Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Problems With Windows 7 PC


  • This topic is locked This topic is locked
11 replies to this topic

#1 Chris Jeffery

Chris Jeffery

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bexhill - United Kingdom
  • Local time:02:51 PM

Posted 04 March 2012 - 02:38 PM

Hello everyone - apart from my welcome topic this will be my first post here, so hopefully I've put it in the right place and hopefully somebody can help me to fix my computer issues.

First of all I would like to point out that I don't know a lot when it comes to computers, so I'm going to explain what happens in as much detail as possible in the hope that will lead to someone out there knowing what's going on. Please don't use any scary language or anything! I've completed my Bleeping Computer personal profile with regards to my computer's specification as much as I can - some things won't show up in dxdiag as I'm writing this via Safe Mode on my PC so I've been unable to include those but if you really need to know something I haven't included then let me know and I'll try and dig out the email from my supplier from a year ago to list the full specs for you. So, let me describe my problem to you right from when I turn the computer on...

So I turn it on, and everything loads up fine. Its running at the same speed it always does, and doesn't present me with any errors or anything like that, and I can start to use it as normal. But after 5 to 10 minutes (sometimes a little more, but mostly 5 to 10) it starts to do strange things. Here is a list of things that happen (or don't happen as the case may be!):

  • Google Chrome won't navigate to any pages. It gets stuck "waiting for cache" and won't navigate anywhere. But I can still press all the buttons and icons, and I can still enter addresses and search terms, it just won't go anywhere.
  • The programs I have running already will slowly freeze - not all at the same time, but as I try to do things with them they start to freeze one by one.
  • I can't start any new programs. I can click them on my taskbar, and the icons "light up" like the usually do when I start an application, but they never start and the icon just fades again.
  • My virus protection will open, but it won't scan any files. It won't open or scan anything even before the computer begins to freeze - starting a virus scan actually makes the computer freeze too.
  • Once the computer has gone into its weird stage, I can do CTRL + ALT + DEL, and click Task Manager. Although the icon appears next to the clock, the Task Manager window won't appear. Clicking the icon beside the clock does nothing.
  • If I try and shut down or restart the computer, I can click the buttons to do so, and the bluey screen appears telling me its logging off, windows is shutting down, etc, but the computer never actually gets past that stage. It just says its shutting down but never does, I have to force it to turn off by holding the button down.
  • The final thing I've noticed is that I can't print anything. If I try and print something from say, Microsoft Word, it will just freeze the program rather than printing anything.
So that's what's happening, and it makes the computer unusable so as you can understand I really want to get it sorted but I don't know what to do with it. I'd like to point out that everything seems to work fine in safe mode. Here are some things I have tried myself to try and see what's wrong, but I haven't really got anywhere:

  • I tried running a scan with my AntiVirus but it doesn't scan as I mentioned above, even in safe mode.
  • I ran a scan in safe mode using Malwarebytes, and that didn't find anything.
  • I did a Google Search for my problem and someone suggested doing a scan with something called "PrevX". In safe mode it found nothing, and in normal mode it got half way and stopped scanning. It was still working, I could see the "Duration of Scan" increasing so it wasn't frozen, but it just wouldn't scan any more files and eventually I had to end it.
  • I tried going back in System Restore, but the problem remained.
  • I ran a scan with HouseCall whilst in Safe Mode, but that found nothing.
So, I've explained my problem as best I can and I really hope someone is able to help me. Thanks very much in advance for your help. Another thing I would like to add is that 4 to 5 months ago I had the same problem with my PC, but after about 3 days everything worked again so I didn't think any more of it. Not sure if that helps anything, but thought I should add it just in case.

Edited by Chris Jeffery, 04 March 2012 - 03:25 PM.


BC AdBot (Login to Remove)

 


#2 sjn

sjn

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:09:51 AM

Posted 04 March 2012 - 03:19 PM

I had a simialar problem about 6 months ago. I was able to eventualy access my avg home page, and performed a rootkit scan. The scan revealed 10 rootkits on my computer, but was able to get rid of them all. The problem went with them, but unfortunately my windows office programe was wiped out. Fortunately I did not have anything important in these files

#3 Chris Jeffery

Chris Jeffery
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bexhill - United Kingdom
  • Local time:02:51 PM

Posted 04 March 2012 - 03:42 PM

Sounds like I might need to run a rootkit scan, but how do I do that?

Edited by Chris Jeffery, 04 March 2012 - 03:42 PM.


#4 sjn

sjn

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:09:51 AM

Posted 04 March 2012 - 04:02 PM

Hi Chris. Before I go any further, I must point out that I am not a computer expert! I can only speak from my own experience. I was able to access my avg homepage, only after I had gone through the tried and tested method of turning my computer off, and back on. I was using a laptop, so when I turned it off, I unplugged the mains lead, and disconnected the battery for a few minutes. After switching on I accessed avg which has a "scan options" section, in which I found the rootkit scanner. I dont know which anti virus programe you are using, but I'm sure it must contain a similar section. As I said, I can only offer advice, but I sincerely hope that it proves to be of some help to you. If not, then I hope a more knowledgeable person using this site may step up and offer further (better?) advice.
Best of luck....SJN

#5 Chris Jeffery

Chris Jeffery
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bexhill - United Kingdom
  • Local time:02:51 PM

Posted 04 March 2012 - 04:08 PM

Hi Chris. Before I go any further, I must point out that I am not a computer expert! I can only speak from my own experience. I was able to access my avg homepage, only after I had gone through the tried and tested method of turning my computer off, and back on. I was using a laptop, so when I turned it off, I unplugged the mains lead, and disconnected the battery for a few minutes. After switching on I accessed avg which has a "scan options" section, in which I found the rootkit scanner. I dont know which anti virus programe you are using, but I'm sure it must contain a similar section. As I said, I can only offer advice, but I sincerely hope that it proves to be of some help to you. If not, then I hope a more knowledgeable person using this site may step up and offer further (better?) advice.
Best of luck....SJN

Thanks for your message. I can't find it in my AntiVirus (plus I am having problems using it anyway) but I did a Google search and found an Anti-Rootkit program by Sophos - I'm going to run that in a minute then see what happens. I'll update the thread again afterwards. Thanks again for sharing your experiences.

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,440 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:51 AM

Posted 04 March 2012 - 05:28 PM

Hello Chris, I moved this from WIN 7 to the Am I Infected forum.

Lets look at some logs.

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log have a name like: TDSSKiller.Version_Date_Time_log.txt.



If TDSSKiller does not run, try renaming it. To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to these[/color] instructions. In some cases it may be necessary to redownload TDSSKiller and randomly rename it before downloading and saving to the computer.


Next run MBAM (MalwareBytes):

Please download Malwarebytes Anti-Malware Posted Image and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

-- Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, go to Start > All Programs > Malwarebytes Anti-Malware folder > Tools > click on [color=blue]Malwarebytes Chameleon
and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 Chris Jeffery

Chris Jeffery
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bexhill - United Kingdom
  • Local time:02:51 PM

Posted 05 March 2012 - 06:38 AM

Hello boopme, thanks for moving my thread to the right place and helping me out. Here's what I've done.

I ran MiniToolBox, and the results from Result.txt are quoted below:

MiniToolBox by Farbar Version: 18-01-2012
Ran by CJ (administrator) on 05-03-2012 at 11:20:50
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Nerwork
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)
Edimax EW-7612PIn Wireless PCI-Express Adapter = Wireless Network Connection (Hardware not present)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : CJ-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : home

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 1C-6F-65-93-23-B4
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::b491:b71f:bcc2:14a3%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.68(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : 05 March 2012 11:06:48
Lease Expires . . . . . . . . . . : 06 March 2012 11:06:47
Default Gateway . . . . . . . . . : 192.168.1.254
DHCP Server . . . . . . . . . . . : 192.168.1.254
DHCPv6 IAID . . . . . . . . . . . : 236744549
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-59-3D-25-1C-6F-65-93-23-B4
DNS Servers . . . . . . . . . . . : 192.168.1.254
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{10EBF827-203C-4FBC-8BF3-406672532385}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.home:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: api.home
Address: 192.168.1.254

Name: google.com
Addresses: 173.194.34.101
173.194.34.99
173.194.34.102
173.194.34.105
173.194.34.104
173.194.34.110
173.194.34.96
173.194.34.100
173.194.34.97
173.194.34.98
173.194.34.103


Pinging google.com [173.194.34.104] with 32 bytes of data:
Reply from 173.194.34.104: bytes=32 time=14ms TTL=52
Reply from 173.194.34.104: bytes=32 time=14ms TTL=52

Ping statistics for 173.194.34.104:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 14ms, Maximum = 14ms, Average = 14ms
Server: api.home
Address: 192.168.1.254

Name: yahoo.com
Addresses: 98.139.183.24
209.191.122.70
98.139.127.62


Pinging yahoo.com [98.139.127.62] with 32 bytes of data:
Reply from 98.139.127.62: bytes=32 time=448ms TTL=45
Reply from 98.139.127.62: bytes=32 time=496ms TTL=45

Ping statistics for 98.139.127.62:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 448ms, Maximum = 496ms, Average = 472ms
Server: api.home
Address: 192.168.1.254

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
11...1c 6f 65 93 23 b4 ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.68 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.68 276
192.168.1.68 255.255.255.255 On-link 192.168.1.68 276
192.168.1.255 255.255.255.255 On-link 192.168.1.68 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.68 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.68 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
11 276 fe80::/64 On-link
11 276 fe80::b491:b71f:bcc2:14a3/128
On-link
1 306 ff00::/8 On-link
11 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (03/05/2012 11:08:29 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/05/2012 11:05:22 AM) (Source: Application Error) (User: )
Description: Windows cannot access the file C:\Program Files\McAfee\VirusScan\DAT\6636.0\avvscan.dat for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program McAfee On-Access Scanner service because of this error.

Program: McAfee On-Access Scanner service
File: C:\Program Files\McAfee\VirusScan\DAT\6636.0\avvscan.dat

The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
- It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
- It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.

Additional Data
Error value: C000009C
Disk type: 3

Error: (03/05/2012 11:05:22 AM) (Source: Application Error) (User: )
Description: Faulting application name: mcshield.exe, version: 14.4.0.380, time stamp: 0x4e937d9d
Faulting module name: msvcrt.dll, version: 7.0.7601.17744, time stamp: 0x4eeb033f
Exception code: 0xc0000006
Fault offset: 0x00000000000011be
Faulting process id: 0xb58
Faulting application start time: 0xmcshield.exe0
Faulting application path: mcshield.exe1
Faulting module path: mcshield.exe2
Report Id: mcshield.exe3

Error: (03/05/2012 11:05:21 AM) (Source: McLogEvent) (User: SYSTEM)SYSTEM
Description: Exception in McShield.Exe!

Exception details follow :

VSCORE.14.4.0.380
Exception Code : 0X00000000C0000006
Exception Address : 0X000007FEFDA811BE
Exception Parameters : 3
Param 1 = 0000000000000000
Param 2 = 0X0000000016BC0000
Param 3 = 0X00000000C000009C

More information :

Error: (03/05/2012 11:03:46 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/05/2012 10:56:16 AM) (Source: Application Error) (User: )
Description: Windows cannot access the file C:\Program Files\McAfee\VirusScan\DAT\6636.0\avvscan.dat for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program McAfee On-Access Scanner service because of this error.

Program: McAfee On-Access Scanner service
File: C:\Program Files\McAfee\VirusScan\DAT\6636.0\avvscan.dat

The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
- It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
- It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.

Additional Data
Error value: C000009C
Disk type: 3

Error: (03/05/2012 10:56:16 AM) (Source: Application Error) (User: )
Description: Faulting application name: mcshield.exe, version: 14.4.0.380, time stamp: 0x4e937d9d
Faulting module name: msvcrt.dll, version: 7.0.7601.17744, time stamp: 0x4eeb033f
Exception code: 0xc0000006
Fault offset: 0x00000000000011be
Faulting process id: 0xe4
Faulting application start time: 0xmcshield.exe0
Faulting application path: mcshield.exe1
Faulting module path: mcshield.exe2
Report Id: mcshield.exe3

Error: (03/05/2012 10:56:14 AM) (Source: McLogEvent) (User: SYSTEM)SYSTEM
Description: Exception in McShield.Exe!

Exception details follow :

VSCORE.14.4.0.380
Exception Code : 0X00000000C0000006
Exception Address : 0X000007FEFFB811BE
Exception Parameters : 3
Param 1 = 0000000000000000
Param 2 = 0X0000000016BC0000
Param 3 = 0X00000000C000009C

More information :

Error: (03/05/2012 10:53:01 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/04/2012 10:25:58 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (03/05/2012 11:16:14 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (03/05/2012 11:16:14 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (03/05/2012 11:16:14 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (03/05/2012 11:14:06 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (03/05/2012 11:14:06 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (03/05/2012 11:14:06 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (03/05/2012 11:10:53 AM) (Source: DCOM) (User: )
Description: 1084McNaiAnn{DC7EF8E1-824F-4110-AB43-1604DA9B4F40}

Error: (03/05/2012 11:09:06 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (03/05/2012 11:09:06 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (03/05/2012 11:09:06 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068


Microsoft Office Sessions:
=========================
Error: (03/05/2012 11:08:29 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/05/2012 11:05:22 AM) (Source: Application Error)(User: )
Description: C:\Program Files\McAfee\VirusScan\DAT\6636.0\avvscan.datMcAfee On-Access Scanner serviceC000009C3

Error: (03/05/2012 11:05:22 AM) (Source: Application Error)(User: )
Description: mcshield.exe14.4.0.3804e937d9dmsvcrt.dll7.0.7601.177444eeb033fc000000600000000000011beb5801ccfabf6aef5298C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exeC:\Windows\system32\msvcrt.dll1994309c-66b3-11e1-9b45-1c6f659323b4

Error: (03/05/2012 11:05:21 AM) (Source: McLogEvent)(User: SYSTEM)SYSTEM
Description: VSCORE.14.4.0.380
Exception Code : 0X00000000C0000006
Exception Address : 0X000007FEFDA811BE
Exception Parameters : 3
Param 1 = 0000000000000000
Param 2 = 0X0000000016BC0000
Param 3 = 0X00000000C000009C

More information :

Error: (03/05/2012 11:03:46 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/05/2012 10:56:16 AM) (Source: Application Error)(User: )
Description: C:\Program Files\McAfee\VirusScan\DAT\6636.0\avvscan.datMcAfee On-Access Scanner serviceC000009C3

Error: (03/05/2012 10:56:16 AM) (Source: Application Error)(User: )
Description: mcshield.exe14.4.0.3804e937d9dmsvcrt.dll7.0.7601.177444eeb033fc000000600000000000011bee401ccfabe0684c7d4C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exeC:\Windows\system32\msvcrt.dlld4695f85-66b1-11e1-825c-1c6f659323b4

Error: (03/05/2012 10:56:14 AM) (Source: McLogEvent)(User: SYSTEM)SYSTEM
Description: VSCORE.14.4.0.380
Exception Code : 0X00000000C0000006
Exception Address : 0X000007FEFFB811BE
Exception Parameters : 3
Param 1 = 0000000000000000
Param 2 = 0X0000000016BC0000
Param 3 = 0X00000000C000009C

More information :

Error: (03/05/2012 10:53:01 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/04/2012 10:25:58 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


=========================== Installed Programs ============================

Adobe AIR (Version: 3.1.0.4880)
Adobe Flash Player 10 ActiveX (Version: 10.3.183.5)
Apple Application Support (Version: 2.1.6)
Apple Mobile Device Support (Version: 4.0.0.97)
Apple Software Update (Version: 2.1.3.127)
µTorrent (Version: 3.0.0)
Audacity 1.3.13 (Unicode)
Audiosurf
Baby Luv
Bonjour (Version: 3.0.0.10)
BT NetProtect Plus (Version: 11.0.654)
Canon MP Navigator EX 1.0
Canon MP210 series
Canon MP210 series User Registration
Canon Utilities Solution Menu
CDDRV_Installer (Version: 4.60)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
Creative Audio Control Panel (Version: 2.56)
Creative Software AutoUpdate (Version: 1.40)
Creative Sound Blaster Properties x64 Edition
Crystal Reports for Visual Studio (Version: 12.51.0.240)
CyberLink PowerDirector (Version: 9.0.0.2701)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dotfuscator Software Services - Community Edition (Version: 5.0.2300.0)
DVDx 4.0 (Version: 4.0)
Edimax EW-7612PIn Wireless LAN Driver and Utility (Version: 1.00.0148)
erLT (Version: 1.20.0137)
erLT (Version: 1.20.137.31)
FileZilla Client 3.5.3 (Version: 3.5.3)
Foxit Reader (Version: 4.3.1.323)
Free Studio version 5.1.6
Google Chrome (Version: 17.0.963.56)
Google Earth Plug-in (Version: 6.2.1.6014)
Google Update Helper (Version: 1.3.21.99)
iTunes (Version: 10.5.3.3)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 25 (64-bit) (Version: 6.0.250)
Java™ 6 Update 29 (Version: 6.0.290)
K-Lite Codec Pack 7.1.0 (Full) (Version: 7.1.0)
KhalInstallWrapper (Version: 2.00.0000)
LAME v3.98.3 for Audacity
Logitech SetPoint (Version: 4.80)
Malwarebytes' Anti-Malware version 1.51.2.1300 (Version: 1.51.2.1300)
ManyCam 2.6.43 (remove only) (Version: 2.6.43)
Messenger Plus! 5 (Version: 5.11.0.759)
Messenger Plus! for Skype (Version: 0.7.0.75)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Multi-Targeting Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools (Version: 2.0.50217.0)
Microsoft ASP.NET MVC 2 (Version: 2.0.50217.0)
Microsoft Help Viewer 1.0 (Version: 1.0.30319)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 4.1.10111.0)
Microsoft Silverlight 3 SDK (Version: 3.0.40818.0)
Microsoft SQL Server 2008 (64-bit)
Microsoft SQL Server 2008 Browser (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Common Files (Version: 10.0.1600.22)
Microsoft SQL Server 2008 Common Files (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Database Engine Services (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Database Engine Shared (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Native Client (Version: 10.1.2531.0)
Microsoft SQL Server 2008 R2 Data-Tier Application Framework (Version: 10.50.1447.4)
Microsoft SQL Server 2008 R2 Data-Tier Application Project (Version: 10.50.1447.4)
Microsoft SQL Server 2008 R2 Management Objects (Version: 10.50.1447.4)
Microsoft SQL Server 2008 R2 Management Objects (x64) (Version: 10.50.1447.4)
Microsoft SQL Server 2008 R2 Transact-SQL Language Service (Version: 10.50.1447.4)
Microsoft SQL Server 2008 RsFx Driver (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Setup Support Files (Version: 10.1.2731.0)
Microsoft SQL Server Compact 3.5 SP2 ENU (Version: 3.5.8080.0)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (Version: 3.5.8080.0)
Microsoft SQL Server Database Publishing Wizard 1.4 (Version: 10.1.2512.8)
Microsoft SQL Server System CLR Types (Version: 10.50.1447.4)
Microsoft SQL Server System CLR Types (x64) (Version: 10.50.1447.4)
Microsoft SQL Server VSS Writer (Version: 10.1.2531.0)
Microsoft Sync Framework Runtime v1.0 SP1 (x64) (Version: 1.0.3010.0)
Microsoft Sync Framework SDK v1.0 SP1 (Version: 1.0.3010.0)
Microsoft Sync Framework Services v1.0 SP1 (x64) (Version: 1.0.3010.0)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) (Version: 2.0.3010.0)
Microsoft Team Foundation Server 2010 Object Model - ENU (Version: 10.0.30319)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (Version: 9.0.30729.4974)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Designtime - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual F# 2.0 Runtime (Version: 10.0.30319)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (Version: 10.0.30319)
Microsoft Visual Studio 2010 IntelliTrace Collection (x64) (Version: 10.0.30319)
Microsoft Visual Studio 2010 Office Developer Tools (x64) (Version: 10.0.30319)
Microsoft Visual Studio 2010 Performance Collection Tools - ENU (Version: 10.0.30319)
Microsoft Visual Studio 2010 SharePoint Developer Tools (Version: 10.0.30319)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.31119)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.31124)
Microsoft Visual Studio 2010 Ultimate - ENU (Version: 10.0.30319)
Microsoft Visual Studio Macro Tools (Version: 9.0.30729)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NEC Electronics USB 3.0 Host Controller Driver (Version: 1.0.18.0)
neroxml (Version: 1.0.0)
Norton Safe Web Lite (Version: 1.2.0.6)
Notepad++ (Version: 5.9)
NVIDIA Display Control Panel (Version: 6.14.12.5896)
NVIDIA Drivers (Version: 1.10.62.40)
NVIDIA PhysX (Version: 9.10.0513)
OMSI - Der Omnibussimulator (Version: 1.00)
Paint.NET v3.5.10 (Version: 3.60.0)
PIXresizer (Version: 2.0.5)
PrimoPDF -- brought to you by Nitro PDF Software (Version: 5)
PVSonyDll (Version: 1.00.0001)
QuickTime (Version: 7.71.80.42)
RailWorks 2
Realtek Ethernet Controller Driver For Windows 7 (Version: 7.17.304.2010)
Realtek High Definition Audio Driver (Version: 6.0.1.6363)
Service Pack 1 for SQL Server 2008 (KB968369) (64-bit) (Version: 10.1.2531.0)
SimSig Brighton V2.226.3
SimSig Drain V2.202
SimSig Exeter V2.201
SimSig Oxted V2.227.0.1
SimSig V2.223.1
SimSig Waterloo V2.202
Skype™ 5.5 (Version: 5.5.124)
Sophos Anti-Rootkit 1.5.20 (Version: 1.5.20)
Sql Server Customer Experience Improvement Program (Version: 10.1.2531.0)
Steam (Version: 1.0.0.0)
TeamViewer 6 (Version: 6.0.10511)
The Sims™ 2
Trainz: Engineer's Edition
TrueCrypt (Version: 7.0a)
TweetDeck (Version: 1.0.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft Excel 2010 (KB2553439) 32-Bit Edition
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553323) 32-Bit Edition
Update for Microsoft Outlook Social Connector (KB2583935)
Visual Studio 2010 Prerequisites - English (Version: 10.0.30319)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (Version: 4.0.8080.0)
Web Deployment Tool (Version: 1.1.0618)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3538.0513)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
WinRAR 4.00 (64-bit) (Version: 4.00.0)
WinZip 15.5 (Version: 15.5.9579)

========================= Memory info: ===================================

Percentage of memory in use: 9%
Total physical RAM: 12286.43 MB
Available physical RAM: 11103.75 MB
Total Pagefile: 24571.05 MB
Available Pagefile: 23365.93 MB
Total Virtual: 4095.88 MB
Available Virtual: 3970.64 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:931.41 GB) (Free:790.24 GB) NTFS

========================= Users: ========================================

User accounts for \\CJ-PC

Administrator CJ Guest


**** End of log ****


I ran TDSSKiller, and the results are quoted below from TDSSKiller.2.7.19.0_05.03.2012_11.25.38_log.txt:

11:25:38.0696 1132 TDSS rootkit removing tool 2.7.19.0 Mar 5 2012 11:23:39
11:25:38.0805 1132 ============================================================
11:25:38.0805 1132 Current date / time: 2012/03/05 11:25:38.0805
11:25:38.0805 1132 SystemInfo:
11:25:38.0805 1132
11:25:38.0805 1132 OS Version: 6.1.7601 ServicePack: 1.0
11:25:38.0805 1132 Product type: Workstation
11:25:38.0805 1132 ComputerName: CJ-PC
11:25:38.0805 1132 UserName: CJ
11:25:38.0805 1132 Windows directory: C:\Windows
11:25:38.0805 1132 System windows directory: C:\Windows
11:25:38.0805 1132 Running under WOW64
11:25:38.0805 1132 Processor architecture: Intel x64
11:25:38.0805 1132 Number of processors: 8
11:25:38.0805 1132 Page size: 0x1000
11:25:38.0805 1132 Boot type: Safe boot with network
11:25:38.0805 1132 ============================================================
11:25:39.0757 1132 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1F8B1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
11:25:39.0757 1132 \Device\Harddisk0\DR0:
11:25:39.0804 1132 MBR used
11:25:39.0804 1132 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
11:25:39.0804 1132 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3800
11:25:39.0835 1132 Initialize success
11:25:39.0835 1132 ============================================================
11:25:54.0577 0680 ============================================================
11:25:54.0577 0680 Scan started
11:25:54.0577 0680 Mode: Manual;
11:25:54.0577 0680 ============================================================
11:25:55.0029 0680 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
11:25:55.0029 0680 1394ohci - ok
11:25:55.0045 0680 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
11:25:55.0045 0680 ACPI - ok
11:25:55.0061 0680 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
11:25:55.0076 0680 AcpiPmi - ok
11:25:55.0123 0680 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
11:25:55.0139 0680 adp94xx - ok
11:25:55.0154 0680 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
11:25:55.0154 0680 adpahci - ok
11:25:55.0185 0680 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
11:25:55.0185 0680 adpu320 - ok
11:25:55.0232 0680 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
11:25:55.0232 0680 AFD - ok
11:25:55.0263 0680 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
11:25:55.0263 0680 agp440 - ok
11:25:55.0279 0680 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
11:25:55.0279 0680 aliide - ok
11:25:55.0295 0680 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
11:25:55.0295 0680 amdide - ok
11:25:55.0295 0680 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
11:25:55.0295 0680 AmdK8 - ok
11:25:55.0295 0680 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
11:25:55.0295 0680 AmdPPM - ok
11:25:55.0326 0680 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
11:25:55.0326 0680 amdsata - ok
11:25:55.0341 0680 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
11:25:55.0341 0680 amdsbs - ok
11:25:55.0373 0680 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
11:25:55.0373 0680 amdxata - ok
11:25:55.0388 0680 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
11:25:55.0388 0680 AppID - ok
11:25:55.0466 0680 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
11:25:55.0466 0680 arc - ok
11:25:55.0497 0680 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
11:25:55.0497 0680 arcsas - ok
11:25:55.0529 0680 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
11:25:55.0529 0680 AsyncMac - ok
11:25:55.0560 0680 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
11:25:55.0560 0680 atapi - ok
11:25:55.0607 0680 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
11:25:55.0607 0680 b06bdrv - ok
11:25:55.0638 0680 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
11:25:55.0638 0680 b57nd60a - ok
11:25:55.0653 0680 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
11:25:55.0653 0680 Beep - ok
11:25:55.0700 0680 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
11:25:55.0700 0680 blbdrive - ok
11:25:55.0763 0680 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
11:25:55.0763 0680 bowser - ok
11:25:55.0763 0680 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
11:25:55.0763 0680 BrFiltLo - ok
11:25:55.0794 0680 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
11:25:55.0794 0680 BrFiltUp - ok
11:25:55.0809 0680 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
11:25:55.0809 0680 BridgeMP - ok
11:25:55.0841 0680 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
11:25:55.0856 0680 Brserid - ok
11:25:55.0856 0680 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
11:25:55.0856 0680 BrSerWdm - ok
11:25:55.0856 0680 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
11:25:55.0856 0680 BrUsbMdm - ok
11:25:55.0887 0680 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
11:25:55.0887 0680 BrUsbSer - ok
11:25:55.0934 0680 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
11:25:55.0934 0680 BTHMODEM - ok
11:25:55.0950 0680 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
11:25:55.0950 0680 cdfs - ok
11:25:55.0981 0680 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
11:25:55.0997 0680 cdrom - ok
11:25:56.0075 0680 cfwids (ed0263b2eb24f0f4e3898036fa1d28a1) C:\Windows\system32\drivers\cfwids.sys
11:25:56.0075 0680 cfwids - ok
11:25:56.0106 0680 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
11:25:56.0106 0680 circlass - ok
11:25:56.0137 0680 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
11:25:56.0153 0680 CLFS - ok
11:25:56.0215 0680 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
11:25:56.0215 0680 CmBatt - ok
11:25:56.0231 0680 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
11:25:56.0231 0680 cmdide - ok
11:25:56.0277 0680 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
11:25:56.0277 0680 CNG - ok
11:25:56.0293 0680 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
11:25:56.0293 0680 Compbatt - ok
11:25:56.0293 0680 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
11:25:56.0293 0680 CompositeBus - ok
11:25:56.0324 0680 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
11:25:56.0324 0680 crcdisk - ok
11:25:56.0371 0680 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
11:25:56.0371 0680 DfsC - ok
11:25:56.0402 0680 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
11:25:56.0402 0680 discache - ok
11:25:56.0449 0680 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
11:25:56.0449 0680 Disk - ok
11:25:56.0480 0680 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
11:25:56.0480 0680 drmkaud - ok
11:25:56.0511 0680 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
11:25:56.0511 0680 DXGKrnl - ok
11:25:56.0574 0680 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
11:25:56.0605 0680 ebdrv - ok
11:25:56.0652 0680 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
11:25:56.0652 0680 elxstor - ok
11:25:56.0667 0680 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
11:25:56.0667 0680 ErrDev - ok
11:25:56.0683 0680 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
11:25:56.0683 0680 exfat - ok
11:25:56.0714 0680 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
11:25:56.0714 0680 fastfat - ok
11:25:56.0761 0680 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
11:25:56.0761 0680 fdc - ok
11:25:56.0808 0680 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
11:25:56.0808 0680 FileInfo - ok
11:25:56.0823 0680 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
11:25:56.0823 0680 Filetrace - ok
11:25:56.0839 0680 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
11:25:56.0839 0680 flpydisk - ok
11:25:56.0855 0680 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
11:25:56.0855 0680 FltMgr - ok
11:25:56.0870 0680 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
11:25:56.0870 0680 FsDepends - ok
11:25:56.0886 0680 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
11:25:56.0886 0680 Fs_Rec - ok
11:25:56.0901 0680 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
11:25:56.0901 0680 fvevol - ok
11:25:56.0917 0680 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
11:25:56.0917 0680 gagp30kx - ok
11:25:56.0948 0680 gdrv - ok
11:25:56.0979 0680 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
11:25:56.0979 0680 GEARAspiWDM - ok
11:25:57.0042 0680 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
11:25:57.0042 0680 hcw85cir - ok
11:25:57.0073 0680 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
11:25:57.0073 0680 HdAudAddService - ok
11:25:57.0120 0680 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
11:25:57.0120 0680 HDAudBus - ok
11:25:57.0120 0680 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
11:25:57.0120 0680 HidBatt - ok
11:25:57.0135 0680 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
11:25:57.0135 0680 HidBth - ok
11:25:57.0151 0680 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
11:25:57.0151 0680 HidIr - ok
11:25:57.0198 0680 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
11:25:57.0198 0680 HidUsb - ok
11:25:57.0213 0680 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
11:25:57.0213 0680 HpSAMD - ok
11:25:57.0245 0680 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
11:25:57.0245 0680 HTTP - ok
11:25:57.0260 0680 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
11:25:57.0276 0680 hwpolicy - ok
11:25:57.0323 0680 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
11:25:57.0323 0680 i8042prt - ok
11:25:57.0369 0680 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
11:25:57.0385 0680 iaStorV - ok
11:25:57.0401 0680 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
11:25:57.0401 0680 iirsp - ok
11:25:57.0494 0680 IntcAzAudAddService (26407a11d7e222afb7ce32700abbd9d1) C:\Windows\system32\drivers\RTKVHD64.sys
11:25:57.0510 0680 IntcAzAudAddService - ok
11:25:57.0525 0680 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
11:25:57.0525 0680 intelide - ok
11:25:57.0588 0680 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
11:25:57.0588 0680 intelppm - ok
11:25:57.0603 0680 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:25:57.0603 0680 IpFilterDriver - ok
11:25:57.0603 0680 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
11:25:57.0603 0680 IPMIDRV - ok
11:25:57.0619 0680 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
11:25:57.0619 0680 IPNAT - ok
11:25:57.0666 0680 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
11:25:57.0666 0680 IRENUM - ok
11:25:57.0681 0680 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
11:25:57.0681 0680 isapnp - ok
11:25:57.0697 0680 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
11:25:57.0697 0680 iScsiPrt - ok
11:25:57.0728 0680 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
11:25:57.0728 0680 kbdclass - ok
11:25:57.0744 0680 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
11:25:57.0744 0680 kbdhid - ok
11:25:57.0775 0680 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
11:25:57.0775 0680 KSecDD - ok
11:25:57.0806 0680 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
11:25:57.0806 0680 KSecPkg - ok
11:25:57.0822 0680 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
11:25:57.0822 0680 ksthunk - ok
11:25:57.0900 0680 LEqdUsb (becbd7cd46776b8739ee18061f45a581) C:\Windows\system32\DRIVERS\LEqdUsb.Sys
11:25:57.0900 0680 LEqdUsb - ok
11:25:57.0931 0680 LHidEqd (21d6bd7d62c270059eb8e2b1d4095880) C:\Windows\system32\DRIVERS\LHidEqd.Sys
11:25:57.0931 0680 LHidEqd - ok
11:25:57.0978 0680 LHidFilt (b6552d382ff070b4ed34cbd6737277c0) C:\Windows\system32\DRIVERS\LHidFilt.Sys
11:25:57.0978 0680 LHidFilt - ok
11:25:57.0993 0680 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
11:25:57.0993 0680 lltdio - ok
11:25:58.0025 0680 LMouFilt (73c1f563ab73d459dffe682d66476558) C:\Windows\system32\DRIVERS\LMouFilt.Sys
11:25:58.0025 0680 LMouFilt - ok
11:25:58.0071 0680 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
11:25:58.0071 0680 LSI_FC - ok
11:25:58.0087 0680 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
11:25:58.0087 0680 LSI_SAS - ok
11:25:58.0118 0680 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
11:25:58.0118 0680 LSI_SAS2 - ok
11:25:58.0134 0680 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
11:25:58.0134 0680 LSI_SCSI - ok
11:25:58.0165 0680 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
11:25:58.0165 0680 luafv - ok
11:25:58.0181 0680 LUsbFilt (9d9714e78eac9e5368208649489c920e) C:\Windows\system32\Drivers\LUsbFilt.Sys
11:25:58.0181 0680 LUsbFilt - ok
11:25:58.0243 0680 lvpepf64 (07389f6925e490d2db7882110e99921c) C:\Windows\system32\DRIVERS\lv302a64.sys
11:25:58.0243 0680 lvpepf64 - ok
11:25:58.0259 0680 LVRS64 (7f0ba3a6e8996f15693c6b7d81da049e) C:\Windows\system32\DRIVERS\lvrs64.sys
11:25:58.0274 0680 LVRS64 - ok
11:25:58.0321 0680 LVUSBS64 (5c3ff68267a5d242ee79ee01b993d6ce) C:\Windows\system32\drivers\LVUSBS64.sys
11:25:58.0321 0680 LVUSBS64 - ok
11:25:58.0383 0680 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
11:25:58.0383 0680 megasas - ok
11:25:58.0399 0680 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
11:25:58.0399 0680 MegaSR - ok
11:25:58.0461 0680 MEMSWEEP2 (f9ce67e9e0226079b59107b649851f96) C:\Windows\system32\1DCD.tmp
11:25:58.0461 0680 MEMSWEEP2 - ok
11:25:58.0477 0680 mfeapfk (ef3acfb7e3f82d5f7cde9ef5f0a4e2e2) C:\Windows\system32\drivers\mfeapfk.sys
11:25:58.0493 0680 mfeapfk - ok
11:25:58.0524 0680 mfeavfk (e7a60bdb4365b561d896019b82fb7dd0) C:\Windows\system32\drivers\mfeavfk.sys
11:25:58.0524 0680 mfeavfk - ok
11:25:58.0571 0680 mfefirek (670dffe55e2f9ab99d9169c428bcece9) C:\Windows\system32\drivers\mfefirek.sys
11:25:58.0571 0680 mfefirek - ok
11:25:58.0617 0680 mfehidk (1892616b7f9291fd77c3fa0a5811fe9f) C:\Windows\system32\drivers\mfehidk.sys
11:25:58.0617 0680 mfehidk - ok
11:25:58.0633 0680 mfenlfk (1721261c77f6e7a9e0cb51b7d9f31b60) C:\Windows\system32\DRIVERS\mfenlfk.sys
11:25:58.0633 0680 mfenlfk - ok
11:25:58.0649 0680 mferkdet (65776bd8029e409935b90de30bf99526) C:\Windows\system32\drivers\mferkdet.sys
11:25:58.0649 0680 mferkdet - ok
11:25:58.0695 0680 mfewfpk (4f17d8b85b903d96ef7033bb6ef50516) C:\Windows\system32\drivers\mfewfpk.sys
11:25:58.0695 0680 mfewfpk - ok
11:25:58.0695 0680 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
11:25:58.0695 0680 Modem - ok
11:25:58.0742 0680 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
11:25:58.0742 0680 monitor - ok
11:25:58.0773 0680 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
11:25:58.0773 0680 mouclass - ok
11:25:58.0820 0680 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
11:25:58.0820 0680 mouhid - ok
11:25:58.0836 0680 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
11:25:58.0836 0680 mountmgr - ok
11:25:58.0851 0680 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
11:25:58.0867 0680 mpio - ok
11:25:58.0867 0680 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
11:25:58.0867 0680 mpsdrv - ok
11:25:58.0898 0680 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
11:25:58.0898 0680 MRxDAV - ok
11:25:58.0929 0680 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
11:25:58.0929 0680 mrxsmb - ok
11:25:58.0976 0680 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:25:58.0976 0680 mrxsmb10 - ok
11:25:58.0992 0680 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:25:58.0992 0680 mrxsmb20 - ok
11:25:59.0007 0680 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
11:25:59.0007 0680 msahci - ok
11:25:59.0023 0680 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
11:25:59.0023 0680 msdsm - ok
11:25:59.0054 0680 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
11:25:59.0054 0680 Msfs - ok
11:25:59.0085 0680 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
11:25:59.0085 0680 mshidkmdf - ok
11:25:59.0101 0680 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
11:25:59.0101 0680 msisadrv - ok
11:25:59.0148 0680 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
11:25:59.0148 0680 MSKSSRV - ok
11:25:59.0179 0680 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
11:25:59.0179 0680 MSPCLOCK - ok
11:25:59.0210 0680 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
11:25:59.0210 0680 MSPQM - ok
11:25:59.0226 0680 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
11:25:59.0226 0680 MsRPC - ok
11:25:59.0241 0680 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
11:25:59.0241 0680 mssmbios - ok
11:25:59.0304 0680 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
11:25:59.0304 0680 MSTEE - ok
11:25:59.0319 0680 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
11:25:59.0319 0680 MTConfig - ok
11:25:59.0335 0680 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
11:25:59.0335 0680 Mup - ok
11:25:59.0351 0680 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
11:25:59.0351 0680 NativeWifiP - ok
11:25:59.0413 0680 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
11:25:59.0413 0680 NDIS - ok
11:25:59.0444 0680 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
11:25:59.0444 0680 NdisCap - ok
11:25:59.0475 0680 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
11:25:59.0475 0680 NdisTapi - ok
11:25:59.0538 0680 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
11:25:59.0538 0680 Ndisuio - ok
11:25:59.0553 0680 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
11:25:59.0553 0680 NdisWan - ok
11:25:59.0569 0680 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
11:25:59.0569 0680 NDProxy - ok
11:25:59.0569 0680 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
11:25:59.0569 0680 NetBIOS - ok
11:25:59.0600 0680 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
11:25:59.0600 0680 NetBT - ok
11:25:59.0694 0680 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
11:25:59.0694 0680 nfrd960 - ok
11:25:59.0709 0680 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
11:25:59.0709 0680 Npfs - ok
11:25:59.0725 0680 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
11:25:59.0725 0680 nsiproxy - ok
11:25:59.0787 0680 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
11:25:59.0803 0680 Ntfs - ok
11:25:59.0819 0680 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
11:25:59.0819 0680 Null - ok
11:25:59.0865 0680 nusb3hub (785298579b5f9b4032152dfbb992fdb6) C:\Windows\system32\DRIVERS\nusb3hub.sys
11:25:59.0881 0680 nusb3hub - ok
11:25:59.0928 0680 nusb3xhc (df2750481b4964814467c974f2b0eef1) C:\Windows\system32\DRIVERS\nusb3xhc.sys
11:25:59.0928 0680 nusb3xhc - ok
11:26:00.0084 0680 nvlddmkm (e55cab397f77d5208db18a78b1b7c0d5) C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:26:00.0177 0680 nvlddmkm - ok
11:26:00.0209 0680 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
11:26:00.0209 0680 nvraid - ok
11:26:00.0224 0680 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
11:26:00.0224 0680 nvstor - ok
11:26:00.0240 0680 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
11:26:00.0240 0680 nv_agp - ok
11:26:00.0255 0680 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
11:26:00.0255 0680 ohci1394 - ok
11:26:00.0333 0680 P17 (edd1dcd36f6115acc6935c3f88ff54d7) C:\Windows\system32\drivers\P17.sys
11:26:00.0349 0680 P17 - ok
11:26:00.0365 0680 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
11:26:00.0365 0680 Parport - ok
11:26:00.0380 0680 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
11:26:00.0380 0680 partmgr - ok
11:26:00.0396 0680 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
11:26:00.0396 0680 pci - ok
11:26:00.0427 0680 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
11:26:00.0427 0680 pciide - ok
11:26:00.0443 0680 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
11:26:00.0443 0680 pcmcia - ok
11:26:00.0458 0680 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
11:26:00.0458 0680 pcw - ok
11:26:00.0489 0680 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
11:26:00.0505 0680 PEAUTH - ok
11:26:00.0583 0680 PID_PEPI (087a343dfc337f37723dd7912de6b6cd) C:\Windows\system32\DRIVERS\LV302V64.SYS
11:26:00.0599 0680 PID_PEPI - ok
11:26:00.0661 0680 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
11:26:00.0661 0680 PptpMiniport - ok
11:26:00.0677 0680 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
11:26:00.0677 0680 Processor - ok
11:26:00.0739 0680 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
11:26:00.0739 0680 Psched - ok
11:26:00.0770 0680 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
11:26:00.0786 0680 ql2300 - ok
11:26:00.0801 0680 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
11:26:00.0817 0680 ql40xx - ok
11:26:00.0833 0680 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
11:26:00.0833 0680 QWAVEdrv - ok
11:26:00.0833 0680 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
11:26:00.0848 0680 RasAcd - ok
11:26:00.0864 0680 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
11:26:00.0864 0680 RasAgileVpn - ok
11:26:00.0879 0680 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
11:26:00.0895 0680 Rasl2tp - ok
11:26:00.0911 0680 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
11:26:00.0911 0680 RasPppoe - ok
11:26:00.0926 0680 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
11:26:00.0926 0680 RasSstp - ok
11:26:00.0942 0680 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
11:26:00.0942 0680 rdbss - ok
11:26:00.0973 0680 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
11:26:00.0973 0680 rdpbus - ok
11:26:00.0973 0680 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
11:26:00.0973 0680 RDPCDD - ok
11:26:00.0989 0680 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
11:26:00.0989 0680 RDPENCDD - ok
11:26:01.0004 0680 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
11:26:01.0004 0680 RDPREFMP - ok
11:26:01.0035 0680 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
11:26:01.0035 0680 RDPWD - ok
11:26:01.0051 0680 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
11:26:01.0051 0680 rdyboost - ok
11:26:01.0129 0680 RsFx0103 (cd553b8633466a6d1c115812f2619f1f) C:\Windows\system32\DRIVERS\RsFx0103.sys
11:26:01.0129 0680 RsFx0103 - ok
11:26:01.0160 0680 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
11:26:01.0160 0680 rspndr - ok
11:26:01.0207 0680 RTL8167 (7ea8d2eb9bbfd2ab8a3117a1e96d3b3a) C:\Windows\system32\DRIVERS\Rt64win7.sys
11:26:01.0223 0680 RTL8167 - ok
11:26:01.0254 0680 rtl8192se (8e843c0340c30994161c10fba87eea18) C:\Windows\system32\DRIVERS\rtl8192se.sys
11:26:01.0254 0680 rtl8192se - ok
11:26:01.0347 0680 SASDIFSV - ok
11:26:01.0347 0680 SASKUTIL - ok
11:26:01.0379 0680 SAVRKBootTasks - ok
11:26:01.0394 0680 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
11:26:01.0394 0680 sbp2port - ok
11:26:01.0425 0680 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
11:26:01.0425 0680 scfilter - ok
11:26:01.0441 0680 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
11:26:01.0441 0680 secdrv - ok
11:26:01.0457 0680 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
11:26:01.0457 0680 Serenum - ok
11:26:01.0488 0680 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
11:26:01.0488 0680 Serial - ok
11:26:01.0503 0680 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
11:26:01.0503 0680 sermouse - ok
11:26:01.0519 0680 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
11:26:01.0519 0680 sffdisk - ok
11:26:01.0519 0680 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
11:26:01.0519 0680 sffp_mmc - ok
11:26:01.0535 0680 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
11:26:01.0535 0680 sffp_sd - ok
11:26:01.0535 0680 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
11:26:01.0535 0680 sfloppy - ok
11:26:01.0566 0680 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
11:26:01.0566 0680 SiSRaid2 - ok
11:26:01.0581 0680 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
11:26:01.0581 0680 SiSRaid4 - ok
11:26:01.0628 0680 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
11:26:01.0628 0680 Smb - ok
11:26:01.0675 0680 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
11:26:01.0675 0680 spldr - ok
11:26:01.0753 0680 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
11:26:01.0753 0680 srv - ok
11:26:01.0769 0680 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
11:26:01.0784 0680 srv2 - ok
11:26:01.0815 0680 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
11:26:01.0815 0680 srvnet - ok
11:26:01.0847 0680 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
11:26:01.0847 0680 stexstor - ok
11:26:01.0893 0680 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
11:26:01.0893 0680 swenum - ok
11:26:01.0940 0680 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
11:26:01.0956 0680 Tcpip - ok
11:26:01.0971 0680 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
11:26:01.0987 0680 TCPIP6 - ok
11:26:02.0018 0680 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
11:26:02.0018 0680 tcpipreg - ok
11:26:02.0018 0680 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
11:26:02.0018 0680 TDPIPE - ok
11:26:02.0049 0680 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
11:26:02.0049 0680 TDTCP - ok
11:26:02.0096 0680 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
11:26:02.0096 0680 tdx - ok
11:26:02.0127 0680 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
11:26:02.0127 0680 TermDD - ok
11:26:02.0237 0680 truecrypt (ea43de1743c1ba0d2d17b8db90c91d88) C:\Program Files\TrueCrypt\truecrypt-x64.sys
11:26:02.0252 0680 truecrypt - ok
11:26:02.0268 0680 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
11:26:02.0268 0680 tssecsrv - ok
11:26:02.0315 0680 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
11:26:02.0315 0680 TsUsbFlt - ok
11:26:02.0315 0680 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
11:26:02.0315 0680 TsUsbGD - ok
11:26:02.0330 0680 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
11:26:02.0330 0680 tunnel - ok
11:26:02.0346 0680 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
11:26:02.0346 0680 uagp35 - ok
11:26:02.0361 0680 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
11:26:02.0361 0680 udfs - ok
11:26:02.0393 0680 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
11:26:02.0393 0680 uliagpkx - ok
11:26:02.0439 0680 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
11:26:02.0439 0680 umbus - ok
11:26:02.0439 0680 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
11:26:02.0439 0680 UmPass - ok
11:26:02.0486 0680 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
11:26:02.0486 0680 USBAAPL64 - ok
11:26:02.0564 0680 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
11:26:02.0564 0680 usbaudio - ok
11:26:02.0580 0680 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
11:26:02.0580 0680 usbccgp - ok
11:26:02.0642 0680 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
11:26:02.0642 0680 usbcir - ok
11:26:02.0658 0680 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
11:26:02.0658 0680 usbehci - ok
11:26:02.0673 0680 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
11:26:02.0673 0680 usbhub - ok
11:26:02.0689 0680 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
11:26:02.0689 0680 usbohci - ok
11:26:02.0720 0680 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
11:26:02.0720 0680 usbprint - ok
11:26:02.0767 0680 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
11:26:02.0767 0680 usbscan - ok
11:26:02.0798 0680 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:26:02.0798 0680 USBSTOR - ok
11:26:02.0814 0680 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
11:26:02.0814 0680 usbuhci - ok
11:26:02.0861 0680 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
11:26:02.0861 0680 usbvideo - ok
11:26:02.0876 0680 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
11:26:02.0876 0680 vdrvroot - ok
11:26:02.0892 0680 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
11:26:02.0892 0680 vga - ok
11:26:02.0907 0680 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
11:26:02.0907 0680 VgaSave - ok
11:26:02.0907 0680 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
11:26:02.0907 0680 vhdmp - ok
11:26:02.0939 0680 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
11:26:02.0939 0680 viaide - ok
11:26:02.0970 0680 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
11:26:02.0970 0680 volmgr - ok
11:26:02.0985 0680 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
11:26:02.0985 0680 volmgrx - ok
11:26:03.0001 0680 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
11:26:03.0001 0680 volsnap - ok
11:26:03.0032 0680 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
11:26:03.0032 0680 vsmraid - ok
11:26:03.0157 0680 VSPerfDrv100 (1928b9ca20f51bfbbad54d2c2c447b13) C:\Program Files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys
11:26:03.0157 0680 VSPerfDrv100 - ok
11:26:03.0173 0680 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
11:26:03.0173 0680 vwifibus - ok
11:26:03.0204 0680 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
11:26:03.0204 0680 vwififlt - ok
11:26:03.0235 0680 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
11:26:03.0235 0680 WacomPen - ok
11:26:03.0266 0680 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
11:26:03.0266 0680 WANARP - ok
11:26:03.0266 0680 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
11:26:03.0266 0680 Wanarpv6 - ok
11:26:03.0313 0680 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
11:26:03.0313 0680 Wd - ok
11:26:03.0329 0680 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
11:26:03.0344 0680 Wdf01000 - ok
11:26:03.0375 0680 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
11:26:03.0375 0680 WfpLwf - ok
11:26:03.0391 0680 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
11:26:03.0391 0680 WIMMount - ok
11:26:03.0453 0680 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
11:26:03.0453 0680 WinUsb - ok
11:26:03.0500 0680 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
11:26:03.0500 0680 WmiAcpi - ok
11:26:03.0547 0680 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
11:26:03.0547 0680 ws2ifsl - ok
11:26:03.0563 0680 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
11:26:03.0563 0680 WudfPf - ok
11:26:03.0578 0680 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
11:26:03.0578 0680 WUDFRd - ok
11:26:03.0641 0680 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
11:26:03.0687 0680 \Device\Harddisk0\DR0 - ok
11:26:03.0687 0680 Boot (0x1200) (3f3028af18d3640b7cae23f23a9a843a) \Device\Harddisk0\DR0\Partition0
11:26:03.0687 0680 \Device\Harddisk0\DR0\Partition0 - ok
11:26:03.0703 0680 Boot (0x1200) (02df9602f6103caddeec6f019c4dd38e) \Device\Harddisk0\DR0\Partition1
11:26:03.0703 0680 \Device\Harddisk0\DR0\Partition1 - ok
11:26:03.0703 0680 ============================================================
11:26:03.0703 0680 Scan finished
11:26:03.0703 0680 ============================================================
11:26:03.0703 1724 Detected object count: 0
11:26:03.0703 1724 Actual detected object count: 0
11:37:18.0468 2008 Deinitialize success


I ran a quick scan using MalwareBytes Anti-Malware, and the results for this are quoted below.

Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Database version: v2012.03.05.02

Windows 7 Service Pack 1 x64 NTFS (Safe Mode/Networking)
Internet Explorer 9.0.8112.16421
CJ :: CJ-PC [administrator]

05/03/2012 11:29:04
mbam-log-2012-03-05 (11-29-04).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 193776
Time elapsed: 1 minute(s), 39 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

I wasn't sure whether I should be running these programs normally or from within safe mode. As I've had problems before with scanning my computer in normal mode, I did all of the above tasks in safe mode. If you need me to redo them with the computer in normal mode then please let me know and I will try that. Thanks so much for your help so far, hopefully we can get somewhere.

#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,440 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:51 AM

Posted 05 March 2012 - 09:38 AM

No, you did OK.. One more scab please.


I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Under scan settings, check Posted Image and check Remove found threats
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image


NOTE: In some instances if no malware is found there will be no log produced.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 Chris Jeffery

Chris Jeffery
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bexhill - United Kingdom
  • Local time:02:51 PM

Posted 05 March 2012 - 11:07 AM

Have now run that scan and it found no threats, therefore didn't generate a log file.

#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,440 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:51 AM

Posted 05 March 2012 - 12:30 PM

I thinh we need a deeper look. Please go here....Preparation Guide ,do steps 6-9.

Create a DDS log and post it in the new topic explained in step 9 which is here Virus, Trojan, Spyware, and Malware Removal Logs and not in this topic,thanks.
If GMER won't run skip it and move on.

Let me know if that went well
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 Chris Jeffery

Chris Jeffery
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bexhill - United Kingdom
  • Local time:02:51 PM

Posted 05 March 2012 - 01:56 PM

I thinh we need a deeper look. Please go here....Preparation Guide ,do steps 6-9.

Create a DDS log and post it in the new topic explained in step 9 which is here Virus, Trojan, Spyware, and Malware Removal Logs and not in this topic,thanks.
If GMER won't run skip it and move on.

Let me know if that went well

Posted :) http://www.bleepingcomputer.com/forums/topic445174.html/page__view__findpost__p__2621502__fromsearch__1

#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,440 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:51 AM

Posted 05 March 2012 - 08:32 PM

Thank you Chris,we'll get it sorted.

Now that your log is properly posted, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a Malware Removal Team member, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show it the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the Malware Removal Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the Malware Removal Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the Malware Removal Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRL Team member is already assisting you and not open the thread to respond.

The current wait time is 1 - 3 days and ALL logs are answered.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users