Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

BSOD Helpppp


  • Please log in to reply
12 replies to this topic

#1 phalange

phalange

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:07:46 PM

Posted 29 February 2012 - 04:09 PM

I recently had a rootkit on my computer (running windows 7), and at that point the BSOD was only when I was trying to download anything to get rid of the rootkit, so I started running it in safe mode, did what I had to do, got rid of the rootkit and a trojan that I think came with it. Now when I try to run my computer normally, I get passed the login screen and before my desktop has even loaded all the way, I get the BSOD. I can only run in safe mode now. I ran BlueScreenView, here's the results:


==================================================
Dump File : 022912-21387-01.dmp
Crash Time : 2/29/2012 11:41:37 AM
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x0000000a
Parameter 1 : 00000000`00000010
Parameter 2 : 00000000`00000002
Parameter 3 : 00000000`00000001
Parameter 4 : fffff800`02a99285
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+80640
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7601.17514 (win7sp1_rtm.101119-1850)
Processor : x64
Crash Address : ntoskrnl.exe+80640
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\Windows\Minidump\022912-21387-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 7601
Dump File Size : 277,360
==================================================

==================================================
Dump File : 022912-27268-01.dmp
Crash Time : 2/29/2012 11:39:21 AM
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x0000000a
Parameter 1 : 00000000`00000010
Parameter 2 : 00000000`00000002
Parameter 3 : 00000000`00000001
Parameter 4 : fffff800`02ad5285
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+80640
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7601.17514 (win7sp1_rtm.101119-1850)
Processor : x64
Crash Address : ntoskrnl.exe+80640
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\Windows\Minidump\022912-27268-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 7601
Dump File Size : 277,360
==================================================

==================================================
Dump File : 022912-26145-01.dmp
Crash Time : 2/29/2012 11:31:22 AM
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x0000000a
Parameter 1 : 00000000`00000010
Parameter 2 : 00000000`00000002
Parameter 3 : 00000000`00000001
Parameter 4 : fffff800`02a93285
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+80640
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7601.17514 (win7sp1_rtm.101119-1850)
Processor : x64
Crash Address : ntoskrnl.exe+80640
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\Windows\Minidump\022912-26145-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 7601
Dump File Size : 277,360
==================================================

==================================================
Dump File : 022812-21621-01.dmp
Crash Time : 2/28/2012 1:51:51 AM
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x0000000a
Parameter 1 : 00000000`00000010
Parameter 2 : 00000000`00000002
Parameter 3 : 00000000`00000001
Parameter 4 : fffff800`02aa9285
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+80640
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7601.17514 (win7sp1_rtm.101119-1850)
Processor : x64
Crash Address : ntoskrnl.exe+80640
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\Windows\Minidump\022812-21621-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 7601
Dump File Size : 277,360
==================================================

==================================================
Dump File : 022812-21340-01.dmp
Crash Time : 2/28/2012 1:46:58 AM
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x0000000a
Parameter 1 : 00000000`00000010
Parameter 2 : 00000000`00000002
Parameter 3 : 00000000`00000001
Parameter 4 : fffff800`02ae7285
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+80640
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7601.17514 (win7sp1_rtm.101119-1850)
Processor : x64
Crash Address : ntoskrnl.exe+80640
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\Windows\Minidump\022812-21340-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 7601
Dump File Size : 277,360
==================================================

==================================================
Dump File : 022812-21028-01.dmp
Crash Time : 2/28/2012 12:53:22 AM
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x0000000a
Parameter 1 : 00000000`00000010
Parameter 2 : 00000000`00000002
Parameter 3 : 00000000`00000001
Parameter 4 : fffff800`02af1285
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+80640
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7601.17514 (win7sp1_rtm.101119-1850)
Processor : x64
Crash Address : ntoskrnl.exe+80640
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\Windows\Minidump\022812-21028-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 7601
Dump File Size : 277,360
==================================================

==================================================
Dump File : 022812-20358-01.dmp
Crash Time : 2/28/2012 12:45:12 AM
Bug Check String : KMODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x0000001e
Parameter 1 : ffffffff`c0000005
Parameter 2 : fffff800`02d7ffda
Parameter 3 : 00000000`00000001
Parameter 4 : 00000000`00000018
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+80640
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7601.17514 (win7sp1_rtm.101119-1850)
Processor : x64
Crash Address : ntoskrnl.exe+80640
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\Windows\Minidump\022812-20358-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 7601
Dump File Size : 277,360
==================================================

==================================================
Dump File : 022812-22495-01.dmp
Crash Time : 2/28/2012 12:23:29 AM
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x0000000a
Parameter 1 : 00000000`00000010
Parameter 2 : 00000000`00000002
Parameter 3 : 00000000`00000001
Parameter 4 : fffff800`02af1285
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+80640
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7601.17514 (win7sp1_rtm.101119-1850)
Processor : x64
Crash Address : ntoskrnl.exe+80640
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\Windows\Minidump\022812-22495-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 7601
Dump File Size : 277,360
==================================================

==================================================
Dump File : 022812-20186-01.dmp
Crash Time : 2/28/2012 12:18:14 AM
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x0000000a
Parameter 1 : 00000000`00000010
Parameter 2 : 00000000`00000002
Parameter 3 : 00000000`00000001
Parameter 4 : fffff800`02a97285
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+80640
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7601.17514 (win7sp1_rtm.101119-1850)
Processor : x64
Crash Address : ntoskrnl.exe+80640
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\Windows\Minidump\022812-20186-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 7601
Dump File Size : 277,360
==================================================

==================================================
Dump File : 022712-20092-01.dmp
Crash Time : 2/27/2012 10:59:44 PM
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x0000000a
Parameter 1 : 00000000`00000010
Parameter 2 : 00000000`00000002
Parameter 3 : 00000000`00000001
Parameter 4 : fffff800`02ad6285
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+80640
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7601.17514 (win7sp1_rtm.101119-1850)
Processor : x64
Crash Address : ntoskrnl.exe+80640
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\Windows\Minidump\022712-20092-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 7601
Dump File Size : 277,360
==================================================

==================================================
Dump File : 022712-24039-01.dmp
Crash Time : 2/27/2012 10:58:15 PM
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x0000000a
Parameter 1 : 00000000`00000010
Parameter 2 : 00000000`00000002
Parameter 3 : 00000000`00000001
Parameter 4 : fffff800`02a97285
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+80640
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7601.17514 (win7sp1_rtm.101119-1850)
Processor : x64
Crash Address : ntoskrnl.exe+80640
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\Windows\Minidump\022712-24039-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 7601
Dump File Size : 277,360
==================================================

==================================================
Dump File : 022712-43758-01.dmp
Crash Time : 2/27/2012 9:46:02 PM
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x0000000a
Parameter 1 : 00000000`00000010
Parameter 2 : 00000000`00000002
Parameter 3 : 00000000`00000001
Parameter 4 : fffff800`02aeb285
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+80640
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7601.17514 (win7sp1_rtm.101119-1850)
Processor : x64
Crash Address : ntoskrnl.exe+80640
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\Windows\Minidump\022712-43758-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 7601
Dump File Size : 277,360
==================================================

==================================================
Dump File : 022712-44959-01.dmp
Crash Time : 2/27/2012 9:43:16 PM
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x0000000a
Parameter 1 : 00000000`00000010
Parameter 2 : 00000000`00000002
Parameter 3 : 00000000`00000001
Parameter 4 : fffff800`02a93285
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+80640
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7601.17514 (win7sp1_rtm.101119-1850)
Processor : x64
Crash Address : ntoskrnl.exe+80640
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\Windows\Minidump\022712-44959-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 7601
Dump File Size : 277,360
==================================================

Edited by phalange, 29 February 2012 - 04:20 PM.


BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,658 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:08:46 PM

Posted 29 February 2012 - 06:22 PM

Welcome aboard Posted Image

Stay in safe mode for now....

Download Security Check from HERE, and save it to your Desktop.

* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.

=============================================================================

Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

====================================================================================

Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (do NOT change any settings here)
  • List Users, Partitions and Memory size
Click Go and post the result.

=============================================================================

Download Malwarebytes' Anti-Malware (aka MBAM): https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/ to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

=============================================================================

Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
Click the "Scan" button to start scan.
On completion of the scan click "Save log", save it to your desktop and post in your next reply.

NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#3 phalange

phalange
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:07:46 PM

Posted 29 February 2012 - 06:30 PM

From SecurityCheck:


Results of screen317's Security Check version 0.99.24
Windows 7 x64 (UAC is enabled)
Internet Explorer 9
``````````````````````````````
Antivirus/Firewall Check:

Windows Security Center service is not running! This report may not be accurate!
Windows Firewall Enabled!
avast! Free Antivirus
Norton Internet Security
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

Sophos Anti-Rootkit 1.5.20
Java™ 6 Update 22
Out of date Java installed!
````````````````````````````````
Process Check:
objlist.exe by Laurent

``````````End of Log````````````





From Farbar:

Farbar Service Scanner Version: 22-02-2012
Ran by phalange (administrator) on 29-02-2012 at 15:27:00
Running from "C:\Users\phalange\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Nerwork
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============
SDRSVC Service is not running. Checking service configuration:
The start type of SDRSVC service is OK.
The ImagePath of SDRSVC service is OK.
The ServiceDll of SDRSVC service is OK.

VSS Service is not running. Checking service configuration:
The start type of VSS service is OK.
The ImagePath of VSS service is OK.


System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.

BITS Service is not running. Checking service configuration:
The start type of BITS service is OK.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.

EventSystem Service is not running. Checking service configuration:
The start type of EventSystem service is OK.
The ImagePath of EventSystem service is OK.
The ServiceDll of EventSystem service is OK.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys
[2010-11-20 19:24] - [2010-11-20 19:24] - 0499712 ____A (Microsoft Corporation) D31DC7A16DEA4A9BAF179F3D6FBDB38C

C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2010-11-20 19:24] - [2010-11-20 19:24] - 1924480 ____A (Microsoft Corporation) 509383E505C973ED7534A06B3D19688D

C:\Windows\System32\dnsrslvr.dll
[2010-11-20 19:24] - [2010-11-20 19:24] - 0183296 ____A (Microsoft Corporation) CD55F5355D8F55D44C9F4ED875705BD6

C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****






From MiniToolBox:



MiniToolBox by Farbar Version: 18-01-2012
Ran by phalange (administrator) on 29-02-2012 at 15:28:37
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Nerwork
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.
========================= Hosts content: =================================
::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================

Realtek RTL8188CE 802.11b/g/n WiFi Adapter = Wireless Network Connection (Connected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : feelfreephalang
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : 2C-76-8A-E0-C7-23
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek RTL8188CE 802.11b/g/n WiFi Adapter
Physical Address. . . . . . . . . : D0-DF-9A-F0-F3-95
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::a16c:c237:b6cc:a74a%11(Preferred)
IPv4 Address. . . . . . . . . . . : 10.0.0.6(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Wednesday, February 29, 2012 3:08:38 PM
Lease Expires . . . . . . . . . . : Thursday, March 01, 2012 3:08:39 PM
Default Gateway . . . . . . . . . : 10.0.0.1
DHCP Server . . . . . . . . . . . : 10.0.0.1
DHCPv6 IAID . . . . . . . . . . . : 248569754
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-3D-FD-21-D0-DF-9A-F0-F3-95
DNS Servers . . . . . . . . . . . : 10.0.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{23F9E820-1648-40D7-863C-FA37E5E5C1CF}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 10.0.0.1

Name: google.com
Addresses: 74.125.224.166
74.125.224.167
74.125.224.163
74.125.224.161
74.125.224.174
74.125.224.162
74.125.224.168
74.125.224.169
74.125.224.165
74.125.224.160
74.125.224.164


Pinging google.com [74.125.224.166] with 32 bytes of data:
Reply from 74.125.224.166: bytes=32 time=49ms TTL=55
Reply from 74.125.224.166: bytes=32 time=46ms TTL=55

Ping statistics for 74.125.224.166:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 46ms, Maximum = 49ms, Average = 47ms
Server: UnKnown
Address: 10.0.0.1

Name: yahoo.com
Addresses: 209.191.122.70
98.139.127.62
98.139.183.24


Pinging yahoo.com [209.191.122.70] with 32 bytes of data:
Reply from 209.191.122.70: bytes=32 time=92ms TTL=56
Reply from 209.191.122.70: bytes=32 time=96ms TTL=56

Ping statistics for 209.191.122.70:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 92ms, Maximum = 96ms, Average = 94ms
Server: UnKnown
Address: 10.0.0.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Request timed out.
Request timed out.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
13...2c 76 8a e0 c7 23 ......Realtek PCIe FE Family Controller
11...d0 df 9a f0 f3 95 ......Realtek RTL8188CE 802.11b/g/n WiFi Adapter
1...........................Software Loopback Interface 1
14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
15...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.0.0.1 10.0.0.6 30
10.0.0.0 255.255.255.0 On-link 10.0.0.6 286
10.0.0.6 255.255.255.255 On-link 10.0.0.6 286
10.0.0.255 255.255.255.255 On-link 10.0.0.6 286
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 10.0.0.6 286
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 10.0.0.6 286
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
11 286 fe80::/64 On-link
11 286 fe80::a16c:c237:b6cc:a74a/128
On-link
1 306 ff00::/8 On-link
11 286 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (02/29/2012 03:10:08 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/29/2012 11:43:01 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/28/2012 01:53:16 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/28/2012 01:48:23 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/28/2012 00:54:46 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/28/2012 00:46:43 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/28/2012 00:39:13 AM) (Source: System Restore) (User: )
Description: Failed to create restore point (Process = C:\Windows\system32\wbem\wmiprvse.exe; Description = OTM Restore Point; Error = 0x8007043c).

Error: (02/28/2012 00:24:56 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/28/2012 00:19:50 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/27/2012 11:53:57 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.


System errors:
=============
Error: (02/29/2012 03:21:24 PM) (Source: DCOM) (User: )
Description: 1084MSIServer{000C101C-0000-0000-C000-000000000046}

Error: (02/29/2012 03:09:04 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1068

Error: (02/29/2012 03:09:04 PM) (Source: DCOM) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (02/29/2012 03:09:03 PM) (Source: DCOM) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (02/29/2012 03:09:01 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (02/29/2012 03:09:01 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (02/29/2012 03:08:57 PM) (Source: DCOM) (User: )
Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (02/29/2012 03:08:50 PM) (Source: DCOM) (User: )
Description: 1084ShellHWDetection{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (02/29/2012 03:08:44 PM) (Source: BugCheck) (User: )
Description: 0x0000000a (0x0000000000000010, 0x0000000000000002, 0x0000000000000001, 0xfffff80002a8d285)C:\Windows\MEMORY.DMP022912-20919-01

Error: (02/29/2012 03:08:40 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
aswSnx
aswSP
aswTdi
BHDrvx64
discache
IDSVia64
SAVRKBootTasks
spldr
SRTSPX
SymIRON
SymNetS
Wanarpv6


Microsoft Office Sessions:
=========================
Error: (02/29/2012 03:10:08 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/29/2012 11:43:01 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/28/2012 01:53:16 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/28/2012 01:48:23 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/28/2012 00:54:46 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/28/2012 00:46:43 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/28/2012 00:39:13 AM) (Source: System Restore)(User: )
Description: C:\Windows\system32\wbem\wmiprvse.exeOTM Restore Point0x8007043c

Error: (02/28/2012 00:24:56 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/28/2012 00:19:50 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/27/2012 11:53:57 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.


=========================== Installed Programs ============================

ActiveCheck component for HP Active Support Library (Version: 3.0.0.3)
Adobe Flash Player 10 ActiveX (Version: 10.2.152.26)
Adobe Reader X MUI (Version: 10.0.0)
Adobe Shockwave Player 11.5 (Version: 11.5.8.612)
Agatha Christie - Peril at End House (Version: 2.2.0.95)
avast! Free Antivirus (Version: 7.0.1407.0)
Bejeweled 2 Deluxe (Version: 2.2.0.95)
Bing Bar (Version: 7.0.610.0)
Blackhawk Striker 2 (Version: 2.2.0.95)
Blasterball 3 (Version: 2.2.0.95)
Blio (Version: 2.2.6585)
Bounce Symphony (Version: 2.2.0.95)
Build-a-lot 2 (Version: 2.2.0.95)
Cake Mania (Version: 2.2.0.95)
Chuzzle Deluxe (Version: 2.2.0.95)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
CyberLink YouCam (Version: 3.2.1.3726)
D3DX10 (Version: 15.4.2368.0902)
Diner Dash 2 Restaurant Rescue (Version: 2.2.0.95)
Dora's World Adventure (Version: 2.2.0.95)
Energy Star Digital Logo (Version: 1.0.1)
Escape Rosecliff Island (Version: 2.2.0.95)
ESU for Microsoft Windows 7 (Version: 1.0.0)
Farm Frenzy (Version: 2.2.0.95)
FATE (Version: 2.2.0.95)
Final Drive Nitro (Version: 2.2.0.95)
Google Chrome (Version: 17.0.963.56)
Google Update Helper (Version: 1.3.21.65)
Heroes of Hellas 2 - Olympia (Version: 2.2.0.95)
HP Auto (Version: 1.0.12935.3667)
HP Client Services (Version: 1.0.12656.3472)
HP CloudDrive
HP Customer Experience Enhancements (Version: 6.0.1.7)
HP Documentation (Version: 1.1.0.0)
HP Game Console
HP Games (Version: 1.0.1.5)
HP MovieStore (Version: 1.0.045)
HP MovieStore (Version: 2.0)
HP On Screen Display (Version: 1.0.7)
HP Power Manager (Version: 1.2.1)
HP Quick Launch (Version: 2.3.6)
HP Setup (Version: 8.6.4516.3597)
HP Setup Manager (Version: 1.1.13155.3599)
HP Software Framework (Version: 4.0.108.1)
HP Support Assistant (Version: 5.1.11.1)
HP Wireless Assistant (Version: 4.0.10.0)
HPAsset component for HP Active Support Library (Version: 3.0.0.3)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.2202)
Intel® Rapid Storage Technology (Version: 10.0.0.1046)
Java Auto Updater (Version: 2.0.2.4)
Java™ 6 Update 22 (64-bit) (Version: 6.0.220)
Java™ 6 Update 22 (Version: 6.0.220)
Jewel Quest Solitaire 2 (Version: 2.2.0.95)
Junk Mail filter update (Version: 15.4.3502.0922)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Silverlight (Version: 4.0.50401.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
Mystery P.I. - The London Caper (Version: 2.2.0.95)
NirSoft BlueScreenView
Norton Internet Security (Version: 18.1.0.37)
Penguins! (Version: 2.2.0.95)
Plants vs. Zombies (Version: 2.2.0.95)
PlayReady PC Runtime x86 (Version: 1.3.0)
Poker Superstars III (Version: 2.2.0.95)
Polar Bowler (Version: 2.2.0.95)
Polar Golfer (Version: 2.2.0.95)
Realtek Ethernet Controller Driver (Version: 7.42.304.2011)
Realtek High Definition Audio Driver (Version: 6.0.1.6287)
Realtek PCIE Card Reader (Version: 6.1.7600.77)
REALTEK Wireless LAN Driver (Version: 1.00.10.0416)
Recovery Manager (Version: 1.0.22)
RoxioNow Player (Version: 1.9.5.103)
Sophos Anti-Rootkit 1.5.20 (Version: 1.5.20)
Synaptics Pointing Device Driver (Version: 15.2.4.3)
Virtual Families (Version: 2.2.0.95)
Virtual Villagers 4 - The Tree of Life (Version: 2.2.0.95)
Wheel of Fortune 2 (Version: 2.2.0.95)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3508.1109)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Zuma Deluxe (Version: 2.2.0.95)

========================= Devices: ================================

Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: avast! Network Shield Support
Description: avast! Network Shield Support
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: aswTdi
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


========================= Memory info: ===================================

Percentage of memory in use: 26%
Total physical RAM: 3001.89 MB
Available physical RAM: 2197.13 MB
Total Pagefile: 6001.98 MB
Available Pagefile: 5192.99 MB
Total Virtual: 4095.88 MB
Available Virtual: 3967.4 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:284.21 GB) (Free:260.2 GB) NTFS
2 Drive e: (RECOVERY) (Fixed) (Total:13.58 GB) (Free:1.69 GB) NTFS

========================= Users: ========================================

User accounts for \\FEELFREEPHALANG

Administrator Guest phalange


**** End of log ****

#4 phalange

phalange
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:07:46 PM

Posted 29 February 2012 - 06:46 PM

Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Database version: v2012.02.29.06

Windows 7 Service Pack 1 x64 NTFS (Safe Mode/Networking)
Internet Explorer 9.0.8112.16421
phalange :: FEELFREEPHALANG [administrator]

2/29/2012 3:43:09 PM
mbam-log-2012-02-29 (15-43-09).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 181433
Time elapsed: 1 minute(s), 55 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#5 phalange

phalange
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:07:46 PM

Posted 29 February 2012 - 06:51 PM

aswMBR version 0.9.9.1649 Copyright© 2011 AVAST Software
Run date: 2012-02-29 15:47:09
-----------------------------
15:47:09.129 OS Version: Windows x64 6.1.7601 Service Pack 1
15:47:09.129 Number of processors: 2 586 0x170A
15:47:09.129 ComputerName: FEELFREEPHALANG UserName: phalange
15:47:10.069 Initialize success
15:47:10.878 AVAST engine defs: 12022301
15:47:26.147 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
15:47:26.150 Disk 0 Vendor: Hitachi_ ES2O Size: 305245MB BusType: 3
15:47:26.166 Disk 0 MBR read successfully
15:47:26.170 Disk 0 MBR scan
15:47:26.562 Disk 0 Windows 7 default MBR code
15:47:26.576 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
15:47:27.044 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 291033 MB offset 409600
15:47:27.094 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 13908 MB offset 596445184
15:47:27.154 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 103 MB offset 624928768
15:47:27.609 Disk 0 scanning C:\Windows\system32\drivers
15:47:37.706 Service scanning
15:48:06.720 Modules scanning
15:48:06.720 Disk 0 trace - called modules:
15:48:06.740 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
15:48:06.740 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8003b3e630]
15:48:06.740 3 CLASSPNP.SYS[fffff88001dc043f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8002f17050]
15:48:07.393 AVAST engine scan C:\Windows
15:48:08.996 AVAST engine scan C:\Windows\system32
15:49:11.722 AVAST engine scan C:\Windows\system32\drivers
15:49:15.774 AVAST engine scan C:\Users\phalange
15:49:39.097 AVAST engine scan C:\ProgramData
15:50:36.605 Scan finished successfully
15:50:49.774 Disk 0 MBR has been saved successfully to "C:\Users\phalange\Desktop\MBR.dat"
15:50:49.782 The log file has been saved successfully to "C:\Users\phalange\Desktop\aswMBR.txt"

#6 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,658 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:08:46 PM

Posted 29 February 2012 - 07:17 PM

You're running two AV programs, Norton and Avast.
One of them has to go.
If Norton use this tool to uninstall it: https://www-secure.symantec.com/norton-support/jsp/help-solutions.jsp?docid=20080710133834EN&lg=english&ct=united+states&product=home&version=1&pvid=f-home&entsrc=redirect_pubweb

Download Bootkit Remover to your desktop.

  • Unzip downloaded file to your Desktop.
  • Double-click on boot_cleaner.exe to run the program (Vista/7 users,right click on boot_cleaner.exe and click Run As Administrator).
  • It will show a Black screen with some data on it.
  • Right click on the screen and click Select All.
  • Press CTRL+C
  • Open a Notepad and press CTRL+V
  • Post the output back here.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#7 phalange

phalange
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:07:46 PM

Posted 29 February 2012 - 07:42 PM

Bootkit Remover
© 2009 Esage Lab
www.esagelab.com

Program version: 1.2.0.1
OS Version: Microsoft Windows 7 Home Premium Edition Service Pack 1 (build 7601)
, 64-bit

System volume is \\.\C:
\\.\C: -> \\.\PhysicalDrive0 at offset 0x00000000`0c800000

Size Device Name MBR Status
--------------------------------------------
298 GB \\.\PhysicalDrive0 Controlled by rootkit!

Boot code on some of your physical disks is hidden by a rootkit.
To disinfect the master boot sector, use the following command:
remover.exe fix <device_name>
To inspect the boot code manually, dump the master boot sector:
remover.exe dump <device_name> [output_file]


Done;
Press any key to quit...

#8 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,658 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:08:46 PM

Posted 29 February 2012 - 09:05 PM

Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#9 phalange

phalange
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:07:46 PM

Posted 29 February 2012 - 09:14 PM

18:11:38.0064 5540 TDSS rootkit removing tool 2.7.17.0 Feb 29 2012 14:02:24
18:11:38.0670 5540 ============================================================
18:11:38.0670 5540 Current date / time: 2012/02/29 18:11:38.0670
18:11:38.0670 5540 SystemInfo:
18:11:38.0670 5540
18:11:38.0670 5540 OS Version: 6.1.7601 ServicePack: 1.0
18:11:38.0670 5540 Product type: Workstation
18:11:38.0671 5540 ComputerName: FEELFREEPHALANG
18:11:38.0671 5540 UserName: phalange
18:11:38.0671 5540 Windows directory: C:\Windows
18:11:38.0671 5540 System windows directory: C:\Windows
18:11:38.0671 5540 Running under WOW64
18:11:38.0671 5540 Processor architecture: Intel x64
18:11:38.0671 5540 Number of processors: 2
18:11:38.0671 5540 Page size: 0x1000
18:11:38.0671 5540 Boot type: Normal boot
18:11:38.0671 5540 ============================================================
18:11:39.0427 5540 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:11:39.0432 5540 \Device\Harddisk0\DR0:
18:11:39.0432 5540 MBR used
18:11:39.0432 5540 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
18:11:39.0432 5540 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x2386C800
18:11:39.0432 5540 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x238D0800, BlocksNum 0x1B2A000
18:11:39.0432 5540 \Device\Harddisk0\DR0\Partition3: MBR, Type 0xC, StartLBA 0x253FA800, BlocksNum 0x33AB0
18:11:39.0560 5540 Initialize success
18:11:39.0560 5540 ============================================================
18:13:33.0083 4620 ============================================================
18:13:33.0083 4620 Scan started
18:13:33.0083 4620 Mode: Manual;
18:13:33.0083 4620 ============================================================
18:13:34.0695 4620 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
18:13:34.0699 4620 1394ohci - ok
18:13:34.0846 4620 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
18:13:34.0851 4620 ACPI - ok
18:13:35.0022 4620 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
18:13:35.0028 4620 AcpiPmi - ok
18:13:35.0324 4620 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
18:13:35.0334 4620 adp94xx - ok
18:13:35.0530 4620 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
18:13:35.0535 4620 adpahci - ok
18:13:35.0713 4620 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
18:13:35.0717 4620 adpu320 - ok
18:13:35.0846 4620 AFD (d31dc7a16dea4a9baf179f3d6fbdb38c) C:\Windows\system32\drivers\afd.sys
18:13:35.0852 4620 AFD - ok
18:13:35.0946 4620 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
18:13:35.0948 4620 agp440 - ok
18:13:36.0057 4620 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
18:13:36.0059 4620 aliide - ok
18:13:36.0157 4620 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
18:13:36.0159 4620 amdide - ok
18:13:36.0270 4620 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
18:13:36.0272 4620 AmdK8 - ok
18:13:36.0349 4620 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
18:13:36.0351 4620 AmdPPM - ok
18:13:36.0451 4620 amdsata (6ec6d772eae38dc17c14aed9b178d24b) C:\Windows\system32\drivers\amdsata.sys
18:13:36.0453 4620 amdsata - ok
18:13:36.0555 4620 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
18:13:36.0558 4620 amdsbs - ok
18:13:36.0656 4620 amdxata (1142a21db581a84ea5597b03a26ebaa0) C:\Windows\system32\drivers\amdxata.sys
18:13:36.0661 4620 amdxata - ok
18:13:36.0902 4620 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
18:13:36.0911 4620 AppID - ok
18:13:37.0026 4620 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
18:13:37.0028 4620 arc - ok
18:13:37.0117 4620 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
18:13:37.0119 4620 arcsas - ok
18:13:37.0215 4620 aswFsBlk (c7c69ed14a7ddecaf58e3dfd1fca6d37) C:\Windows\system32\drivers\aswFsBlk.sys
18:13:37.0217 4620 aswFsBlk - ok
18:13:37.0347 4620 aswMonFlt (ad5276449159ba8d5206c6094c764249) C:\Windows\system32\drivers\aswMonFlt.sys
18:13:37.0349 4620 aswMonFlt - ok
18:13:37.0439 4620 aswRdr (1e5ca4c89227df49c5fc779e7848ae8b) C:\Windows\System32\Drivers\aswrdr2.sys
18:13:37.0441 4620 aswRdr - ok
18:13:37.0531 4620 aswSnx (45ad1ed2a0ccd582e32b10535f5c42e9) C:\Windows\system32\drivers\aswSnx.sys
18:13:37.0541 4620 aswSnx - ok
18:13:37.0629 4620 aswSP (06fd751c1b15734e57df09614602be66) C:\Windows\system32\drivers\aswSP.sys
18:13:37.0633 4620 aswSP - ok
18:13:37.0716 4620 aswTdi (bf670f65762ff8da7615d7b80914c0f8) C:\Windows\system32\drivers\aswTdi.sys
18:13:37.0718 4620 aswTdi - ok
18:13:37.0828 4620 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
18:13:37.0830 4620 AsyncMac - ok
18:13:37.0928 4620 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
18:13:37.0931 4620 atapi - ok
18:13:38.0052 4620 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
18:13:38.0061 4620 b06bdrv - ok
18:13:38.0173 4620 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
18:13:38.0177 4620 b57nd60a - ok
18:13:38.0317 4620 BCM43XX (9e84a931dbee0292e38ed672f6293a99) C:\Windows\system32\DRIVERS\bcmwl664.sys
18:13:38.0334 4620 BCM43XX - ok
18:13:38.0432 4620 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
18:13:38.0433 4620 Beep - ok
18:13:38.0544 4620 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
18:13:38.0546 4620 blbdrive - ok
18:13:38.0645 4620 bowser (91ce0d3dc57dd377e690a2d324022b08) C:\Windows\system32\DRIVERS\bowser.sys
18:13:38.0647 4620 bowser - ok
18:13:38.0745 4620 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
18:13:38.0747 4620 BrFiltLo - ok
18:13:38.0823 4620 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
18:13:38.0824 4620 BrFiltUp - ok
18:13:38.0922 4620 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
18:13:38.0926 4620 Brserid - ok
18:13:39.0044 4620 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
18:13:39.0046 4620 BrSerWdm - ok
18:13:39.0144 4620 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
18:13:39.0146 4620 BrUsbMdm - ok
18:13:39.0255 4620 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
18:13:39.0258 4620 BrUsbSer - ok
18:13:39.0404 4620 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
18:13:39.0408 4620 BTHMODEM - ok
18:13:39.0514 4620 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
18:13:39.0516 4620 cdfs - ok
18:13:39.0628 4620 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
18:13:39.0631 4620 cdrom - ok
18:13:39.0750 4620 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
18:13:39.0754 4620 circlass - ok
18:13:39.0893 4620 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
18:13:39.0898 4620 CLFS - ok
18:13:40.0032 4620 clwvd (50f92c943f18b070f166d019dfab3d9a) C:\Windows\system32\DRIVERS\clwvd.sys
18:13:40.0034 4620 clwvd - ok
18:13:40.0187 4620 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
18:13:40.0198 4620 CmBatt - ok
18:13:40.0365 4620 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
18:13:40.0370 4620 cmdide - ok
18:13:40.0565 4620 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
18:13:40.0572 4620 CNG - ok
18:13:40.0785 4620 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
18:13:40.0787 4620 Compbatt - ok
18:13:40.0975 4620 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
18:13:40.0978 4620 CompositeBus - ok
18:13:41.0187 4620 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
18:13:41.0189 4620 crcdisk - ok
18:13:41.0402 4620 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
18:13:41.0408 4620 DfsC - ok
18:13:41.0580 4620 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
18:13:41.0582 4620 discache - ok
18:13:41.0793 4620 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
18:13:41.0802 4620 Disk - ok
18:13:42.0029 4620 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
18:13:42.0030 4620 drmkaud - ok
18:13:42.0146 4620 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
18:13:42.0158 4620 DXGKrnl - ok
18:13:42.0300 4620 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
18:13:42.0338 4620 ebdrv - ok
18:13:42.0482 4620 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
18:13:42.0489 4620 elxstor - ok
18:13:42.0568 4620 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
18:13:42.0570 4620 ErrDev - ok
18:13:42.0686 4620 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
18:13:42.0689 4620 exfat - ok
18:13:42.0767 4620 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
18:13:42.0770 4620 fastfat - ok
18:13:42.0867 4620 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
18:13:42.0869 4620 fdc - ok
18:13:42.0969 4620 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
18:13:42.0971 4620 FileInfo - ok
18:13:43.0047 4620 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
18:13:43.0048 4620 Filetrace - ok
18:13:43.0125 4620 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
18:13:43.0127 4620 flpydisk - ok
18:13:43.0222 4620 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
18:13:43.0233 4620 FltMgr - ok
18:13:43.0439 4620 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
18:13:43.0439 4620 FsDepends - ok
18:13:43.0644 4620 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
18:13:43.0646 4620 Fs_Rec - ok
18:13:43.0736 4620 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
18:13:43.0739 4620 fvevol - ok
18:13:43.0821 4620 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
18:13:43.0824 4620 gagp30kx - ok
18:13:43.0938 4620 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
18:13:43.0940 4620 hcw85cir - ok
18:13:44.0050 4620 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
18:13:44.0055 4620 HdAudAddService - ok
18:13:44.0164 4620 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
18:13:44.0167 4620 HDAudBus - ok
18:13:44.0249 4620 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
18:13:44.0250 4620 HidBatt - ok
18:13:44.0340 4620 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
18:13:44.0343 4620 HidBth - ok
18:13:44.0432 4620 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
18:13:44.0435 4620 HidIr - ok
18:13:44.0567 4620 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
18:13:44.0569 4620 HidUsb - ok
18:13:44.0713 4620 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
18:13:44.0715 4620 HpSAMD - ok
18:13:44.0836 4620 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
18:13:44.0845 4620 HTTP - ok
18:13:44.0923 4620 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
18:13:44.0924 4620 hwpolicy - ok
18:13:45.0036 4620 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
18:13:45.0038 4620 i8042prt - ok
18:13:45.0141 4620 iaStor (f7ce9be72edac499b713eca6dae5d26f) C:\Windows\system32\DRIVERS\iaStor.sys
18:13:45.0145 4620 iaStor - ok
18:13:45.0312 4620 iaStorV (3df4395a7cf8b7a72a5f4606366b8c2d) C:\Windows\system32\drivers\iaStorV.sys
18:13:45.0318 4620 iaStorV - ok
18:13:45.0690 4620 igfx (677aa5991026a65ada128c4b59cf2bad) C:\Windows\system32\DRIVERS\igdkmd64.sys
18:13:45.0890 4620 igfx - ok
18:13:45.0979 4620 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
18:13:45.0981 4620 iirsp - ok
18:13:46.0120 4620 IntcAzAudAddService (336c3a6bf14d5a9af35af07c6b6b29cd) C:\Windows\system32\drivers\RTKVHD64.sys
18:13:46.0151 4620 IntcAzAudAddService - ok
18:13:46.0235 4620 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
18:13:46.0236 4620 intelide - ok
18:13:46.0336 4620 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
18:13:46.0338 4620 intelppm - ok
18:13:46.0426 4620 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:13:46.0428 4620 IpFilterDriver - ok
18:13:46.0527 4620 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
18:13:46.0530 4620 IPMIDRV - ok
18:13:46.0629 4620 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
18:13:46.0632 4620 IPNAT - ok
18:13:46.0730 4620 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
18:13:46.0731 4620 IRENUM - ok
18:13:46.0830 4620 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
18:13:46.0832 4620 isapnp - ok
18:13:46.0916 4620 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
18:13:46.0920 4620 iScsiPrt - ok
18:13:47.0053 4620 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
18:13:47.0056 4620 kbdclass - ok
18:13:47.0165 4620 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
18:13:47.0167 4620 kbdhid - ok
18:13:47.0307 4620 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
18:13:47.0313 4620 KSecDD - ok
18:13:47.0432 4620 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
18:13:47.0435 4620 KSecPkg - ok
18:13:47.0521 4620 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
18:13:47.0522 4620 ksthunk - ok
18:13:47.0644 4620 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
18:13:47.0646 4620 lltdio - ok
18:13:47.0757 4620 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
18:13:47.0760 4620 LSI_FC - ok
18:13:47.0861 4620 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
18:13:47.0864 4620 LSI_SAS - ok
18:13:47.0962 4620 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
18:13:47.0964 4620 LSI_SAS2 - ok
18:13:48.0075 4620 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
18:13:48.0079 4620 LSI_SCSI - ok
18:13:48.0178 4620 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
18:13:48.0180 4620 luafv - ok
18:13:48.0300 4620 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
18:13:48.0303 4620 megasas - ok
18:13:48.0408 4620 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
18:13:48.0413 4620 MegaSR - ok
18:13:48.0480 4620 MEMSWEEP2 - ok
18:13:48.0530 4620 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
18:13:48.0532 4620 Modem - ok
18:13:48.0631 4620 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
18:13:48.0633 4620 monitor - ok
18:13:48.0743 4620 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
18:13:48.0745 4620 mouclass - ok
18:13:48.0843 4620 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\drivers\mouhid.sys
18:13:48.0845 4620 mouhid - ok
18:13:48.0946 4620 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
18:13:48.0948 4620 mountmgr - ok
18:13:49.0027 4620 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
18:13:49.0030 4620 mpio - ok
18:13:49.0116 4620 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
18:13:49.0119 4620 mpsdrv - ok
18:13:49.0209 4620 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
18:13:49.0212 4620 MRxDAV - ok
18:13:49.0356 4620 mrxsmb (faf015b07e3a2874a790a39b7d2c579f) C:\Windows\system32\DRIVERS\mrxsmb.sys
18:13:49.0366 4620 mrxsmb - ok
18:13:49.0459 4620 mrxsmb10 (08e2345df129082bcdffdc1440f9c00d) C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:13:49.0464 4620 mrxsmb10 - ok
18:13:49.0549 4620 mrxsmb20 (108d87409c5812ef47d81e22843e8c9d) C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:13:49.0551 4620 mrxsmb20 - ok
18:13:49.0638 4620 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
18:13:49.0640 4620 msahci - ok
18:13:49.0730 4620 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
18:13:49.0733 4620 msdsm - ok
18:13:49.0830 4620 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
18:13:49.0831 4620 Msfs - ok
18:13:49.0931 4620 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
18:13:49.0933 4620 mshidkmdf - ok
18:13:50.0010 4620 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
18:13:50.0011 4620 msisadrv - ok
18:13:50.0126 4620 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
18:13:50.0128 4620 MSKSSRV - ok
18:13:50.0215 4620 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
18:13:50.0217 4620 MSPCLOCK - ok
18:13:50.0304 4620 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
18:13:50.0306 4620 MSPQM - ok
18:13:50.0403 4620 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
18:13:50.0408 4620 MsRPC - ok
18:13:50.0491 4620 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
18:13:50.0493 4620 mssmbios - ok
18:13:50.0591 4620 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
18:13:50.0593 4620 MSTEE - ok
18:13:50.0669 4620 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
18:13:50.0671 4620 MTConfig - ok
18:13:50.0748 4620 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
18:13:50.0750 4620 Mup - ok
18:13:50.0872 4620 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
18:13:50.0877 4620 NativeWifiP - ok
18:13:50.0994 4620 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
18:13:51.0005 4620 NDIS - ok
18:13:51.0101 4620 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
18:13:51.0103 4620 NdisCap - ok
18:13:51.0201 4620 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
18:13:51.0203 4620 NdisTapi - ok
18:13:51.0326 4620 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
18:13:51.0328 4620 Ndisuio - ok
18:13:51.0418 4620 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
18:13:51.0420 4620 NdisWan - ok
18:13:51.0508 4620 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
18:13:51.0510 4620 NDProxy - ok
18:13:51.0609 4620 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
18:13:51.0611 4620 NetBIOS - ok
18:13:51.0692 4620 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
18:13:51.0696 4620 NetBT - ok
18:13:51.0801 4620 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
18:13:51.0803 4620 nfrd960 - ok
18:13:51.0901 4620 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
18:13:51.0903 4620 Npfs - ok
18:13:51.0991 4620 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
18:13:51.0992 4620 nsiproxy - ok
18:13:52.0112 4620 Ntfs (05d78aa5cb5f3f5c31160bdb955d0b7c) C:\Windows\system32\drivers\Ntfs.sys
18:13:52.0131 4620 Ntfs - ok
18:13:52.0215 4620 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
18:13:52.0217 4620 Null - ok
18:13:52.0326 4620 NVENETFD (a85b4f2ef3a7304a5399ef0526423040) C:\Windows\system32\DRIVERS\nvm62x64.sys
18:13:52.0332 4620 NVENETFD - ok
18:13:52.0428 4620 nvraid (5d9fd91f3d38dc9da01e3cb5fa89cd48) C:\Windows\system32\drivers\nvraid.sys
18:13:52.0431 4620 nvraid - ok
18:13:52.0531 4620 nvstor (f7cd50fe7139f07e77da8ac8033d1832) C:\Windows\system32\drivers\nvstor.sys
18:13:52.0534 4620 nvstor - ok
18:13:52.0644 4620 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
18:13:52.0647 4620 nv_agp - ok
18:13:52.0728 4620 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
18:13:52.0730 4620 ohci1394 - ok
18:13:52.0832 4620 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
18:13:52.0834 4620 Parport - ok
18:13:52.0911 4620 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
18:13:52.0913 4620 partmgr - ok
18:13:53.0006 4620 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
18:13:53.0009 4620 pci - ok
18:13:53.0094 4620 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
18:13:53.0096 4620 pciide - ok
18:13:53.0189 4620 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
18:13:53.0193 4620 pcmcia - ok
18:13:53.0322 4620 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
18:13:53.0325 4620 pcw - ok
18:13:53.0421 4620 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
18:13:53.0429 4620 PEAUTH - ok
18:13:53.0580 4620 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
18:13:53.0581 4620 PptpMiniport - ok
18:13:53.0658 4620 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
18:13:53.0660 4620 Processor - ok
18:13:53.0764 4620 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
18:13:53.0766 4620 Psched - ok
18:13:53.0887 4620 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
18:13:53.0905 4620 ql2300 - ok
18:13:54.0004 4620 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
18:13:54.0007 4620 ql40xx - ok
18:13:54.0093 4620 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
18:13:54.0095 4620 QWAVEdrv - ok
18:13:54.0183 4620 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
18:13:54.0184 4620 RasAcd - ok
18:13:54.0289 4620 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
18:13:54.0290 4620 RasAgileVpn - ok
18:13:54.0419 4620 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
18:13:54.0420 4620 Rasl2tp - ok
18:13:54.0531 4620 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
18:13:54.0533 4620 RasPppoe - ok
18:13:54.0647 4620 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
18:13:54.0648 4620 RasSstp - ok
18:13:54.0743 4620 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
18:13:54.0748 4620 rdbss - ok
18:13:54.0831 4620 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
18:13:54.0833 4620 rdpbus - ok
18:13:54.0942 4620 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
18:13:54.0943 4620 RDPCDD - ok
18:13:55.0053 4620 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
18:13:55.0055 4620 RDPENCDD - ok
18:13:55.0153 4620 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
18:13:55.0154 4620 RDPREFMP - ok
18:13:55.0267 4620 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
18:13:55.0271 4620 RDPWD - ok
18:13:55.0482 4620 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
18:13:55.0486 4620 rdyboost - ok
18:13:55.0669 4620 RSPCIESTOR (546d7f426776090b90ef5f195b6ae662) C:\Windows\system32\DRIVERS\RtsPStor.sys
18:13:55.0675 4620 RSPCIESTOR - ok
18:13:55.0775 4620 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
18:13:55.0778 4620 rspndr - ok
18:13:55.0896 4620 RTL8167 (3372196f61af48503656ef6aa3e92d1b) C:\Windows\system32\DRIVERS\Rt64win7.sys
18:13:55.0902 4620 RTL8167 - ok
18:13:56.0018 4620 RTL8192Ce (fa088015155c4c6dab5d1d9e68eb9d6b) C:\Windows\system32\DRIVERS\rtl8192Ce.sys
18:13:56.0031 4620 RTL8192Ce - ok
18:13:56.0093 4620 SAVRKBootTasks - ok
18:13:56.0166 4620 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
18:13:56.0169 4620 sbp2port - ok
18:13:56.0322 4620 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
18:13:56.0327 4620 scfilter - ok
18:13:56.0440 4620 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\DRIVERS\sdbus.sys
18:13:56.0444 4620 sdbus - ok
18:13:56.0552 4620 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
18:13:56.0553 4620 secdrv - ok
18:13:56.0652 4620 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
18:13:56.0654 4620 Serenum - ok
18:13:56.0754 4620 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
18:13:56.0757 4620 Serial - ok
18:13:56.0854 4620 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
18:13:56.0856 4620 sermouse - ok
18:13:56.0955 4620 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
18:13:56.0956 4620 sffdisk - ok
18:13:57.0044 4620 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
18:13:57.0046 4620 sffp_mmc - ok
18:13:57.0133 4620 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
18:13:57.0135 4620 sffp_sd - ok
18:13:57.0222 4620 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
18:13:57.0227 4620 sfloppy - ok
18:13:57.0379 4620 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
18:13:57.0381 4620 SiSRaid2 - ok
18:13:57.0525 4620 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
18:13:57.0527 4620 SiSRaid4 - ok
18:13:57.0627 4620 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
18:13:57.0630 4620 Smb - ok
18:13:57.0738 4620 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
18:13:57.0740 4620 spldr - ok
18:13:57.0856 4620 srv (2098b8556d1cec2aca9a29cd479e3692) C:\Windows\system32\DRIVERS\srv.sys
18:13:57.0862 4620 srv - ok
18:13:57.0992 4620 srv2 (d0f73a42040f21f92fd314b42ac5c9e7) C:\Windows\system32\DRIVERS\srv2.sys
18:13:57.0998 4620 srv2 - ok
18:13:58.0093 4620 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
18:13:58.0097 4620 SrvHsfHDA - ok
18:13:58.0202 4620 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
18:13:58.0220 4620 SrvHsfV92 - ok
18:13:58.0312 4620 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
18:13:58.0321 4620 SrvHsfWinac - ok
18:13:58.0404 4620 srvnet (2ba8f3250828ccdb4204ecf2c6f40b6a) C:\Windows\system32\DRIVERS\srvnet.sys
18:13:58.0407 4620 srvnet - ok
18:13:58.0515 4620 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
18:13:58.0517 4620 stexstor - ok
18:13:58.0606 4620 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
18:13:58.0608 4620 swenum - ok
18:13:58.0752 4620 SynTP (ec4dca6539eb97376f1a1743d209d842) C:\Windows\system32\DRIVERS\SynTP.sys
18:13:58.0768 4620 SynTP - ok
18:13:58.0913 4620 Tcpip (509383e505c973ed7534a06b3d19688d) C:\Windows\system32\drivers\tcpip.sys
18:13:58.0935 4620 Tcpip - ok
18:13:59.0068 4620 TCPIP6 (509383e505c973ed7534a06b3d19688d) C:\Windows\system32\DRIVERS\tcpip.sys
18:13:59.0080 4620 TCPIP6 - ok
18:13:59.0168 4620 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
18:13:59.0168 4620 tcpipreg - ok
18:13:59.0293 4620 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
18:13:59.0293 4620 TDPIPE - ok
18:13:59.0402 4620 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
18:13:59.0417 4620 TDTCP - ok
18:13:59.0542 4620 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
18:13:59.0551 4620 tdx - ok
18:13:59.0654 4620 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
18:13:59.0657 4620 TermDD - ok
18:13:59.0777 4620 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
18:13:59.0779 4620 tssecsrv - ok
18:13:59.0888 4620 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
18:13:59.0891 4620 TsUsbFlt - ok
18:13:59.0978 4620 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
18:13:59.0980 4620 TsUsbGD - ok
18:14:00.0125 4620 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
18:14:00.0127 4620 tunnel - ok
18:14:00.0215 4620 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
18:14:00.0217 4620 uagp35 - ok
18:14:00.0313 4620 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
18:14:00.0317 4620 udfs - ok
18:14:00.0435 4620 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
18:14:00.0437 4620 uliagpkx - ok
18:14:00.0519 4620 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
18:14:00.0519 4620 umbus - ok
18:14:00.0602 4620 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
18:14:00.0604 4620 UmPass - ok
18:14:00.0694 4620 usbccgp (481dff26b4dca8f4cbac1f7dce1d6829) C:\Windows\system32\DRIVERS\usbccgp.sys
18:14:00.0697 4620 usbccgp - ok
18:14:00.0809 4620 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
18:14:00.0811 4620 usbcir - ok
18:14:00.0899 4620 usbehci (74ee782b1d9c241efe425565854c661c) C:\Windows\system32\drivers\usbehci.sys
18:14:00.0901 4620 usbehci - ok
18:14:01.0011 4620 usbhub (dc96bd9ccb8403251bcf25047573558e) C:\Windows\system32\drivers\usbhub.sys
18:14:01.0014 4620 usbhub - ok
18:14:01.0099 4620 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\drivers\usbohci.sys
18:14:01.0101 4620 usbohci - ok
18:14:01.0183 4620 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
18:14:01.0186 4620 usbprint - ok
18:14:01.0297 4620 USBSTOR (d76510cfa0fc09023077f22c2f979d86) C:\Windows\system32\drivers\USBSTOR.SYS
18:14:01.0299 4620 USBSTOR - ok
18:14:01.0386 4620 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\drivers\usbuhci.sys
18:14:01.0388 4620 usbuhci - ok
18:14:01.0481 4620 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
18:14:01.0484 4620 usbvideo - ok
18:14:01.0570 4620 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
18:14:01.0572 4620 vdrvroot - ok
18:14:01.0682 4620 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
18:14:01.0684 4620 vga - ok
18:14:01.0770 4620 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
18:14:01.0772 4620 VgaSave - ok
18:14:01.0864 4620 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
18:14:01.0868 4620 vhdmp - ok
18:14:01.0953 4620 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
18:14:01.0955 4620 viaide - ok
18:14:02.0036 4620 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
18:14:02.0039 4620 volmgr - ok
18:14:02.0133 4620 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
18:14:02.0138 4620 volmgrx - ok
18:14:02.0229 4620 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
18:14:02.0233 4620 volsnap - ok
18:14:02.0320 4620 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
18:14:02.0323 4620 vsmraid - ok
18:14:02.0409 4620 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
18:14:02.0411 4620 vwifibus - ok
18:14:02.0520 4620 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
18:14:02.0523 4620 vwififlt - ok
18:14:02.0632 4620 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
18:14:02.0634 4620 WacomPen - ok
18:14:02.0741 4620 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
18:14:02.0741 4620 WANARP - ok
18:14:02.0762 4620 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
18:14:02.0764 4620 Wanarpv6 - ok
18:14:02.0858 4620 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
18:14:02.0860 4620 Wd - ok
18:14:02.0956 4620 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
18:14:02.0965 4620 Wdf01000 - ok
18:14:03.0098 4620 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
18:14:03.0100 4620 WfpLwf - ok
18:14:03.0188 4620 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
18:14:03.0190 4620 WIMMount - ok
18:14:03.0366 4620 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
18:14:03.0368 4620 WmiAcpi - ok
18:14:03.0489 4620 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
18:14:03.0491 4620 ws2ifsl - ok
18:14:03.0593 4620 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
18:14:03.0595 4620 WudfPf - ok
18:14:03.0631 4620 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
18:14:03.0679 4620 \Device\Harddisk0\DR0 - ok
18:14:03.0683 4620 Boot (0x1200) (9ff981963b56064fb06fc2bd1e472f37) \Device\Harddisk0\DR0\Partition0
18:14:03.0684 4620 \Device\Harddisk0\DR0\Partition0 - ok
18:14:03.0722 4620 Boot (0x1200) (7026b103b7d2a5220f7b383f54eb7434) \Device\Harddisk0\DR0\Partition1
18:14:03.0723 4620 \Device\Harddisk0\DR0\Partition1 - ok
18:14:03.0749 4620 Boot (0x1200) (77e93bb566a7741fffb49ff56b047f2f) \Device\Harddisk0\DR0\Partition2
18:14:03.0749 4620 \Device\Harddisk0\DR0\Partition2 - ok
18:14:03.0764 4620 Boot (0x1200) (874d4c4c4dfac4e921f869af7297fc4b) \Device\Harddisk0\DR0\Partition3
18:14:03.0764 4620 \Device\Harddisk0\DR0\Partition3 - ok
18:14:03.0764 4620 ============================================================
18:14:03.0764 4620 Scan finished
18:14:03.0764 4620 ============================================================
18:14:03.0780 3952 Detected object count: 0
18:14:03.0780 3952 Actual detected object count: 0

#10 phalange

phalange
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:07:46 PM

Posted 29 February 2012 - 09:32 PM

BSOD is no longer happening now! But where is that dang rootkit...?

#11 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,658 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:08:46 PM

Posted 29 February 2012 - 10:03 PM

Download the FixTDSS.exe

Save the file to your Windows desktop.
Close all running programs.
If you are running Windows XP, turn off System Restore. How to turn off or turn on Windows XP System Restore
Double-click the FixTDSS.exe file to start the removal tool.
Click Start to begin the process, and then allow the tool to run.
OK any security prompts.
Restart the computer when prompted by the tool.
After the computer has started, the tool will inform you of the state of infection (make sure to let me know what it said)
If you are running Windows XP, re-enable System Restore.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#12 phalange

phalange
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:07:46 PM

Posted 01 March 2012 - 01:26 AM

It said no infection was found

#13 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,658 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:08:46 PM

Posted 01 March 2012 - 11:29 AM

Any current issues?

Download Temp File Cleaner (TFC)
Double click on TFC.exe to run the program.
Click on Start button to begin cleaning process.
TFC will close all running programs, and it may ask you to restart computer.

=============================================================================

Please run a free online scan with the ESET Online Scanner

  • Disable your antivirus program
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • Accept any security warnings from your browser.
  • Check Scan archives
  • Click Start
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click on List of found threats
  • Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
    NOTE. If Eset doesn't find any threats it'll NOT produce any log.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users