Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

IRP rootkit will not remove


  • Please log in to reply
17 replies to this topic

#1 voidwalker

voidwalker

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:11:58 PM

Posted 06 February 2013 - 09:11 PM

AVG shows that it is healed but when I double click it says that one or two out of eight total have been healed. I want to make sure these nasty things get out of my system. Please respond..

I also Believe some might be trying to attack my 1.5 T external hard drive.

Edit: Moved topic from Windows 7 to the more appropriate forum. ~ Animal

Attached Files



BC AdBot (Login to Remove)

 


#2 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:58 PM

Posted 06 February 2013 - 10:41 PM

Please download MINITOOLBOX and run it.
http://download.bleepingcomputer.com/farbar/MiniToolBox.exe

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Report FF Proxy Settings
Reset Ie proxy Settins
Reset FF proxy settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List Devices (problems only)



Click Go and post the result.

Download Adware Cleaner run it Click the delete button allow it to run and post the log it creates.

http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner


Download the junkware removal tool save it to your desktop run it in safe mode post the log.
http://thisisudax.org/downloads/JRT.exe


Download Emsisoft Emergency Kit and save it to your desktop. Right-click on EmsisoftEmergencyKit.zip and select Extract All.... Leave all settings as they are and click Extract. You will now have a folder named EmsisoftEmergencyKit on your desktop.

Open the EmsisoftEmergencyKit
http://www.emsisoft.com/en/software/eek/download/
folder and double-click Start.exe.
A new window will open. Under "Run Directly:" click Emergency Kit Scanner.
When asked to run an online update, click Yes.
When the update is finished, click the Back to Security Status link in the left corner. On the main screen click the Scan Now button.
Select the Deep Scan option and click the SCAN button.
When the scan is finished click the Quarantine selected objects button. Note, this option is only available if malicious objects were detected during the scan.
Click the View Report button and in the Reports window double-click on the most recent log. Note, logs are named as follows: a2scan_<date>-<time>.txt.
Copy/paste the report contents in your next reply.

#3 voidwalker

voidwalker
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:11:58 PM

Posted 08 February 2013 - 05:01 PM

sorry I didnt reply i a while. Quick question, will I have to uninstall Malwarebytes anti-rootkit or the AVG trial, or even Super Anti Spyware?

oh, and is it safe for me to put this all on a flash drive, text and all and reposting?


Edited by voidwalker, 08 February 2013 - 05:02 PM.


#4 voidwalker

voidwalker
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:11:58 PM

Posted 08 February 2013 - 05:11 PM

adwarwe cleaner was deleted by AVG, should i disable AVG?



#5 voidwalker

voidwalker
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:11:58 PM

Posted 08 February 2013 - 05:13 PM

MiniToolBox by Farbar  Version:10-01-2013
Ran by Owner (administrator) on 08-02-2013 at 17:06:43
Running from "L:\"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


127.0.0.1   meetandbleepgames.com www.meetandbleepgames.com

========================= IP Configuration: ================================

Hamachi Network Interface = Hamachi (Connected)
Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)
Atheros AR9285 Wireless Network Adapter = Wireless Network Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add route prefix=0.0.0.0/0 interface="Hamachi" nexthop=25.0.0.1 publish=Yes
set interface interface="Hamachi" forwarding=disabled advertise=disabled metric=9000 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled


popd
# End of IPv4 configuration

 

Windows IP Configuration

   Host Name . . . . . . . . . . . . : Owner-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Physical Address. . . . . . . . . : 16-DE-2B-6E-2E-C9
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : att.net
   Description . . . . . . . . . . . : Atheros AR9285 Wireless Network Adapter
   Physical Address. . . . . . . . . : 74-DE-2B-6E-2E-C9
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : F0-DE-F1-9A-36-EF
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Hamachi:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Hamachi Network Interface
   Physical Address. . . . . . . . . : 7A-79-19-8B-82-F8
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2620:9b::198b:82f8(Preferred)
   Link-local IPv6 Address . . . . . : fe80::8532:cd58:7533:5f2f%16(Preferred)
   IPv4 Address. . . . . . . . . . . : 25.139.130.248(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.0.0.0
   Lease Obtained. . . . . . . . . . : Friday, February 08, 2013 4:20:36 PM
   Lease Expires . . . . . . . . . . : Saturday, February 08, 2014 4:22:42 PM
   Default Gateway . . . . . . . . . : 2620:9b::1900:1
                                       25.0.0.1
   DHCP Server . . . . . . . . . . . : 25.0.0.1
   DHCPv6 IAID . . . . . . . . . . . : 628783382
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-30-AD-70-F0-DE-F1-9A-36-EF
   DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
                                       fec0:0:0:ffff::2%1
                                       fec0:0:0:ffff::3%1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{500EDBD0-E033-4C91-B960-195B0CBFF816}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
DNS request timed out.
    timeout was 2 seconds.
Server:  UnKnown
Address:  fec0:0:0:ffff::1

DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
Ping request could not find host google.com. Please check the name and try again.
DNS request timed out.
    timeout was 2 seconds.
Server:  UnKnown
Address:  fec0:0:0:ffff::1

DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
Ping request could not find host yahoo.com. Please check the name and try again.

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 15...16 de 2b 6e 2e c9 ......Microsoft Virtual WiFi Miniport Adapter
 13...74 de 2b 6e 2e c9 ......Atheros AR9285 Wireless Network Adapter
 11...f0 de f1 9a 36 ef ......Realtek PCIe GBE Family Controller
 16...7a 79 19 8b 82 f8 ......Hamachi Network Interface
  1...........................Software Loopback Interface 1
 17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
 14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0         25.0.0.1   25.139.130.248   9256
          0.0.0.0          0.0.0.0    192.168.1.254     192.168.1.67     25
         25.0.0.0        255.0.0.0         On-link    25.139.130.248   9256
   25.139.130.248  255.255.255.255         On-link    25.139.130.248   9256
   25.255.255.255  255.255.255.255         On-link    25.139.130.248   9256
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link      192.168.1.67    281
     192.168.1.67  255.255.255.255         On-link      192.168.1.67    281
    192.168.1.255  255.255.255.255         On-link      192.168.1.67    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link    25.139.130.248   9256
        224.0.0.0        240.0.0.0         On-link      192.168.1.67    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link    25.139.130.248   9256
  255.255.255.255  255.255.255.255         On-link      192.168.1.67    281
===========================================================================
Persistent Routes:
  Network Address          Netmask  Gateway Address  Metric
          0.0.0.0          0.0.0.0         25.0.0.1  Default
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 16   9020 ::/0                     2620:9b::1900:1
 13    281 ::/0                     fe80::22e5:64ff:fe97:6cd0
  1    306 ::1/128                  On-link
 14     58 2001::/32                On-link
 14    306 2001:0:9d38:6ab8:1468:39c5:931c:67d8/128
                                    On-link
 13     33 2602:306:ce39:8270::/64  On-link
 13    281 2602:306:ce39:8270:d38:b27c:bad:cfcd/128
                                    On-link
 13    281 2602:306:ce39:8270:1053:ed9e:838b:b7e8/128
                                    On-link
 16    276 2620:9b::/96             On-link
 16    276 2620:9b::198b:82f8/128   On-link
 16    276 fe80::/64                On-link
 13    281 fe80::/64                On-link
 14    306 fe80::/64                On-link
 13    281 fe80::1053:ed9e:838b:b7e8/128
                                    On-link
 14    306 fe80::1468:39c5:931c:67d8/128
                                    On-link
 16    276 fe80::8532:cd58:7533:5f2f/128
                                    On-link
  1    306 ff00::/8                 On-link
 14    306 ff00::/8                 On-link
 16    276 ff00::/8                 On-link
 13    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
 If Metric Network Destination      Gateway
  0 4294967295 2620:9b::/96             On-link
  0   9000 ::/0                     2620:9b::1900:1
===========================================================================
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 10 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (02/08/2013 04:22:08 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/07/2013 07:35:05 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/07/2013 04:41:37 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/07/2013 05:22:58 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/07/2013 03:17:08 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/06/2013 11:37:03 PM) (Source: ESENT) (User: )
Description: Windows (5508) Windows: Unable to write a shadowed header for file C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk. Error -1032.

Error: (02/06/2013 11:37:03 PM) (Source: ESENT) (User: )
Description: Windows (5508) Windows: An attempt to open the file "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ".  The open file operation will fail with error -1032 (0xfffffbf8).

Error: (02/06/2013 08:40:55 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/06/2013 07:59:48 PM) (Source: Application Hang) (User: )
Description: The program firefox.exe version 18.0.2.4780 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 12e4

Start Time: 01ce04cdc424b715

Termination Time: 0

Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Report Id:

Error: (02/06/2013 05:14:29 PM) (Source: ESENT) (User: )
Description: Windows (1768) Windows: Unable to write a shadowed header for file C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk. Error -1032.


System errors:
=============
Error: (02/08/2013 05:04:59 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.

Error: (02/08/2013 05:04:58 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.

Error: (02/08/2013 04:20:40 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5

Error: (02/08/2013 04:20:37 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5

Error: (02/08/2013 04:19:34 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5

Error: (02/07/2013 07:33:54 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5

Error: (02/07/2013 07:33:51 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5

Error: (02/07/2013 07:32:38 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5

Error: (02/07/2013 04:40:25 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5

Error: (02/07/2013 04:40:20 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5


Microsoft Office Sessions:
=========================
Error: (02/08/2013 04:22:08 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/07/2013 07:35:05 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/07/2013 04:41:37 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/07/2013 05:22:58 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/07/2013 03:17:08 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/06/2013 11:37:03 PM) (Source: ESENT)(User: )
Description: Windows5508Windows: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk-1032

Error: (02/06/2013 11:37:03 PM) (Source: ESENT)(User: )
Description: Windows5508Windows: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk-1032 (0xfffffbf8)32 (0x00000020)The process cannot access the file because it is being used by another process.

Error: (02/06/2013 08:40:55 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/06/2013 07:59:48 PM) (Source: Application Hang)(User: )
Description: firefox.exe18.0.2.478012e401ce04cdc424b7150C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Error: (02/06/2013 05:14:29 PM) (Source: ESENT)(User: )
Description: Windows1768Windows: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk-1032


CodeIntegrity Errors:
===================================
  Date: 2012-12-04 19:27:01.956
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-12-04 19:27:01.927
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-09-24 19:54:41.545
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-09-24 19:54:41.525
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


=========================== Installed Programs ============================

‚R‚cƒJƒXƒ^ƒ€­— (Version: 1.0.0)
Adobe AIR (Version: 3.2.0.2070)
Adobe Flash Player 11 ActiveX (Version: 11.5.502.146)
Adobe Flash Player 11 Plugin (Version: 11.5.502.146)
Adobe Reader X (10.1.5) (Version: 10.1.5)
Adobe Shockwave Player 11.6 (Version: 11.6.8.638)
Aimersoft Video Converter Ultimate(Build 4.2.4.0)
ALOT Appbar
AOL Toolbar
Apple Application Support (Version: 2.3.2)
Apple Mobile Device Support (Version: 6.0.1.3)
Apple Software Update (Version: 2.1.3.127)
Art Effects for PDR10 (Version: 2.0)
Atheros Client Installation Program (Version: 7.0)
AVG 2013 (Version: 13.0.2639)
AVG 2013 (Version: 13.0.2897)
AVG 2013 (Version: 2013.0.2897)
Best Buy pc app (Version: 3.2.0.0)
Bing Desktop (Version: 1.1.166.0)
BioExcess (Version: 7.0.67.0)
BioShock (Version: 2.5.0000)
BitTorrent (Version: 7.6.1)
Bonjour (Version: 3.0.0.10)
CDisplayEx 1.8
Command & Conquer Generals (Version: 0.50.0000)
Command and ConquerTM Generals Zero Hour (Version: 1.00.0000)
Company of Heroes
CyberLink YouCam (Version: 3.1.3623)
D3DX10 (Version: 15.4.2368.0902)
Darksiders
DarksidersInstaller (Version: 1.00.1000)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dota 2 Test
Download Updater (AOL LLC)
Dxtory version 2.0.111 (Version: 2.0.111)
EgisTec ES603 WDM Driver (Version: 3.0.10.4)
Energy Management (Version: 6.0.2.1)
Free Audio Converter version 5.0.21.1201 (Version: 5.0.21.1201)
Garrys Mod Update #1
Google Talk Plugin (Version: 3.13.2.11592)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3607.2246)
Google Update Helper (Version: 1.3.21.123)
iCloud (Version: 1.1.0.40)
ILLUSION BattleRaper2 (Version: 1.00.0000)
ILLUSION CapRaper
Inspiration 9 IE
Inspiration 9 PDF Driver (novaPDF 7.0 printer)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Management Engine Components (Version: 7.0.0.1144)
Intel® Processor Graphics (Version: 8.15.10.2761)
Intel® Rapid Storage Technology (Version: 10.1.5.1001)
iTunes (Version: 11.0.1.12)
Java Auto Updater (Version: 2.0.7.2)
Java™ 6 Update 31 (64-bit) (Version: 6.0.310)
Java™ 6 Update 37 (Version: 6.0.370)
Junk Mail filter update (Version: 15.4.3502.0922)
League of Legends (Version: 1.3)
Lenovo EasyCamera (Version: 13.10.1201.1)
Lenovo EE Boot Optimizer (Version: 0.0.1.6)
Lenovo OneKey Recovery (Version: 7.0.1628)
Lenovo Security Suite (Version: 2.0.11.0)
Lernout & Hauspie TruVoice American English TTS Engine
LogMeIn Hamachi (Version: 2.1.0.294)
Magic Set Editor 2.0.0
Media Player Classic - Home Cinema 1.6.0.4014 (Version: 1.6.0.4014)
Mesh Runtime (Version: 15.4.5722.2)
Metro 2033
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft Mouse and Keyboard Center (Version: 2.0.162.0)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Home and Student 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft VC9 runtime libraries (Version: 2.0.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Mozilla Firefox 18.0.2 (x86 en-US) (Version: 18.0.2)
Mozilla Maintenance Service (Version: 18.0.2)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
NTI Backup Now EZ (Version: 2.5.2.36)
NVIDIA PhysX (Version: 9.10.0222)
OpenAL
Pando Media Booster (Version: 2.6.0.1)
PlanetSide 2
Port Locker (Version: 1.0.5.24)
Power2Go (Version: 5.6.0.7303)
PowerDirector (Version: 10.00.0000)
QuickTime (Version: 7.72.80.56)
Rainmeter (Version: 2.4 r1678)
Realtek Ethernet Controller Driver For Windows 7 (Version: 7.21.531.2010)
Realtek High Definition Audio Driver (Version: 6.0.1.6662)
Realtek USB 2.0 Reader Driver (Version: 6.1.7600.10008)
Red Faction: Armageddon
Saints Row: The Third
SILENT HILL 3 (Version: 1.00.0000)
SILENT HILL 4 (Version: 1.00.000)
Silent Hill Homecoming
Skype Click to Call (Version: 6.5.11422)
Skype? 6.1 (Version: 6.1.129)
Spotify (Version: 0.8.5.1333.g822e0de8)
Steam (Version: 1.0.0.0)
Super nude patch 3 2.0.2 (Version: 2.0.2)
SUPERAntiSpyware (Version: 5.6.1014)
swMSM (Version: 12.0.0.1)
Synaptics Pointing Device Driver (Version: 15.2.7.0)
Team Fortress 2
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
VideoLAN VLC media player 0.8.6f (Version: 0.8.6f)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1)
VoiceOver Kit (Version: 1.42.128.0)
Windows Driver Package - Lenovo (ACPIVPC) System  (12/02/2010 6.1.0.1) (Version: 12/02/2010 6.1.0.1)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3508.1109)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinRAR 4.11 (64-bit) (Version: 4.11.0)

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 34%
Total physical RAM: 8106.14 MB
Available physical RAM: 5324.94 MB
Total Pagefile: 16210.47 MB
Available Pagefile: 13724.57 MB
Total Virtual: 4095.88 MB
Available Virtual: 3969.21 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:254.14 GB) (Free:64.58 GB) NTFS
2 Drive d: (LENOVO) (Fixed) (Total:29 GB) (Free:27.37 GB) NTFS
3 Drive e: (Tyler's TB) (Fixed) (Total:1397.26 GB) (Free:692.8 GB) NTFS
5 Drive k: (U3 System) (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS
6 Drive l: (HHGIDZBNV) (Removable) (Total:1.86 GB) (Free:1.64 GB) FAT32

========================= Users: ========================================

User accounts for \\OWNER-PC

Administrator            ASPNET                   Guest                   
Mcx1-OWNER-PC            Owner                   


**** End of log ****



#6 voidwalker

voidwalker
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:11:58 PM

Posted 08 February 2013 - 05:24 PM

adware cleaner didn't make a result txt when I rebooted, so I just ran the Junkware removal tool, I didnt have to extract it so I just ran it. it was labeled JRT.exe, I didn't run in safe mode though. Should I Reboot, press f8 then run in safe mode for that program?

 

and strangely, there was a U3 drive installed, what is that? I ejected it and now it is an extra cd drive. this doesn't make sense because I already have one. I have magic disk but I had it turned off.

 

Every time I try to run Emsisoft, It updates, I go to scan computer, I hit deep scan, but then I get a blue screen and my computer crashes


Edited by voidwalker, 08 February 2013 - 05:41 PM.


#7 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:58 PM

Posted 08 February 2013 - 07:04 PM

Please run the Emisoft tool in safemode with networking and see if it works from there.


Edited by InadequateInfirmity, 08 February 2013 - 07:05 PM.


#8 voidwalker

voidwalker
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:11:58 PM

Posted 08 February 2013 - 08:05 PM

MiniToolBox by Farbar  Version:10-01-2013
Ran by TW (administrator) on 08-02-2013 at 17:03:29
Running from "E:\"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
 
 
 
========================= IP Configuration: ================================
 
Atheros AR9285 Wireless Network Adapter = Wireless Network Connection (Connected)
Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : TW-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : att.net
 
Wireless LAN adapter Wireless Network Connection:
 
   Connection-specific DNS Suffix  . : att.net
   Description . . . . . . . . . . . : Atheros AR9285 Wireless Network Adapter
   Physical Address. . . . . . . . . : 74-DE-2B-6E-2E-C9
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2602:306:ce39:8270:1053:ed9e:838b:b7e8(Preferred) 
   Temporary IPv6 Address. . . . . . : 2602:306:ce39:8270:4c52:1266:d8c5:d67f(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::1053:ed9e:838b:b7e8%13(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.67(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Friday, February 08, 2013 4:10:59 PM
   Lease Expires . . . . . . . . . . : Saturday, February 09, 2013 4:10:59 PM
   Default Gateway . . . . . . . . . : fe80::22e5:64ff:fe97:6cd0%13
                                       192.168.1.254
   DHCP Server . . . . . . . . . . . : 192.168.1.254
   DHCPv6 IAID . . . . . . . . . . . : 326426155
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-30-AD-70-F0-DE-F1-9A-36-EF
   DNS Servers . . . . . . . . . . . : 192.168.1.254
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Ethernet adapter Local Area Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : F0-DE-F1-9A-36-EF
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.att.net:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : att.net
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 12:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:bf:2fbd:931c:67d8(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::bf:2fbd:931c:67d8%14(Preferred) 
   Default Gateway . . . . . . . . . : 
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  dsldevice.att.net
Address:  192.168.1.254
 
Name:    google.com
Addresses:  2607:f8b0:4002:801::1001
      173.194.37.68
      173.194.37.69
      173.194.37.70
      173.194.37.71
      173.194.37.72
      173.194.37.73
      173.194.37.78
      173.194.37.64
      173.194.37.65
      173.194.37.66
      173.194.37.67
 
 
Pinging google.com [2607:f8b0:4002:c01::65] with 32 bytes of data:
Reply from 2607:f8b0:4002:c01::65: time=28ms 
Reply from 2607:f8b0:4002:c01::65: time=28ms 
 
Ping statistics for 2607:f8b0:4002:c01::65:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 28ms, Maximum = 28ms, Average = 28ms
Server:  dsldevice.att.net
Address:  192.168.1.254
 
Name:    yahoo.com
Addresses:  206.190.36.45
      98.138.253.109
      98.139.183.24
 
 
Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=128ms TTL=39
Reply from 206.190.36.45: bytes=32 time=127ms TTL=39
 
Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 127ms, Maximum = 128ms, Average = 127ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 13...74 de 2b 6e 2e c9 ......Atheros AR9285 Wireless Network Adapter
 11...f0 de f1 9a 36 ef ......Realtek PCIe GBE Family Controller
  1...........................Software Loopback Interface 1
 15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 12...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
 14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0    192.168.1.254     192.168.1.67     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link      192.168.1.67    281
     192.168.1.67  255.255.255.255         On-link      192.168.1.67    281
    192.168.1.255  255.255.255.255         On-link      192.168.1.67    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.1.67    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.1.67    281
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 13    281 ::/0                     fe80::22e5:64ff:fe97:6cd0
  1    306 ::1/128                  On-link
 14     58 2001::/32                On-link
 14    306 2001:0:9d38:6ab8:bf:2fbd:931c:67d8/128
                                    On-link
 13     33 2602:306:ce39:8270::/64  On-link
 13    281 2602:306:ce39:8270:1053:ed9e:838b:b7e8/128
                                    On-link
 13    281 2602:306:ce39:8270:4c52:1266:d8c5:d67f/128
                                    On-link
 13    281 fe80::/64                On-link
 14    306 fe80::/64                On-link
 14    306 fe80::bf:2fbd:931c:67d8/128
                                    On-link
 13    281 fe80::1053:ed9e:838b:b7e8/128
                                    On-link
  1    306 ff00::/8                 On-link
 14    306 ff00::/8                 On-link
 13    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (02/08/2013 04:12:07 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (02/08/2013 03:52:16 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (02/08/2013 06:24:28 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.
 
Error: (02/08/2013 06:24:28 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.
 
Error: (02/08/2013 06:24:28 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.
 
Error: (02/08/2013 06:24:28 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.
 
Error: (02/08/2013 06:24:28 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.
 
Error: (02/08/2013 06:24:28 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.
 
Error: (02/08/2013 06:24:28 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.
 
Error: (02/08/2013 06:24:28 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.
 
 
System errors:
=============
Error: (02/08/2013 04:31:44 PM) (Source: Service Control Manager) (User: )
Description: The Steam Client Service service failed to start due to the following error: 
%%1053
 
Error: (02/08/2013 04:31:44 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
 
Error: (02/08/2013 04:11:38 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error: 
%%5
 
Error: (02/08/2013 04:11:17 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error: 
%%5
 
Error: (02/08/2013 04:11:17 PM) (Source: Service Control Manager) (User: )
Description: The McAfee Boot Delay Start Service service failed to start due to the following error: 
%%2
 
Error: (02/08/2013 04:09:25 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error: 
%%5
 
Error: (02/08/2013 03:51:25 PM) (Source: Service Control Manager) (User: )
Description: The McAfee Boot Delay Start Service service failed to start due to the following error: 
%%2
 
Error: (02/08/2013 03:34:46 PM) (Source: Service Control Manager) (User: )
Description: The McAfee Boot Delay Start Service service failed to start due to the following error: 
%%1083
 
Error: (02/08/2013 06:25:37 PM) (Source: DCOM) (User: )
Description: {3A185DDE-E020-4985-A8F2-E27CDC4A0F3A}
 
 
Microsoft Office Sessions:
=========================
Error: (02/08/2013 04:12:07 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (02/08/2013 03:52:16 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (02/08/2013 06:24:28 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (02/08/2013 06:24:28 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (02/08/2013 06:24:28 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (02/08/2013 06:24:28 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (02/08/2013 06:24:28 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (02/08/2013 06:24:28 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (02/08/2013 06:24:28 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (02/08/2013 06:24:28 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
 
=========================== Installed Programs ============================
 
Adobe Flash Player 10 ActiveX (Version: 10.1.53.64)
Adobe Reader 9.4.0 (Version: 9.4.0)
Atheros Client Installation Program (Version: 7.0)
AVG 2013 (Version: 13.0.2639)
AVG 2013 (Version: 13.0.2897)
AVG 2013 (Version: 2013.0.2897)
Best Buy pc app (Version: 3.2.0.0)
BioExcess (Version: 7.0.67.0)
CyberLink YouCam (Version: 3.1.3623)
D3DX10 (Version: 15.4.2368.0902)
EgisTec ES603 WDM Driver (Version: 3.0.10.4)
Energy Management (Version: 6.0.2.1)
Google Chrome (Version: 24.0.1312.57)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3607.2246)
Google Update Helper (Version: 1.3.21.123)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Management Engine Components (Version: 7.0.0.1144)
Intel® Processor Graphics (Version: 8.15.10.2342)
Intel® Rapid Storage Technology (Version: 10.1.5.1001)
Junk Mail filter update (Version: 15.4.3502.0922)
Lenovo EasyCamera (Version: 13.10.1201.1)
Lenovo EE Boot Optimizer (Version: 0.0.1.6)
Lenovo OneKey Recovery (Version: 7.0.1628)
Lenovo Security Suite (Version: 2.0.11.0)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Mouse and Keyboard Center (Version: 2.0.162.0)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Silverlight (Version: 4.0.50401.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
Port Locker (Version: 1.0.5.24)
Power2Go (Version: 5.6.0.7303)
Realtek Ethernet Controller Driver For Windows 7 (Version: 7.21.531.2010)
Realtek High Definition Audio Driver (Version: 6.0.1.6282)
Realtek USB 2.0 Reader Driver (Version: 6.1.7600.10008)
Shared C Run-time for x64 (Version: 10.0.0)
Skype™ 6.1 (Version: 6.1.129)
Steam (Version: 1.0.0.0)
Synaptics Pointing Device Driver (Version: 15.2.7.0)
VeriFace (Version: 4.0.0.1224)
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1)
Windows Driver Package - Lenovo (ACPIVPC) System  (12/02/2010 6.1.0.1) (Version: 12/02/2010 6.1.0.1)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3508.1109)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
 
========================= Devices: ================================
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 32%
Total physical RAM: 8106.14 MB
Available physical RAM: 5462.26 MB
Total Pagefile: 16210.48 MB
Available Pagefile: 13448.92 MB
Total Virtual: 4095.88 MB
Available Virtual: 3969.97 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:254.14 GB) (Free:223.05 GB) NTFS
2 Drive d: (LENOVO) (Fixed) (Total:29 GB) (Free:27.37 GB) NTFS
3 Drive e: () (Removable) (Total:0.96 GB) (Free:0.73 GB) FAT
 
========================= Users: ========================================
 
User accounts for \\TW-PC
 
Administrator            Guest                    TW                       
 
 
**** End of log ****


#9 voidwalker

voidwalker
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:11:58 PM

Posted 08 February 2013 - 08:13 PM

that is my result after one key complete reset. I didn't have to run emsisoft in safe mode this time and it didn't crash..



#10 voidwalker

voidwalker
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:11:58 PM

Posted 08 February 2013 - 08:27 PM

Emsisoft Emergency Kit - Version 3.0
Last update: 2/8/2013 5:07:18 PM
 
Scan settings:
 
Scan type: Deep Scan
Objects: Rootkits, Memory, Traces, C:\, D:\
 
Detect Riskware: Off
Scan archives: On
ADS Scan: On
File extension filter: Off
Advanced caching: On
Direct disk access: Off
 
Scan start:    2/8/2013 5:07:48 PM
 
 
Scanned    398455
Found    0
 
Scan end:    2/8/2013 8:26:01 PM
Scan time:    3:18:13


above, the time was different because I forgot to set the correct time zone. So it is later.



#11 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:58 PM

Posted 08 February 2013 - 08:31 PM

Download tdss killer

http://support.kaspersky.com/downloads/utils/tdsskiller.exe


Right Click it Run As Admin . Click on Change parameters Select TDLFS file system

Hit the Scan button Post the LOG In your next reply

Do not change the default options on scan results



Update and do a quick scan with Malwarebytes remove all that it finds and reboot.
http://www.filehippo.com/download_malwarebytes_anti_malware/download/ecf14848530d11a2f09a94b92a69fcfa/

Post the log here,


Update do a quick scan with Superantispyware remove all this finds reboot.
http://www.superantispyware.com/downloadfile.html?productid=SUPERANTISPYWAREFREE
post the log here.




Run a scan with Eset. You will need to disable your antivirus during this scan.
http://www.eset.com/us/online-scanner/
Make sure remove found threats and scan archives is checked.
When the scan finish list found threats save to clipboard copy to notepad Post the log here.



#12 voidwalker

voidwalker
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:11:58 PM

Posted 08 February 2013 - 08:48 PM

  where can I find the kaspersky tdss, it won't let me copy paste the result



#13 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:58 PM

Posted 08 February 2013 - 08:55 PM

Click on the Report button and copy and paste it from there.

Or you can find it on your C: Drive.



#14 voidwalker

voidwalker
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:11:58 PM

Posted 08 February 2013 - 09:01 PM

20:39:40.0433 5760  TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
20:39:41.0359 5760  ============================================================
20:39:41.0359 5760  Current date / time: 2013/02/08 20:39:41.0359
20:39:41.0359 5760  SystemInfo:
20:39:41.0359 5760  
20:39:41.0359 5760  OS Version: 6.1.7601 ServicePack: 1.0
20:39:41.0359 5760  Product type: Workstation
20:39:41.0360 5760  ComputerName: TW-PC
20:39:41.0360 5760  UserName: TW
20:39:41.0360 5760  Windows directory: C:\windows
20:39:41.0360 5760  System windows directory: C:\windows
20:39:41.0360 5760  Running under WOW64
20:39:41.0360 5760  Processor architecture: Intel x64
20:39:41.0361 5760  Number of processors: 4
20:39:41.0361 5760  Page size: 0x1000
20:39:41.0361 5760  Boot type: Normal boot
20:39:41.0361 5760  ============================================================
20:39:42.0249 5760  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:39:42.0264 5760  Drive \Device\Harddisk1\DR1 - Size: 0x3D500000 (0.96 Gb), SectorSize: 0x200, Cylinders: 0x7D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
20:39:42.0269 5760  ============================================================
20:39:42.0269 5760  \Device\Harddisk0\DR0:
20:39:42.0284 5760  MBR partitions:
20:39:42.0284 5760  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x64000
20:39:42.0284 5760  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64800, BlocksNum 0x1FC49800
20:39:42.0375 5760  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1FCAE800, BlocksNum 0x39FD800
20:39:42.0375 5760  \Device\Harddisk1\DR1:
20:39:42.0376 5760  MBR partitions:
20:39:42.0376 5760  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x6, StartLBA 0x5F0, BlocksNum 0x1EA210
20:39:42.0377 5760  ============================================================
20:39:42.0509 5760  C: <-> \Device\Harddisk0\DR0\Partition2
20:39:43.0029 5760  D: <-> \Device\Harddisk0\DR0\Partition3
20:39:43.0029 5760  ============================================================
20:39:43.0029 5760  Initialize success
20:39:43.0029 5760  ============================================================
20:40:15.0506 4348  ============================================================
20:40:15.0506 4348  Scan started
20:40:15.0506 4348  Mode: Manual; TDLFS; 
20:40:15.0506 4348  ============================================================
20:40:17.0510 4348  ================ Scan system memory ========================
20:40:17.0510 4348  System memory - ok
20:40:17.0512 4348  ================ Scan services =============================
20:40:18.0634 4348  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\windows\system32\drivers\1394ohci.sys
20:40:18.0637 4348  1394ohci - ok
20:40:18.0719 4348  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\windows\system32\drivers\ACPI.sys
20:40:18.0721 4348  ACPI - ok
20:40:18.0762 4348  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\windows\system32\drivers\acpipmi.sys
20:40:18.0763 4348  AcpiPmi - ok
20:40:18.0850 4348  [ 5BBFF8B826EC38D32C26334E079C7EFC ] ACPIVPC         C:\windows\system32\DRIVERS\AcpiVpc.sys
20:40:18.0851 4348  ACPIVPC - ok
20:40:18.0941 4348  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\windows\system32\drivers\adp94xx.sys
20:40:18.0945 4348  adp94xx - ok
20:40:19.0026 4348  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\windows\system32\drivers\adpahci.sys
20:40:19.0029 4348  adpahci - ok
20:40:19.0095 4348  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\windows\system32\drivers\adpu320.sys
20:40:19.0097 4348  adpu320 - ok
20:40:19.0143 4348  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\windows\System32\aelupsvc.dll
20:40:19.0145 4348  AeLookupSvc - ok
20:40:19.0263 4348  [ D5B031C308A409A0A576BFF4CF083D30 ] AFD             C:\windows\system32\drivers\afd.sys
20:40:19.0267 4348  AFD - ok
20:40:19.0296 4348  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\windows\system32\drivers\agp440.sys
20:40:19.0297 4348  agp440 - ok
20:40:19.0358 4348  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\windows\System32\alg.exe
20:40:19.0360 4348  ALG - ok
20:40:19.0413 4348  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\windows\system32\drivers\aliide.sys
20:40:19.0414 4348  aliide - ok
20:40:19.0431 4348  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\windows\system32\drivers\amdide.sys
20:40:19.0433 4348  amdide - ok
20:40:19.0454 4348  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\windows\system32\drivers\amdk8.sys
20:40:19.0456 4348  AmdK8 - ok
20:40:19.0486 4348  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\windows\system32\drivers\amdppm.sys
20:40:19.0488 4348  AmdPPM - ok
20:40:19.0523 4348  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\windows\system32\drivers\amdsata.sys
20:40:19.0525 4348  amdsata - ok
20:40:19.0562 4348  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\windows\system32\drivers\amdsbs.sys
20:40:19.0564 4348  amdsbs - ok
20:40:19.0617 4348  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\windows\system32\drivers\amdxata.sys
20:40:19.0618 4348  amdxata - ok
20:40:19.0659 4348  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\windows\system32\drivers\appid.sys
20:40:19.0660 4348  AppID - ok
20:40:19.0723 4348  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\windows\System32\appidsvc.dll
20:40:19.0725 4348  AppIDSvc - ok
20:40:19.0733 4348  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\windows\System32\appinfo.dll
20:40:19.0735 4348  Appinfo - ok
20:40:19.0787 4348  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\windows\system32\drivers\arc.sys
20:40:19.0788 4348  arc - ok
20:40:19.0793 4348  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\windows\system32\drivers\arcsas.sys
20:40:19.0794 4348  arcsas - ok
20:40:19.0816 4348  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\windows\system32\DRIVERS\asyncmac.sys
20:40:19.0817 4348  AsyncMac - ok
20:40:19.0855 4348  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\windows\system32\drivers\atapi.sys
20:40:19.0856 4348  atapi - ok
20:40:20.0209 4348  [ 782D36BAD8DDBF008D02E055DBE70F82 ] athr            C:\windows\system32\DRIVERS\athrx.sys
20:40:20.0224 4348  athr - ok
20:40:20.0350 4348  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
20:40:20.0358 4348  AudioEndpointBuilder - ok
20:40:20.0370 4348  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\windows\System32\Audiosrv.dll
20:40:20.0376 4348  AudioSrv - ok
20:40:20.0542 4348  [ 3D1FFAA3358CA0D8A298DEA8BECFC468 ] Avgfwfd         C:\windows\system32\DRIVERS\avgfwd6a.sys
20:40:20.0543 4348  Avgfwfd - ok
20:40:21.0335 4348  [ D0BE22C910E46550C6308D50DDA76B94 ] avgfws          C:\Program Files (x86)\AVG\AVG2013\avgfws.exe
20:40:21.0349 4348  avgfws - ok
20:40:22.0385 4348  [ 4AFC14AFA58878FAA1D249E7E90EA54B ] AVGIDSAgent     C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
20:40:22.0505 4348  AVGIDSAgent - ok
20:40:22.0716 4348  [ 388056EBD5FE6718FE669078DBE37897 ] AVGIDSDriver    C:\windows\system32\DRIVERS\avgidsdrivera.sys
20:40:22.0718 4348  AVGIDSDriver - ok
20:40:22.0752 4348  [ 550E981747D6A6C55078C77346FFC2C6 ] AVGIDSHA        C:\windows\system32\DRIVERS\avgidsha.sys
20:40:22.0753 4348  AVGIDSHA - ok
20:40:22.0849 4348  [ 5989592A91A17587799792A81E1541D4 ] Avgldx64        C:\windows\system32\DRIVERS\avgldx64.sys
20:40:22.0851 4348  Avgldx64 - ok
20:40:22.0943 4348  [ 3FC43AA02545FCDDC22817829114DEC8 ] Avgloga         C:\windows\system32\DRIVERS\avgloga.sys
20:40:22.0945 4348  Avgloga - ok
20:40:22.0976 4348  [ 841C40C193889730848849AC220D9242 ] Avgmfx64        C:\windows\system32\DRIVERS\avgmfx64.sys
20:40:22.0978 4348  Avgmfx64 - ok
20:40:23.0097 4348  [ FE4F444DBE4BBBDFD8FECF49398DEFC7 ] Avgrkx64        C:\windows\system32\DRIVERS\avgrkx64.sys
20:40:23.0098 4348  Avgrkx64 - ok
20:40:23.0180 4348  [ 6E634525613D48A1D1657FB21F21F3B2 ] Avgtdia         C:\windows\system32\DRIVERS\avgtdia.sys
20:40:23.0182 4348  Avgtdia - ok
20:40:23.0239 4348  [ 0BC445CDCC253047E8CD2D83D725AC18 ] avgtp           C:\windows\system32\drivers\avgtpx64.sys
20:40:23.0240 4348  avgtp - ok
20:40:23.0346 4348  [ 6B72E1E329C4E98C6B6FDD2D265E3BA3 ] avgwd           C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
20:40:23.0348 4348  avgwd - ok
20:40:23.0514 4348  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\windows\System32\AxInstSV.dll
20:40:23.0518 4348  AxInstSV - ok
20:40:23.0662 4348  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\windows\system32\drivers\bxvbda.sys
20:40:23.0666 4348  b06bdrv - ok
20:40:23.0721 4348  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\windows\system32\DRIVERS\b57nd60a.sys
20:40:23.0724 4348  b57nd60a - ok
20:40:23.0798 4348  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\windows\System32\bdesvc.dll
20:40:23.0801 4348  BDESVC - ok
20:40:23.0832 4348  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\windows\system32\drivers\Beep.sys
20:40:23.0833 4348  Beep - ok
20:40:23.0952 4348  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\windows\System32\bfe.dll
20:40:23.0961 4348  BFE - ok
20:40:24.0104 4348  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\windows\System32\qmgr.dll
20:40:24.0117 4348  BITS - ok
20:40:24.0155 4348  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\windows\system32\DRIVERS\blbdrive.sys
20:40:24.0156 4348  blbdrive - ok
20:40:24.0180 4348  [ 91CE0D3DC57DD377E690A2D324022B08 ] bowser          C:\windows\system32\DRIVERS\bowser.sys
20:40:24.0182 4348  bowser - ok
20:40:24.0224 4348  [ AAA4F992F879977A000FE8B8C730CD2C ] BPntDrv         C:\windows\system32\drivers\BPntDrv.sys
20:40:24.0225 4348  BPntDrv - ok
20:40:24.0242 4348  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\windows\system32\drivers\BrFiltLo.sys
20:40:24.0243 4348  BrFiltLo - ok
20:40:24.0249 4348  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\windows\system32\drivers\BrFiltUp.sys
20:40:24.0250 4348  BrFiltUp - ok
20:40:24.0291 4348  [ 8EF0D5C41EC907751B8429162B1239ED ] Browser         C:\windows\System32\browser.dll
20:40:24.0294 4348  Browser - ok
20:40:24.0310 4348  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\windows\System32\Drivers\Brserid.sys
20:40:24.0313 4348  Brserid - ok
20:40:24.0318 4348  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\windows\System32\Drivers\BrSerWdm.sys
20:40:24.0320 4348  BrSerWdm - ok
20:40:24.0331 4348  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\windows\System32\Drivers\BrUsbMdm.sys
20:40:24.0332 4348  BrUsbMdm - ok
20:40:24.0339 4348  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\windows\System32\Drivers\BrUsbSer.sys
20:40:24.0340 4348  BrUsbSer - ok
20:40:24.0361 4348  [ CF98190A94F62E405C8CB255018B2315 ] BthEnum         C:\windows\system32\DRIVERS\BthEnum.sys
20:40:24.0363 4348  BthEnum - ok
20:40:24.0368 4348  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\windows\system32\drivers\bthmodem.sys
20:40:24.0370 4348  BTHMODEM - ok
20:40:24.0376 4348  [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan          C:\windows\system32\DRIVERS\bthpan.sys
20:40:24.0378 4348  BthPan - ok
20:40:24.0462 4348  [ 0D25B6D300BA26A5F2C3B2A8E96B158B ] BTHPORT         C:\windows\system32\Drivers\BTHport.sys
20:40:24.0466 4348  BTHPORT - ok
20:40:24.0513 4348  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\windows\system32\bthserv.dll
20:40:24.0515 4348  bthserv - ok
20:40:24.0539 4348  [ 1F9912F8EC5BFA53432E71E150636A8A ] BTHUSB          C:\windows\system32\Drivers\BTHUSB.sys
20:40:24.0541 4348  BTHUSB - ok
20:40:24.0606 4348  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys
20:40:24.0608 4348  cdfs - ok
20:40:24.0700 4348  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\windows\system32\DRIVERS\cdrom.sys
20:40:24.0701 4348  cdrom - ok
20:40:24.0786 4348  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\windows\System32\certprop.dll
20:40:24.0789 4348  CertPropSvc - ok
20:40:24.0833 4348  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\windows\system32\drivers\circlass.sys
20:40:24.0834 4348  circlass - ok
20:40:24.0882 4348  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\windows\system32\CLFS.sys
20:40:24.0887 4348  CLFS - ok
20:40:25.0212 4348  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:40:25.0213 4348  clr_optimization_v2.0.50727_32 - ok
20:40:25.0517 4348  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:40:25.0519 4348  clr_optimization_v2.0.50727_64 - ok
20:40:25.0906 4348  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:40:25.0908 4348  clr_optimization_v4.0.30319_32 - ok
20:40:26.0284 4348  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:40:26.0286 4348  clr_optimization_v4.0.30319_64 - ok
20:40:26.0346 4348  [ 50F92C943F18B070F166D019DFAB3D9A ] clwvd           C:\windows\system32\DRIVERS\clwvd.sys
20:40:26.0347 4348  clwvd - ok
20:40:26.0391 4348  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\windows\system32\DRIVERS\CmBatt.sys
20:40:26.0391 4348  CmBatt - ok
20:40:26.0399 4348  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\windows\system32\drivers\cmdide.sys
20:40:26.0400 4348  cmdide - ok
20:40:26.0459 4348  [ D5FEA92400F12412B3922087C09DA6A5 ] CNG             C:\windows\system32\Drivers\cng.sys
20:40:26.0462 4348  CNG - ok
20:40:26.0512 4348  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\windows\system32\drivers\compbatt.sys
20:40:26.0513 4348  Compbatt - ok
20:40:26.0558 4348  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\windows\system32\DRIVERS\CompositeBus.sys
20:40:26.0559 4348  CompositeBus - ok
20:40:26.0587 4348  COMSysApp - ok
20:40:26.0603 4348  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\windows\system32\drivers\crcdisk.sys
20:40:26.0604 4348  crcdisk - ok
20:40:26.0700 4348  [ 15597883FBE9B056F276ADA3AD87D9AF ] CryptSvc        C:\windows\system32\cryptsvc.dll
20:40:26.0704 4348  CryptSvc - ok
20:40:26.0790 4348  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\windows\system32\rpcss.dll
20:40:26.0799 4348  DcomLaunch - ok
20:40:26.0874 4348  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\windows\System32\defragsvc.dll
20:40:26.0880 4348  defragsvc - ok
20:40:26.0949 4348  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\windows\system32\Drivers\dfsc.sys
20:40:26.0951 4348  DfsC - ok
20:40:27.0064 4348  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\windows\system32\dhcpcore.dll
20:40:27.0070 4348  Dhcp - ok
20:40:27.0106 4348  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\windows\system32\drivers\discache.sys
20:40:27.0107 4348  discache - ok
20:40:27.0163 4348  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\windows\system32\drivers\disk.sys
20:40:27.0164 4348  Disk - ok
20:40:27.0219 4348  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\windows\System32\dnsrslvr.dll
20:40:27.0224 4348  Dnscache - ok
20:40:27.0320 4348  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\windows\System32\dot3svc.dll
20:40:27.0326 4348  dot3svc - ok
20:40:27.0377 4348  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\windows\system32\dps.dll
20:40:27.0381 4348  DPS - ok
20:40:27.0442 4348  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\windows\system32\drivers\drmkaud.sys
20:40:27.0443 4348  drmkaud - ok
20:40:27.0559 4348  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\windows\System32\drivers\dxgkrnl.sys
20:40:27.0565 4348  DXGKrnl - ok
20:40:27.0621 4348  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\windows\System32\eapsvc.dll
20:40:27.0625 4348  EapHost - ok
20:40:27.0883 4348  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\windows\system32\drivers\evbda.sys
20:40:27.0902 4348  ebdrv - ok
20:40:27.0961 4348  [ 0793F40B9B8A1BDD266296409DBD91EA ] EFS             C:\windows\System32\lsass.exe
20:40:27.0965 4348  EFS - ok
20:40:28.0212 4348  [ 2C1A297638E4319179A1112D4D6522B8 ] EgisTec Service C:\Program Files (x86)\EgisTec BioExcess\EgisService.exe
20:40:28.0220 4348  EgisTec Service - ok
20:40:28.0348 4348  [ 0AC3BAA7DF250C76DD9BCFC51565CB5F ] EgisTec Service Help C:\Program Files (x86)\EgisTec Port Locker\Egishlpsvc.exe
20:40:28.0352 4348  EgisTec Service Help - ok
20:40:28.0577 4348  [ 7745AAFFB61438C28C75E18CE98D4E64 ] EgisTec Ticket Service C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
20:40:28.0586 4348  EgisTec Ticket Service - ok
20:40:28.0616 4348  [ 33708C6D915F8DE734CF3ABB0731515B ] EgisTecFF       C:\windows\system32\DRIVERS\EgisTecFF.sys
20:40:28.0618 4348  EgisTecFF - ok
20:40:28.0795 4348  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\windows\ehome\ehRecvr.exe
20:40:28.0803 4348  ehRecvr - ok
20:40:28.0848 4348  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\windows\ehome\ehsched.exe
20:40:28.0851 4348  ehSched - ok
20:40:28.0919 4348  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\windows\system32\drivers\elxstor.sys
20:40:28.0923 4348  elxstor - ok
20:40:28.0937 4348  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\windows\system32\drivers\errdev.sys
20:40:28.0938 4348  ErrDev - ok
20:40:29.0078 4348  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\windows\system32\es.dll
20:40:29.0083 4348  EventSystem - ok
20:40:29.0103 4348  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\windows\system32\drivers\exfat.sys
20:40:29.0105 4348  exfat - ok
20:40:29.0153 4348  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\windows\system32\drivers\fastfat.sys
20:40:29.0155 4348  fastfat - ok
20:40:29.0268 4348  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\windows\system32\fxssvc.exe
20:40:29.0278 4348  Fax - ok
20:40:29.0336 4348  [ 3191ACA33088EE2481044FC0DB736442 ] fbfmon          C:\windows\system32\drivers\fbfmon.sys
20:40:29.0338 4348  fbfmon - ok
20:40:29.0353 4348  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\windows\system32\drivers\fdc.sys
20:40:29.0354 4348  fdc - ok
20:40:29.0388 4348  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\windows\system32\fdPHost.dll
20:40:29.0390 4348  fdPHost - ok
20:40:29.0405 4348  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\windows\system32\fdrespub.dll
20:40:29.0407 4348  FDResPub - ok
20:40:29.0454 4348  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\windows\system32\drivers\fileinfo.sys
20:40:29.0455 4348  FileInfo - ok
20:40:29.0463 4348  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\windows\system32\drivers\filetrace.sys
20:40:29.0464 4348  Filetrace - ok
20:40:29.0472 4348  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\windows\system32\drivers\flpydisk.sys
20:40:29.0473 4348  flpydisk - ok
20:40:29.0606 4348  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\windows\system32\drivers\fltmgr.sys
20:40:29.0609 4348  FltMgr - ok
20:40:29.0783 4348  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache       C:\windows\system32\FntCache.dll
20:40:29.0809 4348  FontCache - ok
20:40:29.0907 4348  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:40:29.0910 4348  FontCache3.0.0.0 - ok
20:40:29.0969 4348  [ 1899D0FB4C5AD0D6D0BFA258C54903F7 ] FPSensor        C:\windows\system32\Drivers\FPSensor.sys
20:40:29.0970 4348  FPSensor - ok
20:40:30.0006 4348  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\windows\system32\drivers\FsDepends.sys
20:40:30.0007 4348  FsDepends - ok
20:40:30.0040 4348  [ E95EF8547DE20CF0603557C0CF7A9462 ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys
20:40:30.0041 4348  Fs_Rec - ok
20:40:30.0122 4348  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys
20:40:30.0124 4348  fvevol - ok
20:40:30.0150 4348  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\windows\system32\drivers\gagp30kx.sys
20:40:30.0151 4348  gagp30kx - ok
20:40:30.0302 4348  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\windows\System32\gpsvc.dll
20:40:30.0313 4348  gpsvc - ok
20:40:30.0437 4348  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:40:30.0439 4348  gupdate - ok
20:40:30.0489 4348  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:40:30.0491 4348  gupdatem - ok
20:40:30.0650 4348  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
20:40:30.0652 4348  gusvc - ok
20:40:30.0713 4348  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\windows\system32\drivers\hcw85cir.sys
20:40:30.0714 4348  hcw85cir - ok
20:40:30.0780 4348  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
20:40:30.0783 4348  HdAudAddService - ok
20:40:30.0827 4348  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\windows\system32\DRIVERS\HDAudBus.sys
20:40:30.0828 4348  HDAudBus - ok
20:40:30.0858 4348  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\windows\system32\drivers\HidBatt.sys
20:40:30.0859 4348  HidBatt - ok
20:40:30.0883 4348  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\windows\system32\drivers\hidbth.sys
20:40:30.0884 4348  HidBth - ok
20:40:30.0889 4348  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\windows\system32\drivers\hidir.sys
20:40:30.0891 4348  HidIr - ok
20:40:30.0932 4348  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\windows\system32\hidserv.dll
20:40:30.0935 4348  hidserv - ok
20:40:30.0988 4348  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\windows\system32\DRIVERS\hidusb.sys
20:40:30.0989 4348  HidUsb - ok
20:40:31.0033 4348  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\windows\system32\kmsvc.dll
20:40:31.0039 4348  hkmsvc - ok
20:40:31.0130 4348  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
20:40:31.0136 4348  HomeGroupListener - ok
20:40:31.0198 4348  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
20:40:31.0205 4348  HomeGroupProvider - ok
20:40:31.0256 4348  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\windows\system32\drivers\HpSAMD.sys
20:40:31.0257 4348  HpSAMD - ok
20:40:31.0422 4348  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\windows\system32\drivers\HTTP.sys
20:40:31.0427 4348  HTTP - ok
20:40:31.0447 4348  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys
20:40:31.0448 4348  hwpolicy - ok
20:40:31.0511 4348  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\windows\system32\DRIVERS\i8042prt.sys
20:40:31.0513 4348  i8042prt - ok
20:40:31.0599 4348  [ 53CC5BF8B5A219119953C7ABB19A7705 ] iaStor          C:\windows\system32\DRIVERS\iaStor.sys
20:40:31.0602 4348  iaStor - ok
20:40:31.0686 4348  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\windows\system32\drivers\iaStorV.sys
20:40:31.0689 4348  iaStorV - ok
20:40:31.0838 4348  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:40:31.0849 4348  idsvc - ok
20:40:33.0216 4348  [ 795C99DC4F574C97C03D0BB39CF099EE ] igfx            C:\windows\system32\DRIVERS\igdkmd64.sys
20:40:33.0296 4348  igfx - ok
20:40:33.0324 4348  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\windows\system32\drivers\iirsp.sys
20:40:33.0325 4348  iirsp - ok
20:40:33.0390 4348  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\windows\System32\ikeext.dll
20:40:33.0399 4348  IKEEXT - ok
20:40:33.0830 4348  [ 03076F51AF9F78A272CCCDE03E9340CE ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
20:40:33.0879 4348  IntcAzAudAddService - ok
20:40:34.0020 4348  [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud        C:\windows\system32\DRIVERS\IntcDAud.sys
20:40:34.0023 4348  IntcDAud - ok
20:40:34.0041 4348  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\windows\system32\drivers\intelide.sys
20:40:34.0042 4348  intelide - ok
20:40:34.0076 4348  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\windows\system32\DRIVERS\intelppm.sys
20:40:34.0077 4348  intelppm - ok
20:40:34.0120 4348  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\windows\system32\ipbusenum.dll
20:40:34.0125 4348  IPBusEnum - ok
20:40:34.0145 4348  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys
20:40:34.0147 4348  IpFilterDriver - ok
20:40:34.0238 4348  [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc        C:\windows\System32\iphlpsvc.dll
20:40:34.0246 4348  iphlpsvc - ok
20:40:34.0280 4348  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\windows\system32\drivers\IPMIDrv.sys
20:40:34.0282 4348  IPMIDRV - ok
20:40:34.0315 4348  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\windows\system32\drivers\ipnat.sys
20:40:34.0316 4348  IPNAT - ok
20:40:34.0360 4348  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\windows\system32\drivers\irenum.sys
20:40:34.0361 4348  IRENUM - ok
20:40:34.0383 4348  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\windows\system32\drivers\isapnp.sys
20:40:34.0384 4348  isapnp - ok
20:40:34.0458 4348  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\windows\system32\drivers\msiscsi.sys
20:40:34.0461 4348  iScsiPrt - ok
20:40:34.0506 4348  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\windows\system32\DRIVERS\kbdclass.sys
20:40:34.0508 4348  kbdclass - ok
20:40:34.0562 4348  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\windows\system32\DRIVERS\kbdhid.sys
20:40:34.0563 4348  kbdhid - ok
20:40:34.0582 4348  [ 0793F40B9B8A1BDD266296409DBD91EA ] KeyIso          C:\windows\system32\lsass.exe
20:40:34.0586 4348  KeyIso - ok
20:40:34.0615 4348  [ CCD53B5BD33CE0C889E830D839C8B66E ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys
20:40:34.0616 4348  KSecDD - ok
20:40:34.0652 4348  [ 9FF918A261752C12639E8AD4208D2C2F ] KSecPkg         C:\windows\system32\Drivers\ksecpkg.sys
20:40:34.0653 4348  KSecPkg - ok
20:40:34.0661 4348  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\windows\system32\drivers\ksthunk.sys
20:40:34.0662 4348  ksthunk - ok
20:40:34.0722 4348  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\windows\system32\msdtckrm.dll
20:40:34.0730 4348  KtmRm - ok
20:40:34.0861 4348  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\windows\system32\srvsvc.dll
20:40:34.0871 4348  LanmanServer - ok
20:40:34.0921 4348  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
20:40:34.0929 4348  LanmanWorkstation - ok
20:40:34.0951 4348  [ BE166935083F9C38EDFDC21B9A7A679B ] LHDmgr          C:\windows\system32\DRIVERS\LhdX64.sys
20:40:34.0953 4348  LHDmgr - ok
20:40:35.0008 4348  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\windows\system32\DRIVERS\lltdio.sys
20:40:35.0009 4348  lltdio - ok
20:40:35.0048 4348  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\windows\System32\lltdsvc.dll
20:40:35.0056 4348  lltdsvc - ok
20:40:35.0061 4348  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\windows\System32\lmhsvc.dll
20:40:35.0067 4348  lmhosts - ok
20:40:35.0233 4348  [ 2ED1786B7542CDA261029F6B526EDF44 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
20:40:35.0236 4348  LMS - ok
20:40:35.0321 4348  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\windows\system32\drivers\lsi_fc.sys
20:40:35.0323 4348  LSI_FC - ok
20:40:35.0331 4348  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\windows\system32\drivers\lsi_sas.sys
20:40:35.0333 4348  LSI_SAS - ok
20:40:35.0381 4348  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\windows\system32\drivers\lsi_sas2.sys
20:40:35.0383 4348  LSI_SAS2 - ok
20:40:35.0388 4348  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\windows\system32\drivers\lsi_scsi.sys
20:40:35.0390 4348  LSI_SCSI - ok
20:40:35.0425 4348  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\windows\system32\drivers\luafv.sys
20:40:35.0427 4348  luafv - ok
20:40:35.0506 4348  [ 31C6AFFFAD7C733A65F888929548BC22 ] mbamchameleon   C:\windows\system32\drivers\mbamchameleon.sys
20:40:35.0507 4348  mbamchameleon - ok
20:40:35.0618 4348  [ 7D0D05B67DD9F39290E5B0B4D7331403 ] mbamswissarmy   C:\windows\system32\drivers\mbamswissarmy.sys
20:40:35.0621 4348  mbamswissarmy - ok
20:40:35.0739 4348  mcbootdelaystartsvc - ok
20:40:35.0785 4348  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\windows\system32\Mcx2Svc.dll
20:40:35.0790 4348  Mcx2Svc - ok
20:40:35.0803 4348  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\windows\system32\drivers\megasas.sys
20:40:35.0804 4348  megasas - ok
20:40:35.0917 4348  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\windows\system32\drivers\MegaSR.sys
20:40:35.0920 4348  MegaSR - ok
20:40:35.0946 4348  [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64          C:\windows\system32\DRIVERS\HECIx64.sys
20:40:35.0947 4348  MEIx64 - ok
20:40:36.0040 4348  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\windows\system32\mmcss.dll
20:40:36.0045 4348  MMCSS - ok
20:40:36.0061 4348  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\windows\system32\drivers\modem.sys
20:40:36.0062 4348  Modem - ok
20:40:36.0118 4348  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\windows\system32\DRIVERS\monitor.sys
20:40:36.0119 4348  monitor - ok
20:40:36.0175 4348  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\windows\system32\DRIVERS\mouclass.sys
20:40:36.0176 4348  mouclass - ok
20:40:36.0181 4348  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\windows\system32\DRIVERS\mouhid.sys
20:40:36.0182 4348  mouhid - ok
20:40:36.0191 4348  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\windows\system32\drivers\mountmgr.sys
20:40:36.0192 4348  mountmgr - ok
20:40:36.0200 4348  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\windows\system32\drivers\mpio.sys
20:40:36.0202 4348  mpio - ok
20:40:36.0237 4348  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys
20:40:36.0239 4348  mpsdrv - ok
20:40:36.0368 4348  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\windows\system32\mpssvc.dll
20:40:36.0381 4348  MpsSvc - ok
20:40:36.0396 4348  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys
20:40:36.0398 4348  MRxDAV - ok
20:40:36.0405 4348  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys
20:40:36.0407 4348  mrxsmb - ok
20:40:36.0430 4348  [ 2086D463BD371D8A37D153897430916D ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys
20:40:36.0433 4348  mrxsmb10 - ok
20:40:36.0469 4348  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys
20:40:36.0472 4348  mrxsmb20 - ok
20:40:36.0503 4348  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\windows\system32\drivers\msahci.sys
20:40:36.0505 4348  msahci - ok
20:40:36.0511 4348  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\windows\system32\drivers\msdsm.sys
20:40:36.0513 4348  msdsm - ok
20:40:36.0586 4348  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\windows\System32\msdtc.exe
20:40:36.0591 4348  MSDTC - ok
20:40:36.0623 4348  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\windows\system32\drivers\Msfs.sys
20:40:36.0625 4348  Msfs - ok
20:40:36.0638 4348  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\windows\System32\drivers\mshidkmdf.sys
20:40:36.0639 4348  mshidkmdf - ok
20:40:36.0675 4348  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\windows\system32\drivers\msisadrv.sys
20:40:36.0676 4348  msisadrv - ok
20:40:36.0746 4348  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\windows\system32\iscsiexe.dll
20:40:36.0750 4348  MSiSCSI - ok
20:40:36.0758 4348  msiserver - ok
20:40:36.0802 4348  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\windows\system32\drivers\MSKSSRV.sys
20:40:36.0803 4348  MSKSSRV - ok
20:40:36.0827 4348  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys
20:40:36.0828 4348  MSPCLOCK - ok
20:40:36.0836 4348  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\windows\system32\drivers\MSPQM.sys
20:40:36.0837 4348  MSPQM - ok
20:40:36.0924 4348  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\windows\system32\drivers\MsRPC.sys
20:40:36.0927 4348  MsRPC - ok
20:40:36.0945 4348  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\windows\system32\DRIVERS\mssmbios.sys
20:40:36.0947 4348  mssmbios - ok
20:40:36.0983 4348  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\windows\system32\drivers\MSTEE.sys
20:40:36.0984 4348  MSTEE - ok
20:40:36.0989 4348  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\windows\system32\drivers\MTConfig.sys
20:40:36.0990 4348  MTConfig - ok
20:40:37.0023 4348  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\windows\system32\Drivers\mup.sys
20:40:37.0025 4348  Mup - ok
20:40:37.0030 4348  [ 9B1EAC6FAF6F37305E822F5588DC8056 ] mwlPSDFilter    C:\windows\system32\DRIVERS\mwlPSDFilter.sys
20:40:37.0031 4348  mwlPSDFilter - ok
20:40:37.0037 4348  [ AD55C1524B296280ED9C6E0D730D35DA ] mwlPSDNServ     C:\windows\system32\DRIVERS\mwlPSDNServ.sys
20:40:37.0039 4348  mwlPSDNServ - ok
20:40:37.0093 4348  [ 2B599E6EC8843637BDD62E7F8F3BA201 ] mwlPSDVDisk     C:\windows\system32\DRIVERS\mwlPSDVDisk.sys
20:40:37.0094 4348  mwlPSDVDisk - ok
20:40:37.0222 4348  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\windows\system32\qagentRT.dll
20:40:37.0232 4348  napagent - ok
20:40:37.0352 4348  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\windows\system32\DRIVERS\nwifi.sys
20:40:37.0355 4348  NativeWifiP - ok
20:40:37.0529 4348  [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS            C:\windows\system32\drivers\ndis.sys
20:40:37.0535 4348  NDIS - ok
20:40:37.0570 4348  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\windows\system32\DRIVERS\ndiscap.sys
20:40:37.0572 4348  NdisCap - ok
20:40:37.0647 4348  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys
20:40:37.0649 4348  NdisTapi - ok
20:40:37.0670 4348  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\windows\system32\DRIVERS\ndisuio.sys
20:40:37.0672 4348  Ndisuio - ok
20:40:37.0718 4348  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\windows\system32\DRIVERS\ndiswan.sys
20:40:37.0720 4348  NdisWan - ok
20:40:37.0741 4348  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\windows\system32\drivers\NDProxy.sys
20:40:37.0743 4348  NDProxy - ok
20:40:37.0764 4348  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\windows\system32\DRIVERS\netbios.sys
20:40:37.0766 4348  NetBIOS - ok
20:40:37.0816 4348  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\windows\system32\DRIVERS\netbt.sys
20:40:37.0818 4348  NetBT - ok
20:40:37.0838 4348  [ 0793F40B9B8A1BDD266296409DBD91EA ] Netlogon        C:\windows\system32\lsass.exe
20:40:37.0842 4348  Netlogon - ok
20:40:37.0975 4348  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\windows\System32\netman.dll
20:40:37.0982 4348  Netman - ok
20:40:38.0021 4348  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\windows\System32\netprofm.dll
20:40:38.0029 4348  netprofm - ok
20:40:38.0102 4348  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:40:38.0106 4348  NetTcpPortSharing - ok
20:40:38.0145 4348  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\windows\system32\drivers\nfrd960.sys
20:40:38.0147 4348  nfrd960 - ok
20:40:38.0253 4348  [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc          C:\windows\System32\nlasvc.dll
20:40:38.0260 4348  NlaSvc - ok
20:40:38.0268 4348  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\windows\system32\drivers\Npfs.sys
20:40:38.0269 4348  Npfs - ok
20:40:38.0314 4348  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\windows\system32\nsisvc.dll
20:40:38.0318 4348  nsi - ok
20:40:38.0323 4348  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\windows\system32\drivers\nsiproxy.sys
20:40:38.0325 4348  nsiproxy - ok
20:40:38.0456 4348  [ A2F74975097F52A00745F9637451FDD8 ] Ntfs            C:\windows\system32\drivers\Ntfs.sys
20:40:38.0467 4348  Ntfs - ok
20:40:38.0472 4348  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\windows\system32\drivers\Null.sys
20:40:38.0473 4348  Null - ok
20:40:38.0565 4348  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\windows\system32\drivers\nvraid.sys
20:40:38.0567 4348  nvraid - ok
20:40:38.0624 4348  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\windows\system32\drivers\nvstor.sys
20:40:38.0626 4348  nvstor - ok
20:40:38.0648 4348  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\windows\system32\drivers\nv_agp.sys
20:40:38.0650 4348  nv_agp - ok
20:40:38.0697 4348  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\windows\system32\drivers\ohci1394.sys
20:40:38.0698 4348  ohci1394 - ok
20:40:38.0782 4348  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\windows\system32\pnrpsvc.dll
20:40:38.0802 4348  p2pimsvc - ok
20:40:38.0852 4348  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\windows\system32\p2psvc.dll
20:40:38.0858 4348  p2psvc - ok
20:40:38.0914 4348  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\windows\system32\drivers\parport.sys
20:40:38.0915 4348  Parport - ok
20:40:38.0982 4348  [ 871EADAC56B0A4C6512BBE32753CCF79 ] partmgr         C:\windows\system32\drivers\partmgr.sys
20:40:38.0983 4348  partmgr - ok
20:40:39.0203 4348  [ 9665402B7FA59302D520AD845DDFC026 ] Partner Service C:\ProgramData\Partner\Partner.exe
20:40:39.0207 4348  Partner Service - ok
20:40:39.0289 4348  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\windows\System32\pcasvc.dll
20:40:39.0295 4348  PcaSvc - ok
20:40:39.0341 4348  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\windows\system32\drivers\pci.sys
20:40:39.0343 4348  pci - ok
20:40:39.0351 4348  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\windows\system32\drivers\pciide.sys
20:40:39.0352 4348  pciide - ok
20:40:39.0404 4348  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\windows\system32\drivers\pcmcia.sys
20:40:39.0407 4348  pcmcia - ok
20:40:39.0437 4348  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\windows\system32\drivers\pcw.sys
20:40:39.0439 4348  pcw - ok
20:40:39.0480 4348  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\windows\system32\drivers\peauth.sys
20:40:39.0484 4348  PEAUTH - ok
20:40:40.0149 4348  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\windows\SysWow64\perfhost.exe
20:40:40.0153 4348  PerfHost - ok
20:40:40.0309 4348  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\windows\system32\pla.dll
20:40:40.0331 4348  pla - ok
20:40:40.0405 4348  [ B806E50427511BCF4AD8E8239C3E25FA ] PlugPlay        C:\windows\system32\umpnpmgr.dll
20:40:40.0417 4348  PlugPlay - ok
20:40:40.0441 4348  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\windows\system32\pnrpauto.dll
20:40:40.0448 4348  PNRPAutoReg - ok
20:40:40.0471 4348  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\windows\system32\pnrpsvc.dll
20:40:40.0479 4348  PNRPsvc - ok
20:40:40.0599 4348  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\windows\System32\ipsecsvc.dll
20:40:40.0607 4348  PolicyAgent - ok
20:40:40.0640 4348  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\windows\system32\umpo.dll
20:40:40.0647 4348  Power - ok
20:40:40.0716 4348  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\windows\system32\DRIVERS\raspptp.sys
20:40:40.0719 4348  PptpMiniport - ok
20:40:40.0773 4348  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\windows\system32\drivers\processr.sys
20:40:40.0774 4348  Processor - ok
20:40:40.0870 4348  [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc         C:\windows\system32\profsvc.dll
20:40:40.0878 4348  ProfSvc - ok
20:40:40.0905 4348  [ 0793F40B9B8A1BDD266296409DBD91EA ] ProtectedStorage C:\windows\system32\lsass.exe
20:40:40.0908 4348  ProtectedStorage - ok
20:40:40.0979 4348  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\windows\system32\DRIVERS\pacer.sys
20:40:40.0981 4348  Psched - ok
20:40:41.0145 4348  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\windows\system32\drivers\ql2300.sys
20:40:41.0155 4348  ql2300 - ok
20:40:41.0231 4348  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\windows\system32\drivers\ql40xx.sys
20:40:41.0233 4348  ql40xx - ok
20:40:41.0281 4348  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\windows\system32\qwave.dll
20:40:41.0288 4348  QWAVE - ok
20:40:41.0295 4348  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\windows\system32\drivers\qwavedrv.sys
20:40:41.0297 4348  QWAVEdrv - ok
20:40:41.0304 4348  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys
20:40:41.0306 4348  RasAcd - ok
20:40:41.0404 4348  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\windows\system32\DRIVERS\AgileVpn.sys
20:40:41.0405 4348  RasAgileVpn - ok
20:40:41.0457 4348  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\windows\System32\rasauto.dll
20:40:41.0463 4348  RasAuto - ok
20:40:41.0523 4348  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\windows\system32\DRIVERS\rasl2tp.sys
20:40:41.0525 4348  Rasl2tp - ok
20:40:41.0601 4348  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\windows\System32\rasmans.dll
20:40:41.0613 4348  RasMan - ok
20:40:41.0658 4348  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys
20:40:41.0660 4348  RasPppoe - ok
20:40:41.0694 4348  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\windows\system32\DRIVERS\rassstp.sys
20:40:41.0697 4348  RasSstp - ok
20:40:41.0747 4348  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\windows\system32\DRIVERS\rdbss.sys
20:40:41.0752 4348  rdbss - ok
20:40:41.0757 4348  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\windows\system32\drivers\rdpbus.sys
20:40:41.0760 4348  rdpbus - ok
20:40:41.0775 4348  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\windows\system32\DRIVERS\RDPCDD.sys
20:40:41.0777 4348  RDPCDD - ok
20:40:41.0794 4348  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\windows\system32\drivers\rdpencdd.sys
20:40:41.0805 4348  RDPENCDD - ok
20:40:41.0811 4348  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\windows\system32\drivers\rdprefmp.sys
20:40:41.0813 4348  RDPREFMP - ok
20:40:41.0820 4348  [ 15B66C206B5CB095BAB980553F38ED23 ] RDPWD           C:\windows\system32\drivers\RDPWD.sys
20:40:41.0825 4348  RDPWD - ok
20:40:41.0853 4348  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\windows\system32\drivers\rdyboost.sys
20:40:41.0857 4348  rdyboost - ok
20:40:41.0962 4348  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\windows\System32\mprdim.dll
20:40:41.0967 4348  RemoteAccess - ok
20:40:42.0066 4348  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\windows\system32\regsvc.dll
20:40:42.0073 4348  RemoteRegistry - ok
20:40:42.0113 4348  [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM          C:\windows\system32\DRIVERS\rfcomm.sys
20:40:42.0116 4348  RFCOMM - ok
20:40:42.0170 4348  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\windows\System32\RpcEpMap.dll
20:40:42.0176 4348  RpcEptMapper - ok
20:40:42.0235 4348  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\windows\system32\locator.exe
20:40:42.0239 4348  RpcLocator - ok
20:40:42.0278 4348  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\windows\system32\rpcss.dll
20:40:42.0286 4348  RpcSs - ok
20:40:42.0359 4348  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\windows\system32\DRIVERS\rspndr.sys
20:40:42.0362 4348  rspndr - ok
20:40:42.0429 4348  [ E54A5586A28D0630A79A68BBAB84BFCF ] RSUSBVSTOR      C:\windows\system32\Drivers\RtsUVStor.sys
20:40:42.0434 4348  RSUSBVSTOR - ok
20:40:42.0490 4348  [ 20A466B9EA2BD828C0EC723F99B8CFE7 ] RTL8167         C:\windows\system32\DRIVERS\Rt64win7.sys
20:40:42.0494 4348  RTL8167 - ok
20:40:42.0516 4348  [ 0793F40B9B8A1BDD266296409DBD91EA ] SamSs           C:\windows\system32\lsass.exe
20:40:42.0519 4348  SamSs - ok
20:40:42.0553 4348  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\windows\system32\drivers\sbp2port.sys
20:40:42.0556 4348  sbp2port - ok
20:40:42.0611 4348  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\windows\System32\SCardSvr.dll
20:40:42.0621 4348  SCardSvr - ok
20:40:42.0650 4348  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\windows\system32\DRIVERS\scfilter.sys
20:40:42.0652 4348  scfilter - ok
20:40:42.0774 4348  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\windows\system32\schedsvc.dll
20:40:42.0798 4348  Schedule - ok
20:40:42.0887 4348  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\windows\System32\certprop.dll
20:40:42.0889 4348  SCPolicySvc - ok
20:40:42.0929 4348  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\windows\System32\SDRSVC.dll
20:40:42.0936 4348  SDRSVC - ok
20:40:42.0979 4348  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\windows\system32\drivers\secdrv.sys
20:40:42.0980 4348  secdrv - ok
20:40:43.0042 4348  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\windows\system32\seclogon.dll
20:40:43.0047 4348  seclogon - ok
20:40:43.0082 4348  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\windows\System32\sens.dll
20:40:43.0087 4348  SENS - ok
20:40:43.0153 4348  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\windows\system32\sensrsvc.dll
20:40:43.0159 4348  SensrSvc - ok
20:40:43.0179 4348  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\windows\system32\drivers\serenum.sys
20:40:43.0181 4348  Serenum - ok
20:40:43.0237 4348  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\windows\system32\drivers\serial.sys
20:40:43.0239 4348  Serial - ok
20:40:43.0271 4348  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\windows\system32\drivers\sermouse.sys
20:40:43.0272 4348  sermouse - ok
20:40:43.0300 4348  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\windows\system32\sessenv.dll
20:40:43.0309 4348  SessionEnv - ok
20:40:43.0314 4348  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\windows\system32\drivers\sffdisk.sys
20:40:43.0316 4348  sffdisk - ok
20:40:43.0321 4348  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\windows\system32\drivers\sffp_mmc.sys
20:40:43.0323 4348  sffp_mmc - ok
20:40:43.0351 4348  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\windows\system32\drivers\sffp_sd.sys
20:40:43.0353 4348  sffp_sd - ok
20:40:43.0356 4348  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\windows\system32\drivers\sfloppy.sys
20:40:43.0358 4348  sfloppy - ok
20:40:43.0429 4348  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\windows\System32\ipnathlp.dll
20:40:43.0436 4348  SharedAccess - ok
20:40:43.0518 4348  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
20:40:43.0529 4348  ShellHWDetection - ok
20:40:43.0574 4348  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\windows\system32\drivers\SiSRaid2.sys
20:40:43.0576 4348  SiSRaid2 - ok
20:40:43.0598 4348  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\windows\system32\drivers\sisraid4.sys
20:40:43.0601 4348  SiSRaid4 - ok
20:40:43.0768 4348  [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
20:40:43.0770 4348  SkypeUpdate - ok
20:40:43.0833 4348  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\windows\system32\DRIVERS\smb.sys
20:40:43.0836 4348  Smb - ok
20:40:43.0899 4348  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\windows\System32\snmptrap.exe
20:40:43.0905 4348  SNMPTRAP - ok
20:40:43.0978 4348  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\windows\system32\drivers\spldr.sys
20:40:43.0981 4348  spldr - ok
20:40:44.0106 4348  [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler         C:\windows\System32\spoolsv.exe
20:40:44.0119 4348  Spooler - ok
20:40:44.0341 4348  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\windows\system32\sppsvc.exe
20:40:44.0422 4348  sppsvc - ok
20:40:44.0447 4348  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\windows\system32\sppuinotify.dll
20:40:44.0456 4348  sppuinotify - ok
20:40:44.0572 4348  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\windows\system32\DRIVERS\srv.sys
20:40:44.0588 4348  srv - ok
20:40:44.0676 4348  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\windows\system32\DRIVERS\srv2.sys
20:40:44.0683 4348  srv2 - ok
20:40:44.0692 4348  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\windows\system32\DRIVERS\srvnet.sys
20:40:44.0696 4348  srvnet - ok
20:40:44.0785 4348  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\windows\System32\ssdpsrv.dll
20:40:44.0792 4348  SSDPSRV - ok
20:40:44.0817 4348  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\windows\system32\sstpsvc.dll
20:40:44.0823 4348  SstpSvc - ok
20:40:44.0890 4348  Steam Client Service - ok
20:40:44.0911 4348  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\windows\system32\drivers\stexstor.sys
20:40:44.0913 4348  stexstor - ok
20:40:45.0007 4348  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\windows\System32\wiaservc.dll
20:40:45.0019 4348  stisvc - ok
20:40:45.0069 4348  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\windows\system32\DRIVERS\swenum.sys
20:40:45.0071 4348  swenum - ok
20:40:45.0192 4348  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\windows\System32\swprv.dll
20:40:45.0205 4348  swprv - ok
20:40:45.0438 4348  [ 08425CD92972C6430F350A9697F4A553 ] SynTP           C:\windows\system32\DRIVERS\SynTP.sys
20:40:45.0470 4348  SynTP - ok
20:40:45.0619 4348  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\windows\system32\sysmain.dll
20:40:45.0687 4348  SysMain - ok
20:40:45.0748 4348  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
20:40:45.0754 4348  TabletInputService - ok
20:40:45.0800 4348  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\windows\System32\tapisrv.dll
20:40:45.0809 4348  TapiSrv - ok
20:40:45.0852 4348  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\windows\System32\tbssvc.dll
20:40:45.0858 4348  TBS - ok
20:40:46.0005 4348  [ 92CE29D95AC9DD2D0EE9061D551BA250 ] Tcpip           C:\windows\system32\drivers\tcpip.sys
20:40:46.0022 4348  Tcpip - ok
20:40:46.0327 4348  [ 92CE29D95AC9DD2D0EE9061D551BA250 ] TCPIP6          C:\windows\system32\DRIVERS\tcpip.sys
20:40:46.0342 4348  TCPIP6 - ok
20:40:46.0354 4348  [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg        C:\windows\system32\drivers\tcpipreg.sys
20:40:46.0356 4348  tcpipreg - ok
20:40:46.0394 4348  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\windows\system32\drivers\tdpipe.sys
20:40:46.0396 4348  TDPIPE - ok
20:40:46.0401 4348  [ E4245BDA3190A582D55ED09E137401A9 ] TDTCP           C:\windows\system32\drivers\tdtcp.sys
20:40:46.0404 4348  TDTCP - ok
20:40:46.0425 4348  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\windows\system32\DRIVERS\tdx.sys
20:40:46.0427 4348  tdx - ok
20:40:46.0432 4348  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\windows\system32\DRIVERS\termdd.sys
20:40:46.0435 4348  TermDD - ok
20:40:46.0531 4348  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\windows\System32\termsrv.dll
20:40:46.0546 4348  TermService - ok
20:40:46.0567 4348  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\windows\system32\themeservice.dll
20:40:46.0575 4348  Themes - ok
20:40:46.0596 4348  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\windows\system32\mmcss.dll
20:40:46.0600 4348  THREADORDER - ok
20:40:46.0681 4348  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\windows\System32\trkwks.dll
20:40:46.0689 4348  TrkWks - ok
20:40:46.0751 4348  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
20:40:46.0755 4348  TrustedInstaller - ok
20:40:46.0791 4348  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\windows\system32\DRIVERS\tssecsrv.sys
20:40:46.0793 4348  tssecsrv - ok
20:40:46.0858 4348  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\windows\system32\drivers\tsusbflt.sys
20:40:46.0861 4348  TsUsbFlt - ok
20:40:46.0892 4348  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD         C:\windows\system32\drivers\TsUsbGD.sys
20:40:46.0894 4348  TsUsbGD - ok
20:40:46.0972 4348  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\windows\system32\DRIVERS\tunnel.sys
20:40:46.0976 4348  tunnel - ok
20:40:46.0981 4348  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\windows\system32\drivers\uagp35.sys
20:40:46.0983 4348  uagp35 - ok
20:40:47.0005 4348  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\windows\system32\DRIVERS\udfs.sys
20:40:47.0010 4348  udfs - ok
20:40:47.0067 4348  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\windows\system32\UI0Detect.exe
20:40:47.0075 4348  UI0Detect - ok
20:40:47.0104 4348  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\windows\system32\drivers\uliagpkx.sys
20:40:47.0108 4348  uliagpkx - ok
20:40:47.0183 4348  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\windows\system32\DRIVERS\umbus.sys
20:40:47.0186 4348  umbus - ok
20:40:47.0190 4348  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\windows\system32\drivers\umpass.sys
20:40:47.0191 4348  UmPass - ok
20:40:47.0844 4348  [ 7E5E1603D0FF2D240AE70295C5C3FEFC ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
20:40:47.0865 4348  UNS - ok
20:40:47.0919 4348  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\windows\System32\upnphost.dll
20:40:47.0931 4348  upnphost - ok
20:40:47.0986 4348  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\windows\system32\DRIVERS\usbccgp.sys
20:40:47.0990 4348  usbccgp - ok
20:40:48.0023 4348  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\windows\system32\drivers\usbcir.sys
20:40:48.0026 4348  usbcir - ok
20:40:48.0057 4348  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\windows\system32\DRIVERS\usbehci.sys
20:40:48.0059 4348  usbehci - ok
20:40:48.0181 4348  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\windows\system32\DRIVERS\usbhub.sys
20:40:48.0186 4348  usbhub - ok
20:40:48.0235 4348  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\windows\system32\drivers\usbohci.sys
20:40:48.0237 4348  usbohci - ok
20:40:48.0275 4348  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\windows\system32\drivers\usbprint.sys
20:40:48.0278 4348  usbprint - ok
20:40:48.0311 4348  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\windows\system32\DRIVERS\USBSTOR.SYS
20:40:48.0313 4348  USBSTOR - ok
20:40:48.0346 4348  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\windows\system32\drivers\usbuhci.sys
20:40:48.0349 4348  usbuhci - ok
20:40:48.0428 4348  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\windows\system32\Drivers\usbvideo.sys
20:40:48.0432 4348  usbvideo - ok
20:40:48.0505 4348  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\windows\System32\uxsms.dll
20:40:48.0517 4348  UxSms - ok
20:40:48.0549 4348  [ 0793F40B9B8A1BDD266296409DBD91EA ] VaultSvc        C:\windows\system32\lsass.exe
20:40:48.0555 4348  VaultSvc - ok
20:40:48.0606 4348  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\windows\system32\drivers\vdrvroot.sys
20:40:48.0612 4348  vdrvroot - ok
20:40:48.0735 4348  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\windows\System32\vds.exe
20:40:48.0753 4348  vds - ok
20:40:48.0818 4348  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\windows\system32\DRIVERS\vgapnp.sys
20:40:48.0821 4348  vga - ok
20:40:48.0851 4348  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\windows\System32\drivers\vga.sys
20:40:48.0853 4348  VgaSave - ok
20:40:48.0879 4348  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\windows\system32\drivers\vhdmp.sys
20:40:48.0882 4348  vhdmp - ok
20:40:48.0891 4348  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\windows\system32\drivers\viaide.sys
20:40:48.0892 4348  viaide - ok
20:40:49.0010 4348  [ B977390908F5FC42B66E74D1E96843E6 ] vm331avs        C:\windows\system32\Drivers\vm331avs.sys
20:40:49.0014 4348  vm331avs - ok
20:40:49.0053 4348  [ 40C39413A2458016FF43444750F467CA ] vmuvcflt        C:\windows\system32\Drivers\vmuvcflt.sys
20:40:49.0056 4348  vmuvcflt - ok
20:40:49.0063 4348  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\windows\system32\drivers\volmgr.sys
20:40:49.0065 4348  volmgr - ok
20:40:49.0098 4348  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\windows\system32\drivers\volmgrx.sys
20:40:49.0102 4348  volmgrx - ok
20:40:49.0259 4348  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\windows\system32\drivers\volsnap.sys
20:40:49.0315 4348  volsnap - ok
20:40:49.0374 4348  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\windows\system32\drivers\vsmraid.sys
20:40:49.0377 4348  vsmraid - ok
20:40:49.0490 4348  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\windows\system32\vssvc.exe
20:40:49.0518 4348  VSS - ok
20:40:50.0080 4348  [ 6AE0A4978225CC6656D45504D6D78D0A ] vToolbarUpdater14.0.1 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.0.1\ToolbarUpdater.exe
20:40:50.0087 4348  vToolbarUpdater14.0.1 - ok
20:40:50.0107 4348  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\windows\system32\DRIVERS\vwifibus.sys
20:40:50.0109 4348  vwifibus - ok
20:40:50.0141 4348  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\windows\system32\DRIVERS\vwififlt.sys
20:40:50.0144 4348  vwififlt - ok
20:40:50.0226 4348  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\windows\system32\w32time.dll
20:40:50.0237 4348  W32Time - ok
20:40:50.0275 4348  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\windows\system32\drivers\wacompen.sys
20:40:50.0277 4348  WacomPen - ok
20:40:50.0331 4348  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\windows\system32\DRIVERS\wanarp.sys
20:40:50.0336 4348  WANARP - ok
20:40:50.0348 4348  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\windows\system32\DRIVERS\wanarp.sys
20:40:50.0350 4348  Wanarpv6 - ok
20:40:50.0547 4348  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\windows\system32\wbengine.exe
20:40:50.0590 4348  wbengine - ok
20:40:50.0655 4348  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\windows\System32\wbiosrvc.dll
20:40:50.0663 4348  WbioSrvc - ok
20:40:50.0729 4348  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\windows\System32\wcncsvc.dll
20:40:50.0742 4348  wcncsvc - ok
20:40:50.0784 4348  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
20:40:50.0793 4348  WcsPlugInService - ok
20:40:50.0844 4348  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\windows\system32\drivers\wd.sys
20:40:50.0847 4348  Wd - ok
20:40:50.0922 4348  [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000        C:\windows\system32\drivers\Wdf01000.sys
20:40:50.0931 4348  Wdf01000 - ok
20:40:50.0990 4348  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\windows\system32\wdi.dll
20:40:50.0997 4348  WdiServiceHost - ok
20:40:51.0004 4348  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\windows\system32\wdi.dll
20:40:51.0011 4348  WdiSystemHost - ok
20:40:51.0050 4348  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\windows\System32\webclnt.dll
20:40:51.0062 4348  WebClient - ok
20:40:51.0092 4348  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\windows\system32\wecsvc.dll
20:40:51.0103 4348  Wecsvc - ok
20:40:51.0150 4348  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\windows\System32\wercplsupport.dll
20:40:51.0157 4348  wercplsupport - ok
20:40:51.0213 4348  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\windows\System32\WerSvc.dll
20:40:51.0220 4348  WerSvc - ok
20:40:51.0263 4348  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\windows\system32\DRIVERS\wfplwf.sys
20:40:51.0266 4348  WfpLwf - ok
20:40:51.0286 4348  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\windows\system32\drivers\wimmount.sys
20:40:51.0289 4348  WIMMount - ok
20:40:51.0312 4348  WinDefend - ok
20:40:51.0318 4348  WinHttpAutoProxySvc - ok
20:40:51.0623 4348  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\windows\system32\wbem\WMIsvc.dll
20:40:51.0628 4348  Winmgmt - ok
20:40:51.0803 4348  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\windows\system32\WsmSvc.dll
20:40:51.0856 4348  WinRM - ok
20:40:51.0956 4348  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\windows\System32\wlansvc.dll
20:40:51.0974 4348  Wlansvc - ok
20:40:52.0126 4348  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
20:40:52.0128 4348  wlcrasvc - ok
20:40:52.0724 4348  [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:40:52.0740 4348  wlidsvc - ok
20:40:52.0786 4348  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\windows\system32\DRIVERS\wmiacpi.sys
20:40:52.0788 4348  WmiAcpi - ok
20:40:52.0861 4348  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\windows\system32\wbem\WmiApSrv.exe
20:40:52.0865 4348  wmiApSrv - ok
20:40:52.0908 4348  WMPNetworkSvc - ok
20:40:52.0958 4348  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\windows\System32\wpcsvc.dll
20:40:52.0967 4348  WPCSvc - ok
20:40:52.0984 4348  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\windows\system32\wpdbusenum.dll
20:40:52.0993 4348  WPDBusEnum - ok
20:40:53.0031 4348  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\windows\system32\drivers\ws2ifsl.sys
20:40:53.0034 4348  ws2ifsl - ok
20:40:53.0094 4348  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\windows\System32\wscsvc.dll
20:40:53.0100 4348  wscsvc - ok
20:40:53.0104 4348  WSearch - ok
20:40:53.0146 4348  [ 83575C43B2BFE9AB0661A7F957E843C0 ] wsvd            C:\windows\system32\DRIVERS\wsvd.sys
20:40:53.0149 4348  wsvd - ok
20:40:53.0468 4348  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\windows\system32\wuaueng.dll
20:40:53.0521 4348  wuauserv - ok
20:40:53.0533 4348  [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf          C:\windows\system32\drivers\WudfPf.sys
20:40:53.0536 4348  WudfPf - ok
20:40:53.0567 4348  [ CF8D590BE3373029D57AF80914190682 ] WUDFRd          C:\windows\system32\DRIVERS\WUDFRd.sys
20:40:53.0571 4348  WUDFRd - ok
20:40:53.0628 4348  [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc         C:\windows\System32\WUDFSvc.dll
20:40:53.0636 4348  wudfsvc - ok
20:40:53.0681 4348  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\windows\System32\wwansvc.dll
20:40:53.0690 4348  WwanSvc - ok
20:40:53.0742 4348  ================ Scan global ===============================
20:40:53.0790 4348  [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
20:40:53.0828 4348  [ E0406AEF04B088D1C49FC78D0546F689 ] C:\windows\system32\winsrv.dll
20:40:53.0840 4348  [ E0406AEF04B088D1C49FC78D0546F689 ] C:\windows\system32\winsrv.dll
20:40:53.0899 4348  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
20:40:53.0983 4348  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
20:40:53.0992 4348  [Global] - ok
20:40:53.0994 4348  ================ Scan MBR ==================================
20:40:54.0013 4348  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:40:56.0384 4348  \Device\Harddisk0\DR0 - ok
20:40:56.0390 4348  [ DDAE9D649DB12F6AFF24483F2C298989 ] \Device\Harddisk1\DR1
20:40:56.0572 4348  \Device\Harddisk1\DR1 - ok
20:40:56.0572 4348  ================ Scan VBR ==================================
20:40:56.0600 4348  [ 65D131E7E8A826C7DF12F83079F34CEF ] \Device\Harddisk0\DR0\Partition1
20:40:56.0602 4348  \Device\Harddisk0\DR0\Partition1 - ok
20:40:56.0624 4348  [ E644D78767CA102B2103C67DBBD0D804 ] \Device\Harddisk0\DR0\Partition2
20:40:56.0627 4348  \Device\Harddisk0\DR0\Partition2 - ok
20:40:56.0656 4348  [ 4F15653406356F5EF19E912589F22362 ] \Device\Harddisk0\DR0\Partition3
20:40:56.0659 4348  \Device\Harddisk0\DR0\Partition3 - ok
20:40:56.0664 4348  [ B40497FED217FA9C618A1B995A700625 ] \Device\Harddisk1\DR1\Partition1
20:40:56.0666 4348  \Device\Harddisk1\DR1\Partition1 - ok
20:40:56.0667 4348  ============================================================
20:40:56.0667 4348  Scan finished
20:40:56.0667 4348  ============================================================
20:40:56.0676 6040  Detected object count: 0
20:40:56.0676 6040  Actual detected object count: 0
20:43:40.0129 4612  Deinitialize success


#15 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:58 PM

Posted 08 February 2013 - 09:03 PM

TDSS Killer looks good on to the other steps. :)






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users