Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

system fault


  • Please log in to reply
15 replies to this topic

#1 labviking

labviking

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:39 AM

Posted 25 April 2012 - 12:48 PM

My computer keeps popping up this message about a minute after start up..."system message - write fault error" with about 20 pop up boxes alert me with this message and tell me to to scan my hard drive.

Here is a log from Malwarebytes that I ran today and then I shutdown the computer.

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.04.25.10

Windows 7 Service Pack 1 x64 NTFS (Safe Mode/Networking)
Internet Explorer 9.0.8112.16421
Owner :: OWNER-PC [administrator]

4/25/2012 7:46:45 PM
mbam-log-2012-04-25 (19-46-45).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 347073
Time elapsed: 24 minute(s), 51 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|yfhMbjrqVgr.exe (Trojan.Agent) -> Data: "C:\ProgramData\yfhMbjrqVgr.exe" -> Quarantined and deleted successfully.

Registry Data Items Detected: 2
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowMyComputer (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and repaired successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowSearch (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and repaired successfully.

Folders Detected: 0
(No malicious items detected)

Files Detected: 2
C:\ProgramData\yfhMbjrqVgr.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\6058020c-2657a1ba (Trojan.FakeAlert) -> Quarantined and deleted successfully.

(end)

Edited by labviking, 25 April 2012 - 09:20 PM.
Moved from Virus, Trojan, Spyware, and Malware Removal Logs ~Budapest


BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,738 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:09:39 AM

Posted 26 April 2012 - 11:38 AM

Welcome aboard Posted Image

Download Security Check from HERE, and save it to your Desktop.

* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.

=============================================================================

Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

====================================================================================

Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (do NOT change any settings here)
  • List Users, Partitions and Memory size
Click Go and post the result.

=============================================================================

Download Malwarebytes' Anti-Malware (aka MBAM): https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/ to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

=============================================================================

Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
Click the "Scan" button to start scan.
On completion of the scan click "Save log", save it to your desktop and post in your next reply.

NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#3 labviking

labviking
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:39 AM

Posted 26 April 2012 - 09:29 PM

Thank you! Thank you! Thank you for your help!

SecurityCheck

Results of screen317's Security Check version 0.99.24
Windows 7 x64 (UAC is enabled)
Internet Explorer 9
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Enabled!
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

Java™ 6 Update 30
Mozilla Firefox (x86 en-US..)
````````````````````````````````
Process Check:
objlist.exe by Laurent

Webroot Security current plugins\antimalware\AEI.exe
``````````End of Log````````````

#4 labviking

labviking
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:39 AM

Posted 26 April 2012 - 09:31 PM

FSS

Farbar Service Scanner Version: 24-04-2012
Ran by Owner (administrator) on 26-04-2012 at 20:28:00
Running from "C:\Users\Owner\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#5 labviking

labviking
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:39 AM

Posted 26 April 2012 - 09:34 PM

MiniToolBox result

MiniToolBox by Farbar Version: 18-01-2012
Ran by Owner (administrator) on 26-04-2012 at 20:30:00
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Intel® Centrino® Wireless-N 6150 = Wireless Network Connection (Connected)
Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Media disconnected)
Intel® Centrino® WiMAX 6150 = Local Area Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Owner-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® Centrino® WiMAX 6150
Physical Address. . . . . . . . . : 64-D4-DA-61-75-35
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 3:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
Physical Address. . . . . . . . . : 40-25-C2-6C-55-B5
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 40-25-C2-6C-55-B5
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® Centrino® Wireless-N 6150
Physical Address. . . . . . . . . : 40-25-C2-6C-55-B4
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::e034:d9e8:274f:760e%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.4(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Thursday, April 26, 2012 8:23:12 PM
Lease Expires . . . . . . . . . . : Friday, April 27, 2012 8:23:12 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 322971074
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-F4-7F-EA-F0-DE-F1-81-65-9B
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : F0-DE-F1-81-65-9B
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{8D56B84E-E7E2-40F6-AA8B-5B8A97493E8B}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:c40:2508:3f57:fefb(Preferred)
Link-local IPv6 Address . . . . . : fe80::c40:2508:3f57:fefb%16(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: UnKnown
Address: 192.168.1.1

Name: google.com
Addresses: 74.125.228.101
74.125.228.104
74.125.228.102
74.125.228.103
74.125.228.96
74.125.228.98
74.125.228.105
74.125.228.100
74.125.228.97
74.125.228.110
74.125.228.99


Pinging google.com [72.14.204.113] with 32 bytes of data:
Reply from 72.14.204.113: bytes=32 time=212ms TTL=52
Reply from 72.14.204.113: bytes=32 time=203ms TTL=52

Ping statistics for 72.14.204.113:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 203ms, Maximum = 212ms, Average = 207ms
Server: UnKnown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 209.191.122.70
72.30.38.140
98.139.183.24


Pinging yahoo.com [209.191.122.70] with 32 bytes of data:
Reply from 209.191.122.70: bytes=32 time=256ms TTL=45
Reply from 209.191.122.70: bytes=32 time=180ms TTL=45

Ping statistics for 209.191.122.70:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 180ms, Maximum = 256ms, Average = 218ms
Server: UnKnown
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
15...64 d4 da 61 75 35 ......Intel® Centrino® WiMAX 6150
14...40 25 c2 6c 55 b5 ......Microsoft Virtual WiFi Miniport Adapter #2
13...40 25 c2 6c 55 b5 ......Microsoft Virtual WiFi Miniport Adapter
12...40 25 c2 6c 55 b4 ......Intel® Centrino® Wireless-N 6150
11...f0 de f1 81 65 9b ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
16...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.4 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.4 281
192.168.1.4 255.255.255.255 On-link 192.168.1.4 281
192.168.1.255 255.255.255.255 On-link 192.168.1.4 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.4 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.4 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
16 58 ::/0 On-link
1 306 ::1/128 On-link
16 58 2001::/32 On-link
16 306 2001:0:4137:9e76:c40:2508:3f57:fefb/128
On-link
12 281 fe80::/64 On-link
16 306 fe80::/64 On-link
16 306 fe80::c40:2508:3f57:fefb/128
On-link
12 281 fe80::e034:d9e8:274f:760e/128
On-link
1 306 ff00::/8 On-link
16 306 ff00::/8 On-link
12 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 10 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (04/26/2012 08:23:07 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/25/2012 07:41:48 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/25/2012 07:38:55 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/25/2012 07:33:51 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/25/2012 07:21:05 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/25/2012 07:18:55 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/25/2012 07:16:38 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/25/2012 04:47:47 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1814463

Error: (04/25/2012 04:47:47 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1814463

Error: (04/25/2012 04:47:47 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (04/26/2012 08:24:06 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (04/26/2012 08:24:06 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (04/26/2012 08:24:05 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (04/26/2012 08:24:05 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (04/25/2012 07:40:53 PM) (Source: DCOM) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (04/25/2012 07:40:52 PM) (Source: DCOM) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (04/25/2012 07:40:35 PM) (Source: DCOM) (User: )
Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (04/25/2012 07:40:29 PM) (Source: DCOM) (User: )
Description: 1084ShellHWDetection{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (04/25/2012 07:40:26 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: SYSTEM)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\windows\System32\IWMSSvc.dll
Error Code: 21

Error: (04/25/2012 07:40:25 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
BPntDrv
discache
EgisTecFF
mwlPSDFilter
mwlPSDNServ
mwlPSDVDisk
spldr
Wanarpv6


Microsoft Office Sessions:
=========================
Error: (04/26/2012 08:23:07 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/25/2012 07:41:48 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/25/2012 07:38:55 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/25/2012 07:33:51 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/25/2012 07:21:05 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/25/2012 07:18:55 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/25/2012 07:16:38 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/25/2012 04:47:47 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1814463

Error: (04/25/2012 04:47:47 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1814463

Error: (04/25/2012 04:47:47 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second


=========================== Installed Programs ============================

Active Protection System (Version: 1.70.11)
Adobe Flash Player 10 ActiveX (Version: 10.1.53.64)
Adobe Flash Player 11 Plugin 64-bit (Version: 11.1.102.63)
Adobe Reader 9.5.0 (Version: 9.5.0)
Adobe Shockwave Player 11.6 (Version: 11.6.4.634)
Apple Application Support (Version: 2.1.6)
Apple Mobile Device Support (Version: 4.0.0.97)
Apple Software Update (Version: 2.1.3.127)
Best Buy pc app (Version: 3.2.0.0)
BioExcess (Version: 7.0.67.0)
Bonjour (Version: 3.0.0.10)
Cisco NAC Agent (Version: 4.7.5.5)
CyberLink YouCam (Version: 3.1.3623)
D3DX10 (Version: 15.4.2368.0902)
EgisTec ES603 WDM Driver (Version: 3.0.10.4)
Energy Management (Version: 6.0.2.1)
EPSON Printer Software
Google Chrome (Version: 18.0.1025.162)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.3.2710.138)
Google Update Helper (Version: 1.3.21.111)
Intel PROSet Wireless
Intel® Control Center (Version: 1.2.1.1007)
Intel® Management Engine Components (Version: 7.0.0.1144)
Intel® Processor Graphics (Version: 8.15.10.2342)
Intel® PROSet/Wireless WiFi Software (Version: 14.00.0000)
Intel® Rapid Storage Technology (Version: 10.1.5.1001)
Intel® Wireless Display
Intel® Wireless Display (Version: 2.0.27.0)
Intel® PROSet/Wireless WiMAX Software (Version: 6.05.0000)
iTunes (Version: 10.5.2.11)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 30 (Version: 6.0.300)
Junk Mail filter update (Version: 15.4.3502.0922)
Lenovo EasyCamera (Version: 13.10.1201.1)
Lenovo EE Boot Optimizer (Version: 0.0.1.6)
Lenovo OneKey Recovery (Version: 7.0.1628)
Lenovo Security Suite (Version: 2.0.11.0)
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - English (Version: 14.0.4763.1000)
Microsoft PowerPoint Viewer (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 4.1.10111.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Mobile Broadband Generic Drivers (Version: 2.03.09.005.14)
Mozilla Firefox 11.0 (x86 en-US) (Version: 11.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
OpenOffice.org 3.3 (Version: 3.3.9567)
Port Locker (Version: 1.0.5.24)
Power2Go (Version: 5.6.0.7303)
Realtek Ethernet Controller Driver For Windows 7 (Version: 7.21.531.2010)
Realtek High Definition Audio Driver (Version: 6.0.1.6282)
Realtek USB 2.0 Reader Driver (Version: 6.1.7600.10008)
SHARP MX/DX Series PCL/PS Printer Driver (Version: 1.00.000)
swMSM (Version: 12.0.0.1)
Synaptics Pointing Device Driver (Version: 15.2.7.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
VeriFace (Version: 4.0.0.1224)
Verizon Wireless MiFi-2200 Firmware Updates (Version: 1.0.3)
VZAccess Manager (Version: 7.3.5.1)
Webroot Software (Version: 7.0.6.38)
Windows Driver Package - Lenovo (ACPIVPC) System (12/02/2010 6.1.0.1) (Version: 12/02/2010 6.1.0.1)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3508.1109)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Wizard101 (Version: 1.0.0)

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 26%
Total physical RAM: 6058.17 MB
Available physical RAM: 4457.36 MB
Total Pagefile: 12114.54 MB
Available Pagefile: 10472.02 MB
Total Virtual: 4095.88 MB
Available Virtual: 3973.11 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:654.69 GB) (Free:610.83 GB) NTFS
2 Drive d: (LENOVO) (Fixed) (Total:29 GB) (Free:26.24 GB) NTFS
3 Drive e: (LEXAR MEDIA) (Removable) (Total:0.97 GB) (Free:0.62 GB) FAT

========================= Users: ========================================

User accounts for \\OWNER-PC

Administrator Guest kids
Owner


**** End of log ****

#6 labviking

labviking
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:39 AM

Posted 26 April 2012 - 09:37 PM

Results of the Quick Scan and Full Scan
Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.04.27.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Owner :: OWNER-PC [administrator]

4/26/2012 8:37:06 PM
mbam-log-2012-04-26 (20-37-06).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 220363
Time elapsed: 2 minute(s), 25 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.04.27.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Owner :: OWNER-PC [administrator]

4/26/2012 8:41:50 PM
mbam-log-2012-04-26 (20-41-50).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 348044
Time elapsed: 32 minute(s), 29 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#7 labviking

labviking
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:39 AM

Posted 26 April 2012 - 09:39 PM

aswMBR had a problem ...

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-04-26 21:16:21
-----------------------------
21:16:21.585 OS Version: Windows x64 6.1.7601 Service Pack 1
21:16:21.585 Number of processors: 4 586 0x2A07
21:16:21.585 ComputerName: OWNER-PC UserName: Owner
21:16:22.927 Initialize success
21:16:22.958 write error "ashBase.dll". Access is denied.
21:18:34.419 The log file has been saved successfully to "E:\aswMBR.txt"

#8 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,738 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:09:39 AM

Posted 26 April 2012 - 09:48 PM

Download Bootkit Remover to your desktop.

  • Unzip downloaded file to your Desktop.
  • Double-click on boot_cleaner.exe to run the program (Vista/7 users,right click on boot_cleaner.exe and click Run As Administrator).
  • It will show a Black screen with some data on it.
  • Right click on the screen and click Select All.
  • Press CTRL+C
  • Open a Notepad and press CTRL+V
  • Post the output back here.

==========================================================================

Please download GMER from one of the following locations and save it to your desktop:
  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.

    Posted Image
  • GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and be sure to re-enable your anti-virus, Firewall and any other security programs you had disabled.

IMPORTANT! If for some reason GMER refuses to run, try again.
If it still fails, try to UN-check "Devices" in right pane.
If still no joy, try to run it from Safe Mode.

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#9 labviking

labviking
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:39 AM

Posted 27 April 2012 - 08:38 AM

Bootkit Remover
© 2009 Esage Lab
www.esagelab.com

Program version: 1.2.0.1
OS Version: Microsoft Windows 7 Home Premium Edition Service Pack 1 (build 7601)
, 64-bit

System volume is \\.\C:
\\.\C: -> \\.\PhysicalDrive0 at offset 0x00000000`0c900000

Size Device Name MBR Status
--------------------------------------------
698 GB \\.\PhysicalDrive0 Controlled by rootkit!

Boot code on some of your physical disks is hidden by a rootkit.
To disinfect the master boot sector, use the following command:
remover.exe fix <device_name>
To inspect the boot code manually, dump the master boot sector:
remover.exe dump <device_name> [output_file]


Done;
Press any key to quit...

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-04-27 08:26:12
Windows 6.1.7601 Service Pack 1
Running: 9jg1rt2u.exe


---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0c6076fc1a13
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0c6076fc1a13 (not active ControlSet)

---- EOF - GMER 1.0.15 ----

#10 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,738 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:09:39 AM

Posted 27 April 2012 - 10:58 AM

Please download and run ListParts by Farbar (for 32-bit system) to your desktop.

Please download and run ListParts64 by Farbar (for 64-bit system) to your desktop.

Click on Scan button.

Scan result will open in Notepad.
Post it in your next reply.

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#11 labviking

labviking
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:39 AM

Posted 27 April 2012 - 11:33 AM

ListParts by Farbar Version: 12-03-2012 03
Ran by Owner (administrator) on 27-04-2012 at 11:27:33
Windows 7 (X64)
Running From: C:\Users\Owner\Desktop
Language: 0409
************************************************************

========================= Memory info ======================

Percentage of memory in use: 23%
Total physical RAM: 6058.17 MB
Available physical RAM: 4647.48 MB
Total Pagefile: 12114.54 MB
Available Pagefile: 10412.29 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

======================= Partitions =========================

1 Drive c: () (Fixed) (Total:654.69 GB) (Free:610.15 GB) NTFS
2 Drive d: (LENOVO) (Fixed) (Total:29 GB) (Free:26.24 GB) NTFS
3 Drive e: (LEXAR MEDIA) (Removable) (Total:0.97 GB) (Free:0.62 GB) FAT

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 698 GB 1024 KB
Disk 1 Online 989 MB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 200 MB 1024 KB
Partition 2 Primary 654 GB 201 MB
Partition 0 Extended 29 GB 654 GB
Partition 4 Logical 29 GB 654 GB
Partition 3 OEM 14 GB 683 GB

======================================================================================================

Disk: 0
Partition 1
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 NTFS Partition 200 MB Healthy System (partition with boot components)

======================================================================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C NTFS Partition 654 GB Healthy Boot

======================================================================================================

Disk: 0
Partition 4
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 D LENOVO NTFS Partition 29 GB Healthy

======================================================================================================

Disk: 0
Partition 3
Type : 12
Hidden: Yes
Active: No

There is no volume associated with this partition.

======================================================================================================

Partitions of Disk 1:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 989 MB 16 KB

======================================================================================================

Disk: 1
Partition 1
Type : 04
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 E LEXAR MEDIA FAT Removable 989 MB Healthy

======================================================================================================

****** End Of Log ******

#12 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,738 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:09:39 AM

Posted 27 April 2012 - 11:58 AM

Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#13 labviking

labviking
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:39 AM

Posted 27 April 2012 - 12:30 PM

12:25:40.0673 4268 TDSS rootkit removing tool 2.7.33.0 Apr 24 2012 18:43:43
12:25:40.0689 4268 ============================================================
12:25:40.0689 4268 Current date / time: 2012/04/27 12:25:40.0689
12:25:40.0689 4268 SystemInfo:
12:25:40.0689 4268
12:25:40.0689 4268 OS Version: 6.1.7601 ServicePack: 1.0
12:25:40.0689 4268 Product type: Workstation
12:25:40.0689 4268 ComputerName: OWNER-PC
12:25:40.0689 4268 UserName: Owner
12:25:40.0689 4268 Windows directory: C:\windows
12:25:40.0689 4268 System windows directory: C:\windows
12:25:40.0689 4268 Running under WOW64
12:25:40.0689 4268 Processor architecture: Intel x64
12:25:40.0689 4268 Number of processors: 4
12:25:40.0689 4268 Page size: 0x1000
12:25:40.0689 4268 Boot type: Normal boot
12:25:40.0689 4268 ============================================================
12:25:41.0032 4268 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x162DD1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0x10, Type 'K0', Flags 0x00000040
12:25:41.0032 4268 Drive \Device\Harddisk1\DR4 - Size: 0x3DD8C000 (0.97 Gb), SectorSize: 0x200, Cylinders: 0x7E, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:25:41.0047 4268 ============================================================
12:25:41.0047 4268 \Device\Harddisk0\DR0:
12:25:41.0047 4268 MBR partitions:
12:25:41.0047 4268 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x64000
12:25:41.0047 4268 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64800, BlocksNum 0x51D62800
12:25:41.0063 4268 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x51DC7800, BlocksNum 0x3A00800
12:25:41.0063 4268 \Device\Harddisk1\DR4:
12:25:41.0063 4268 MBR partitions:
12:25:41.0063 4268 \Device\Harddisk1\DR4\Partition0: MBR, Type 0x4, StartLBA 0x20, BlocksNum 0x1EEC3F
12:25:41.0063 4268 ============================================================
12:25:41.0110 4268 C: <-> \Device\Harddisk0\DR0\Partition1
12:25:41.0157 4268 D: <-> \Device\Harddisk0\DR0\Partition2
12:25:41.0157 4268 ============================================================
12:25:41.0157 4268 Initialize success
12:25:41.0157 4268 ============================================================
12:25:47.0958 2740 ============================================================
12:25:47.0958 2740 Scan started
12:25:47.0958 2740 Mode: Manual;
12:25:47.0958 2740 ============================================================
12:25:48.0379 2740 1394ohci (a87d604aea360176311474c87a63bb88) C:\windows\system32\drivers\1394ohci.sys
12:25:48.0395 2740 1394ohci - ok
12:25:48.0457 2740 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\windows\system32\drivers\ACPI.sys
12:25:48.0457 2740 ACPI - ok
12:25:48.0473 2740 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\windows\system32\drivers\acpipmi.sys
12:25:48.0473 2740 AcpiPmi - ok
12:25:48.0520 2740 ACPIVPC (5bbff8b826ec38d32c26334e079c7efc) C:\windows\system32\DRIVERS\AcpiVpc.sys
12:25:48.0520 2740 ACPIVPC - ok
12:25:48.0613 2740 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\drivers\adp94xx.sys
12:25:48.0645 2740 adp94xx - ok
12:25:48.0676 2740 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\drivers\adpahci.sys
12:25:48.0691 2740 adpahci - ok
12:25:48.0754 2740 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\drivers\adpu320.sys
12:25:48.0754 2740 adpu320 - ok
12:25:48.0816 2740 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\windows\System32\aelupsvc.dll
12:25:48.0816 2740 AeLookupSvc - ok
12:25:48.0910 2740 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\windows\system32\drivers\afd.sys
12:25:48.0957 2740 AFD - ok
12:25:49.0003 2740 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\drivers\agp440.sys
12:25:49.0019 2740 agp440 - ok
12:25:49.0050 2740 ALG (3290d6946b5e30e70414990574883ddb) C:\windows\System32\alg.exe
12:25:49.0050 2740 ALG - ok
12:25:49.0066 2740 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\drivers\aliide.sys
12:25:49.0066 2740 aliide - ok
12:25:49.0081 2740 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\drivers\amdide.sys
12:25:49.0081 2740 amdide - ok
12:25:49.0097 2740 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\drivers\amdk8.sys
12:25:49.0097 2740 AmdK8 - ok
12:25:49.0097 2740 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\drivers\amdppm.sys
12:25:49.0097 2740 AmdPPM - ok
12:25:49.0159 2740 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\windows\system32\drivers\amdsata.sys
12:25:49.0191 2740 amdsata - ok
12:25:49.0222 2740 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\drivers\amdsbs.sys
12:25:49.0237 2740 amdsbs - ok
12:25:49.0284 2740 amdxata (540daf1cea6094886d72126fd7c33048) C:\windows\system32\drivers\amdxata.sys
12:25:49.0284 2740 amdxata - ok
12:25:49.0315 2740 AppID (89a69c3f2f319b43379399547526d952) C:\windows\system32\drivers\appid.sys
12:25:49.0315 2740 AppID - ok
12:25:49.0331 2740 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\windows\System32\appidsvc.dll
12:25:49.0331 2740 AppIDSvc - ok
12:25:49.0347 2740 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\windows\System32\appinfo.dll
12:25:49.0347 2740 Appinfo - ok
12:25:49.0440 2740 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:25:49.0440 2740 Apple Mobile Device - ok
12:25:49.0487 2740 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\drivers\arc.sys
12:25:49.0487 2740 arc - ok
12:25:49.0518 2740 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\drivers\arcsas.sys
12:25:49.0518 2740 arcsas - ok
12:25:49.0549 2740 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys
12:25:49.0549 2740 AsyncMac - ok
12:25:49.0565 2740 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\drivers\atapi.sys
12:25:49.0565 2740 atapi - ok
12:25:49.0643 2740 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
12:25:49.0659 2740 AudioEndpointBuilder - ok
12:25:49.0659 2740 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
12:25:49.0659 2740 AudioSrv - ok
12:25:49.0690 2740 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\windows\System32\AxInstSV.dll
12:25:49.0705 2740 AxInstSV - ok
12:25:49.0768 2740 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\drivers\bxvbda.sys
12:25:49.0783 2740 b06bdrv - ok
12:25:49.0830 2740 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys
12:25:49.0846 2740 b57nd60a - ok
12:25:49.0908 2740 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\windows\System32\bdesvc.dll
12:25:49.0908 2740 BDESVC - ok
12:25:49.0939 2740 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys
12:25:49.0939 2740 Beep - ok
12:25:50.0033 2740 BFE (82974d6a2fd19445cc5171fc378668a4) C:\windows\System32\bfe.dll
12:25:50.0033 2740 BFE - ok
12:25:50.0127 2740 BITS (1ea7969e3271cbc59e1730697dc74682) C:\windows\system32\qmgr.dll
12:25:50.0142 2740 BITS - ok
12:25:50.0220 2740 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys
12:25:50.0220 2740 blbdrive - ok
12:25:50.0314 2740 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
12:25:50.0314 2740 Bonjour Service - ok
12:25:50.0361 2740 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\windows\system32\DRIVERS\bowser.sys
12:25:50.0361 2740 bowser - ok
12:25:50.0392 2740 bpenum (56e4345f392f17d66683225e214840cb) C:\windows\system32\DRIVERS\bpenum.sys
12:25:50.0407 2740 bpenum - ok
12:25:50.0439 2740 bpmp (d50b07c4d7afec4ca6ac8fcb72583c5b) C:\windows\system32\DRIVERS\bpmp.sys
12:25:50.0439 2740 bpmp - ok
12:25:50.0485 2740 BPntDrv (aaa4f992f879977a000fe8b8c730cd2c) C:\windows\system32\drivers\BPntDrv.sys
12:25:50.0485 2740 BPntDrv - ok
12:25:50.0517 2740 bpusb (a85ba55e4fe9cb2f342f281aaf7de810) C:\windows\system32\Drivers\bpusb.sys
12:25:50.0517 2740 bpusb - ok
12:25:50.0579 2740 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\drivers\BrFiltLo.sys
12:25:50.0579 2740 BrFiltLo - ok
12:25:50.0579 2740 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\drivers\BrFiltUp.sys
12:25:50.0579 2740 BrFiltUp - ok
12:25:50.0610 2740 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\windows\system32\DRIVERS\bridge.sys
12:25:50.0610 2740 BridgeMP - ok
12:25:50.0657 2740 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\windows\System32\browser.dll
12:25:50.0657 2740 Browser - ok
12:25:50.0688 2740 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys
12:25:50.0688 2740 Brserid - ok
12:25:50.0688 2740 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys
12:25:50.0688 2740 BrSerWdm - ok
12:25:50.0704 2740 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys
12:25:50.0704 2740 BrUsbMdm - ok
12:25:50.0704 2740 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys
12:25:50.0704 2740 BrUsbSer - ok
12:25:50.0751 2740 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\windows\system32\drivers\BthEnum.sys
12:25:50.0751 2740 BthEnum - ok
12:25:50.0782 2740 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\drivers\bthmodem.sys
12:25:50.0782 2740 BTHMODEM - ok
12:25:50.0797 2740 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\windows\system32\DRIVERS\bthpan.sys
12:25:50.0813 2740 BthPan - ok
12:25:50.0875 2740 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\windows\System32\Drivers\BTHport.sys
12:25:50.0875 2740 BTHPORT - ok
12:25:50.0922 2740 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\windows\system32\bthserv.dll
12:25:50.0922 2740 bthserv - ok
12:25:50.0938 2740 BTHUSB (f188b7394d81010767b6df3178519a37) C:\windows\System32\Drivers\BTHUSB.sys
12:25:50.0938 2740 BTHUSB - ok
12:25:50.0985 2740 catchme - ok
12:25:51.0016 2740 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys
12:25:51.0016 2740 cdfs - ok
12:25:51.0063 2740 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\windows\system32\DRIVERS\cdrom.sys
12:25:51.0078 2740 cdrom - ok
12:25:51.0125 2740 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
12:25:51.0125 2740 CertPropSvc - ok
12:25:51.0156 2740 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\drivers\circlass.sys
12:25:51.0156 2740 circlass - ok
12:25:51.0219 2740 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys
12:25:51.0234 2740 CLFS - ok
12:25:51.0343 2740 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:25:51.0343 2740 clr_optimization_v2.0.50727_32 - ok
12:25:51.0406 2740 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:25:51.0406 2740 clr_optimization_v2.0.50727_64 - ok
12:25:51.0531 2740 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:25:51.0531 2740 clr_optimization_v4.0.30319_32 - ok
12:25:51.0593 2740 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:25:51.0593 2740 clr_optimization_v4.0.30319_64 - ok
12:25:51.0640 2740 clwvd (50f92c943f18b070f166d019dfab3d9a) C:\windows\system32\DRIVERS\clwvd.sys
12:25:51.0640 2740 clwvd - ok
12:25:51.0687 2740 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys
12:25:51.0687 2740 CmBatt - ok
12:25:51.0702 2740 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\drivers\cmdide.sys
12:25:51.0702 2740 cmdide - ok
12:25:51.0780 2740 CNG (c4943b6c962e4b82197542447ad599f4) C:\windows\system32\Drivers\cng.sys
12:25:51.0780 2740 CNG - ok
12:25:51.0811 2740 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\drivers\compbatt.sys
12:25:51.0811 2740 Compbatt - ok
12:25:51.0827 2740 CompositeBus (03edb043586cceba243d689bdda370a8) C:\windows\system32\DRIVERS\CompositeBus.sys
12:25:51.0827 2740 CompositeBus - ok
12:25:51.0843 2740 COMSysApp - ok
12:25:51.0858 2740 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\drivers\crcdisk.sys
12:25:51.0858 2740 crcdisk - ok
12:25:51.0905 2740 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\windows\system32\cryptsvc.dll
12:25:51.0905 2740 CryptSvc - ok
12:25:52.0077 2740 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
12:25:52.0077 2740 cvhsvc - ok
12:25:52.0170 2740 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
12:25:52.0170 2740 DcomLaunch - ok
12:25:52.0217 2740 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\windows\System32\defragsvc.dll
12:25:52.0233 2740 defragsvc - ok
12:25:52.0295 2740 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\windows\system32\Drivers\dfsc.sys
12:25:52.0295 2740 DfsC - ok
12:25:52.0357 2740 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\windows\system32\dhcpcore.dll
12:25:52.0357 2740 Dhcp - ok
12:25:52.0373 2740 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys
12:25:52.0373 2740 discache - ok
12:25:52.0404 2740 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\drivers\disk.sys
12:25:52.0404 2740 Disk - ok
12:25:52.0513 2740 DMAgent (e7b489fa5b15d2fec3e52066e015b788) C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
12:25:52.0513 2740 DMAgent - ok
12:25:52.0576 2740 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\windows\System32\dnsrslvr.dll
12:25:52.0576 2740 Dnscache - ok
12:25:52.0607 2740 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\windows\System32\dot3svc.dll
12:25:52.0623 2740 dot3svc - ok
12:25:52.0654 2740 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\windows\system32\dps.dll
12:25:52.0654 2740 DPS - ok
12:25:52.0701 2740 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys
12:25:52.0716 2740 drmkaud - ok
12:25:52.0810 2740 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\windows\System32\drivers\dxgkrnl.sys
12:25:52.0810 2740 DXGKrnl - ok
12:25:52.0841 2740 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\windows\System32\eapsvc.dll
12:25:52.0841 2740 EapHost - ok
12:25:53.0075 2740 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\drivers\evbda.sys
12:25:53.0137 2740 ebdrv - ok
12:25:53.0262 2740 EFS (c118a82cd78818c29ab228366ebf81c3) C:\windows\System32\lsass.exe
12:25:53.0262 2740 EFS - ok
12:25:53.0418 2740 EgisTec Service (2c1a297638e4319179a1112d4d6522b8) C:\Program Files (x86)\EgisTec BioExcess\EgisService.exe
12:25:53.0418 2740 EgisTec Service - ok
12:25:53.0512 2740 EgisTec Service Help (0ac3baa7df250c76dd9bcfc51565cb5f) C:\Program Files (x86)\EgisTec Port Locker\Egishlpsvc.exe
12:25:53.0512 2740 EgisTec Service Help - ok
12:25:53.0590 2740 EgisTec Ticket Service (7745aaffb61438c28c75e18ce98d4e64) C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
12:25:53.0590 2740 EgisTec Ticket Service - ok
12:25:53.0730 2740 EgisTecFF (33708c6d915f8de734cf3abb0731515b) C:\windows\system32\DRIVERS\EgisTecFF.sys
12:25:53.0730 2740 EgisTecFF - ok
12:25:53.0871 2740 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\windows\ehome\ehRecvr.exe
12:25:53.0886 2740 ehRecvr - ok
12:25:53.0902 2740 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\windows\ehome\ehsched.exe
12:25:53.0902 2740 ehSched - ok
12:25:53.0980 2740 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\drivers\elxstor.sys
12:25:53.0995 2740 elxstor - ok
12:25:53.0995 2740 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\drivers\errdev.sys
12:25:53.0995 2740 ErrDev - ok
12:25:54.0058 2740 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\windows\system32\es.dll
12:25:54.0058 2740 EventSystem - ok
12:25:54.0276 2740 EvtEng (f8f610093e1d7fdfa477fc34d15d5c60) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
12:25:54.0307 2740 EvtEng - ok
12:25:54.0479 2740 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys
12:25:54.0495 2740 exfat - ok
12:25:54.0526 2740 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys
12:25:54.0541 2740 fastfat - ok
12:25:54.0635 2740 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\windows\system32\fxssvc.exe
12:25:54.0635 2740 Fax - ok
12:25:54.0666 2740 fbfmon (3191aca33088ee2481044fc0db736442) C:\windows\system32\drivers\fbfmon.sys
12:25:54.0682 2740 fbfmon - ok
12:25:54.0682 2740 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\drivers\fdc.sys
12:25:54.0697 2740 fdc - ok
12:25:54.0729 2740 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\windows\system32\fdPHost.dll
12:25:54.0729 2740 fdPHost - ok
12:25:54.0760 2740 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\windows\system32\fdrespub.dll
12:25:54.0760 2740 FDResPub - ok
12:25:54.0791 2740 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys
12:25:54.0791 2740 FileInfo - ok
12:25:54.0807 2740 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys
12:25:54.0807 2740 Filetrace - ok
12:25:54.0807 2740 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\drivers\flpydisk.sys
12:25:54.0822 2740 flpydisk - ok
12:25:54.0853 2740 FltMgr (da6b67270fd9db3697b20fce94950741) C:\windows\system32\drivers\fltmgr.sys
12:25:54.0869 2740 FltMgr - ok
12:25:54.0978 2740 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\windows\system32\FntCache.dll
12:25:54.0994 2740 FontCache - ok
12:25:55.0056 2740 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:25:55.0056 2740 FontCache3.0.0.0 - ok
12:25:55.0119 2740 FPSensor (1899d0fb4c5ad0d6d0bfa258c54903f7) C:\windows\system32\Drivers\FPSensor.sys
12:25:55.0134 2740 FPSensor - ok
12:25:55.0165 2740 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys
12:25:55.0165 2740 FsDepends - ok
12:25:55.0181 2740 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\windows\system32\drivers\Fs_Rec.sys
12:25:55.0181 2740 Fs_Rec - ok
12:25:55.0243 2740 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\windows\system32\DRIVERS\fvevol.sys
12:25:55.0259 2740 fvevol - ok
12:25:55.0306 2740 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\drivers\gagp30kx.sys
12:25:55.0306 2740 gagp30kx - ok
12:25:55.0337 2740 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\windows\system32\DRIVERS\GEARAspiWDM.sys
12:25:55.0337 2740 GEARAspiWDM - ok
12:25:55.0431 2740 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\windows\System32\gpsvc.dll
12:25:55.0446 2740 gpsvc - ok
12:25:55.0540 2740 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:25:55.0540 2740 gupdate - ok
12:25:55.0571 2740 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:25:55.0571 2740 gupdatem - ok
12:25:55.0602 2740 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
12:25:55.0602 2740 gusvc - ok
12:25:55.0633 2740 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys
12:25:55.0633 2740 hcw85cir - ok
12:25:55.0665 2740 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\windows\system32\drivers\HdAudio.sys
12:25:55.0665 2740 HdAudAddService - ok
12:25:55.0711 2740 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\windows\system32\DRIVERS\HDAudBus.sys
12:25:55.0743 2740 HDAudBus - ok
12:25:55.0743 2740 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\drivers\HidBatt.sys
12:25:55.0743 2740 HidBatt - ok
12:25:55.0758 2740 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\drivers\hidbth.sys
12:25:55.0758 2740 HidBth - ok
12:25:55.0789 2740 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\drivers\hidir.sys
12:25:55.0789 2740 HidIr - ok
12:25:55.0836 2740 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\windows\System32\hidserv.dll
12:25:55.0836 2740 hidserv - ok
12:25:55.0867 2740 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\windows\system32\DRIVERS\hidusb.sys
12:25:55.0867 2740 HidUsb - ok
12:25:55.0899 2740 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\windows\system32\kmsvc.dll
12:25:55.0914 2740 hkmsvc - ok
12:25:55.0945 2740 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\windows\system32\ListSvc.dll
12:25:55.0961 2740 HomeGroupListener - ok
12:25:55.0992 2740 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\windows\system32\provsvc.dll
12:25:56.0008 2740 HomeGroupProvider - ok
12:25:56.0039 2740 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\windows\system32\drivers\HpSAMD.sys
12:25:56.0039 2740 HpSAMD - ok
12:25:56.0133 2740 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\windows\system32\drivers\HTTP.sys
12:25:56.0164 2740 HTTP - ok
12:25:56.0164 2740 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\windows\system32\drivers\hwpolicy.sys
12:25:56.0164 2740 hwpolicy - ok
12:25:56.0211 2740 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\DRIVERS\i8042prt.sys
12:25:56.0211 2740 i8042prt - ok
12:25:56.0273 2740 iaStor (53cc5bf8b5a219119953c7abb19a7705) C:\windows\system32\DRIVERS\iaStor.sys
12:25:56.0273 2740 iaStor - ok
12:25:56.0382 2740 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\windows\system32\drivers\iaStorV.sys
12:25:56.0382 2740 iaStorV - ok
12:25:56.0554 2740 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:25:56.0554 2740 idsvc - ok
12:25:57.0287 2740 igfx (795c99dc4f574c97c03d0bb39cf099ee) C:\windows\system32\DRIVERS\igdkmd64.sys
12:25:57.0474 2740 igfx - ok
12:25:57.0630 2740 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\drivers\iirsp.sys
12:25:57.0630 2740 iirsp - ok
12:25:57.0724 2740 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\windows\System32\ikeext.dll
12:25:57.0739 2740 IKEEXT - ok
12:25:57.0973 2740 IntcAzAudAddService (03076f51af9f78a272cccde03e9340ce) C:\windows\system32\drivers\RTKVHD64.sys
12:25:58.0020 2740 IntcAzAudAddService - ok
12:25:58.0192 2740 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\windows\system32\DRIVERS\IntcDAud.sys
12:25:58.0207 2740 IntcDAud - ok
12:25:58.0239 2740 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\drivers\intelide.sys
12:25:58.0239 2740 intelide - ok
12:25:58.0285 2740 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys
12:25:58.0285 2740 intelppm - ok
12:25:58.0317 2740 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\windows\system32\ipbusenum.dll
12:25:58.0317 2740 IPBusEnum - ok
12:25:58.0332 2740 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\windows\system32\DRIVERS\ipfltdrv.sys
12:25:58.0348 2740 IpFilterDriver - ok
12:25:58.0410 2740 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\windows\System32\iphlpsvc.dll
12:25:58.0410 2740 iphlpsvc - ok
12:25:58.0410 2740 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\windows\system32\drivers\IPMIDrv.sys
12:25:58.0426 2740 IPMIDRV - ok
12:25:58.0426 2740 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys
12:25:58.0426 2740 IPNAT - ok
12:25:58.0566 2740 iPod Service (46d249f9db7844cc01050a9345f0f61b) C:\Program Files\iPod\bin\iPodService.exe
12:25:58.0566 2740 iPod Service - ok
12:25:58.0597 2740 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys
12:25:58.0597 2740 IRENUM - ok
12:25:58.0597 2740 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\drivers\isapnp.sys
12:25:58.0597 2740 isapnp - ok
12:25:58.0644 2740 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\windows\system32\drivers\msiscsi.sys
12:25:58.0660 2740 iScsiPrt - ok
12:25:58.0707 2740 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\DRIVERS\kbdclass.sys
12:25:58.0707 2740 kbdclass - ok
12:25:58.0722 2740 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\windows\system32\drivers\kbdhid.sys
12:25:58.0722 2740 kbdhid - ok
12:25:58.0753 2740 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
12:25:58.0753 2740 KeyIso - ok
12:25:58.0769 2740 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\windows\system32\Drivers\ksecdd.sys
12:25:58.0769 2740 KSecDD - ok
12:25:58.0816 2740 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\windows\system32\Drivers\ksecpkg.sys
12:25:58.0816 2740 KSecPkg - ok
12:25:58.0831 2740 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys
12:25:58.0831 2740 ksthunk - ok
12:25:58.0894 2740 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\windows\system32\msdtckrm.dll
12:25:58.0909 2740 KtmRm - ok
12:25:58.0972 2740 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\windows\System32\srvsvc.dll
12:25:58.0972 2740 LanmanServer - ok
12:25:58.0987 2740 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\windows\System32\wkssvc.dll
12:25:58.0987 2740 LanmanWorkstation - ok
12:25:59.0019 2740 LHDmgr (be166935083f9c38edfdc21b9a7a679b) C:\windows\system32\DRIVERS\LhdX64.sys
12:25:59.0019 2740 LHDmgr - ok
12:25:59.0065 2740 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys
12:25:59.0081 2740 lltdio - ok
12:25:59.0128 2740 lltdsvc (c1185803384ab3feed115f79f109427f) C:\windows\System32\lltdsvc.dll
12:25:59.0159 2740 lltdsvc - ok
12:25:59.0175 2740 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\windows\System32\lmhsvc.dll
12:25:59.0175 2740 lmhosts - ok
12:25:59.0299 2740 LMS (2ed1786b7542cda261029f6b526edf44) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
12:25:59.0315 2740 LMS - ok
12:25:59.0362 2740 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\drivers\lsi_fc.sys
12:25:59.0377 2740 LSI_FC - ok
12:25:59.0409 2740 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\drivers\lsi_sas.sys
12:25:59.0409 2740 LSI_SAS - ok
12:25:59.0424 2740 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\drivers\lsi_sas2.sys
12:25:59.0424 2740 LSI_SAS2 - ok
12:25:59.0440 2740 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\drivers\lsi_scsi.sys
12:25:59.0440 2740 LSI_SCSI - ok
12:25:59.0455 2740 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys
12:25:59.0455 2740 luafv - ok
12:25:59.0502 2740 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\windows\system32\Mcx2Svc.dll
12:25:59.0502 2740 Mcx2Svc - ok
12:25:59.0502 2740 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\drivers\megasas.sys
12:25:59.0502 2740 megasas - ok
12:25:59.0565 2740 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\drivers\MegaSR.sys
12:25:59.0565 2740 MegaSR - ok
12:25:59.0596 2740 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\windows\system32\DRIVERS\HECIx64.sys
12:25:59.0611 2740 MEIx64 - ok
12:25:59.0611 2740 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
12:25:59.0627 2740 MMCSS - ok
12:25:59.0627 2740 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys
12:25:59.0627 2740 Modem - ok
12:25:59.0658 2740 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys
12:25:59.0658 2740 monitor - ok
12:25:59.0705 2740 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys
12:25:59.0705 2740 mouclass - ok
12:25:59.0721 2740 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys
12:25:59.0721 2740 mouhid - ok
12:25:59.0736 2740 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\windows\system32\drivers\mountmgr.sys
12:25:59.0736 2740 mountmgr - ok
12:25:59.0767 2740 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\windows\system32\drivers\mpio.sys
12:25:59.0767 2740 mpio - ok
12:25:59.0783 2740 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys
12:25:59.0783 2740 mpsdrv - ok
12:25:59.0877 2740 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\windows\system32\mpssvc.dll
12:25:59.0892 2740 MpsSvc - ok
12:25:59.0908 2740 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\windows\system32\drivers\mrxdav.sys
12:25:59.0908 2740 MRxDAV - ok
12:25:59.0939 2740 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\windows\system32\DRIVERS\mrxsmb.sys
12:25:59.0955 2740 mrxsmb - ok
12:25:59.0986 2740 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\windows\system32\DRIVERS\mrxsmb10.sys
12:26:00.0001 2740 mrxsmb10 - ok
12:26:00.0017 2740 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\windows\system32\DRIVERS\mrxsmb20.sys
12:26:00.0048 2740 mrxsmb20 - ok
12:26:00.0048 2740 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\windows\system32\drivers\msahci.sys
12:26:00.0048 2740 msahci - ok
12:26:00.0079 2740 msdsm (db801a638d011b9633829eb6f663c900) C:\windows\system32\drivers\msdsm.sys
12:26:00.0095 2740 msdsm - ok
12:26:00.0126 2740 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\windows\System32\msdtc.exe
12:26:00.0142 2740 MSDTC - ok
12:26:00.0173 2740 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys
12:26:00.0173 2740 Msfs - ok
12:26:00.0204 2740 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys
12:26:00.0204 2740 mshidkmdf - ok
12:26:00.0220 2740 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\drivers\msisadrv.sys
12:26:00.0220 2740 msisadrv - ok
12:26:00.0267 2740 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\windows\system32\iscsiexe.dll
12:26:00.0267 2740 MSiSCSI - ok
12:26:00.0267 2740 msiserver - ok
12:26:00.0282 2740 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys
12:26:00.0282 2740 MSKSSRV - ok
12:26:00.0298 2740 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys
12:26:00.0298 2740 MSPCLOCK - ok
12:26:00.0298 2740 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys
12:26:00.0298 2740 MSPQM - ok
12:26:00.0345 2740 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\windows\system32\drivers\MsRPC.sys
12:26:00.0360 2740 MsRPC - ok
12:26:00.0376 2740 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\DRIVERS\mssmbios.sys
12:26:00.0376 2740 mssmbios - ok
12:26:00.0391 2740 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys
12:26:00.0391 2740 MSTEE - ok
12:26:00.0391 2740 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\drivers\MTConfig.sys
12:26:00.0391 2740 MTConfig - ok
12:26:00.0407 2740 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys
12:26:00.0407 2740 Mup - ok
12:26:00.0438 2740 mwlPSDFilter (9b1eac6faf6f37305e822f5588dc8056) C:\windows\system32\DRIVERS\mwlPSDFilter.sys
12:26:00.0438 2740 mwlPSDFilter - ok
12:26:00.0438 2740 mwlPSDNServ (ad55c1524b296280ed9c6e0d730d35da) C:\windows\system32\DRIVERS\mwlPSDNServ.sys
12:26:00.0438 2740 mwlPSDNServ - ok
12:26:00.0454 2740 mwlPSDVDisk (2b599e6ec8843637bdd62e7f8f3ba201) C:\windows\system32\DRIVERS\mwlPSDVDisk.sys
12:26:00.0454 2740 mwlPSDVDisk - ok
12:26:00.0563 2740 MyWiFiDHCPDNS (f6ea50dbc391f04ca49427010657ccb3) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
12:26:00.0579 2740 MyWiFiDHCPDNS - ok
12:26:00.0735 2740 NACAgent (ac5cabf86d77b531821f43bb39e6f5c2) C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgent.exe
12:26:00.0735 2740 NACAgent - ok
12:26:00.0906 2740 napagent (582ac6d9873e31dfa28a4547270862dd) C:\windows\system32\qagentRT.dll
12:26:00.0906 2740 napagent - ok
12:26:00.0984 2740 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys
12:26:00.0984 2740 NativeWifiP - ok
12:26:01.0078 2740 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\windows\system32\drivers\ndis.sys
12:26:01.0093 2740 NDIS - ok
12:26:01.0109 2740 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys
12:26:01.0109 2740 NdisCap - ok
12:26:01.0140 2740 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys
12:26:01.0140 2740 NdisTapi - ok
12:26:01.0171 2740 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\windows\system32\DRIVERS\ndisuio.sys
12:26:01.0171 2740 Ndisuio - ok
12:26:01.0187 2740 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\windows\system32\DRIVERS\ndiswan.sys
12:26:01.0203 2740 NdisWan - ok
12:26:01.0234 2740 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\windows\system32\drivers\NDProxy.sys
12:26:01.0249 2740 NDProxy - ok
12:26:01.0281 2740 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys
12:26:01.0281 2740 NetBIOS - ok
12:26:01.0312 2740 NetBT (09594d1089c523423b32a4229263f068) C:\windows\system32\DRIVERS\netbt.sys
12:26:01.0343 2740 NetBT - ok
12:26:01.0374 2740 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
12:26:01.0374 2740 Netlogon - ok
12:26:01.0437 2740 Netman (847d3ae376c0817161a14a82c8922a9e) C:\windows\System32\netman.dll
12:26:01.0452 2740 Netman - ok
12:26:01.0499 2740 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\windows\System32\netprofm.dll
12:26:01.0499 2740 netprofm - ok
12:26:01.0593 2740 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:26:01.0608 2740 NetTcpPortSharing - ok
12:26:02.0107 2740 NETwNs64 (30933bb56fb611d0252bad488adfb533) C:\windows\system32\DRIVERS\NETwNs64.sys
12:26:02.0232 2740 NETwNs64 - ok
12:26:02.0388 2740 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\drivers\nfrd960.sys
12:26:02.0388 2740 nfrd960 - ok
12:26:02.0451 2740 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\windows\System32\nlasvc.dll
12:26:02.0466 2740 NlaSvc - ok
12:26:02.0482 2740 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys
12:26:02.0482 2740 Npfs - ok
12:26:02.0497 2740 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\windows\system32\nsisvc.dll
12:26:02.0513 2740 nsi - ok
12:26:02.0529 2740 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys
12:26:02.0529 2740 nsiproxy - ok
12:26:02.0700 2740 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\windows\system32\drivers\Ntfs.sys
12:26:02.0747 2740 Ntfs - ok
12:26:02.0887 2740 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys
12:26:02.0887 2740 Null - ok
12:26:02.0934 2740 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\windows\system32\drivers\nvraid.sys
12:26:02.0934 2740 nvraid - ok
12:26:02.0981 2740 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\windows\system32\drivers\nvstor.sys
12:26:02.0981 2740 nvstor - ok
12:26:03.0043 2740 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\drivers\nv_agp.sys
12:26:03.0059 2740 nv_agp - ok
12:26:03.0121 2740 NWADI (91b17f9dbb2e60feaf27cadfb9998ffb) C:\windows\system32\DRIVERS\NWADIenum.sys
12:26:03.0137 2740 NWADI - ok
12:26:03.0168 2740 NWUSBCDFIL64 (d944d4341429093f55cb7f0ec87c86b3) C:\windows\system32\DRIVERS\NwUsbCdFil64.sys
12:26:03.0168 2740 NWUSBCDFIL64 - ok
12:26:03.0231 2740 NWUSBModem (a3fadcf96abf4803e7a946cd48641ac3) C:\windows\system32\DRIVERS\nwusbmdm.sys
12:26:03.0246 2740 NWUSBModem - ok
12:26:03.0277 2740 NWUSBPort (a3fadcf96abf4803e7a946cd48641ac3) C:\windows\system32\DRIVERS\nwusbser.sys
12:26:03.0293 2740 NWUSBPort - ok
12:26:03.0324 2740 NWUSBPort2 (a3fadcf96abf4803e7a946cd48641ac3) C:\windows\system32\DRIVERS\nwusbser2.sys
12:26:03.0340 2740 NWUSBPort2 - ok
12:26:03.0387 2740 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\drivers\ohci1394.sys
12:26:03.0402 2740 ohci1394 - ok
12:26:03.0496 2740 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:26:03.0496 2740 ose - ok
12:26:03.0886 2740 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
12:26:03.0990 2740 osppsvc - ok
12:26:04.0133 2740 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
12:26:04.0148 2740 p2pimsvc - ok
12:26:04.0195 2740 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\windows\system32\p2psvc.dll
12:26:04.0211 2740 p2psvc - ok
12:26:04.0242 2740 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\drivers\parport.sys
12:26:04.0242 2740 Parport - ok
12:26:04.0273 2740 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\windows\system32\drivers\partmgr.sys
12:26:04.0289 2740 partmgr - ok
12:26:04.0320 2740 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\windows\System32\pcasvc.dll
12:26:04.0320 2740 PcaSvc - ok
12:26:04.0351 2740 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\windows\system32\drivers\pci.sys
12:26:04.0367 2740 pci - ok
12:26:04.0382 2740 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\drivers\pciide.sys
12:26:04.0382 2740 pciide - ok
12:26:04.0398 2740 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\drivers\pcmcia.sys
12:26:04.0414 2740 pcmcia - ok
12:26:04.0414 2740 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys
12:26:04.0414 2740 pcw - ok
12:26:04.0476 2740 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys
12:26:04.0492 2740 PEAUTH - ok
12:26:04.0601 2740 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\windows\SysWow64\perfhost.exe
12:26:04.0616 2740 PerfHost - ok
12:26:04.0772 2740 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\windows\system32\pla.dll
12:26:04.0804 2740 pla - ok
12:26:04.0866 2740 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\windows\system32\umpnpmgr.dll
12:26:04.0882 2740 PlugPlay - ok
12:26:04.0928 2740 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\windows\system32\pnrpauto.dll
12:26:04.0928 2740 PNRPAutoReg - ok
12:26:04.0975 2740 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
12:26:04.0991 2740 PNRPsvc - ok
12:26:05.0069 2740 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\windows\System32\ipsecsvc.dll
12:26:05.0069 2740 PolicyAgent - ok
12:26:05.0116 2740 Power (6ba9d927dded70bd1a9caded45f8b184) C:\windows\system32\umpo.dll
12:26:05.0116 2740 Power - ok
12:26:05.0209 2740 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\windows\system32\DRIVERS\raspptp.sys
12:26:05.0225 2740 PptpMiniport - ok
12:26:05.0272 2740 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\drivers\processr.sys
12:26:05.0272 2740 Processor - ok
12:26:05.0318 2740 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\windows\system32\profsvc.dll
12:26:05.0334 2740 ProfSvc - ok
12:26:05.0365 2740 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
12:26:05.0365 2740 ProtectedStorage - ok
12:26:05.0396 2740 Psched (0557cf5a2556bd58e26384169d72438d) C:\windows\system32\DRIVERS\pacer.sys
12:26:05.0412 2740 Psched - ok
12:26:05.0552 2740 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\drivers\ql2300.sys
12:26:05.0599 2740 ql2300 - ok
12:26:05.0740 2740 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\drivers\ql40xx.sys
12:26:05.0755 2740 ql40xx - ok
12:26:05.0802 2740 QWAVE (906191634e99aea92c4816150bda3732) C:\windows\system32\qwave.dll
12:26:05.0818 2740 QWAVE - ok
12:26:05.0833 2740 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys
12:26:05.0833 2740 QWAVEdrv - ok
12:26:05.0849 2740 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys
12:26:05.0864 2740 RasAcd - ok
12:26:05.0896 2740 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys
12:26:05.0896 2740 RasAgileVpn - ok
12:26:05.0927 2740 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\windows\System32\rasauto.dll
12:26:05.0942 2740 RasAuto - ok
12:26:05.0974 2740 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\windows\system32\DRIVERS\rasl2tp.sys
12:26:06.0005 2740 Rasl2tp - ok
12:26:06.0052 2740 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\windows\System32\rasmans.dll
12:26:06.0052 2740 RasMan - ok
12:26:06.0067 2740 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys
12:26:06.0083 2740 RasPppoe - ok
12:26:06.0098 2740 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys
12:26:06.0098 2740 RasSstp - ok
12:26:06.0145 2740 rdbss (77f665941019a1594d887a74f301fa2f) C:\windows\system32\DRIVERS\rdbss.sys
12:26:06.0145 2740 rdbss - ok
12:26:06.0176 2740 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\drivers\rdpbus.sys
12:26:06.0176 2740 rdpbus - ok
12:26:06.0208 2740 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys
12:26:06.0208 2740 RDPCDD - ok
12:26:06.0223 2740 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys
12:26:06.0223 2740 RDPENCDD - ok
12:26:06.0239 2740 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys
12:26:06.0239 2740 RDPREFMP - ok
12:26:06.0286 2740 RDPWD (6d76e6433574b058adcb0c50df834492) C:\windows\system32\drivers\RDPWD.sys
12:26:06.0301 2740 RDPWD - ok
12:26:06.0348 2740 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\windows\system32\drivers\rdyboost.sys
12:26:06.0364 2740 rdyboost - ok
12:26:06.0520 2740 RegSrvc (9276f4d4109fc349925d28e00e533146) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
12:26:06.0535 2740 RegSrvc - ok
12:26:06.0566 2740 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\windows\System32\mprdim.dll
12:26:06.0566 2740 RemoteAccess - ok
12:26:06.0613 2740 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\windows\system32\regsvc.dll
12:26:06.0613 2740 RemoteRegistry - ok
12:26:06.0707 2740 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\windows\system32\DRIVERS\rfcomm.sys
12:26:06.0722 2740 RFCOMM - ok
12:26:06.0754 2740 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\windows\System32\RpcEpMap.dll
12:26:06.0769 2740 RpcEptMapper - ok
12:26:06.0785 2740 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\windows\system32\locator.exe
12:26:06.0785 2740 RpcLocator - ok
12:26:06.0847 2740 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
12:26:06.0863 2740 RpcSs - ok
12:26:06.0878 2740 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys
12:26:06.0878 2740 rspndr - ok
12:26:06.0941 2740 RSUSBVSTOR (e54a5586a28d0630a79a68bbab84bfcf) C:\windows\system32\Drivers\RtsUVStor.sys
12:26:06.0956 2740 RSUSBVSTOR - ok
12:26:07.0034 2740 RTL8167 (20a466b9ea2bd828c0ec723f99b8cfe7) C:\windows\system32\DRIVERS\Rt64win7.sys
12:26:07.0050 2740 RTL8167 - ok
12:26:07.0112 2740 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
12:26:07.0112 2740 SamSs - ok
12:26:07.0128 2740 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\windows\system32\drivers\sbp2port.sys
12:26:07.0144 2740 sbp2port - ok
12:26:07.0190 2740 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\windows\System32\SCardSvr.dll
12:26:07.0206 2740 SCardSvr - ok
12:26:07.0253 2740 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\windows\system32\DRIVERS\scfilter.sys
12:26:07.0253 2740 scfilter - ok
12:26:07.0362 2740 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\windows\system32\schedsvc.dll
12:26:07.0378 2740 Schedule - ok
12:26:07.0424 2740 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
12:26:07.0424 2740 SCPolicySvc - ok
12:26:07.0456 2740 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\windows\System32\SDRSVC.dll
12:26:07.0456 2740 SDRSVC - ok
12:26:07.0534 2740 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys
12:26:07.0549 2740 secdrv - ok
12:26:07.0565 2740 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\windows\system32\seclogon.dll
12:26:07.0565 2740 seclogon - ok
12:26:07.0580 2740 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\windows\system32\sens.dll
12:26:07.0580 2740 SENS - ok
12:26:07.0596 2740 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\windows\system32\sensrsvc.dll
12:26:07.0596 2740 SensrSvc - ok
12:26:07.0612 2740 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\drivers\serenum.sys
12:26:07.0627 2740 Serenum - ok
12:26:07.0643 2740 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\drivers\serial.sys
12:26:07.0643 2740 Serial - ok
12:26:07.0643 2740 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\drivers\sermouse.sys
12:26:07.0658 2740 sermouse - ok
12:26:07.0674 2740 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\windows\system32\sessenv.dll
12:26:07.0690 2740 SessionEnv - ok
12:26:07.0690 2740 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\drivers\sffdisk.sys
12:26:07.0690 2740 sffdisk - ok
12:26:07.0690 2740 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\drivers\sffp_mmc.sys
12:26:07.0690 2740 sffp_mmc - ok
12:26:07.0705 2740 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\windows\system32\drivers\sffp_sd.sys
12:26:07.0705 2740 sffp_sd - ok
12:26:07.0705 2740 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\drivers\sfloppy.sys
12:26:07.0705 2740 sfloppy - ok
12:26:07.0814 2740 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\windows\system32\DRIVERS\Sftfslh.sys
12:26:07.0830 2740 Sftfs - ok
12:26:07.0955 2740 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
12:26:07.0955 2740 sftlist - ok
12:26:08.0002 2740 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\windows\system32\DRIVERS\Sftplaylh.sys
12:26:08.0017 2740 Sftplay - ok
12:26:08.0033 2740 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\windows\system32\DRIVERS\Sftredirlh.sys
12:26:08.0033 2740 Sftredir - ok
12:26:08.0048 2740 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\windows\system32\DRIVERS\Sftvollh.sys
12:26:08.0048 2740 Sftvol - ok
12:26:08.0080 2740 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
12:26:08.0080 2740 sftvsa - ok
12:26:08.0142 2740 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\windows\System32\ipnathlp.dll
12:26:08.0158 2740 SharedAccess - ok
12:26:08.0220 2740 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\windows\System32\shsvcs.dll
12:26:08.0236 2740 ShellHWDetection - ok
12:26:08.0298 2740 Shockprf (c10d453b07e3e7e00e5103bba9bad524) C:\windows\system32\DRIVERS\Apsx64.sys
12:26:08.0298 2740 Shockprf - ok
12:26:08.0360 2740 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\drivers\SiSRaid2.sys
12:26:08.0360 2740 SiSRaid2 - ok
12:26:08.0376 2740 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\drivers\sisraid4.sys
12:26:08.0392 2740 SiSRaid4 - ok
12:26:08.0407 2740 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys
12:26:08.0407 2740 Smb - ok
12:26:08.0454 2740 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\windows\System32\snmptrap.exe
12:26:08.0454 2740 SNMPTRAP - ok
12:26:08.0470 2740 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys
12:26:08.0485 2740 spldr - ok
12:26:08.0548 2740 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\windows\System32\spoolsv.exe
12:26:08.0563 2740 Spooler - ok
12:26:08.0844 2740 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\windows\system32\sppsvc.exe
12:26:08.0922 2740 sppsvc - ok
12:26:09.0062 2740 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\windows\system32\sppuinotify.dll
12:26:09.0062 2740 sppuinotify - ok
12:26:09.0156 2740 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\windows\system32\DRIVERS\srv.sys
12:26:09.0187 2740 srv - ok
12:26:09.0250 2740 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\windows\system32\DRIVERS\srv2.sys
12:26:09.0281 2740 srv2 - ok
12:26:09.0312 2740 srvnet (27e461f0be5bff5fc737328f749538c3) C:\windows\system32\DRIVERS\srvnet.sys
12:26:09.0312 2740 srvnet - ok
12:26:09.0374 2740 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\windows\System32\ssdpsrv.dll
12:26:09.0374 2740 SSDPSRV - ok
12:26:09.0421 2740 ssfmonm (53e966abded5c56dc1a655f1945bdc6b) C:\windows\system32\DRIVERS\ssfmonm.sys
12:26:09.0437 2740 ssfmonm - ok
12:26:09.0468 2740 ssidrv (1f22b15808a1d9a5637e52dec860fa28) C:\windows\system32\DRIVERS\ssidrv.sys
12:26:09.0468 2740 ssidrv - ok
12:26:09.0499 2740 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\windows\system32\sstpsvc.dll
12:26:09.0499 2740 SstpSvc - ok
12:26:09.0546 2740 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\drivers\stexstor.sys
12:26:09.0546 2740 stexstor - ok
12:26:09.0640 2740 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\windows\System32\wiaservc.dll
12:26:09.0655 2740 stisvc - ok
12:26:09.0655 2740 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\DRIVERS\swenum.sys
12:26:09.0671 2740 swenum - ok
12:26:09.0733 2740 swprv (e08e46fdd841b7184194011ca1955a0b) C:\windows\System32\swprv.dll
12:26:09.0733 2740 swprv - ok
12:26:09.0889 2740 SynTP (08425cd92972c6430f350a9697f4a553) C:\windows\system32\DRIVERS\SynTP.sys
12:26:09.0936 2740 SynTP - ok
12:26:10.0232 2740 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\windows\system32\sysmain.dll
12:26:10.0279 2740 SysMain - ok
12:26:10.0373 2740 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\windows\System32\TabSvc.dll
12:26:10.0373 2740 TabletInputService - ok
12:26:10.0420 2740 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\windows\System32\tapisrv.dll
12:26:10.0451 2740 TapiSrv - ok
12:26:10.0466 2740 TBS (1be03ac720f4d302ea01d40f588162f6) C:\windows\System32\tbssvc.dll
12:26:10.0466 2740 TBS - ok
12:26:10.0669 2740 Tcpip (fc62769e7bff2896035aeed399108162) C:\windows\system32\drivers\tcpip.sys
12:26:10.0700 2740 Tcpip - ok
12:26:10.0966 2740 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\windows\system32\DRIVERS\tcpip.sys
12:26:10.0981 2740 TCPIP6 - ok
12:26:11.0059 2740 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\windows\system32\drivers\tcpipreg.sys
12:26:11.0075 2740 tcpipreg - ok
12:26:11.0090 2740 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys
12:26:11.0090 2740 TDPIPE - ok
12:26:11.0106 2740 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\windows\system32\drivers\tdtcp.sys
12:26:11.0106 2740 TDTCP - ok
12:26:11.0153 2740 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\windows\system32\DRIVERS\tdx.sys
12:26:11.0168 2740 tdx - ok
12:26:11.0200 2740 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\windows\system32\DRIVERS\termdd.sys
12:26:11.0215 2740 TermDD - ok
12:26:11.0293 2740 TermService (2e648163254233755035b46dd7b89123) C:\windows\System32\termsrv.dll
12:26:11.0309 2740 TermService - ok
12:26:11.0324 2740 Themes (f0344071948d1a1fa732231785a0664c) C:\windows\system32\themeservice.dll
12:26:11.0340 2740 Themes - ok
12:26:11.0356 2740 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
12:26:11.0371 2740 THREADORDER - ok
12:26:11.0387 2740 TPDIGIMN (74868c001c7214fbd88b1a57ebb04811) C:\windows\system32\DRIVERS\ApsHM64.sys
12:26:11.0387 2740 TPDIGIMN - ok
12:26:11.0418 2740 TPHDEXLGSVC (130e6b36a8eee48aa4f0ac404236836b) C:\windows\system32\TPHDEXLG64.exe
12:26:11.0418 2740 TPHDEXLGSVC - ok
12:26:11.0449 2740 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\windows\System32\trkwks.dll
12:26:11.0449 2740 TrkWks - ok
12:26:11.0512 2740 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\windows\servicing\TrustedInstaller.exe
12:26:11.0527 2740 TrustedInstaller - ok
12:26:11.0543 2740 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\windows\system32\DRIVERS\tssecsrv.sys
12:26:11.0543 2740 tssecsrv - ok
12:26:11.0574 2740 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\windows\system32\drivers\tsusbflt.sys
12:26:11.0574 2740 TsUsbFlt - ok
12:26:11.0605 2740 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\windows\system32\drivers\TsUsbGD.sys
12:26:11.0605 2740 TsUsbGD - ok
12:26:11.0636 2740 tunnel (3566a8daafa27af944f5d705eaa64894) C:\windows\system32\DRIVERS\tunnel.sys
12:26:11.0668 2740 tunnel - ok
12:26:11.0668 2740 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\drivers\uagp35.sys
12:26:11.0668 2740 uagp35 - ok
12:26:11.0714 2740 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\windows\system32\DRIVERS\udfs.sys
12:26:11.0730 2740 udfs - ok
12:26:11.0761 2740 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\windows\system32\UI0Detect.exe
12:26:11.0761 2740 UI0Detect - ok
12:26:11.0792 2740 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\drivers\uliagpkx.sys
12:26:11.0808 2740 uliagpkx - ok
12:26:11.0824 2740 umbus (dc54a574663a895c8763af0fa1ff7561) C:\windows\system32\DRIVERS\umbus.sys
12:26:11.0824 2740 umbus - ok
12:26:11.0824 2740 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\drivers\umpass.sys
12:26:11.0839 2740 UmPass - ok
12:26:12.0151 2740 UNS (7e5e1603d0ff2d240ae70295c5c3fefc) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
12:26:12.0198 2740 UNS - ok
12:26:12.0354 2740 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\windows\System32\upnphost.dll
12:26:12.0354 2740 upnphost - ok
12:26:12.0416 2740 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\windows\system32\DRIVERS\usbccgp.sys
12:26:12.0416 2740 usbccgp - ok
12:26:12.0448 2740 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\drivers\usbcir.sys
12:26:12.0448 2740 usbcir - ok
12:26:12.0463 2740 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\windows\system32\drivers\usbehci.sys
12:26:12.0463 2740 usbehci - ok
12:26:12.0510 2740 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\windows\system32\DRIVERS\usbhub.sys
12:26:12.0526 2740 usbhub - ok
12:26:12.0557 2740 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\windows\system32\drivers\usbohci.sys
12:26:12.0557 2740 usbohci - ok
12:26:12.0572 2740 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys
12:26:12.0588 2740 usbprint - ok
12:26:12.0619 2740 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\windows\system32\DRIVERS\USBSTOR.SYS
12:26:12.0619 2740 USBSTOR - ok
12:26:12.0635 2740 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\windows\system32\drivers\usbuhci.sys
12:26:12.0635 2740 usbuhci - ok
12:26:12.0666 2740 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\windows\system32\Drivers\usbvideo.sys
12:26:12.0682 2740 usbvideo - ok
12:26:12.0713 2740 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\windows\System32\uxsms.dll
12:26:12.0713 2740 UxSms - ok
12:26:12.0744 2740 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
12:26:12.0760 2740 VaultSvc - ok
12:26:12.0775 2740 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\drivers\vdrvroot.sys
12:26:12.0775 2740 vdrvroot - ok
12:26:12.0838 2740 vds (8d6b481601d01a456e75c3210f1830be) C:\windows\System32\vds.exe
12:26:12.0838 2740 vds - ok
12:26:12.0853 2740 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys
12:26:12.0853 2740 vga - ok
12:26:12.0869 2740 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys
12:26:12.0884 2740 VgaSave - ok
12:26:12.0900 2740 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\windows\system32\drivers\vhdmp.sys
12:26:12.0900 2740 vhdmp - ok
12:26:12.0900 2740 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\drivers\viaide.sys
12:26:12.0916 2740 viaide - ok
12:26:12.0994 2740 vm331avs (b977390908f5fc42b66e74d1e96843e6) C:\windows\system32\Drivers\vm331avs.sys
12:26:13.0009 2740 vm331avs - ok
12:26:13.0025 2740 vmuvcflt (40c39413a2458016ff43444750f467ca) C:\windows\system32\Drivers\vmuvcflt.sys
12:26:13.0025 2740 vmuvcflt - ok
12:26:13.0056 2740 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\windows\system32\drivers\volmgr.sys
12:26:13.0056 2740 volmgr - ok
12:26:13.0103 2740 volmgrx (a255814907c89be58b79ef2f189b843b) C:\windows\system32\drivers\volmgrx.sys
12:26:13.0118 2740 volmgrx - ok
12:26:13.0165 2740 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\windows\system32\drivers\volsnap.sys
12:26:13.0165 2740 volsnap - ok
12:26:13.0212 2740 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\drivers\vsmraid.sys
12:26:13.0228 2740 vsmraid - ok
12:26:13.0399 2740 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\windows\system32\vssvc.exe
12:26:13.0430 2740 VSS - ok
12:26:13.0586 2740 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys
12:26:13.0586 2740 vwifibus - ok
12:26:13.0618 2740 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys
12:26:13.0633 2740 vwififlt - ok
12:26:13.0649 2740 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\windows\system32\DRIVERS\vwifimp.sys
12:26:13.0664 2740 vwifimp - ok
12:26:13.0727 2740 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\windows\system32\w32time.dll
12:26:13.0742 2740 W32Time - ok
12:26:13.0758 2740 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\drivers\wacompen.sys
12:26:13.0774 2740 WacomPen - ok
12:26:13.0820 2740 WANARP (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
12:26:13.0820 2740 WANARP - ok
12:26:13.0820 2740 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
12:26:13.0820 2740 Wanarpv6 - ok
12:26:13.0976 2740 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\windows\system32\Wat\WatAdminSvc.exe
12:26:13.0992 2740 WatAdminSvc - ok
12:26:14.0148 2740 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\windows\system32\wbengine.exe
12:26:14.0195 2740 wbengine - ok
12:26:14.0335 2740 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\windows\System32\wbiosrvc.dll
12:26:14.0351 2740 WbioSrvc - ok
12:26:14.0398 2740 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\windows\System32\wcncsvc.dll
12:26:14.0413 2740 wcncsvc - ok
12:26:14.0429 2740 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\windows\System32\WcsPlugInService.dll
12:26:14.0429 2740 WcsPlugInService - ok
12:26:14.0460 2740 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\drivers\wd.sys
12:26:14.0476 2740 Wd - ok
12:26:14.0538 2740 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys
12:26:14.0554 2740 Wdf01000 - ok
12:26:14.0585 2740 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
12:26:14.0585 2740 WdiServiceHost - ok
12:26:14.0585 2740 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
12:26:14.0600 2740 WdiSystemHost - ok
12:26:14.0647 2740 wdkmd (94dc2bf6cbaaa95e369c3756d3115a76) C:\windows\system32\DRIVERS\WDKMD.sys
12:26:14.0647 2740 wdkmd - ok
12:26:14.0678 2740 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\windows\System32\webclnt.dll
12:26:14.0694 2740 WebClient - ok
12:26:15.0084 2740 WebrootSpySweeperService (be0050ea38ac55f12774b625cb4d7563) C:\Program Files (x86)\Webroot\Security\current\plugins\antimalware\AEI.exe
12:26:15.0178 2740 WebrootSpySweeperService - ok
12:26:15.0334 2740 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\windows\system32\wecsvc.dll
12:26:15.0349 2740 Wecsvc - ok
12:26:15.0380 2740 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\windows\System32\wercplsupport.dll
12:26:15.0380 2740 wercplsupport - ok
12:26:15.0412 2740 WerSvc (6d137963730144698cbd10f202e9f251) C:\windows\System32\WerSvc.dll
12:26:15.0412 2740 WerSvc - ok
12:26:15.0443 2740 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys
12:26:15.0443 2740 WfpLwf - ok
12:26:15.0583 2740 WiMAXAppSrv (245ea6a2cfae7b183ee9a14a4673b1f1) C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
12:26:15.0583 2740 WiMAXAppSrv - ok
12:26:15.0599 2740 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys
12:26:15.0614 2740 WIMMount - ok
12:26:15.0630 2740 WinDefend - ok
12:26:15.0646 2740 WinHttpAutoProxySvc - ok
12:26:15.0739 2740 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\windows\system32\wbem\WMIsvc.dll
12:26:15.0739 2740 Winmgmt - ok
12:26:15.0942 2740 WinRM (bcb1310604aa415c4508708975b3931e) C:\windows\system32\WsmSvc.dll
12:26:16.0020 2740 WinRM - ok
12:26:16.0223 2740 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\windows\System32\wlansvc.dll
12:26:16.0238 2740 Wlansvc - ok
12:26:16.0301 2740 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
12:26:16.0301 2740 wlcrasvc - ok
12:26:16.0535 2740 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:26:16.0582 2740 wlidsvc - ok
12:26:16.0722 2740 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\DRIVERS\wmiacpi.sys
12:26:16.0722 2740 WmiAcpi - ok
12:26:16.0831 2740 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\windows\system32\wbem\WmiApSrv.exe
12:26:16.0847 2740 wmiApSrv - ok
12:26:16.0878 2740 WMPNetworkSvc - ok
12:26:16.0925 2740 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\windows\System32\wpcsvc.dll
12:26:16.0925 2740 WPCSvc - ok
12:26:16.0956 2740 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\windows\system32\wpdbusenum.dll
12:26:16.0972 2740 WPDBusEnum - ok
12:26:17.0330 2740 WRConsumerService (d3b14a9ca2a03f8d0385c6baa90fe928) C:\Program Files (x86)\Webroot\Security\Current\Framework\WRConsumerService.exe
12:26:17.0424 2740 WRConsumerService - ok
12:26:17.0549 2740 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys
12:26:17.0564 2740 ws2ifsl - ok
12:26:17.0596 2740 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\windows\system32\wscsvc.dll
12:26:17.0596 2740 wscsvc - ok
12:26:17.0611 2740 WSearch - ok
12:26:17.0658 2740 wsvd (83575c43b2bfe9ab0661a7f957e843c0) C:\windows\system32\DRIVERS\wsvd.sys
12:26:17.0674 2740 wsvd - ok
12:26:17.0876 2740 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\windows\system32\wuaueng.dll
12:26:17.0923 2740 wuauserv - ok
12:26:18.0079 2740 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\windows\system32\drivers\WudfPf.sys
12:26:18.0095 2740 WudfPf - ok
12:26:18.0157 2740 WUDFRd (cf8d590be3373029d57af80914190682) C:\windows\system32\DRIVERS\WUDFRd.sys
12:26:18.0173 2740 WUDFRd - ok
12:26:18.0204 2740 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\windows\System32\WUDFSvc.dll
12:26:18.0220 2740 wudfsvc - ok
12:26:18.0251 2740 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\windows\System32\wwansvc.dll
12:26:18.0266 2740 WwanSvc - ok
12:26:18.0313 2740 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
12:26:18.0313 2740 \Device\Harddisk0\DR0 - ok
12:26:18.0329 2740 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR4
12:26:19.0967 2740 \Device\Harddisk1\DR4 - ok
12:26:19.0982 2740 Boot (0x1200) (0c0ecaf9fdc7f68aac9314570c28021b) \Device\Harddisk0\DR0\Partition0
12:26:19.0982 2740 \Device\Harddisk0\DR0\Partition0 - ok
12:26:20.0014 2740 Boot (0x1200) (b91a05a29dbb9246acf04f6c73daa711) \Device\Harddisk0\DR0\Partition1
12:26:20.0014 2740 \Device\Harddisk0\DR0\Partition1 - ok
12:26:20.0045 2740 Boot (0x1200) (1553e3849bdd3043412f0960d5751d1d) \Device\Harddisk0\DR0\Partition2
12:26:20.0045 2740 \Device\Harddisk0\DR0\Partition2 - ok
12:26:20.0060 2740 Boot (0x1200) (380cf7c61cea9e382ac06cd37bc21be9) \Device\Harddisk1\DR4\Partition0
12:26:20.0060 2740 \Device\Harddisk1\DR4\Partition0 - ok
12:26:20.0060 2740 ============================================================
12:26:20.0060 2740 Scan finished
12:26:20.0060 2740 ============================================================
12:26:20.0076 6964 Detected object count: 0
12:26:20.0076 6964 Actual detected object count: 0
12:27:25.0425 6336 Deinitialize success

#14 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,738 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:09:39 AM

Posted 27 April 2012 - 01:28 PM

Download the FixTDSS.exe

Save the file to your Windows desktop.
Close all running programs.
If you are running Windows XP, turn off System Restore. How to turn off or turn on Windows XP System Restore
Double-click the FixTDSS.exe file to start the removal tool.
Click Start to begin the process, and then allow the tool to run.
OK any security prompts.
Restart the computer when prompted by the tool.
After the computer has started, the tool will inform you of the state of infection (make sure to let me know what it said)
If you are running Windows XP, re-enable System Restore.

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#15 labviking

labviking
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:39 AM

Posted 27 April 2012 - 01:37 PM

no infections where found.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users