Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with S.M.A.R.T. Spyware


  • Please log in to reply
22 replies to this topic

#1 amiri baraka

amiri baraka

  • Members
  • 64 posts
  • OFFLINE
  •  
  • Local time:12:10 AM

Posted 29 April 2012 - 11:25 AM

Hi there,

I am getting invaded by a trojan calling itself S.M.A.R.T which purports to be an anti-spyware. it is, in fact, spyware. i have run malwarebytes, super anti-spyware, and rkill. malware is able to locate the virus, but when it comes time to kill it, the virus seems to resurface. i restarted my computer after i had it in safemode and the virus was still there. rkill doesn't appear to be able to recognize it, because it's claiming my system is clean. the virus program seems to exist in a folder called "data recovery."

some of my programs do not appear on the desktop any more. they are still in the "start" menu but they don't appear as icons in the start menu. i have to click "programs" to see them. also, i have an external hard drive which i had in this computer at the time it was attacked. i wanted to see if it was also attacked so i plugged it into a different computer. the computer still recognizes that there are things taking up hard drive space, but there does not appear to be any way to see/locate those files.

i can still use internet on this computer--the only blessing. the computer is a windows vista 2007...

any help you could offer would be greatly appreciated...

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:10 PM

Posted 29 April 2012 - 12:58 PM

Follow this guide

http://www.bleepingcomputer.com/virus-removal/remove-data-recovery

Let me know if it worked

#3 amiri baraka

amiri baraka
  • Topic Starter

  • Members
  • 64 posts
  • OFFLINE
  •  
  • Local time:12:10 AM

Posted 29 April 2012 - 03:16 PM

Hi there,

thank you. the link was helpful and did allow my programs/hard drive to display icons/files again, but the spyware is still there when i reboot. malware did not pick up any spyware last time. i tried running rkill---it worked the last time i tried it (found spyware) but when i put it back in safemode this time it didn't work properly. i think the spyware is messing with it.

stupidly, i did previously remove my temp internet files (doh!). i'm not sure if that affected the operations i attempted.

the file "data recovery" is still sitting on my desktop. that is where the rogue program is--i'm sure it has linked itself to other parts of the computer, but somehow my antispyware programs aren't removing it.

Edited by amiri baraka, 29 April 2012 - 03:16 PM.


#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:10 PM

Posted 29 April 2012 - 04:13 PM

stupidly, i did previously remove my temp internet files (doh!). i'm not sure if that affected the operations i attempted.

what is your operating system?


the file "data recovery" is still sitting on my desktop. that is where the rogue program is--i'm sure it has linked itself to other parts of the computer, but somehow my antispyware programs aren't removing it.


Delete icon manually.Click on startmenu and delete the data recovery folder

Post your mbam an TDSSkiller log in your next reply

#5 amiri baraka

amiri baraka
  • Topic Starter

  • Members
  • 64 posts
  • OFFLINE
  •  
  • Local time:12:10 AM

Posted 29 April 2012 - 04:44 PM

ok...i deleted both of the folders.

my operating system is windows vista.

here is my latest log. it did catch the spyware this time around...

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.04.29.04

Windows Vista Service Pack 1 x86 NTFS (Safe Mode/Networking)
Internet Explorer 8.0.6001.19088
Brendan :: PC [administrator]

4/29/2012 4:17:20 PM
mbam-log-2012-04-29 (16-17-20).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 424120
Time elapsed: 59 minute(s), 44 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowSearch (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and repaired successfully.

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

Edited by amiri baraka, 29 April 2012 - 04:44 PM.


#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:10 PM

Posted 29 April 2012 - 04:55 PM

Boot your PC into safemode with networking

Download

Autoruns

Launch autoruns.exe ,allow it to scan

Click on File-save

Save it as autoruns.txt and upload the log to

www.filedropper.com and post the link here

good luck

#7 amiri baraka

amiri baraka
  • Topic Starter

  • Members
  • 64 posts
  • OFFLINE
  •  
  • Local time:12:10 AM

Posted 29 April 2012 - 05:06 PM

ok thanks...hopefully it worked

http://www.filedropper.com/autoruns_2


i'm going to be out for a bit. i will post to your next reply prob around 10:30 EST...

Edited by amiri baraka, 29 April 2012 - 05:19 PM.


#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:10 PM

Posted 29 April 2012 - 07:09 PM

there was a problem saving the file

save it as

filename:autoruns
save as type:text

Upload the new log file

#9 amiri baraka

amiri baraka
  • Topic Starter

  • Members
  • 64 posts
  • OFFLINE
  •  
  • Local time:12:10 AM

Posted 29 April 2012 - 09:45 PM

ok...

it says "link to share this file with anyone"


http://www.filedropper.com/autoruns_3


then it says this is the embedded code to share on websites. i'm guessing this is what you need?



<a href=http://www.filedropper.com/autoruns_3><img src=http://www.filedropper.com/download_button.png width=127 height=145 border=0/></a><br /><div style=font-size:9px;font-family:Arial, Helvetica, sans-serif;width:127px;font-color:#44a854;> <a href=http://www.filedropper.com >file upload</a></div>

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:10 PM

Posted 29 April 2012 - 10:33 PM

That looks clean

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)


Please download GMER from here(doesnot work on 64 bit OS)

http://www2.gmer.net/download.php

Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.

GMER will open to the Rootkit/Malware tab and perform an automatic Full Scan when first run. (do not use the computer while the scan is in progress)

If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
Now click the Scan button. If you see a rootkit warning window, click OK.
When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
Click the Copy button and paste the results into your next reply.


Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

#11 amiri baraka

amiri baraka
  • Topic Starter

  • Members
  • 64 posts
  • OFFLINE
  •  
  • Local time:12:10 AM

Posted 30 April 2012 - 02:52 PM

here is the log report from tdss killer...i will post the next report in a moment...

14:26:39.0737 1636 Current date / time: 2012/04/29 14:26:39.0737
14:26:39.0737 1636 SystemInfo:
14:26:39.0737 1636
14:26:39.0737 1636 OS Version: 6.0.6001 ServicePack: 1.0
14:26:39.0737 1636 Product type: Workstation
14:26:39.0737 1636 ComputerName: PC
14:26:39.0737 1636 UserName: Brendan
14:26:39.0737 1636 Windows directory: C:\Windows
14:26:39.0737 1636 System windows directory: C:\Windows
14:26:39.0737 1636 Processor architecture: Intel x86
14:26:39.0737 1636 Number of processors: 2
14:26:39.0737 1636 Page size: 0x1000
14:26:39.0737 1636 Boot type: Safe boot with network
14:26:39.0737 1636 ============================================================
14:26:40.0098 1636 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
14:26:40.0100 1636 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
14:26:40.0113 1636 ============================================================
14:26:40.0113 1636 \Device\Harddisk0\DR0:
14:26:40.0113 1636 MBR partitions:
14:26:40.0113 1636 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x23DE2B93
14:26:40.0113 1636 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x23DE2BD2, BlocksNum 0x164AAEF
14:26:40.0113 1636 \Device\Harddisk1\DR1:
14:26:40.0114 1636 MBR partitions:
14:26:40.0114 1636 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02
14:26:40.0114 1636 ============================================================
14:26:40.0135 1636 C: <-> \Device\Harddisk0\DR0\Partition0
14:26:40.0196 1636 D: <-> \Device\Harddisk0\DR0\Partition1
14:26:40.0201 1636 G: <-> \Device\Harddisk1\DR1\Partition0
14:26:40.0201 1636 ============================================================
14:26:40.0201 1636 Initialize success
14:26:40.0201 1636 ============================================================
14:26:48.0383 1832 ============================================================
14:26:48.0383 1832 Scan started
14:26:48.0383 1832 Mode: Manual;
14:26:48.0383 1832 ============================================================
14:26:48.0676 1832 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
14:26:48.0677 1832 !SASCORE - ok
14:26:48.0858 1832 ACPI (fcb8c7210f0135e24c6580f7f649c73c) C:\Windows\system32\drivers\acpi.sys
14:26:48.0860 1832 ACPI - ok
14:26:48.0962 1832 AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
14:26:48.0964 1832 AdobeFlashPlayerUpdateSvc - ok
14:26:49.0025 1832 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
14:26:49.0028 1832 adp94xx - ok
14:26:49.0063 1832 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
14:26:49.0066 1832 adpahci - ok
14:26:49.0096 1832 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
14:26:49.0097 1832 adpu160m - ok
14:26:49.0122 1832 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
14:26:49.0123 1832 adpu320 - ok
14:26:49.0158 1832 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
14:26:49.0158 1832 AeLookupSvc - ok
14:26:49.0239 1832 AFD (48eb99503533c27ac6135648e5474457) C:\Windows\system32\drivers\afd.sys
14:26:49.0241 1832 AFD - ok
14:26:49.0275 1832 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
14:26:49.0275 1832 agp440 - ok
14:26:49.0293 1832 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
14:26:49.0294 1832 aic78xx - ok
14:26:49.0316 1832 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
14:26:49.0317 1832 ALG - ok
14:26:49.0335 1832 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
14:26:49.0336 1832 aliide - ok
14:26:49.0350 1832 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
14:26:49.0351 1832 amdagp - ok
14:26:49.0365 1832 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
14:26:49.0365 1832 amdide - ok
14:26:49.0387 1832 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
14:26:49.0388 1832 AmdK7 - ok
14:26:49.0411 1832 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys
14:26:49.0411 1832 AmdK8 - ok
14:26:49.0456 1832 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
14:26:49.0457 1832 Appinfo - ok
14:26:49.0564 1832 Apple Mobile Device (557f35d1ca42aea14a6690e21887a31f) C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
14:26:49.0565 1832 Apple Mobile Device - ok
14:26:49.0603 1832 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
14:26:49.0604 1832 arc - ok
14:26:49.0630 1832 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
14:26:49.0630 1832 arcsas - ok
14:26:49.0660 1832 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
14:26:49.0660 1832 AsyncMac - ok
14:26:49.0666 1832 atapi (2d9c903dc76a66813d350a562de40ed9) C:\Windows\system32\drivers\atapi.sys
14:26:49.0667 1832 atapi - ok
14:26:49.0719 1832 AudioEndpointBuilder (42076e29aafa0830a2c5d4e310f58dd1) C:\Windows\System32\Audiosrv.dll
14:26:49.0721 1832 AudioEndpointBuilder - ok
14:26:49.0728 1832 Audiosrv (42076e29aafa0830a2c5d4e310f58dd1) C:\Windows\System32\Audiosrv.dll
14:26:49.0731 1832 Audiosrv - ok
14:26:49.0798 1832 BCM43XV (cf6a67c90951e3e763d2135dede44b85) C:\Windows\system32\DRIVERS\bcmwl6.sys
14:26:49.0801 1832 BCM43XV - ok
14:26:49.0824 1832 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
14:26:49.0824 1832 Beep - ok
14:26:49.0863 1832 BFE (8582e233c346aefe759833e8a30dd697) C:\Windows\System32\bfe.dll
14:26:49.0866 1832 BFE - ok
14:26:49.0949 1832 BITS (02ed7b4dbc2a3232a389106da7515c3d) C:\Windows\System32\qmgr.dll
14:26:49.0956 1832 BITS - ok
14:26:49.0975 1832 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
14:26:49.0976 1832 blbdrive - ok
14:26:50.0028 1832 bowser (8153396d5551276227fa146900f734e6) C:\Windows\system32\DRIVERS\bowser.sys
14:26:50.0029 1832 bowser - ok
14:26:50.0047 1832 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
14:26:50.0048 1832 BrFiltLo - ok
14:26:50.0063 1832 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
14:26:50.0064 1832 BrFiltUp - ok
14:26:50.0105 1832 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
14:26:50.0106 1832 Browser - ok
14:26:50.0130 1832 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
14:26:50.0130 1832 Brserid - ok
14:26:50.0153 1832 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
14:26:50.0154 1832 BrSerWdm - ok
14:26:50.0166 1832 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
14:26:50.0167 1832 BrUsbMdm - ok
14:26:50.0180 1832 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
14:26:50.0181 1832 BrUsbSer - ok
14:26:50.0207 1832 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
14:26:50.0207 1832 BTHMODEM - ok
14:26:50.0225 1832 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
14:26:50.0226 1832 cdfs - ok
14:26:50.0266 1832 cdrom (1ec25cea0de6ac4718bf89f9e1778b57) C:\Windows\system32\DRIVERS\cdrom.sys
14:26:50.0266 1832 cdrom - ok
14:26:50.0303 1832 CertPropSvc (87c2d0377b23e2d8a41093c2f5fb1a5b) C:\Windows\System32\certprop.dll
14:26:50.0304 1832 CertPropSvc - ok
14:26:50.0340 1832 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
14:26:50.0341 1832 circlass - ok
14:26:50.0368 1832 CLFS (465745561c832b29f7c48b488aab3842) C:\Windows\system32\CLFS.sys
14:26:50.0370 1832 CLFS - ok
14:26:50.0437 1832 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:26:50.0439 1832 clr_optimization_v2.0.50727_32 - ok
14:26:50.0557 1832 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:26:50.0559 1832 clr_optimization_v4.0.30319_32 - ok
14:26:50.0580 1832 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
14:26:50.0581 1832 cmdide - ok
14:26:50.0618 1832 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\drivers\compbatt.sys
14:26:50.0618 1832 Compbatt - ok
14:26:50.0623 1832 COMSysApp - ok
14:26:50.0653 1832 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
14:26:50.0653 1832 crcdisk - ok
14:26:50.0673 1832 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
14:26:50.0674 1832 Crusoe - ok
14:26:50.0740 1832 CryptSvc (6de363f9f99334514c46aec02d3e3678) C:\Windows\system32\cryptsvc.dll
14:26:50.0742 1832 CryptSvc - ok
14:26:50.0833 1832 DcomLaunch (301ae00e12408650baddc04dbc832830) C:\Windows\system32\rpcss.dll
14:26:50.0838 1832 DcomLaunch - ok
14:26:50.0901 1832 DfsC (a3e9fa213f443ac77c7746119d13feec) C:\Windows\system32\Drivers\dfsc.sys
14:26:50.0902 1832 DfsC - ok
14:26:51.0088 1832 DFSR (fa3463f25f9cc9c3bcf1e7912feff099) C:\Windows\system32\DFSR.exe
14:26:51.0101 1832 DFSR - ok
14:26:51.0234 1832 Dhcp (43a988a9c10333476cb5fb667cbd629d) C:\Windows\System32\dhcpcsvc.dll
14:26:51.0236 1832 Dhcp - ok
14:26:51.0272 1832 disk (64109e623abd6955c8fb110b592e68b7) C:\Windows\system32\drivers\disk.sys
14:26:51.0273 1832 disk - ok
14:26:51.0330 1832 Dnscache (4805d9a6d281c7a7defd9094dec6af7d) C:\Windows\System32\dnsrslvr.dll
14:26:51.0331 1832 Dnscache - ok
14:26:51.0342 1832 dot3svc (5af620a08c614e24206b79e8153cf1a8) C:\Windows\System32\dot3svc.dll
14:26:51.0344 1832 dot3svc - ok
14:26:51.0366 1832 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
14:26:51.0367 1832 DPS - ok
14:26:51.0403 1832 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
14:26:51.0403 1832 drmkaud - ok
14:26:51.0455 1832 DXGKrnl (85f33880b8cfb554bd3d9ccdb486845a) C:\Windows\System32\drivers\dxgkrnl.sys
14:26:51.0460 1832 DXGKrnl - ok
14:26:51.0489 1832 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
14:26:51.0491 1832 E1G60 - ok
14:26:51.0516 1832 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
14:26:51.0517 1832 EapHost - ok
14:26:51.0553 1832 Ecache (dd2cd259d83d8b72c02c5f2331ff9d68) C:\Windows\system32\drivers\ecache.sys
14:26:51.0554 1832 Ecache - ok
14:26:51.0606 1832 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
14:26:51.0608 1832 ehRecvr - ok
14:26:51.0660 1832 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
14:26:51.0661 1832 ehSched - ok
14:26:51.0670 1832 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
14:26:51.0670 1832 ehstart - ok
14:26:51.0734 1832 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
14:26:51.0736 1832 elxstor - ok
14:26:51.0814 1832 EMDMgmt (70b1a86df0c8ead17d2bc332edae2c7c) C:\Windows\system32\emdmgmt.dll
14:26:51.0818 1832 EMDMgmt - ok
14:26:51.0842 1832 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
14:26:51.0843 1832 ErrDev - ok
14:26:51.0888 1832 EventSystem (3cb3343d720168b575133a0a20dc2465) C:\Windows\system32\es.dll
14:26:51.0891 1832 EventSystem - ok
14:26:51.0929 1832 exfat (0d858eb20589a34efb25695acaa6aa2d) C:\Windows\system32\drivers\exfat.sys
14:26:51.0930 1832 exfat - ok
14:26:51.0957 1832 fastfat (3c489390c2e2064563727752af8eab9e) C:\Windows\system32\drivers\fastfat.sys
14:26:51.0958 1832 fastfat - ok
14:26:51.0986 1832 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
14:26:51.0986 1832 fdc - ok
14:26:52.0012 1832 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
14:26:52.0013 1832 fdPHost - ok
14:26:52.0030 1832 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
14:26:52.0031 1832 FDResPub - ok
14:26:52.0049 1832 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
14:26:52.0049 1832 FileInfo - ok
14:26:52.0062 1832 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
14:26:52.0063 1832 Filetrace - ok
14:26:52.0080 1832 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
14:26:52.0080 1832 flpydisk - ok
14:26:52.0092 1832 FltMgr (05ea53afe985443011e36dab07343b46) C:\Windows\system32\drivers\fltmgr.sys
14:26:52.0094 1832 FltMgr - ok
14:26:52.0141 1832 FontCache3.0.0.0 (c9be08664611ddaf98e2331e9288b00b) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
14:26:52.0142 1832 FontCache3.0.0.0 - ok
14:26:52.0241 1832 FreeAgentGoNext Service (eb1951e61c28b3b7d812a47adb976e60) C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
14:26:52.0243 1832 FreeAgentGoNext Service - ok
14:26:52.0259 1832 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
14:26:52.0260 1832 Fs_Rec - ok
14:26:52.0287 1832 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
14:26:52.0288 1832 gagp30kx - ok
14:26:52.0345 1832 GameConsoleService (617dc2877015270914ca3c03873560d5) C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
14:26:52.0347 1832 GameConsoleService - ok
14:26:52.0400 1832 gpsvc (d9f1113d9401185245573350712f92fc) C:\Windows\System32\gpsvc.dll
14:26:52.0404 1832 gpsvc - ok
14:26:52.0421 1832 HDAudBus (c87b1ee051c0464491c1a7b03fa0bc99) C:\Windows\system32\DRIVERS\HDAudBus.sys
14:26:52.0422 1832 HDAudBus - ok
14:26:52.0441 1832 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
14:26:52.0442 1832 HidBth - ok
14:26:52.0452 1832 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
14:26:52.0453 1832 HidIr - ok
14:26:52.0459 1832 hidserv (8fa640195279ace21bea91396a0054fc) C:\Windows\system32\hidserv.dll
14:26:52.0460 1832 hidserv - ok
14:26:52.0484 1832 HidUsb (854ca287ab7faf949617a788306d967e) C:\Windows\system32\DRIVERS\hidusb.sys
14:26:52.0484 1832 HidUsb - ok
14:26:52.0512 1832 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
14:26:52.0513 1832 hkmsvc - ok
14:26:52.0569 1832 HP Health Check Service (a3a30438c48d2d71556e120c9c7ba7a0) c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
14:26:52.0570 1832 HP Health Check Service - ok
14:26:52.0596 1832 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
14:26:52.0596 1832 HpCISSs - ok
14:26:52.0673 1832 HSF_DP (617732f6c0f86df3757b1d39211c15e5) C:\Windows\system32\DRIVERS\HSX_DP.sys
14:26:52.0680 1832 HSF_DP - ok
14:26:52.0704 1832 HSXHWBS3 (b1322e002bc4a556f83e4edde8e2f30f) C:\Windows\system32\DRIVERS\HSXHWBS3.sys
14:26:52.0706 1832 HSXHWBS3 - ok
14:26:52.0775 1832 HTTP (96e241624c71211a79c84f50a8e71cab) C:\Windows\system32\drivers\HTTP.sys
14:26:52.0779 1832 HTTP - ok
14:26:52.0797 1832 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
14:26:52.0798 1832 i2omp - ok
14:26:52.0821 1832 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
14:26:52.0822 1832 i8042prt - ok
14:26:52.0853 1832 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
14:26:52.0855 1832 iaStorV - ok
14:26:52.0959 1832 idsvc (7b630acaed64fef0c3e1cf255cb56686) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:26:52.0965 1832 idsvc - ok
14:26:52.0991 1832 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
14:26:52.0992 1832 iirsp - ok
14:26:53.0041 1832 IKEEXT (a3bc480a2bf8aa8e4dabd2d5dce0afac) C:\Windows\System32\ikeext.dll
14:26:53.0045 1832 IKEEXT - ok
14:26:53.0185 1832 IntcAzAudAddService (5d26ccb06e1f3b5c26e863df3f4f2611) C:\Windows\system32\drivers\RTKVHDA.sys
14:26:53.0199 1832 IntcAzAudAddService - ok
14:26:53.0315 1832 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
14:26:53.0315 1832 intelide - ok
14:26:53.0331 1832 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
14:26:53.0332 1832 intelppm - ok
14:26:53.0355 1832 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
14:26:53.0357 1832 IPBusEnum - ok
14:26:53.0376 1832 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:26:53.0376 1832 IpFilterDriver - ok
14:26:53.0436 1832 iphlpsvc (6a35d233693edc29a12742049bc5e37f) C:\Windows\System32\iphlpsvc.dll
14:26:53.0438 1832 iphlpsvc - ok
14:26:53.0442 1832 IpInIp - ok
14:26:53.0462 1832 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
14:26:53.0463 1832 IPMIDRV - ok
14:26:53.0483 1832 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
14:26:53.0484 1832 IPNAT - ok
14:26:53.0499 1832 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
14:26:53.0500 1832 IRENUM - ok
14:26:53.0518 1832 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
14:26:53.0518 1832 isapnp - ok
14:26:53.0562 1832 iScsiPrt (f247eec28317f6c739c16de420097301) C:\Windows\system32\DRIVERS\msiscsi.sys
14:26:53.0564 1832 iScsiPrt - ok
14:26:53.0581 1832 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
14:26:53.0582 1832 iteatapi - ok
14:26:53.0598 1832 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
14:26:53.0598 1832 iteraid - ok
14:26:53.0617 1832 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
14:26:53.0617 1832 kbdclass - ok
14:26:53.0631 1832 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\drivers\kbdhid.sys
14:26:53.0631 1832 kbdhid - ok
14:26:53.0675 1832 KeyIso (a911ecac81f94adeafbe8e3f7873edb0) C:\Windows\system32\lsass.exe
14:26:53.0677 1832 KeyIso - ok
14:26:53.0710 1832 KSecDD (7a0cf7908b6824d6a2a1d313e5ae3dca) C:\Windows\system32\Drivers\ksecdd.sys
14:26:53.0714 1832 KSecDD - ok
14:26:53.0763 1832 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
14:26:53.0767 1832 KtmRm - ok
14:26:53.0806 1832 LanmanServer (1925e63c91cf1610ae41bfd539062079) C:\Windows\system32\srvsvc.dll
14:26:53.0809 1832 LanmanServer - ok
14:26:53.0863 1832 LanmanWorkstation (2ae2e1628c5d3f1c0a46a67c9fa1df15) C:\Windows\System32\wkssvc.dll
14:26:53.0866 1832 LanmanWorkstation - ok
14:26:54.0036 1832 Lavasoft Ad-Aware Service (ea38136981c61c571d52c380daad46ef) C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
14:26:54.0049 1832 Lavasoft Ad-Aware Service - ok
14:26:54.0181 1832 Lbd (336abe8721cbc3110f1c6426da633417) C:\Windows\system32\DRIVERS\Lbd.sys
14:26:54.0182 1832 Lbd - ok
14:26:54.0253 1832 LightScribeService (dfeff67508d3a9aeb1a85d7b0f513b24) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
14:26:54.0254 1832 LightScribeService - ok
14:26:54.0284 1832 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
14:26:54.0285 1832 lltdio - ok
14:26:54.0319 1832 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
14:26:54.0321 1832 lltdsvc - ok
14:26:54.0344 1832 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
14:26:54.0345 1832 lmhosts - ok
14:26:54.0371 1832 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
14:26:54.0372 1832 LSI_FC - ok
14:26:54.0393 1832 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
14:26:54.0394 1832 LSI_SAS - ok
14:26:54.0416 1832 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
14:26:54.0417 1832 LSI_SCSI - ok
14:26:54.0434 1832 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
14:26:54.0435 1832 luafv - ok
14:26:54.0463 1832 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
14:26:54.0465 1832 Mcx2Svc - ok
14:26:54.0500 1832 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
14:26:54.0500 1832 mdmxsdk - ok
14:26:54.0529 1832 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
14:26:54.0529 1832 megasas - ok
14:26:54.0559 1832 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
14:26:54.0562 1832 MegaSR - ok
14:26:54.0579 1832 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
14:26:54.0581 1832 MMCSS - ok
14:26:54.0591 1832 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
14:26:54.0592 1832 Modem - ok
14:26:54.0612 1832 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
14:26:54.0613 1832 monitor - ok
14:26:54.0624 1832 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
14:26:54.0625 1832 mouclass - ok
14:26:54.0647 1832 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\drivers\mouhid.sys
14:26:54.0647 1832 mouhid - ok
14:26:54.0662 1832 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
14:26:54.0663 1832 MountMgr - ok
14:26:54.0680 1832 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
14:26:54.0681 1832 mpio - ok
14:26:54.0697 1832 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
14:26:54.0698 1832 mpsdrv - ok
14:26:54.0729 1832 MpsSvc (d1639ba315b0d79dec49a4b0e1fb929b) C:\Windows\system32\mpssvc.dll
14:26:54.0733 1832 MpsSvc - ok
14:26:54.0755 1832 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
14:26:54.0756 1832 Mraid35x - ok
14:26:54.0774 1832 MRxDAV (ae3de84536b6799d2267443cec8edbb9) C:\Windows\system32\drivers\mrxdav.sys
14:26:54.0775 1832 MRxDAV - ok
14:26:54.0824 1832 mrxsmb (5734a0f2be7e495f7d3ed6efd4b9f5a1) C:\Windows\system32\DRIVERS\mrxsmb.sys
14:26:54.0825 1832 mrxsmb - ok
14:26:54.0868 1832 mrxsmb10 (6b5fa5adfacac9dbbe0991f4566d7d55) C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:26:54.0870 1832 mrxsmb10 - ok
14:26:54.0892 1832 mrxsmb20 (5c80d8159181c7abf1b14ba703b01e0b) C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:26:54.0894 1832 mrxsmb20 - ok
14:26:54.0916 1832 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
14:26:54.0917 1832 msahci - ok
14:26:54.0932 1832 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
14:26:54.0933 1832 msdsm - ok
14:26:54.0967 1832 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
14:26:54.0969 1832 MSDTC - ok
14:26:54.0993 1832 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
14:26:54.0994 1832 Msfs - ok
14:26:55.0001 1832 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
14:26:55.0002 1832 msisadrv - ok
14:26:55.0028 1832 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
14:26:55.0030 1832 MSiSCSI - ok
14:26:55.0034 1832 msiserver - ok
14:26:55.0052 1832 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
14:26:55.0053 1832 MSKSSRV - ok
14:26:55.0081 1832 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
14:26:55.0082 1832 MSPCLOCK - ok
14:26:55.0095 1832 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
14:26:55.0095 1832 MSPQM - ok
14:26:55.0116 1832 MsRPC (b5614aecb05a9340aa0fb55bf561cc63) C:\Windows\system32\drivers\MsRPC.sys
14:26:55.0118 1832 MsRPC - ok
14:26:55.0136 1832 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
14:26:55.0136 1832 mssmbios - ok
14:26:55.0150 1832 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
14:26:55.0151 1832 MSTEE - ok
14:26:55.0157 1832 Mup (6dfd1d322de55b0b7db7d21b90bec49c) C:\Windows\system32\Drivers\mup.sys
14:26:55.0158 1832 Mup - ok
14:26:55.0195 1832 napagent (c43b25863fbd65b6d2a142af3ae320ca) C:\Windows\system32\qagentRT.dll
14:26:55.0199 1832 napagent - ok
14:26:55.0231 1832 NativeWifiP (3c21ce48ff529bb73dadb98770b54025) C:\Windows\system32\DRIVERS\nwifi.sys
14:26:55.0233 1832 NativeWifiP - ok
14:26:55.0303 1832 NDIS (9bdc71790fa08f0a0b5f10462b1bd0b1) C:\Windows\system32\drivers\ndis.sys
14:26:55.0306 1832 NDIS - ok
14:26:55.0315 1832 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
14:26:55.0315 1832 NdisTapi - ok
14:26:55.0332 1832 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
14:26:55.0332 1832 Ndisuio - ok
14:26:55.0361 1832 NdisWan (3d14c3b3496f88890d431e8aa022a411) C:\Windows\system32\DRIVERS\ndiswan.sys
14:26:55.0362 1832 NdisWan - ok
14:26:55.0369 1832 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
14:26:55.0370 1832 NDProxy - ok
14:26:55.0380 1832 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
14:26:55.0380 1832 NetBIOS - ok
14:26:55.0403 1832 netbt (7c5fee5b1c5728507cd96fb4a13e7a02) C:\Windows\system32\DRIVERS\netbt.sys
14:26:55.0405 1832 netbt - ok
14:26:55.0450 1832 Netlogon (a911ecac81f94adeafbe8e3f7873edb0) C:\Windows\system32\lsass.exe
14:26:55.0452 1832 Netlogon - ok
14:26:55.0480 1832 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
14:26:55.0484 1832 Netman - ok
14:26:55.0527 1832 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
14:26:55.0530 1832 netprofm - ok
14:26:55.0593 1832 NetTcpPortSharing (0ad5876ef4e9eb77c8f93eb5b2fff386) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:26:55.0595 1832 NetTcpPortSharing - ok
14:26:55.0626 1832 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
14:26:55.0627 1832 nfrd960 - ok
14:26:55.0650 1832 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
14:26:55.0653 1832 NlaSvc - ok
14:26:55.0667 1832 Npfs (ecb5003f484f9ed6c608d6d6c7886cbb) C:\Windows\system32\drivers\Npfs.sys
14:26:55.0668 1832 Npfs - ok
14:26:55.0687 1832 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
14:26:55.0689 1832 nsi - ok
14:26:55.0696 1832 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
14:26:55.0697 1832 nsiproxy - ok
14:26:55.0758 1832 Ntfs (b4effe29eb4f15538fd8a9681108492d) C:\Windows\system32\drivers\Ntfs.sys
14:26:55.0765 1832 Ntfs - ok
14:26:55.0784 1832 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
14:26:55.0784 1832 ntrigdigi - ok
14:26:55.0803 1832 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
14:26:55.0803 1832 Null - ok
14:26:55.0889 1832 NVENETFD (de3fcf6a5aaca198b22998330c3c64d9) C:\Windows\system32\DRIVERS\nvmfdx32.sys
14:26:55.0896 1832 NVENETFD - ok
14:26:56.0258 1832 nvlddmkm (fbba09782f2fac5a57619df378ba9372) C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:26:56.0303 1832 nvlddmkm - ok
14:26:56.0415 1832 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
14:26:56.0416 1832 nvraid - ok
14:26:56.0448 1832 nvrd32 (6934105ecc6a19570160d794e301e595) C:\Windows\system32\drivers\nvrd32.sys
14:26:56.0449 1832 nvrd32 - ok
14:26:56.0478 1832 nvsmu (62754e376185eacbb73d06fea0ffc54a) C:\Windows\system32\drivers\nvsmu.sys
14:26:56.0478 1832 nvsmu - ok
14:26:56.0492 1832 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
14:26:56.0493 1832 nvstor - ok
14:26:56.0523 1832 nvstor32 (d05f6e26ac960474494356fe703d61be) C:\Windows\system32\DRIVERS\nvstor32.sys
14:26:56.0525 1832 nvstor32 - ok
14:26:56.0555 1832 nvsvc (cf7769f13b3ecc5e2bf1b3d1c5831ae8) C:\Windows\system32\nvvsvc.exe
14:26:56.0557 1832 nvsvc - ok
14:26:56.0580 1832 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
14:26:56.0581 1832 nv_agp - ok
14:26:56.0586 1832 NwlnkFlt - ok
14:26:56.0593 1832 NwlnkFwd - ok
14:26:56.0728 1832 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:26:56.0731 1832 odserv - ok
14:26:56.0763 1832 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
14:26:56.0764 1832 ohci1394 - ok
14:26:56.0802 1832 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:26:56.0803 1832 ose - ok
14:26:56.0855 1832 p2pimsvc (5de1a3972fd3112c75eb17bdcf454169) C:\Windows\system32\p2psvc.dll
14:26:56.0860 1832 p2pimsvc - ok
14:26:56.0870 1832 p2psvc (5de1a3972fd3112c75eb17bdcf454169) C:\Windows\system32\p2psvc.dll
14:26:56.0875 1832 p2psvc - ok
14:26:56.0905 1832 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
14:26:56.0906 1832 Parport - ok
14:26:56.0920 1832 partmgr (3b38467e7c3daed009dfe359e17f139f) C:\Windows\system32\drivers\partmgr.sys
14:26:56.0921 1832 partmgr - ok
14:26:56.0938 1832 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
14:26:56.0938 1832 Parvdm - ok
14:26:56.0958 1832 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
14:26:56.0960 1832 PcaSvc - ok
14:26:56.0981 1832 pci (01b94418deb235dff777cc80076354b4) C:\Windows\system32\drivers\pci.sys
14:26:56.0983 1832 pci - ok
14:26:57.0003 1832 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
14:26:57.0004 1832 pciide - ok
14:26:57.0051 1832 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
14:26:57.0052 1832 pcmcia - ok
14:26:57.0127 1832 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
14:26:57.0133 1832 PEAUTH - ok
14:26:57.0222 1832 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
14:26:57.0233 1832 pla - ok
14:26:57.0344 1832 PlugPlay (78f975cb6d18265be6f492edb2d7bc7b) C:\Windows\system32\umpnpmgr.dll
14:26:57.0347 1832 PlugPlay - ok
14:26:57.0406 1832 PNRPAutoReg (5de1a3972fd3112c75eb17bdcf454169) C:\Windows\system32\p2psvc.dll
14:26:57.0412 1832 PNRPAutoReg - ok
14:26:57.0421 1832 PNRPsvc (5de1a3972fd3112c75eb17bdcf454169) C:\Windows\system32\p2psvc.dll
14:26:57.0427 1832 PNRPsvc - ok
14:26:57.0472 1832 PolicyAgent (47b8f37aa18b74d8c2e1bc1a7a2c8f8a) C:\Windows\System32\ipsecsvc.dll
14:26:57.0475 1832 PolicyAgent - ok
14:26:57.0524 1832 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
14:26:57.0524 1832 PptpMiniport - ok
14:26:57.0541 1832 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
14:26:57.0542 1832 Processor - ok
14:26:57.0567 1832 ProfSvc (b627e4fc8585e8843c5905d4d3587a90) C:\Windows\system32\profsvc.dll
14:26:57.0570 1832 ProfSvc - ok
14:26:57.0615 1832 ProtectedStorage (a911ecac81f94adeafbe8e3f7873edb0) C:\Windows\system32\lsass.exe
14:26:57.0616 1832 ProtectedStorage - ok
14:26:57.0646 1832 PSched (bfef604508a0ed1eae2a73e872555ffb) C:\Windows\system32\DRIVERS\pacer.sys
14:26:57.0647 1832 PSched - ok
14:26:57.0725 1832 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
14:26:57.0732 1832 ql2300 - ok
14:26:57.0769 1832 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
14:26:57.0770 1832 ql40xx - ok
14:26:57.0805 1832 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
14:26:57.0808 1832 QWAVE - ok
14:26:57.0825 1832 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
14:26:57.0826 1832 QWAVEdrv - ok
14:26:57.0836 1832 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
14:26:57.0837 1832 RasAcd - ok
14:26:57.0856 1832 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
14:26:57.0858 1832 RasAuto - ok
14:26:57.0873 1832 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
14:26:57.0874 1832 Rasl2tp - ok
14:26:57.0904 1832 RasMan (6e7c284fc5c4ec07ad164d93810385a6) C:\Windows\System32\rasmans.dll
14:26:57.0907 1832 RasMan - ok
14:26:57.0918 1832 RasPppoe (3e9d9b048107b40d87b97df2e48e0744) C:\Windows\system32\DRIVERS\raspppoe.sys
14:26:57.0919 1832 RasPppoe - ok
14:26:57.0931 1832 RasSstp (a7d141684e9500ac928a772ed8e6b671) C:\Windows\system32\DRIVERS\rassstp.sys
14:26:57.0932 1832 RasSstp - ok
14:26:57.0950 1832 rdbss (6e1c5d0457622f9ee35f683110e93d14) C:\Windows\system32\DRIVERS\rdbss.sys
14:26:57.0952 1832 rdbss - ok
14:26:57.0968 1832 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
14:26:57.0969 1832 RDPCDD - ok
14:26:57.0996 1832 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
14:26:57.0998 1832 rdpdr - ok
14:26:58.0003 1832 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
14:26:58.0005 1832 RDPENCDD - ok
14:26:58.0031 1832 RDPWD (e1c18f4097a5abcec941dc4b2f99db7e) C:\Windows\system32\drivers\RDPWD.sys
14:26:58.0033 1832 RDPWD - ok
14:26:58.0069 1832 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
14:26:58.0070 1832 RemoteAccess - ok
14:26:58.0091 1832 RemoteRegistry (cc4e32400f3c7253400cf8f3f3a0b676) C:\Windows\system32\regsvc.dll
14:26:58.0094 1832 RemoteRegistry - ok
14:26:58.0112 1832 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
14:26:58.0113 1832 RpcLocator - ok
14:26:58.0190 1832 RpcSs (301ae00e12408650baddc04dbc832830) C:\Windows\system32\rpcss.dll
14:26:58.0196 1832 RpcSs - ok
14:26:58.0210 1832 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
14:26:58.0211 1832 rspndr - ok
14:26:58.0234 1832 SamSs (a911ecac81f94adeafbe8e3f7873edb0) C:\Windows\system32\lsass.exe
14:26:58.0236 1832 SamSs - ok
14:26:58.0372 1832 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
14:26:58.0372 1832 SASDIFSV - ok
14:26:58.0419 1832 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
14:26:58.0420 1832 SASKUTIL - ok
14:26:58.0440 1832 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
14:26:58.0441 1832 sbp2port - ok
14:26:58.0471 1832 SCardSvr (11387e32642269c7e62e8b52c060b3c6) C:\Windows\System32\SCardSvr.dll
14:26:58.0473 1832 SCardSvr - ok
14:26:58.0541 1832 Schedule (7b587b8a6d4a99f79d2902d0385f29bd) C:\Windows\system32\schedsvc.dll
14:26:58.0546 1832 Schedule - ok
14:26:58.0572 1832 SCPolicySvc (87c2d0377b23e2d8a41093c2f5fb1a5b) C:\Windows\System32\certprop.dll
14:26:58.0573 1832 SCPolicySvc - ok
14:26:58.0590 1832 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
14:26:58.0593 1832 SDRSVC - ok
14:26:58.0619 1832 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
14:26:58.0619 1832 secdrv - ok
14:26:58.0634 1832 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
14:26:58.0636 1832 seclogon - ok
14:26:58.0648 1832 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
14:26:58.0650 1832 SENS - ok
14:26:58.0666 1832 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
14:26:58.0666 1832 Serenum - ok
14:26:58.0688 1832 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
14:26:58.0689 1832 Serial - ok
14:26:58.0707 1832 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
14:26:58.0708 1832 sermouse - ok
14:26:58.0741 1832 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
14:26:58.0743 1832 SessionEnv - ok
14:26:58.0757 1832 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
14:26:58.0758 1832 sffdisk - ok
14:26:58.0772 1832 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
14:26:58.0773 1832 sffp_mmc - ok
14:26:58.0783 1832 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
14:26:58.0784 1832 sffp_sd - ok
14:26:58.0800 1832 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
14:26:58.0801 1832 sfloppy - ok
14:26:58.0835 1832 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
14:26:58.0837 1832 SharedAccess - ok
14:26:58.0904 1832 ShellHWDetection (1e3fdb80e40a3ce645f229dfbdfb7694) C:\Windows\System32\shsvcs.dll
14:26:58.0907 1832 ShellHWDetection - ok
14:26:58.0925 1832 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
14:26:58.0926 1832 sisagp - ok
14:26:58.0944 1832 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
14:26:58.0945 1832 SiSRaid2 - ok
14:26:58.0965 1832 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
14:26:58.0966 1832 SiSRaid4 - ok
14:26:59.0128 1832 slsvc (0ba91e1358ad25236863039bb2609a2e) C:\Windows\system32\SLsvc.exe
14:26:59.0146 1832 slsvc - ok
14:26:59.0247 1832 SLUINotify (7c6dc44ca0bfa6291629ab764200d1d4) C:\Windows\system32\SLUINotify.dll
14:26:59.0249 1832 SLUINotify - ok
14:26:59.0288 1832 Smb (031e6bcd53c9b2b9ace111eafec347b6) C:\Windows\system32\DRIVERS\smb.sys
14:26:59.0289 1832 Smb - ok
14:26:59.0303 1832 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
14:26:59.0305 1832 SNMPTRAP - ok
14:26:59.0310 1832 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
14:26:59.0311 1832 spldr - ok
14:26:59.0367 1832 Spooler (3665f79026a3f91fbca63f2c65a09b19) C:\Windows\System32\spoolsv.exe
14:26:59.0370 1832 Spooler - ok
14:26:59.0439 1832 srv (2252aef839b1093d16761189f45af885) C:\Windows\system32\DRIVERS\srv.sys
14:26:59.0442 1832 srv - ok
14:26:59.0476 1832 srv2 (b7ff59408034119476b00a81bb53d5d1) C:\Windows\system32\DRIVERS\srv2.sys
14:26:59.0477 1832 srv2 - ok
14:26:59.0492 1832 srvnet (2accc9b12af02030f531e6cca6f8b76e) C:\Windows\system32\DRIVERS\srvnet.sys
14:26:59.0493 1832 srvnet - ok
14:26:59.0504 1832 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
14:26:59.0507 1832 SSDPSRV - ok
14:26:59.0528 1832 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
14:26:59.0530 1832 SstpSvc - ok
14:26:59.0585 1832 stisvc (7dd08a597bc56051f320da0baf69e389) C:\Windows\System32\wiaservc.dll
14:26:59.0590 1832 stisvc - ok
14:26:59.0615 1832 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
14:26:59.0616 1832 swenum - ok
14:26:59.0643 1832 swprv (b36c7cdb86f7f7a8e884479219766950) C:\Windows\System32\swprv.dll
14:26:59.0647 1832 swprv - ok
14:26:59.0660 1832 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
14:26:59.0661 1832 Symc8xx - ok
14:26:59.0681 1832 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
14:26:59.0682 1832 Sym_hi - ok
14:26:59.0698 1832 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
14:26:59.0699 1832 Sym_u3 - ok
14:26:59.0740 1832 SysMain (8710a92d0024b03b5fb9540df1f71f1d) C:\Windows\system32\sysmain.dll
14:26:59.0745 1832 SysMain - ok
14:26:59.0761 1832 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
14:26:59.0763 1832 TabletInputService - ok
14:26:59.0788 1832 TapiSrv (680916bb09ee0f3a6aca7c274b0d633f) C:\Windows\System32\tapisrv.dll
14:26:59.0792 1832 TapiSrv - ok
14:26:59.0807 1832 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
14:26:59.0810 1832 TBS - ok
14:26:59.0876 1832 Tcpip (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\drivers\tcpip.sys
14:26:59.0882 1832 Tcpip - ok
14:26:59.0895 1832 Tcpip6 (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\DRIVERS\tcpip.sys
14:26:59.0900 1832 Tcpip6 - ok
14:26:59.0921 1832 tcpipreg (d4a2e4a4b011f3a883af77315a5ae76b) C:\Windows\system32\drivers\tcpipreg.sys
14:26:59.0922 1832 tcpipreg - ok
14:26:59.0927 1832 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
14:26:59.0928 1832 TDPIPE - ok
14:26:59.0946 1832 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
14:26:59.0947 1832 TDTCP - ok
14:26:59.0958 1832 tdx (d09276b1fab033ce1d40dcbdf303d10f) C:\Windows\system32\DRIVERS\tdx.sys
14:26:59.0959 1832 tdx - ok
14:26:59.0969 1832 TermDD (a048056f5e1a96a9bf3071b91741a5aa) C:\Windows\system32\DRIVERS\termdd.sys
14:26:59.0970 1832 TermDD - ok
14:27:00.0004 1832 TermService (d605031e225aaccbceb5b76a4f1603a6) C:\Windows\System32\termsrv.dll
14:27:00.0009 1832 TermService - ok
14:27:00.0074 1832 Themes (1e3fdb80e40a3ce645f229dfbdfb7694) C:\Windows\system32\shsvcs.dll
14:27:00.0077 1832 Themes - ok
14:27:00.0103 1832 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
14:27:00.0104 1832 THREADORDER - ok
14:27:00.0131 1832 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
14:27:00.0134 1832 TrkWks - ok
14:27:00.0166 1832 TrustedInstaller (16613a1bad034d4ecf957af18b7c2ff5) C:\Windows\servicing\TrustedInstaller.exe
14:27:00.0166 1832 TrustedInstaller - ok
14:27:00.0211 1832 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
14:27:00.0212 1832 tssecsrv - ok
14:27:00.0228 1832 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
14:27:00.0229 1832 tunmp - ok
14:27:00.0279 1832 tunnel (6042505ff6fa9ac1ef7684d0e03b6940) C:\Windows\system32\DRIVERS\tunnel.sys
14:27:00.0280 1832 tunnel - ok
14:27:00.0293 1832 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
14:27:00.0294 1832 uagp35 - ok
14:27:00.0329 1832 udfs (8b5088058fa1d1cd897a2113ccff6c58) C:\Windows\system32\DRIVERS\udfs.sys
14:27:00.0331 1832 udfs - ok
14:27:00.0357 1832 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
14:27:00.0359 1832 UI0Detect - ok
14:27:00.0372 1832 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
14:27:00.0373 1832 uliagpkx - ok
14:27:00.0407 1832 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
14:27:00.0410 1832 uliahci - ok
14:27:00.0432 1832 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
14:27:00.0433 1832 UlSata - ok
14:27:00.0459 1832 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
14:27:00.0461 1832 ulsata2 - ok
14:27:00.0484 1832 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
14:27:00.0485 1832 umbus - ok
14:27:00.0522 1832 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
14:27:00.0525 1832 upnphost - ok
14:27:00.0578 1832 usbaudio (292a25bb75a568ae2c67169ba2c6365a) C:\Windows\system32\drivers\usbaudio.sys
14:27:00.0579 1832 usbaudio - ok
14:27:00.0592 1832 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
14:27:00.0593 1832 usbccgp - ok
14:27:00.0607 1832 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
14:27:00.0608 1832 usbcir - ok
14:27:00.0639 1832 usbehci (cebe90821810e76320155beba722fcf9) C:\Windows\system32\DRIVERS\usbehci.sys
14:27:00.0640 1832 usbehci - ok
14:27:00.0663 1832 usbhub (cc6b28e4ce39951357963119ce47b143) C:\Windows\system32\DRIVERS\usbhub.sys
14:27:00.0665 1832 usbhub - ok
14:27:00.0685 1832 usbohci (7bdb7b0e7d45ac0402d78b90789ef47c) C:\Windows\system32\DRIVERS\usbohci.sys
14:27:00.0686 1832 usbohci - ok
14:27:00.0699 1832 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
14:27:00.0700 1832 usbprint - ok
14:27:00.0743 1832 USBSTOR (87ba6b83c5d19b69160968d07d6e2982) C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:27:00.0744 1832 USBSTOR - ok
14:27:00.0758 1832 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
14:27:00.0758 1832 usbuhci - ok
14:27:00.0779 1832 UxSms (032a0acc3909ae7215d524e29d536797) C:\Windows\System32\uxsms.dll
14:27:00.0781 1832 UxSms - ok
14:27:00.0809 1832 vds (b13bc395b9d6116628f5af47e0802ac4) C:\Windows\System32\vds.exe
14:27:00.0814 1832 vds - ok
14:27:00.0834 1832 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
14:27:00.0835 1832 vga - ok
14:27:00.0848 1832 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
14:27:00.0849 1832 VgaSave - ok
14:27:00.0870 1832 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
14:27:00.0871 1832 viaagp - ok
14:27:00.0892 1832 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
14:27:00.0893 1832 ViaC7 - ok
14:27:00.0913 1832 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
14:27:00.0914 1832 viaide - ok
14:27:00.0931 1832 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
14:27:00.0932 1832 volmgr - ok
14:27:00.0953 1832 volmgrx (98f5ffe6316bd74e9e2c97206c190196) C:\Windows\system32\drivers\volmgrx.sys
14:27:00.0956 1832 volmgrx - ok
14:27:00.0980 1832 volsnap (d8b4a53dd2769f226b3eb374374987c9) C:\Windows\system32\drivers\volsnap.sys
14:27:00.0982 1832 volsnap - ok
14:27:01.0005 1832 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
14:27:01.0006 1832 vsmraid - ok
14:27:01.0079 1832 VSS (d5fb73d19c46ade183f968e13f186b23) C:\Windows\system32\vssvc.exe
14:27:01.0087 1832 VSS - ok
14:27:01.0110 1832 W32Time (1cf9206966a8458cda9a8b20df8ab7d3) C:\Windows\system32\w32time.dll
14:27:01.0114 1832 W32Time - ok
14:27:01.0161 1832 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
14:27:01.0162 1832 WacomPen - ok
14:27:01.0178 1832 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
14:27:01.0179 1832 Wanarp - ok
14:27:01.0184 1832 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
14:27:01.0185 1832 Wanarpv6 - ok
14:27:01.0226 1832 wcncsvc (f3a5c2e1a6533192b070d06ecf6be796) C:\Windows\System32\wcncsvc.dll
14:27:01.0231 1832 wcncsvc - ok
14:27:01.0257 1832 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
14:27:01.0259 1832 WcsPlugInService - ok
14:27:01.0275 1832 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
14:27:01.0276 1832 Wd - ok
14:27:01.0316 1832 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
14:27:01.0320 1832 Wdf01000 - ok
14:27:01.0333 1832 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
14:27:01.0335 1832 WdiServiceHost - ok
14:27:01.0340 1832 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
14:27:01.0342 1832 WdiSystemHost - ok
14:27:01.0361 1832 WebClient (cf9a5f41789b642db967021de06a2713) C:\Windows\System32\webclnt.dll
14:27:01.0365 1832 WebClient - ok
14:27:01.0420 1832 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
14:27:01.0423 1832 Wecsvc - ok
14:27:01.0435 1832 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
14:27:01.0437 1832 wercplsupport - ok
14:27:01.0462 1832 WerSvc (fd1965aaa112c6818a30ab02742d0461) C:\Windows\System32\WerSvc.dll
14:27:01.0464 1832 WerSvc - ok
14:27:01.0520 1832 winachsf (f1265727c078406299ff4b3b033e3132) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
14:27:01.0525 1832 winachsf - ok
14:27:01.0593 1832 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
14:27:01.0595 1832 WinDefend - ok
14:27:01.0603 1832 WinHttpAutoProxySvc - ok
14:27:01.0664 1832 Winmgmt (00b79a7c984678f24cf052e5beb3a2f5) C:\Windows\system32\wbem\WMIsvc.dll
14:27:01.0666 1832 Winmgmt - ok
14:27:01.0770 1832 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
14:27:01.0779 1832 WinRM - ok
14:27:01.0863 1832 Wlansvc (275f4346e569df56cfb95243bd6f6ff0) C:\Windows\System32\wlansvc.dll
14:27:01.0869 1832 Wlansvc - ok
14:27:01.0914 1832 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys
14:27:01.0914 1832 WmiAcpi - ok
14:27:01.0966 1832 wmiApSrv (aba4cf9f856d9a3a25f4ddd7690a6e9d) C:\Windows\system32\wbem\WmiApSrv.exe
14:27:01.0967 1832 wmiApSrv - ok
14:27:02.0071 1832 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
14:27:02.0076 1832 WMPNetworkSvc - ok
14:27:02.0100 1832 WPCSvc (5d94cd167751294962ba238d82dd1bb8) C:\Windows\System32\wpcsvc.dll
14:27:02.0103 1832 WPCSvc - ok
14:27:02.0122 1832 WPDBusEnum (396d406292b0cd26e3504ffe82784702) C:\Windows\system32\wpdbusenum.dll
14:27:02.0124 1832 WPDBusEnum - ok
14:27:02.0191 1832 WpdUsb (0cec23084b51b8288099eb710224e955) C:\Windows\system32\DRIVERS\wpdusb.sys
14:27:02.0192 1832 WpdUsb - ok
14:27:02.0402 1832 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
14:27:02.0407 1832 WPFFontCache_v0400 - ok
14:27:02.0431 1832 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
14:27:02.0431 1832 ws2ifsl - ok
14:27:02.0456 1832 wscsvc (683dd16b590372f2c9661d277f35e49c) C:\Windows\System32\wscsvc.dll
14:27:02.0458 1832 wscsvc - ok
14:27:02.0463 1832 WSearch - ok
14:27:02.0607 1832 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
14:27:02.0620 1832 wuauserv - ok
14:27:02.0741 1832 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
14:27:02.0742 1832 WUDFRd - ok
14:27:02.0773 1832 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
14:27:02.0776 1832 wudfsvc - ok
14:27:02.0805 1832 XAudio (dab33cfa9dd24251aaa389ff36b64d4b) C:\Windows\system32\DRIVERS\xaudio.sys
14:27:02.0806 1832 XAudio - ok
14:27:02.0837 1832 XAudioService (cd5f291a1161f15896d1a4d63daff5df) C:\Windows\system32\DRIVERS\xaudio.exe
14:27:02.0840 1832 XAudioService - ok
14:27:02.0865 1832 MBR (0x1B8) (81cd5ec01db0ce57edd853f82462ef27) \Device\Harddisk0\DR0
14:27:03.0048 1832 \Device\Harddisk0\DR0 - ok
14:27:03.0053 1832 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
14:27:03.0059 1832 \Device\Harddisk1\DR1 - ok
14:27:03.0065 1832 Boot (0x1200) (174a2d43e5b3ff6631ee85fe0085e625) \Device\Harddisk0\DR0\Partition0
14:27:03.0066 1832 \Device\Harddisk0\DR0\Partition0 - ok
14:27:03.0072 1832 Boot (0x1200) (9a8a470eaaf434f6f4a6d5951c70596e) \Device\Harddisk0\DR0\Partition1
14:27:03.0073 1832 \Device\Harddisk0\DR0\Partition1 - ok
14:27:03.0081 1832 Boot (0x1200) (b79d42daa1b5f72ef6005f2849d3df43) \Device\Harddisk1\DR1\Partition0
14:27:03.0083 1832 \Device\Harddisk1\DR1\Partition0 - ok
14:27:03.0084 1832 ============================================================
14:27:03.0084 1832 Scan finished
14:27:03.0084 1832 ============================================================
14:27:03.0098 0456 Detected object count: 0
14:27:03.0098 0456 Actual detected object count: 0
14:27:13.0911 1460 Deinitialize success

Edited by amiri baraka, 30 April 2012 - 02:53 PM.


#12 amiri baraka

amiri baraka
  • Topic Starter

  • Members
  • 64 posts
  • OFFLINE
  •  
  • Local time:12:10 AM

Posted 30 April 2012 - 04:31 PM

the gmer scan didn't work...i tried it twice and it crashed both times.

here are the results of the aswMBR...this scan did find 3 infected files...

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-04-30 16:17:33
-----------------------------
16:17:33.103 OS Version: Windows 6.0.6001 Service Pack 1
16:17:33.104 Number of processors: 2 586 0x6B02
16:17:33.104 ComputerName: PC UserName:
16:17:33.750 Initialize success
16:22:54.777 AVAST engine defs: 12043001
16:35:06.495 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000004f
16:35:06.498 Disk 0 Vendor: SAMSUNG_ CP10 Size: 305245MB BusType: 3
16:35:06.523 Disk 0 MBR read successfully
16:35:06.528 Disk 0 MBR scan
16:35:06.533 Disk 0 unknown MBR code
16:35:06.537 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 293829 MB offset 63
16:35:06.568 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 11413 MB offset 601762770
16:35:06.576 Disk 0 scanning sectors +625137345
16:35:06.647 Disk 0 scanning C:\Windows\system32\drivers
16:35:16.412 Service scanning
16:35:34.262 Modules scanning
16:35:37.696 Disk 0 trace - called modules:
16:35:37.723 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll storport.sys nvstor32.sys tcpip.sys NETIO.SYS
16:35:37.731 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85bab060]
16:35:37.738 3 CLASSPNP.SYS[8a330745] -> nt!IofCallDriver -> [0x856d4c10]
16:35:37.745 5 acpi.sys[8a20d6a0] -> nt!IofCallDriver -> \Device\0000004f[0x856d46a0]
16:35:38.382 AVAST engine scan C:\Windows
16:35:43.045 AVAST engine scan C:\Windows\system32
16:36:19.640 File: C:\Windows\system32\jureg.exe **INFECTED** Win32:SMSSend-IG [Trj]
16:39:12.975 AVAST engine scan C:\Windows\system32\drivers
16:39:28.667 AVAST engine scan C:\Users\Brendan
16:41:01.067 File: C:\Users\Brendan\AppData\Local\Temp\RRHs92y17yHsZ5.exe.tmp **INFECTED** Win32:FakeAlert-CLP [Trj]
17:17:22.771 AVAST engine scan C:\ProgramData
17:21:23.424 File: C:\ProgramData\YDdRtmhilFNORa.exe **INFECTED** Win32:FakeAlert-CLP [Trj]
17:21:23.591 File: C:\ProgramData\ZgDZPr5O0bwf4H.exe **INFECTED** Win32:FakeAlert-CLP [Trj]
17:21:23.709 Scan finished successfully
17:29:15.382 Disk 0 MBR has been saved successfully to "C:\Users\Brendan\Desktop\MBR.dat"
17:29:15.389 The log file has been saved successfully to "C:\Users\Brendan\Desktop\aswMBR.txt"

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:10 PM

Posted 30 April 2012 - 04:45 PM

Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

#14 amiri baraka

amiri baraka
  • Topic Starter

  • Members
  • 64 posts
  • OFFLINE
  •  
  • Local time:12:10 AM

Posted 30 April 2012 - 06:28 PM

results of ESET...


C:\ProgramData\YDdRtmhilFNORa.exe a variant of Win32/Kryptik.AEWT trojan cleaned by deleting - quarantined
C:\ProgramData\ZgDZPr5O0bwf4H.exe a variant of Win32/Kryptik.AEWT trojan cleaned by deleting - quarantined
C:\Users\Brendan\AppData\Local\Temp\29DE.tmp a variant of Win32/Kryptik.ACYZ trojan cleaned by deleting - quarantined
C:\Users\Brendan\AppData\Local\Temp\DirectX11_update.exe a variant of Win32/Kryptik.ACYZ trojan cleaned by deleting - quarantined
C:\Users\Brendan\AppData\Local\Temp\RRHs92y17yHsZ5.exe.tmp a variant of Win32/Kryptik.AEWT trojan cleaned by deleting - quarantined




results of minitoolbox...




Pinging yahoo.com [209.191.122.70] with 32 bytes of data:

Reply from 209.191.122.70: bytes=32 time=80ms TTL=248

Reply from 209.191.122.70: bytes=32 time=80ms TTL=248



Ping statistics for 209.191.122.70:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 80ms, Maximum = 80ms, Average = 80ms

Server: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:

Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
11 ...00 0f 66 1e 83 4a ...... Broadcom 802.11g Network Adapter
10 ...00 1e 90 4b eb c3 ...... NVIDIA nForce 10/100 Mbps Ethernet
1 ........................... Software Loopback Interface 1
13 ...00 00 00 00 00 00 00 e0 isatap.{A98ED8F2-CD2A-4269-A79F-2F73FC9DEF54}
14 ...00 00 00 00 00 00 00 e0 isatap.home
12 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.2 30
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.2 286
192.168.1.2 255.255.255.255 On-link 192.168.1.2 286
192.168.1.255 255.255.255.255 On-link 192.168.1.2 286
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.2 286
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.2 286
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
11 286 fe80::/64 On-link
11 286 fe80::7446:68b9:8163:cd5/128
On-link
1 306 ff00::/8 On-link
11 286 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [19968] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (04/30/2012 03:59:41 PM) (Source: Application Error) (User: )
Description: Faulting application hq7x24bc.exe, version 1.0.15.15641, time stamp 0x4e21f2b1, faulting module hq7x24bc.exe, version 1.0.15.15641, time stamp 0x4e21f2b1, exception code 0xc0000005, fault offset 0x0000c676,
process id 0x3f4, application start time 0xhq7x24bc.exe0.

Error: (04/30/2012 03:55:25 PM) (Source: Application Error) (User: )
Description: Faulting application p2q4ef01.exe, version 1.0.15.15641, time stamp 0x4e21f2b1, faulting module p2q4ef01.exe, version 1.0.15.15641, time stamp 0x4e21f2b1, exception code 0xc0000005, fault offset 0x0000c676,
process id 0x52c, application start time 0xp2q4ef01.exe0.

Error: (04/29/2012 04:06:01 PM) (Source: EventSystem) (User: )
Description: d:\vistasp1_gdr\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (04/29/2012 04:02:20 PM) (Source: EventSystem) (User: )
Description: d:\vistasp1_gdr\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (04/29/2012 04:02:16 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/29/2012 03:58:05 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/29/2012 02:41:12 PM) (Source: EventSystem) (User: )
Description: d:\vistasp1_gdr\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (04/29/2012 02:25:01 PM) (Source: EventSystem) (User: )
Description: d:\vistasp1_gdr\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (04/29/2012 02:24:18 PM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 0.0.0.0, time stamp 0x4d334d98, faulting module iexplore.exe, version 0.0.0.0, time stamp 0x4d334d98, exception code 0x40000015, fault offset 0x0008cb40,
process id 0x5e4, application start time 0xiexplore.exe0.

Error: (04/29/2012 02:14:01 PM) (Source: EventSystem) (User: )
Description: d:\vistasp1_gdr\com\complus\src\events\tier1\eventsystemobj.cpp458007043c


System errors:
=============
Error: (04/30/2012 05:29:09 PM) (Source: DCOM) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (04/30/2012 04:58:00 PM) (Source: nvstor32) (User: )
Description: A parity error was detected on \Device\RaidPort0.

Error: (04/30/2012 04:57:47 PM) (Source: nvstor32) (User: )
Description: A parity error was detected on \Device\RaidPort0.

Error: (04/30/2012 04:56:50 PM) (Source: nvstor32) (User: )
Description: A parity error was detected on \Device\RaidPort0.

Error: (04/30/2012 04:56:37 PM) (Source: nvstor32) (User: )
Description: A parity error was detected on \Device\RaidPort0.

Error: (04/30/2012 04:55:19 PM) (Source: nvstor32) (User: )
Description: A parity error was detected on \Device\RaidPort0.

Error: (04/30/2012 04:53:03 PM) (Source: nvstor32) (User: )
Description: A parity error was detected on \Device\RaidPort0.

Error: (04/30/2012 04:52:16 PM) (Source: nvstor32) (User: )
Description: A parity error was detected on \Device\RaidPort0.

Error: (04/30/2012 04:51:22 PM) (Source: nvstor32) (User: )
Description: A parity error was detected on \Device\RaidPort0.

Error: (04/30/2012 04:41:28 PM) (Source: nvstor32) (User: )
Description: A parity error was detected on \Device\RaidPort0.


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
Ad-Aware (Version: 9.0.7)
Ad-Aware Security Toolbar (Version: 0.9.1.20)
Adobe Flash Player 10 ActiveX (Version: 10.0.32.18)
Adobe Flash Player 11 Plugin (Version: 11.2.202.233)
Adobe Reader 8.1.2 (Version: 8.1.2)
Apple Application Support (Version: 2.1.5)
Apple Mobile Device Support (Version: 2.5.2.2)
Apple Software Update (Version: 2.1.3.127)
AVS Audio Converter version 5.1
AVS Update Manager 1.0
AVS4YOU Software Navigator 1.3
Cards_Calendar_OrderGift_DoMorePlugout (Version: 2.03.0000)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
CyberLink DVD Suite Deluxe (Version: .1707)
Driver Detective (Version: 6.0.0.0)
DriverTuner 3.1.0.0 (Version: 3.1.0.0)
ESET Online Scanner v3
Hardware Diagnostic Tools (Version: 5.1.4861.15)
Hewlett-Packard Active Check for Health Check (Version: 1.1.15.2)
Hewlett-Packard Asset Agent for Health Check (Version: 2.0.63.2)
HP Active Support Library (Version: 3.1.6.1)
HP Customer Experience Enhancements (Version: 5.6.0.2510)
HP Customer Feedback (Version: 1.0.0)
HP Demo (Version: 1.00.0000)
HP Photosmart Essential 2.5 (Version: 1.03.0000)
HP Photosmart Essential 3.0 (Version: 3.0)
HP Recovery Manager RSS (Version: 84.0.0.7)
HP Total Care Advisor (Version: 2.4.6651.2902)
HP Update (Version: 4.000.010.008)
HPPhotoSmartPhotobookWebPack1 (Version: 2.03.0000)
HPTCSSetup (Version: 1.0.964.2626)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 30 (Version: 6.0.300)
Java™ 6 Update 7 (Version: 1.6.0.70)
Java™ SE Runtime Environment 6 Update 1 (Version: 1.6.0.10)
LabelPrint (Version: 2.2.2913)
LightScribe System Software (Version: 1.18.3.2)
LightScribeTemplateLabeler (Version: 1.10.23.1)
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office Home and Student 60 day trial
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 4.1.10111.0)
Microsoft VC9 runtime libraries (Version: 1.0.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Works (Version: 9.7.0621)
Mozilla Firefox 11.0 (x86 en-US) (Version: 11.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
muvee autoProducer 6.1 (Version: 6.10.050)
My HP Games (Version: 1.0.0.52)
Netflix Movie Viewer (Version: 1.2.211)
NVIDIA Drivers
OpenOffice.org 3.0 (Version: 3.0.9379)
PCIe Soft Data Fax Modem with SmartCP (Version: 7.71.00.50)
PictureMover (Version: 3.0.1.52)
Power2Go (Version: 5.6.4109)
PowerDirector (Version: 6.5.2926)
PSSWCORE (Version: 2.03.0000)
Python 2.5.2 (Version: 2.5.2150)
QuickTime (Version: 7.71.80.42)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer
Realtek High Definition Audio Driver (Version: 6.0.1.5657)
RealUpgrade 1.1 (Version: 1.1.0)
Seagate Manager Installer (Version: 2.01.0051)
Season Ticket Baseball 2003
Secunia PSI (3.0.0.0006) (Version: 3.0.0.0006)
Skype web features (Version: 1.0.3810)
Skype™ 4.1 (Version: 4.1.141)
SoulSeek 157 NS 13e
sp41119
SPORE Creature Creator Trial Edition (Version: 1.00.0000)
SUPERAntiSpyware (Version: 5.0.1142)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VideoToolkit01 (Version: 110.0.171.000)
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
WebEx
Winamp (Version: 5.623 )
Winamp Detector Plug-in (Version: 1.0.0.1)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
Wireless-G PCI Adapter

========================= Memory info: ===================================

Percentage of memory in use: 36%
Total physical RAM: 3005.76 MB
Available physical RAM: 1903.82 MB
Total Pagefile: 6248.04 MB
Available Pagefile: 5377.43 MB
Total Virtual: 2047.88 MB
Available Virtual: 1965.43 MB

========================= Partitions: =====================================

1 Drive c: (COMPAQ) (Fixed) (Total:286.94 GB) (Free:69.98 GB) NTFS
2 Drive d: (FACTORY_IMAGE) (Fixed) (Total:11.15 GB) (Free:1.54 GB) NTFS
4 Drive g: (FreeAgent Drive) (Fixed) (Total:465.76 GB) (Free:271.69 GB) NTFS

========================= Users: ========================================

User accounts for \\PC

Administrator Brendan Guest


**** End of log ****

#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:10 PM

Posted 30 April 2012 - 07:04 PM

Mini toolbox log is incomplete.Re post the entire log

good luck




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users