Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Receiving "Hard drive controller failure" popups


  • Please log in to reply
10 replies to this topic

#1 msulinski

msulinski

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:12:57 PM

Posted 11 July 2012 - 08:05 PM

I think I have a virus. My desktop icons and start menu are only half there. Windows displays a whole bunch of error messages indicating that there was a write error. Then a system tray icon pops up and says my hard drive controller failed.

I have Windows 7 Home Edition (very similar to this thread:
http://www.bleepingcomputer.com/forums/topic460144.html

When I restart in safe mode, I don't get these errors.

Thanks

BC AdBot (Login to Remove)

 


#2 msulinski

msulinski
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:12:57 PM

Posted 11 July 2012 - 08:06 PM

After seeing the other thread, I took similar steps: restarted in safe mode with networking and ran TDSSKiller. Here is the log:

23:58:12.0299 1544 TDSS rootkit removing tool 2.7.45.0 Jul 9 2012 12:46:35
23:58:12.0501 1544 ============================================================
23:58:12.0501 1544 Current date / time: 2009/09/06 23:58:12.0501
23:58:12.0501 1544 SystemInfo:
23:58:12.0501 1544
23:58:12.0501 1544 OS Version: 6.1.7600 ServicePack: 0.0
23:58:12.0501 1544 Product type: Workstation
23:58:12.0501 1544 ComputerName: VIRGO
23:58:12.0501 1544 UserName: csulinski
23:58:12.0501 1544 Windows directory: C:\Windows
23:58:12.0501 1544 System windows directory: C:\Windows
23:58:12.0501 1544 Running under WOW64
23:58:12.0501 1544 Processor architecture: Intel x64
23:58:12.0501 1544 Number of processors: 4
23:58:12.0501 1544 Page size: 0x1000
23:58:12.0501 1544 Boot type: Safe boot with network
23:58:12.0501 1544 ============================================================
23:58:13.0671 1544 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:58:13.0671 1544 ============================================================
23:58:13.0671 1544 \Device\Harddisk0\DR0:
23:58:13.0671 1544 MBR partitions:
23:58:13.0671 1544 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
23:58:13.0671 1544 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x129E6800
23:58:13.0671 1544 ============================================================
23:58:13.0703 1544 C: <-> \Device\Harddisk0\DR0\Partition1
23:58:13.0703 1544 ============================================================
23:58:13.0703 1544 Initialize success
23:58:13.0703 1544 ============================================================
23:58:18.0554 1688 ============================================================
23:58:18.0554 1688 Scan started
23:58:18.0554 1688 Mode: Manual; TDLFS;
23:58:18.0554 1688 ============================================================
23:58:19.0475 1688 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
23:58:19.0490 1688 1394ohci - ok
23:58:19.0537 1688 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
23:58:19.0537 1688 ACPI - ok
23:58:19.0568 1688 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
23:58:19.0568 1688 AcpiPmi - ok
23:58:19.0709 1688 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
23:58:19.0709 1688 AdobeARMservice - ok
23:58:19.0771 1688 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
23:58:19.0771 1688 adp94xx - ok
23:58:19.0833 1688 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
23:58:19.0833 1688 adpahci - ok
23:58:19.0880 1688 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
23:58:19.0880 1688 adpu320 - ok
23:58:19.0911 1688 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
23:58:19.0927 1688 AeLookupSvc - ok
23:58:19.0989 1688 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys
23:58:20.0005 1688 AFD - ok
23:58:20.0036 1688 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
23:58:20.0036 1688 agp440 - ok
23:58:20.0067 1688 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
23:58:20.0067 1688 ALG - ok
23:58:20.0114 1688 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
23:58:20.0114 1688 aliide - ok
23:58:20.0161 1688 AMD External Events Utility (d696f317bd465a602566f8e1dcce15f7) C:\Windows\system32\atiesrxx.exe
23:58:20.0161 1688 AMD External Events Utility - ok
23:58:20.0192 1688 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
23:58:20.0192 1688 amdide - ok
23:58:20.0208 1688 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
23:58:20.0208 1688 AmdK8 - ok
23:58:20.0223 1688 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
23:58:20.0223 1688 AmdPPM - ok
23:58:20.0270 1688 amdsata (7a4b413614c055935567cf88a9734d38) C:\Windows\system32\DRIVERS\amdsata.sys
23:58:20.0270 1688 amdsata - ok
23:58:20.0301 1688 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
23:58:20.0301 1688 amdsbs - ok
23:58:20.0333 1688 amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\Windows\system32\DRIVERS\amdxata.sys
23:58:20.0333 1688 amdxata - ok
23:58:20.0348 1688 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
23:58:20.0364 1688 AppID - ok
23:58:20.0379 1688 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
23:58:20.0379 1688 AppIDSvc - ok
23:58:20.0395 1688 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
23:58:20.0395 1688 Appinfo - ok
23:58:20.0473 1688 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
23:58:20.0473 1688 Apple Mobile Device - ok
23:58:20.0504 1688 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
23:58:20.0504 1688 arc - ok
23:58:20.0520 1688 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
23:58:20.0520 1688 arcsas - ok
23:58:20.0551 1688 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
23:58:20.0551 1688 AsyncMac - ok
23:58:20.0567 1688 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
23:58:20.0567 1688 atapi - ok
23:58:20.0988 1688 atikmdag (52bd95caa9cae8977fe043e9ad6d2d0e) C:\Windows\system32\DRIVERS\atikmdag.sys
23:58:21.0019 1688 atikmdag - ok
23:58:21.0175 1688 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
23:58:21.0175 1688 AudioEndpointBuilder - ok
23:58:21.0191 1688 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
23:58:21.0191 1688 AudioSrv - ok
23:58:21.0222 1688 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
23:58:21.0222 1688 AxInstSV - ok
23:58:21.0315 1688 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
23:58:21.0315 1688 b06bdrv - ok
23:58:21.0347 1688 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
23:58:21.0347 1688 b57nd60a - ok
23:58:21.0393 1688 BCM42RLY (e001dd475a7c27ebe5a0db45c11bad71) C:\Windows\system32\drivers\BCM42RLY.sys
23:58:21.0393 1688 BCM42RLY - ok
23:58:21.0565 1688 BCM43XX (37394d3553e220fb732c21e217e1bd8b) C:\Windows\system32\DRIVERS\bcmwl664.sys
23:58:21.0581 1688 BCM43XX - ok
23:58:21.0705 1688 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
23:58:21.0721 1688 BDESVC - ok
23:58:21.0768 1688 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
23:58:21.0768 1688 Beep - ok
23:58:21.0846 1688 BFE (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll
23:58:21.0846 1688 BFE - ok
23:58:21.0924 1688 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\System32\qmgr.dll
23:58:21.0924 1688 BITS - ok
23:58:21.0986 1688 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
23:58:21.0986 1688 blbdrive - ok
23:58:22.0080 1688 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
23:58:22.0080 1688 Bonjour Service - ok
23:58:22.0127 1688 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
23:58:22.0127 1688 bowser - ok
23:58:22.0142 1688 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
23:58:22.0142 1688 BrFiltLo - ok
23:58:22.0142 1688 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
23:58:22.0142 1688 BrFiltUp - ok
23:58:22.0189 1688 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
23:58:22.0189 1688 Browser - ok
23:58:22.0205 1688 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
23:58:22.0205 1688 Brserid - ok
23:58:22.0236 1688 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
23:58:22.0236 1688 BrSerWdm - ok
23:58:22.0236 1688 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
23:58:22.0236 1688 BrUsbMdm - ok
23:58:22.0236 1688 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
23:58:22.0236 1688 BrUsbSer - ok
23:58:22.0251 1688 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
23:58:22.0251 1688 BTHMODEM - ok
23:58:22.0267 1688 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
23:58:22.0267 1688 bthserv - ok
23:58:22.0314 1688 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
23:58:22.0314 1688 cdfs - ok
23:58:22.0345 1688 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
23:58:22.0345 1688 cdrom - ok
23:58:22.0376 1688 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
23:58:22.0376 1688 CertPropSvc - ok
23:58:22.0407 1688 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
23:58:22.0407 1688 circlass - ok
23:58:22.0454 1688 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
23:58:22.0454 1688 CLFS - ok
23:58:22.0517 1688 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:58:22.0517 1688 clr_optimization_v2.0.50727_32 - ok
23:58:22.0548 1688 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:58:22.0548 1688 clr_optimization_v2.0.50727_64 - ok
23:58:22.0579 1688 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
23:58:22.0579 1688 CmBatt - ok
23:58:22.0595 1688 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
23:58:22.0595 1688 cmdide - ok
23:58:22.0657 1688 CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys
23:58:22.0673 1688 CNG - ok
23:58:22.0704 1688 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
23:58:22.0704 1688 Compbatt - ok
23:58:22.0719 1688 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
23:58:22.0719 1688 CompositeBus - ok
23:58:22.0735 1688 COMSysApp - ok
23:58:22.0751 1688 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
23:58:22.0751 1688 crcdisk - ok
23:58:22.0797 1688 CryptSvc (8c57411b66282c01533cb776f98ad384) C:\Windows\system32\cryptsvc.dll
23:58:22.0797 1688 CryptSvc - ok
23:58:22.0844 1688 CtClsFlt (ed5cf92396a62f4c15110dcdb5e854d9) C:\Windows\system32\DRIVERS\CtClsFlt.sys
23:58:22.0844 1688 CtClsFlt - ok
23:58:22.0907 1688 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
23:58:22.0922 1688 DcomLaunch - ok
23:58:22.0953 1688 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
23:58:22.0969 1688 defragsvc - ok
23:58:23.0000 1688 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
23:58:23.0016 1688 DfsC - ok
23:58:23.0063 1688 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
23:58:23.0078 1688 Dhcp - ok
23:58:23.0094 1688 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
23:58:23.0094 1688 discache - ok
23:58:23.0125 1688 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
23:58:23.0125 1688 Disk - ok
23:58:23.0125 1688 dkab_device - ok
23:58:23.0156 1688 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll
23:58:23.0156 1688 Dnscache - ok
23:58:23.0203 1688 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
23:58:23.0203 1688 dot3svc - ok
23:58:23.0219 1688 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
23:58:23.0219 1688 DPS - ok
23:58:23.0297 1688 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
23:58:23.0297 1688 drmkaud - ok
23:58:23.0375 1688 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
23:58:23.0390 1688 DXGKrnl - ok
23:58:23.0437 1688 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
23:58:23.0437 1688 EapHost - ok
23:58:23.0640 1688 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
23:58:23.0655 1688 ebdrv - ok
23:58:23.0765 1688 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe
23:58:23.0765 1688 EFS - ok
23:58:23.0858 1688 ehRecvr (b91d81b3b54a54ccafc03733dbc2e29e) C:\Windows\ehome\ehRecvr.exe
23:58:23.0858 1688 ehRecvr - ok
23:58:23.0874 1688 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
23:58:23.0874 1688 ehSched - ok
23:58:23.0952 1688 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
23:58:23.0952 1688 elxstor - ok
23:58:23.0983 1688 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
23:58:23.0983 1688 ErrDev - ok
23:58:24.0045 1688 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
23:58:24.0045 1688 EventSystem - ok
23:58:24.0077 1688 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
23:58:24.0077 1688 exfat - ok
23:58:24.0123 1688 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
23:58:24.0123 1688 fastfat - ok
23:58:24.0201 1688 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
23:58:24.0217 1688 Fax - ok
23:58:24.0233 1688 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
23:58:24.0233 1688 fdc - ok
23:58:24.0248 1688 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
23:58:24.0248 1688 fdPHost - ok
23:58:24.0295 1688 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
23:58:24.0295 1688 FDResPub - ok
23:58:24.0326 1688 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
23:58:24.0326 1688 FileInfo - ok
23:58:24.0357 1688 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
23:58:24.0357 1688 Filetrace - ok
23:58:24.0389 1688 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
23:58:24.0389 1688 flpydisk - ok
23:58:24.0451 1688 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
23:58:24.0451 1688 FltMgr - ok
23:58:24.0529 1688 FontCache (bc00505cfda789ed3be95d2ff38c4875) C:\Windows\system32\FntCache.dll
23:58:24.0529 1688 FontCache - ok
23:58:24.0591 1688 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:58:24.0607 1688 FontCache3.0.0.0 - ok
23:58:24.0654 1688 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
23:58:24.0654 1688 FsDepends - ok
23:58:24.0701 1688 Fs_Rec (d3e3f93d67821a2db2b3d9fac2dc2064) C:\Windows\system32\drivers\Fs_Rec.sys
23:58:24.0701 1688 Fs_Rec - ok
23:58:24.0732 1688 fvevol (b8b2a6e1558f8f5de5ce431c5b2c7b09) C:\Windows\system32\DRIVERS\fvevol.sys
23:58:24.0732 1688 fvevol - ok
23:58:24.0763 1688 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
23:58:24.0763 1688 gagp30kx - ok
23:58:24.0825 1688 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
23:58:24.0825 1688 GEARAspiWDM - ok
23:58:24.0888 1688 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
23:58:24.0888 1688 gpsvc - ok
23:58:24.0919 1688 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
23:58:24.0919 1688 hcw85cir - ok
23:58:24.0966 1688 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
23:58:24.0966 1688 HdAudAddService - ok
23:58:24.0997 1688 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
23:58:24.0997 1688 HDAudBus - ok
23:58:25.0028 1688 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
23:58:25.0028 1688 HidBatt - ok
23:58:25.0044 1688 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
23:58:25.0044 1688 HidBth - ok
23:58:25.0091 1688 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
23:58:25.0091 1688 HidIr - ok
23:58:25.0106 1688 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
23:58:25.0106 1688 hidserv - ok
23:58:25.0137 1688 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
23:58:25.0153 1688 HidUsb - ok
23:58:25.0184 1688 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
23:58:25.0184 1688 hkmsvc - ok
23:58:25.0231 1688 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
23:58:25.0231 1688 HomeGroupListener - ok
23:58:25.0247 1688 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
23:58:25.0247 1688 HomeGroupProvider - ok
23:58:25.0293 1688 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
23:58:25.0293 1688 HpSAMD - ok
23:58:25.0356 1688 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
23:58:25.0371 1688 HTTP - ok
23:58:25.0371 1688 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
23:58:25.0371 1688 hwpolicy - ok
23:58:25.0418 1688 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
23:58:25.0418 1688 i8042prt - ok
23:58:25.0465 1688 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\DRIVERS\iaStorV.sys
23:58:25.0465 1688 iaStorV - ok
23:58:25.0590 1688 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:58:25.0590 1688 idsvc - ok
23:58:25.0621 1688 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
23:58:25.0621 1688 iirsp - ok
23:58:25.0683 1688 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
23:58:25.0699 1688 IKEEXT - ok
23:58:25.0715 1688 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
23:58:25.0715 1688 intelide - ok
23:58:25.0777 1688 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
23:58:25.0777 1688 intelppm - ok
23:58:25.0824 1688 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
23:58:25.0824 1688 IPBusEnum - ok
23:58:25.0839 1688 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:58:25.0839 1688 IpFilterDriver - ok
23:58:25.0886 1688 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll
23:58:25.0902 1688 iphlpsvc - ok
23:58:25.0917 1688 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
23:58:25.0917 1688 IPMIDRV - ok
23:58:25.0917 1688 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
23:58:25.0917 1688 IPNAT - ok
23:58:26.0042 1688 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe
23:58:26.0042 1688 iPod Service - ok
23:58:26.0089 1688 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
23:58:26.0089 1688 IRENUM - ok
23:58:26.0105 1688 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
23:58:26.0105 1688 isapnp - ok
23:58:26.0136 1688 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
23:58:26.0136 1688 iScsiPrt - ok
23:58:26.0151 1688 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
23:58:26.0151 1688 kbdclass - ok
23:58:26.0167 1688 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
23:58:26.0167 1688 kbdhid - ok
23:58:26.0198 1688 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
23:58:26.0198 1688 KeyIso - ok
23:58:26.0214 1688 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys
23:58:26.0214 1688 KSecDD - ok
23:58:26.0229 1688 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys
23:58:26.0229 1688 KSecPkg - ok
23:58:26.0261 1688 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
23:58:26.0261 1688 ksthunk - ok
23:58:26.0307 1688 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
23:58:26.0307 1688 KtmRm - ok
23:58:26.0385 1688 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\system32\srvsvc.dll
23:58:26.0385 1688 LanmanServer - ok
23:58:26.0417 1688 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll
23:58:26.0417 1688 LanmanWorkstation - ok
23:58:26.0463 1688 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
23:58:26.0463 1688 lltdio - ok
23:58:26.0495 1688 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
23:58:26.0495 1688 lltdsvc - ok
23:58:26.0510 1688 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
23:58:26.0510 1688 lmhosts - ok
23:58:26.0557 1688 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
23:58:26.0557 1688 LSI_FC - ok
23:58:26.0573 1688 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
23:58:26.0573 1688 LSI_SAS - ok
23:58:26.0604 1688 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
23:58:26.0604 1688 LSI_SAS2 - ok
23:58:26.0619 1688 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
23:58:26.0635 1688 LSI_SCSI - ok
23:58:26.0666 1688 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
23:58:26.0682 1688 luafv - ok
23:58:26.0682 1688 MCSTRM - ok
23:58:26.0713 1688 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll
23:58:26.0713 1688 Mcx2Svc - ok
23:58:26.0713 1688 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
23:58:26.0713 1688 megasas - ok
23:58:26.0760 1688 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
23:58:26.0760 1688 MegaSR - ok
23:58:26.0791 1688 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
23:58:26.0791 1688 MMCSS - ok
23:58:26.0807 1688 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
23:58:26.0807 1688 Modem - ok
23:58:26.0853 1688 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
23:58:26.0853 1688 monitor - ok
23:58:26.0885 1688 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
23:58:26.0885 1688 mouclass - ok
23:58:26.0931 1688 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
23:58:26.0931 1688 mouhid - ok
23:58:26.0931 1688 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
23:58:26.0931 1688 mountmgr - ok
23:58:26.0963 1688 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
23:58:26.0963 1688 mpio - ok
23:58:26.0978 1688 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
23:58:26.0978 1688 mpsdrv - ok
23:58:27.0041 1688 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll
23:58:27.0056 1688 MpsSvc - ok
23:58:27.0072 1688 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
23:58:27.0072 1688 MRxDAV - ok
23:58:27.0103 1688 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
23:58:27.0103 1688 mrxsmb - ok
23:58:27.0134 1688 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:58:27.0134 1688 mrxsmb10 - ok
23:58:27.0150 1688 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:58:27.0150 1688 mrxsmb20 - ok
23:58:27.0165 1688 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
23:58:27.0165 1688 msahci - ok
23:58:27.0181 1688 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
23:58:27.0197 1688 msdsm - ok
23:58:27.0228 1688 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
23:58:27.0228 1688 MSDTC - ok
23:58:27.0243 1688 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
23:58:27.0243 1688 Msfs - ok
23:58:27.0243 1688 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
23:58:27.0243 1688 mshidkmdf - ok
23:58:27.0259 1688 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
23:58:27.0259 1688 msisadrv - ok
23:58:27.0306 1688 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
23:58:27.0306 1688 MSiSCSI - ok
23:58:27.0306 1688 msiserver - ok
23:58:27.0337 1688 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
23:58:27.0337 1688 MSKSSRV - ok
23:58:27.0337 1688 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
23:58:27.0337 1688 MSPCLOCK - ok
23:58:27.0337 1688 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
23:58:27.0337 1688 MSPQM - ok
23:58:27.0384 1688 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
23:58:27.0384 1688 MsRPC - ok
23:58:27.0399 1688 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
23:58:27.0399 1688 mssmbios - ok
23:58:27.0399 1688 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
23:58:27.0399 1688 MSTEE - ok
23:58:27.0399 1688 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
23:58:27.0399 1688 MTConfig - ok
23:58:27.0431 1688 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
23:58:27.0431 1688 Mup - ok
23:58:27.0477 1688 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll
23:58:27.0477 1688 napagent - ok
23:58:27.0540 1688 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
23:58:27.0540 1688 NativeWifiP - ok
23:58:27.0618 1688 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
23:58:27.0618 1688 NDIS - ok
23:58:27.0649 1688 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
23:58:27.0649 1688 NdisCap - ok
23:58:27.0680 1688 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
23:58:27.0680 1688 NdisTapi - ok
23:58:27.0711 1688 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
23:58:27.0711 1688 Ndisuio - ok
23:58:27.0727 1688 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
23:58:27.0727 1688 NdisWan - ok
23:58:27.0743 1688 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
23:58:27.0743 1688 NDProxy - ok
23:58:27.0758 1688 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
23:58:27.0774 1688 NetBIOS - ok
23:58:27.0805 1688 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
23:58:27.0805 1688 NetBT - ok
23:58:27.0836 1688 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
23:58:27.0836 1688 Netlogon - ok
23:58:27.0899 1688 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
23:58:27.0899 1688 Netman - ok
23:58:27.0930 1688 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
23:58:27.0930 1688 netprofm - ok
23:58:27.0977 1688 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:58:27.0992 1688 NetTcpPortSharing - ok
23:58:28.0008 1688 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
23:58:28.0008 1688 nfrd960 - ok
23:58:28.0070 1688 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll
23:58:28.0070 1688 NlaSvc - ok
23:58:28.0101 1688 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
23:58:28.0101 1688 Npfs - ok
23:58:28.0117 1688 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
23:58:28.0117 1688 nsi - ok
23:58:28.0133 1688 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
23:58:28.0133 1688 nsiproxy - ok
23:58:28.0242 1688 Ntfs (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys
23:58:28.0242 1688 Ntfs - ok
23:58:28.0351 1688 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
23:58:28.0351 1688 Null - ok
23:58:28.0398 1688 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\DRIVERS\nvraid.sys
23:58:28.0398 1688 nvraid - ok
23:58:28.0413 1688 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\DRIVERS\nvstor.sys
23:58:28.0413 1688 nvstor - ok
23:58:28.0445 1688 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
23:58:28.0445 1688 nv_agp - ok
23:58:28.0445 1688 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
23:58:28.0445 1688 ohci1394 - ok
23:58:28.0507 1688 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:58:28.0507 1688 ose - ok
23:58:28.0554 1688 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
23:58:28.0554 1688 p2pimsvc - ok
23:58:28.0585 1688 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
23:58:28.0585 1688 p2psvc - ok
23:58:28.0616 1688 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
23:58:28.0616 1688 Parport - ok
23:58:28.0647 1688 partmgr (90061b1acfe8ccaa5345750ffe08d8b8) C:\Windows\system32\drivers\partmgr.sys
23:58:28.0647 1688 partmgr - ok
23:58:28.0679 1688 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
23:58:28.0679 1688 PcaSvc - ok
23:58:28.0725 1688 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
23:58:28.0725 1688 pci - ok
23:58:28.0741 1688 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
23:58:28.0741 1688 pciide - ok
23:58:28.0772 1688 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
23:58:28.0772 1688 pcmcia - ok
23:58:28.0803 1688 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
23:58:28.0803 1688 pcw - ok
23:58:28.0850 1688 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
23:58:28.0850 1688 PEAUTH - ok
23:58:28.0928 1688 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
23:58:28.0928 1688 PerfHost - ok
23:58:29.0037 1688 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll
23:58:29.0053 1688 pla - ok
23:58:29.0115 1688 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll
23:58:29.0115 1688 PlugPlay - ok
23:58:29.0131 1688 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
23:58:29.0131 1688 PNRPAutoReg - ok
23:58:29.0162 1688 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
23:58:29.0162 1688 PNRPsvc - ok
23:58:29.0209 1688 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll
23:58:29.0209 1688 PolicyAgent - ok
23:58:29.0240 1688 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
23:58:29.0240 1688 Power - ok
23:58:29.0303 1688 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
23:58:29.0318 1688 PptpMiniport - ok
23:58:29.0318 1688 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
23:58:29.0318 1688 Processor - ok
23:58:29.0365 1688 ProfSvc (f381975e1f4346de875cb07339ce8d3a) C:\Windows\system32\profsvc.dll
23:58:29.0365 1688 ProfSvc - ok
23:58:29.0396 1688 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
23:58:29.0396 1688 ProtectedStorage - ok
23:58:29.0443 1688 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
23:58:29.0443 1688 Psched - ok
23:58:29.0537 1688 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
23:58:29.0552 1688 ql2300 - ok
23:58:29.0677 1688 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
23:58:29.0677 1688 ql40xx - ok
23:58:29.0776 1688 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
23:58:29.0778 1688 QWAVE - ok
23:58:29.0816 1688 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
23:58:29.0818 1688 QWAVEdrv - ok
23:58:29.0841 1688 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
23:58:29.0841 1688 RasAcd - ok
23:58:29.0881 1688 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
23:58:29.0881 1688 RasAgileVpn - ok
23:58:29.0903 1688 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
23:58:29.0906 1688 RasAuto - ok
23:58:29.0921 1688 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
23:58:29.0921 1688 Rasl2tp - ok
23:58:29.0951 1688 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll
23:58:29.0953 1688 RasMan - ok
23:58:29.0983 1688 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
23:58:29.0986 1688 RasPppoe - ok
23:58:30.0003 1688 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
23:58:30.0006 1688 RasSstp - ok
23:58:30.0033 1688 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
23:58:30.0036 1688 rdbss - ok
23:58:30.0048 1688 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
23:58:30.0048 1688 rdpbus - ok
23:58:30.0058 1688 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
23:58:30.0058 1688 RDPCDD - ok
23:58:30.0096 1688 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
23:58:30.0098 1688 RDPENCDD - ok
23:58:30.0098 1688 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
23:58:30.0098 1688 RDPREFMP - ok
23:58:30.0145 1688 RDPWD (447de7e3dea39d422c1504f245b668b1) C:\Windows\system32\drivers\RDPWD.sys
23:58:30.0145 1688 RDPWD - ok
23:58:30.0192 1688 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
23:58:30.0192 1688 rdyboost - ok
23:58:30.0223 1688 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
23:58:30.0239 1688 RemoteAccess - ok
23:58:30.0270 1688 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
23:58:30.0270 1688 RemoteRegistry - ok
23:58:30.0285 1688 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
23:58:30.0285 1688 RpcEptMapper - ok
23:58:30.0317 1688 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
23:58:30.0317 1688 RpcLocator - ok
23:58:30.0363 1688 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
23:58:30.0363 1688 RpcSs - ok
23:58:30.0410 1688 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
23:58:30.0410 1688 rspndr - ok
23:58:30.0457 1688 RTL8167 (baefee35d27a5440d35092ce10267bec) C:\Windows\system32\DRIVERS\Rt64win7.sys
23:58:30.0457 1688 RTL8167 - ok
23:58:30.0488 1688 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
23:58:30.0488 1688 SamSs - ok
23:58:30.0535 1688 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
23:58:30.0535 1688 sbp2port - ok
23:58:30.0566 1688 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
23:58:30.0566 1688 SCardSvr - ok
23:58:30.0582 1688 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
23:58:30.0582 1688 scfilter - ok
23:58:30.0675 1688 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll
23:58:30.0675 1688 Schedule - ok
23:58:30.0707 1688 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
23:58:30.0707 1688 SCPolicySvc - ok
23:58:30.0738 1688 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll
23:58:30.0753 1688 SDRSVC - ok
23:58:30.0816 1688 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
23:58:30.0816 1688 secdrv - ok
23:58:30.0831 1688 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll
23:58:30.0831 1688 seclogon - ok
23:58:30.0847 1688 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
23:58:30.0847 1688 SENS - ok
23:58:30.0863 1688 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
23:58:30.0863 1688 SensrSvc - ok
23:58:30.0878 1688 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
23:58:30.0878 1688 Serenum - ok
23:58:30.0894 1688 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
23:58:30.0894 1688 Serial - ok
23:58:30.0909 1688 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
23:58:30.0909 1688 sermouse - ok
23:58:30.0956 1688 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll
23:58:30.0956 1688 SessionEnv - ok
23:58:30.0972 1688 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
23:58:30.0972 1688 sffdisk - ok
23:58:30.0972 1688 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
23:58:30.0972 1688 sffp_mmc - ok
23:58:30.0987 1688 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys
23:58:30.0987 1688 sffp_sd - ok
23:58:30.0987 1688 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
23:58:30.0987 1688 sfloppy - ok
23:58:31.0034 1688 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
23:58:31.0034 1688 SharedAccess - ok
23:58:31.0081 1688 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll
23:58:31.0081 1688 ShellHWDetection - ok
23:58:31.0097 1688 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
23:58:31.0097 1688 SiSRaid2 - ok
23:58:31.0112 1688 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
23:58:31.0128 1688 SiSRaid4 - ok
23:58:31.0143 1688 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
23:58:31.0143 1688 Smb - ok
23:58:31.0190 1688 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
23:58:31.0190 1688 SNMPTRAP - ok
23:58:31.0206 1688 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
23:58:31.0206 1688 spldr - ok
23:58:31.0268 1688 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe
23:58:31.0268 1688 Spooler - ok
23:58:31.0487 1688 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe
23:58:31.0518 1688 sppsvc - ok
23:58:31.0611 1688 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
23:58:31.0611 1688 sppuinotify - ok
23:58:31.0674 1688 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
23:58:31.0674 1688 srv - ok
23:58:31.0705 1688 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
23:58:31.0721 1688 srv2 - ok
23:58:31.0736 1688 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
23:58:31.0736 1688 srvnet - ok
23:58:31.0783 1688 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
23:58:31.0783 1688 SSDPSRV - ok
23:58:31.0799 1688 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
23:58:31.0799 1688 SstpSvc - ok
23:58:31.0814 1688 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
23:58:31.0814 1688 stexstor - ok
23:58:31.0877 1688 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll
23:58:31.0877 1688 stisvc - ok
23:58:31.0892 1688 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
23:58:31.0892 1688 swenum - ok
23:58:31.0955 1688 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
23:58:31.0955 1688 swprv - ok
23:58:32.0064 1688 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll
23:58:32.0079 1688 SysMain - ok
23:58:32.0204 1688 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll
23:58:32.0204 1688 TabletInputService - ok
23:58:32.0235 1688 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll
23:58:32.0235 1688 TapiSrv - ok
23:58:32.0267 1688 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
23:58:32.0267 1688 TBS - ok
23:58:32.0454 1688 Tcpip (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\drivers\tcpip.sys
23:58:32.0454 1688 Tcpip - ok
23:58:32.0703 1688 TCPIP6 (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\DRIVERS\tcpip.sys
23:58:32.0719 1688 TCPIP6 - ok
23:58:32.0859 1688 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
23:58:32.0859 1688 tcpipreg - ok
23:58:32.0875 1688 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
23:58:32.0875 1688 TDPIPE - ok
23:58:32.0922 1688 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys
23:58:32.0922 1688 TDTCP - ok
23:58:32.0969 1688 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
23:58:32.0969 1688 tdx - ok
23:58:32.0984 1688 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
23:58:32.0984 1688 TermDD - ok
23:58:33.0047 1688 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll
23:58:33.0047 1688 TermService - ok
23:58:33.0062 1688 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
23:58:33.0062 1688 Themes - ok
23:58:33.0078 1688 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
23:58:33.0078 1688 THREADORDER - ok
23:58:33.0093 1688 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
23:58:33.0109 1688 TrkWks - ok
23:58:33.0156 1688 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe
23:58:33.0156 1688 TrustedInstaller - ok
23:58:33.0171 1688 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
23:58:33.0171 1688 tssecsrv - ok
23:58:33.0203 1688 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
23:58:33.0203 1688 tunnel - ok
23:58:33.0218 1688 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
23:58:33.0218 1688 uagp35 - ok
23:58:33.0249 1688 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
23:58:33.0249 1688 udfs - ok
23:58:33.0281 1688 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
23:58:33.0281 1688 UI0Detect - ok
23:58:33.0312 1688 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
23:58:33.0312 1688 uliagpkx - ok
23:58:33.0343 1688 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
23:58:33.0343 1688 umbus - ok
23:58:33.0343 1688 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
23:58:33.0343 1688 UmPass - ok
23:58:33.0374 1688 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
23:58:33.0374 1688 upnphost - ok
23:58:33.0421 1688 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
23:58:33.0421 1688 USBAAPL64 - ok
23:58:33.0468 1688 usbccgp (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys
23:58:33.0468 1688 usbccgp - ok
23:58:33.0499 1688 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
23:58:33.0499 1688 usbcir - ok
23:58:33.0515 1688 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\Windows\system32\DRIVERS\usbehci.sys
23:58:33.0515 1688 usbehci - ok
23:58:33.0561 1688 usbhub (4c9042b8df86c1e8e6240c218b99b39b) C:\Windows\system32\DRIVERS\usbhub.sys
23:58:33.0561 1688 usbhub - ok
23:58:33.0577 1688 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
23:58:33.0577 1688 usbohci - ok
23:58:33.0593 1688 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
23:58:33.0593 1688 usbprint - ok
23:58:33.0608 1688 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:58:33.0608 1688 USBSTOR - ok
23:58:33.0608 1688 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
23:58:33.0608 1688 usbuhci - ok
23:58:33.0639 1688 usbvideo (d501e12614b00a3252073101d6a1a74b) C:\Windows\system32\Drivers\usbvideo.sys
23:58:33.0639 1688 usbvideo - ok
23:58:33.0671 1688 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
23:58:33.0671 1688 UxSms - ok
23:58:33.0702 1688 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
23:58:33.0702 1688 VaultSvc - ok
23:58:33.0733 1688 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
23:58:33.0733 1688 vdrvroot - ok
23:58:33.0795 1688 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe
23:58:33.0795 1688 vds - ok
23:58:33.0811 1688 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
23:58:33.0811 1688 vga - ok
23:58:33.0842 1688 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
23:58:33.0842 1688 VgaSave - ok
23:58:33.0858 1688 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
23:58:33.0858 1688 vhdmp - ok
23:58:33.0873 1688 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
23:58:33.0873 1688 viaide - ok
23:58:33.0889 1688 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
23:58:33.0889 1688 volmgr - ok
23:58:33.0920 1688 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
23:58:33.0920 1688 volmgrx - ok
23:58:33.0951 1688 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
23:58:33.0951 1688 volsnap - ok
23:58:33.0983 1688 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
23:58:33.0983 1688 vsmraid - ok
23:58:34.0092 1688 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe
23:58:34.0107 1688 VSS - ok
23:58:34.0248 1688 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
23:58:34.0248 1688 vwifibus - ok
23:58:34.0263 1688 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
23:58:34.0263 1688 vwififlt - ok
23:58:34.0295 1688 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
23:58:34.0310 1688 W32Time - ok
23:58:34.0326 1688 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
23:58:34.0326 1688 WacomPen - ok
23:58:34.0373 1688 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
23:58:34.0373 1688 WANARP - ok
23:58:34.0373 1688 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
23:58:34.0388 1688 Wanarpv6 - ok
23:58:34.0497 1688 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
23:58:34.0513 1688 WatAdminSvc - ok
23:58:34.0638 1688 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe
23:58:34.0653 1688 wbengine - ok
23:58:35.0121 1688 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
23:58:35.0121 1688 WbioSrvc - ok
23:58:35.0153 1688 wcncsvc (8321c2ca3b62b61b293cda3451984468) C:\Windows\System32\wcncsvc.dll
23:58:35.0153 1688 wcncsvc - ok
23:58:35.0168 1688 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
23:58:35.0168 1688 WcsPlugInService - ok
23:58:35.0215 1688 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
23:58:35.0215 1688 Wd - ok
23:58:35.0246 1688 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
23:58:35.0262 1688 Wdf01000 - ok
23:58:35.0293 1688 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
23:58:35.0293 1688 WdiServiceHost - ok
23:58:35.0293 1688 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
23:58:35.0293 1688 WdiSystemHost - ok
23:58:35.0324 1688 WebClient (8a438cbb8c032a0c798b0c642ffbe572) C:\Windows\System32\webclnt.dll
23:58:35.0324 1688 WebClient - ok
23:58:35.0340 1688 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
23:58:35.0355 1688 Wecsvc - ok
23:58:35.0355 1688 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
23:58:35.0371 1688 wercplsupport - ok
23:58:35.0402 1688 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
23:58:35.0402 1688 WerSvc - ok
23:58:35.0449 1688 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
23:58:35.0465 1688 WfpLwf - ok
23:58:35.0465 1688 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
23:58:35.0465 1688 WIMMount - ok
23:58:35.0480 1688 WinDefend - ok
23:58:35.0496 1688 WinHttpAutoProxySvc - ok
23:58:35.0558 1688 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
23:58:35.0558 1688 Winmgmt - ok
23:58:35.0683 1688 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll
23:58:35.0699 1688 WinRM - ok
23:58:35.0823 1688 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
23:58:35.0823 1688 WinUsb - ok
23:58:35.0901 1688 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
23:58:35.0901 1688 Wlansvc - ok
23:58:35.0979 1688 wltrysvc (13b0a570e1ae451c92da550085d72cf3) C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
23:58:35.0979 1688 wltrysvc - ok
23:58:35.0995 1688 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
23:58:35.0995 1688 WmiAcpi - ok
23:58:36.0073 1688 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
23:58:36.0073 1688 wmiApSrv - ok
23:58:36.0104 1688 WMPNetworkSvc - ok
23:58:36.0120 1688 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
23:58:36.0120 1688 WPCSvc - ok
23:58:36.0167 1688 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll
23:58:36.0167 1688 WPDBusEnum - ok
23:58:36.0198 1688 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
23:58:36.0198 1688 ws2ifsl - ok
23:58:36.0229 1688 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
23:58:36.0229 1688 wscsvc - ok
23:58:36.0229 1688 WSearch - ok
23:58:36.0401 1688 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
23:58:36.0401 1688 wuauserv - ok
23:58:36.0510 1688 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
23:58:36.0510 1688 WudfPf - ok
23:58:36.0541 1688 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
23:58:36.0541 1688 WUDFRd - ok
23:58:36.0557 1688 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll
23:58:36.0572 1688 wudfsvc - ok
23:58:36.0588 1688 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
23:58:36.0588 1688 WwanSvc - ok
23:58:36.0681 1688 X5XSEx_Pr135 (8c6413d62c891d8da084a31da53a09e6) C:\Program Files (x86)\Verizon Games Player\X5XSEx.Sys
23:58:36.0681 1688 X5XSEx_Pr135 - ok
23:58:36.0713 1688 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
23:58:37.0040 1688 \Device\Harddisk0\DR0 - ok
23:58:37.0071 1688 Boot (0x1200) (409f62021c124964fca56bd8c76e2f98) \Device\Harddisk0\DR0\Partition0
23:58:37.0071 1688 \Device\Harddisk0\DR0\Partition0 - ok
23:58:37.0087 1688 Boot (0x1200) (3c70b3253bf6638e310e0249d585636a) \Device\Harddisk0\DR0\Partition1
23:58:37.0087 1688 \Device\Harddisk0\DR0\Partition1 - ok
23:58:37.0087 1688 ============================================================
23:58:37.0087 1688 Scan finished
23:58:37.0087 1688 ============================================================
23:58:37.0087 1280 Detected object count: 0
23:58:37.0087 1280 Actual detected object count: 0

#3 msulinski

msulinski
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:12:57 PM

Posted 11 July 2012 - 08:53 PM

aswMbr result:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2009-09-07 00:03:58
-----------------------------
00:03:58.639 OS Version: Windows x64 6.1.7600
00:03:58.639 Number of processors: 4 586 0x2502
00:03:58.639 ComputerName: VIRGO UserName:
00:03:59.544 Initialize success
00:04:31.337 AVAST engine defs: 12071102
00:04:39.792 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
00:04:39.792 Disk 0 Vendor: FUJITSU_MJA2160BH_FFS_G1 0081001D Size: 152627MB BusType: 11
00:04:39.839 Disk 0 MBR read successfully
00:04:39.839 Disk 0 MBR scan
00:04:39.854 Disk 0 Windows 7 default MBR code
00:04:39.886 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
00:04:39.901 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 152525 MB offset 206848
00:04:39.917 Disk 0 scanning C:\Windows\system32\drivers
00:04:51.601 Service scanning
00:05:49.290 Modules scanning
00:05:49.306 Disk 0 trace - called modules:
00:05:49.353 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
00:05:49.353 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8003bb1790]
00:05:49.914 3 CLASSPNP.SYS[fffff8800195d43f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80048bf060]
00:05:50.585 AVAST engine scan C:\Windows
00:05:52.176 AVAST engine scan C:\Windows\system32
00:08:03.575 AVAST engine scan C:\Windows\system32\drivers
00:08:12.732 AVAST engine scan C:\Users\csulinski
00:32:04.534 File: C:\Users\csulinski\AppData\Local\Temp\qSloOdDZIOPC7s.exe.tmp **INFECTED** Win32:FakeSysdef-NQ [Trj]
00:37:16.269 AVAST engine scan C:\ProgramData
00:37:22.338 File: C:\ProgramData\iYHJOPyUiWL.exe **INFECTED** Win32:FakeSysdef-NQ [Trj]
00:37:42.431 Scan finished successfully
00:48:29.925 Disk 0 MBR has been saved successfully to "C:\MBR.dat"
00:48:29.925 The log file has been saved successfully to "C:\aswMBR.txt"

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:57 AM

Posted 11 July 2012 - 09:08 PM

Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log


Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

#5 msulinski

msulinski
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:12:57 PM

Posted 11 July 2012 - 09:40 PM

Here is the ESET list. Installing Malware Bytes now

C:\ProgramData\iYHJOPyUiWL.exe a variant of Win32/Kryptik.AIGT trojan cleaned by deleting - quarantined
C:\Users\csulinski\AppData\Local\Temp\jar_cache7425752517470933909.tmp Java/Exploit.CVE-2012-0507.CS trojan cleaned by deleting - quarantined
C:\Users\csulinski\AppData\Local\Temp\qSloOdDZIOPC7s.exe.tmp a variant of Win32/Kryptik.AIGT trojan cleaned by deleting - quarantined

#6 msulinski

msulinski
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:12:57 PM

Posted 11 July 2012 - 09:43 PM

I got an error that I can't run Malwarebytes in safe mode, so I am going to try in regular mode

Edit: That was the protection service, but I was still able to start scanning.

Edited by msulinski, 11 July 2012 - 09:46 PM.


#7 msulinski

msulinski
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:12:57 PM

Posted 11 July 2012 - 09:47 PM

That was fast. Here are the MBAM results:

Malwarebytes Anti-Malware (Trial) 1.62.0.1300
www.malwarebytes.org

Database version: v2012.07.12.01

Windows 7 x64 NTFS (Safe Mode/Networking)
Internet Explorer 9.0.8112.16421
csulinski :: VIRGO [administrator]

Protection: Disabled

9/7/2009 1:41:32 AM
mbam-log-2009-09-07 (01-42-58).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: File System | P2P
Objects scanned: 197527
Time elapsed: 13 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 2
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowMyComputer (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowSearch (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken.

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#8 msulinski

msulinski
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:12:57 PM

Posted 11 July 2012 - 09:57 PM

How do I get my desktop icons and Start Menu shortcuts back?

MBAM is clean now. Here are the minitoolkit results:

MiniToolBox by Farbar Version: 25-06-2012
Ran by csulinski (administrator) on 07-09-2009 at 01:51:34
Microsoft Windows 7 Home Premium (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================



========================= IP Configuration: ================================

Dell Wireless 1397 WLAN Mini-Card = Wireless Network Connection (Connected)
Realtek RTL8102E/RTL8103E Family PCI-E Fast Ethernet NIC (NDIS 6.20) = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : virgo
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : sulinskiccp

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : sulinskiccp
Description . . . . . . . . . . . : Dell Wireless 1397 WLAN Mini-Card
Physical Address. . . . . . . . . : F0-7B-CB-32-CE-5D
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::19db:2c46:d269:3619%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.13(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Monday, September 07, 2009 1:45:43 AM
Lease Expires . . . . . . . . . . : Tuesday, September 08, 2009 1:45:42 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 233864139
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-3A-C5-27-B8-AC-6F-56-4C-AB
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek RTL8102E/RTL8103E Family PCI-E Fast Ethernet NIC (NDIS 6.20)
Physical Address. . . . . . . . . : B8-AC-6F-56-4C-AB
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:18b3:58:b599:9d09(Preferred)
Link-local IPv6 Address . . . . . : fe80::18b3:58:b599:9d09%13(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.sulinskiccp:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : sulinskiccp
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: Wireless_Broadband_Router.sulinskiccp
Address: 192.168.1.1

Name: google.com
Addresses: 2607:f8b0:4006:801::1007
74.125.226.206
74.125.226.199
74.125.226.198
74.125.226.201
74.125.226.200
74.125.226.194
74.125.226.195
74.125.226.196
74.125.226.192
74.125.226.193
74.125.226.197


Pinging google.com [74.125.226.200] with 32 bytes of data:
Reply from 74.125.226.200: bytes=32 time=11ms TTL=251
Reply from 74.125.226.200: bytes=32 time=12ms TTL=251

Ping statistics for 74.125.226.200:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 11ms, Maximum = 12ms, Average = 11ms
Server: Wireless_Broadband_Router.sulinskiccp
Address: 192.168.1.1

Name: yahoo.com
Addresses: 72.30.38.140
209.191.122.70
98.139.183.24


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=101ms TTL=249
Reply from 72.30.38.140: bytes=32 time=109ms TTL=249

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 101ms, Maximum = 109ms, Average = 105ms
Server: Wireless_Broadband_Router.sulinskiccp
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=4ms TTL=128
Reply from 127.0.0.1: bytes=32 time=3ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 3ms, Maximum = 4ms, Average = 3ms
===========================================================================
Interface List
12...f0 7b cb 32 ce 5d ......Dell Wireless 1397 WLAN Mini-Card
11...b8 ac 6f 56 4c ab ......Realtek RTL8102E/RTL8103E Family PCI-E Fast Ethernet NIC (NDIS 6.20)
1...........................Software Loopback Interface 1
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.13 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.13 281
192.168.1.13 255.255.255.255 On-link 192.168.1.13 281
192.168.1.255 255.255.255.255 On-link 192.168.1.13 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.13 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.13 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
13 58 ::/0 On-link
1 306 ::1/128 On-link
13 58 2001::/32 On-link
13 306 2001:0:4137:9e76:18b3:58:b599:9d09/128
On-link
12 281 fe80::/64 On-link
13 306 fe80::/64 On-link
13 306 fe80::18b3:58:b599:9d09/128
On-link
12 281 fe80::19db:2c46:d269:3619/128
On-link
1 306 ff00::/8 On-link
13 306 ff00::/8 On-link
12 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [51712] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70144] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/07/2009 01:50:44 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (09/07/2009 01:50:26 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (09/07/2009 01:40:15 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (09/07/2009 01:37:49 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (09/07/2009 01:37:49 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (09/07/2009 01:37:49 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (09/07/2009 01:37:49 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (09/07/2009 01:37:44 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (09/07/2009 01:37:27 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (09/07/2009 01:18:22 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.


System errors:
=============
Error: (09/07/2009 01:45:57 AM) (Source: Service Control Manager) (User: )
Description: The MCSTRM service failed to start due to the following error:
%%2

Error: (09/07/2009 01:45:25 AM) (Source: atikmdag) (User: )
Description: Display is not active

Error: (09/07/2009 01:45:25 AM) (Source: atikmdag) (User: )
Description: CPLIB :: General - Invalid Parameter

Error: (09/07/2009 00:48:17 AM) (Source: DCOM) (User: )
Description: 1068fdPHost{D3DCB472-7261-43CE-924B-0704BD730D5F}

Error: (09/07/2009 00:48:17 AM) (Source: DCOM) (User: )
Description: 1068fdPHost{145B4335-FE2A-4927-A040-7C35AD3180EF}

Error: (09/06/2009 11:47:21 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1068

Error: (09/06/2009 11:47:21 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (09/06/2009 11:47:21 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (09/06/2009 11:47:21 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (09/06/2009 11:47:21 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068


Microsoft Office Sessions:
=========================
Error: (09/07/2009 01:50:44 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (09/07/2009 01:50:26 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (09/07/2009 01:40:15 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (09/07/2009 01:37:49 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (09/07/2009 01:37:49 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (09/07/2009 01:37:49 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (09/07/2009 01:37:49 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (09/07/2009 01:37:44 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (09/07/2009 01:37:27 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (09/07/2009 01:18:22 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.


=========================== Installed Programs ============================

Abigail and the Kingdom of Fairs
Adobe AIR (Version: 3.1.0.4880)
Adobe Flash Player 11 ActiveX 64-bit (Version: 11.1.102.55)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Advanced Audio FX Engine (Version: 1.12.05)
All My Gods
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (Version: 2.1.3.127)
Ask Toolbar (Version: 1.13.1.0)
Bonjour (Version: 3.0.0.10)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
Compatibility Pack for the 2007 Office system (Version: 12.0.6514.5001)
Dell Resource CD (Version: 1.00.0000)
Dell Software Uninstall
Dell Webcam Central (Version: 1.40.05)
Dell Wireless WLAN Card Utility (Version: 5.30.21.0)
eMusic Download Manager (Version: 5.0.5)
GamesBar 2.0.1.82 (Version: 2.0.1.82)
iTunes (Version: 10.6.1.7)
Jane’s Zoo
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 29 (Version: 6.0.290)
Live! Cam Avatar Creator (Version: 4.6.3009.1)
Logitech Harmony Remote Software 7 (Version: 7.7.0.0)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Memorex exPressit Label Design Studio
Microsoft Office Professional Edition 2003 (Version: 11.0.5614.0)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
My Kingdom for the Princess II
QuickTime (Version: 7.72.80.56)
Remote Control USB Driver (Version: 2.3.2.317)
Rescue Team 2
Rhapsody
Rhianna Ford - The Da Vinci Letter
Roads of Rome 2
Royal Envoy 2
Sallys Spa
Supermarket Mania 2
The Price is Right
Verizon Games Player
Virtual City 2: Paradise Resort
Youda Survivor

========================= Memory info: ===================================

Percentage of memory in use: 33%
Total physical RAM: 3956.54 MB
Available physical RAM: 2620.54 MB
Total Pagefile: 7911.22 MB
Available Pagefile: 6348.59 MB
Total Virtual: 4095.88 MB
Available Virtual: 3955.64 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:148.95 GB) (Free:96.61 GB) NTFS

========================= Users: ========================================

User accounts for \\VIRGO

Administrator csulinski Guest


**** End of log ****

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:57 AM

Posted 11 July 2012 - 10:01 PM

Please run MBAM once again and remove infections

Download

UNHIDE

Run it,this should unhide your files

Let me know if it restored your startmenu programs

#10 msulinski

msulinski
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:12:57 PM

Posted 12 July 2012 - 07:14 PM

The scan comes up clean now and my icons are back.

Thanks for the help

Edited by msulinski, 12 July 2012 - 07:15 PM.


#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:57 AM

Posted 12 July 2012 - 08:45 PM

Expand your startmenu programs and make sure all icons have been recovered before following these steps

Download

TFC


Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your flash player

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Uninstall ask toolbar

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users