - 2009-03-18 16:35 - 0026176 ___AH (LogMeIn, Inc.) C:\Windows\System32\hamachi.sys
2012-02-07 18:56 - 2012-02-07 18:56 - 0000000 ____D C:\Program Files\LogMeIn Hamachi
2012-02-04 20:35 - 2012-02-04 20:35 - 2099402 ____A C:\Users\Jessica\Desktop\GunnaEatchabrains.mp3
2012-02-01 11:37 - 2012-02-01 11:37 - 0000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2012-01-30 16:26 - 2012-01-30 16:26 - 0138952 ____A C:\Windows\Minidump\Mini013012-01.dmp
2012-01-28 14:53 - 2012-01-28 14:53 - 0000000 ____D C:\Users\Jessica\Documents\Amnesia
2012-01-28 14:45 - 2012-01-28 14:45 - 0001968 ____A C:\Users\Jessica\Desktop\Amnesia.lnk
2012-01-28 14:35 - 2012-01-28 14:45 - 0000000 ____D C:\Program Files\Amnesia - The Dark Descent
2012-01-28 14:32 - 2012-02-26 16:53 - 0000779 ____A C:\Windows\setupact.log
2012-01-28 14:32 - 2012-02-26 16:53 - 0000000 ____A C:\Windows\setuperr.log
2012-01-28 13:26 - 2012-01-28 13:26 - 0000000 ____D C:\Users\Jessica\AppData\Roaming\Screaming Bee
2012-01-28 13:23 - 2012-01-28 13:26 - 0000000 ____D C:\Users\All Users\Screaming Bee
2012-01-28 13:23 - 2012-01-28 13:26 - 0000000 ____D C:\ProgramData\Screaming Bee
2012-01-28 13:23 - 2012-01-28 13:23 - 0000000 ____D C:\Program Files\Screaming Bee

============ 3 Months Modified Files and Folders ===============

2012-02-27 17:13 - 2012-02-27 17:13 - 0000000 ____D C:\FRST
2012-02-27 17:04 - 2006-11-02 02:33 - 0707392 ____A C:\Windows\System32\PerfStringBackup.INI
2012-02-27 17:03 - 2011-11-05 10:22 - 7214366 ____A C:\Windows\ntbtlog.txt
2012-02-27 17:02 - 2012-02-27 17:02 - 0862468 ____A C:\Users\Jessica\Desktop\FRST.exe
2012-02-27 16:54 - 2012-02-27 16:54 - 0000000 ____D C:\Users\All Users\Panda Security
2012-02-27 16:54 - 2012-02-27 16:54 - 0000000 ____D C:\ProgramData\Panda Security
2012-02-27 16:54 - 2012-02-27 16:54 - 0000000 ____D C:\Program Files\Panda USB Vaccine
2012-02-27 16:48 - 2012-02-27 16:48 - 0848856 ____A (Panda Security ) C:\Users\Jessica\Desktop\USBVaccineSetup.exe
2012-02-26 21:56 - 2012-02-26 21:56 - 0000461 ____A C:\Users\Jessica\Desktop\forum post.txt
2012-02-26 20:27 - 2012-02-26 20:27 - 0005672 ____A C:\Users\Jessica\Desktop\ark.txt
2012-02-26 18:21 - 2012-02-26 18:21 - 0016982 ____A C:\Users\Jessica\Desktop\attach.txt
2012-02-26 18:21 - 2012-02-26 18:21 - 0013368 ____A C:\Users\Jessica\Desktop\dds.txt
2012-02-26 17:52 - 2012-02-26 17:52 - 0302592 ____A C:\Users\Jessica\Desktop\rcptffjm.exe
2012-02-26 17:46 - 2012-02-26 17:46 - 0000020 ____A C:\Users\Jessica\defogger_reenable
2012-02-26 17:46 - 2011-01-04 23:21 - 0000000 ____D C:\users\Jessica
2012-02-26 17:46 - 2011-01-03 20:25 - 0000000 ____D C:\Program Files\Mozilla Firefox
2012-02-26 17:45 - 2012-02-26 17:45 - 0050477 ____A C:\Users\Jessica\Desktop\Defogger.exe
2012-02-26 17:13 - 2012-02-26 17:13 - 0000000 __SHD C:\found.008
2012-02-26 16:54 - 2012-02-26 16:54 - 0000000 ____D C:\$WINDOWS.~BT
2012-02-26 16:53 - 2012-02-23 15:55 - 0001890 ____A C:\Windows\diagwrn.xml
2012-02-26 16:53 - 2012-02-23 15:55 - 0001890 ____A C:\Windows\diagerr.xml
2012-02-26 16:53 - 2012-01-28 14:32 - 0000779 ____A C:\Windows\setupact.log
2012-02-26 16:53 - 2012-01-28 14:32 - 0000000 ____A C:\Windows\setuperr.log
2012-02-26 16:22 - 2011-04-15 14:52 - 0001356 ____A C:\Users\Jessica\AppData\Local\d3d9caps.dat
2012-02-24 22:37 - 2012-02-24 22:37 - 0773400 ____A C:\Users\Jessica\Desktop\Prius_Downloader.exe
2012-02-23 22:46 - 2011-10-30 20:30 - 0008368 ____A C:\Windows\PFRO.log
2012-02-23 20:54 - 2012-02-08 17:14 - 0040776 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbamswissarmy.sys
2012-02-23 16:39 - 2012-02-23 16:39 - 0607260 ____R (Swearware) C:\Users\Jessica\Desktop\dds.scr
2012-02-23 15:54 - 2011-05-03 13:36 - 0000000 ____D C:\Users\Jessica\AppData\Roaming\uTorrent
2012-02-23 15:51 - 2012-02-23 00:22 - 0000000 ____D C:\Users\Jessica\Desktop\Windows.7.HomePremium+Ultimate.SP1.32+64Bit.(2011-10-12)
2012-02-23 14:50 - 2012-02-23 14:49 - 0000000 ____D C:\Users\Jessica\Desktop\ESET NOD 32 Anti-Virus 4.0.468.0
2012-02-22 17:42 - 2012-02-22 17:42 - 0000694 ____A C:\Users\Jessica\Desktop\perfect life.txt
2012-02-22 14:18 - 2012-02-22 14:18 - 0138952 ____A C:\Windows\Minidump\Mini022212-01.dmp
2012-02-22 14:18 - 2011-12-10 08:05 - 213744388 ____A C:\Windows\MEMORY.DMP
2012-02-22 14:18 - 2011-03-24 08:15 - 0000000 ____D C:\Windows\Minidump
2012-02-20 13:38 - 2011-11-26 14:59 - 0000000 ____D C:\Users\Jessica\Desktop\VisualBoyAdvance-1.8.0-beta3
2012-02-16 17:06 - 2012-02-16 17:06 - 0138952 ____A C:\Windows\Minidump\Mini021612-01.dmp
2012-02-15 01:07 - 2012-02-15 01:04 - 0000000 ___SD C:\ComboFix
2012-02-14 22:02 - 2012-02-14 22:02 - 0000000 __SHD C:\found.007
2012-02-14 21:34 - 2012-02-14 21:34 - 0000000 ____D C:\Windows\ERDNT
2012-02-14 21:34 - 2012-02-14 21:30 - 0000000 ____D C:\Qoobox
2012-02-14 21:33 - 2011-04-16 15:54 - 0000000 ____D C:\Program Files\AVAST Software
2012-02-14 21:17 - 2012-02-14 21:17 - 4403246 ____R (Swearware) C:\Users\Jessica\Desktop\ComboFix.exe
2012-02-14 21:11 - 2011-01-03 18:06 - 1371408 ____A C:\Windows\WindowsUpdate.log
2012-02-14 19:22 - 2011-01-05 20:15 - 0000000 ____D C:\Users\Jessica\AppData\Roaming\Skype
2012-02-14 18:17 - 2006-11-02 05:01 - 0000006 ___AH C:\Windows\Tasks\SA.DAT
2012-02-14 18:17 - 2006-11-02 04:47 - 0003616 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2012-02-14 18:17 - 2006-11-02 04:47 - 0003616 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2012-02-12 02:50 - 2012-02-12 02:50 - 0270142 ____A C:\Users\Jessica\Desktop\Minecraft.exe
2012-02-11 10:18 - 2012-02-11 10:18 - 0000857 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk
2012-02-11 10:18 - 2012-02-11 10:16 - 15795360 ____A (Mozilla) C:\Users\Jessica\Downloads\Firefox Setup 10.0.1.exe
2012-02-11 09:53 - 2012-02-08 13:36 - 0000336 ____A C:\Windows\Tasks\RegistryBooster.job
2012-02-10 07:53 - 2011-01-03 20:23 - 0000882 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2012-02-08 21:27 - 2012-02-08 21:27 - 0069939 ____A C:\Users\Jessica\Desktop\Activate Sound in SafeMode.zip
2012-02-08 17:47 - 2012-02-08 17:47 - 0000000 ____D C:\Program Files\Uniblue
2012-02-08 17:14 - 2012-02-08 17:14 - 0000000 ____D C:\Users\Jessica\AppData\Roaming\Malwarebytes
2012-02-08 17:14 - 2012-02-08 17:14 - 0000000 ____D C:\Users\All Users\Malwarebytes
2012-02-08 17:14 - 2012-02-08 17:14 - 0000000 ____D C:\ProgramData\Malwarebytes
2012-02-08 17:14 - 2012-02-08 17:14 - 0000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2012-02-08 17:13 - 2012-02-08 17:13 - 9502424 ____A (Malwarebytes Corporation ) C:\mbam--setup-1.60.1.1000.exe
2012-02-08 16:53 - 2012-02-08 16:53 - 0000000 ____D C:\Users\Jessica\AppData\Roaming\TeamViewer
2012-02-08 16:39 - 2012-02-08 16:39 - 0000175 ____A C:\Users\Jessica\AppData\Local\rahistory.xml
2012-02-08 16:39 - 2012-02-08 16:39 - 0000000 ____D C:\Users\Jessica\Documents\Remote Assistance Logs
2012-02-08 15:14 - 2011-11-05 11:07 - 0000000 ____D C:\Windows\pss
2012-02-08 15:12 - 2012-02-08 15:12 - 0534659 ____A C:\Users\Jessica\Desktop\Autoruns.zip
2012-02-08 13:50 - 2011-11-30 02:05 - 0000000 ____D C:\Users\Jessica\AppData\Local\LogMeIn Hamachi
2012-02-08 13:45 - 2012-02-08 13:45 - 0000000 __SHD C:\found.006
2012-02-08 13:36 - 2012-02-08 13:36 - 0000000 __HDC C:\Users\All Users\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}
2012-02-08 13:36 - 2012-02-08 13:36 - 0000000 __HDC C:\ProgramData\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}
2012-02-08 13:36 - 2012-02-08 13:36 - 0000000 ____D C:\Users\Jessica\AppData\Roaming\Uniblue
2012-02-08 13:36 - 2012-02-08 13:36 - 0000000 ____D C:\Users\Jessica\AppData\Local\PackageAware
2012-02-08 13:08 - 2011-01-03 20:23 - 0000886 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2012-02-08 13:01 - 2006-11-02 03:18 - 0000000 ____D C:\Windows\rescache
2012-02-08 12:22 - 2006-11-02 05:01 - 0032570 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2012-02-07 18:56 - 2012-02-07 18:56 - 0000000 ____D C:\Program Files\LogMeIn Hamachi
2012-02-07 18:34 - 2011-12-02 13:03 - 0000000 ____D C:\Users\Guest\AppData\Local\LogMeIn Hamachi
2012-02-04 20:35 - 2012-02-04 20:35 - 2099402 ____A C:\Users\Jessica\Desktop\GunnaEatchabrains.mp3
2012-02-01 11:37 - 2012-02-01 11:37 - 0000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2012-01-30 16:26 - 2012-01-30 16:26 - 0138952 ____A C:\Windows\Minidump\Mini013012-01.dmp
2012-01-30 09:33 - 2011-01-05 20:15 - 0000000 ____D C:\Users\Michelle\AppData\Roaming\Skype
2012-01-29 20:16 - 2011-12-04 19:28 - 0000000 ____D C:\Users\Michelle\AppData\Local\LogMeIn Hamachi
2012-01-28 14:53 - 2012-01-28 14:53 - 0000000 ____D C:\Users\Jessica\Documents\Amnesia
2012-01-28 14:45 - 2012-01-28 14:45 - 0001968 ____A C:\Users\Jessica\Desktop\Amnesia.lnk
2012-01-28 14:45 - 2012-01-28 14:35 - 0000000 ____D C:\Program Files\Amnesia - The Dark Descent
2012-01-28 13:26 - 2012-01-28 13:26 - 0000000 ____D C:\Users\Jessica\AppData\Roaming\Screaming Bee
2012-01-28 13:26 - 2012-01-28 13:23 - 0000000 ____D C:\Users\All Users\Screaming Bee
2012-01-28 13:26 - 2012-01-28 13:23 - 0000000 ____D C:\ProgramData\Screaming Bee
2012-01-28 13:23 - 2012-01-28 13:23 - 0000000 ____D C:\Program Files\Screaming Bee
2012-01-27 20:33 - 2012-01-27 20:33 - 0706940 ____A C:\Users\Jessica\Desktop\haunted - chuck palahniuk.pdf
2012-01-27 17:20 - 2012-01-03 19:55 - 0000132 ____A C:\Users\Jessica\AppData\Roaming\Adobe PNG Format CS5 Prefs
2012-01-27 16:54 - 2012-01-27 16:39 - 0000000 ____D C:\Users\Jessica\Desktop\The Virgin Suicides.1999.DVDRip.x264-VLiS
2012-01-25 19:29 - 2012-01-25 19:29 - 7777220 ____A C:\Users\Jessica\Desktop\Nightmare Night.mp3
2012-01-19 07:41 - 2011-05-27 19:57 - 0080384 ____A C:\Users\Jessica\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-01-18 17:56 - 2011-05-13 14:18 - 0002613 ____A C:\Users\Jessica\Desktop\Microsoft Word 2010.lnk
2012-01-18 12:09 - 2012-01-04 22:56 - 0000000 ____D C:\Users\Jessica\Desktop\The Super Milk-chan Show
2012-01-18 10:27 - 2011-12-05 10:25 - 0000000 ____D C:\Users\Jessica\AppData\Local\Microsoft Help
2012-01-17 23:02 - 2012-01-17 23:02 - 0000000 ____A C:\Users\Jessica\AppData\Local\{5CEC26AC-090C-498D-A474-22D2CC995E63}
2012-01-17 21:44 - 2012-01-17 21:43 - 0016281 ____A C:\Users\Jessica\Documents\PE Paper #3.docx
2012-01-16 11:28 - 2012-01-15 12:38 - 0165241 ____A C:\Users\Jessica\Documents\Front of Volunteer Brochure.docx
2012-01-16 09:01 - 2012-01-16 09:01 - 0664209 ____A C:\Users\Jessica\Documents\Back of Volunteering Brochure (Autosaved).docx
2012-01-15 23:17 - 2012-01-07 11:04 - 1050266200 ____A C:\Users\Jessica\Desktop\Bold Native.avi
2012-01-15 12:38 - 2012-01-15 12:38 - 0000162 ___AH C:\Users\Jessica\Documents\~$ont of Volunteer Brochure.docx
2012-01-15 11:38 - 2012-01-15 11:38 - 0000162 ___AH C:\Users\Jessica\Documents\~$ck of Volunteering Brochure.docx
2012-01-15 11:28 - 2012-01-15 11:26 - 0663943 ____A C:\Users\Jessica\Documents\Back of Volunteering Brochure.docx
2012-01-13 19:25 - 2012-01-13 19:25 - 0147842 ____A C:\Users\Jessica\Desktop\the_moral_basis_of_vegetarianism.pdf
2012-01-13 16:48 - 2012-01-13 16:48 - 0464822 ____A C:\Users\Jessica\Desktop\i'm wide awake it's morning.jpg
2012-01-11 16:05 - 2006-11-02 03:18 - 0000000 ____D C:\Windows\Microsoft.NET
2012-01-11 13:37 - 2011-01-03 18:12 - 0000000 ____D C:\Users\All Users\Microsoft Help
2012-01-11 13:37 - 2011-01-03 18:12 - 0000000 ____D C:\ProgramData\Microsoft Help
2012-01-11 13:31 - 2006-11-02 02:24 - 52128560 ____A (Microsoft Corporation) C:\Windows\System32\mrt.exe
2012-01-10 14:36 - 2012-02-08 15:13 - 0638784 ____A (Sysinternals - www.sysinternals.com) C:\Users\Jessica\Desktop\autoruns.exe
2012-01-10 14:36 - 2012-02-08 15:13 - 0557888 ____A (Sysinternals - www.sysinternals.com) C:\Users\Jessica\Desktop\autorunsc.exe
2012-01-07 17:11 - 2012-01-07 17:11 - 0000000 ____D C:\Users\Jessica\AppData\Local\{B1215770-E019-4650-A662-DB132209E4D4}
2012-01-07 11:03 - 2012-01-07 11:03 - 0018140 ____A C:\Users\Jessica\Documents\The Dead Dog Lyrics.docx
2012-01-07 11:03 - 2012-01-07 11:03 - 0016039 ____A C:\Users\Jessica\Documents\Lyric Analysis.docx
2012-01-05 22:13 - 2012-01-05 22:13 - 0001477 ____A C:\Users\Jessica\Desktop\things for the home.txt
2012-01-05 20:31 - 2012-01-05 20:31 - 0000000 ____D C:\Users\Jessica\AppData\Roaming\Unity
2012-01-05 20:29 - 2012-01-05 20:29 - 0000000 ____D C:\Users\Jessica\AppData\Local\Unity
2012-01-05 20:29 - 2011-01-04 23:21 - 0000000 ____D C:\Users\Jessica\AppData\LocalLow
2012-01-05 17:58 - 2012-01-05 17:57 - 11503496 ____A () C:\Users\Jessica\Desktop\ShamanShowdown.exe
2012-01-03 19:46 - 2012-01-03 19:46 - 0001027 ____A C:\Users\Jessica\Desktop\Adobe Photoshop CS5.1.lnk
2012-01-03 17:50 - 2012-01-03 17:50 - 0000000 ____D C:\Users\Jessica\AppData\Local\{10895F7A-FB8E-4A07-8970-431FB188F6B3}
2012-01-03 17:50 - 2012-01-03 17:49 - 0000000 ____D C:\Users\Jessica\AppData\Local\{FD88D617-7B15-4540-8338-F7505723CA0A}
2012-01-03 17:26 - 2012-01-03 17:26 - 0000000 ____D C:\Users\Jessica\AppData\Local\{64F58119-E233-4985-968B-6963AA8987EA}
2012-01-03 17:25 - 2012-01-03 17:24 - 0000000 ____D C:\Users\Jessica\AppData\Local\{E2B3DF86-480B-49EE-9E14-5588B4DD00E2}
2012-01-02 18:42 - 2012-01-02 18:42 - 0000000 ____D C:\Users\Jessica\AppData\Local\{C37F7514-2A03-4539-B2B3-4462A957BA0D}
2012-01-02 18:41 - 2012-01-02 18:41 - 0000000 ____D C:\Users\Jessica\AppData\Local\{F6F58CFF-A0CA-4B78-84D7-610C1D575F89}
2012-01-02 17:13 - 2012-01-02 17:13 - 0000000 ____D C:\Users\Michelle\AppData\Local\{9E2AA4D8-3169-4D80-8169-45CA778A79BC}
2012-01-02 17:12 - 2012-01-02 17:12 - 0000000 ____D C:\Users\Michelle\AppData\Local\{E039AFD1-A4AF-4F1D-A23A-444540FA4033}
2012-01-02 17:12 - 2011-04-16 19:30 - 0000000 ____D C:\Users\Michelle\Tracing
2012-01-02 16:51 - 2012-01-02 16:51 - 0000000 ____D C:\Users\Michelle\AppData\Local\{C96FADC0-F208-4B61-8D0C-1AB0A842DF73}
2012-01-02 16:51 - 2012-01-02 16:50 - 0000000 ____D C:\Users\Michelle\AppData\Local\{AAB2DA66-4561-4910-9ECA-EBC28772A667}
2012-01-02 16:48 - 2011-01-03 20:06 - 0127160 ____A C:\Users\Michelle\AppData\Local\GDIPFONTCACHEV1.DAT
2011-12-30 21:13 - 2012-01-04 13:48 - 6850016 ____A C:\Users\Jessica\Desktop\01 The Dead Dog.mp3
2011-12-30 20:40 - 2011-04-16 17:13 - 0000000 ____D C:\Users\Jessica\AppData\Roaming\Apple Computer
2011-12-30 20:36 - 2011-12-30 20:36 - 0001675 ____A C:\Users\Public\Desktop\iTunes.lnk
2011-12-30 20:35 - 2011-12-30 20:33 - 0000000 ____D C:\Program Files\iTunes
2011-12-30 20:33 - 2011-12-30 20:33 - 0000000 ____D C:\Program Files\iPod
2011-12-30 20:33 - 2011-02-27 17:46 - 0000000 ____D C:\Program Files\Common Files\Apple
2011-12-30 20:31 - 2011-02-27 17:46 - 0000000 ____D C:\Users\All Users\Apple
2011-12-30 20:31 - 2011-02-27 17:46 - 0000000 ____D C:\ProgramData\Apple
2011-12-30 20:26 - 2011-12-30 20:26 - 0000000 ____D C:\Program Files\Bonjour
2011-12-30 06:28 - 2011-12-16 07:35 - 0000000 ____D C:\Users\Jessica\AppData\Local\SecondLife
2011-12-29 14:10 - 2011-12-29 14:10 - 0000000 ____D C:\Users\Jessica\AppData\Local\{CC8D4DA7-7682-4A11-AD19-50F82DFBE78A}
2011-12-29 14:09 - 2011-12-29 14:09 - 0000000 ____D C:\Users\Jessica\AppData\Local\{6547E2AE-7E2C-4B2A-A0C3-02916B651344}
2011-12-29 13:53 - 2011-12-29 13:53 - 0000000 ____D C:\Users\Jessica\AppData\Local\{93952165-2566-4C84-99CC-DDB19E6A66B1}
2011-12-29 13:53 - 2011-12-29 13:53 - 0000000 ____D C:\Users\Jessica\AppData\Local\{39E9FAE6-E13D-4688-BB18-CC2AF8A059F7}
2011-12-28 17:39 - 2011-12-28 17:38 - 0000000 ____D C:\Users\Jessica\AppData\Local\{5B3BC673-59BE-45E2-B11B-A85A60BCC817}
2011-12-28 17:38 - 2011-12-28 17:38 - 0000000 ____D C:\Users\Jessica\AppData\Local\{C181ED47-70A7-485E-87E1-52F8347F491C}
2011-12-27 11:36 - 2011-12-27 11:36 - 0000680 ____A C:\Users\Guest\AppData\Local\d3d9caps.dat
2011-12-25 20:22 - 2011-12-25 20:22 - 0000000 ____D C:\Users\Jessica\AppData\Local\{A158DA79-D402-430B-81B9-D292A601013B}
2011-12-25 20:21 - 2011-12-25 20:21 - 0000000 ____D C:\Users\Jessica\AppData\Local\{99517869-A257-48AF-8D7F-B694945A408A}
2011-12-25 14:19 - 2011-12-25 14:19 - 0000000 ____D C:\Users\Jessica\AppData\Local\{CE392D3C-7602-4B9C-B303-F27EB84F3EC1}
2011-12-25 14:19 - 2011-12-25 14:18 - 0000000 ____D C:\Users\Jessica\AppData\Local\{EBAAF97B-C374-401F-91AB-1BCBC1803317}
2011-12-24 16:11 - 2011-12-24 16:11 - 0546339 ____A C:\Users\Jessica\Desktop\(ebook) william s burroughs - naked lunch.pdf
2011-12-22 09:04 - 2011-12-22 09:04 - 0001456 ____A C:\Users\Jessica\AppData\Local\Adobe Save for Web 12.0 Prefs
2011-12-22 09:04 - 2011-01-05 01:06 - 0000000 ____D C:\Users\Jessica\AppData\Roaming\Adobe
2011-12-21 11:47 - 2011-10-10 13:02 - 0000000 ____D C:\Users\All Users\regid.1986-12.com.adobe
2011-12-21 11:47 - 2011-10-10 13:02 - 0000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2011-12-21 11:47 - 2011-04-03 09:33 - 0000000 ____D C:\Users\Jessica\AppData\Local\Adobe
2011-12-20 22:40 - 2011-04-17 22:44 - 0000000 ____D C:\Users\Jessica\Documents\My Received Files
2011-12-20 14:46 - 2011-12-20 14:37 - 0000000 ____D C:\Program Files\SecondLifeViewer
2011-12-20 14:45 - 2011-12-16 07:35 - 0000000 ____D C:\Users\Jessica\AppData\Roaming\SecondLife
2011-12-20 14:38 - 2011-12-20 14:38 - 0000933 ____A C:\Users\Public\Desktop\Second Life Viewer.lnk
2011-12-20 11:31 - 2011-12-20 11:27 - 0000000 ____D C:\Windows\System32\directx
2011-12-20 11:30 - 2008-08-14 11:28 - 0000000 ___HD C:\Windows\msdownld.tmp
2011-12-20 11:27 - 2011-12-20 11:27 - 0000000 ____D C:\Program Files\ffdshow
2011-12-20 11:24 - 2008-08-14 11:00 - 0000000 ___HD C:\Program Files\InstallShield Installation Information
2011-12-20 00:54 - 2011-01-12 02:20 - 0006131 ____A C:\Users\Jessica\Documents\WishList.txt
2011-12-19 23:43 - 2006-11-02 02:23 - 0002577 ____A C:\Windows\System32\config.nt
2011-12-17 10:56 - 2011-12-17 10:56 - 0000000 ____D C:\Users\Jessica\AppData\Local\{6187828B-45C6-4E17-B9B9-4332C0C4F836}
2011-12-17 10:56 - 2011-12-17 10:56 - 0000000 ____D C:\Users\Jessica\AppData\Local\{0CAF432F-43CB-4A8C-BB6F-E901C7ACB5B5}
2011-12-17 10:34 - 2011-12-17 10:34 - 0000000 ____D C:\Users\Jessica\AppData\Local\{51425B6D-0D3F-4357-B3DC-AFDECFC0EF7A}
2011-12-17 10:33 - 2011-12-17 10:33 - 0000000 ____D C:\Users\Jessica\AppData\Local\{8DC9EF24-DA56-43F0-955B-7150ED94F2FA}
2011-12-16 19:55 - 2011-12-16 19:54 - 0000000 ____D C:\Users\Jessica\AppData\Local\{008215F5-A787-4075-A248-53363331F0B2}
2011-12-16 19:54 - 2011-12-16 19:54 - 0000000 ____D C:\Users\Jessica\AppData\Local\{CB24CAC8-9652-4E41-A918-72FD75FF67F5}
2011-12-16 19:39 - 2011-12-16 19:38 - 0000000 ____D C:\Users\Jessica\AppData\Local\{0AD104BE-86D8-4D8F-978A-21AC1F5555EC}
2011-12-16 19:38 - 2011-12-16 19:38 - 0000000 ____D C:\Users\Jessica\AppData\Local\{88EF4AF5-DE92-4C97-B547-5769115D97A8}
2011-12-16 17:03 - 2011-01-04 23:17 - 0127160 ____A C:\Users\Guest\AppData\Local\GDIPFONTCACHEV1.DAT
2011-12-16 15:32 - 2011-12-16 15:32 - 0000000 ____D C:\Users\Jessica\AppData\Local\{4B5E53B7-DF00-4AA5-AAC4-91FB702CD418}
2011-12-16 15:32 - 2011-12-16 15:31 - 0000000 ____D C:\Users\Jessica\AppData\Local\{3DA58BD4-24F8-45FA-B8A0-C52AEB81E18E}
2011-12-16 15:14 - 2011-12-16 15:13 - 0000000 ____D C:\Users\Jessica\AppData\Local\{AE673B22-4A54-482C-A140-5F020B1CD604}
2011-12-16 15:13 - 2011-12-16 15:13 - 0000000 ____D C:\Users\Jessica\AppData\Local\{8A61F373-5C93-4477-9640-DAE9125AB874}
2011-12-16 09:50 - 2011-12-16 09:50 - 0000000 ____D C:\Users\Jessica\AppData\Local\{3BD97329-FA64-43A1-99FF-5FAE13B443BC}
2011-12-16 09:50 - 2011-12-16 09:50 - 0000000 ____D C:\Users\Jessica\AppData\Local\{2C603C9F-7D94-4C95-9F97-A62AEDD585A6}
2011-12-16 09:32 - 2011-12-16 09:32 - 0000000 ____D C:\Users\Jessica\AppData\Local\{7CFEDD7D-106E-46A9-861B-22FC70A46A12}
2011-12-16 09:32 - 2011-12-16 09:32 - 0000000 ____D C:\Users\Jessica\AppData\Local\{0D99923E-50F2-4F94-B25E-CD55546B6A9B}
2011-12-16 07:33 - 2011-12-16 07:33 - 0000000 ____D C:\Users\Jessica\AppData\Local\{E5EED5A6-4408-4685-8734-C4DAC15E23C7}
2011-12-16 07:33 - 2011-12-16 07:32 - 0000000 ____D C:\Users\Jessica\AppData\Local\{F6E31649-6D79-4387-A8C8-6516379C756B}
2011-12-16 07:09 - 2011-12-16 07:09 - 0000000 ____D C:\Users\Jessica\AppData\Local\{8B7FB81E-D6A6-46D2-8F90-AC95DECCC146}
2011-12-16 07:09 - 2011-12-16 07:08 - 0000000 ____D C:\Users\Jessica\AppData\Local\{DF25F6CC-A0F5-4278-866E-32AD5FA7108A}
2011-12-16 05:59 - 2011-12-16 05:59 - 0000000 ____D C:\Users\Jessica\AppData\Local\{DB5A4722-128F-4C05-B8C2-D59BBFB1DDDC}
2011-12-16 05:59 - 2011-12-16 05:58 - 0000000 ____D C:\Users\Jessica\AppData\Local\{EBBF19EF-1248-4BA2-AB33-77AF37C403D3}
2011-12-16 05:42 - 2011-12-16 05:42 - 0000000 ____D C:\Users\Jessica\AppData\Local\{DC3D85D9-5402-44BC-8BA6-8644BFEDB6B4}
2011-12-16 05:42 - 2011-12-16 05:42 - 0000000 ____D C:\Users\Jessica\AppData\Local\{B21E8ACF-BD94-431C-A509-AA1E1FE6F9C7}
2011-12-15 05:28 - 2011-12-15 05:27 - 0000000 ____D C:\Users\Jessica\AppData\Local\{3B7D5B95-FFAF-4629-A66F-C2242D112A1F}
2011-12-15 05:27 - 2011-12-15 05:27 - 0000000 ____D C:\Users\Jessica\AppData\Local\{019E7360-05F3-4E0D-B674-635E359D967B}
2011-12-15 05:27 - 2011-01-04 23:21 - 0127160 ____A C:\Users\Jessica\AppData\Local\GDIPFONTCACHEV1.DAT
2011-12-15 03:36 - 2006-11-02 04:47 - 3787104 ____A C:\Windows\System32\FNTCACHE.DAT
2011-12-12 14:23 - 2011-12-12 14:23 - 0000000 ____D C:\Users\Jessica\AppData\Local\{BD7835DA-B10F-4A0E-AEB5-D2633624AA72}
2011-12-12 14:23 - 2011-12-12 14:23 - 0000000 ____D C:\Users\Jessica\AppData\Local\{10923163-616D-4B49-BF50-D56DED91A5D2}
2011-12-12 13:57 - 2011-12-12 13:57 - 0000000 ____D C:\Users\Jessica\AppData\Local\{CC00DC8C-C363-46EA-A7AD-D63D82691A17}
2011-12-12 13:57 - 2011-12-12 13:57 - 0000000 ____D C:\Users\Jessica\AppData\Local\{8119E7AE-68A1-4C84-8BAB-4AAF2F509FDC}
2011-12-10 22:55 - 2011-12-10 22:55 - 0001080 ____A C:\Users\Jessica\Documents\Head turns lyrics.txt
2011-12-10 15:24 - 2012-02-08 17:14 - 0020464 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2011-12-10 09:20 - 2011-12-10 09:20 - 0000000 ____D C:\Users\Jessica\AppData\Local\{27D1F006-F78A-4AE9-98CC-4A820F684303}
2011-12-10 09:20 - 2011-12-10 09:20 - 0000000 ____D C:\Users\Jessica\AppData\Local\{098AB0AB-7CE9-4960-9D05-AA8ACC573DFC}
2011-12-10 08:05 - 2011-12-10 08:05 - 0138952 ____A C:\Windows\Minidump\Mini121011-01.dmp
2011-12-10 07:23 - 2011-12-10 07:23 - 0000000 __SHD C:\found.005
2011-12-07 23:10 - 2011-12-07 18:19 - 0017700 ____A C:\Users\Jessica\Documents\Project #1.docx
2011-12-07 22:33 - 2011-12-07 17:48 - 0020085 ____A C:\Users\Jessica\Documents\Project #4.docx
2011-12-07 19:08 - 2011-12-07 19:08 - 0000000 ____D C:\Users\Michelle\AppData\Local\{C8749D7F-1EF6-471E-A5F1-B0F3CEE3B7F7}
2011-12-07 19:08 - 2011-12-07 19:08 - 0000000 ____D C:\Users\Michelle\AppData\Local\{B215DF18-5A13-4987-B2C3-455C56E0D980}
2011-12-07 12:30 - 2011-12-07 12:28 - 0000000 ____D C:\Program Files\SecondLifeViewer2
2011-12-05 12:59 - 2006-11-02 03:18 - 0000000 ____D C:\Program Files\Common Files\microsoft shared
2011-12-05 12:58 - 2006-11-02 04:37 - 0000000 ____D C:\Program Files\MSBuild
2011-12-05 12:56 - 2011-12-05 12:56 - 0000000 ____D C:\Program Files\Microsoft Sync Framework
2011-12-05 10:51 - 2011-12-05 10:51 - 0000000 ____D C:\Users\Jessica\AppData\Local\{8A0344E2-7396-4477-96BF-2A1E99FEDC18}
2011-12-05 10:51 - 2011-12-05 10:51 - 0000000 ____D C:\Users\Jessica\AppData\Local\{37E5DE17-51C7-415C-8A21-C17D9E32906E}
2011-12-05 10:28 - 2011-12-05 10:28 - 0000000 ____D C:\Program Files\Microsoft Visual Studio 8
2011-12-05 10:26 - 2006-11-02 03:18 - 0000000 ____D C:\Program Files\Common Files\System
2011-12-05 10:26 - 2006-11-02 02:23 - 0000254 ____A C:\Windows\win.ini
2011-12-05 10:25 - 2011-12-05 10:25 - 0000000 ____D C:\Program Files\Microsoft Analysis Services
2011-12-05 10:25 - 2006-11-02 04:37 - 0000000 ____D C:\Windows\ShellNew
2011-12-05 10:20 - 2011-12-05 10:20 - 0000000 ____D C:\Users\Jessica\AppData\Local\{AE342846-266A-4F2B-B4D1-8AAE5C2EDDD4}
2011-12-05 10:20 - 2011-12-05 10:19 - 0000000 ____D C:\Users\Jessica\AppData\Local\{7B45804D-11D0-4EB2-BDE5-2B9D1E628C6E}
2011-12-04 19:29 - 2011-12-04 19:29 - 0000000 ____D C:\Users\Michelle\AppData\Local\{B68C36BE-10F3-4BFC-8AE1-CCA478B268DA}
2011-12-04 19:29 - 2011-12-04 19:28 - 0000000 ____D C:\Users\Michelle\AppData\Local\{77E6745F-3B9E-4622-84A6-B32CE3CA9CB0}
2011-12-04 12:37 - 2011-12-04 12:37 - 0000000 ____D C:\Users\Jessica\AppData\Local\{C4B04DE5-6D22-4B6A-A295-1C0D21873A9D}
2011-12-04 12:37 - 2011-12-04 12:37 - 0000000 ____D C:\Users\Jessica\AppData\Local\{757356A1-EE9B-426B-A876-9C12A761A45D}
2011-12-04 10:40 - 2011-12-04 10:40 - 0000000 ____D C:\Users\Jessica\AppData\Local\{F7E2F7D9-194B-4434-8BB3-D8983783E07D}
2011-12-04 10:40 - 2011-12-04 10:39 - 0000000 ____D C:\Users\Jessica\AppData\Local\{E934F77C-C5C8-48ED-8970-3ED586C7930A}
2011-12-04 10:16 - 2011-12-04 10:16 - 0000000 ____D C:\Users\Jessica\AppData\Local\{3CDC0678-59C2-4857-B941-88263EDC685A}
2011-12-04 10:16 - 2011-12-04 10:15 - 0000000 ____D C:\Users\Jessica\AppData\Local\{546FD37D-3AA7-4A9C-8EBF-96BA89673462}
2011-11-30 19:32 - 2011-11-30 19:32 - 0000000 ____D C:\Users\Jessica\AppData\Local\{885AF88B-F4CB-4A8D-BC52-AE822924FC7C}
2011-11-30 19:32 - 2011-11-30 19:31 - 0000000 ____D C:\Users\Jessica\AppData\Local\{2FA78581-C229-4602-A623-412E8D55AC6D}
2011-11-30 19:10 - 2011-11-30 19:10 - 0000000 ____D C:\Users\Jessica\AppData\Local\{0E0C3BC3-5120-4B7C-8A74-5F3D759C769C}
2011-11-30 19:10 - 2011-11-30 19:09 - 0000000 ____D C:\Users\Jessica\AppData\Local\{62B2EF72-A378-49C5-A085-ACCE4905649A}
2011-11-30 16:44 - 2011-11-30 16:44 - 0000000 ____D C:\Users\Jessica\AppData\Local\{9AD347CF-86C7-4E57-BAEF-E0975C78C852}
2011-11-30 16:44 - 2011-11-30 16:43 - 0000000 ____D C:\Users\Jessica\AppData\Local\{1B8C8339-C528-408A-AF79-A2B675E7A4B7}
2011-11-30 16:20 - 2011-11-30 16:20 - 0000000 ____D C:\Users\Jessica\AppData\Local\{53CB60B1-0F81-4FEF-93BB-A3933CE1C53E}
2011-11-30 16:20 - 2011-11-30 16:19 - 0000000 ____D C:\Users\Jessica\AppData\Local\{7D36B58F-D257-417B-9F2E-DBE0EDC14030}
2011-11-30 15:51 - 2011-11-30 15:51 - 0000000 ____D C:\Users\Jessica\AppData\Local\{C2A06A72-DA2C-491A-AB6B-43BFE526F75D}
2011-11-30 15:51 - 2011-11-30 15:50 - 0000000 ____D C:\Users\Jessica\AppData\Local\{60994BE0-58BA-4431-A63F-85D6C9A4B27A}
2011-11-30 02:07 - 2011-11-30 02:07 - 0000000 ____D C:\Users\Jessica\Documents\My Games
2011-11-30 01:56 - 2011-11-30 01:56 - 0000000 ____D C:\Program Files\Microsoft XNA
2011-11-30 01:52 - 2011-11-30 01:52 - 0000815 ____A C:\Users\Jessica\Desktop\Terraria.lnk
2011-11-30 01:52 - 2011-11-30 01:52 - 0000000 ____D C:\Program Files\Terraria

========================= Known DLLs (Whitelisted) ============


========================= Bamital & volsnap Check ============

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\System32\User32.dll
[2011-01-06 14:37] - [2009-04-10 22:28] - 0627712 ____A (Microsoft Corporation) 75510147B94598407666F4802797C75A

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

========================= Memory info ======================

Percentage of memory in use: 14%
Total physical RAM: 2939.25 MB
Available physical RAM: 2520.76 MB
Total Pagefile: 2734.8 MB
Available Pagefile: 2589.43 MB
Total Virtual: 2047.88 MB
Available Virtual: 1974.32 MB

======================= Partitions =========================

1 Drive c: (SQ004829V03) (Fixed) (Total:289.53 GB) (Free:149.13 GB) NTFS ==>[Drive with boot components (obtanied from BCD)]
3 Drive e: (TOSHIBA SYSTEM VOLUME) (Fixed) (Total:1.46 GB) (Free:1.32 GB) NTFS
4 Drive f: () (Removable) (Total:1.86 GB) (Free:1.45 GB) FAT32
5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

Disk ### Status Size Free Dyn Gpt
-------- ---------- ------- ------- --- ---
Disk 0 Online 298 GB 0 B
Disk 1 Online 1908 MB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 OEM 1500 MB 1024 KB
Partition 2 Primary 290 GB 1501 MB
Partition 3 Primary 7265 MB 291 GB

Disk: 0
Partition 1
Type : 27
Hidden: Yes
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 E TOSHIBA SYS NTFS Partition 1500 MB Healthy Hidden

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 C SQ004829V03 NTFS Partition 290 GB Healthy

Disk: 0
Partition 3
Type : 17 (Suspicious Type)
Hidden: Yes
Active: No

There is no volume associated with this partition.

Partitions of Disk 1:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 1908 MB 16 KB

Disk: 1
Partition 1
Type : 06
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 F FAT32 Removable 1908 MB Healthy



==========================================================

Last Boot: 2012-02-27 17:01

======================= End Of Log ==========================

#10 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,392 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:32 PM

Posted 27 February 2012 - 09:23 PM

Greetings tierra,

Excellent! Nice work.

Please allow me some time to review the information. As you can see, there is a lot to check. I will post back as soon as possible but it will not be until tomorrow morning at the earliest.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#11 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,392 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:32 PM

Posted 28 February 2012 - 11:40 AM

Greetings tierra,


We need to take some additional steps to clarify the issues with your machine. Please perform the following for me.


===================================================


/NOEXECUTE=OPTIN

--------------------

  • Reboot your computer and tap the F10 key until Edit Boot Menu appears
  • You may see something similar to this:

    [ /NOEXECUTE=OPTIN]

  • Please write down this line and include it in your next reply
  • Press Enter to continue booting your computer.

===================================================


Uploading Minidump Files

--------------------

  • Press windows key Posted Image + r on your keyboard at the same time
  • Copy/paste the following line in the run box and click OK

    C:\Windows\Minidump

  • We need the following files to be uploaded:

    Mini022212-01.dmp
    Mini021612-01.dmp

  • Zip them first, to do that:
  • Hold down the Ctrl key and select the files one by one until you have selected all of them.
  • Right-click one of the selected file and select Send To from the Context menu => select Compressed (zip) Folder
  • Click Yes to any prompt. A zip file will be created in the same directory containing both files.
  • Click on this link: Upload to Channel 66
  • Click Browse... and navigate to: C:\Windows\Minidump
  • Highlight the zipped file and click Open.
  • Click Send File.

===================================================


Obtaining ComboFix Qoobox Log

--------------------

  • Press windows key Posted Image + r on your keyboard at the same time
  • Type Command Prompt
  • In the list of results, right-click Command Prompt, and then click Run as administrator
  • If you are prompted for an administrator password or confirmation, type the password or provide confirmation
  • Copy/paste the following line in the run box and click OK

    dir /a/s/b C:\QooBox >log.txt & log.txt

  • A text file will open. Please copy/paste that information in your reply.

===================================================


OTL

--------------------

Please download OTL here.

  • Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Change Services and Drivers from Use Safelist to All
  • Push the Posted Image button.
  • Copy and paste the two reports in your next reply.

  • OTL.txt <-- Will be opened
  • Extra.txt <-- Will be minimized

===================================================


Please describe how far your computer boots in Normal Mode before it restarts. Do you get to the Windows splash screen, to the logon screen, etc.


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • Results of /NOEXECUTE=OPTIN
  • Confirm Minidump files were uploaded
  • ComboFix Log
  • OTL.txt
  • Extra.txt
  • Information about rebooting

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#12 tierra

tierra
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:California
  • Local time:01:32 PM

Posted 02 March 2012 - 09:00 PM

I apologize if it seems like you're having to pull teeth with me but I keep running into problems! I don't know if it's significant or not (because I eventually got back on) but sometimes my computer won't even start in safe mode. It loads all the drivers and then it will restart. This is the reason for my late reply.

What do you mean by "write down the line"? "[ /NOEXECUTE=OPTIN " with a very long space after it is the only thing that shows up in the Edit Boot Options screen.

C:\QooBox\BackEnv
C:\QooBox\LastRun
C:\QooBox\Quarantine
C:\QooBox\Test
C:\QooBox\TestC
C:\QooBox\BackEnv\AppData.folder.dat
C:\QooBox\BackEnv\Cache.folder.dat
C:\QooBox\BackEnv\Cookies.folder.dat
C:\QooBox\BackEnv\Desktop.folder.dat
C:\QooBox\BackEnv\Favorites.folder.dat
C:\QooBox\BackEnv\History.folder.dat
C:\QooBox\BackEnv\LocalAppData.folder.dat
C:\QooBox\BackEnv\LocalSettings.folder.dat
C:\QooBox\BackEnv\Music.folder.dat
C:\QooBox\BackEnv\NetHood.folder.dat
C:\QooBox\BackEnv\Personal.folder.dat
C:\QooBox\BackEnv\Pictures.folder.dat
C:\QooBox\BackEnv\PrintHood.folder.dat
C:\QooBox\BackEnv\Profiles.Folder.dat
C:\QooBox\BackEnv\Profiles.Folder.folder.dat
C:\QooBox\BackEnv\Programs.folder.dat
C:\QooBox\BackEnv\Recent.folder.dat
C:\QooBox\BackEnv\SendTo.folder.dat
C:\QooBox\BackEnv\SetPath.bat
C:\QooBox\BackEnv\StartMenu.folder.dat
C:\QooBox\BackEnv\StartUp.folder.dat
C:\QooBox\BackEnv\SysPath.dat
C:\QooBox\BackEnv\Templates.folder.dat
C:\QooBox\BackEnv\VikPev00
C:\QooBox\LastRun\Gateway
C:\QooBox\Quarantine\C
C:\QooBox\Quarantine\catchme.log
C:\QooBox\Quarantine\Registry_backups

Whenever I try to run the OTL scan it freezes the computer up and I have no choice but to restart the computer. I have tried running it as administrator, without any other programs running, with no clicking around after pressing "Run Scan," but it still freezes without fail. It always stops at "Scanning Modules..."

I was able to upload the minidump files per your request

And the computer gets to this point, which I'm guessing is the splash screen! Once that screen goes away, the computer restarts.

Edited by tierra, 02 March 2012 - 09:01 PM.


#13 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,392 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:32 PM

Posted 03 March 2012 - 07:29 PM

Greetings tierra,


Thank you for the detailed information your provided, it is all very important. Our ultimate goal is that you will not experience any of the symptoms you are describing. Hang in there, I trust we will conquer this thing!

We won't concern ourselves with the "/NOEXECUTE=OPTIN" right now. If we need to, we will come back to it.

I would like you to perform the following steps for me please.


===================================================


Running Batch File as an Administrator

--------------------

  • Press windows key Posted Image + r on your keyboard at the same time
  • Type Notepad and press enter
  • Copy and paste the following into the Notepad document

    sc config PEVSystemStart start= disabled
    sc delete PEVSystemStart
    
  • Click File, then Save As... .
  • Click Desktop on the left.
  • Under the Save as type dropdown, select All Files.
  • In the box File Name, input fix.bat.
  • Click Save.
  • When done properly, the icon should look like this (or something similar) Posted Image on your desktop.
  • Close the Notepad
  • Right click on the icon and choose Posted Image.
  • Press Yes if prompted by User Account Control
  • Reboot your computer

===================================================


Removing Avast Antivirus

--------------------

  • Download avast! Uninstall Utility to your desktop
  • Reboot your computer into Safe Mode (Press F8)
  • Double click on the aswclear icon
  • On the avast! Software Uninstall Utility select avast! 6 Free/Pro/Internet Security
  • If the folder path is not automatically listed you can select it by clicking on the "..." button and expanding Select folder to get to the avast folder as is detailed below


    Posted Image


    Posted Image

  • Click OK, Uninstall then Yes
  • Once completed you will see "Program was Successfully Removed"
  • Click Yes to restart your computer

===================================================


Run TDSSKiller by Kaspersky on Vista/7

--------------------

  • Please download Kaspersky's TDSSKiller and save it to your Desktop. <-Important!!!
  • If you desire you may print out and follow the instructions for performing a scan.
  • Right-click on TDSSKiller.exe and select Run As Administrator.
  • When the program opens, click the Start Scan button.


    Posted Image

  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • Any objects found, will show in the Scan results - Select action for found objects and offer three options.
  • If an infected file is detected, the default action will be Cure...do not change it.


    Posted Image

  • Click Continue > Reboot now to finish the cleaning process.<- Important!!


    Posted Image

  • If 'Suspicious' objects are detected, you will be given the option to Skip or Quarantine. Skip will be the default selection. Leave it as such for now.
  • A log file named TDSSKiller_version_date_time_log.txt will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.
-- If TDSSKiller does not run, try renaming it. To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to these instructions. In some cases it may be necessary to redownload TDSSKiller and randomly rename it before downloading and saving to the computer or to perform the scan in "safe mode".

-- For any files detected as 'Suspicious' (except those identified as Forged to be cured after reboot) get a second opinion by submitting to Jotti's or VirusTotal. In the "File to upload & scan" box, browse to the location of the suspicious file and submit (upload) it for scanning/analysis. Please submit these results with your next reply


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • TDSSKiller log
  • How is your machine running now?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#14 tierra

tierra
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:California
  • Local time:01:32 PM

Posted 04 March 2012 - 07:09 AM

04:05:09.0970 1780 TDSS rootkit removing tool 2.7.18.0 Mar 2 2012 09:40:07
04:05:10.0344 1780 ============================================================
04:05:10.0344 1780 Current date / time: 2012/03/04 04:05:10.0344
04:05:10.0344 1780 SystemInfo:
04:05:10.0344 1780
04:05:10.0344 1780 OS Version: 6.0.6002 ServicePack: 2.0
04:05:10.0344 1780 Product type: Workstation
04:05:10.0344 1780 ComputerName: MICHELLE-PC
04:05:10.0344 1780 UserName: Jessica
04:05:10.0344 1780 Windows directory: C:\Windows
04:05:10.0344 1780 System windows directory: C:\Windows
04:05:10.0344 1780 Processor architecture: Intel x86
04:05:10.0344 1780 Number of processors: 2
04:05:10.0344 1780 Page size: 0x1000
04:05:10.0344 1780 Boot type: Safe boot with network
04:05:10.0344 1780 ============================================================
04:05:13.0292 1780 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
04:05:13.0308 1780 \Device\Harddisk0\DR0:
04:05:13.0308 1780 MBR used
04:05:13.0308 1780 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x2430F800
04:05:13.0386 1780 Initialize success
04:05:13.0386 1780 ============================================================
04:06:34.0834 1808 ============================================================
04:06:34.0834 1808 Scan started
04:06:34.0834 1808 Mode: Manual;
04:06:34.0834 1808 ============================================================
04:06:35.0582 1808 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
04:06:35.0598 1808 ACPI - ok
04:06:35.0660 1808 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
04:06:35.0660 1808 adp94xx - ok
04:06:35.0707 1808 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
04:06:35.0707 1808 adpahci - ok
04:06:35.0754 1808 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
04:06:35.0754 1808 adpu160m - ok
04:06:35.0832 1808 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
04:06:35.0832 1808 adpu320 - ok
04:06:35.0941 1808 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
04:06:35.0941 1808 AFD - ok
04:06:36.0144 1808 AgereSoftModem (ce91b158fa490cf4c4d487a4130f4660) C:\Windows\system32\DRIVERS\AGRSM.sys
04:06:36.0238 1808 AgereSoftModem - ok
04:06:36.0394 1808 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
04:06:36.0394 1808 agp440 - ok
04:06:36.0440 1808 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
04:06:36.0440 1808 aic78xx - ok
04:06:36.0487 1808 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
04:06:36.0487 1808 aliide - ok
04:06:36.0534 1808 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
04:06:36.0534 1808 amdagp - ok
04:06:36.0581 1808 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
04:06:36.0581 1808 amdide - ok
04:06:36.0628 1808 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
04:06:36.0643 1808 AmdK7 - ok
04:06:36.0690 1808 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
04:06:36.0690 1808 AmdK8 - ok
04:06:36.0737 1808 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
04:06:36.0752 1808 arc - ok
04:06:36.0799 1808 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
04:06:36.0799 1808 arcsas - ok
04:06:36.0877 1808 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
04:06:36.0877 1808 AsyncMac - ok
04:06:36.0924 1808 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
04:06:36.0924 1808 atapi - ok
04:06:36.0986 1808 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
04:06:36.0986 1808 Beep - ok
04:06:37.0049 1808 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
04:06:37.0049 1808 blbdrive - ok
04:06:37.0142 1808 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
04:06:37.0158 1808 bowser - ok
04:06:37.0205 1808 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
04:06:37.0205 1808 BrFiltLo - ok
04:06:37.0252 1808 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
04:06:37.0252 1808 BrFiltUp - ok
04:06:37.0314 1808 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
04:06:37.0314 1808 Brserid - ok
04:06:37.0376 1808 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
04:06:37.0376 1808 BrSerWdm - ok
04:06:37.0439 1808 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
04:06:37.0439 1808 BrUsbMdm - ok
04:06:37.0501 1808 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
04:06:37.0501 1808 BrUsbSer - ok
04:06:37.0579 1808 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
04:06:37.0579 1808 BTHMODEM - ok
04:06:37.0688 1808 catchme - ok
04:06:37.0751 1808 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
04:06:37.0751 1808 cdfs - ok
04:06:37.0813 1808 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
04:06:37.0813 1808 cdrom - ok
04:06:37.0860 1808 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
04:06:37.0860 1808 circlass - ok
04:06:37.0938 1808 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
04:06:37.0938 1808 CLFS - ok
04:06:38.0016 1808 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
04:06:38.0016 1808 CmBatt - ok
04:06:38.0063 1808 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
04:06:38.0063 1808 cmdide - ok
04:06:38.0110 1808 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
04:06:38.0110 1808 Compbatt - ok
04:06:38.0156 1808 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
04:06:38.0156 1808 crcdisk - ok
04:06:38.0203 1808 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
04:06:38.0203 1808 Crusoe - ok
04:06:38.0328 1808 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
04:06:38.0328 1808 DfsC - ok
04:06:38.0562 1808 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
04:06:38.0562 1808 disk - ok
04:06:38.0702 1808 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
04:06:38.0702 1808 Dot4 - ok
04:06:38.0749 1808 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
04:06:38.0749 1808 Dot4Print - ok
04:06:38.0780 1808 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
04:06:38.0780 1808 dot4usb - ok
04:06:38.0858 1808 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
04:06:38.0858 1808 drmkaud - ok
04:06:38.0921 1808 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
04:06:38.0936 1808 DXGKrnl - ok
04:06:39.0014 1808 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
04:06:39.0014 1808 E1G60 - ok
04:06:39.0108 1808 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
04:06:39.0108 1808 Ecache - ok
04:06:39.0202 1808 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
04:06:39.0202 1808 elxstor - ok
04:06:39.0264 1808 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
04:06:39.0264 1808 ErrDev - ok
04:06:39.0404 1808 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
04:06:39.0404 1808 exfat - ok
04:06:39.0482 1808 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
04:06:39.0482 1808 fastfat - ok
04:06:39.0560 1808 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
04:06:39.0560 1808 fdc - ok
04:06:39.0623 1808 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
04:06:39.0623 1808 FileInfo - ok
04:06:39.0685 1808 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
04:06:39.0685 1808 Filetrace - ok
04:06:39.0748 1808 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
04:06:39.0748 1808 flpydisk - ok
04:06:39.0794 1808 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
04:06:39.0810 1808 FltMgr - ok
04:06:39.0888 1808 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
04:06:39.0904 1808 Fs_Rec - ok
04:06:39.0950 1808 FwLnk (cbc22823628544735625b280665e434e) C:\Windows\system32\DRIVERS\FwLnk.sys
04:06:39.0950 1808 FwLnk - ok
04:06:39.0982 1808 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
04:06:39.0997 1808 gagp30kx - ok
04:06:40.0075 1808 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\Drivers\GEARAspiWDM.sys
04:06:40.0075 1808 GEARAspiWDM - ok
04:06:40.0216 1808 hamachi (833051c6c6c42117191935f734cfbd97) C:\Windows\system32\DRIVERS\hamachi.sys
04:06:40.0216 1808 hamachi - ok
04:06:40.0309 1808 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
04:06:40.0309 1808 HdAudAddService - ok
04:06:40.0387 1808 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
04:06:40.0403 1808 HDAudBus - ok
04:06:40.0465 1808 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
04:06:40.0481 1808 HidBth - ok
04:06:40.0528 1808 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
04:06:40.0528 1808 HidIr - ok
04:06:40.0590 1808 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
04:06:40.0590 1808 HidUsb - ok
04:06:40.0637 1808 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
04:06:40.0668 1808 HpCISSs - ok
04:06:40.0871 1808 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
04:06:40.0902 1808 HTTP - ok
04:06:40.0996 1808 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
04:06:40.0996 1808 i2omp - ok
04:06:41.0058 1808 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
04:06:41.0058 1808 i8042prt - ok
04:06:41.0120 1808 iaStor (707c1692214b1c290271067197f075f6) C:\Windows\system32\DRIVERS\iaStor.sys
04:06:41.0120 1808 iaStor - ok
04:06:41.0198 1808 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
04:06:41.0214 1808 iaStorV - ok
04:06:41.0339 1808 igfx (6fb1858d1f0923d122b0331865695041) C:\Windows\system32\DRIVERS\igdkmd32.sys
04:06:41.0401 1808 igfx - ok
04:06:41.0432 1808 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
04:06:41.0432 1808 iirsp - ok
04:06:41.0573 1808 IntcAzAudAddService (b9cbd3dea7ca02868621173bf7a2af9f) C:\Windows\system32\drivers\RTKVHDA.sys
04:06:41.0573 1808 IntcAzAudAddService - ok
04:06:41.0620 1808 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
04:06:41.0620 1808 intelide - ok
04:06:41.0666 1808 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
04:06:41.0666 1808 intelppm - ok
04:06:41.0744 1808 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
04:06:41.0744 1808 IpFilterDriver - ok
04:06:41.0776 1808 IpInIp - ok
04:06:41.0822 1808 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
04:06:41.0822 1808 IPMIDRV - ok
04:06:41.0869 1808 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
04:06:41.0869 1808 IPNAT - ok
04:06:41.0978 1808 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
04:06:41.0978 1808 IRENUM - ok
04:06:42.0041 1808 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
04:06:42.0041 1808 isapnp - ok
04:06:42.0103 1808 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
04:06:42.0103 1808 iScsiPrt - ok
04:06:42.0150 1808 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
04:06:42.0150 1808 iteatapi - ok
04:06:42.0212 1808 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
04:06:42.0228 1808 iteraid - ok
04:06:42.0259 1808 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
04:06:42.0259 1808 kbdclass - ok
04:06:42.0306 1808 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\drivers\kbdhid.sys
04:06:42.0306 1808 kbdhid - ok
04:06:42.0368 1808 KR10I (e8ca038f51f7761bd6e3a3b0b8014263) C:\Windows\system32\drivers\kr10i.sys
04:06:42.0368 1808 KR10I - ok
04:06:42.0431 1808 KR10N (6a4adb9186dd0e114e623daf57e42b31) C:\Windows\system32\drivers\kr10n.sys
04:06:42.0431 1808 KR10N - ok
04:06:42.0524 1808 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
04:06:42.0540 1808 KSecDD - ok
04:06:42.0602 1808 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
04:06:42.0602 1808 lltdio - ok
04:06:42.0665 1808 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
04:06:42.0665 1808 LSI_FC - ok
04:06:42.0712 1808 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
04:06:42.0727 1808 LSI_SAS - ok
04:06:42.0805 1808 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
04:06:42.0805 1808 LSI_SCSI - ok
04:06:42.0868 1808 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
04:06:42.0868 1808 luafv - ok
04:06:42.0977 1808 MBAMSwissArmy (0db7527db188c7d967a37bb51bbf3963) C:\Windows\system32\drivers\mbamswissarmy.sys
04:06:42.0977 1808 MBAMSwissArmy - ok
04:06:43.0133 1808 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
04:06:43.0164 1808 megasas - ok
04:06:43.0398 1808 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
04:06:43.0414 1808 MegaSR - ok
04:06:43.0554 1808 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
04:06:43.0570 1808 Modem - ok
04:06:43.0601 1808 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
04:06:43.0601 1808 monitor - ok
04:06:43.0632 1808 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
04:06:43.0632 1808 mouclass - ok
04:06:43.0679 1808 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
04:06:43.0679 1808 mouhid - ok
04:06:43.0726 1808 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
04:06:43.0726 1808 MountMgr - ok
04:06:43.0788 1808 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
04:06:43.0788 1808 mpio - ok
04:06:43.0835 1808 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
04:06:43.0835 1808 mpsdrv - ok
04:06:43.0928 1808 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
04:06:43.0928 1808 Mraid35x - ok
04:06:43.0991 1808 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
04:06:43.0991 1808 MRxDAV - ok
04:06:44.0069 1808 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
04:06:44.0069 1808 mrxsmb - ok
04:06:44.0131 1808 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
04:06:44.0147 1808 mrxsmb10 - ok
04:06:44.0194 1808 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
04:06:44.0194 1808 mrxsmb20 - ok
04:06:44.0240 1808 msahci (f70590424eefbf5c27a40c67afdb8383) C:\Windows\system32\drivers\msahci.sys
04:06:44.0240 1808 msahci - ok
04:06:44.0303 1808 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
04:06:44.0303 1808 msdsm - ok
04:06:44.0365 1808 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
04:06:44.0365 1808 Msfs - ok
04:06:44.0443 1808 MSHUSBVideo (7a0f9cbdbdb135113b9a3c138e20c85d) C:\Windows\system32\Drivers\nx6000.sys
04:06:44.0443 1808 MSHUSBVideo - ok
04:06:44.0506 1808 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
04:06:44.0506 1808 msisadrv - ok
04:06:44.0568 1808 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
04:06:44.0568 1808 MSKSSRV - ok
04:06:44.0615 1808 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
04:06:44.0615 1808 MSPCLOCK - ok
04:06:44.0677 1808 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
04:06:44.0677 1808 MSPQM - ok
04:06:44.0740 1808 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
04:06:44.0740 1808 MsRPC - ok
04:06:44.0786 1808 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
04:06:44.0786 1808 mssmbios - ok
04:06:44.0833 1808 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
04:06:44.0833 1808 MSTEE - ok
04:06:44.0880 1808 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
04:06:44.0880 1808 Mup - ok
04:06:44.0958 1808 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
04:06:44.0958 1808 NativeWifiP - ok
04:06:45.0036 1808 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
04:06:45.0052 1808 NDIS - ok
04:06:45.0130 1808 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
04:06:45.0130 1808 NdisTapi - ok
04:06:45.0161 1808 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
04:06:45.0161 1808 Ndisuio - ok
04:06:45.0208 1808 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
04:06:45.0208 1808 NdisWan - ok
04:06:45.0254 1808 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
04:06:45.0254 1808 NDProxy - ok
04:06:45.0317 1808 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
04:06:45.0332 1808 NetBIOS - ok
04:06:45.0379 1808 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
04:06:45.0379 1808 netbt - ok
04:06:45.0535 1808 NETw5v32 (e559ea9138c77b5d1fda8c558764a25f) C:\Windows\system32\DRIVERS\NETw5v32.sys
04:06:45.0847 1808 NETw5v32 - ok
04:06:45.0956 1808 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
04:06:45.0956 1808 nfrd960 - ok
04:06:46.0019 1808 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
04:06:46.0019 1808 Npfs - ok
04:06:46.0081 1808 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
04:06:46.0081 1808 nsiproxy - ok
04:06:46.0144 1808 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
04:06:46.0190 1808 Ntfs - ok
04:06:46.0237 1808 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
04:06:46.0237 1808 ntrigdigi - ok
04:06:46.0300 1808 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
04:06:46.0300 1808 Null - ok
04:06:46.0331 1808 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
04:06:46.0331 1808 nvraid - ok
04:06:46.0393 1808 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
04:06:46.0393 1808 nvstor - ok
04:06:46.0487 1808 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
04:06:46.0487 1808 nv_agp - ok
04:06:46.0534 1808 NwlnkFlt - ok
04:06:46.0565 1808 NwlnkFwd - ok
04:06:46.0627 1808 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
04:06:46.0627 1808 ohci1394 - ok
04:06:46.0721 1808 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
04:06:46.0721 1808 Parport - ok
04:06:46.0814 1808 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
04:06:46.0814 1808 partmgr - ok
04:06:46.0861 1808 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
04:06:46.0861 1808 Parvdm - ok
04:06:46.0955 1808 pbfilter (2f6e885c432927a186c2e352c8a1cbf4) C:\Program Files\PeerBlock\pbfilter.sys
04:06:46.0955 1808 pbfilter - ok
04:06:47.0033 1808 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
04:06:47.0033 1808 pci - ok
04:06:47.0095 1808 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\DRIVERS\pciide.sys
04:06:47.0095 1808 pciide - ok
04:06:47.0126 1808 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
04:06:47.0142 1808 pcmcia - ok
04:06:47.0220 1808 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
04:06:47.0251 1808 PEAUTH - ok
04:06:47.0345 1808 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
04:06:47.0345 1808 PptpMiniport - ok
04:06:47.0392 1808 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
04:06:47.0392 1808 Processor - ok
04:06:47.0485 1808 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
04:06:47.0485 1808 PSched - ok
04:06:47.0516 1808 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\Windows\system32\Drivers\PxHelp20.sys
04:06:47.0532 1808 PxHelp20 - ok
04:06:47.0610 1808 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
04:06:47.0641 1808 ql2300 - ok
04:06:47.0704 1808 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
04:06:47.0704 1808 ql40xx - ok
04:06:47.0782 1808 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
04:06:47.0782 1808 QWAVEdrv - ok
04:06:47.0828 1808 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
04:06:47.0828 1808 RasAcd - ok
04:06:47.0860 1808 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
04:06:47.0860 1808 Rasl2tp - ok
04:06:47.0938 1808 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
04:06:47.0938 1808 RasPppoe - ok
04:06:48.0047 1808 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
04:06:48.0047 1808 RasSstp - ok
04:06:48.0203 1808 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
04:06:48.0218 1808 rdbss - ok
04:06:48.0374 1808 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
04:06:48.0390 1808 RDPCDD - ok
04:06:48.0452 1808 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
04:06:48.0468 1808 rdpdr - ok
04:06:48.0499 1808 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
04:06:48.0499 1808 RDPENCDD - ok
04:06:48.0562 1808 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
04:06:48.0562 1808 RDPWD - ok
04:06:48.0671 1808 rimmptsk (c2ef513bbe069f0d4ee0938a76f975d3) C:\Windows\system32\DRIVERS\rimmptsk.sys
04:06:48.0671 1808 rimmptsk - ok
04:06:48.0702 1808 rimsptsk (c398bca91216755b098679a8da8a2300) C:\Windows\system32\DRIVERS\rimsptsk.sys
04:06:48.0702 1808 rimsptsk - ok
04:06:48.0733 1808 rismxdp (2a2554cb24506e0a0508fc395c4a1b42) C:\Windows\system32\DRIVERS\rixdptsk.sys
04:06:48.0733 1808 rismxdp - ok
04:06:48.0796 1808 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
04:06:48.0796 1808 rspndr - ok
04:06:48.0858 1808 RTL8169 (2d19a7469ea19993d0c12e627f4530bc) C:\Windows\system32\DRIVERS\Rtlh86.sys
04:06:48.0858 1808 RTL8169 - ok
04:06:48.0920 1808 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
04:06:48.0920 1808 sbp2port - ok
04:06:48.0998 1808 SCDEmu (20b2751cd4c8f3fd989739ca661b9f30) C:\Windows\system32\drivers\SCDEmu.sys
04:06:48.0998 1808 SCDEmu - ok
04:06:49.0061 1808 SCREAMINGBDRIVER (a689d522eedf89401e1da2fe883aa7ec) C:\Windows\system32\drivers\ScreamingBAudio.sys
04:06:49.0061 1808 SCREAMINGBDRIVER - ok
04:06:49.0139 1808 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys
04:06:49.0139 1808 sdbus - ok
04:06:49.0217 1808 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
04:06:49.0217 1808 secdrv - ok
04:06:49.0248 1808 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
04:06:49.0248 1808 Serenum - ok
04:06:49.0310 1808 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
04:06:49.0310 1808 Serial - ok
04:06:49.0373 1808 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
04:06:49.0373 1808 sermouse - ok
04:06:49.0451 1808 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys
04:06:49.0451 1808 sffdisk - ok
04:06:49.0513 1808 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
04:06:49.0513 1808 sffp_mmc - ok
04:06:49.0560 1808 sffp_sd (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys
04:06:49.0560 1808 sffp_sd - ok
04:06:49.0607 1808 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
04:06:49.0607 1808 sfloppy - ok
04:06:49.0685 1808 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
04:06:49.0685 1808 sisagp - ok
04:06:49.0763 1808 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
04:06:49.0778 1808 SiSRaid2 - ok
04:06:49.0825 1808 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
04:06:49.0825 1808 SiSRaid4 - ok
04:06:49.0903 1808 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
04:06:49.0903 1808 Smb - ok
04:06:49.0966 1808 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
04:06:49.0966 1808 spldr - ok
04:06:50.0044 1808 sptd (cdddec541bc3c96f91ecb48759673505) C:\Windows\System32\Drivers\sptd.sys
04:06:50.0075 1808 sptd - ok
04:06:50.0137 1808 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
04:06:50.0153 1808 srv - ok
04:06:50.0231 1808 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
04:06:50.0231 1808 srv2 - ok
04:06:50.0262 1808 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
04:06:50.0278 1808 srvnet - ok
04:06:50.0324 1808 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
04:06:50.0324 1808 swenum - ok
04:06:50.0480 1808 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
04:06:50.0480 1808 Symc8xx - ok
04:06:50.0605 1808 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
04:06:50.0636 1808 Sym_hi - ok
04:06:50.0746 1808 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
04:06:50.0761 1808 Sym_u3 - ok
04:06:50.0980 1808 SynTP (70534d1e4f9ac990536d5fb5b550b3de) C:\Windows\system32\DRIVERS\SynTP.sys
04:06:50.0980 1808 SynTP - ok
04:06:51.0198 1808 Tcpip (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
04:06:51.0229 1808 Tcpip - ok
04:06:51.0292 1808 Tcpip6 (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
04:06:51.0292 1808 Tcpip6 - ok
04:06:51.0354 1808 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
04:06:51.0354 1808 tcpipreg - ok
04:06:51.0401 1808 tdcmdpst (6fdfba25002ce4bac463ac866ae71405) C:\Windows\system32\DRIVERS\tdcmdpst.sys
04:06:51.0401 1808 tdcmdpst - ok
04:06:51.0479 1808 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
04:06:51.0479 1808 TDPIPE - ok
04:06:51.0541 1808 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
04:06:51.0541 1808 TDTCP - ok
04:06:51.0604 1808 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
04:06:51.0619 1808 tdx - ok
04:06:51.0666 1808 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
04:06:51.0666 1808 TermDD - ok
04:06:51.0775 1808 Tosrfcom - ok
04:06:51.0838 1808 tosrfec (5c4103544612e5011ef46301b93d1aa6) C:\Windows\system32\DRIVERS\tosrfec.sys
04:06:51.0838 1808 tosrfec - ok
04:06:51.0900 1808 tos_sps32 (4399a9bf7d8f49991a07fd86590a1619) C:\Windows\system32\DRIVERS\tos_sps32.sys
04:06:51.0900 1808 tos_sps32 - ok
04:06:51.0962 1808 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
04:06:51.0962 1808 tssecsrv - ok
04:06:52.0009 1808 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
04:06:52.0009 1808 tunmp - ok
04:06:52.0040 1808 tunnel (119b8184e106baedc83fce5ddf3950da) C:\Windows\system32\DRIVERS\tunnel.sys
04:06:52.0040 1808 tunnel - ok
04:06:52.0087 1808 TVALZ (792a8b80f8188aba4b2be271583f3e46) C:\Windows\system32\DRIVERS\TVALZ_O.SYS
04:06:52.0103 1808 TVALZ - ok
04:06:52.0134 1808 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
04:06:52.0134 1808 uagp35 - ok
04:06:52.0228 1808 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
04:06:52.0228 1808 udfs - ok
04:06:52.0306 1808 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
04:06:52.0306 1808 uliagpkx - ok
04:06:52.0352 1808 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
04:06:52.0368 1808 uliahci - ok
04:06:52.0446 1808 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
04:06:52.0446 1808 UlSata - ok
04:06:52.0508 1808 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
04:06:52.0508 1808 ulsata2 - ok
04:06:52.0555 1808 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
04:06:52.0555 1808 umbus - ok
04:06:52.0618 1808 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
04:06:52.0618 1808 USBAAPL - ok
04:06:52.0680 1808 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
04:06:52.0680 1808 usbaudio - ok
04:06:52.0758 1808 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
04:06:52.0774 1808 usbccgp - ok
04:06:52.0820 1808 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
04:06:52.0836 1808 usbcir - ok
04:06:52.0883 1808 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
04:06:52.0883 1808 usbehci - ok
04:06:52.0930 1808 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
04:06:52.0930 1808 usbhub - ok
04:06:53.0008 1808 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
04:06:53.0008 1808 usbohci - ok
04:06:53.0054 1808 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
04:06:53.0054 1808 usbprint - ok
04:06:53.0117 1808 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
04:06:53.0117 1808 usbscan - ok
04:06:53.0195 1808 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
04:06:53.0195 1808 USBSTOR - ok
04:06:53.0366 1808 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
04:06:53.0382 1808 usbuhci - ok
04:06:53.0616 1808 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
04:06:53.0616 1808 usbvideo - ok
04:06:53.0725 1808 UVCFTR (8c5094a8ab24de7496c7c19942f2df04) C:\Windows\system32\Drivers\UVCFTR_S.SYS
04:06:53.0725 1808 UVCFTR - ok
04:06:53.0881 1808 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
04:06:53.0881 1808 vga - ok
04:06:53.0928 1808 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
04:06:53.0928 1808 VgaSave - ok
04:06:54.0006 1808 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
04:06:54.0006 1808 viaagp - ok
04:06:54.0053 1808 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
04:06:54.0053 1808 ViaC7 - ok
04:06:54.0131 1808 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
04:06:54.0146 1808 viaide - ok
04:06:54.0193 1808 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
04:06:54.0193 1808 volmgr - ok
04:06:54.0271 1808 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
04:06:54.0287 1808 volmgrx - ok
04:06:54.0334 1808 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
04:06:54.0349 1808 volsnap - ok
04:06:54.0427 1808 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
04:06:54.0427 1808 vsmraid - ok
04:06:54.0505 1808 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
04:06:54.0505 1808 WacomPen - ok
04:06:54.0568 1808 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
04:06:54.0568 1808 Wanarp - ok
04:06:54.0583 1808 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
04:06:54.0583 1808 Wanarpv6 - ok
04:06:54.0630 1808 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
04:06:54.0630 1808 Wd - ok
04:06:54.0724 1808 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
04:06:54.0739 1808 Wdf01000 - ok
04:06:54.0817 1808 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys
04:06:54.0817 1808 WmiAcpi - ok
04:06:54.0926 1808 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
04:06:54.0942 1808 WpdUsb - ok
04:06:55.0004 1808 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
04:06:55.0004 1808 ws2ifsl - ok
04:06:55.0082 1808 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
04:06:55.0098 1808 WUDFRd - ok
04:06:55.0129 1808 MBR (0x1B8) (5b5e648d12fcadc244c1ec30318e1eb9) \Device\Harddisk0\DR0
04:06:55.0176 1808 \Device\Harddisk0\DR0 - ok
04:06:55.0176 1808 Boot (0x1200) (7d11f1943994bf2773149057b1465ccc) \Device\Harddisk0\DR0\Partition0
04:06:55.0192 1808 \Device\Harddisk0\DR0\Partition0 - ok
04:06:55.0192 1808 ============================================================
04:06:55.0192 1808 Scan finished
04:06:55.0192 1808 ============================================================
04:06:55.0207 1644 Detected object count: 0
04:06:55.0207 1644 Actual detected object count: 0
04:07:07.0516 1144 ============================================================
04:07:07.0516 1144 Scan started
04:07:07.0516 1144 Mode: Manual;
04:07:07.0516 1144 ============================================================
04:07:07.0672 1144 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
04:07:07.0672 1144 ACPI - ok
04:07:07.0718 1144 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
04:07:07.0718 1144 adp94xx - ok
04:07:07.0765 1144 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
04:07:07.0765 1144 adpahci - ok
04:07:07.0812 1144 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
04:07:07.0812 1144 adpu160m - ok
04:07:07.0859 1144 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
04:07:07.0859 1144 adpu320 - ok
04:07:07.0968 1144 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
04:07:07.0968 1144 AFD - ok
04:07:08.0046 1144 AgereSoftModem (ce91b158fa490cf4c4d487a4130f4660) C:\Windows\system32\DRIVERS\AGRSM.sys
04:07:08.0046 1144 AgereSoftModem - ok
04:07:08.0093 1144 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
04:07:08.0093 1144 agp440 - ok
04:07:08.0140 1144 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
04:07:08.0140 1144 aic78xx - ok
04:07:08.0186 1144 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
04:07:08.0186 1144 aliide - ok
04:07:08.0264 1144 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
04:07:08.0264 1144 amdagp - ok
04:07:08.0311 1144 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
04:07:08.0311 1144 amdide - ok
04:07:08.0358 1144 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
04:07:08.0358 1144 AmdK7 - ok
04:07:08.0405 1144 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
04:07:08.0405 1144 AmdK8 - ok
04:07:08.0452 1144 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
04:07:08.0452 1144 arc - ok
04:07:08.0530 1144 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
04:07:08.0530 1144 arcsas - ok
04:07:08.0561 1144 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
04:07:08.0561 1144 AsyncMac - ok
04:07:08.0608 1144 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
04:07:08.0608 1144 atapi - ok
04:07:08.0654 1144 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
04:07:08.0654 1144 Beep - ok
04:07:08.0717 1144 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
04:07:08.0717 1144 blbdrive - ok
04:07:08.0779 1144 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
04:07:08.0779 1144 bowser - ok
04:07:08.0951 1144 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
04:07:08.0951 1144 BrFiltLo - ok
04:07:09.0029 1144 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
04:07:09.0029 1144 BrFiltUp - ok
04:07:09.0200 1144 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
04:07:09.0200 1144 Brserid - ok
04:07:09.0263 1144 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
04:07:09.0263 1144 BrSerWdm - ok
04:07:09.0341 1144 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
04:07:09.0341 1144 BrUsbMdm - ok
04:07:09.0388 1144 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
04:07:09.0388 1144 BrUsbSer - ok
04:07:09.0434 1144 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
04:07:09.0434 1144 BTHMODEM - ok
04:07:09.0544 1144 catchme - ok
04:07:09.0590 1144 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
04:07:09.0590 1144 cdfs - ok
04:07:09.0637 1144 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
04:07:09.0637 1144 cdrom - ok
04:07:09.0684 1144 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
04:07:09.0684 1144 circlass - ok
04:07:09.0746 1144 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
04:07:09.0746 1144 CLFS - ok
04:07:09.0793 1144 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
04:07:09.0793 1144 CmBatt - ok
04:07:09.0824 1144 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
04:07:09.0824 1144 cmdide - ok
04:07:09.0887 1144 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
04:07:09.0887 1144 Compbatt - ok
04:07:09.0934 1144 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
04:07:09.0934 1144 crcdisk - ok
04:07:09.0965 1144 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
04:07:09.0965 1144 Crusoe - ok
04:07:10.0043 1144 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
04:07:10.0043 1144 DfsC - ok
04:07:10.0105 1144 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
04:07:10.0105 1144 disk - ok
04:07:10.0168 1144 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
04:07:10.0168 1144 Dot4 - ok
04:07:10.0214 1144 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
04:07:10.0214 1144 Dot4Print - ok
04:07:10.0261 1144 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
04:07:10.0261 1144 dot4usb - ok
04:07:10.0308 1144 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
04:07:10.0308 1144 drmkaud - ok
04:07:10.0386 1144 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
04:07:10.0386 1144 DXGKrnl - ok
04:07:10.0433 1144 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
04:07:10.0448 1144 E1G60 - ok
04:07:10.0511 1144 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
04:07:10.0511 1144 Ecache - ok
04:07:10.0573 1144 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
04:07:10.0573 1144 elxstor - ok
04:07:10.0651 1144 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
04:07:10.0651 1144 ErrDev - ok
04:07:10.0745 1144 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
04:07:10.0745 1144 exfat - ok
04:07:10.0823 1144 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
04:07:10.0823 1144 fastfat - ok
04:07:10.0901 1144 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
04:07:10.0901 1144 fdc - ok
04:07:10.0963 1144 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
04:07:10.0963 1144 FileInfo - ok
04:07:10.0994 1144 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
04:07:10.0994 1144 Filetrace - ok
04:07:11.0057 1144 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
04:07:11.0057 1144 flpydisk - ok
04:07:11.0119 1144 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
04:07:11.0119 1144 FltMgr - ok
04:07:11.0182 1144 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
04:07:11.0182 1144 Fs_Rec - ok
04:07:11.0306 1144 FwLnk (cbc22823628544735625b280665e434e) C:\Windows\system32\DRIVERS\FwLnk.sys
04:07:11.0306 1144 FwLnk - ok
04:07:11.0431 1144 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
04:07:11.0431 1144 gagp30kx - ok
04:07:11.0540 1144 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\Drivers\GEARAspiWDM.sys
04:07:11.0540 1144 GEARAspiWDM - ok
04:07:11.0603 1144 hamachi (833051c6c6c42117191935f734cfbd97) C:\Windows\system32\DRIVERS\hamachi.sys
04:07:11.0603 1144 hamachi - ok
04:07:11.0681 1144 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
04:07:11.0681 1144 HdAudAddService - ok
04:07:11.0759 1144 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
04:07:11.0774 1144 HDAudBus - ok
04:07:11.0821 1144 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
04:07:11.0821 1144 HidBth - ok
04:07:11.0868 1144 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
04:07:11.0868 1144 HidIr - ok
04:07:11.0930 1144 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
04:07:11.0930 1144 HidUsb - ok
04:07:11.0977 1144 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
04:07:11.0977 1144 HpCISSs - ok
04:07:12.0071 1144 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
04:07:12.0071 1144 HTTP - ok
04:07:12.0118 1144 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
04:07:12.0118 1144 i2omp - ok
04:07:12.0180 1144 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
04:07:12.0180 1144 i8042prt - ok
04:07:12.0227 1144 iaStor (707c1692214b1c290271067197f075f6) C:\Windows\system32\DRIVERS\iaStor.sys
04:07:12.0227 1144 iaStor - ok
04:07:12.0320 1144 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
04:07:12.0320 1144 iaStorV - ok
04:07:12.0445 1144 igfx (6fb1858d1f0923d122b0331865695041) C:\Windows\system32\DRIVERS\igdkmd32.sys
04:07:12.0461 1144 igfx - ok
04:07:12.0523 1144 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
04:07:12.0523 1144 iirsp - ok
04:07:12.0617 1144 IntcAzAudAddService (b9cbd3dea7ca02868621173bf7a2af9f) C:\Windows\system32\drivers\RTKVHDA.sys
04:07:12.0632 1144 IntcAzAudAddService - ok
04:07:12.0679 1144 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
04:07:12.0679 1144 intelide - ok
04:07:12.0710 1144 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
04:07:12.0710 1144 intelppm - ok
04:07:12.0757 1144 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
04:07:12.0757 1144 IpFilterDriver - ok
04:07:12.0788 1144 IpInIp - ok
04:07:12.0851 1144 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
04:07:12.0851 1144 IPMIDRV - ok
04:07:12.0913 1144 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
04:07:12.0913 1144 IPNAT - ok
04:07:12.0960 1144 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
04:07:12.0960 1144 IRENUM - ok
04:07:13.0007 1144 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
04:07:13.0007 1144 isapnp - ok
04:07:13.0085 1144 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
04:07:13.0085 1144 iScsiPrt - ok
04:07:13.0147 1144 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
04:07:13.0147 1144 iteatapi - ok
04:07:13.0194 1144 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
04:07:13.0194 1144 iteraid - ok
04:07:13.0241 1144 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
04:07:13.0241 1144 kbdclass - ok
04:07:13.0303 1144 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\drivers\kbdhid.sys
04:07:13.0303 1144 kbdhid - ok
04:07:13.0366 1144 KR10I (e8ca038f51f7761bd6e3a3b0b8014263) C:\Windows\system32\drivers\kr10i.sys
04:07:13.0366 1144 KR10I - ok
04:07:13.0444 1144 KR10N (6a4adb9186dd0e114e623daf57e42b31) C:\Windows\system32\drivers\kr10n.sys
04:07:13.0444 1144 KR10N - ok
04:07:13.0537 1144 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
04:07:13.0537 1144 KSecDD - ok
04:07:13.0771 1144 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
04:07:13.0771 1144 lltdio - ok
04:07:13.0849 1144 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
04:07:13.0849 1144 LSI_FC - ok
04:07:13.0912 1144 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
04:07:13.0912 1144 LSI_SAS - ok
04:07:13.0974 1144 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
04:07:13.0974 1144 LSI_SCSI - ok
04:07:14.0021 1144 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
04:07:14.0021 1144 luafv - ok
04:07:14.0083 1144 MBAMSwissArmy (0db7527db188c7d967a37bb51bbf3963) C:\Windows\system32\drivers\mbamswissarmy.sys
04:07:14.0083 1144 MBAMSwissArmy - ok
04:07:14.0130 1144 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
04:07:14.0130 1144 megasas - ok
04:07:14.0208 1144 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
04:07:14.0208 1144 MegaSR - ok
04:07:14.0255 1144 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
04:07:14.0255 1144 Modem - ok
04:07:14.0302 1144 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
04:07:14.0302 1144 monitor - ok
04:07:14.0348 1144 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
04:07:14.0348 1144 mouclass - ok
04:07:14.0395 1144 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
04:07:14.0395 1144 mouhid - ok
04:07:14.0426 1144 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
04:07:14.0426 1144 MountMgr - ok
04:07:14.0504 1144 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
04:07:14.0504 1144 mpio - ok
04:07:14.0536 1144 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
04:07:14.0536 1144 mpsdrv - ok
04:07:14.0598 1144 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
04:07:14.0598 1144 Mraid35x - ok
04:07:14.0676 1144 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
04:07:14.0676 1144 MRxDAV - ok
04:07:14.0738 1144 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
04:07:14.0738 1144 mrxsmb - ok
04:07:14.0832 1144 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
04:07:14.0832 1144 mrxsmb10 - ok
04:07:14.0879 1144 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
04:07:14.0879 1144 mrxsmb20 - ok
04:07:14.0926 1144 msahci (f70590424eefbf5c27a40c67afdb8383) C:\Windows\system32\drivers\msahci.sys
04:07:14.0926 1144 msahci - ok
04:07:14.0972 1144 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
04:07:14.0972 1144 msdsm - ok
04:07:15.0035 1144 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
04:07:15.0035 1144 Msfs - ok
04:07:15.0113 1144 MSHUSBVideo (7a0f9cbdbdb135113b9a3c138e20c85d) C:\Windows\system32\Drivers\nx6000.sys
04:07:15.0113 1144 MSHUSBVideo - ok
04:07:15.0160 1144 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
04:07:15.0160 1144 msisadrv - ok
04:07:15.0206 1144 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
04:07:15.0206 1144 MSKSSRV - ok
04:07:15.0253 1144 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
04:07:15.0253 1144 MSPCLOCK - ok
04:07:15.0300 1144 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
04:07:15.0300 1144 MSPQM - ok
04:07:15.0362 1144 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
04:07:15.0362 1144 MsRPC - ok
04:07:15.0409 1144 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
04:07:15.0409 1144 mssmbios - ok
04:07:15.0456 1144 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
04:07:15.0456 1144 MSTEE - ok
04:07:15.0503 1144 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
04:07:15.0503 1144 Mup - ok
04:07:15.0550 1144 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
04:07:15.0550 1144 NativeWifiP - ok
04:07:15.0628 1144 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
04:07:15.0628 1144 NDIS - ok
04:07:15.0674 1144 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
04:07:15.0674 1144 NdisTapi - ok
04:07:15.0721 1144 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
04:07:15.0721 1144 Ndisuio - ok
04:07:15.0784 1144 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
04:07:15.0784 1144 NdisWan - ok
04:07:15.0815 1144 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
04:07:15.0815 1144 NDProxy - ok
04:07:15.0940 1144 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
04:07:15.0940 1144 NetBIOS - ok
04:07:16.0096 1144 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
04:07:16.0096 1144 netbt - ok
04:07:16.0236 1144 NETw5v32 (e559ea9138c77b5d1fda8c558764a25f) C:\Windows\system32\DRIVERS\NETw5v32.sys
04:07:16.0252 1144 NETw5v32 - ok
04:07:16.0314 1144 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
04:07:16.0314 1144 nfrd960 - ok
04:07:16.0392 1144 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
04:07:16.0392 1144 Npfs - ok
04:07:16.0423 1144 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
04:07:16.0423 1144 nsiproxy - ok
04:07:16.0501 1144 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
04:07:16.0517 1144 Ntfs - ok
04:07:16.0579 1144 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
04:07:16.0579 1144 ntrigdigi - ok
04:07:16.0626 1144 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
04:07:16.0626 1144 Null - ok
04:07:16.0673 1144 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
04:07:16.0673 1144 nvraid - ok
04:07:16.0735 1144 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
04:07:16.0751 1144 nvstor - ok
04:07:16.0829 1144 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
04:07:16.0844 1144 nv_agp - ok
04:07:16.0876 1144 NwlnkFlt - ok
04:07:16.0907 1144 NwlnkFwd - ok
04:07:16.0954 1144 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
04:07:16.0969 1144 ohci1394 - ok
04:07:17.0032 1144 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
04:07:17.0032 1144 Parport - ok
04:07:17.0110 1144 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
04:07:17.0110 1144 partmgr - ok
04:07:17.0172 1144 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
04:07:17.0172 1144 Parvdm - ok
04:07:17.0250 1144 pbfilter (2f6e885c432927a186c2e352c8a1cbf4) C:\Program Files\PeerBlock\pbfilter.sys
04:07:17.0250 1144 pbfilter - ok
04:07:17.0297 1144 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
04:07:17.0297 1144 pci - ok
04:07:17.0344 1144 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\DRIVERS\pciide.sys
04:07:17.0344 1144 pciide - ok
04:07:17.0406 1144 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
04:07:17.0406 1144 pcmcia - ok
04:07:17.0468 1144 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
04:07:17.0468 1144 PEAUTH - ok
04:07:17.0531 1144 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
04:07:17.0531 1144 PptpMiniport - ok
04:07:17.0624 1144 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
04:07:17.0624 1144 Processor - ok
04:07:17.0687 1144 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
04:07:17.0687 1144 PSched - ok
04:07:17.0749 1144 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\Windows\system32\Drivers\PxHelp20.sys
04:07:17.0749 1144 PxHelp20 - ok
04:07:17.0796 1144 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
04:07:17.0812 1144 ql2300 - ok
04:07:17.0890 1144 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
04:07:17.0890 1144 ql40xx - ok
04:07:17.0936 1144 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
04:07:17.0936 1144 QWAVEdrv - ok
04:07:17.0983 1144 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
04:07:17.0983 1144 RasAcd - ok
04:07:18.0014 1144 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
04:07:18.0014 1144 Rasl2tp - ok
04:07:18.0124 1144 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
04:07:18.0124 1144 RasPppoe - ok
04:07:18.0233 1144 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
04:07:18.0233 1144 RasSstp - ok
04:07:18.0295 1144 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
04:07:18.0295 1144 rdbss - ok
04:07:18.0342 1144 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
04:07:18.0342 1144 RDPCDD - ok
04:07:18.0420 1144 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
04:07:18.0420 1144 rdpdr - ok
04:07:18.0451 1144 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
04:07:18.0451 1144 RDPENCDD - ok
04:07:18.0514 1144 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
04:07:18.0514 1144 RDPWD - ok
04:07:18.0607 1144 rimmptsk (c2ef513bbe069f0d4ee0938a76f975d3) C:\Windows\system32\DRIVERS\rimmptsk.sys
04:07:18.0607 1144 rimmptsk - ok
04:07:18.0670 1144 rimsptsk (c398bca91216755b098679a8da8a2300) C:\Windows\system32\DRIVERS\rimsptsk.sys
04:07:18.0670 1144 rimsptsk - ok
04:07:18.0701 1144 rismxdp (2a2554cb24506e0a0508fc395c4a1b42) C:\Windows\system32\DRIVERS\rixdptsk.sys
04:07:18.0701 1144 rismxdp - ok
04:07:18.0716 1144 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
04:07:18.0732 1144 rspndr - ok
04:07:18.0794 1144 RTL8169 (2d19a7469ea19993d0c12e627f4530bc) C:\Windows\system32\DRIVERS\Rtlh86.sys
04:07:18.0794 1144 RTL8169 - ok
04:07:18.0872 1144 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
04:07:18.0872 1144 sbp2port - ok
04:07:18.0935 1144 SCDEmu (20b2751cd4c8f3fd989739ca661b9f30) C:\Windows\system32\drivers\SCDEmu.sys
04:07:18.0935 1144 SCDEmu - ok
04:07:18.0997 1144 SCREAMINGBDRIVER (a689d522eedf89401e1da2fe883aa7ec) C:\Windows\system32\drivers\ScreamingBAudio.sys
04:07:18.0997 1144 SCREAMINGBDRIVER - ok
04:07:19.0044 1144 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys
04:07:19.0044 1144 sdbus - ok
04:07:19.0122 1144 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
04:07:19.0122 1144 secdrv - ok
04:07:19.0153 1144 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
04:07:19.0169 1144 Serenum - ok
04:07:19.0216 1144 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
04:07:19.0216 1144 Serial - ok
04:07:19.0278 1144 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
04:07:19.0278 1144 sermouse - ok
04:07:19.0340 1144 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys
04:07:19.0340 1144 sffdisk - ok
04:07:19.0418 1144 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
04:07:19.0418 1144 sffp_mmc - ok
04:07:19.0481 1144 sffp_sd (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys
04:07:19.0481 1144 sffp_sd - ok
04:07:19.0528 1144 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
04:07:19.0528 1144 sfloppy - ok
04:07:19.0574 1144 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
04:07:19.0574 1144 sisagp - ok
04:07:19.0668 1144 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
04:07:19.0668 1144 SiSRaid2 - ok
04:07:19.0746 1144 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
04:07:19.0746 1144 SiSRaid4 - ok
04:07:19.0824 1144 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
04:07:19.0824 1144 Smb - ok
04:07:19.0855 1144 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
04:07:19.0855 1144 spldr - ok
04:07:19.0964 1144 sptd (cdddec541bc3c96f91ecb48759673505) C:\Windows\System32\Drivers\sptd.sys
04:07:19.0964 1144 sptd - ok
04:07:20.0042 1144 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
04:07:20.0042 1144 srv - ok
04:07:20.0105 1144 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
04:07:20.0105 1144 srv2 - ok
04:07:20.0152 1144 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
04:07:20.0152 1144 srvnet - ok
04:07:20.0214 1144 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
04:07:20.0214 1144 swenum - ok
04:07:20.0354 1144 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
04:07:20.0354 1144 Symc8xx - ok
04:07:20.0542 1144 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
04:07:20.0557 1144 Sym_hi - ok
04:07:20.0651 1144 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
04:07:20.0651 1144 Sym_u3 - ok
04:07:20.0776 1144 SynTP (70534d1e4f9ac990536d5fb5b550b3de) C:\Windows\system32\DRIVERS\SynTP.sys
04:07:20.0776 1144 SynTP - ok
04:07:20.0916 1144 Tcpip (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
04:07:20.0916 1144 Tcpip - ok
04:07:21.0041 1144 Tcpip6 (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
04:07:21.0041 1144 Tcpip6 - ok
04:07:21.0150 1144 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
04:07:21.0150 1144 tcpipreg - ok
04:07:21.0244 1144 tdcmdpst (6fdfba25002ce4bac463ac866ae71405) C:\Windows\system32\DRIVERS\tdcmdpst.sys
04:07:21.0244 1144 tdcmdpst - ok
04:07:21.0322 1144 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
04:07:21.0337 1144 TDPIPE - ok
04:07:21.0400 1144 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
04:07:21.0400 1144 TDTCP - ok
04:07:21.0493 1144 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
04:07:21.0509 1144 tdx - ok
04:07:21.0571 1144 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
04:07:21.0571 1144 TermDD - ok
04:07:21.0634 1144 Tosrfcom - ok
04:07:21.0680 1144 tosrfec (5c4103544612e5011ef46301b93d1aa6) C:\Windows\system32\DRIVERS\tosrfec.sys
04:07:21.0680 1144 tosrfec - ok
04:07:21.0758 1144 tos_sps32 (4399a9bf7d8f49991a07fd86590a1619) C:\Windows\system32\DRIVERS\tos_sps32.sys
04:07:21.0758 1144 tos_sps32 - ok
04:07:21.0836 1144 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
04:07:21.0836 1144 tssecsrv - ok
04:07:21.0868 1144 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
04:07:21.0868 1144 tunmp - ok
04:07:21.0899 1144 tunnel (119b8184e106baedc83fce5ddf3950da) C:\Windows\system32\DRIVERS\tunnel.sys
04:07:21.0899 1144 tunnel - ok
04:07:21.0961 1144 TVALZ (792a8b80f8188aba4b2be271583f3e46) C:\Windows\system32\DRIVERS\TVALZ_O.SYS
04:07:21.0961 1144 TVALZ - ok
04:07:22.0024 1144 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
04:07:22.0024 1144 uagp35 - ok
04:07:22.0102 1144 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
04:07:22.0102 1144 udfs - ok
04:07:22.0180 1144 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
04:07:22.0180 1144 uliagpkx - ok
04:07:22.0226 1144 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
04:07:22.0226 1144 uliahci - ok
04:07:22.0289 1144 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
04:07:22.0289 1144 UlSata - ok
04:07:22.0351 1144 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
04:07:22.0351 1144 ulsata2 - ok
04:07:22.0414 1144 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
04:07:22.0429 1144 umbus - ok
04:07:22.0476 1144 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
04:07:22.0476 1144 USBAAPL - ok
04:07:22.0585 1144 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
04:07:22.0585 1144 usbaudio - ok
04:07:22.0741 1144 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
04:07:22.0741 1144 usbccgp - ok
04:07:22.0882 1144 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
04:07:22.0882 1144 usbcir - ok
04:07:23.0053 1144 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
04:07:23.0053 1144 usbehci - ok
04:07:23.0116 1144 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
04:07:23.0116 1144 usbhub - ok
04:07:23.0162 1144 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
04:07:23.0162 1144 usbohci - ok
04:07:23.0209 1144 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
04:07:23.0209 1144 usbprint - ok
04:07:23.0287 1144 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
04:07:23.0287 1144 usbscan - ok
04:07:23.0365 1144 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
04:07:23.0365 1144 USBSTOR - ok
04:07:23.0428 1144 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
04:07:23.0428 1144 usbuhci - ok
04:07:23.0506 1144 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
04:07:23.0506 1144 usbvideo - ok
04:07:23.0584 1144 UVCFTR (8c5094a8ab24de7496c7c19942f2df04) C:\Windows\system32\Drivers\UVCFTR_S.SYS
04:07:23.0584 1144 UVCFTR - ok
04:07:23.0630 1144 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
04:07:23.0630 1144 vga - ok
04:07:23.0693 1144 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
04:07:23.0693 1144 VgaSave - ok
04:07:23.0755 1144 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
04:07:23.0755 1144 viaagp - ok
04:07:23.0802 1144 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
04:07:23.0802 1144 ViaC7 - ok
04:07:23.0849 1144 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
04:07:23.0849 1144 viaide - ok
04:07:23.0927 1144 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
04:07:23.0927 1144 volmgr - ok
04:07:23.0974 1144 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
04:07:23.0974 1144 volmgrx - ok
04:07:24.0036 1144 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
04:07:24.0036 1144 volsnap - ok
04:07:24.0114 1144 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
04:07:24.0114 1144 vsmraid - ok
04:07:24.0161 1144 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
04:07:24.0176 1144 WacomPen - ok
04:07:24.0208 1144 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
04:07:24.0208 1144 Wanarp - ok
04:07:24.0208 1144 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
04:07:24.0208 1144 Wanarpv6 - ok
04:07:24.0286 1144 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
04:07:24.0286 1144 Wd - ok
04:07:24.0348 1144 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
04:07:24.0348 1144 Wdf01000 - ok
04:07:24.0442 1144 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys
04:07:24.0442 1144 WmiAcpi - ok
04:07:24.0520 1144 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
04:07:24.0520 1144 WpdUsb - ok
04:07:24.0582 1144 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
04:07:24.0582 1144 ws2ifsl - ok
04:07:24.0644 1144 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
04:07:24.0644 1144 WUDFRd - ok
04:07:24.0676 1144 MBR (0x1B8) (5b5e648d12fcadc244c1ec30318e1eb9) \Device\Harddisk0\DR0
04:07:24.0738 1144 \Device\Harddisk0\DR0 - ok
04:07:24.0738 1144 Boot (0x1200) (7d11f1943994bf2773149057b1465ccc) \Device\Harddisk0\DR0\Partition0
04:07:24.0738 1144 \Device\Harddisk0\DR0\Partition0 - ok
04:07:24.0738 1144 ============================================================
04:07:24.0738 1144 Scan finished
04:07:24.0738 1144 ============================================================
04:07:24.0754 1376 Detected object count: 0
04:07:24.0754 1376 Actual detected object count: 0
04:07:43.0349 1716 Deinitialize success

I was able to start the computer in normal mode but I still have the issue of the computer freezing up shortly after logging on!

Edited by tierra, 04 March 2012 - 07:22 AM.


#15 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,392 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:32 PM

Posted 04 March 2012 - 03:09 PM

Greetings tierra,

shortly after logging on!


Is this after Windows has loaded and your are logging in with a password? If not, please let me know exactly where you are at when it freezes and what is on the screen. Do you get a blue screen at all?
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users