Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

HP Elitebook 8440p Restarts After 1 minute of operations


  • Please log in to reply
7 replies to this topic

#1 meatball656

meatball656

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:26 PM

Posted 11 March 2012 - 08:21 AM

I have a problem that is causing me to bleep.

I am operating the above mentioned elitebook from Hp using windows 7, and after 1 minute of operations it shutdowns and restarts. No warning, no error, no blue screen.

This problem started two days ago. I was playing Baldur's Gate, everything became slow so I stopped and restarted my computer. The problem started after that. I can start the computer in safe mode, and safe mode with networking. The computer actually works just fine on normal mode, but after running for around a minute it just shutdowns.

So far I have run Malwarebyte malware removal which found nothing. I also ran the Stinger from McAfee which removed something but I do not have the name of it. I also tested the battery to see if it was causing problems. One thing I have noticed is when I turn my computer on the battery icon in the corner always starts as empty, then it becomes fully charged after a few seconds.

Final thing I have tried is a system restore from one week ago, and another one at "last good setting" which did not help.

thanks everyone!

BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,658 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:06:26 PM

Posted 11 March 2012 - 12:18 PM

Welcome aboard Posted Image

For now stay in Safe Mode with Networking and....

Download Security Check from HERE, and save it to your Desktop.

* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.

=============================================================================

Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

====================================================================================

Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (do NOT change any settings here)
  • List Users, Partitions and Memory size
Click Go and post the result.

=============================================================================

Download Malwarebytes' Anti-Malware (aka MBAM): https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/ to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

=============================================================================

Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
Click the "Scan" button to start scan.
On completion of the scan click "Save log", save it to your desktop and post in your next reply.

NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#3 meatball656

meatball656
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:26 PM

Posted 11 March 2012 - 01:17 PM

thanks for the reply; here are the first three logs:

Results of screen317's Security Check version 0.99.24
Windows 7 Service Pack 1 x86 (UAC is enabled)
Internet Explorer 9
``````````````````````````````
Antivirus/Firewall Check:

Windows Security Center service is not running! This report may not be accurate!
McAfee SecurityCenter
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

Java™ 6 Update 23
Java 2 Runtime Environment, SE v1.4.2_19
Out of date Java installed!
Adobe Flash Player 11.1.102.55
Mozilla Firefox (x86 en-US..)
````````````````````````````````
Process Check:
objlist.exe by Laurent

``````````End of Log````````````




Farbar Service Scanner Version: 01-03-2012
Ran by osgoodst (administrator) on 11-03-2012 at 13:10:29
Running from "C:\Users\osgoodst\Desktop"
Microsoft Windows 7 Professional Service Pack 1 (X86)
Boot Mode: Nerwork
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: Attention! Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: Attention! Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: Attention! Unable to open MpsSvc registry key. The service key does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: Attention! Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: Attention! Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: Attention! Unable to open bfe registry key. The service key does not exist.


Firewall Disabled Policy:
==================


System Restore:
============
SDRSVC Service is not running. Checking service configuration:
The start type of SDRSVC service is OK.
The ImagePath of SDRSVC service is OK.
The ServiceDll of SDRSVC service is OK.

VSS Service is not running. Checking service configuration:
The start type of VSS service is OK.
The ImagePath of VSS service is OK.


System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: Attention! Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: Attention! Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: Attention! Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.

BITS Service is not running. Checking service configuration:
The start type of BITS service is OK.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.

EventSystem Service is not running. Checking service configuration:
The start type of EventSystem service is OK.
The ImagePath of EventSystem service is OK.
The ServiceDll of EventSystem service is OK.


File Check:
========
C:\windows\system32\nsisvc.dll => MD5 is legit
C:\windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\windows\system32\dhcpcore.dll => MD5 is legit
C:\windows\system32\Drivers\afd.sys => MD5 is legit
C:\windows\system32\Drivers\tdx.sys => MD5 is legit
C:\windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\windows\system32\dnsrslvr.dll => MD5 is legit
C:\windows\system32\mpssvc.dll => MD5 is legit
C:\windows\system32\bfe.dll => MD5 is legit
C:\windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\windows\system32\SDRSVC.dll => MD5 is legit
C:\windows\system32\vssvc.exe => MD5 is legit
C:\windows\system32\wscsvc.dll => MD5 is legit
C:\windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\windows\system32\wuaueng.dll => MD5 is legit
C:\windows\system32\qmgr.dll => MD5 is legit
C:\windows\system32\es.dll => MD5 is legit
C:\windows\system32\cryptsvc.dll => MD5 is legit
C:\windows\system32\svchost.exe => MD5 is legit
C:\windows\system32\rpcss.dll => MD5 is legit


**** End of log ****


MiniToolBox by Farbar Version: 18-01-2012
Ran by osgoodst (administrator) on 11-03-2012 at 13:11:53
Microsoft Windows 7 Professional Service Pack 1 (X86)
Boot Mode: Nerwork
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

Hosts file not detected in the default directory
========================= IP Configuration: ================================

Intel® 82577LM Gigabit Network Connection = Local Area Connection (Connected)
Intel® Centrino® Advanced-N 6200 AGN = Wireless Network Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : osgoodst-HP
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Peer-Peer
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : cable.rcn.com

Wireless LAN adapter Wireless Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® Centrino® Advanced-N 6200 AGN
Physical Address. . . . . . . . . : 58-94-6B-67-0D-30
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : cable.rcn.com
Description . . . . . . . . . . . : Intel® 82577LM Gigabit Network Connection
Physical Address. . . . . . . . . : 68-B5-99-F3-B6-8A
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::194a:11b8:76fb:aa03%10(Preferred)
IPv4 Address. . . . . . . . . . . : 24.136.3.222(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.252.0
Lease Obtained. . . . . . . . . . : Sunday, March 11, 2012 1:06:25 PM
Lease Expires . . . . . . . . . . : Sunday, March 18, 2012 1:06:25 PM
Default Gateway . . . . . . . . . : 24.136.0.1
DHCP Server . . . . . . . . . . . : 207.181.192.241
DHCPv6 IAID . . . . . . . . . . . : 191411609
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-A6-70-76-68-B5-99-F3-B6-8A
DNS Servers . . . . . . . . . . . : 208.59.247.45
208.59.247.46
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{53E1CBF6-6FD8-4F3A-A53E-45E0F5F112A9}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter 6TO4 Adapter:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.cable.rcn.com:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: secondary.atw.pa.dns.rcn.net
Address: 208.59.247.45

Name: google.com
Addresses: 74.125.225.71
74.125.225.67
74.125.225.72
74.125.225.65
74.125.225.69
74.125.225.78
74.125.225.66
74.125.225.68
74.125.225.73
74.125.225.70
74.125.225.64


Pinging google.com [74.125.225.64] with 32 bytes of data:
Reply from 74.125.225.64: bytes=32 time=14ms TTL=58
Reply from 74.125.225.64: bytes=32 time=9ms TTL=58

Ping statistics for 74.125.225.64:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 9ms, Maximum = 14ms, Average = 11ms
Server: secondary.atw.pa.dns.rcn.net
Address: 208.59.247.45

Name: yahoo.com
Addresses: 209.191.122.70
98.139.127.62
98.139.183.24


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=64ms TTL=52
Reply from 98.139.183.24: bytes=32 time=90ms TTL=52

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 64ms, Maximum = 90ms, Average = 77ms
Server: secondary.atw.pa.dns.rcn.net
Address: 208.59.247.45

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
13...58 94 6b 67 0d 30 ......Intel® Centrino® Advanced-N 6200 AGN
10...68 b5 99 f3 b6 8a ......Intel® 82577LM Gigabit Network Connection
1...........................Software Loopback Interface 1
11...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
12...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 24.136.0.1 24.136.3.222 20
24.136.0.0 255.255.252.0 On-link 24.136.3.222 276
24.136.3.222 255.255.255.255 On-link 24.136.3.222 276
24.136.3.255 255.255.255.255 On-link 24.136.3.222 276
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 24.136.3.222 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 24.136.3.222 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
10 276 fe80::/64 On-link
10 276 fe80::194a:11b8:76fb:aa03/128
On-link
1 306 ff00::/8 On-link
10 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 07 mswsock.dll [File Not found] ()
Catalog5 08 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 mswsock.dll [File Not found] ()
Catalog9 02 mswsock.dll [File Not found] ()
Catalog9 03 mswsock.dll [File Not found] ()
Catalog9 04 mswsock.dll [File Not found] ()
Catalog9 05 mswsock.dll [File Not found] ()
Catalog9 06 mswsock.dll [File Not found] ()
Catalog9 07 mswsock.dll [File Not found] ()
Catalog9 08 mswsock.dll [File Not found] ()
Catalog9 09 mswsock.dll [File Not found] ()
Catalog9 10 mswsock.dll [File Not found] ()
Catalog9 11 mswsock.dll [File Not found] ()
Catalog9 12 mswsock.dll [File Not found] ()
Catalog9 13 mswsock.dll [File Not found] ()
Catalog9 14 mswsock.dll [File Not found] ()
Catalog9 15 mswsock.dll [File Not found] ()
Catalog9 16 mswsock.dll [File Not found] ()
Catalog9 17 mswsock.dll [File Not found] ()
Catalog9 18 mswsock.dll [File Not found] ()
Catalog9 19 mswsock.dll [File Not found] ()
Catalog9 20 mswsock.dll [File Not found] ()
Catalog9 21 mswsock.dll [File Not found] ()
Catalog9 22 mswsock.dll [File Not found] ()
Catalog9 23 mswsock.dll [File Not found] ()
Catalog9 24 mswsock.dll [File Not found] ()
Catalog9 25 mswsock.dll [File Not found] ()
Catalog9 26 mswsock.dll [File Not found] ()
Catalog9 27 mswsock.dll [File Not found] ()
Catalog9 28 mswsock.dll [File Not found] ()

========================= Event log errors: ===============================

Application errors:
==================
Error: (03/09/2012 07:47:57 PM) (Source: McLogEvent) (User: SYSTEM)SYSTEM
Description: A thread in process C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe took longer than 90000 ms to complete a request.

The process will be terminated.
Thread id : 2784 (0xae0)

Thread address : 0x77757094

Thread message :

Build VSCORE.14.2.0.835 / 5400.1158
Object being scanned = \Device\HarddiskVolume2\Users\osgoodst\Desktop\Firefox Setup 6.0.exe
by C:\windows\system32\SearchProtocolHost.exe
4(0)(0)
4(0)(0)
7200(0)(0)
7595(0)(0)
7005(0)(0)
7004(0)(0)
5006(0)(0)
5004(0)(0)

Error: (03/09/2012 07:46:04 PM) (Source: McLogEvent) (User: SYSTEM)SYSTEM
Description: A thread in process C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe took longer than 90000 ms to complete a request.

The process will be terminated.
Thread id : 3228 (0xc9c)

Thread address : 0x77757094

Thread message :

Build VSCORE.14.2.0.835 / 5400.1158
Object being scanned = \Device\HarddiskVolume2\Users\osgoodst\Desktop\PGForever101\PGForever.exe
by C:\windows\system32\SearchProtocolHost.exe
4(0)(0)
4(0)(0)
7200(0)(0)
7595(0)(0)
7005(0)(0)
7004(0)(0)
5006(0)(0)
5004(0)(0)

Error: (03/09/2012 07:43:54 PM) (Source: McLogEvent) (User: SYSTEM)SYSTEM
Description: A thread in process C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe took longer than 90000 ms to complete a request.

The process will be terminated.
Thread id : 2816 (0xb00)

Thread address : 0x77757094

Thread message :

Build VSCORE.14.2.0.835 / 5400.1158
Object being scanned = \Device\HarddiskVolume2\Users\osgoodst\Desktop\nentendo\Nestopia139bin\nestopia.exe
by C:\windows\system32\SearchProtocolHost.exe
4(0)(0)
4(0)(0)
7200(0)(0)
7595(0)(0)
7005(0)(0)
7004(0)(0)
5006(0)(0)
5004(0)(0)

Error: (03/09/2012 07:32:34 PM) (Source: McLogEvent) (User: SYSTEM)SYSTEM
Description: A thread in process C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe took longer than 90000 ms to complete a request.

The process will be terminated.
Thread id : 3448 (0xd78)

Thread address : 0x77757094

Thread message :

Build VSCORE.14.2.0.835 / 5400.1158
Object being scanned = \Device\HarddiskVolume2\Users\osgoodst\Desktop\games\panzer\Uninstal.exe
by C:\windows\system32\SearchProtocolHost.exe
4(0)(0)
4(0)(0)
7200(0)(0)
7595(0)(0)
7005(0)(0)
7004(0)(0)
5006(0)(0)
5004(0)(0)

Error: (03/09/2012 07:30:38 PM) (Source: McLogEvent) (User: SYSTEM)SYSTEM
Description: A thread in process C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe took longer than 90000 ms to complete a request.

The process will be terminated.
Thread id : 3148 (0xc4c)

Thread address : 0x77757094

Thread message :

Build VSCORE.14.2.0.835 / 5400.1158
Object being scanned = \Device\HarddiskVolume2\Users\osgoodst\Desktop\games\gameboy\VisualBoyAdvance.exe
by C:\windows\system32\SearchProtocolHost.exe
4(0)(0)
4(0)(0)
7200(0)(0)
7595(0)(0)
7005(0)(0)
7004(0)(0)
5006(0)(0)
5004(0)(0)

Error: (03/09/2012 07:19:43 PM) (Source: McLogEvent) (User: SYSTEM)SYSTEM
Description: A thread in process C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe took longer than 90000 ms to complete a request.

The process will be terminated.
Thread id : 1392 (0x570)

Thread address : 0x77757094

Thread message :

Build VSCORE.14.2.0.835 / 5400.1158
Object being scanned = \Device\HarddiskVolume2\Users\osgoodst\Desktop\EGR 7112 with Bill lorenz\EGR_7112_lecture_20\Firefox Setup 7.0.1.exe
by C:\windows\system32\SearchProtocolHost.exe
4(0)(0)
4(0)(0)
7200(0)(0)
7595(0)(0)
7005(0)(0)
7004(0)(0)
5006(0)(0)
5004(0)(0)

Error: (03/09/2012 06:28:15 PM) (Source: McLogEvent) (User: SYSTEM)SYSTEM
Description: A thread in process C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe took longer than 90000 ms to complete a request.

The process will be terminated.
Thread id : 3756 (0xeac)

Thread address : 0x77757094

Thread message :

Build VSCORE.14.2.0.835 / 5400.1158
Object being scanned = \Device\HarddiskVolume2\Program Files\Malwarebytes' Anti-Malware\mbamcore.dll
by C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
4(0)(0)
4(0)(0)
7200(0)(0)
7595(0)(0)
7005(0)(0)
7004(0)(0)
5006(0)(0)
5004(0)(0)

Error: (03/09/2012 03:07:00 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.

Error: (03/09/2012 02:50:02 PM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (03/09/2012 02:50:02 PM) (Source: Windows Search Service) (User: )
Description: The search service has detected corrupted data files in the index {id=4400}. The service will attempt to automatically correct this problem by rebuilding the index.

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)


System errors:
=============
Error: (03/11/2012 01:10:30 PM) (Source: DCOM) (User: )
Description: 1084McNaiAnn{DC7EF8E1-824F-4110-AB43-1604DA9B4F40}

Error: (03/11/2012 01:08:34 PM) (Source: DCOM) (User: )
Description: 1068fdPHost{D3DCB472-7261-43CE-924B-0704BD730D5F}

Error: (03/11/2012 01:08:34 PM) (Source: DCOM) (User: )
Description: 1068fdPHost{145B4335-FE2A-4927-A040-7C35AD3180EF}

Error: (03/11/2012 01:07:02 PM) (Source: DCOM) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (03/11/2012 01:07:01 PM) (Source: DCOM) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (03/11/2012 01:06:53 PM) (Source: DCOM) (User: )
Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (03/11/2012 01:06:47 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: SYSTEM)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\windows\System32\IWMSSvc.dll
Error Code: 21

Error: (03/11/2012 01:06:43 PM) (Source: DCOM) (User: )
Description: 1084ShellHWDetection{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (03/11/2012 01:06:30 PM) (Source: Microsoft-Windows-DNS-Client) (User: NETWORK SERVICE)
Description: There was an error while attempting to read the local hosts file.

Error: (03/11/2012 01:06:27 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
discache
RsvLock
spldr
vpcvmm
Wanarpv6


Microsoft Office Sessions:
=========================
Error: (03/09/2012 07:47:57 PM) (Source: McLogEvent)(User: SYSTEM)SYSTEM
Description: C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe900002784 (0xae0)0x77757094
Build VSCORE.14.2.0.835 / 5400.1158
Object being scanned = \Device\HarddiskVolume2\Users\osgoodst\Desktop\Firefox Setup 6.0.exe
by C:\windows\system32\SearchProtocolHost.exe
4(0)(0)
4(0)(0)
7200(0)(0)
7595(0)(0)
7005(0)(0)
7004(0)(0)
5006(0)(0)
5004(0)(0)

Error: (03/09/2012 07:46:04 PM) (Source: McLogEvent)(User: SYSTEM)SYSTEM
Description: C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe900003228 (0xc9c)0x77757094
Build VSCORE.14.2.0.835 / 5400.1158
Object being scanned = \Device\HarddiskVolume2\Users\osgoodst\Desktop\PGForever101\PGForever.exe
by C:\windows\system32\SearchProtocolHost.exe
4(0)(0)
4(0)(0)
7200(0)(0)
7595(0)(0)
7005(0)(0)
7004(0)(0)
5006(0)(0)
5004(0)(0)

Error: (03/09/2012 07:43:54 PM) (Source: McLogEvent)(User: SYSTEM)SYSTEM
Description: C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe900002816 (0xb00)0x77757094
Build VSCORE.14.2.0.835 / 5400.1158
Object being scanned = \Device\HarddiskVolume2\Users\osgoodst\Desktop\nentendo\Nestopia139bin\nestopia.exe
by C:\windows\system32\SearchProtocolHost.exe
4(0)(0)
4(0)(0)
7200(0)(0)
7595(0)(0)
7005(0)(0)
7004(0)(0)
5006(0)(0)
5004(0)(0)

Error: (03/09/2012 07:32:34 PM) (Source: McLogEvent)(User: SYSTEM)SYSTEM
Description: C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe900003448 (0xd78)0x77757094
Build VSCORE.14.2.0.835 / 5400.1158
Object being scanned = \Device\HarddiskVolume2\Users\osgoodst\Desktop\games\panzer\Uninstal.exe
by C:\windows\system32\SearchProtocolHost.exe
4(0)(0)
4(0)(0)
7200(0)(0)
7595(0)(0)
7005(0)(0)
7004(0)(0)
5006(0)(0)
5004(0)(0)

Error: (03/09/2012 07:30:38 PM) (Source: McLogEvent)(User: SYSTEM)SYSTEM
Description: C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe900003148 (0xc4c)0x77757094
Build VSCORE.14.2.0.835 / 5400.1158
Object being scanned = \Device\HarddiskVolume2\Users\osgoodst\Desktop\games\gameboy\VisualBoyAdvance.exe
by C:\windows\system32\SearchProtocolHost.exe
4(0)(0)
4(0)(0)
7200(0)(0)
7595(0)(0)
7005(0)(0)
7004(0)(0)
5006(0)(0)
5004(0)(0)

Error: (03/09/2012 07:19:43 PM) (Source: McLogEvent)(User: SYSTEM)SYSTEM
Description: C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe900001392 (0x570)0x77757094
Build VSCORE.14.2.0.835 / 5400.1158
Object being scanned = \Device\HarddiskVolume2\Users\osgoodst\Desktop\EGR 7112 with Bill lorenz\EGR_7112_lecture_20\Firefox Setup 7.0.1.exe
by C:\windows\system32\SearchProtocolHost.exe
4(0)(0)
4(0)(0)
7200(0)(0)
7595(0)(0)
7005(0)(0)
7004(0)(0)
5006(0)(0)
5004(0)(0)

Error: (03/09/2012 06:28:15 PM) (Source: McLogEvent)(User: SYSTEM)SYSTEM
Description: C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe900003756 (0xeac)0x77757094
Build VSCORE.14.2.0.835 / 5400.1158
Object being scanned = \Device\HarddiskVolume2\Program Files\Malwarebytes' Anti-Malware\mbamcore.dll
by C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
4(0)(0)
4(0)(0)
7200(0)(0)
7595(0)(0)
7005(0)(0)
7004(0)(0)
5006(0)(0)
5004(0)(0)

Error: (03/09/2012 03:07:00 PM) (Source: SideBySide)(User: )
Description: c:\Program Files\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exec:\Program Files\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe.Config0

Error: (03/09/2012 02:50:02 PM) (Source: Windows Search Service)(User: )
Description: Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
The catalog is corrupt

Error: (03/09/2012 02:50:02 PM) (Source: Windows Search Service)(User: )
Description: Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
4400


=========================== Installed Programs ============================

32 Bit HP CIO Components Installer (Version: 7.1.8)
470_Help (Version: 1.00.0000)
470_Readme (Version: 1.00.0000)
Adobe AIR (Version: 2.5.1.17730)
Adobe Flash Player 10 ActiveX (Version: 10.0.32.18)
Adobe Flash Player 11 Plugin (Version: 11.1.102.55)
Adobe Reader 9.4.0 (Version: 9.4.0)
Amazon Kindle
Ancient Mediterranean 1.2h
Apple Application Support (Version: 2.1.6)
Apple Mobile Device Support (Version: 4.0.0.97)
Apple Software Update (Version: 2.1.3.127)
ArcSoft Panorama Maker 5 (Version: 5.0.1.25)
Baldur's Gate
BDE eXpress Windows 7
Bing Bar (Version: 7.0.609.0)
Bing Rewards Client Installer (Version: 16.0.345.0)
Bonjour (Version: 3.0.0.10)
BPDSoftware (Version: 130.0.000.000)
BPDSoftware_Ini (Version: 1.00.0000)
BufferChm (Version: 130.0.331.000)
Bullzip PDF Printer 7.2.0.1319 (Version: 7.2.0.1319)
Civilization III Conquests
Civilization III v1.29f
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DeviceDiscovery (Version: 130.0.465.000)
Drive Encryption for HP ProtectTools (Version: 5.0.2.10)
File Uploader (Version: 1.2.5)
GaBi 4 Education (Version: 4.4.82.1)
GaBiEducationSetup (Version: 1.0)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.3.2614.234)
Google Update Helper (Version: 1.3.21.99)
GPBaseService2 (Version: 130.0.371.000)
H470 (Version: 130.0.000.000)
Hewlett-Packard ACLM.NET v1.1.2.0 (Version: 1.00.0000)
HP 3D DriveGuard (Version: 4.1.8.1)
HP Business Card Reader (Version: 0.6.3.0)
HP Customer Experience Enhancements (Version: 6.0.1.7)
HP Customer Participation Program 13.0 (Version: 13.0)
HP Documentation (Version: 1.1.0.0)
HP ESU for Microsoft Windows 7 (Version: 1.0.5.1)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP OfficeJet H470 (Version: 13.0)
HP Power Assistant (Version: 2.0.4.0)
HP Power Data (Version: 1.0.5.74)
HP ProtectTools Security Manager (Version: 5.04.669)
HP Quick Launch Buttons (Version: 6.50.12.1)
HP QuickLook (Version: 3.3.1.4)
HP QuickWeb (Version: 1.0.1.74)
HP Setup (Version: 1.2.3557.3169)
HP SkyRoom (Version: 1.1.4.4794.)
HP Smart Web Printing 4.51 (Version: 4.51)
HP SoftPaq Download Manager (Version: 3.0.5.0)
HP Software Framework (Version: 4.0.39.1)
HP Software Setup (Version: 7.0.1.5)
HP Solution Center 13.0 (Version: 13.0)
HP Support Assistant (Version: 6.1.12.1)
HP Update (Version: 5.003.001.001)
HP Wallpaper (Version: 1.0.1.3)
HP Web Camera (Version: 1.0.0)
HP Webcam (Version: 1.0.26.3)
HP Webcam Driver (Version: 5.8.50009.6)
HP Wireless Assistant (Version: 4.0.2.4)
HPProductAssistant (Version: 130.0.371.000)
HPSSupply (Version: 130.0.371.000)
IDT Audio (Version: 1.0.6257.0)
Intel PROSet Wireless
Intel® Control Center (Version: 1.2.1.1007)
Intel® Management Engine Components (Version: 6.0.0.1179)
Intel® Network Connections Drivers (Version: 16.3)
Intel® Processor Graphics (Version: 8.15.10.2509)
Intel® PROSet/Wireless WiFi Software (Version: 14.00.1000)
IntelŪ Matrix Storage Manager
Intermedia Single Sign-On (Version: 2011.0.0.385)
iTunes (Version: 10.5.2.11)
Java 2 Runtime Environment, SE v1.4.2_19 (Version: 1.4.2_19)
Java Auto Updater (Version: 2.0.2.4)
Java™ 6 Update 23 (Version: 6.0.230)
Malwarebytes Anti-Malware version 1.60.1.1000 (Version: 1.60.1.1000)
MarketResearch (Version: 130.0.374.000)
McAfee SecurityCenter (Version: 10.5.247)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Default Manager (Version: 2.2.114.0)
Microsoft IntelliPoint 8.0 (Version: 8.01.249.0)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Home and Business 2010 - English (Version: 14.0.5130.5001)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Starter 2010 - English (Version: 14.0.4763.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 4.1.10111.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Mozilla Firefox 7.0.1 (x86 en-US) (Version: 7.0.1)
MPM (Version: 1.00.0000)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Network (Version: 130.0.579.000)
Nikon Message Center (Version: 0.92.000)
Nikon Transfer (Version: 1.5.3)
Opera 11.61 (Version: 11.61.1250)
Oracle JInitiator 1.3.1.21
Picture Control Utility (Version: 1.1.9)
Pirates Gold
Pre-Boot Security for HP ProtectTools (Version: 5.0.7.1)
ProductContext (Version: 130.0.000.000)
QLBCASL (Version: 6.40.17.2)
QuickTime (Version: 7.71.80.42)
Remote Graphics Receiver (Version: 5.3.2)
Remote Graphics Sender (Version: 5.3.2)
RICOH Media Driver (Version: 2.13.00.05)
SDK (Version: 2.26.012)
Shop for HP Supplies (Version: 13.0)
SimaPro 7.2.4 pre-install full
SimaPro 7.3.0 Single user (Version: 7.3.0.21)
SmartWebPrinting (Version: 130.0.457.000)
SolutionCenter (Version: 130.0.373.000)
Status (Version: 130.0.469.000)
Synaptics Pointing Device Driver (Version: 14.0.10.0)
Theft Recovery (Version: 5.1.0.18)
Toolbox (Version: 130.0.648.000)
TrayApp (Version: 130.0.422.000)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Excel 2010 (KB2553439) 32-Bit Edition
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553323) 32-Bit Edition
Update for Microsoft Outlook Social Connector (KB2583935)
Validity Fingerprint Driver (Version: 4.0.8.0)
ViewNX (Version: 1.5.2)
WebReg (Version: 130.0.132.017)
Windows 7 Default Setting (Version: 1.0.1.4)
Windows Driver Package - Broadcom Bluetooth (06/15/2009 6.2.0.9000) (Version: 06/15/2009 6.2.0.9000)
Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) (Version: 07/30/2009 6.2.0.9405)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (Version: 07/28/2009 6.2.0.9800)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
WinRAR archiver

========================= Devices: ================================

Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


========================= Memory info: ===================================

Percentage of memory in use: 44%
Total physical RAM: 1903.38 MB
Available physical RAM: 1062.43 MB
Total Pagefile: 3806.76 MB
Available Pagefile: 2918.08 MB
Total Virtual: 2047.88 MB
Available Virtual: 1936.12 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:280.79 GB) (Free:127.28 GB) NTFS
2 Drive f: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.47 GB) FAT32
3 Drive g: (SNAKESPLANEWS) (CDROM) (Total:7.82 GB) (Free:0 GB) UDF

========================= Users: ========================================

User accounts for \\OSGOODST-HP

Administrator Guest osgoodst


**** End of log ****

#4 meatball656

meatball656
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:26 PM

Posted 11 March 2012 - 02:28 PM

here are the other two logs:

Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Database version: v2012.03.11.08

Windows 7 Service Pack 1 x86 NTFS (Safe Mode/Networking)
Internet Explorer 9.0.8112.16421
osgoodst :: OSGOODST-HP [administrator]

3/11/2012 1:20:16 PM
mbam-log-2012-03-11 (13-20-16).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 199995
Time elapsed: 7 minute(s), 28 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)



aswMBR version 0.9.9.1649 Copyright© 2011 AVAST Software
Run date: 2012-03-11 13:54:09
-----------------------------
13:54:09.970 OS Version: Windows 6.1.7601 Service Pack 1
13:54:09.970 Number of processors: 4 586 0x2505
13:54:09.970 ComputerName: OSGOODST-HP UserName: osgoodst
13:54:10.984 Initialize success
13:54:16.319 AVAST engine defs: 12031101
13:54:18.612 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
13:54:18.612 Disk 0 Vendor: WDC_WD32 01.0 Size: 305245MB BusType: 3
13:54:18.612 Disk 0 MBR read successfully
13:54:18.612 Disk 0 MBR scan
13:54:18.612 Disk 0 MBR:Alureon-M [Rtk]
13:54:18.612 Disk 0 TDL4@MBR code has been found
13:54:18.628 Disk 0 Windows 7 default MBR code found via API
13:54:18.628 Disk 0 MBR hidden
13:54:18.628 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 300 MB offset 2048
13:54:18.643 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 287533 MB offset 616448
13:54:18.675 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 15360 MB offset 589484032
13:54:18.721 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 2043 MB offset 620941312
13:54:18.721 Disk 0 MBR [TDL4] **ROOTKIT**
13:54:18.737 Disk 0 trace - called modules:
13:54:18.768 ntkrnlpa.exe CLASSPNP.SYS disk.sys hpdskflt.sys halmacpi.dll ACPI.sys >>UNKNOWN [0x86e5e49f]<<
13:54:18.768 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86a3aac8]
13:54:18.784 3 CLASSPNP.SYS[88c7359e] -> nt!IofCallDriver -> [0x86a38020]
13:54:18.784 5 hpdskflt.sys[89bf2f8a] -> nt!IofCallDriver -> [0x85f26700]
13:54:18.784 7 ACPI.sys[88aa83d4] -> nt!IofCallDriver -> \IAAStorageDevice-1[0x85f37028]
13:54:18.831 \Driver\iaStor[0x85153030] -> IRP_MJ_CREATE -> 0x86e5e49f
13:54:19.751 AVAST engine scan C:\windows
13:54:21.763 AVAST engine scan C:\windows\system32
13:56:48.435 AVAST engine scan C:\windows\system32\drivers
13:57:06.578 AVAST engine scan C:\Users\osgoodst
14:16:08.582 File: C:\Users\osgoodst\AppData\Roaming\mshfast.exe **INFECTED** Win32:Crypt-LUQ [Trj]
14:23:39.719 Disk 0 MBR has been saved successfully to "C:\Users\osgoodst\Desktop\MBR.dat"
14:23:39.735 The log file has been saved successfully to "C:\Users\osgoodst\Desktop\aswMBR.txt"


aswMBR version 0.9.9.1649 Copyright© 2011 AVAST Software
Run date: 2012-03-11 13:54:09
-----------------------------
13:54:09.970 OS Version: Windows 6.1.7601 Service Pack 1
13:54:09.970 Number of processors: 4 586 0x2505
13:54:09.970 ComputerName: OSGOODST-HP UserName: osgoodst
13:54:10.984 Initialize success
13:54:16.319 AVAST engine defs: 12031101
13:54:18.612 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
13:54:18.612 Disk 0 Vendor: WDC_WD32 01.0 Size: 305245MB BusType: 3
13:54:18.612 Disk 0 MBR read successfully
13:54:18.612 Disk 0 MBR scan
13:54:18.612 Disk 0 MBR:Alureon-M [Rtk]
13:54:18.612 Disk 0 TDL4@MBR code has been found
13:54:18.628 Disk 0 Windows 7 default MBR code found via API
13:54:18.628 Disk 0 MBR hidden
13:54:18.628 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 300 MB offset 2048
13:54:18.643 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 287533 MB offset 616448
13:54:18.675 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 15360 MB offset 589484032
13:54:18.721 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 2043 MB offset 620941312
13:54:18.721 Disk 0 MBR [TDL4] **ROOTKIT**
13:54:18.737 Disk 0 trace - called modules:
13:54:18.768 ntkrnlpa.exe CLASSPNP.SYS disk.sys hpdskflt.sys halmacpi.dll ACPI.sys >>UNKNOWN [0x86e5e49f]<<
13:54:18.768 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86a3aac8]
13:54:18.784 3 CLASSPNP.SYS[88c7359e] -> nt!IofCallDriver -> [0x86a38020]
13:54:18.784 5 hpdskflt.sys[89bf2f8a] -> nt!IofCallDriver -> [0x85f26700]
13:54:18.784 7 ACPI.sys[88aa83d4] -> nt!IofCallDriver -> \IAAStorageDevice-1[0x85f37028]
13:54:18.831 \Driver\iaStor[0x85153030] -> IRP_MJ_CREATE -> 0x86e5e49f
13:54:19.751 AVAST engine scan C:\windows
13:54:21.763 AVAST engine scan C:\windows\system32
13:56:48.435 AVAST engine scan C:\windows\system32\drivers
13:57:06.578 AVAST engine scan C:\Users\osgoodst
14:16:08.582 File: C:\Users\osgoodst\AppData\Roaming\mshfast.exe **INFECTED** Win32:Crypt-LUQ [Trj]
14:23:39.719 Disk 0 MBR has been saved successfully to "C:\Users\osgoodst\Desktop\MBR.dat"
14:23:39.735 The log file has been saved successfully to "C:\Users\osgoodst\Desktop\aswMBR.txt"
14:26:38.203 Disk 0 MBR has been saved successfully to "C:\Users\osgoodst\Desktop\MBR.dat"
14:26:38.235 The log file has been saved successfully to "C:\Users\osgoodst\Desktop\aswMBR.txt"

#5 meatball656

meatball656
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:26 PM

Posted 11 March 2012 - 02:49 PM

sorry the last log was incomplete; here is the whole thing:

aswMBR version 0.9.9.1649 Copyright© 2011 AVAST Software
Run date: 2012-03-11 13:54:09
-----------------------------
13:54:09.970 OS Version: Windows 6.1.7601 Service Pack 1
13:54:09.970 Number of processors: 4 586 0x2505
13:54:09.970 ComputerName: OSGOODST-HP UserName: osgoodst
13:54:10.984 Initialize success
13:54:16.319 AVAST engine defs: 12031101
13:54:18.612 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
13:54:18.612 Disk 0 Vendor: WDC_WD32 01.0 Size: 305245MB BusType: 3
13:54:18.612 Disk 0 MBR read successfully
13:54:18.612 Disk 0 MBR scan
13:54:18.612 Disk 0 MBR:Alureon-M [Rtk]
13:54:18.612 Disk 0 TDL4@MBR code has been found
13:54:18.628 Disk 0 Windows 7 default MBR code found via API
13:54:18.628 Disk 0 MBR hidden
13:54:18.628 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 300 MB offset 2048
13:54:18.643 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 287533 MB offset 616448
13:54:18.675 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 15360 MB offset 589484032
13:54:18.721 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 2043 MB offset 620941312
13:54:18.721 Disk 0 MBR [TDL4] **ROOTKIT**
13:54:18.737 Disk 0 trace - called modules:
13:54:18.768 ntkrnlpa.exe CLASSPNP.SYS disk.sys hpdskflt.sys halmacpi.dll ACPI.sys >>UNKNOWN [0x86e5e49f]<<
13:54:18.768 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86a3aac8]
13:54:18.784 3 CLASSPNP.SYS[88c7359e] -> nt!IofCallDriver -> [0x86a38020]
13:54:18.784 5 hpdskflt.sys[89bf2f8a] -> nt!IofCallDriver -> [0x85f26700]
13:54:18.784 7 ACPI.sys[88aa83d4] -> nt!IofCallDriver -> \IAAStorageDevice-1[0x85f37028]
13:54:18.831 \Driver\iaStor[0x85153030] -> IRP_MJ_CREATE -> 0x86e5e49f
13:54:19.751 AVAST engine scan C:\windows
13:54:21.763 AVAST engine scan C:\windows\system32
13:56:48.435 AVAST engine scan C:\windows\system32\drivers
13:57:06.578 AVAST engine scan C:\Users\osgoodst
14:16:08.582 File: C:\Users\osgoodst\AppData\Roaming\mshfast.exe **INFECTED** Win32:Crypt-LUQ [Trj]
14:23:39.719 Disk 0 MBR has been saved successfully to "C:\Users\osgoodst\Desktop\MBR.dat"
14:23:39.735 The log file has been saved successfully to "C:\Users\osgoodst\Desktop\aswMBR.txt"


aswMBR version 0.9.9.1649 Copyright© 2011 AVAST Software
Run date: 2012-03-11 13:54:09
-----------------------------
13:54:09.970 OS Version: Windows 6.1.7601 Service Pack 1
13:54:09.970 Number of processors: 4 586 0x2505
13:54:09.970 ComputerName: OSGOODST-HP UserName: osgoodst
13:54:10.984 Initialize success
13:54:16.319 AVAST engine defs: 12031101
13:54:18.612 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
13:54:18.612 Disk 0 Vendor: WDC_WD32 01.0 Size: 305245MB BusType: 3
13:54:18.612 Disk 0 MBR read successfully
13:54:18.612 Disk 0 MBR scan
13:54:18.612 Disk 0 MBR:Alureon-M [Rtk]
13:54:18.612 Disk 0 TDL4@MBR code has been found
13:54:18.628 Disk 0 Windows 7 default MBR code found via API
13:54:18.628 Disk 0 MBR hidden
13:54:18.628 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 300 MB offset 2048
13:54:18.643 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 287533 MB offset 616448
13:54:18.675 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 15360 MB offset 589484032
13:54:18.721 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 2043 MB offset 620941312
13:54:18.721 Disk 0 MBR [TDL4] **ROOTKIT**
13:54:18.737 Disk 0 trace - called modules:
13:54:18.768 ntkrnlpa.exe CLASSPNP.SYS disk.sys hpdskflt.sys halmacpi.dll ACPI.sys >>UNKNOWN [0x86e5e49f]<<
13:54:18.768 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86a3aac8]
13:54:18.784 3 CLASSPNP.SYS[88c7359e] -> nt!IofCallDriver -> [0x86a38020]
13:54:18.784 5 hpdskflt.sys[89bf2f8a] -> nt!IofCallDriver -> [0x85f26700]
13:54:18.784 7 ACPI.sys[88aa83d4] -> nt!IofCallDriver -> \IAAStorageDevice-1[0x85f37028]
13:54:18.831 \Driver\iaStor[0x85153030] -> IRP_MJ_CREATE -> 0x86e5e49f
13:54:19.751 AVAST engine scan C:\windows
13:54:21.763 AVAST engine scan C:\windows\system32
13:56:48.435 AVAST engine scan C:\windows\system32\drivers
13:57:06.578 AVAST engine scan C:\Users\osgoodst
14:16:08.582 File: C:\Users\osgoodst\AppData\Roaming\mshfast.exe **INFECTED** Win32:Crypt-LUQ [Trj]
14:23:39.719 Disk 0 MBR has been saved successfully to "C:\Users\osgoodst\Desktop\MBR.dat"
14:23:39.735 The log file has been saved successfully to "C:\Users\osgoodst\Desktop\aswMBR.txt"
14:26:38.203 Disk 0 MBR has been saved successfully to "C:\Users\osgoodst\Desktop\MBR.dat"
14:26:38.235 The log file has been saved successfully to "C:\Users\osgoodst\Desktop\aswMBR.txt"


aswMBR version 0.9.9.1649 Copyright© 2011 AVAST Software
Run date: 2012-03-11 13:54:09
-----------------------------
13:54:09.970 OS Version: Windows 6.1.7601 Service Pack 1
13:54:09.970 Number of processors: 4 586 0x2505
13:54:09.970 ComputerName: OSGOODST-HP UserName: osgoodst
13:54:10.984 Initialize success
13:54:16.319 AVAST engine defs: 12031101
13:54:18.612 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
13:54:18.612 Disk 0 Vendor: WDC_WD32 01.0 Size: 305245MB BusType: 3
13:54:18.612 Disk 0 MBR read successfully
13:54:18.612 Disk 0 MBR scan
13:54:18.612 Disk 0 MBR:Alureon-M [Rtk]
13:54:18.612 Disk 0 TDL4@MBR code has been found
13:54:18.628 Disk 0 Windows 7 default MBR code found via API
13:54:18.628 Disk 0 MBR hidden
13:54:18.628 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 300 MB offset 2048
13:54:18.643 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 287533 MB offset 616448
13:54:18.675 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 15360 MB offset 589484032
13:54:18.721 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 2043 MB offset 620941312
13:54:18.721 Disk 0 MBR [TDL4] **ROOTKIT**
13:54:18.737 Disk 0 trace - called modules:
13:54:18.768 ntkrnlpa.exe CLASSPNP.SYS disk.sys hpdskflt.sys halmacpi.dll ACPI.sys >>UNKNOWN [0x86e5e49f]<<
13:54:18.768 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86a3aac8]
13:54:18.784 3 CLASSPNP.SYS[88c7359e] -> nt!IofCallDriver -> [0x86a38020]
13:54:18.784 5 hpdskflt.sys[89bf2f8a] -> nt!IofCallDriver -> [0x85f26700]
13:54:18.784 7 ACPI.sys[88aa83d4] -> nt!IofCallDriver -> \IAAStorageDevice-1[0x85f37028]
13:54:18.831 \Driver\iaStor[0x85153030] -> IRP_MJ_CREATE -> 0x86e5e49f
13:54:19.751 AVAST engine scan C:\windows
13:54:21.763 AVAST engine scan C:\windows\system32
13:56:48.435 AVAST engine scan C:\windows\system32\drivers
13:57:06.578 AVAST engine scan C:\Users\osgoodst
14:16:08.582 File: C:\Users\osgoodst\AppData\Roaming\mshfast.exe **INFECTED** Win32:Crypt-LUQ [Trj]
14:23:39.719 Disk 0 MBR has been saved successfully to "C:\Users\osgoodst\Desktop\MBR.dat"
14:23:39.735 The log file has been saved successfully to "C:\Users\osgoodst\Desktop\aswMBR.txt"
14:26:38.203 Disk 0 MBR has been saved successfully to "C:\Users\osgoodst\Desktop\MBR.dat"
14:26:38.235 The log file has been saved successfully to "C:\Users\osgoodst\Desktop\aswMBR.txt"
14:30:06.427 AVAST engine scan C:\ProgramData
14:45:35.631 Scan finished successfully
14:45:45.296 Disk 0 MBR has been saved successfully to "C:\Users\osgoodst\Desktop\MBR.dat"
14:45:45.359 The log file has been saved successfully to "C:\Users\osgoodst\Desktop\aswMBR.txt"


aswMBR version 0.9.9.1649 Copyright© 2011 AVAST Software
Run date: 2012-03-11 13:54:09
-----------------------------
13:54:09.970 OS Version: Windows 6.1.7601 Service Pack 1
13:54:09.970 Number of processors: 4 586 0x2505
13:54:09.970 ComputerName: OSGOODST-HP UserName: osgoodst
13:54:10.984 Initialize success
13:54:16.319 AVAST engine defs: 12031101
13:54:18.612 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
13:54:18.612 Disk 0 Vendor: WDC_WD32 01.0 Size: 305245MB BusType: 3
13:54:18.612 Disk 0 MBR read successfully
13:54:18.612 Disk 0 MBR scan
13:54:18.612 Disk 0 MBR:Alureon-M [Rtk]
13:54:18.612 Disk 0 TDL4@MBR code has been found
13:54:18.628 Disk 0 Windows 7 default MBR code found via API
13:54:18.628 Disk 0 MBR hidden
13:54:18.628 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 300 MB offset 2048
13:54:18.643 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 287533 MB offset 616448
13:54:18.675 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 15360 MB offset 589484032
13:54:18.721 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 2043 MB offset 620941312
13:54:18.721 Disk 0 MBR [TDL4] **ROOTKIT**
13:54:18.737 Disk 0 trace - called modules:
13:54:18.768 ntkrnlpa.exe CLASSPNP.SYS disk.sys hpdskflt.sys halmacpi.dll ACPI.sys >>UNKNOWN [0x86e5e49f]<<
13:54:18.768 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86a3aac8]
13:54:18.784 3 CLASSPNP.SYS[88c7359e] -> nt!IofCallDriver -> [0x86a38020]
13:54:18.784 5 hpdskflt.sys[89bf2f8a] -> nt!IofCallDriver -> [0x85f26700]
13:54:18.784 7 ACPI.sys[88aa83d4] -> nt!IofCallDriver -> \IAAStorageDevice-1[0x85f37028]
13:54:18.831 \Driver\iaStor[0x85153030] -> IRP_MJ_CREATE -> 0x86e5e49f
13:54:19.751 AVAST engine scan C:\windows
13:54:21.763 AVAST engine scan C:\windows\system32
13:56:48.435 AVAST engine scan C:\windows\system32\drivers
13:57:06.578 AVAST engine scan C:\Users\osgoodst
14:16:08.582 File: C:\Users\osgoodst\AppData\Roaming\mshfast.exe **INFECTED** Win32:Crypt-LUQ [Trj]
14:23:39.719 Disk 0 MBR has been saved successfully to "C:\Users\osgoodst\Desktop\MBR.dat"
14:23:39.735 The log file has been saved successfully to "C:\Users\osgoodst\Desktop\aswMBR.txt"
14:26:38.203 Disk 0 MBR has been saved successfully to "C:\Users\osgoodst\Desktop\MBR.dat"
14:26:38.235 The log file has been saved successfully to "C:\Users\osgoodst\Desktop\aswMBR.txt"
14:30:06.427 AVAST engine scan C:\ProgramData
14:45:35.631 Scan finished successfully
14:45:45.296 Disk 0 MBR has been saved successfully to "C:\Users\osgoodst\Desktop\MBR.dat"
14:45:45.359 The log file has been saved successfully to "C:\Users\osgoodst\Desktop\aswMBR.txt"
14:48:10.861 Disk 0 MBR has been saved successfully to "C:\Users\osgoodst\Desktop\MBR.dat"
14:48:10.954 The log file has been saved successfully to "C:\Users\osgoodst\Desktop\aswMBR.txt"

#6 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,658 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:06:26 PM

Posted 11 March 2012 - 03:07 PM

Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#7 meatball656

meatball656
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:26 PM

Posted 12 March 2012 - 07:21 AM

cool it looks like its working; here is the file

17:12:58.0797 3792 TDSS rootkit removing tool 2.7.20.0 Mar 9 2012 17:10:43
17:12:59.0311 3792 ============================================================
17:12:59.0311 3792 Current date / time: 2012/03/11 17:12:59.0311
17:12:59.0311 3792 SystemInfo:
17:12:59.0311 3792
17:12:59.0311 3792 OS Version: 6.1.7601 ServicePack: 1.0
17:12:59.0311 3792 Product type: Workstation
17:12:59.0311 3792 ComputerName: OSGOODST-HP
17:12:59.0311 3792 UserName: osgoodst
17:12:59.0311 3792 Windows directory: C:\windows
17:12:59.0311 3792 System windows directory: C:\windows
17:12:59.0311 3792 Processor architecture: Intel x86
17:12:59.0311 3792 Number of processors: 4
17:12:59.0311 3792 Page size: 0x1000
17:12:59.0311 3792 Boot type: Safe boot with network
17:12:59.0311 3792 ============================================================
17:12:59.0998 3792 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
17:12:59.0998 3792 \Device\Harddisk0\DR0:
17:12:59.0998 3792 MBR used
17:12:59.0998 3792 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x96000
17:12:59.0998 3792 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x96800, BlocksNum 0x23196800
17:12:59.0998 3792 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2322D000, BlocksNum 0x1E00000
17:12:59.0998 3792 \Device\Harddisk0\DR0\Partition3: MBR, Type 0xC, StartLBA 0x2502D000, BlocksNum 0x3FD800
17:13:00.0154 3792 Initialize success
17:13:00.0154 3792 ============================================================
17:13:06.0436 3612 ============================================================
17:13:06.0436 3612 Scan started
17:13:06.0436 3612 Mode: Manual;
17:13:06.0436 3612 ============================================================
17:13:08.0308 3612 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\windows\system32\drivers\1394ohci.sys
17:13:08.0324 3612 1394ohci - ok
17:13:08.0511 3612 Accelerometer (24eeafef2f3031ffe8e4e01b37eaa0b5) C:\windows\system32\DRIVERS\Accelerometer.sys
17:13:08.0511 3612 Accelerometer - ok
17:13:08.0667 3612 ACPI (cea80c80bed809aa0da6febc04733349) C:\windows\system32\drivers\ACPI.sys
17:13:08.0667 3612 ACPI - ok
17:13:08.0729 3612 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\windows\system32\drivers\acpipmi.sys
17:13:08.0729 3612 AcpiPmi - ok
17:13:08.0776 3612 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\windows\system32\DRIVERS\adp94xx.sys
17:13:08.0776 3612 adp94xx - ok
17:13:08.0838 3612 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\windows\system32\DRIVERS\adpahci.sys
17:13:08.0838 3612 adpahci - ok
17:13:08.0854 3612 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\windows\system32\DRIVERS\adpu320.sys
17:13:08.0870 3612 adpu320 - ok
17:13:08.0979 3612 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\windows\system32\drivers\afd.sys
17:13:08.0979 3612 AFD - ok
17:13:09.0041 3612 AgereSoftModem (7e10e3bb9b258ad8a9300f91214d67b9) C:\windows\system32\DRIVERS\AGRSM.sys
17:13:09.0057 3612 AgereSoftModem - ok
17:13:09.0119 3612 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\windows\system32\drivers\agp440.sys
17:13:09.0119 3612 agp440 - ok
17:13:09.0166 3612 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\windows\system32\DRIVERS\djsvs.sys
17:13:09.0166 3612 aic78xx - ok
17:13:09.0197 3612 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\windows\system32\drivers\aliide.sys
17:13:09.0197 3612 aliide - ok
17:13:09.0260 3612 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\windows\system32\drivers\amdagp.sys
17:13:09.0260 3612 amdagp - ok
17:13:09.0322 3612 amdide (cd5914170297126b6266860198d1d4f0) C:\windows\system32\drivers\amdide.sys
17:13:09.0322 3612 amdide - ok
17:13:09.0369 3612 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\windows\system32\DRIVERS\amdk8.sys
17:13:09.0369 3612 AmdK8 - ok
17:13:09.0384 3612 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\windows\system32\DRIVERS\amdppm.sys
17:13:09.0384 3612 AmdPPM - ok
17:13:09.0431 3612 amdsata (d320bf87125326f996d4904fe24300fc) C:\windows\system32\drivers\amdsata.sys
17:13:09.0431 3612 amdsata - ok
17:13:09.0494 3612 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\windows\system32\DRIVERS\amdsbs.sys
17:13:09.0494 3612 amdsbs - ok
17:13:09.0525 3612 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\windows\system32\drivers\amdxata.sys
17:13:09.0525 3612 amdxata - ok
17:13:09.0574 3612 AppID (aea177f783e20150ace5383ee368da19) C:\windows\system32\drivers\appid.sys
17:13:09.0574 3612 AppID - ok
17:13:09.0621 3612 arc (2932004f49677bd84dbc72edb754ffb3) C:\windows\system32\DRIVERS\arc.sys
17:13:09.0621 3612 arc - ok
17:13:09.0652 3612 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\windows\system32\DRIVERS\arcsas.sys
17:13:09.0652 3612 arcsas - ok
17:13:09.0668 3612 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\windows\system32\DRIVERS\asyncmac.sys
17:13:09.0668 3612 AsyncMac - ok
17:13:09.0714 3612 atapi (338c86357871c167a96ab976519bf59e) C:\windows\system32\drivers\atapi.sys
17:13:09.0714 3612 atapi - ok
17:13:09.0808 3612 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\windows\system32\DRIVERS\bxvbdx.sys
17:13:09.0808 3612 b06bdrv - ok
17:13:09.0902 3612 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\windows\system32\DRIVERS\b57nd60x.sys
17:13:09.0917 3612 b57nd60x - ok
17:13:10.0011 3612 Beep (505506526a9d467307b3c393dedaf858) C:\windows\system32\drivers\Beep.sys
17:13:10.0011 3612 Beep - ok
17:13:10.0058 3612 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\windows\system32\DRIVERS\blbdrive.sys
17:13:10.0058 3612 blbdrive - ok
17:13:10.0167 3612 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\windows\system32\DRIVERS\bowser.sys
17:13:10.0167 3612 bowser - ok
17:13:10.0229 3612 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\windows\system32\DRIVERS\BrFiltLo.sys
17:13:10.0229 3612 BrFiltLo - ok
17:13:10.0245 3612 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\windows\system32\DRIVERS\BrFiltUp.sys
17:13:10.0245 3612 BrFiltUp - ok
17:13:10.0292 3612 Brserid (845b8ce732e67f3b4133164868c666ea) C:\windows\System32\Drivers\Brserid.sys
17:13:10.0292 3612 Brserid - ok
17:13:10.0354 3612 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\windows\System32\Drivers\BrSerWdm.sys
17:13:10.0354 3612 BrSerWdm - ok
17:13:10.0385 3612 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\windows\System32\Drivers\BrUsbMdm.sys
17:13:10.0385 3612 BrUsbMdm - ok
17:13:10.0432 3612 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\windows\System32\Drivers\BrUsbSer.sys
17:13:10.0432 3612 BrUsbSer - ok
17:13:10.0448 3612 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\windows\system32\DRIVERS\bthmodem.sys
17:13:10.0448 3612 BTHMODEM - ok
17:13:10.0510 3612 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\windows\system32\DRIVERS\cdfs.sys
17:13:10.0510 3612 cdfs - ok
17:13:10.0526 3612 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\windows\system32\drivers\cdrom.sys
17:13:10.0526 3612 cdrom - ok
17:13:10.0588 3612 cfwids (7fd604cd7a7a0ff8975af61bdf64c577) C:\windows\system32\drivers\cfwids.sys
17:13:10.0588 3612 cfwids - ok
17:13:10.0650 3612 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\windows\system32\DRIVERS\circlass.sys
17:13:10.0650 3612 circlass - ok
17:13:10.0775 3612 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\windows\system32\CLFS.sys
17:13:10.0775 3612 CLFS - ok
17:13:10.0838 3612 CmBatt (dea805815e587dad1dd2c502220b5616) C:\windows\system32\DRIVERS\CmBatt.sys
17:13:10.0853 3612 CmBatt - ok
17:13:10.0947 3612 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\windows\system32\drivers\cmdide.sys
17:13:10.0962 3612 cmdide - ok
17:13:11.0025 3612 CNG (6427525d76f61d0c519b008d3680e8e7) C:\windows\system32\Drivers\cng.sys
17:13:11.0025 3612 CNG - ok
17:13:11.0087 3612 Compbatt (a6023d3823c37043986713f118a89bee) C:\windows\system32\DRIVERS\compbatt.sys
17:13:11.0087 3612 Compbatt - ok
17:13:11.0103 3612 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\windows\system32\drivers\CompositeBus.sys
17:13:11.0103 3612 CompositeBus - ok
17:13:11.0181 3612 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\windows\system32\DRIVERS\crcdisk.sys
17:13:11.0181 3612 crcdisk - ok
17:13:11.0259 3612 DfsC (f024449c97ec1e464aaffda18593db88) C:\windows\system32\Drivers\dfsc.sys
17:13:11.0259 3612 DfsC - ok
17:13:11.0321 3612 discache (1a050b0274bfb3890703d490f330c0da) C:\windows\system32\drivers\discache.sys
17:13:11.0321 3612 discache - ok
17:13:11.0368 3612 Disk (565003f326f99802e68ca78f2a68e9ff) C:\windows\system32\DRIVERS\disk.sys
17:13:11.0368 3612 Disk - ok
17:13:11.0430 3612 Dot4 (b5e479eb83707dd698f66953e922042c) C:\windows\system32\DRIVERS\Dot4.sys
17:13:11.0430 3612 Dot4 - ok
17:13:11.0462 3612 Dot4Print (caefd09b6a6249c53a67d55a9a9fcabf) C:\windows\system32\DRIVERS\Dot4Prt.sys
17:13:11.0462 3612 Dot4Print - ok
17:13:11.0508 3612 dot4usb (cf491ff38d62143203c065260567e2f7) C:\windows\system32\DRIVERS\dot4usb.sys
17:13:11.0524 3612 dot4usb - ok
17:13:11.0586 3612 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\windows\system32\drivers\drmkaud.sys
17:13:11.0586 3612 drmkaud - ok
17:13:11.0664 3612 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\windows\System32\drivers\dxgkrnl.sys
17:13:11.0664 3612 DXGKrnl - ok
17:13:11.0727 3612 e1kexpress (20c70a4226c9a066d2ead0c814083a95) C:\windows\system32\DRIVERS\e1k6232.sys
17:13:11.0727 3612 e1kexpress - ok
17:13:11.0820 3612 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\windows\system32\DRIVERS\evbdx.sys
17:13:11.0883 3612 ebdrv - ok
17:13:11.0930 3612 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\windows\system32\DRIVERS\elxstor.sys
17:13:11.0930 3612 elxstor - ok
17:13:11.0992 3612 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\windows\system32\drivers\errdev.sys
17:13:11.0992 3612 ErrDev - ok
17:13:12.0086 3612 exfat (2dc9108d74081149cc8b651d3a26207f) C:\windows\system32\drivers\exfat.sys
17:13:12.0086 3612 exfat - ok
17:13:12.0132 3612 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\windows\system32\drivers\fastfat.sys
17:13:12.0148 3612 fastfat - ok
17:13:12.0195 3612 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\windows\system32\DRIVERS\fdc.sys
17:13:12.0195 3612 fdc - ok
17:13:12.0210 3612 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\windows\system32\drivers\fileinfo.sys
17:13:12.0210 3612 FileInfo - ok
17:13:12.0257 3612 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\windows\system32\drivers\filetrace.sys
17:13:12.0257 3612 Filetrace - ok
17:13:12.0273 3612 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\windows\system32\DRIVERS\flpydisk.sys
17:13:12.0273 3612 flpydisk - ok
17:13:12.0320 3612 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\windows\system32\drivers\fltmgr.sys
17:13:12.0320 3612 FltMgr - ok
17:13:12.0351 3612 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\windows\system32\drivers\FsDepends.sys
17:13:12.0351 3612 FsDepends - ok
17:13:12.0366 3612 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\windows\system32\drivers\Fs_Rec.sys
17:13:12.0366 3612 Fs_Rec - ok
17:13:12.0444 3612 fvevol (8a73e79089b282100b9393b644cb853b) C:\windows\system32\DRIVERS\fvevol.sys
17:13:12.0444 3612 fvevol - ok
17:13:12.0491 3612 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\windows\system32\DRIVERS\gagp30kx.sys
17:13:12.0491 3612 gagp30kx - ok
17:13:12.0538 3612 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\windows\system32\DRIVERS\GEARAspiWDM.sys
17:13:12.0538 3612 GEARAspiWDM - ok
17:13:12.0569 3612 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\windows\system32\drivers\hcw85cir.sys
17:13:12.0569 3612 hcw85cir - ok
17:13:12.0616 3612 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\windows\system32\drivers\HdAudio.sys
17:13:12.0632 3612 HdAudAddService - ok
17:13:12.0663 3612 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\windows\system32\drivers\HDAudBus.sys
17:13:12.0663 3612 HDAudBus - ok
17:13:12.0678 3612 HECI (a88485dc6a7136c10d9a6c7e38fdfe3c) C:\windows\system32\DRIVERS\HECI.sys
17:13:12.0694 3612 HECI - ok
17:13:12.0694 3612 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\windows\system32\DRIVERS\HidBatt.sys
17:13:12.0710 3612 HidBatt - ok
17:13:12.0741 3612 HidBth (89448f40e6df260c206a193a4683ba78) C:\windows\system32\DRIVERS\hidbth.sys
17:13:12.0741 3612 HidBth - ok
17:13:12.0756 3612 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\windows\system32\DRIVERS\hidir.sys
17:13:12.0756 3612 HidIr - ok
17:13:12.0803 3612 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\windows\system32\drivers\hidusb.sys
17:13:12.0803 3612 HidUsb - ok
17:13:12.0944 3612 hpdskflt (548e6d7d723829998408a9a18a11aa8b) C:\windows\system32\DRIVERS\hpdskflt.sys
17:13:12.0944 3612 hpdskflt - ok
17:13:12.0990 3612 HpqKbFiltr (1210960ff8928950d2a786895b0c424a) C:\windows\system32\DRIVERS\HpqKbFiltr.sys
17:13:12.0990 3612 HpqKbFiltr - ok
17:13:13.0053 3612 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\windows\system32\drivers\HpSAMD.sys
17:13:13.0053 3612 HpSAMD - ok
17:13:13.0162 3612 HTTP (871917b07a141bff43d76d8844d48106) C:\windows\system32\drivers\HTTP.sys
17:13:13.0162 3612 HTTP - ok
17:13:13.0209 3612 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\windows\system32\drivers\hwpolicy.sys
17:13:13.0209 3612 hwpolicy - ok
17:13:13.0224 3612 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\windows\system32\drivers\i8042prt.sys
17:13:13.0224 3612 i8042prt - ok
17:13:13.0271 3612 iaStor (592a0b130ff567a1725f96ad1510d551) C:\windows\system32\DRIVERS\iaStor.sys
17:13:13.0271 3612 iaStor - ok
17:13:13.0302 3612 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\windows\system32\drivers\iaStorV.sys
17:13:13.0302 3612 iaStorV - ok
17:13:13.0552 3612 igfx (24ccec128bebb148e50c6093523ad686) C:\windows\system32\DRIVERS\igdkmd32.sys
17:13:13.0708 3612 igfx - ok
17:13:13.0755 3612 iirsp (4173ff5708f3236cf25195fecd742915) C:\windows\system32\DRIVERS\iirsp.sys
17:13:13.0755 3612 iirsp - ok
17:13:13.0833 3612 Impcd (e3c36ac5ae87ec970ae8ea2a93d59ae1) C:\windows\system32\DRIVERS\Impcd.sys
17:13:13.0833 3612 Impcd - ok
17:13:13.0926 3612 IntcDAud (5576ad2f0039d2bccca3567fc0bf981c) C:\windows\system32\DRIVERS\IntcDAud.sys
17:13:13.0926 3612 IntcDAud - ok
17:13:13.0958 3612 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\windows\system32\drivers\intelide.sys
17:13:13.0958 3612 intelide - ok
17:13:13.0973 3612 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\windows\system32\DRIVERS\intelppm.sys
17:13:13.0989 3612 intelppm - ok
17:13:14.0036 3612 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\windows\system32\DRIVERS\ipfltdrv.sys
17:13:14.0036 3612 IpFilterDriver - ok
17:13:14.0067 3612 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\windows\system32\drivers\IPMIDrv.sys
17:13:14.0067 3612 IPMIDRV - ok
17:13:14.0114 3612 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\windows\system32\drivers\ipnat.sys
17:13:14.0114 3612 IPNAT - ok
17:13:14.0129 3612 IRENUM (42996cff20a3084a56017b7902307e9f) C:\windows\system32\drivers\irenum.sys
17:13:14.0145 3612 IRENUM - ok
17:13:14.0207 3612 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\windows\system32\drivers\isapnp.sys
17:13:14.0207 3612 isapnp - ok
17:13:14.0257 3612 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\windows\system32\drivers\msiscsi.sys
17:13:14.0257 3612 iScsiPrt - ok
17:13:14.0272 3612 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\windows\system32\drivers\kbdclass.sys
17:13:14.0272 3612 kbdclass - ok
17:13:14.0319 3612 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\windows\system32\drivers\kbdhid.sys
17:13:14.0319 3612 kbdhid - ok
17:13:14.0397 3612 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\windows\system32\Drivers\ksecdd.sys
17:13:14.0397 3612 KSecDD - ok
17:13:14.0413 3612 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\windows\system32\Drivers\ksecpkg.sys
17:13:14.0413 3612 KSecPkg - ok
17:13:14.0459 3612 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\windows\system32\DRIVERS\lltdio.sys
17:13:14.0459 3612 lltdio - ok
17:13:14.0522 3612 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\windows\system32\DRIVERS\lsi_fc.sys
17:13:14.0522 3612 LSI_FC - ok
17:13:14.0587 3612 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\windows\system32\DRIVERS\lsi_sas.sys
17:13:14.0587 3612 LSI_SAS - ok
17:13:14.0649 3612 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\windows\system32\DRIVERS\lsi_sas2.sys
17:13:14.0649 3612 LSI_SAS2 - ok
17:13:14.0665 3612 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\windows\system32\DRIVERS\lsi_scsi.sys
17:13:14.0665 3612 LSI_SCSI - ok
17:13:14.0680 3612 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\windows\system32\drivers\luafv.sys
17:13:14.0680 3612 luafv - ok
17:13:14.0743 3612 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\windows\system32\drivers\mbam.sys
17:13:14.0743 3612 MBAMProtector - ok
17:13:14.0836 3612 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\windows\system32\DRIVERS\megasas.sys
17:13:14.0836 3612 megasas - ok
17:13:14.0852 3612 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\windows\system32\DRIVERS\MegaSR.sys
17:13:14.0852 3612 MegaSR - ok
17:13:14.0899 3612 mfeapfk (113445fc6a858ef453cded5b0a0df665) C:\windows\system32\drivers\mfeapfk.sys
17:13:14.0899 3612 mfeapfk - ok
17:13:14.0961 3612 mfeavfk (dbf6e1b388d5c070d438c61adb990c30) C:\windows\system32\drivers\mfeavfk.sys
17:13:14.0961 3612 mfeavfk - ok
17:13:15.0023 3612 mfebopk (a528b15e330edb83ea649be318d841d5) C:\windows\system32\drivers\mfebopk.sys
17:13:15.0039 3612 mfebopk - ok
17:13:15.0055 3612 mfefirek (c7da1b8003c89acedaa13768f7a1c622) C:\windows\system32\drivers\mfefirek.sys
17:13:15.0055 3612 mfefirek - ok
17:13:15.0133 3612 mfehidk (37800fbb68d88e3c3e49bb9c97233e87) C:\windows\system32\drivers\mfehidk.sys
17:13:15.0133 3612 mfehidk - ok
17:13:15.0195 3612 mfenlfk (3a1aa28066785449da570462e0532d0c) C:\windows\system32\DRIVERS\mfenlfk.sys
17:13:15.0195 3612 mfenlfk - ok
17:13:15.0257 3612 mferkdet (47c91e229b129047f0138011ddf9f92f) C:\windows\system32\drivers\mferkdet.sys
17:13:15.0257 3612 mferkdet - ok
17:13:15.0335 3612 mfewfpk (b2baac6bbedda3e26e82db13fa0e5bee) C:\windows\system32\drivers\mfewfpk.sys
17:13:15.0335 3612 mfewfpk - ok
17:13:15.0413 3612 Modem (f001861e5700ee84e2d4e52c712f4964) C:\windows\system32\drivers\modem.sys
17:13:15.0413 3612 Modem - ok
17:13:15.0476 3612 monitor (79d10964de86b292320e9dfe02282a23) C:\windows\system32\DRIVERS\monitor.sys
17:13:15.0476 3612 monitor - ok
17:13:15.0523 3612 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\windows\system32\drivers\mouclass.sys
17:13:15.0523 3612 mouclass - ok
17:13:15.0585 3612 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\windows\system32\DRIVERS\mouhid.sys
17:13:15.0585 3612 mouhid - ok
17:13:15.0603 3612 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\windows\system32\drivers\mountmgr.sys
17:13:15.0603 3612 mountmgr - ok
17:13:15.0681 3612 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\windows\system32\drivers\mpio.sys
17:13:15.0681 3612 mpio - ok
17:13:15.0697 3612 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\windows\system32\drivers\mpsdrv.sys
17:13:15.0712 3612 mpsdrv - ok
17:13:15.0759 3612 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\windows\system32\drivers\mrxdav.sys
17:13:15.0775 3612 MRxDAV - ok
17:13:15.0822 3612 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\windows\system32\DRIVERS\mrxsmb.sys
17:13:15.0837 3612 mrxsmb - ok
17:13:15.0884 3612 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\windows\system32\DRIVERS\mrxsmb10.sys
17:13:15.0884 3612 mrxsmb10 - ok
17:13:15.0931 3612 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\windows\system32\DRIVERS\mrxsmb20.sys
17:13:15.0931 3612 mrxsmb20 - ok
17:13:15.0978 3612 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\windows\system32\drivers\msahci.sys
17:13:15.0978 3612 msahci - ok
17:13:16.0056 3612 msdsm (55055f8ad8be27a64c831322a780a228) C:\windows\system32\drivers\msdsm.sys
17:13:16.0056 3612 msdsm - ok
17:13:16.0071 3612 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\windows\system32\drivers\Msfs.sys
17:13:16.0071 3612 Msfs - ok
17:13:16.0087 3612 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\windows\System32\drivers\mshidkmdf.sys
17:13:16.0087 3612 mshidkmdf - ok
17:13:16.0118 3612 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\windows\system32\drivers\msisadrv.sys
17:13:16.0118 3612 msisadrv - ok
17:13:16.0149 3612 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\windows\system32\drivers\MSKSSRV.sys
17:13:16.0149 3612 MSKSSRV - ok
17:13:16.0196 3612 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\windows\system32\drivers\MSPCLOCK.sys
17:13:16.0196 3612 MSPCLOCK - ok
17:13:16.0212 3612 MSPQM (f456e973590d663b1073e9c463b40932) C:\windows\system32\drivers\MSPQM.sys
17:13:16.0212 3612 MSPQM - ok
17:13:16.0258 3612 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\windows\system32\drivers\MsRPC.sys
17:13:16.0274 3612 MsRPC - ok
17:13:16.0290 3612 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\windows\system32\drivers\mssmbios.sys
17:13:16.0290 3612 mssmbios - ok
17:13:16.0321 3612 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\windows\system32\drivers\MSTEE.sys
17:13:16.0336 3612 MSTEE - ok
17:13:16.0352 3612 MTConfig (33599130f44e1f34631cea241de8ac84) C:\windows\system32\DRIVERS\MTConfig.sys
17:13:16.0352 3612 MTConfig - ok
17:13:16.0399 3612 Mup (159fad02f64e6381758c990f753bcc80) C:\windows\system32\Drivers\mup.sys
17:13:16.0399 3612 Mup - ok
17:13:16.0414 3612 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\windows\system32\DRIVERS\nwifi.sys
17:13:16.0430 3612 NativeWifiP - ok
17:13:16.0492 3612 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\windows\system32\drivers\ndis.sys
17:13:16.0508 3612 NDIS - ok
17:13:16.0555 3612 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\windows\system32\DRIVERS\ndiscap.sys
17:13:16.0555 3612 NdisCap - ok
17:13:16.0586 3612 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\windows\system32\DRIVERS\ndistapi.sys
17:13:16.0586 3612 NdisTapi - ok
17:13:16.0617 3612 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\windows\system32\DRIVERS\ndisuio.sys
17:13:16.0633 3612 Ndisuio - ok
17:13:16.0635 3612 NdisWan (38fbe267e7e6983311179230facb1017) C:\windows\system32\DRIVERS\ndiswan.sys
17:13:16.0651 3612 NdisWan - ok
17:13:16.0713 3612 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\windows\system32\drivers\NDProxy.sys
17:13:16.0729 3612 NDProxy - ok
17:13:16.0807 3612 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\windows\system32\DRIVERS\netbios.sys
17:13:16.0807 3612 NetBIOS - ok
17:13:16.0869 3612 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\windows\system32\DRIVERS\netbt.sys
17:13:16.0869 3612 NetBT - ok
17:13:17.0072 3612 NETw5s32 (3577b851e59da59e6d65419a057c9914) C:\windows\system32\DRIVERS\NETw5s32.sys
17:13:17.0166 3612 NETw5s32 - ok
17:13:17.0337 3612 NETwNs32 (5c979c481981e04919ecbb3b88d54b34) C:\windows\system32\DRIVERS\NETwNs32.sys
17:13:17.0446 3612 NETwNs32 - ok
17:13:17.0478 3612 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\windows\system32\DRIVERS\nfrd960.sys
17:13:17.0478 3612 nfrd960 - ok
17:13:17.0493 3612 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\windows\system32\drivers\Npfs.sys
17:13:17.0493 3612 Npfs - ok
17:13:17.0540 3612 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\windows\system32\drivers\nsiproxy.sys
17:13:17.0540 3612 nsiproxy - ok
17:13:17.0634 3612 Ntfs (81189c3d7763838e55c397759d49007a) C:\windows\system32\drivers\Ntfs.sys
17:13:17.0649 3612 Ntfs - ok
17:13:17.0696 3612 Null (f9756a98d69098dca8945d62858a812c) C:\windows\system32\drivers\Null.sys
17:13:17.0696 3612 Null - ok
17:13:17.0743 3612 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\windows\system32\drivers\nvraid.sys
17:13:17.0758 3612 nvraid - ok
17:13:17.0790 3612 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\windows\system32\drivers\nvstor.sys
17:13:17.0790 3612 nvstor - ok
17:13:17.0836 3612 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\windows\system32\drivers\nv_agp.sys
17:13:17.0836 3612 nv_agp - ok
17:13:17.0868 3612 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\windows\system32\drivers\ohci1394.sys
17:13:17.0868 3612 ohci1394 - ok
17:13:17.0914 3612 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\windows\system32\DRIVERS\parport.sys
17:13:17.0914 3612 Parport - ok
17:13:17.0977 3612 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\windows\system32\drivers\partmgr.sys
17:13:17.0977 3612 partmgr - ok
17:13:18.0008 3612 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\windows\system32\DRIVERS\parvdm.sys
17:13:18.0008 3612 Parvdm - ok
17:13:18.0055 3612 pci (673e55c3498eb970088e812ea820aa8f) C:\windows\system32\drivers\pci.sys
17:13:18.0055 3612 pci - ok
17:13:18.0070 3612 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\windows\system32\drivers\pciide.sys
17:13:18.0070 3612 pciide - ok
17:13:18.0117 3612 pcmcia (f396431b31693e71e8a80687ef523506) C:\windows\system32\DRIVERS\pcmcia.sys
17:13:18.0117 3612 pcmcia - ok
17:13:18.0148 3612 pcw (250f6b43d2b613172035c6747aeeb19f) C:\windows\system32\drivers\pcw.sys
17:13:18.0148 3612 pcw - ok
17:13:18.0211 3612 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\windows\system32\drivers\peauth.sys
17:13:18.0226 3612 PEAUTH - ok
17:13:18.0336 3612 Point32 (420336f91eb745811cf130c80ede0653) C:\windows\system32\DRIVERS\point32.sys
17:13:18.0336 3612 Point32 - ok
17:13:18.0351 3612 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\windows\system32\DRIVERS\raspptp.sys
17:13:18.0367 3612 PptpMiniport - ok
17:13:18.0414 3612 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\windows\system32\DRIVERS\processr.sys
17:13:18.0414 3612 Processor - ok
17:13:18.0460 3612 Psched (6270ccae2a86de6d146529fe55b3246a) C:\windows\system32\DRIVERS\pacer.sys
17:13:18.0460 3612 Psched - ok
17:13:18.0507 3612 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\windows\system32\DRIVERS\ql2300.sys
17:13:18.0538 3612 ql2300 - ok
17:13:18.0554 3612 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\windows\system32\DRIVERS\ql40xx.sys
17:13:18.0554 3612 ql40xx - ok
17:13:18.0570 3612 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\windows\system32\drivers\qwavedrv.sys
17:13:18.0570 3612 QWAVEdrv - ok
17:13:18.0616 3612 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\windows\system32\DRIVERS\rasacd.sys
17:13:18.0616 3612 RasAcd - ok
17:13:18.0679 3612 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\windows\system32\DRIVERS\AgileVpn.sys
17:13:18.0679 3612 RasAgileVpn - ok
17:13:18.0679 3612 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\windows\system32\DRIVERS\rasl2tp.sys
17:13:18.0679 3612 Rasl2tp - ok
17:13:18.0710 3612 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\windows\system32\DRIVERS\raspppoe.sys
17:13:18.0710 3612 RasPppoe - ok
17:13:18.0757 3612 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\windows\system32\DRIVERS\rassstp.sys
17:13:18.0757 3612 RasSstp - ok
17:13:18.0819 3612 rdbss (d528bc58a489409ba40334ebf96a311b) C:\windows\system32\DRIVERS\rdbss.sys
17:13:18.0819 3612 rdbss - ok
17:13:18.0866 3612 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\windows\system32\DRIVERS\rdpbus.sys
17:13:18.0866 3612 rdpbus - ok
17:13:18.0928 3612 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\windows\system32\DRIVERS\RDPCDD.sys
17:13:18.0928 3612 RDPCDD - ok
17:13:19.0038 3612 RDPDR (b973fcfc50dc1434e1970a146f7e3885) C:\windows\system32\drivers\rdpdr.sys
17:13:19.0038 3612 RDPDR - ok
17:13:19.0069 3612 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\windows\system32\drivers\rdpencdd.sys
17:13:19.0069 3612 RDPENCDD - ok
17:13:19.0069 3612 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\windows\system32\drivers\rdprefmp.sys
17:13:19.0084 3612 RDPREFMP - ok
17:13:19.0162 3612 RDPWD (288b06960d78428ff89e811632684e20) C:\windows\system32\drivers\RDPWD.sys
17:13:19.0194 3612 RDPWD - ok
17:13:19.0225 3612 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\windows\system32\drivers\rdyboost.sys
17:13:19.0225 3612 rdyboost - ok
17:13:19.0272 3612 rimmptsk (df672613fbbcd58c38bb0bc2694bcfb0) C:\windows\system32\DRIVERS\rimmptsk.sys
17:13:19.0272 3612 rimmptsk - ok
17:13:19.0287 3612 rimspci (e891f07815af88075705ef6a248711f6) C:\windows\system32\DRIVERS\rimspe86.sys
17:13:19.0287 3612 rimspci - ok
17:13:19.0303 3612 rimsptsk (9bfb54d3559f2ff7301271d29d383564) C:\windows\system32\DRIVERS\rimsptsk.sys
17:13:19.0303 3612 rimsptsk - ok
17:13:19.0365 3612 RimUsb (0f6756ef8bda6dfa7be50465c83132bb) C:\windows\system32\Drivers\RimUsb.sys
17:13:19.0381 3612 RimUsb - ok
17:13:19.0428 3612 risdpcie (d853d35f792a3a44726a794bf9a0bbc3) C:\windows\system32\DRIVERS\risdpe86.sys
17:13:19.0428 3612 risdpcie - ok
17:13:19.0474 3612 rismc32 (470fc46e2989f6606043c1c5365b15fd) C:\windows\system32\DRIVERS\rismc32.sys
17:13:19.0474 3612 rismc32 - ok
17:13:19.0490 3612 rismxdp (dcb87da83cc1010cbc9fc4dc9e395bbc) C:\windows\system32\DRIVERS\rixdptsk.sys
17:13:19.0490 3612 rismxdp - ok
17:13:19.0537 3612 rixdpcie (6a60626412129c713cc30c81870a8095) C:\windows\system32\DRIVERS\rixdpe86.sys
17:13:19.0537 3612 rixdpcie - ok
17:13:19.0552 3612 rspndr (032b0d36ad92b582d869879f5af5b928) C:\windows\system32\DRIVERS\rspndr.sys
17:13:19.0568 3612 rspndr - ok
17:13:19.0615 3612 RsvLock (c44ca55601f0a19a505f10bfefb66cf5) C:\windows\system32\drivers\RsvLock.sys
17:13:19.0615 3612 RsvLock - ok
17:13:19.0677 3612 s3cap (7fa7f2e249a5dcbb7970630e15e1f482) C:\windows\system32\drivers\vms3cap.sys
17:13:19.0677 3612 s3cap - ok
17:13:19.0708 3612 SafeBoot (906c08952889cffe83df15d53da1137c) C:\windows\system32\drivers\SafeBoot.sys
17:13:19.0708 3612 SafeBoot - ok
17:13:19.0755 3612 SbAlg (1ddc99d066d4b704a63287975dec9dd4) C:\windows\system32\drivers\SbAlg.sys
17:13:19.0755 3612 SbAlg - ok
17:13:19.0771 3612 SbFsLock (120eda2066893d0246357d3551f2c6c1) C:\windows\system32\drivers\SbFsLock.sys
17:13:19.0771 3612 SbFsLock - ok
17:13:19.0818 3612 sbp2port (05d860da1040f111503ac416ccef2bca) C:\windows\system32\drivers\sbp2port.sys
17:13:19.0818 3612 sbp2port - ok
17:13:19.0864 3612 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\windows\system32\DRIVERS\scfilter.sys
17:13:19.0864 3612 scfilter - ok
17:13:19.0896 3612 sdbus (0328be1c7f1cba23848179f8762e391c) C:\windows\system32\drivers\sdbus.sys
17:13:19.0911 3612 sdbus - ok
17:13:19.0942 3612 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\drivers\secdrv.sys
17:13:19.0942 3612 secdrv - ok
17:13:19.0989 3612 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\windows\system32\DRIVERS\serenum.sys
17:13:19.0989 3612 Serenum - ok
17:13:20.0052 3612 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\windows\system32\DRIVERS\serial.sys
17:13:20.0067 3612 Serial - ok
17:13:20.0114 3612 sermouse (79bffb520327ff916a582dfea17aa813) C:\windows\system32\DRIVERS\sermouse.sys
17:13:20.0114 3612 sermouse - ok
17:13:20.0145 3612 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\windows\system32\drivers\sffdisk.sys
17:13:20.0145 3612 sffdisk - ok
17:13:20.0161 3612 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\windows\system32\drivers\sffp_mmc.sys
17:13:20.0161 3612 sffp_mmc - ok
17:13:20.0208 3612 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\windows\system32\drivers\sffp_sd.sys
17:13:20.0208 3612 sffp_sd - ok
17:13:20.0223 3612 sfloppy (db96666cc8312ebc45032f30b007a547) C:\windows\system32\DRIVERS\sfloppy.sys
17:13:20.0223 3612 sfloppy - ok
17:13:20.0286 3612 Sftfs (d9b734638dd8dba9d59aad3189cd0fad) C:\windows\system32\DRIVERS\Sftfslh.sys
17:13:20.0301 3612 Sftfs - ok
17:13:20.0410 3612 Sftplay (2f61bd46c0bff4eb36e1e359ca17bfc5) C:\windows\system32\DRIVERS\Sftplaylh.sys
17:13:20.0410 3612 Sftplay - ok
17:13:20.0457 3612 Sftredir (518bac0179f94304f422696b47c0ec12) C:\windows\system32\DRIVERS\Sftredirlh.sys
17:13:20.0457 3612 Sftredir - ok
17:13:20.0473 3612 Sftvol (747325236d88b3f05ffd27ff9ec711c5) C:\windows\system32\DRIVERS\Sftvollh.sys
17:13:20.0473 3612 Sftvol - ok
17:13:20.0566 3612 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\windows\system32\drivers\sisagp.sys
17:13:20.0566 3612 sisagp - ok
17:13:20.0613 3612 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\windows\system32\DRIVERS\SiSRaid2.sys
17:13:20.0613 3612 SiSRaid2 - ok
17:13:20.0629 3612 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\windows\system32\DRIVERS\sisraid4.sys
17:13:20.0629 3612 SiSRaid4 - ok
17:13:20.0681 3612 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\windows\system32\DRIVERS\smb.sys
17:13:20.0681 3612 Smb - ok
17:13:20.0759 3612 SNP2UVC (67e598beee2f301c5df348578cda08ae) C:\windows\system32\DRIVERS\snp2uvc.sys
17:13:20.0774 3612 SNP2UVC - ok
17:13:20.0821 3612 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\windows\system32\drivers\spldr.sys
17:13:20.0821 3612 spldr - ok
17:13:20.0868 3612 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\windows\system32\DRIVERS\srv.sys
17:13:20.0868 3612 srv - ok
17:13:20.0883 3612 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\windows\system32\DRIVERS\srv2.sys
17:13:20.0899 3612 srv2 - ok
17:13:20.0915 3612 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\windows\system32\DRIVERS\srvnet.sys
17:13:20.0915 3612 srvnet - ok
17:13:20.0961 3612 stexstor (db32d325c192b801df274bfd12a7e72b) C:\windows\system32\DRIVERS\stexstor.sys
17:13:20.0961 3612 stexstor - ok
17:13:20.0993 3612 STHDA (b205de6202b6a019403cf6395d047ca8) C:\windows\system32\DRIVERS\stwrt.sys
17:13:21.0008 3612 STHDA - ok
17:13:21.0055 3612 storflt (472af0311073dceceaa8fa18ba2bdf89) C:\windows\system32\drivers\vmstorfl.sys
17:13:21.0055 3612 storflt - ok
17:13:21.0117 3612 storvsc (dcaffd62259e0bdb433dd67b5bb37619) C:\windows\system32\drivers\storvsc.sys
17:13:21.0117 3612 storvsc - ok
17:13:21.0195 3612 swenum (e58c78a848add9610a4db6d214af5224) C:\windows\system32\drivers\swenum.sys
17:13:21.0195 3612 swenum - ok
17:13:21.0211 3612 SynTP (215a45246c6e2d0a9c263ce1786c8d8a) C:\windows\system32\DRIVERS\SynTP.sys
17:13:21.0211 3612 SynTP - ok
17:13:21.0336 3612 Tcpip (65d10b191c59c5501a1263fc33f6894b) C:\windows\system32\drivers\tcpip.sys
17:13:21.0351 3612 Tcpip - ok
17:13:21.0398 3612 TCPIP6 (65d10b191c59c5501a1263fc33f6894b) C:\windows\system32\DRIVERS\tcpip.sys
17:13:21.0398 3612 TCPIP6 - ok
17:13:21.0445 3612 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\windows\system32\drivers\tcpipreg.sys
17:13:21.0445 3612 tcpipreg - ok
17:13:21.0507 3612 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\windows\system32\drivers\tdpipe.sys
17:13:21.0507 3612 TDPIPE - ok
17:13:21.0539 3612 TDTCP (2c10395baa4847f83042813c515cc289) C:\windows\system32\drivers\tdtcp.sys
17:13:21.0539 3612 TDTCP - ok
17:13:21.0601 3612 tdx (b459575348c20e8121d6039da063c704) C:\windows\system32\DRIVERS\tdx.sys
17:13:21.0601 3612 tdx - ok
17:13:21.0648 3612 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\windows\system32\drivers\termdd.sys
17:13:21.0648 3612 TermDD - ok
17:13:21.0682 3612 TPM (5ad05191dc8b444a7ba4d79b76c42a30) C:\windows\system32\drivers\tpm.sys
17:13:21.0682 3612 TPM - ok
17:13:21.0728 3612 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\windows\system32\DRIVERS\tssecsrv.sys
17:13:21.0728 3612 tssecsrv - ok
17:13:21.0791 3612 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\windows\system32\drivers\tsusbflt.sys
17:13:21.0791 3612 TsUsbFlt - ok
17:13:21.0869 3612 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\windows\system32\DRIVERS\tunnel.sys
17:13:21.0869 3612 tunnel - ok
17:13:21.0916 3612 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\windows\system32\DRIVERS\uagp35.sys
17:13:21.0916 3612 uagp35 - ok
17:13:21.0978 3612 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\windows\system32\DRIVERS\udfs.sys
17:13:21.0978 3612 udfs - ok
17:13:22.0009 3612 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\windows\system32\drivers\uliagpkx.sys
17:13:22.0009 3612 uliagpkx - ok
17:13:22.0056 3612 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\windows\system32\drivers\umbus.sys
17:13:22.0056 3612 umbus - ok
17:13:22.0072 3612 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\windows\system32\DRIVERS\umpass.sys
17:13:22.0087 3612 UmPass - ok
17:13:22.0134 3612 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\windows\system32\DRIVERS\usbccgp.sys
17:13:22.0134 3612 usbccgp - ok
17:13:22.0165 3612 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\windows\system32\drivers\usbcir.sys
17:13:22.0165 3612 usbcir - ok
17:13:22.0212 3612 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\windows\system32\drivers\usbehci.sys
17:13:22.0212 3612 usbehci - ok
17:13:22.0259 3612 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\windows\system32\DRIVERS\usbhub.sys
17:13:22.0274 3612 usbhub - ok
17:13:22.0290 3612 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\windows\system32\drivers\usbohci.sys
17:13:22.0290 3612 usbohci - ok
17:13:22.0337 3612 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\windows\system32\DRIVERS\usbprint.sys
17:13:22.0337 3612 usbprint - ok
17:13:22.0352 3612 USBSTOR (f991ab9cc6b908db552166768176896a) C:\windows\system32\DRIVERS\USBSTOR.SYS
17:13:22.0352 3612 USBSTOR - ok
17:13:22.0399 3612 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\windows\system32\drivers\usbuhci.sys
17:13:22.0399 3612 usbuhci - ok
17:13:22.0430 3612 usbvideo (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\windows\system32\Drivers\usbvideo.sys
17:13:22.0446 3612 usbvideo - ok
17:13:22.0493 3612 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\windows\system32\drivers\vdrvroot.sys
17:13:22.0493 3612 vdrvroot - ok
17:13:22.0571 3612 vga (17c408214ea61696cec9c66e388b14f3) C:\windows\system32\DRIVERS\vgapnp.sys
17:13:22.0571 3612 vga - ok
17:13:22.0602 3612 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\windows\System32\drivers\vga.sys
17:13:22.0618 3612 VgaSave - ok
17:13:22.0633 3612 vhdmp (5461686cca2fda57b024547733ab42e3) C:\windows\system32\drivers\vhdmp.sys
17:13:22.0633 3612 vhdmp - ok
17:13:22.0680 3612 viaagp (c829317a37b4bea8f39735d4b076e923) C:\windows\system32\drivers\viaagp.sys
17:13:22.0680 3612 viaagp - ok
17:13:22.0714 3612 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\windows\system32\DRIVERS\viac7.sys
17:13:22.0714 3612 ViaC7 - ok
17:13:22.0760 3612 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\windows\system32\drivers\viaide.sys
17:13:22.0760 3612 viaide - ok
17:13:22.0823 3612 vmbus (c2f2911156fdc7817c52829c86da494e) C:\windows\system32\drivers\vmbus.sys
17:13:22.0823 3612 vmbus - ok
17:13:22.0885 3612 VMBusHID (d4d77455211e204f370d08f4963063ce) C:\windows\system32\drivers\VMBusHID.sys
17:13:22.0885 3612 VMBusHID - ok
17:13:22.0901 3612 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\windows\system32\drivers\volmgr.sys
17:13:22.0901 3612 volmgr - ok
17:13:22.0948 3612 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\windows\system32\drivers\volmgrx.sys
17:13:22.0948 3612 volmgrx - ok
17:13:22.0979 3612 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\windows\system32\drivers\volsnap.sys
17:13:22.0979 3612 volsnap - ok
17:13:23.0026 3612 vpcbus (b26536add1d748cda104d856c979ae79) C:\windows\system32\DRIVERS\vpchbus.sys
17:13:23.0026 3612 vpcbus - ok
17:13:23.0104 3612 vpcnfltr (a0f7e923a6261760130f22b85df9040e) C:\windows\system32\DRIVERS\vpcnfltr.sys
17:13:23.0104 3612 vpcnfltr - ok
17:13:23.0119 3612 vpcusb (5f4b55e91ce7e2523c9e1e0ece858869) C:\windows\system32\DRIVERS\vpcusb.sys
17:13:23.0119 3612 vpcusb - ok
17:13:23.0182 3612 vpcvmm (b487191fe18d6863381a1ac55482469a) C:\windows\system32\drivers\vpcvmm.sys
17:13:23.0182 3612 vpcvmm - ok
17:13:23.0228 3612 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\windows\system32\DRIVERS\vsmraid.sys
17:13:23.0228 3612 vsmraid - ok
17:13:23.0244 3612 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\windows\system32\DRIVERS\vwifibus.sys
17:13:23.0244 3612 vwifibus - ok
17:13:23.0306 3612 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\windows\system32\DRIVERS\vwififlt.sys
17:13:23.0306 3612 vwififlt - ok
17:13:23.0353 3612 WacomPen (de3721e89c653aa281428c8a69745d90) C:\windows\system32\DRIVERS\wacompen.sys
17:13:23.0353 3612 WacomPen - ok
17:13:23.0369 3612 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\windows\system32\DRIVERS\wanarp.sys
17:13:23.0369 3612 WANARP - ok
17:13:23.0384 3612 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\windows\system32\DRIVERS\wanarp.sys
17:13:23.0384 3612 Wanarpv6 - ok
17:13:23.0447 3612 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\windows\system32\DRIVERS\wd.sys
17:13:23.0462 3612 Wd - ok
17:13:23.0525 3612 WDC_SAM (d6efaf429fd30c5df613d220e344cce7) C:\windows\system32\DRIVERS\wdcsam.sys
17:13:23.0525 3612 WDC_SAM - ok
17:13:23.0540 3612 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\windows\system32\drivers\Wdf01000.sys
17:13:23.0556 3612 Wdf01000 - ok
17:13:23.0603 3612 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\windows\system32\DRIVERS\wfplwf.sys
17:13:23.0603 3612 WfpLwf - ok
17:13:23.0618 3612 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\windows\system32\drivers\wimmount.sys
17:13:23.0618 3612 WIMMount - ok
17:13:23.0730 3612 WinUSB (a67e5f9a400f3bd1be3d80613b45f708) C:\windows\system32\DRIVERS\WinUSB.sys
17:13:23.0730 3612 WinUSB - ok
17:13:23.0761 3612 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\windows\system32\drivers\wmiacpi.sys
17:13:23.0761 3612 WmiAcpi - ok
17:13:23.0824 3612 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\windows\system32\drivers\ws2ifsl.sys
17:13:23.0824 3612 ws2ifsl - ok
17:13:23.0933 3612 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\windows\system32\drivers\WudfPf.sys
17:13:23.0933 3612 WudfPf - ok
17:13:23.0995 3612 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\windows\system32\DRIVERS\WUDFRd.sys
17:13:23.0995 3612 WUDFRd - ok
17:13:24.0011 3612 MBR (0x1B8) (0f84f2562620c40d8a3e1908c8075675) \Device\Harddisk0\DR0
17:13:24.0042 3612 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - infected
17:13:24.0042 3612 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.b (0)
17:13:24.0073 3612 Boot (0x1200) (c0fa0521d5f7f1cc5440bd7c89909540) \Device\Harddisk0\DR0\Partition0
17:13:24.0073 3612 \Device\Harddisk0\DR0\Partition0 - ok
17:13:24.0089 3612 Boot (0x1200) (4268671fd223346b3f47ad4ff850fc5a) \Device\Harddisk0\DR0\Partition1
17:13:24.0089 3612 \Device\Harddisk0\DR0\Partition1 - ok
17:13:24.0136 3612 Boot (0x1200) (67726fb3b334578fda9d1c358c25ebe5) \Device\Harddisk0\DR0\Partition2
17:13:24.0136 3612 \Device\Harddisk0\DR0\Partition2 - ok
17:13:24.0151 3612 Boot (0x1200) (fb3aa84eb65ff69e1b1ff04033cc38c3) \Device\Harddisk0\DR0\Partition3
17:13:24.0151 3612 \Device\Harddisk0\DR0\Partition3 - ok
17:13:24.0167 3612 ============================================================
17:13:24.0167 3612 Scan finished
17:13:24.0167 3612 ============================================================
17:13:24.0183 2832 Detected object count: 1
17:13:24.0183 2832 Actual detected object count: 1
17:14:05.0137 2832 \Device\Harddisk0\DR0\# - copied to quarantine
17:14:05.0153 2832 \Device\Harddisk0\DR0 - copied to quarantine
17:14:05.0168 2832 \Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine
17:14:05.0184 2832 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
17:14:05.0184 2832 \Device\Harddisk0\DR0\TDLFS\phx.dll - copied to quarantine
17:14:05.0184 2832 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine
17:14:05.0184 2832 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine
17:14:05.0199 2832 \Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine
17:14:05.0215 2832 \Device\Harddisk0\DR0\TDLFS\phdx - copied to quarantine
17:14:05.0215 2832 \Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine
17:14:05.0215 2832 \Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine
17:14:05.0215 2832 \Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine
17:14:05.0215 2832 \Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine
17:14:05.0231 2832 \Device\Harddisk0\DR0\TDLFS\phlx - copied to quarantine
17:14:05.0246 2832 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - will be cured on reboot
17:14:05.0246 2832 \Device\Harddisk0\DR0 - ok
17:14:09.0224 2832 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - User select action: Cure
17:15:14.0225 2492 Deinitialize success

#8 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,658 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:06:26 PM

Posted 12 March 2012 - 08:11 PM

Good :)

Please post new aswMBR log.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users