Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Highjackthis log, Please help!


  • This topic is locked This topic is locked
25 replies to this topic

#1 steve1147

steve1147

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:06:13 PM

Posted 03 December 2012 - 09:46 AM

Hello and thanks in advance for your help, this has me so frustrated.
My Toshiba laptop freezes-up right after boot. It runs fine in Safe Mode, so I was able to within Safe run Malwarebytes, Spybot, Stinger, etc., but to no avail.
I reset Bios to original and disabled all Startup within Msconfig. Still same. It wouldn't let me install Hijackthis while in safe, so I had to install it off a flash drive and run this log. Can't do anything after normal start-up, just look at the screen and move the pointer around.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 6:34:12 AM, on 12/3/2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16455)
Boot mode: Safe mode with network support

Running processes:
C:\Windows\Explorer.EXE
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\AVG\AVG2013\avguirux.exe
C:\Users\Jeremy\Desktop\HiJackThis\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120628154844.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [cfFncEnabler.exe] cfFncEnabler.exe
O4 - HKLM\..\Run: [ToshibaServiceStation] "C:\Program Files\TOSHIBA\TOSHIBA Service Station\TSS.exe" /hide
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [Monitor] "C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKCU\..\Run: [TOSCDSPD] TOSCDSPD.EXE
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [eFax 4.4] "C:\Program Files\eFax Messenger 4.4\J2GDllCmd.exe" /R
O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Jeremy\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil11g_ActiveX.exe -update activex
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: eFax 4.4.lnk = C:\Program Files\eFax Messenger 4.4\J2GTray.exe
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: OneNote Table Of Contents.onetoc2
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {A4110378-789B-455F-AE86-3A1BFC402853} (ZPA_SHVL Object) - http://zone.msn.com/bingame/zpagames/zpa_shvl.cab55579.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/ZPAFramework.cab102118.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~1\mcafee\msc\mcsniepl.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LeapFrog Connect Device Service - LeapFrog Enterprises, Inc. - C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Windows\system32\mfevtps.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 12202 bytes

BC AdBot (Login to Remove)

 


#2 TheShooter93

TheShooter93

    Cody


  • Malware Response Team
  • 4,792 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Orlando, Florida
  • Local time:07:13 PM

Posted 04 December 2012 - 10:04 PM

Hello steve1147,

My name is Cody and I'll be helping you clean up your computer.

I will reply as soon as possible (typically within 48 hours). In turn, I ask that you please respond within 72 hours. If you know you will be away longer than that, I just ask for notice ahead of time.

Some points for you to keep in mind:

  • Do NOT run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Do not attach logs or use code boxes, just copy and paste the text.
    • It's simply easier for me to analyze logs in this format.
  • Provide feedback about your experience as we go.
    • Every post you make, please describe in detail how the computer is behaving. "The same" is not detailed enough. If you have any questions at any point, feel free to ask.

NOTE: When you post your reply, do not use the Posted Image button but use the Posted Image button instead.

In the upper right hand corner of the topic you will see the Posted Image button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planned. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

------------------------------------------------------

While the HijackThis log is helpful, I'm going to use some slightly more powerful tools to get a better start. :thumbup2:

Please download DDS by sUBs from one of the following links. Save it to your desktop.
DDS.com
DDS.pif
  • Double click on the DDS icon, allow it to run.
  • Mark the option attach.txt.
  • Click on Start.
  • After the scan has finished, confirm the message with Ok.
  • DDS will automatically open both logfiles.
  • You can find them on your desktop as well.
  • Please post the content of those logfiles with your next answer.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE

CCNA R&SCCNA Security | Network+  |  B.S. - Information Technology | Cyber Security Engineer

If I am helping you and have not replied within 48 hours, please send me a private message.

 

 


#3 steve1147

steve1147
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:06:13 PM

Posted 05 December 2012 - 10:18 AM

OK, thanks! Here's the text log files.
I'm having to download these on a different computer, move them by flash drive to the bad computer, and run them in Safe Mode, nothing will run except in Safe.

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft® Windows Vista™ Home Basic
Boot Device: \Device\HarddiskVolume2
Install Date: 3/22/2010 2:08:16 PM
System Uptime: 12/3/2012 8:49:11 AM (48 hours ago)
.
Motherboard: TOSHIBA | | Portable PC
Processor: Intel® Celeron® CPU 900 @ 2.20GHz | CPU | 2194/800mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 224 GiB total, 113.674 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft 6to4 Adapter
Device ID: ROOT\*6TO4MP\0001
Manufacturer: Microsoft
Name: 6TO4 Adapter
PNP Device ID: ROOT\*6TO4MP\0001
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft 6to4 Adapter
Device ID: ROOT\*6TO4MP\0002
Manufacturer: Microsoft
Name: 6TO4 Adapter
PNP Device ID: ROOT\*6TO4MP\0002
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0005
Manufacturer: Microsoft
Name: isatap.{49F463BA-7EBE-49F3-9820-B700CA74010B}
PNP Device ID: ROOT\*ISATAP\0005
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0006
Manufacturer: Microsoft
Name: isatap.{49F463BA-7EBE-49F3-9820-B700CA74010B}
PNP Device ID: ROOT\*ISATAP\0006
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0007
Manufacturer: Microsoft
Name: isatap.{49F463BA-7EBE-49F3-9820-B700CA74010B}
PNP Device ID: ROOT\*ISATAP\0007
Service: tunnel
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
Acrobat.com
Adobe AIR
Adobe Flash Player 10 Plugin
Adobe Flash Player 11 ActiveX
Adobe Reader X (10.1.2)
Amazon Links
Apple Application Support
Apple Mobile Device Support
Apple Software Update
AVG 2013
Bing Bar
Bonjour
Bowl Bound College Football Demo
CD/DVD Drive Acoustic Silencer
Compatibility Pack for the 2007 Office system
DVD MovieFactory for TOSHIBA
DVD Shrink 3.2
eFax Messenger
Google Chrome
Google Desktop
Google Update Helper
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
iCloud
Intel® Graphics Media Accelerator Driver
Intel® Matrix Storage Manager
iTunes
Java Auto Updater
Java™ 6 Update 31
Java™ 6 Update 6
LeapFrog Connect
LeapFrog My Pals Plugin
Malwarebytes Anti-Malware version 1.65.1.1000
McAfee Security Scan Plus
McAfee SecurityCenter
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Suite Activation Assistant
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft UI Engine
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Works
Microsoft XML Parser
MobileMe Control Panel
Mozilla Firefox (3.6.3)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nero 8
Picasa 3
QuickBooks Financial Center
QuickTime
Realtek 8169 8168 8101E 8102E Ethernet Driver
Realtek High Definition Audio Driver
REALTEK RTL8187B Wireless LAN Driver
Realtek USB 2.0 Card Reader
Realtek WiFi Protected Setup Library
Safari
Samsung New PC Studio
SAMSUNG USB Driver for Mobile Phones
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687314) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2687315) 32-Bit Edition
Security Update for Windows Media Encoder (KB2447961)
Security Update for Windows Media Encoder (KB954156)
Security Update for Windows Media Encoder (KB979332)
Shared C Run-time for x86
Synaptics Pointing Device Driver
TOSHIBA Assist
TOSHIBA ConfigFree
TOSHIBA Desktop Links
TOSHIBA Disc Creator
TOSHIBA DVD PLAYER
TOSHIBA Extended Tiles for Windows Mobility Center
TOSHIBA Hardware Setup
TOSHIBA Recovery Disc Creator
Toshiba Registration
TOSHIBA Service Station
TOSHIBA Speech System Applications
TOSHIBA Speech System SR Engine(U.S.) Version1.0
TOSHIBA Speech System TTS Engine(U.S.) Version1.0
TOSHIBA Supervisor Password
TOSHIBA Value Added Package
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Use the entry named LeapFrog Connect to uninstall (LeapFrog My Pals Plugin)
WildTangent Games
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012)
Windows Live ID Sign-in Assistant
Windows Media Encoder 9 Series
.
==== End Of File ===========================


AVG 2013 Anti-Virus command line scanner
Copyright © 1992 - 2012 AVG Technologies
Program version 2013.0.2793, engine 2013.0.2634
Virus Database: Version 2634/5932 2012-12-02

#4 TheShooter93

TheShooter93

    Cody


  • Malware Response Team
  • 4,792 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Orlando, Florida
  • Local time:07:13 PM

Posted 05 December 2012 - 10:31 AM

Hello steve1147,

That is just the attach.txt.

I need you to copy and paste the contents of DDS.txt in your next post, and attach attach.txt.

Edited by TheShooter93, 05 December 2012 - 10:31 AM.

CCNA R&SCCNA Security | Network+  |  B.S. - Information Technology | Cyber Security Engineer

If I am helping you and have not replied within 48 hours, please send me a private message.

 

 


#5 steve1147

steve1147
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:06:13 PM

Posted 05 December 2012 - 02:25 PM

OK Thanks, here it is (I hope!)

DDS (Ver_2012-11-20.01) - NTFS_x86 NETWORK
Internet Explorer: 9.0.8112.16455 BrowserJavaVersion: 1.6.0_31
Run by Jeremy at 8:54:00 on 2012-12-05
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.2939.2404 [GMT -6:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: AVG Anti-Virus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG Anti-Virus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: McAfee Firewall *Disabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\mfevtps.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSHB&bmod=TSHB
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSHB&bmod=TSHB
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSHB&bmod=TSHB
mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSHB&bmod=TSHB
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre6\bin\ssv.dll
BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20120628154844.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [TOSCDSPD] TOSCDSPD.EXE
uRun: [MobileDocuments] c:\program files\common files\apple\internet services\ubd.exe
uRun: [Google Update] "c:\users\jeremy\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [eFax 4.4] "c:\program files\efax messenger 4.4\J2GDllCmd.exe" /R
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\nero\lib\NMBgMonitor.exe"
uRun: [AutoStartNPSAgent] c:\program files\samsung\samsung new pc studio\NPSAgent.exe
mRun: [NPSStartup] <no file>
StartupFolder: c:\users\jeremy\appdata\roaming\micros~1\windows\startm~1\programs\startup\efax44~1.lnk - c:\program files\efax messenger 4.4\J2GTray.exe
StartupFolder: c:\users\jeremy\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\users\jeremy\appdata\roaming\microsoft\windows\start menu\programs\startup\OneNote Table Of Contents.onetoc2
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\2.0.181\SSScheduler.exe
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {A4110378-789B-455F-AE86-3A1BFC402853} - hxxp://zone.msn.com/bingame/zpagames/zpa_shvl.cab55579.cab
DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://cdn2.zone.msn.com/binFramework/v10/ZPAFramework.cab102118.cab
DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{49F463BA-7EBE-49F3-9820-B700CA74010B} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{9B95B749-3394-4154-8B1E-763DEF37DF25} : DHCPNameServer = 24.217.0.5 24.217.201.67 24.247.15.53
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\program files\mcafee\msc\McSnIePl.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs= c:\progra~1\google\google~1\GOEC62~1.DLL
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\jeremy\appdata\roaming\mozilla\firefox\profiles\0d4anqqd.default\
FF - plugin: c:\program files\google\update\1.2.183.23\npGoogleOneClick8.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: McAfee SiteAdvisor: {B7082FAA-CB62-4872-9106-E42DD88EDE45} - c:\program files\mcafee\SiteAdvisor
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-10-15 55776]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2012-9-21 177376]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2012-10-5 93536]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2012-9-14 35552]
R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2011-3-8 554048]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2012-9-21 164832]
R1 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2011-3-8 206784]
R1 RtlProt;Realtke RtlProt WLAN Utility Protocol Driver;c:\windows\system32\drivers\RtlProt.sys [2010-3-22 25896]
R2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2011-3-8 167784]
R2 mfefire;McAfee Firewall Core Service;c:\program files\common files\mcafee\systemcore\mfefire.exe [2011-3-8 168368]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2011-3-8 166320]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2011-3-8 60480]
R3 FwLnk;FwLnk Driver;c:\windows\system32\drivers\FwLnk.sys [2008-9-30 7168]
R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2011-3-8 360792]
R3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\drivers\rtl8187B.sys [2010-3-22 290304]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2012-10-22 179936]
S1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2012-9-21 19936]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2012-10-2 159712]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2013\avgidsagent.exe [2012-11-6 5814392]
S2 avgwd;AVG WatchDog;c:\program files\avg\avg2013\avgwdsvc.exe [2012-10-22 196664]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 ConfigFree Service;ConfigFree Service;c:\program files\toshiba\configfree\CFSvcs.exe [2008-4-17 40960]
S2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2010-4-24 238952]
S2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-12-2 399432]
S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-12-2 676936]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\mcafee\siteadvisor\McSACore.exe [2010-3-23 95200]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2011-3-8 167784]
S2 McProxy;McAfee Proxy Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2011-3-8 167784]
S2 McShield;McAfee McShield;c:\program files\common files\mcafee\systemcore\mcshield.exe [2011-3-8 200816]
S2 TMachInfo;TMachInfo;c:\program files\toshiba\toshiba service station\TMachInfo.exe [2008-9-30 46392]
S2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service;c:\program files\toshiba\smartlogservice\TosIPCSrv.exe [2007-12-3 126976]
S3 BBSvc;Bing Bar Update Service;c:\program files\microsoft\bingbar\BBSvc.EXE [2011-2-28 183560]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2010-4-24 36608]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2008-9-30 30192]
S3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys [2012-10-25 146872]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-2 22856]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
S3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2011-3-8 230224]
S3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2011-3-8 61912]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2011-3-8 92192]
S3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\drivers\netaapl.sys [2010-4-19 18432]
S3 sscebus;SAMSUNG USB Composite Device V2 driver (WDM);c:\windows\system32\drivers\sscebus.sys [2010-4-24 98560]
S3 sscemdfl;SAMSUNG Mobile Modem V2 Filter;c:\windows\system32\drivers\sscemdfl.sys [2010-4-24 14848]
S3 sscemdm;SAMSUNG Mobile Modem V2 Drivers;c:\windows\system32\drivers\sscemdm.sys [2010-4-24 123648]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2012-12-03 12:42:41 -------- d-----w- c:\windows\pss
2012-12-02 16:49:11 -------- d-----w- c:\users\jeremy\appdata\roaming\AVG2013
2012-12-02 16:48:33 -------- d-----w- c:\users\jeremy\appdata\roaming\TuneUp Software
2012-12-02 16:48:02 -------- d--h--w- C:\$AVG
2012-12-02 16:48:02 -------- d-----w- c:\programdata\AVG2013
2012-12-02 16:47:24 -------- d-----w- c:\program files\AVG
2012-12-02 16:44:32 -------- d--h--w- c:\programdata\Common Files
2012-12-02 16:44:32 -------- d-----w- c:\users\jeremy\appdata\local\MFAData
2012-12-02 16:44:32 -------- d-----w- c:\users\jeremy\appdata\local\Avg2013
2012-12-02 16:44:32 -------- d-----w- c:\programdata\MFAData
2012-12-02 13:02:02 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-12-02 13:02:02 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-12-02 02:49:49 -------- d-sh--w- C:\found.003
2012-12-02 01:08:08 -------- d-sh--w- C:\found.004
2012-12-01 22:14:52 -------- d-----w- c:\program files\stinger
2012-12-01 22:12:53 -------- d-----w- c:\users\jeremy\appdata\roaming\Ad-Aware Antivirus
2012-12-01 21:48:53 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2012-12-01 21:46:53 -------- d-----w- c:\users\jeremy\appdata\roaming\Malwarebytes
2012-12-01 21:46:53 -------- d-----w- c:\programdata\Malwarebytes
2012-11-30 23:55:30 -------- d-sh--w- C:\found.002
2012-11-28 15:55:03 -------- d-sh--w- C:\found.001
2012-11-28 02:25:14 -------- d-sh--w- C:\found.000
2012-11-15 04:57:33 75776 ----a-w- c:\windows\system32\synceng.dll
2012-11-15 04:57:06 2047488 ----a-w- c:\windows\system32\win32k.sys
.
==================== Find3M ====================
.
2012-10-22 19:02:46 179936 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
2012-10-15 09:48:52 55776 ----a-w- c:\windows\system32\drivers\avgidshx.sys
2012-10-08 07:56:24 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-10-08 07:48:03 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-10-08 07:47:44 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-10-08 07:44:05 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-10-08 07:43:21 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-10-08 07:40:56 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-10-02 09:30:38 159712 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2012-09-21 09:46:06 164832 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2012-09-21 09:46:00 177376 ----a-w- c:\windows\system32\drivers\avglogx.sys
2012-09-21 09:45:54 19936 ----a-w- c:\windows\system32\drivers\avgidsshimx.sys
2012-09-14 09:05:20 35552 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2012-09-13 13:28:08 2048 ----a-w- c:\windows\system32\tzres.dll
.
============= FINISH: 8:55:42.34 ===============

Attached Files



#6 TheShooter93

TheShooter93

    Cody


  • Malware Response Team
  • 4,792 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Orlando, Florida
  • Local time:07:13 PM

Posted 06 December 2012 - 03:44 PM

Hello steve1147,

I didn't find anything malicious in your logs, though I do have a fix for your computer freezing at startup when booting into Windows normally.

Please boot your computer into Safe Mode With Networking.

How to Access Safe Mode With Networking

While the computer is turning on, tap F8 repeatedly until a black screen with white text appears. Using your arrow keys highlight the option Safe Mode With Networking and hit Enter.

Note: If you're using Windows XP, connect to your modem or router with an Ethernet cable, then follow these directions.

--------------------------------------------

In Safe Mode With Networking:

Download the McAfee Removal Tool.

Also, download the AVG 2013 Removal Tool.

Launch both of these pieces of software and the corresponding antivirus program will be uninstalled from your computer.

Ordinarily, I would never recommend uninstalling an antivirus program as the presence of one is essential on a computer. But in this case, you have two antivirus programs installed and running which can cause conflicts and even leave your computer open to attack. One of the problems they could be causing is your inability to boot into Windows normally.

I would like to get a fresh start with both antivirus programs removed, and we'll see if you're able to boot into Windows normally.

Please let me know when you've completed this.

CCNA R&SCCNA Security | Network+  |  B.S. - Information Technology | Cyber Security Engineer

If I am helping you and have not replied within 48 hours, please send me a private message.

 

 


#7 steve1147

steve1147
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:06:13 PM

Posted 07 December 2012 - 11:18 AM

OK Thanks. I removed both Mcafee and avg, did a couple re-boots to standard, and it's still freezing. I can get a good minute or two out of it either inet or just opening stuff, but then it goes to the cursor will move around with the mouse, but if you click on anything, the little 'wheel' at the cursor starts spinning (waiting) and nothing else happens. Still boots up and works OK in Safe.
Thanks, Steve W.

#8 TheShooter93

TheShooter93

    Cody


  • Malware Response Team
  • 4,792 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Orlando, Florida
  • Local time:07:13 PM

Posted 09 December 2012 - 09:32 AM

Hello steve1147,

Please download aswMBR to your desktop.
  • Double click the aswMBR.exe icon, and click Run.
  • If Avast! antivirus prompts you to download updates, press NO.
  • When asked if you'd like to "download the latest Avast! virus definitions", click Yes.
  • Click the Scan button to start the scan.
  • On completion of the scan, click the save log button, save it to your desktop, then copy and paste it in your next reply.

Edited by TheShooter93, 09 December 2012 - 09:32 AM.

CCNA R&SCCNA Security | Network+  |  B.S. - Information Technology | Cyber Security Engineer

If I am helping you and have not replied within 48 hours, please send me a private message.

 

 


#9 steve1147

steve1147
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:06:13 PM

Posted 10 December 2012 - 09:32 AM

Attached File  photo (52).JPG   143KB   4 downloads
Thanks for all the help! downloaded and ran aswMBR in Safe Mode 4 times, same result, about 8 minutes into the scan, I get the windows 'blue screen of death' warning, and the machine goes into a restart.
I've attached screenshots of aswMBR running immediately before this shut-down, and the 'blue screen' screenshot so maybe you can make some sense of it.Attached File  photo (51).JPG   130.95KB   4 downloads
Thanks, Steve

#10 TheShooter93

TheShooter93

    Cody


  • Malware Response Team
  • 4,792 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Orlando, Florida
  • Local time:07:13 PM

Posted 11 December 2012 - 10:01 AM

Hello steve1147,

That's quite odd. Let's try this one instead.

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not an option, Skip instead, do not choose Delete unless instructed.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.

CCNA R&SCCNA Security | Network+  |  B.S. - Information Technology | Cyber Security Engineer

If I am helping you and have not replied within 48 hours, please send me a private message.

 

 


#11 steve1147

steve1147
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:06:13 PM

Posted 12 December 2012 - 12:23 PM

Ran the TDSS, it said it found nothing, here's the log:

11:16:22.0314 0724 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
11:16:22.0938 0724 ============================================================
11:16:22.0938 0724 Current date / time: 2012/12/12 11:16:22.0938
11:16:22.0938 0724 SystemInfo:
11:16:22.0938 0724
11:16:22.0938 0724 OS Version: 6.0.6002 ServicePack: 2.0
11:16:22.0938 0724 Product type: Workstation
11:16:22.0938 0724 ComputerName: TOSHIBA
11:16:22.0938 0724 UserName: Jeremy
11:16:22.0938 0724 Windows directory: C:\Windows
11:16:22.0938 0724 System windows directory: C:\Windows
11:16:22.0938 0724 Processor architecture: Intel x86
11:16:22.0938 0724 Number of processors: 1
11:16:22.0938 0724 Page size: 0x1000
11:16:22.0938 0724 Boot type: Safe boot with network
11:16:22.0938 0724 ============================================================
11:16:23.0406 0724 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
11:16:23.0406 0724 ============================================================
11:16:23.0406 0724 \Device\Harddisk0\DR0:
11:16:23.0406 0724 MBR partitions:
11:16:23.0406 0724 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x1C068800
11:16:23.0406 0724 ============================================================
11:16:23.0436 0724 C: <-> \Device\Harddisk0\DR0\Partition1
11:16:23.0436 0724 ============================================================
11:16:23.0436 0724 Initialize success
11:16:23.0436 0724 ============================================================
11:16:33.0531 1052 ============================================================
11:16:33.0531 1052 Scan started
11:16:33.0531 1052 Mode: Manual;
11:16:33.0531 1052 ============================================================
11:16:33.0796 1052 ================ Scan system memory ========================
11:16:33.0796 1052 System memory - ok
11:16:33.0796 1052 ================ Scan services =============================
11:16:34.0514 1052 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
11:16:34.0514 1052 ACPI - ok
11:16:34.0607 1052 [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
11:16:34.0607 1052 AdobeARMservice - ok
11:16:34.0717 1052 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
11:16:34.0717 1052 adp94xx - ok
11:16:34.0732 1052 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
11:16:34.0732 1052 adpahci - ok
11:16:34.0763 1052 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
11:16:34.0795 1052 adpu160m - ok
11:16:34.0810 1052 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
11:16:34.0810 1052 adpu320 - ok
11:16:34.0857 1052 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
11:16:34.0873 1052 AeLookupSvc - ok
11:16:34.0935 1052 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
11:16:34.0935 1052 AFD - ok
11:16:34.0997 1052 [ 5D97943C128ED756D1B0A08302C1B1F8 ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys
11:16:35.0013 1052 AgereSoftModem - ok
11:16:35.0049 1052 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
11:16:35.0049 1052 agp440 - ok
11:16:35.0089 1052 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
11:16:35.0119 1052 aic78xx - ok
11:16:35.0149 1052 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
11:16:35.0149 1052 ALG - ok
11:16:35.0179 1052 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
11:16:35.0179 1052 aliide - ok
11:16:35.0209 1052 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
11:16:35.0209 1052 amdagp - ok
11:16:35.0219 1052 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
11:16:35.0219 1052 amdide - ok
11:16:35.0229 1052 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
11:16:35.0229 1052 AmdK7 - ok
11:16:35.0239 1052 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
11:16:35.0239 1052 AmdK8 - ok
11:16:35.0279 1052 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
11:16:35.0279 1052 Appinfo - ok
11:16:35.0379 1052 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:16:35.0379 1052 Apple Mobile Device - ok
11:16:35.0419 1052 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
11:16:35.0419 1052 arc - ok
11:16:35.0459 1052 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
11:16:35.0459 1052 arcsas - ok
11:16:35.0489 1052 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
11:16:35.0489 1052 AsyncMac - ok
11:16:35.0519 1052 [ 0D83C87A801A3DFCD1BF73893FE7518C ] atapi C:\Windows\system32\drivers\atapi.sys
11:16:35.0519 1052 atapi - ok
11:16:35.0579 1052 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:16:35.0579 1052 AudioEndpointBuilder - ok
11:16:35.0589 1052 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
11:16:35.0589 1052 Audiosrv - ok
11:16:39.0485 1052 [ 56C73C5BC1656656CAC38A23B4310466 ] AVGIDSAgent C:\Program Files\AVG\AVG2013\avgidsagent.exe
11:16:43.0287 1052 AVGIDSAgent - ok
11:16:43.0367 1052 [ 6B72E1E329C4E98C6B6FDD2D265E3BA3 ] avgwd C:\Program Files\AVG\AVG2013\avgwdsvc.exe
11:16:43.0367 1052 avgwd - ok
11:16:43.0487 1052 [ 825F81A6F7DD073509DB101F0BA6DC59 ] BBSvc C:\Program Files\Microsoft\BingBar\BBSvc.EXE
11:16:43.0487 1052 BBSvc - ok
11:16:43.0557 1052 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
11:16:43.0557 1052 Beep - ok
11:16:43.0617 1052 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
11:16:43.0617 1052 BFE - ok
11:16:43.0697 1052 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll
11:16:43.0697 1052 BITS - ok
11:16:43.0737 1052 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
11:16:43.0737 1052 blbdrive - ok
11:16:43.0827 1052 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
11:16:43.0827 1052 Bonjour Service - ok
11:16:43.0857 1052 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
11:16:43.0857 1052 bowser - ok
11:16:43.0897 1052 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
11:16:43.0897 1052 BrFiltLo - ok
11:16:43.0917 1052 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
11:16:43.0917 1052 BrFiltUp - ok
11:16:43.0947 1052 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
11:16:43.0947 1052 Browser - ok
11:16:44.0007 1052 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
11:16:44.0007 1052 Brserid - ok
11:16:44.0017 1052 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
11:16:44.0017 1052 BrSerWdm - ok
11:16:44.0027 1052 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
11:16:44.0027 1052 BrUsbMdm - ok
11:16:44.0037 1052 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
11:16:44.0037 1052 BrUsbSer - ok
11:16:44.0067 1052 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
11:16:44.0067 1052 BTHMODEM - ok
11:16:44.0137 1052 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
11:16:44.0137 1052 cdfs - ok
11:16:44.0197 1052 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
11:16:44.0197 1052 cdrom - ok
11:16:44.0257 1052 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
11:16:44.0267 1052 CertPropSvc - ok
11:16:44.0297 1052 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys
11:16:44.0307 1052 circlass - ok
11:16:44.0337 1052 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
11:16:44.0347 1052 CLFS - ok
11:16:44.0407 1052 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:16:44.0407 1052 clr_optimization_v2.0.50727_32 - ok
11:16:44.0487 1052 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:16:44.0547 1052 clr_optimization_v4.0.30319_32 - ok
11:16:44.0597 1052 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
11:16:44.0597 1052 CmBatt - ok
11:16:44.0617 1052 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
11:16:44.0617 1052 cmdide - ok
11:16:44.0637 1052 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
11:16:44.0637 1052 Compbatt - ok
11:16:44.0647 1052 COMSysApp - ok
11:16:44.0717 1052 [ D10D01B2DFCD8D2F32A32ED29E8DA1C2 ] ConfigFree Service C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
11:16:44.0717 1052 ConfigFree Service - ok
11:16:44.0757 1052 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
11:16:44.0757 1052 crcdisk - ok
11:16:44.0787 1052 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
11:16:44.0787 1052 Crusoe - ok
11:16:44.0837 1052 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll
11:16:44.0847 1052 CryptSvc - ok
11:16:44.0887 1052 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
11:16:44.0897 1052 DcomLaunch - ok
11:16:44.0957 1052 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
11:16:44.0957 1052 DfsC - ok
11:16:45.0087 1052 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
11:16:45.0187 1052 DFSR - ok
11:16:45.0267 1052 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
11:16:45.0267 1052 Dhcp - ok
11:16:45.0307 1052 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
11:16:45.0307 1052 disk - ok
11:16:45.0367 1052 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
11:16:45.0367 1052 Dnscache - ok
11:16:45.0407 1052 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
11:16:45.0417 1052 dot3svc - ok
11:16:45.0447 1052 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
11:16:45.0457 1052 DPS - ok
11:16:45.0507 1052 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
11:16:45.0507 1052 drmkaud - ok
11:16:45.0547 1052 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
11:16:45.0557 1052 DXGKrnl - ok
11:16:45.0577 1052 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
11:16:45.0597 1052 E1G60 - ok
11:16:45.0637 1052 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
11:16:45.0637 1052 EapHost - ok
11:16:45.0677 1052 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
11:16:45.0677 1052 Ecache - ok
11:16:45.0737 1052 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
11:16:45.0747 1052 elxstor - ok
11:16:45.0797 1052 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
11:16:45.0807 1052 EMDMgmt - ok
11:16:45.0837 1052 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
11:16:45.0837 1052 ErrDev - ok
11:16:45.0877 1052 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
11:16:45.0877 1052 EventSystem - ok
11:16:45.0947 1052 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
11:16:45.0947 1052 exfat - ok
11:16:45.0977 1052 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
11:16:45.0987 1052 fastfat - ok
11:16:46.0017 1052 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
11:16:46.0017 1052 fdc - ok
11:16:46.0057 1052 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
11:16:46.0057 1052 fdPHost - ok
11:16:46.0077 1052 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
11:16:46.0077 1052 FDResPub - ok
11:16:46.0117 1052 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
11:16:46.0117 1052 FileInfo - ok
11:16:46.0147 1052 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
11:16:46.0147 1052 Filetrace - ok
11:16:46.0177 1052 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
11:16:46.0197 1052 flpydisk - ok
11:16:46.0217 1052 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
11:16:46.0227 1052 FltMgr - ok
11:16:46.0307 1052 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
11:16:46.0317 1052 FontCache - ok
11:16:46.0377 1052 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
11:16:46.0377 1052 FontCache3.0.0.0 - ok
11:16:46.0407 1052 [ 790A4CA68F44BE35967B3DF61F3E4675 ] FsUsbExDisk C:\Windows\system32\FsUsbExDisk.SYS
11:16:46.0407 1052 FsUsbExDisk - ok
11:16:46.0447 1052 [ FA8CA15A7013260D70D493CC9926E16A ] FsUsbExService C:\Windows\system32\FsUsbExService.Exe
11:16:46.0447 1052 FsUsbExService - ok
11:16:46.0477 1052 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
11:16:46.0477 1052 Fs_Rec - ok
11:16:46.0517 1052 [ CBC22823628544735625B280665E434E ] FwLnk C:\Windows\system32\DRIVERS\FwLnk.sys
11:16:46.0517 1052 FwLnk - ok
11:16:46.0547 1052 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
11:16:46.0547 1052 gagp30kx - ok
11:16:46.0627 1052 [ 9DCF7DFE5FDBB0A47F8EE01FE13C2876 ] GameConsoleService C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe
11:16:46.0627 1052 GameConsoleService - ok
11:16:46.0667 1052 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
11:16:46.0667 1052 GEARAspiWDM - ok
11:16:46.0747 1052 [ 9F5F2F0FB0A7F5AA9F16B9A7B6DAD89F ] GoogleDesktopManager-051210-111108 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
11:16:46.0757 1052 GoogleDesktopManager-051210-111108 - ok
11:16:46.0797 1052 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
11:16:46.0807 1052 gpsvc - ok
11:16:46.0857 1052 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
11:16:46.0857 1052 gupdate - ok
11:16:46.0877 1052 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
11:16:46.0877 1052 gupdatem - ok
11:16:46.0967 1052 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
11:16:46.0977 1052 gusvc - ok
11:16:47.0027 1052 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:16:47.0037 1052 HdAudAddService - ok
11:16:47.0077 1052 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
11:16:47.0077 1052 HDAudBus - ok
11:16:47.0097 1052 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
11:16:47.0097 1052 HidBth - ok
11:16:47.0127 1052 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
11:16:47.0137 1052 HidIr - ok
11:16:47.0167 1052 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll
11:16:47.0167 1052 hidserv - ok
11:16:47.0177 1052 [ 854CA287AB7FAF949617A788306D967E ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
11:16:47.0177 1052 HidUsb - ok
11:16:47.0247 1052 [ D61E53E3FEC0C92BC8DD3969FAD63F87 ] HipShieldK C:\Windows\system32\drivers\HipShieldK.sys
11:16:47.0247 1052 HipShieldK - ok
11:16:47.0297 1052 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
11:16:47.0297 1052 hkmsvc - ok
11:16:47.0327 1052 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
11:16:47.0327 1052 HpCISSs - ok
11:16:47.0367 1052 [ 0EEECA26C8D4BDE2A4664DB058A81937 ] HTTP C:\Windows\system32\drivers\HTTP.sys
11:16:47.0377 1052 HTTP - ok
11:16:47.0387 1052 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
11:16:47.0387 1052 i2omp - ok
11:16:47.0427 1052 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
11:16:47.0427 1052 i8042prt - ok
11:16:47.0517 1052 [ CB686F44BF955EA02520710A56874FA4 ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
11:16:47.0517 1052 IAANTMON - ok
11:16:47.0567 1052 [ DB0CC620B27A928D968C1A1E9CD9CB87 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
11:16:47.0567 1052 iaStor - ok
11:16:47.0597 1052 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
11:16:47.0597 1052 iaStorV - ok
11:16:47.0687 1052 [ DAF66902F08796F9C694901660E5A64A ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
11:16:47.0687 1052 IDriverT - ok
11:16:47.0757 1052 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:16:47.0777 1052 idsvc - ok
11:16:47.0857 1052 [ 6FB1858D1F0923D122B0331865695041 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
11:16:47.0927 1052 igfx - ok
11:16:47.0957 1052 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
11:16:47.0967 1052 iirsp - ok
11:16:48.0017 1052 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
11:16:48.0027 1052 IKEEXT - ok
11:16:48.0117 1052 [ B9CBD3DEA7CA02868621173BF7A2AF9F ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
11:16:48.0207 1052 IntcAzAudAddService - ok
11:16:48.0237 1052 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
11:16:48.0237 1052 intelide - ok
11:16:48.0257 1052 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
11:16:48.0257 1052 intelppm - ok
11:16:48.0297 1052 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
11:16:48.0297 1052 IPBusEnum - ok
11:16:48.0317 1052 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:16:48.0317 1052 IpFilterDriver - ok
11:16:48.0357 1052 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
11:16:48.0357 1052 iphlpsvc - ok
11:16:48.0367 1052 IpInIp - ok
11:16:48.0397 1052 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
11:16:48.0397 1052 IPMIDRV - ok
11:16:48.0427 1052 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
11:16:48.0427 1052 IPNAT - ok
11:16:48.0477 1052 [ BC0EA61246F8D940FBC5F652D337D6BD ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
11:16:48.0487 1052 iPod Service - ok
11:16:48.0507 1052 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
11:16:48.0507 1052 IRENUM - ok
11:16:48.0527 1052 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
11:16:48.0527 1052 isapnp - ok
11:16:48.0567 1052 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
11:16:48.0567 1052 iScsiPrt - ok
11:16:48.0587 1052 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
11:16:48.0607 1052 iteatapi - ok
11:16:48.0617 1052 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
11:16:48.0617 1052 iteraid - ok
11:16:48.0637 1052 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
11:16:48.0637 1052 kbdclass - ok
11:16:48.0657 1052 [ 18247836959BA67E3511B62846B9C2E0 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
11:16:48.0657 1052 kbdhid - ok
11:16:48.0687 1052 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
11:16:48.0697 1052 KeyIso - ok
11:16:48.0727 1052 [ E8CA038F51F7761BD6E3A3B0B8014263 ] KR10I C:\Windows\system32\drivers\kr10i.sys
11:16:48.0727 1052 KR10I - ok
11:16:48.0747 1052 [ 6A4ADB9186DD0E114E623DAF57E42B31 ] KR10N C:\Windows\system32\drivers\kr10n.sys
11:16:48.0757 1052 KR10N - ok
11:16:48.0817 1052 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
11:16:48.0827 1052 KSecDD - ok
11:16:48.0887 1052 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
11:16:48.0897 1052 KtmRm - ok
11:16:48.0947 1052 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll
11:16:48.0947 1052 LanmanServer - ok
11:16:48.0977 1052 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:16:48.0987 1052 LanmanWorkstation - ok
11:16:49.0097 1052 [ F25C39B9832C4CF71DB7CD70EB11DAE0 ] LeapFrog Connect Device Service C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
11:16:49.0107 1052 LeapFrog Connect Device Service - ok
11:16:49.0137 1052 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
11:16:49.0137 1052 lltdio - ok
11:16:49.0197 1052 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
11:16:49.0197 1052 lltdsvc - ok
11:16:49.0237 1052 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
11:16:49.0237 1052 lmhosts - ok
11:16:49.0277 1052 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
11:16:49.0277 1052 LSI_FC - ok
11:16:49.0287 1052 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
11:16:49.0297 1052 LSI_SAS - ok
11:16:49.0297 1052 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
11:16:49.0307 1052 LSI_SCSI - ok
11:16:49.0327 1052 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
11:16:49.0327 1052 luafv - ok
11:16:49.0377 1052 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
11:16:49.0377 1052 megasas - ok
11:16:49.0407 1052 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
11:16:49.0407 1052 MegaSR - ok
11:16:49.0447 1052 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
11:16:49.0447 1052 MMCSS - ok
11:16:49.0487 1052 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
11:16:49.0487 1052 Modem - ok
11:16:49.0517 1052 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
11:16:49.0517 1052 monitor - ok
11:16:49.0537 1052 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
11:16:49.0537 1052 mouclass - ok
11:16:49.0567 1052 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
11:16:49.0567 1052 mouhid - ok
11:16:49.0607 1052 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
11:16:49.0607 1052 MountMgr - ok
11:16:49.0617 1052 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
11:16:49.0617 1052 mpio - ok
11:16:49.0637 1052 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
11:16:49.0637 1052 mpsdrv - ok
11:16:49.0677 1052 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
11:16:49.0687 1052 MpsSvc - ok
11:16:49.0737 1052 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
11:16:49.0737 1052 Mraid35x - ok
11:16:49.0767 1052 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
11:16:49.0777 1052 MRxDAV - ok
11:16:49.0837 1052 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
11:16:49.0837 1052 mrxsmb - ok
11:16:49.0887 1052 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:16:49.0897 1052 mrxsmb10 - ok
11:16:49.0907 1052 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:16:49.0907 1052 mrxsmb20 - ok
11:16:49.0947 1052 [ F70590424EEFBF5C27A40C67AFDB8383 ] msahci C:\Windows\system32\drivers\msahci.sys
11:16:49.0947 1052 msahci - ok
11:16:49.0967 1052 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
11:16:49.0967 1052 msdsm - ok
11:16:50.0007 1052 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
11:16:50.0007 1052 MSDTC - ok
11:16:50.0047 1052 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
11:16:50.0047 1052 Msfs - ok
11:16:50.0077 1052 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
11:16:50.0077 1052 msisadrv - ok
11:16:50.0117 1052 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
11:16:50.0127 1052 MSiSCSI - ok
11:16:50.0127 1052 msiserver - ok
11:16:50.0167 1052 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
11:16:50.0177 1052 MSKSSRV - ok
11:16:50.0227 1052 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
11:16:50.0247 1052 MSPCLOCK - ok
11:16:50.0267 1052 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
11:16:50.0267 1052 MSPQM - ok
11:16:50.0297 1052 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
11:16:50.0307 1052 MsRPC - ok
11:16:50.0337 1052 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
11:16:50.0337 1052 mssmbios - ok
11:16:50.0377 1052 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
11:16:50.0377 1052 MSTEE - ok
11:16:50.0417 1052 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
11:16:50.0417 1052 Mup - ok
11:16:50.0447 1052 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
11:16:50.0447 1052 napagent - ok
11:16:50.0487 1052 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
11:16:50.0497 1052 NativeWifiP - ok
11:16:50.0537 1052 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
11:16:50.0537 1052 NDIS - ok
11:16:50.0577 1052 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
11:16:50.0577 1052 NdisTapi - ok
11:16:50.0597 1052 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
11:16:50.0597 1052 Ndisuio - ok
11:16:50.0627 1052 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
11:16:50.0627 1052 NdisWan - ok
11:16:50.0667 1052 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
11:16:50.0667 1052 NDProxy - ok
11:16:50.0777 1052 [ A0101E836D2A39682E134C47B1565256 ] Nero BackItUp Scheduler 3 C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
11:16:50.0787 1052 Nero BackItUp Scheduler 3 - ok
11:16:50.0817 1052 [ 7AFD0E39AB15CB355487B7CC19F4E2C5 ] Netaapl C:\Windows\system32\DRIVERS\netaapl.sys
11:16:50.0827 1052 Netaapl - ok
11:16:50.0857 1052 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
11:16:50.0857 1052 NetBIOS - ok
11:16:50.0897 1052 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
11:16:50.0907 1052 netbt - ok
11:16:50.0927 1052 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
11:16:50.0927 1052 Netlogon - ok
11:16:50.0967 1052 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
11:16:50.0977 1052 Netman - ok
11:16:50.0997 1052 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
11:16:51.0007 1052 netprofm - ok
11:16:51.0047 1052 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:16:51.0047 1052 NetTcpPortSharing - ok
11:16:51.0087 1052 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
11:16:51.0087 1052 nfrd960 - ok
11:16:51.0117 1052 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
11:16:51.0127 1052 NlaSvc - ok
11:16:51.0207 1052 [ 6EF0506CE1F553E9BD085645933C8686 ] NMIndexingService C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
11:16:51.0207 1052 NMIndexingService - ok
11:16:51.0247 1052 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
11:16:51.0247 1052 Npfs - ok
11:16:51.0287 1052 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
11:16:51.0287 1052 nsi - ok
11:16:51.0317 1052 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
11:16:51.0317 1052 nsiproxy - ok
11:16:51.0387 1052 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
11:16:51.0407 1052 Ntfs - ok
11:16:51.0437 1052 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
11:16:51.0437 1052 ntrigdigi - ok
11:16:51.0457 1052 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
11:16:51.0457 1052 Null - ok
11:16:51.0467 1052 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
11:16:51.0467 1052 nvraid - ok
11:16:51.0487 1052 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
11:16:51.0487 1052 nvstor - ok
11:16:51.0497 1052 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
11:16:51.0507 1052 nv_agp - ok
11:16:51.0507 1052 NwlnkFlt - ok
11:16:51.0527 1052 NwlnkFwd - ok
11:16:51.0637 1052 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
11:16:51.0647 1052 odserv - ok
11:16:51.0677 1052 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
11:16:51.0677 1052 ohci1394 - ok
11:16:51.0707 1052 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:16:51.0717 1052 ose - ok
11:16:51.0757 1052 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
11:16:51.0777 1052 p2pimsvc - ok
11:16:51.0787 1052 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
11:16:51.0797 1052 p2psvc - ok
11:16:51.0837 1052 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
11:16:51.0837 1052 Parport - ok
11:16:51.0887 1052 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
11:16:51.0887 1052 partmgr - ok
11:16:51.0907 1052 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
11:16:51.0907 1052 Parvdm - ok
11:16:51.0937 1052 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
11:16:51.0937 1052 PcaSvc - ok
11:16:51.0957 1052 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
11:16:51.0967 1052 pci - ok
11:16:51.0997 1052 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\DRIVERS\pciide.sys
11:16:51.0997 1052 pciide - ok
11:16:52.0007 1052 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
11:16:52.0007 1052 pcmcia - ok
11:16:52.0067 1052 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
11:16:52.0087 1052 PEAUTH - ok
11:16:52.0177 1052 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
11:16:52.0197 1052 pla - ok
11:16:52.0267 1052 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
11:16:52.0277 1052 PlugPlay - ok
11:16:52.0307 1052 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
11:16:52.0307 1052 PNRPAutoReg - ok
11:16:52.0327 1052 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
11:16:52.0337 1052 PNRPsvc - ok
11:16:52.0377 1052 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
11:16:52.0387 1052 PolicyAgent - ok
11:16:52.0427 1052 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
11:16:52.0427 1052 PptpMiniport - ok
11:16:52.0447 1052 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys
11:16:52.0447 1052 Processor - ok
11:16:52.0497 1052 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
11:16:52.0507 1052 ProfSvc - ok
11:16:52.0517 1052 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
11:16:52.0517 1052 ProtectedStorage - ok
11:16:52.0547 1052 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
11:16:52.0547 1052 PSched - ok
11:16:52.0597 1052 [ 49452BFCEC22F36A7A9B9C2181BC3042 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
11:16:52.0597 1052 PxHelp20 - ok
11:16:52.0647 1052 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
11:16:52.0667 1052 ql2300 - ok
11:16:52.0687 1052 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
11:16:52.0687 1052 ql40xx - ok
11:16:52.0727 1052 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
11:16:52.0737 1052 QWAVE - ok
11:16:52.0757 1052 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
11:16:52.0757 1052 QWAVEdrv - ok
11:16:52.0787 1052 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
11:16:52.0787 1052 RasAcd - ok
11:16:52.0827 1052 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
11:16:52.0837 1052 RasAuto - ok
11:16:52.0877 1052 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
11:16:52.0877 1052 Rasl2tp - ok
11:16:52.0907 1052 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
11:16:52.0917 1052 RasMan - ok
11:16:52.0947 1052 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
11:16:52.0947 1052 RasPppoe - ok
11:16:52.0977 1052 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
11:16:52.0977 1052 RasSstp - ok
11:16:53.0017 1052 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
11:16:53.0027 1052 rdbss - ok
11:16:53.0047 1052 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
11:16:53.0047 1052 RDPCDD - ok
11:16:53.0077 1052 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
11:16:53.0087 1052 rdpdr - ok
11:16:53.0097 1052 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
11:16:53.0097 1052 RDPENCDD - ok
11:16:53.0127 1052 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
11:16:53.0137 1052 RDPWD - ok
11:16:53.0197 1052 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
11:16:53.0207 1052 RemoteAccess - ok
11:16:53.0237 1052 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
11:16:53.0237 1052 RemoteRegistry - ok
11:16:53.0267 1052 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
11:16:53.0267 1052 RpcLocator - ok
11:16:53.0287 1052 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
11:16:53.0297 1052 RpcSs - ok
11:16:53.0327 1052 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
11:16:53.0337 1052 rspndr - ok
11:16:53.0367 1052 [ 7157E70A90CCE49DEB8885D23A073A39 ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys
11:16:53.0367 1052 RTL8169 - ok
11:16:53.0417 1052 [ B71D269B9AB5417963E986126C12B9FC ] RTL8187B C:\Windows\system32\DRIVERS\RTL8187B.sys
11:16:53.0417 1052 RTL8187B - ok
11:16:53.0477 1052 [ 0D60B8C10A2C5E8DD620B3FDEB1CDA64 ] RtlProt C:\Windows\system32\DRIVERS\rtlprot.sys
11:16:53.0477 1052 RtlProt - ok
11:16:53.0537 1052 [ F5825E41286556DDB8CC83A91D88F3C6 ] RTSTOR C:\Windows\system32\drivers\RTSTOR.SYS
11:16:53.0537 1052 RTSTOR - ok
11:16:53.0567 1052 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
11:16:53.0567 1052 SamSs - ok
11:16:53.0617 1052 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
11:16:53.0617 1052 sbp2port - ok
11:16:53.0657 1052 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
11:16:53.0657 1052 SCardSvr - ok
11:16:53.0697 1052 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
11:16:53.0707 1052 Schedule - ok
11:16:53.0727 1052 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
11:16:53.0727 1052 SCPolicySvc - ok
11:16:53.0777 1052 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
11:16:53.0777 1052 SDRSVC - ok
11:16:53.0867 1052 [ CC781378E7EDA615D2CDCA3B17829FA4 ] SeaPort C:\Program Files\Microsoft\BingBar\SeaPort.EXE
11:16:53.0867 1052 SeaPort - ok
11:16:53.0897 1052 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
11:16:53.0897 1052 secdrv - ok
11:16:53.0927 1052 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
11:16:53.0927 1052 seclogon - ok
11:16:53.0947 1052 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
11:16:53.0947 1052 SENS - ok
11:16:53.0977 1052 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
11:16:53.0977 1052 Serenum - ok
11:16:54.0017 1052 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
11:16:54.0017 1052 Serial - ok
11:16:54.0047 1052 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
11:16:54.0047 1052 sermouse - ok
11:16:54.0097 1052 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
11:16:54.0097 1052 SessionEnv - ok
11:16:54.0137 1052 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
11:16:54.0137 1052 sffdisk - ok
11:16:54.0147 1052 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
11:16:54.0147 1052 sffp_mmc - ok
11:16:54.0157 1052 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
11:16:54.0157 1052 sffp_sd - ok
11:16:54.0187 1052 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
11:16:54.0187 1052 sfloppy - ok
11:16:54.0227 1052 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
11:16:54.0227 1052 SharedAccess - ok
11:16:54.0267 1052 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:16:54.0277 1052 ShellHWDetection - ok
11:16:54.0307 1052 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
11:16:54.0307 1052 sisagp - ok
11:16:54.0337 1052 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
11:16:54.0337 1052 SiSRaid2 - ok
11:16:54.0387 1052 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
11:16:54.0387 1052 SiSRaid4 - ok
11:16:54.0487 1052 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
11:16:54.0557 1052 slsvc - ok
11:16:54.0587 1052 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
11:16:54.0597 1052 SLUINotify - ok
11:16:54.0627 1052 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
11:16:54.0627 1052 Smb - ok
11:16:54.0667 1052 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
11:16:54.0667 1052 SNMPTRAP - ok
11:16:54.0697 1052 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
11:16:54.0697 1052 spldr - ok
11:16:54.0737 1052 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
11:16:54.0737 1052 Spooler - ok
11:16:54.0787 1052 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
11:16:54.0797 1052 srv - ok
11:16:54.0847 1052 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
11:16:54.0847 1052 srv2 - ok
11:16:54.0867 1052 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
11:16:54.0867 1052 srvnet - ok
11:16:54.0907 1052 [ B2063CE662AF3AB20045121A5B716DF6 ] sscebus C:\Windows\system32\DRIVERS\sscebus.sys
11:16:54.0907 1052 sscebus - ok
11:16:54.0947 1052 [ 66799DC0AFE3DCAF8368CAE17394A762 ] sscemdfl C:\Windows\system32\DRIVERS\sscemdfl.sys
11:16:54.0957 1052 sscemdfl - ok
11:16:54.0967 1052 [ CBF03FFC08F8DB547BAB2F79AA663D16 ] sscemdm C:\Windows\system32\DRIVERS\sscemdm.sys
11:16:54.0997 1052 sscemdm - ok
11:16:55.0027 1052 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
11:16:55.0037 1052 SSDPSRV - ok
11:16:55.0047 1052 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
11:16:55.0057 1052 SstpSvc - ok
11:16:55.0097 1052 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
11:16:55.0097 1052 stisvc - ok
11:16:55.0127 1052 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
11:16:55.0137 1052 swenum - ok
11:16:55.0177 1052 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
11:16:55.0187 1052 swprv - ok
11:16:55.0237 1052 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
11:16:55.0237 1052 Symc8xx - ok
11:16:55.0247 1052 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
11:16:55.0247 1052 Sym_hi - ok
11:16:55.0267 1052 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
11:16:55.0267 1052 Sym_u3 - ok
11:16:55.0307 1052 [ 55F6E55CC2430CA8713387106FA79817 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
11:16:55.0307 1052 SynTP - ok
11:16:55.0357 1052 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
11:16:55.0367 1052 SysMain - ok
11:16:55.0387 1052 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:16:55.0387 1052 TabletInputService - ok
11:16:55.0437 1052 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
11:16:55.0437 1052 TapiSrv - ok
11:16:55.0457 1052 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
11:16:55.0457 1052 TBS - ok
11:16:55.0517 1052 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
11:16:55.0527 1052 Tcpip - ok
11:16:55.0547 1052 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
11:16:55.0547 1052 Tcpip6 - ok
11:16:55.0577 1052 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
11:16:55.0587 1052 tcpipreg - ok
11:16:55.0627 1052 [ 6FDFBA25002CE4BAC463AC866AE71405 ] tdcmdpst C:\Windows\system32\DRIVERS\tdcmdpst.sys
11:16:55.0627 1052 tdcmdpst - ok
11:16:55.0657 1052 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
11:16:55.0657 1052 TDPIPE - ok
11:16:55.0667 1052 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
11:16:55.0667 1052 TDTCP - ok
11:16:55.0697 1052 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
11:16:55.0697 1052 tdx - ok
11:16:55.0717 1052 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
11:16:55.0717 1052 TermDD - ok
11:16:55.0757 1052 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
11:16:55.0767 1052 TermService - ok
11:16:55.0797 1052 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
11:16:55.0797 1052 Themes - ok
11:16:55.0817 1052 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
11:16:55.0817 1052 THREADORDER - ok
11:16:55.0867 1052 [ E09CAAFB2B323A6FF120CEFB96DA0A44 ] TMachInfo C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
11:16:55.0867 1052 TMachInfo - ok
11:16:55.0937 1052 [ 89F74C86523F5E334628DBCE66E6D165 ] TNaviSrv C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
11:16:55.0937 1052 TNaviSrv - ok
11:16:55.0997 1052 [ C5AC715B65B01788ABC22D10749DDDD8 ] TODDSrv C:\Windows\system32\TODDSrv.exe
11:16:55.0997 1052 TODDSrv - ok
11:16:56.0047 1052 [ 44DBAC611B11646683B5B066A049B8E4 ] TosCoSrv C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
11:16:56.0057 1052 TosCoSrv - ok
11:16:56.0087 1052 [ 22690DFFC7F2A18279A7A0489AA02BAC ] TOSHIBA SMART Log Service C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
11:16:56.0097 1052 TOSHIBA SMART Log Service - ok
11:16:56.0127 1052 [ 4399A9BF7D8F49991A07FD86590A1619 ] tos_sps32 C:\Windows\system32\DRIVERS\tos_sps32.sys
11:16:56.0127 1052 tos_sps32 - ok
11:16:56.0187 1052 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
11:16:56.0187 1052 TrkWks - ok
11:16:56.0257 1052 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:16:56.0257 1052 TrustedInstaller - ok
11:16:56.0297 1052 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
11:16:56.0297 1052 tssecsrv - ok
11:16:56.0317 1052 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
11:16:56.0317 1052 tunmp - ok
11:16:56.0357 1052 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
11:16:56.0357 1052 tunnel - ok
11:16:56.0387 1052 [ 792A8B80F8188ABA4B2BE271583F3E46 ] TVALZ C:\Windows\system32\DRIVERS\TVALZ_O.SYS
11:16:56.0387 1052 TVALZ - ok
11:16:56.0427 1052 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
11:16:56.0427 1052 uagp35 - ok
11:16:56.0467 1052 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
11:16:56.0477 1052 udfs - ok
11:16:56.0517 1052 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
11:16:56.0517 1052 UI0Detect - ok
11:16:56.0607 1052 [ 332D341D92B933600D41953B08360DFB ] UleadBurningHelper C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
11:16:56.0627 1052 UleadBurningHelper - ok
11:16:56.0657 1052 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
11:16:56.0657 1052 uliagpkx - ok
11:16:56.0667 1052 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
11:16:56.0667 1052 uliahci - ok
11:16:56.0677 1052 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
11:16:56.0677 1052 UlSata - ok
11:16:56.0687 1052 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
11:16:56.0697 1052 ulsata2 - ok
11:16:56.0727 1052 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
11:16:56.0727 1052 umbus - ok
11:16:56.0767 1052 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
11:16:56.0767 1052 upnphost - ok
11:16:56.0827 1052 [ 73B41F4EAD65F355962168D766AF0F2E ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
11:16:56.0827 1052 USBAAPL - ok
11:16:56.0867 1052 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
11:16:56.0867 1052 usbccgp - ok
11:16:56.0897 1052 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
11:16:56.0907 1052 usbcir - ok
11:16:56.0947 1052 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
11:16:56.0947 1052 usbehci - ok
11:16:56.0967 1052 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
11:16:56.0967 1052 usbhub - ok
11:16:57.0007 1052 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
11:16:57.0007 1052 usbohci - ok
11:16:57.0017 1052 [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint C:\Windows\system32\drivers\usbprint.sys
11:16:57.0017 1052 usbprint - ok
11:16:57.0067 1052 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:16:57.0067 1052 USBSTOR - ok
11:16:57.0117 1052 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
11:16:57.0117 1052 usbuhci - ok
11:16:57.0177 1052 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
11:16:57.0177 1052 usbvideo - ok
11:16:57.0217 1052 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
11:16:57.0227 1052 UxSms - ok
11:16:57.0247 1052 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
11:16:57.0267 1052 vds - ok
11:16:57.0307 1052 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
11:16:57.0307 1052 vga - ok
11:16:57.0327 1052 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
11:16:57.0327 1052 VgaSave - ok
11:16:57.0337 1052 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
11:16:57.0337 1052 viaagp - ok
11:16:57.0347 1052 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
11:16:57.0347 1052 ViaC7 - ok
11:16:57.0357 1052 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
11:16:57.0357 1052 viaide - ok
11:16:57.0377 1052 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
11:16:57.0377 1052 volmgr - ok
11:16:57.0427 1052 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
11:16:57.0437 1052 volmgrx - ok
11:16:57.0477 1052 [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys
11:16:57.0477 1052 volsnap - ok
11:16:57.0507 1052 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
11:16:57.0517 1052 vsmraid - ok
11:16:57.0577 1052 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
11:16:57.0587 1052 VSS - ok
11:16:57.0617 1052 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
11:16:57.0617 1052 W32Time - ok
11:16:57.0647 1052 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
11:16:57.0647 1052 WacomPen - ok
11:16:57.0677 1052 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
11:16:57.0677 1052 Wanarp - ok
11:16:57.0687 1052 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
11:16:57.0687 1052 Wanarpv6 - ok
11:16:57.0737 1052 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
11:16:57.0747 1052 wcncsvc - ok
11:16:57.0787 1052 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:16:57.0787 1052 WcsPlugInService - ok
11:16:57.0827 1052 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
11:16:57.0827 1052 Wd - ok
11:16:57.0897 1052 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
11:16:57.0937 1052 Wdf01000 - ok
11:16:57.0967 1052 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
11:16:57.0977 1052 WdiServiceHost - ok
11:16:57.0977 1052 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
11:16:57.0987 1052 WdiSystemHost - ok
11:16:58.0027 1052 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
11:16:58.0027 1052 WebClient - ok
11:16:58.0077 1052 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
11:16:58.0077 1052 Wecsvc - ok
11:16:58.0107 1052 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
11:16:58.0107 1052 wercplsupport - ok
11:16:58.0147 1052 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
11:16:58.0157 1052 WerSvc - ok
11:16:58.0217 1052 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
11:16:58.0217 1052 WinDefend - ok
11:16:58.0227 1052 WinHttpAutoProxySvc - ok
11:16:58.0307 1052 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
11:16:58.0307 1052 Winmgmt - ok
11:16:58.0397 1052 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
11:16:58.0407 1052 WinRM - ok
11:16:58.0467 1052 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
11:16:58.0477 1052 Wlansvc - ok
11:16:58.0557 1052 [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:16:58.0587 1052 wlidsvc - ok
11:16:58.0617 1052 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
11:16:58.0627 1052 WmiAcpi - ok
11:16:58.0677 1052 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
11:16:58.0677 1052 wmiApSrv - ok
11:16:58.0747 1052 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
11:16:58.0757 1052 WMPNetworkSvc - ok
11:16:58.0787 1052 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
11:16:58.0787 1052 WPCSvc - ok
11:16:58.0817 1052 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
11:16:58.0827 1052 WPDBusEnum - ok
11:16:58.0867 1052 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
11:16:58.0867 1052 WpdUsb - ok
11:16:58.0957 1052 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
11:16:58.0967 1052 WPFFontCache_v0400 - ok
11:16:58.0997 1052 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
11:16:58.0997 1052 ws2ifsl - ok
11:16:59.0047 1052 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\System32\wscsvc.dll
11:16:59.0047 1052 wscsvc - ok
11:16:59.0057 1052 WSearch - ok
11:16:59.0137 1052 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
11:16:59.0167 1052 wuauserv - ok
11:16:59.0207 1052 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
11:16:59.0207 1052 WUDFRd - ok
11:16:59.0247 1052 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll
11:16:59.0247 1052 wudfsvc - ok
11:16:59.0307 1052 ================ Scan global ===============================
11:16:59.0337 1052 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
11:16:59.0397 1052 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
11:16:59.0407 1052 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
11:16:59.0437 1052 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
11:16:59.0447 1052 [Global] - ok
11:16:59.0457 1052 ================ Scan MBR ==================================
11:16:59.0467 1052 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
11:16:59.0797 1052 \Device\Harddisk0\DR0 - ok
11:16:59.0797 1052 ================ Scan VBR ==================================
11:16:59.0807 1052 [ F5EEC3635539F7FF272D62BC64F0C909 ] \Device\Harddisk0\DR0\Partition1
11:16:59.0807 1052 \Device\Harddisk0\DR0\Partition1 - ok
11:16:59.0807 1052 ============================================================
11:16:59.0807 1052 Scan finished
11:16:59.0807 1052 ============================================================
11:16:59.0827 1984 Detected object count: 0
11:16:59.0827 1984 Actual detected object count: 0
11:17:39.0357 1908 Deinitialize success

#12 TheShooter93

TheShooter93

    Cody


  • Malware Response Team
  • 4,792 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Orlando, Florida
  • Local time:07:13 PM

Posted 12 December 2012 - 04:01 PM

Hello steve1147,

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

CCNA R&SCCNA Security | Network+  |  B.S. - Information Technology | Cyber Security Engineer

If I am helping you and have not replied within 48 hours, please send me a private message.

 

 


#13 steve1147

steve1147
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:06:13 PM

Posted 13 December 2012 - 08:25 AM

MiniToolBox by Farbar Version: 25-11-2012
Ran by Jeremy (administrator) on 13-12-2012 at 07:21:16
Running from "C:\Users\Jeremy\Desktop"
Windows Vista ™ Home Basic Service Pack 2 (X86)
Boot Mode: Network
***************************************************************************

========================= Event log errors: ===============================

Application errors:
==================
Error: (12/12/2012 09:59:46 AM) (Source: LoadPerf) (User: )
Description: WmiApRplWmiApRpl8

Error: (12/12/2012 09:59:46 AM) (Source: LoadPerf) (User: )
Description: Performance16

Error: (12/11/2012 09:23:42 AM) (Source: LoadPerf) (User: )
Description: WmiApRplWmiApRpl8

Error: (12/11/2012 09:23:42 AM) (Source: LoadPerf) (User: )
Description: Performance16

Error: (12/10/2012 07:25:35 AM) (Source: LoadPerf) (User: )
Description: WmiApRplWmiApRpl8

Error: (12/10/2012 07:25:35 AM) (Source: LoadPerf) (User: )
Description: Performance16

Error: (12/10/2012 07:22:26 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/10/2012 07:21:38 AM) (Source: EventSystem) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (12/10/2012 07:17:01 AM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 -- Error 1704.An installation for AVG 2013 is currently suspended. You must undo the changes made by that installation to continue. Do you want to undo those changes?

Error: (12/10/2012 07:14:42 AM) (Source: LoadPerf) (User: )
Description: WmiApRplWmiApRpl8


System errors:
=============
Error: (12/12/2012 11:07:39 AM) (Source: DCOM) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (12/12/2012 11:07:24 AM) (Source: DCOM) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (12/12/2012 07:22:08 AM) (Source: DCOM) (User: )
Description: 1084ShellHWDetection{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (12/11/2012 07:21:49 AM) (Source: DCOM) (User: )
Description: 1084ShellHWDetection{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (12/10/2012 07:22:26 AM) (Source: Service Control Manager) (User: )
Description: spldr
Wanarpv6

Error: (12/10/2012 07:22:26 AM) (Source: Service Control Manager) (User: )
Description: AVGIDSAgentAVGIDSDriver

Error: (12/10/2012 07:22:26 AM) (Source: Service Control Manager) (User: )
Description: Computer BrowserServer%%1068

Error: (12/10/2012 07:21:40 AM) (Source: DCOM) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (12/10/2012 07:21:40 AM) (Source: DCOM) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (12/10/2012 07:21:38 AM) (Source: DCOM) (User: )
Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF}


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
Date: 2012-12-07 07:23:35.853
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\AVG\AVG2013\Drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-12-07 07:23:35.540
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\AVG\AVG2013\Drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-12-07 07:23:35.228
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\AVG\AVG2013\Drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-12-07 07:23:34.916
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\AVG\AVG2013\Drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-12-07 07:23:31.279
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\AVG\AVG2013\Drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-12-07 07:23:30.952
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\AVG\AVG2013\Drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-12-07 07:23:30.608
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\AVG\AVG2013\Drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-12-07 07:23:30.250
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\AVG\AVG2013\Drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-12-03 06:34:09.367
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-12-03 06:34:09.101
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
Acrobat.com (Version: 0.0.0)
Acrobat.com (Version: 1.1.377)
Adobe AIR (Version: 1.0.4990)
Adobe AIR (Version: 1.0.8.4990)
Adobe Flash Player 10 Plugin (Version: 10.0.45.2)
Adobe Flash Player 11 ActiveX (Version: 11.1.102.63)
Adobe Reader X (10.1.2) (Version: 10.1.2)
Amazon Links (Version: 1.0)
Apple Application Support (Version: 2.2.2)
Apple Mobile Device Support (Version: 6.0.0.59)
Apple Software Update (Version: 2.1.3.127)
Bing Bar (Version: 7.0.609.0)
Bonjour (Version: 3.0.0.10)
Bowl Bound College Football Demo
CD/DVD Drive Acoustic Silencer (Version: 2.02.03)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
DVD MovieFactory for TOSHIBA (Version: 5.51)
DVD Shrink 3.2
eFax Messenger (Version: 4.4.0.514)
Google Chrome (Version: 23.0.1271.95)
Google Desktop (Version: 5.9.1005.12335)
Google Update Helper (Version: 1.3.21.123)
iCloud (Version: 2.0.2.187)
Intel® Graphics Media Accelerator Driver
Intel® Matrix Storage Manager
iTunes (Version: 10.7.0.21)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 31 (Version: 6.0.310)
Java™ 6 Update 6 (Version: 1.6.0.60)
LeapFrog Connect (Version: 2.4.22.9825)
LeapFrog My Pals Plugin (Version: 2.4.22.9825)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Suite Activation Assistant (Version: 2.9)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft UI Engine (Version: 4.0.0318.1)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Works (Version: 9.7.0621)
Microsoft XML Parser (Version: 8.20.8730.4)
MobileMe Control Panel (Version: 3.1.8.0)
Mozilla Firefox (3.6.3) (Version: 3.6.3 (en-US))
MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Nero 8 (Version: 8.0.182)
Picasa 3 (Version: 3.8)
QuickBooks Financial Center (Version: 1.10.0000)
QuickTime (Version: 7.72.80.56)
Realtek 8169 8168 8101E 8102E Ethernet Driver (Version: 1.00.0000)
Realtek High Definition Audio Driver (Version: 6.0.1.5599)
REALTEK RTL8187B Wireless LAN Driver (Version: Package:1.00.0026 Driver:6.1116.1226.2007)
Realtek USB 2.0 Card Reader (Version: 6.0.6000.20130)
Realtek WiFi Protected Setup Library (Version: 1.00.0026)
Safari (Version: 5.34.57.2)
Samsung New PC Studio (Version: 1.00.0000)
SAMSUNG USB Driver for Mobile Phones (Version: 1.2.912.17215)
Shared C Run-time for x86 (Version: 10.0.0)
Synaptics Pointing Device Driver (Version: 10.1.8.0)
TOSHIBA Assist (Version: 2.01.08)
TOSHIBA ConfigFree (Version: 7.2.20)
TOSHIBA Desktop Links (Version: 1.7)
TOSHIBA Disc Creator (Version: 2.0.1.3)
TOSHIBA DVD PLAYER (Version: 1.31.14)
TOSHIBA Extended Tiles for Windows Mobility Center (Version: 1.01.00)
TOSHIBA Hardware Setup (Version: 2.00.08)
TOSHIBA Recovery Disc Creator (Version: 2.0.0.2)
Toshiba Registration (Version: 1.00.0000)
TOSHIBA Service Station (Version: 1.1.14)
TOSHIBA Speech System Applications
TOSHIBA Speech System SR Engine(U.S.) Version1.0
TOSHIBA Speech System TTS Engine(U.S.) Version1.0
TOSHIBA Supervisor Password (Version: 2.00.04)
TOSHIBA Value Added Package (Version: 1.1.24)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Use the entry named LeapFrog Connect to uninstall (LeapFrog My Pals Plugin)
WildTangent Games (Version: 1.0.0.62)
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012) (Version: 09/10/2009 02.03.05.012)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows Media Encoder 9 Series
Windows Media Encoder 9 Series (Version: 9.00.3374)

========================= Devices: ================================

Name: 6TO4 Adapter
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: 6TO4 Adapter
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: isatap.{9B95B749-3394-4154-8B1E-763DEF37DF25}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel

Name: isatap.domain_not_set.invalid
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel

Name: isatap.{49F463BA-7EBE-49F3-9820-B700CA74010B}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: isatap.{49F463BA-7EBE-49F3-9820-B700CA74010B}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: isatap.{49F463BA-7EBE-49F3-9820-B700CA74010B}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: isatap.{49F463BA-7EBE-49F3-9820-B700CA74010B}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel

Name: isatap.att.net
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel

Name: isatap.att.net
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Tun Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunmp

Name: ACPI x86-based PC
Description: ACPI x86-based PC
Class Guid: {4d36e966-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard computers)
Service: \Driver\ACPI_HAL

Name: Microsoft ACPI-Compliant System
Description: Microsoft ACPI-Compliant System
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: ACPI

Name: TOSHIBA x86 ACPI-Compliant Value Added Logical and General Purpose Device
Description: TOSHIBA x86 ACPI-Compliant Value Added Logical and General Purpose Device
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: TOSHIBA
Service: TVALZ

Name: TOSHIBA Firmware Linkage Driver
Description: TOSHIBA Firmware Linkage Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: TOSHIBA
Service: FwLnk

Name: Intel® Celeron® CPU 900 @ 2.20GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm

Name: ACPI Fan
Description: ACPI Fan
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: ACPI Thermal Zone
Description: ACPI Thermal Zone
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: ACPI Power Button
Description: ACPI Power Button
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: ACPI Lid
Description: ACPI Lid
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Microsoft AC Adapter
Description: Microsoft AC Adapter
Class Guid: {72631e54-78a4-11d0-bcf7-00aa00b7b32a}
Manufacturer: Microsoft
Service: CmBatt

Name: Microsoft ACPI-Compliant Control Method Battery
Description: Microsoft ACPI-Compliant Control Method Battery
Class Guid: {72631e54-78a4-11d0-bcf7-00aa00b7b32a}
Manufacturer: Microsoft
Service: CmBatt

Name: PCI bus
Description: PCI bus
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: pci

Name: Mobile Intel® 45 Express Chipset Series Processor to DRAM Controller - 2A40
Description: Mobile Intel® 45 Express Chipset Series Processor to DRAM Controller - 2A40
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service:

Name: Mobile Intel® 4 Series Express Chipset Family
Description: Mobile Intel® 4 Series Express Chipset Family
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: igfx

Name: Mobile Intel® 4 Series Express Chipset Family
Description: Mobile Intel® 4 Series Express Chipset Family
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: igfx

Name: Intel® ICH9 Family USB Universal Host Controller - 2937
Description: Intel® ICH9 Family USB Universal Host Controller - 2937
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbuhci

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Intel® ICH9 Family USB Universal Host Controller - 2938
Description: Intel® ICH9 Family USB Universal Host Controller - 2938
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbuhci

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Intel® ICH9 Family USB2 Enhanced Host Controller - 293C
Description: Intel® ICH9 Family USB2 Enhanced Host Controller - 293C
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbehci

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: High Definition Audio Controller
Description: High Definition Audio Controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: HDAudBus

Name: Realtek High Definition Audio
Description: Realtek High Definition Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: IntcAzAudAddService

Name: Intel® ICH9 Family PCI Express Root Port 1 - 2940
Description: Intel® ICH9 Family PCI Express Root Port 1 - 2940
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci

Name: Realtek RTL8102E Family PCI-E Fast Ethernet NIC (NDIS 6.0)
Description: Realtek RTL8102E Family PCI-E Fast Ethernet NIC (NDIS 6.0)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8169

Name: Intel® ICH9 Family PCI Express Root Port 5 - 2948
Description: Intel® ICH9 Family PCI Express Root Port 5 - 2948
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci

Name: Intel® ICH9 Family USB Universal Host Controller - 2934
Description: Intel® ICH9 Family USB Universal Host Controller - 2934
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbuhci

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Intel® ICH9 Family USB Universal Host Controller - 2935
Description: Intel® ICH9 Family USB Universal Host Controller - 2935
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbuhci

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Intel® ICH9 Family USB Universal Host Controller - 2936
Description: Intel® ICH9 Family USB Universal Host Controller - 2936
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbuhci

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Intel® ICH9 Family USB Universal Host Controller - 2939
Description: Intel® ICH9 Family USB Universal Host Controller - 2939
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbuhci

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Intel® ICH9 Family USB2 Enhanced Host Controller - 293A
Description: Intel® ICH9 Family USB2 Enhanced Host Controller - 293A
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbehci

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter
Description: Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek Semiconductor Corp.
Service: RTL8187B

Name: Intel® 82801 PCI Bridge - 2448
Description: Intel® 82801 PCI Bridge - 2448
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci

Name: Intel® ICH9M LPC Interface Controller - 2919
Description: Intel® ICH9M LPC Interface Controller - 2919
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: msisadrv

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Direct memory access controller
Description: Direct memory access controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: System CMOS/real time clock
Description: System CMOS/real time clock
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: High precision event timer
Description: High precision event timer
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Programmable interrupt controller
Description: Programmable interrupt controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Numeric data processor
Description: Numeric data processor
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: System timer
Description: System timer
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Standard PS/2 Keyboard
Description: Standard PS/2 Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: i8042prt

Name: Synaptics PS/2 Port TouchPad
Description: Synaptics PS/2 Port TouchPad
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Synaptics
Service: i8042prt

Name: Microsoft ACPI-Compliant Embedded Controller
Description: Microsoft ACPI-Compliant Embedded Controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Intel® ICH9M-E/M SATA AHCI Controller
Description: Intel® ICH9M-E/M SATA AHCI Controller
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: iaStor

Name: TOSHIBA MK2555GSX
Description: Disk drive
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard disk drives)
Service: disk

Name: MATbleepA DVD-RAM UJ880AS
Description: CD-ROM Drive
Class Guid: {4d36e965-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard CD-ROM drives)
Service: cdrom

Name: Intel® ICH9 Family SMBus Controller - 2930
Description: Intel® ICH9 Family SMBus Controller - 2930
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service:

Name: ACPI Fixed Feature Button
Description: ACPI Fixed Feature Button
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Microsoft Composite Battery
Description: Microsoft Composite Battery
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: Compbatt

Name: Microsoft iSCSI Initiator
Description: Microsoft iSCSI Initiator
Class Guid: {4d36e97b-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: iScsiPrt

Name: Ancilliary Function Driver for Winsock
Description: Ancilliary Function Driver for Winsock
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AFD

Name: IDE Channel
Description: IDE Channel
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: atapi

Name: Beep
Description: Beep
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Beep

Name: Common Log (CLFS)
Description: Common Log (CLFS)
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: CLFS

Name: Crcdisk Filter Driver
Description: Crcdisk Filter Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: crcdisk

Name: LDDM Graphics Subsystem
Description: LDDM Graphics Subsystem
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: DXGKrnl

Name: HTTP
Description: HTTP
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: HTTP

Name: IP Traffic Filter Driver
Description: IP Traffic Filter Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: IpFilterDriver

Name: IP Network Address Translator
Description: IP Network Address Translator
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: IPNAT

Name: KSecDD
Description: KSecDD
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: KSecDD

Name: Link-Layer Topology Discovery Mapper I/O Driver
Description: Link-Layer Topology Discovery Mapper I/O Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: lltdio

Name: Mount Point Manager
Description: Mount Point Manager
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: MountMgr

Name: Windows Firewall Authorization Driver
Description: Windows Firewall Authorization Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mpsdrv

Name: ISA/EISA Class Driver
Description: ISA/EISA Class Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: msisadrv

Name: NativeWiFi Filter
Description: NativeWiFi Filter
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NativeWifiP

Name: NDIS System Driver
Description: NDIS System Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NDIS

Name: NDIS Usermode I/O Protocol
Description: NDIS Usermode I/O Protocol
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Ndisuio

Name: NDProxy
Description: NDProxy
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NDProxy

Name: NETBT
Description: NETBT
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: netbt

Name: NSI proxy service
Description: NSI proxy service
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: nsiproxy

Name: Null
Description: Null
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Null

Name: PEAUTH
Description: PEAUTH
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: PEAUTH

Name: QoS Packet Scheduler
Description: QoS Packet Scheduler
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: PSched

Name: Remote Access Auto Connection Driver
Description: Remote Access Auto Connection Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: RasAcd

Name: RDPCDD
Description: RDPCDD
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: RDPCDD

Name: RDP Encoder Mirror Driver
Description: RDP Encoder Mirror Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: RDPENCDD

Name: Link-Layer Topology Discovery Responder
Description: Link-Layer Topology Discovery Responder
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: rspndr

Name: Realtke RtlProt WLAN Utility Protocol Driver
Description: Realtke RtlProt WLAN Utility Protocol Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: RtlProt

Name: Security Driver
Description: Security Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: secdrv

Name: Message-oriented TCP/IP and TCP/IPv6 Protocol (SMB session)
Description: Message-oriented TCP/IP and TCP/IPv6 Protocol (SMB session)
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Smb

Name: TCP/IP Protocol Driver
Description: TCP/IP Protocol Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Tcpip

Name: TCP/IP Registry Compatibility
Description: TCP/IP Registry Compatibility
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: tcpipreg

Name: NetIO Legacy TDI Support Driver
Description: NetIO Legacy TDI Support Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: tdx

Name: VgaSave
Description: VgaSave
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: VgaSave

Name: Dynamic Volume Manager
Description: Dynamic Volume Manager
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: volmgrx

Name: Storage volumes
Description: Storage volumes
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: volsnap

Name: Remote Access IPv6 ARP Driver
Description: Remote Access IPv6 ARP Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Wanarpv6

Name: Kernel Mode Driver Frameworks service
Description: Kernel Mode Driver Frameworks service
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Wdf01000

Name: WAN Miniport (L2TP)
Description: WAN Miniport (L2TP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: Rasl2tp

Name: WAN Miniport (Network Monitor)
Description: WAN Miniport (Network Monitor)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan

Name: WAN Miniport (IP)
Description: WAN Miniport (IP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan

Name: WAN Miniport (IPv6)
Description: WAN Miniport (IPv6)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan

Name: WAN Miniport (PPPOE)
Description: WAN Miniport (PPPOE)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasPppoe

Name: WAN Miniport (PPTP)
Description: WAN Miniport (PPTP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: PptpMiniport

Name: WAN Miniport (SSTP)
Description: WAN Miniport (SSTP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasSstp

Name: Terminal Server Keyboard Driver
Description: Terminal Server Keyboard Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: TermDD

Name: Terminal Server Mouse Driver
Description: Terminal Server Mouse Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: TermDD

Name: Plug and Play Software Device Enumerator
Description: Plug and Play Software Device Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: swenum

Name: RAS Async Adapter
Description: RAS Async Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: AsyncMac

Name: Microsoft System Management BIOS Driver
Description: Microsoft System Management BIOS Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: mssmbios

Name: TOSHIBA tos_sps32 Driver
Description: TOSHIBA tos_sps32 Driver
Class Guid: {8bbd94a0-a150-11d4-a878-0040265b73ee}
Manufacturer: TOSHIBA Corp.
Service: tos_sps32

Name: UMBus Root Bus Enumerator
Description: UMBus Root Bus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: umbus

Name: Volume Manager
Description: Volume Manager
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: volmgr

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap


========================= Memory info: ===================================

Percentage of memory in use: 23%
Total physical RAM: 2939.26 MB
Available physical RAM: 2244.63 MB
Total Pagefile: 6130.8 MB
Available Pagefile: 5628.87 MB
Total Virtual: 2047.88 MB
Available Virtual: 1965.81 MB

========================= Partitions: =====================================

1 Drive c: (SQ004981V02) (Fixed) (Total:224.2 GB) (Free:147.28 GB) NTFS

========================= Users: ========================================

User accounts for \\TOSHIBA

Administrator Guest Jeremy

========================= Minidump Files ==================================

C:\Windows\Minidump\Mini042310-01.dmp
C:\Windows\Minidump\Mini082812-01.dmp
C:\Windows\Minidump\Mini120912-01.dmp
C:\Windows\Minidump\Mini121012-01.dmp
C:\Windows\Minidump\Mini121012-02.dmp
C:\Windows\Minidump\Mini121012-03.dmp

**** End of log ****

#14 TheShooter93

TheShooter93

    Cody


  • Malware Response Team
  • 4,792 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Orlando, Florida
  • Local time:07:13 PM

Posted 13 December 2012 - 01:23 PM

Hello steve1147,

Use the Windows Error Checking utility (Check Disk), with the options to fix file system errors and scan the disk surface for errors, attempt recovery of data and repair the disk:

  • Click the "Windows Orb" Start button, then click Computer.
  • Right-click on the drive that you wish to check > Properties > Tools tab
  • In the "Error checking" section, click on Check now.
  • Place a checkmark in both boxes > Start.
  • If the disk you have chosen is the Windows system disk:
  • A message will notify you that a restart is necessary ask "Do you want to check for hard disk errors the next time you start your computer?".
  • Click Schedule disk check > OK and close all windows.
  • Re-start the computer. The disk will be checked when the system boots.
  • This will take some time to run and at times may appear stalled but just let it run.
  • When the disk check is complete, the system will re-start automatically and load Windows.

A log of the disk check is recorded only if the scheduled re-start is used, and only for drives on the same HDD as the Operating System.
To open Event Viewer and view the log:

  • Click the "Windows Orb" Start button -> type "eventvwr" without the quotes -> press the <ENTER> key.
  • The Event Viewer window will open.
  • In the left pane, expand "Windows Logs" and then click on Application.
  • In the right pane, at the top, click on the column heading Source to sort the list alphabetically.
  • Look in the Source column for "Wininit", with an entry corresponding to the date and time of the disk check.
  • Click on that Wininit entry to select it.
  • On the top main menu, click Action > Copy > Copy Details as Text.
  • Paste the contents into your next reply.

CCNA R&SCCNA Security | Network+  |  B.S. - Information Technology | Cyber Security Engineer

If I am helping you and have not replied within 48 hours, please send me a private message.

 

 


#15 steve1147

steve1147
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:06:13 PM

Posted 17 December 2012 - 10:58 AM

Tried 3 times, the Disc Check will run up to "Stage 5 of 5, 84% complete, 316xxxxx of 386xxxxxx free clusters processed" and freezes up, I've let it sit over 36 hours this last time, it never advances.
It then has to be unplugged and the battery removed to re-boot into Safe.
Thanks, Steve W.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users