InterviewSolution
Saved Bookmarks
InterviewSolution
| 1. |
Solve : Connection problems - here to see if I have a virus? |
|
Answer» Please download MiniToolBox to Desktop and run it.
Ran by doug (administrator) on 27-12-2012 at 17:46:22 Running from "C:\Users\doug\Desktop\virus" Windows Vista (TM) Home Premium Service Pack 2 (X64) Boot Mode: Normal *************************************************************************** ========================= Flush DNS: =================================== Windows IP Configuration Successfully flushed the DNS Resolver Cache. ========================= IE Proxy Settings: ============================== Proxy is not enabled. No Proxy Server is set. "Reset IE Proxy Settings": IE Proxy Settings were reset. ========================= Hosts content: ================================= 127.0.0.1 localhost ========================= IP Configuration: ================================ Marvell Yukon 88E8071 PCI-E Gigabit Ethernet Controller = Local Area Connection (Connected) VMware Virtual Ethernet Adapter for VMnet1 = VMware Network Adapter VMnet1 (Connected) VMware Virtual Ethernet Adapter for VMnet8 = VMware Network Adapter VMnet8 (Connected) VirtualBox Host-Only Ethernet Adapter = Local Area Connection 2 (Connected) # ---------------------------------- # IPv4 Configuration # ---------------------------------- pushd interface ipv4 reset popd # End of IPv4 configuration Windows IP Configuration Host Name . . . . . . . . . . . . : doug-PC Primary Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Hybrid IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No Ethernet adapter Local Area Connection 2: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : VirtualBox Host-Only Ethernet Adapter Physical Address. . . . . . . . . : 08-00-27-00-18-C1 DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes Link-local IPv6 Address . . . . . : fe80::fdf2:9873:44e2:79ea%26(Preferred) Autoconfiguration IPv4 Address. . : 169.254.121.234(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.0.0 Default Gateway . . . . . . . . . : DHCPv6 IAID . . . . . . . . . . . : 436731943 DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-10-88-94-B4-00-22-68-07-91-85 DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1 fec0:0:0:ffff::2%1 fec0:0:0:ffff::3%1 NetBIOS over Tcpip. . . . . . . . : Enabled Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Marvell Yukon 88E8071 PCI-E Gigabit Ethernet Controller Physical Address. . . . . . . . . : 00-22-68-07-91-85 DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes Link-local IPv6 Address . . . . . : fe80::25c0:5299:b507:443b%10(Preferred) IPv4 Address. . . . . . . . . . . : 192.168.2.2(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.0 Lease Obtained. . . . . . . . . . : Thursday, December 27, 2012 12:14:16 PM Lease Expires . . . . . . . . . . : Sunday, December 30, 2012 12:14:14 PM Default Gateway . . . . . . . . . : 192.168.2.1 DHCP Server . . . . . . . . . . . : 192.168.2.1 DHCPv6 IAID . . . . . . . . . . . : 234889832 DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-10-88-94-B4-00-22-68-07-91-85 DNS Servers . . . . . . . . . . . : 192.168.2.1 NetBIOS over Tcpip. . . . . . . . : Enabled Ethernet adapter VMware Network Adapter VMnet1: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : VMware Virtual Ethernet Adapter for VMnet1 Physical Address. . . . . . . . . : 00-50-56-C0-00-01 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Link-local IPv6 Address . . . . . : fe80::a5f2:6378:7c63:a62d%12(Preferred) Autoconfiguration IPv4 Address. . : 169.254.166.45(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.0.0 Default Gateway . . . . . . . . . : DHCPv6 IAID . . . . . . . . . . . : 302010454 DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-10-88-94-B4-00-22-68-07-91-85 DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1 fec0:0:0:ffff::2%1 fec0:0:0:ffff::3%1 NetBIOS over Tcpip. . . . . . . . : Enabled Ethernet adapter VMware Network Adapter VMnet8: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : VMware Virtual Ethernet Adapter for VMnet8 Physical Address. . . . . . . . . : 00-50-56-C0-00-08 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Link-local IPv6 Address . . . . . : fe80::bc0f:f6fe:c759:ec47%13(Preferred) Autoconfiguration IPv4 Address. . : 169.254.236.71(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.0.0 Default Gateway . . . . . . . . . : DHCPv6 IAID . . . . . . . . . . . : 335564886 DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-10-88-94-B4-00-22-68-07-91-85 DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1 fec0:0:0:ffff::2%1 fec0:0:0:ffff::3%1 NetBIOS over Tcpip. . . . . . . . : Enabled Tunnel adapter Local Area Connection* 11: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface Physical Address. . . . . . . . . : 02-00-54-55-4E-01 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Tunnel adapter Local Area Connection* 12: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : isatap.{E0C456C5-FCC5-4E05-909B-EDC3DD13C4EE} Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Tunnel adapter Local Area Connection* 14: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Microsoft 6to4 Adapter #2 Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Tunnel adapter Local Area Connection* 16: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : isatap.{B2205165-AD37-42F1-8540-3AD3042F4084} Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Tunnel adapter Local Area Connection* 17: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : isatap.{6059A36E-DB33-4713-9C8C-27A50B8D6123} Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Tunnel adapter Local Area Connection* 13: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : isatap.{69DE6067-93A0-4FFF-AD69-C6EE7006F35F} Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Server: UnKnown Address: 192.168.2.1 Name: google.com Addresses: 2607:f8b0:4008:802::1002 74.125.229.232 74.125.229.233 74.125.229.238 74.125.229.224 74.125.229.225 74.125.229.226 74.125.229.227 74.125.229.228 74.125.229.229 74.125.229.230 74.125.229.231 Pinging google.com [74.125.229.238] with 32 bytes of data: Reply from 74.125.229.238: bytes=32 time=11ms TTL=55 Reply from 74.125.229.238: bytes=32 time=12ms TTL=55 Ping statistics for 74.125.229.238: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 11ms, Maximum = 12ms, Average = 11ms Server: UnKnown Address: 192.168.2.1 Name: yahoo.com Addresses: 98.138.253.109 98.139.183.24 72.30.38.140 Pinging yahoo.com [98.139.183.24] with 32 bytes of data: Reply from 98.139.183.24: bytes=32 time=784ms TTL=48 Reply from 98.139.183.24: bytes=32 time=779ms TTL=48 Ping statistics for 98.139.183.24: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 779ms, Maximum = 784ms, Average = 781ms Pinging 127.0.0.1 with 32 bytes of data: Reply from 127.0.0.1: bytes=32 time<1ms TTL=128 Reply from 127.0.0.1: bytes=32 time<1ms TTL=128 Ping statistics for 127.0.0.1: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms =========================================================================== Interface List 26 ...08 00 27 00 18 c1 ...... VirtualBox Host-Only Ethernet Adapter 10 ...00 22 68 07 91 85 ...... Marvell Yukon 88E8071 PCI-E Gigabit Ethernet Controller 12 ...00 50 56 c0 00 01 ...... VMware Virtual Ethernet Adapter for VMnet1 13 ...00 50 56 c0 00 08 ...... VMware Virtual Ethernet Adapter for VMnet8 1 ........................... Software Loopback Interface 1 11 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface 27 ...00 00 00 00 00 00 00 e0 isatap.{E0C456C5-FCC5-4E05-909B-EDC3DD13C4EE} 15 ...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #2 16 ...00 00 00 00 00 00 00 e0 isatap.{B2205165-AD37-42F1-8540-3AD3042F4084} 17 ...00 00 00 00 00 00 00 e0 isatap.{6059A36E-DB33-4713-9C8C-27A50B8D6123} 28 ...00 00 00 00 00 00 00 e0 isatap.{69DE6067-93A0-4FFF-AD69-C6EE7006F35F} =========================================================================== IPv4 Route Table =========================================================================== Active Routes: Network Destination Netmask Gateway Interface Metric 0.0.0.0 0.0.0.0 192.168.2.1 192.168.2.2 20 127.0.0.0 255.0.0.0 On-link 127.0.0.1 306 127.0.0.1 255.255.255.255 On-link 127.0.0.1 306 127.255.255.255 255.255.255.255 On-link 127.0.0.1 306 169.254.0.0 255.255.0.0 On-link 169.254.236.71 276 169.254.0.0 255.255.0.0 On-link 169.254.166.45 276 169.254.0.0 255.255.0.0 On-link 169.254.121.234 276 169.254.121.234 255.255.255.255 On-link 169.254.121.234 276 169.254.166.45 255.255.255.255 On-link 169.254.166.45 276 169.254.236.71 255.255.255.255 On-link 169.254.236.71 276 169.254.255.255 255.255.255.255 On-link 169.254.236.71 276 169.254.255.255 255.255.255.255 On-link 169.254.166.45 276 169.254.255.255 255.255.255.255 On-link 169.254.121.234 276 192.168.2.0 255.255.255.0 On-link 192.168.2.2 276 192.168.2.2 255.255.255.255 On-link 192.168.2.2 276 192.168.2.255 255.255.255.255 On-link 192.168.2.2 276 224.0.0.0 240.0.0.0 On-link 127.0.0.1 306 224.0.0.0 240.0.0.0 On-link 169.254.166.45 276 224.0.0.0 240.0.0.0 On-link 169.254.236.71 276 224.0.0.0 240.0.0.0 On-link 169.254.121.234 276 224.0.0.0 240.0.0.0 On-link 192.168.2.2 276 255.255.255.255 255.255.255.255 On-link 127.0.0.1 306 255.255.255.255 255.255.255.255 On-link 169.254.166.45 276 255.255.255.255 255.255.255.255 On-link 169.254.236.71 276 255.255.255.255 255.255.255.255 On-link 169.254.121.234 276 255.255.255.255 255.255.255.255 On-link 192.168.2.2 276 =========================================================================== Persistent Routes: None IPv6 Route Table =========================================================================== Active Routes: If Metric Network Destination Gateway 1 306 ::1/128 On-link 12 276 fe80::/64 On-link 13 276 fe80::/64 On-link 26 276 fe80::/64 On-link 10 276 fe80::/64 On-link 10 276 fe80::25c0:5299:b507:443b/128 On-link 12 276 fe80::a5f2:6378:7c63:a62d/128 On-link 13 276 fe80::bc0f:f6fe:c759:ec47/128 On-link 26 276 fe80::fdf2:9873:44e2:79ea/128 On-link 1 306 ff00::/8 On-link 12 276 ff00::/8 On-link 13 276 ff00::/8 On-link 26 276 ff00::/8 On-link 10 276 ff00::/8 On-link =========================================================================== Persistent Routes: None ========================= Event log errors: =============================== Application errors: ================== Error: (12/27/2012 00:03:51 PM) (Source: Chrome) (User: NT AUTHORITY) Description: Chrome has encountered a fatal error. ver=23.0.1271.97;lang=;ID=;is_machine=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\b1ae483f-1876-45fb-9c1f-a10fe92f4d1a.dmp Error: (12/27/2012 10:08:41 AM) (Source: Perflib) (User: ) Description: PolicyAgent4 Error: (12/27/2012 10:08:41 AM) (Source: Perflib) (User: ) Description: PNRPsvcC:\Windows\system32\pnrpperf.dll4 Error: (12/27/2012 10:08:40 AM) (Source: Perflib) (User: ) Description: EmdCache4 Error: (12/26/2012 07:45:13 PM) (Source: System Restore) (User: ) Description: Failed to create restore point on volume (Process = C:\Windows\system32\svchost.exe -k netsvcs; Descripton = Windows Update; Hr = 0x81000101). Error: (12/26/2012 07:42:50 PM) (Source: SideBySide) (User: ) Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest. Error: (12/26/2012 07:42:32 PM) (Source: SideBySide) (User: ) Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest. Error: (12/26/2012 07:42:32 PM) (Source: SideBySide) (User: ) Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest. Error: (12/26/2012 07:42:00 PM) (Source: SideBySide) (User: ) Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest. Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest. Error: (12/26/2012 07:41:59 PM) (Source: SideBySide) (User: ) Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest. System errors: ============= Error: (12/27/2012 00:14:15 PM) (Source: Dhcp) (User: ) Description: The IP address lease 192.168.2.2 for the Network Card with network address 002268079185 has been denied by the DHCP server 192.168.2.1 (The DHCP Server sent a DHCPNACK message). Error: (12/24/2012 08:57:07 PM) (Source: Service Control Manager) (User: ) Description: Windows Modules Installer%%1053 Error: (12/24/2012 08:57:07 PM) (Source: Service Control Manager) (User: ) Description: 30000Windows Modules Installer Error: (12/24/2012 08:57:07 PM) (Source: DCOM) (User: ) Description: 1053TrustedInstaller{752073A1-23F2-4396-85F0-8FDB879ED0ED} Error: (12/24/2012 08:51:12 PM) (Source: Service Control Manager) (User: ) Description: Beep Error: (12/24/2012 08:51:12 PM) (Source: Service Control Manager) (User: ) Description: LogMeIn Kernel Information Provider%%3 Error: (12/24/2012 08:51:12 PM) (Source: Service Control Manager) (User: ) Description: int15%%31 Error: (12/24/2012 08:51:12 PM) (Source: Service Control Manager) (User: ) Description: Intel(R) PRO/1000 NDIS 6 Adapter Driver%%1058 Error: (12/24/2012 08:48:12 PM) (Source: DCOM) (User: ) Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} Error: (12/24/2012 04:23:41 PM) (Source: Service Control Manager) (User: ) Description: PEVSystemStart Microsoft Office Sessions: ========================= Error: (02/17/2011 08:26:12 PM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 7680 seconds with 720 seconds of active time. This session ended with a crash. CodeIntegrity Errors: =================================== Date: 2012-12-18 17:27:07.621 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\yk60x64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is SIGNED incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2012-12-18 17:27:06.190 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\yk60x64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2012-12-18 17:26:58.125 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\yk60x64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2012-12-18 17:26:56.799 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\yk60x64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2012-12-18 17:26:29.499 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\yk60x64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2012-12-18 17:26:28.220 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\yk60x64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2012-12-18 10:25:18.018 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\yk60x64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2012-12-18 10:25:16.457 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\yk60x64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2012-12-18 10:19:41.643 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\yk60x64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2012-12-18 10:19:40.052 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\yk60x64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ========================= Memory info: =================================== Percentage of memory in use: 80% Total physical RAM: 7934.27 MB Available physical RAM: 1582.62 MB Total Pagefile: 16081.03 MB Available Pagefile: 10192.64 MB Total Virtual: 4095.88 MB Available Virtual: 3993.61 MB ========================= Partitions: ===================================== 1 Drive c: (OS) (Fixed) (Total:688.87 GB) (Free:363.09 GB) NTFS 2 Drive d: () (Fixed) (Total:111.78 GB) (Free:22.59 GB) NTFS 10 Drive l: (Old C Drive) (Fixed) (Total:232.88 GB) (Free:165.37 GB) NTFS ========================= Users: ======================================== User accounts for \\DOUG-PC __vmware_user__ Administrator doug Guest ZendUser **** End of log **** The connection looks ok.
19:29:56.0491 5172 ============================================================ 19:29:56.0491 5172 Current date / time: 2012/12/27 19:29:56.0491 19:29:56.0491 5172 SystemInfo: 19:29:56.0491 5172 19:29:56.0491 5172 OS Version: 6.0.6002 ServicePack: 2.0 19:29:56.0491 5172 Product type: Workstation 19:29:56.0491 5172 ComputerName: DOUG-PC 19:29:56.0492 5172 UserName: doug 19:29:56.0492 5172 Windows directory: C:\Windows 19:29:56.0492 5172 System windows directory: C:\Windows 19:29:56.0492 5172 Running under WOW64 19:29:56.0492 5172 Processor architecture: Intel x64 19:29:56.0492 5172 NUMBER of processors: 4 19:29:56.0492 5172 Page size: 0x1000 19:29:56.0492 5172 Boot type: Normal boot 19:29:56.0492 5172 ============================================================ 19:29:58.0703 5172 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 19:30:03.0797 5172 Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 19:30:07.0937 5172 Drive \Device\Harddisk2\DR2 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 19:30:08.0101 5172 ============================================================ 19:30:08.0101 5172 \Device\Harddisk0\DR0: 19:30:08.0101 5172 MBR partitions: 19:30:08.0101 5172 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1389000, BlocksNum 0x561BC800 19:30:08.0101 5172 \Device\Harddisk1\DR1: 19:30:08.0103 5172 MBR partitions: 19:30:08.0103 5172 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1D1C4800 19:30:08.0103 5172 \Device\Harddisk2\DR2: 19:30:08.0103 5172 MBR partitions: 19:30:08.0103 5172 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xDF8F8C1 19:30:08.0103 5172 ============================================================ 19:30:08.0104 5172 C: <-> \Device\Harddisk0\DR0\Partition1 19:30:08.0167 5172 D: <-> \Device\Harddisk2\DR2\Partition1 19:30:08.0221 5172 L: <-> \Device\Harddisk1\DR1\Partition1 19:30:08.0221 5172 ============================================================ 19:30:08.0221 5172 Initialize success 19:30:08.0221 5172 ============================================================ 19:30:22.0169 0736 ============================================================ 19:30:22.0169 0736 Scan started 19:30:22.0169 0736 Mode: Manual; 19:30:22.0169 0736 ============================================================ 19:30:22.0543 0736 ================ Scan system memory ======================== 19:30:22.0543 0736 System memory - ok 19:30:22.0544 0736 ================ Scan services ============================= 19:30:22.0734 0736 [ 1965AAFFAB07E3FB03C77F81BEBA3547 ] ACPI C:\Windows\system32\drivers\acpi.sys 19:30:22.0740 0736 ACPI - ok 19:30:22.0797 0736 [ 2F0683FD2DF1D92E891CACA14B45A8C1 ] adfs C:\Windows\system32\drivers\adfs.sys 19:30:22.0799 0736 adfs - ok 19:30:22.0935 0736 [ 3FD8DC2C9735C2AA70155102CFB93EDA ] AdobeActiveFileMonitor7.0 C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe 19:30:22.0939 0736 AdobeActiveFileMonitor7.0 - ok 19:30:23.0077 0736 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 19:30:23.0079 0736 AdobeARMservice - ok 19:30:23.0229 0736 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 19:30:23.0234 0736 AdobeFlashPlayerUpdateSvc - ok 19:30:23.0279 0736 [ F14215E37CF124104575073F782111D2 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 19:30:23.0288 0736 adp94xx - ok 19:30:23.0310 0736 [ 7D05A75E3066861A6610F7EE04FF085C ] adpahci C:\Windows\system32\drivers\adpahci.sys 19:30:23.0317 0736 adpahci - ok 19:30:23.0326 0736 [ 820A201FE08A0C345B3BEDBC30E1A77C ] adpu160m C:\Windows\system32\drivers\adpu160m.sys 19:30:23.0329 0736 adpu160m - ok 19:30:23.0344 0736 [ 9B4AB6854559DC168FBB4C24FC52E794 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 19:30:23.0348 0736 adpu320 - ok 19:30:23.0405 0736 [ 0F421175574BFE0BF2F4D8E910A253BB ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 19:30:23.0406 0736 AeLookupSvc - ok 19:30:23.0471 0736 [ C4F6CE6087760AD70960C9EB130E7943 ] AFD C:\Windows\system32\drivers\afd.sys 19:30:23.0478 0736 AFD - ok 19:30:23.0525 0736 [ F6F6793B7F17B550ECFDBD3B229173F7 ] agp440 C:\Windows\system32\drivers\agp440.sys 19:30:23.0527 0736 agp440 - ok 19:30:23.0577 0736 [ 222CB641B4B8A1D1126F8033F9FD6A00 ] aic78xx C:\Windows\system32\drivers\djsvs.sys 19:30:23.0580 0736 aic78xx - ok 19:30:23.0609 0736 [ 5922F4F59B7868F3D74BBBBEB7B825A3 ] ALG C:\Windows\System32\alg.exe 19:30:23.0612 0736 ALG - ok 19:30:23.0645 0736 [ 157D0898D4B73F075CE9FA26B482DF98 ] aliide C:\Windows\system32\drivers\aliide.sys 19:30:23.0646 0736 aliide - ok 19:30:23.0702 0736 [ A359974EAAC83A435497C52F62A2E590 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe 19:30:23.0707 0736 AMD External Events Utility - ok 19:30:23.0868 0736 AMD FUEL Service - ok 19:30:23.0896 0736 [ 970FA5059E61E30D25307B99903E991E ] amdide C:\Windows\system32\drivers\amdide.sys 19:30:23.0898 0736 amdide - ok 19:30:23.0948 0736 [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys 19:30:23.0950 0736 amdiox64 - ok 19:30:23.0960 0736 [ CDC3632A3A5EA4DBB83E46076A3165A1 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 19:30:23.0963 0736 AmdK8 - ok 19:30:24.0183 0736 [ 60216B0E704584DE6D5A9F59E9C34C47 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys 19:30:24.0321 0736 amdkmdag - ok 19:30:24.0347 0736 [ 6B4E9261B613B047A9A145F328889968 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys 19:30:24.0353 0736 amdkmdap - ok 19:30:24.0398 0736 [ 5B25D1A753CC3A3EDB909BB759AC1098 ] AODDriver4.1 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys 19:30:24.0400 0736 AODDriver4.1 - ok 19:30:24.0446 0736 [ 9C37B3FD5615477CB9A0CD116CF43F5C ] Appinfo C:\Windows\System32\appinfo.dll 19:30:24.0448 0736 Appinfo - ok 19:30:24.0525 0736 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 19:30:24.0527 0736 Apple Mobile Device - ok 19:30:24.0572 0736 [ BA8417D4765F3988FF921F30F630E303 ] arc C:\Windows\system32\drivers\arc.sys 19:30:24.0574 0736 arc - ok 19:30:24.0602 0736 [ 9D41C435619733B34CC16A511E644B11 ] arcsas C:\Windows\system32\drivers\arcsas.sys 19:30:24.0604 0736 arcsas - ok 19:30:24.0655 0736 [ 22D13FF3DAFEC2A80634752B1EAA2DE6 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 19:30:24.0656 0736 AsyncMac - ok 19:30:24.0692 0736 [ E68D9B3A3905619732F7FE039466A623 ] atapi C:\Windows\system32\drivers\atapi.sys 19:30:24.0693 0736 atapi - ok 19:30:24.0834 0736 [ 60216B0E704584DE6D5A9F59E9C34C47 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys 19:30:24.0909 0736 atikmdag - ok 19:30:24.0966 0736 [ DB0D3DE15EDC96E7529FC0D3F7760894 ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys 19:30:24.0967 0736 AtiPcie - ok 19:30:25.0018 0736 [ 79318C744693EC983D20E9337A2F8196 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 19:30:25.0026 0736 AudioEndpointBuilder - ok 19:30:25.0037 0736 [ 79318C744693EC983D20E9337A2F8196 ] AudioSrv C:\Windows\System32\Audiosrv.dll 19:30:25.0042 0736 AudioSrv - ok 19:30:25.0106 0736 [ 5E76DEBBA4311AC1C44DE83D59A9584E ] AVer88xHD C:\Windows\system32\drivers\AVer88xHD64.sys 19:30:25.0114 0736 AVer88xHD - ok 19:30:25.0243 0736 [ 2ED050291BC1D7F9E322E328DB3AAECF ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE 19:30:25.0247 0736 BBSvc - ok 19:30:25.0299 0736 [ 785DE7ABDA13309D6065305542829E76 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE 19:30:25.0304 0736 BBUpdate - ok 19:30:25.0328 0736 Beep - ok 19:30:25.0387 0736 [ FFB96C2589FFA60473EAD78B39FBDE29 ] BFE C:\Windows\System32\bfe.dll 19:30:25.0394 0736 BFE - ok 19:30:25.0447 0736 [ 6D316F4859634071CC25C4FD4589AD2C ] BITS C:\Windows\system32\qmgr.dll 19:30:25.0466 0736 BITS - ok 19:30:25.0495 0736 [ 79FEEB40056683F8F61398D81DDA65D2 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys 19:30:25.0497 0736 blbdrive - ok 19:30:25.0549 0736 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 19:30:25.0558 0736 Bonjour Service - ok 19:30:25.0602 0736 [ 2348447A80920B2493A9B582A23E81E1 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 19:30:25.0605 0736 bowser - ok 19:30:25.0664 0736 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys 19:30:25.0665 0736 BrFiltLo - ok 19:30:25.0712 0736 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys 19:30:25.0714 0736 BrFiltUp - ok 19:30:25.0927 0736 [ A61D617F37456D9D32F98BF70EB5D414 ] BrlAPI C:\cygwin\bin\cygrunsrv.exe 19:30:26.0057 0736 BrlAPI - ok 19:30:26.0097 0736 [ A1B39DE453433B115B4EA69EE0343816 ] Browser C:\Windows\System32\browser.dll 19:30:26.0099 0736 Browser - ok 19:30:26.0144 0736 [ F0F0BA4D815BE446AA6A4583CA3BCA9B ] Brserid C:\Windows\system32\drivers\brserid.sys 19:30:26.0147 0736 Brserid - ok 19:30:26.0156 0736 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys 19:30:26.0159 0736 BrSerWdm - ok 19:30:26.0176 0736 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys 19:30:26.0178 0736 BrUsbMdm - ok 19:30:26.0197 0736 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys 19:30:26.0199 0736 BrUsbSer - ok 19:30:26.0209 0736 [ E0777B34E05F8A82A21856EFC900C29F ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys 19:30:26.0211 0736 BTHMODEM - ok 19:30:26.0273 0736 [ 551BE1536B27DC056EA4D48275EFB089 ] CAXHWBS2 C:\Windows\system32\DRIVERS\CAXHWBS2.sys 19:30:26.0280 0736 CAXHWBS2 - ok 19:30:26.0299 0736 [ B4D787DB8D30793A4D4DF9FEED18F136 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 19:30:26.0301 0736 cdfs - ok 19:30:26.0329 0736 [ C025AA69BE3D0D25C7A2E746EF6F94FC ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 19:30:26.0331 0736 cdrom - ok 19:30:26.0364 0736 [ 5A268127633C7EE2A7FB87F39D748D56 ] CertPropSvc C:\Windows\System32\certprop.dll 19:30:26.0366 0736 CertPropSvc - ok 19:30:26.0397 0736 [ 02EA568D498BBDD4BA55BF3FCE34D456 ] circlass C:\Windows\system32\DRIVERS\circlass.sys 19:30:26.0399 0736 circlass - ok 19:30:26.0446 0736 [ 3DCA9A18B204939CFB24BEA53E31EB48 ] CLFS C:\Windows\system32\CLFS.sys 19:30:26.0454 0736 CLFS - ok 19:30:26.0555 0736 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 19:30:26.0558 0736 clr_optimization_v2.0.50727_32 - ok 19:30:26.0649 0736 [ CE07A466201096F021CD09D631B21540 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 19:30:26.0651 0736 clr_optimization_v2.0.50727_64 - ok 19:30:26.0762 0736 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 19:30:26.0765 0736 clr_optimization_v4.0.30319_32 - ok 19:30:26.0841 0736 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 19:30:26.0845 0736 clr_optimization_v4.0.30319_64 - ok 19:30:26.0885 0736 [ E5D5499A1C50A54B5161296B6AFE6192 ] cmdide C:\Windows\system32\drivers\cmdide.sys 19:30:26.0887 0736 cmdide - ok 19:30:26.0904 0736 [ 7FB8AD01DB0EABE60C8A861531A8F431 ] Compbatt C:\Windows\system32\drivers\compbatt.sys 19:30:26.0906 0736 Compbatt - ok 19:30:26.0916 0736 COMSysApp - ok 19:30:26.0970 0736 [ C08063F052308B6F5882482615387F30 ] cpuz135 C:\Windows\system32\drivers\cpuz135_x64.sys 19:30:26.0972 0736 cpuz135 - ok 19:30:26.0993 0736 [ A8585B6412253803CE8EFCBD6D6DC15C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 19:30:26.0996 0736 crcdisk - ok 19:30:27.0038 0736 [ CA78B312C44E4D52E842C2C8BD48E452 ] CryptSvc C:\Windows\system32\cryptsvc.dll 19:30:27.0042 0736 CryptSvc - ok 19:30:27.0185 0736 [ A61D617F37456D9D32F98BF70EB5D414 ] cygserver C:\cygwin\bin\cygrunsrv.exe 19:30:27.0187 0736 cygserver - ok 19:30:27.0272 0736 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] DcomLaunch C:\Windows\system32\rpcss.dll 19:30:27.0295 0736 DcomLaunch - ok 19:30:27.0334 0736 [ 8B722BA35205C71E7951CDC4CDBADE19 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 19:30:27.0337 0736 DfsC - ok 19:30:27.0596 0736 [ C647F468F7DE343DF8C143655C5557D4 ] DFSR C:\Windows\system32\DFSR.exe 19:30:27.0647 0736 DFSR - ok 19:30:27.0710 0736 [ 3ED0321127CE70ACDAABBF77E157C2A7 ] Dhcp C:\Windows\System32\dhcpcsvc.dll 19:30:27.0713 0736 Dhcp - ok 19:30:27.0764 0736 [ B0107E40ECDB5FA692EBF832F295D905 ] disk C:\Windows\system32\drivers\disk.sys 19:30:27.0766 0736 disk - ok 19:30:27.0853 0736 [ 06230F1B721494A6DF8D47FD395BB1B0 ] Dnscache C:\Windows\System32\dnsrslvr.dll 19:30:27.0856 0736 Dnscache - ok 19:30:27.0913 0736 [ 1A7156DD1E850E9914E5E991E3225B94 ] dot3svc C:\Windows\System32\dot3svc.dll 19:30:27.0918 0736 dot3svc - ok 19:30:27.0961 0736 [ 1583B39790DB3EAEC7EDB0CB0140C708 ] DPS C:\Windows\system32\dps.dll 19:30:27.0965 0736 DPS - ok 19:30:28.0031 0736 [ F1A78A98CFC2EE02144C6BEC945447E6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 19:30:28.0032 0736 drmkaud - ok 19:30:28.0106 0736 [ B8E554E502D5123BC111F99D6A2181B4 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 19:30:28.0119 0736 DXGKrnl - ok 19:30:28.0151 0736 [ 264CEE7B031A9D6C827F3D0CB031F2FE ] E1G60 C:\Windows\system32\DRIVERS\E1G6032E.sys 19:30:28.0155 0736 E1G60 - ok 19:30:28.0174 0736 [ C2303883FD9BE49DC36A6400643002EA ] EapHost C:\Windows\System32\eapsvc.dll 19:30:28.0176 0736 EapHost - ok 19:30:28.0234 0736 [ 5F94962BE5A62DB6E447FF6470C4F48A ] Ecache C:\Windows\system32\drivers\ecache.sys 19:30:28.0238 0736 Ecache - ok 19:30:28.0384 0736 [ 14CE384D2E27B64C256BDA4DC39C312D ] ehRecvr C:\Windows\ehome\ehRecvr.exe 19:30:28.0397 0736 ehRecvr - ok 19:30:28.0421 0736 [ B93159C1313D66FDFBBE876F5189CD52 ] ehSched C:\Windows\ehome\ehsched.exe 19:30:28.0424 0736 ehSched - ok 19:30:28.0463 0736 [ F5EE2527D74449868E3C3227A59BCD28 ] ehstart C:\Windows\ehome\ehstart.dll 19:30:28.0465 0736 ehstart - ok 19:30:28.0501 0736 [ C4636D6E10469404AB5308D9FD45ED07 ] elxstor C:\Windows\system32\drivers\elxstor.sys 19:30:28.0508 0736 elxstor - ok 19:30:28.0620 0736 [ A9B18B63A4FD6BAAB83326706D857FAB ] EMDMgmt C:\Windows\system32\emdmgmt.dll 19:30:28.0628 0736 EMDMgmt - ok 19:30:28.0679 0736 [ BC3A58E938BB277E46BF4B3003B01ABD ] ErrDev C:\Windows\system32\drivers\errdev.sys 19:30:28.0681 0736 ErrDev - ok 19:30:28.0808 0736 [ 4D06D9A26227AC485305133916888DF1 ] ETService C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe 19:30:28.0809 0736 ETService - ok 19:30:28.0951 0736 [ E12F22B73F153DECE721CD45EC05B4AF ] EventSystem C:\Windows\system32\es.dll 19:30:28.0987 0736 EventSystem - ok 19:30:29.0012 0736 [ 486844F47B6636044A42454614ED4523 ] exfat C:\Windows\system32\drivers\exfat.sys 19:30:29.0016 0736 exfat - ok 19:30:29.0064 0736 [ 1A4BEE34277784619DDAF0422C0C6E23 ] fastfat C:\Windows\system32\drivers\fastfat.sys 19:30:29.0085 0736 fastfat - ok 19:30:29.0132 0736 [ 81B79B6DF71FA1D2C6D688D830616E39 ] fdc C:\Windows\system32\DRIVERS\fdc.sys 19:30:29.0133 0736 fdc - ok 19:30:29.0171 0736 [ BB9267ACACD8B7533DD936C34A0CBA5E ] fdPHost C:\Windows\system32\fdPHost.dll 19:30:29.0173 0736 fdPHost - ok 19:30:29.0187 0736 [ 300C80931EABBE1DB7591C516EFE8D0F ] FDResPub C:\Windows\system32\fdrespub.dll 19:30:29.0190 0736 FDResPub - ok 19:30:29.0206 0736 [ 457B7D1D533E4BD62A99AED9C7BB4C59 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 19:30:29.0208 0736 FileInfo - ok 19:30:29.0216 0736 [ D421327FD6EFCCAF884A54C58E1B0D7F ] Filetrace C:\Windows\system32\drivers\filetrace.sys 19:30:29.0218 0736 Filetrace - ok 19:30:29.0391 0736 [ 1F63900E2EB00101B9ACA2B7A870704E ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe 19:30:29.0402 0736 FLEXnet Licensing Service - ok 19:30:29.0429 0736 [ 230923EA2B80F79B0F88D90F87B87EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys 19:30:29.0430 0736 flpydisk - ok 19:30:29.0488 0736 [ E3041BC26D6930D61F42AEDB79C91720 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 19:30:29.0494 0736 FltMgr - ok 19:30:29.0578 0736 [ BE1C5BD1CA7ED015BC6FA1AE67E592C8 ] FontCache C:\Windows\system32\FntCache.dll 19:30:29.0596 0736 FontCache - ok 19:30:29.0693 0736 [ BC5B0BE5AF3510B0FD8C140EE42C6D3E ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 19:30:29.0695 0736 FontCache3.0.0.0 - ok 19:30:29.0732 0736 [ 5779B86CD8B32519FBECB136394D946A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 19:30:29.0734 0736 Fs_Rec - ok 19:30:29.0768 0736 [ C8E416668D3DC2BE3D4FE4C79224997F ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 19:30:29.0771 0736 gagp30kx - ok 19:30:29.0843 0736 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 19:30:29.0845 0736 GEARAspiWDM - ok 19:30:29.0892 0736 [ A0E1B575BA8F504968CD40C0FAEB2384 ] gpsvc C:\Windows\System32\gpsvc.dll 19:30:29.0904 0736 gpsvc - ok 19:30:29.0994 0736 [ 626A24ED1228580B9518C01930936DF9 ] gupdate1c9619c54e0d3d C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 19:30:29.0996 0736 gupdate1c9619c54e0d3d - ok 19:30:30.0005 0736 [ 626A24ED1228580B9518C01930936DF9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 19:30:30.0007 0736 gupdatem - ok 19:30:30.0049 0736 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe 19:30:30.0052 0736 gusvc - ok 19:30:30.0100 0736 [ 8895D459BF7A26445ACD8512CBAE1679 ] hcmon C:\Windows\system32\drivers\hcmon.sys 19:30:30.0102 0736 hcmon - ok 19:30:30.0180 0736 [ 68E732382B32417FF61FD663259B4B09 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 19:30:30.0186 0736 HdAudAddService - ok 19:30:30.0263 0736 [ F942C5820205F2FB453243EDFEC82A3D ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 19:30:30.0279 0736 HDAudBus - ok 19:30:30.0315 0736 [ B4881C84A180E75B8C25DC1D726C375F ] HidBth C:\Windows\system32\drivers\hidbth.sys 19:30:30.0340 0736 HidBth - ok 19:30:30.0361 0736 [ 5F47839455D01FF6403B008D481A6F5B ] HidIr C:\Windows\system32\DRIVERS\hidir.sys 19:30:30.0364 0736 HidIr - ok 19:30:30.0424 0736 [ 59361D38A297755D46A540E450202B2A ] hidserv C:\Windows\System32\hidserv.dll 19:30:30.0426 0736 hidserv - ok 19:30:30.0467 0736 [ 443BDD2D30BB4F00795C797E2CF99EDF ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 19:30:30.0468 0736 HidUsb - ok 19:30:30.0494 0736 [ B12F367EA39C0795FD57E31242CE1A5A ] hkmsvc C:\Windows\system32\kmsvc.dll 19:30:30.0497 0736 hkmsvc - ok 19:30:30.0536 0736 [ D7109A1E6BD2DFDBCBA72A6BC626A13B ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys 19:30:30.0538 0736 HpCISSs - ok 19:30:30.0613 0736 [ 9C369CBC5F19DA9968223197B5205F68 ] HSF_DPV C:\Windows\system32\DRIVERS\CAX_DPV.sys 19:30:30.0636 0736 HSF_DPV - ok 19:30:30.0684 0736 [ 098F1E4E5C9CB5B0063A959063631610 ] HTTP C:\Windows\system32\drivers\HTTP.sys 19:30:30.0694 0736 HTTP - ok 19:30:30.0705 0736 [ DA94C854CEA5FAC549D4E1F6E88349E8 ] i2omp C:\Windows\system32\drivers\i2omp.sys 19:30:30.0707 0736 i2omp - ok 19:30:30.0745 0736 [ CBB597659A2713CE0C9CC20C88C7591F ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 19:30:30.0747 0736 i8042prt - ok 19:30:30.0779 0736 [ 3E3BF3627D886736D0B4E90054F929F6 ] iaStorV C:\Windows\system32\drivers\iastorv.sys 19:30:30.0785 0736 iaStorV - ok 19:30:30.0961 0736 [ 749F5F8CEDCA70F2A512945325FC489D ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 19:30:30.0975 0736 idsvc - ok 19:30:30.0984 0736 [ 8C3951AD2FE886EF76C7B5027C3125D3 ] iirsp C:\Windows\system32\drivers\iirsp.sys 19:30:30.0987 0736 iirsp - ok 19:30:31.0043 0736 [ 0C9EA6E654E7B0471741E343A6C671AF ] IKEEXT C:\Windows\System32\ikeext.dll 19:30:31.0052 0736 IKEEXT - ok 19:30:31.0132 0736 [ 8C7FA71CB1EBCD3EDE8958D27B1BF0B4 ] int15 C:\Windows\SysWOW64\drivers\int15_64.sys 19:30:31.0134 0736 int15 - ok 19:30:31.0142 0736 IntcAzAudAddService - ok 19:30:31.0152 0736 [ DF797A12176F11B2D301C5B234BB200E ] intelide C:\Windows\system32\drivers\intelide.sys 19:30:31.0154 0736 intelide - ok 19:30:31.0162 0736 [ BFD84AF32FA1BAD6231C4585CB469630 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 19:30:31.0164 0736 intelppm - ok 19:30:31.0190 0736 [ 5624BC1BC5EEB49C0AB76A8114F05EA3 ] IPBusEnum C:\Windows\system32\ipbusenum.dll 19:30:31.0209 0736 IPBusEnum - ok 19:30:31.0258 0736 [ D8AABC341311E4780D6FCE8C73C0AD81 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 19:30:31.0284 0736 IpFilterDriver - ok 19:30:31.0334 0736 [ BF0DBFA9792C5C14FA00F61C75116C1B ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 19:30:31.0339 0736 iphlpsvc - ok 19:30:31.0347 0736 IpInIp - ok 19:30:31.0403 0736 [ 9C2EE2E6E5A7203BFAE15C299475EC67 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys 19:30:31.0405 0736 IPMIDRV - ok 19:30:31.0419 0736 [ B7E6212F581EA5F6AB0C3A6CEEEB89BE ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys 19:30:31.0421 0736 IPNAT - ok 19:30:31.0590 0736 [ 0F261EC4F514926177C70C1832374231 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 19:30:31.0601 0736 iPod Service - ok 19:30:31.0609 0736 [ 8C42CA155343A2F11D29FECA67FAA88D ] IRENUM C:\Windows\system32\drivers\irenum.sys 19:30:31.0610 0736 IRENUM - ok 19:30:31.0633 0736 [ 0672BFCEDC6FC468A2B0500D81437F4F ] isapnp C:\Windows\system32\drivers\isapnp.sys 19:30:31.0635 0736 isapnp - ok 19:30:31.0712 0736 [ E4FDF99599F27EC25D2CF6D754243520 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys 19:30:31.0716 0736 iScsiPrt - ok 19:30:31.0725 0736 [ 63C766CDC609FF8206CB447A65ABBA4A ] iteatapi C:\Windows\system32\drivers\iteatapi.sys 19:30:31.0727 0736 iteatapi - ok 19:30:31.0735 0736 [ 1281FE73B17664631D12F643CBEA3F59 ] iteraid C:\Windows\system32\drivers\iteraid.sys 19:30:31.0737 0736 iteraid - ok 19:30:31.0761 0736 [ 423696F3BA6472DD17699209B933BC26 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 19:30:31.0763 0736 kbdclass - ok 19:30:31.0803 0736 [ DBDF75D51464FBC47D0104EC3D572C05 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 19:30:31.0805 0736 kbdhid - ok 19:30:31.0844 0736 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] KeyIso C:\Windows\system32\lsass.exe 19:30:31.0846 0736 KeyIso - ok 19:30:31.0922 0736 [ 88956AD9FA510848AD176777A6C6C1F5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 19:30:31.0939 0736 KSecDD - ok 19:30:32.0026 0736 [ 1D419CF43DB29396ECD7113D129D94EB ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 19:30:32.0027 0736 ksthunk - ok 19:30:32.0085 0736 [ 1FAF6926F3416D3DA05C5B265491BDAE ] KtmRm C:\Windows\system32\msdtckrm.dll 19:30:32.0093 0736 KtmRm - ok 19:30:32.0138 0736 [ 50C7A3CB427E9BB5ED0708A669956AB5 ] LanmanServer C:\Windows\System32\srvsvc.dll 19:30:32.0143 0736 LanmanServer - ok 19:30:32.0172 0736 [ CAF86FC1388BE1E470F1A7B43E348ADB ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 19:30:32.0178 0736 LanmanWorkstation - ok 19:30:32.0228 0736 [ 3C46290F7A5D45BA6EF32C248E22AA69 ] Lbd C:\Windows\system32\DRIVERS\Lbd.sys 19:30:32.0230 0736 Lbd - ok 19:30:32.0252 0736 [ 96ECE2659B6654C10A0C310AE3A6D02C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 19:30:32.0254 0736 lltdio - ok 19:30:32.0277 0736 [ 961CCBD0B1CCB5675D64976FAE37D092 ] lltdsvc C:\Windows\System32\lltdsvc.dll 19:30:32.0283 0736 lltdsvc - ok 19:30:32.0297 0736 [ A47F8080CACC23C91FE823AD19AA5612 ] lmhosts C:\Windows\System32\lmhsvc.dll 19:30:32.0299 0736 lmhosts - ok 19:30:32.0305 0736 LMIInfo - ok 19:30:32.0357 0736 [ 413ECDCFAD9A82804D3674C8D7EEC24E ] lmimirr C:\Windows\system32\DRIVERS\lmimirr.sys 19:30:32.0359 0736 lmimirr - ok 19:30:32.0382 0736 LMIRfsClientNP - ok 19:30:32.0406 0736 [ C57D3FAA50E6F395759FFB7C709BD944 ] LMIRfsDriver C:\Windows\system32\drivers\LMIRfsDriver.sys 19:30:32.0409 0736 LMIRfsDriver - ok 19:30:32.0449 0736 [ ACBE1AF32D3123E330A07BFBC5EC4A9B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 19:30:32.0453 0736 LSI_FC - ok 19:30:32.0466 0736 [ 799FFB2FC4729FA46D2157C0065B3525 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 19:30:32.0469 0736 LSI_SAS - ok 19:30:32.0478 0736 [ F445FF1DAAD8A226366BFAF42551226B ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 19:30:32.0482 0736 LSI_SCSI - ok 19:30:32.0515 0736 [ 52F87B9CC8932C2A7375C3B2A9BE5E3E ] luafv C:\Windows\system32\drivers\luafv.sys 19:30:32.0517 0736 luafv - ok 19:30:32.0678 0736 [ 5747BC465ABEA2858C5D037252AED84E ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys 19:30:32.0772 0736 LVUVC64 - ok 19:30:32.0859 0736 [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys 19:30:32.0860 0736 MBAMProtector - ok 19:30:32.0900 0736 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe 19:30:32.0907 0736 MBAMScheduler - ok 19:30:32.0944 0736 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 19:30:32.0956 0736 MBAMService - ok 19:30:33.0016 0736 [ 79D51E7F5926E8CE1B3EBECEBAE28CFF ] mcdbus C:\Windows\system32\DRIVERS\mcdbus.sys 19:30:33.0070 0736 mcdbus - ok 19:30:33.0113 0736 [ 76A58DF02BD4EA29F189B82D0BEF17F8 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 19:30:33.0116 0736 Mcx2Svc - ok 19:30:33.0141 0736 [ E4F44EC214B3E381E1FC844A02926666 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys 19:30:33.0143 0736 mdmxsdk - ok 19:30:33.0167 0736 [ 5C5CD6AACED32FB26C3FB34B3DCF972F ] megasas C:\Windows\system32\drivers\megasas.sys 19:30:33.0169 0736 megasas - ok 19:30:33.0206 0736 [ 859BC2436B076C77C159ED694ACFE8F8 ] MegaSR C:\Windows\system32\drivers\megasr.sys 19:30:33.0214 0736 MegaSR - ok 19:30:33.0295 0736 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe 19:30:33.0298 0736 Microsoft Office Groove Audit Service - ok 19:30:33.0315 0736 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] MMCSS C:\Windows\system32\mmcss.dll 19:30:33.0317 0736 MMCSS - ok 19:30:33.0332 0736 [ 59848D5CC74606F0EE7557983BB73C2E ] Modem C:\Windows\system32\drivers\modem.sys 19:30:33.0334 0736 Modem - ok 19:30:33.0364 0736 [ C247CC2A57E0A0C8C6DCCF7807B3E9E5 ] monitor C:\Windows\system32\DRIVERS\monitor.sys 19:30:33.0365 0736 monitor - ok 19:30:33.0381 0736 [ 9367304E5E412B120CF5F4EA14E4E4F1 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 19:30:33.0384 0736 mouclass - ok 19:30:33.0399 0736 [ C2C2BD5C5CE5AAF786DDD74B75D2AC69 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 19:30:33.0400 0736 mouhid - ok 19:30:33.0415 0736 [ 11BC9B1E8801B01F7F6ADB9EAD30019B ] MountMgr C:\Windows\system32\drivers\mountmgr.sys 19:30:33.0418 0736 MountMgr - ok 19:30:33.0462 0736 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 19:30:33.0465 0736 MozillaMaintenance - ok 19:30:33.0528 0736 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys 19:30:33.0532 0736 MpFilter - ok 19:30:33.0563 0736 [ F8276EB8698142884498A528DFEA8478 ] mpio C:\Windows\system32\drivers\mpio.sys 19:30:33.0567 0736 mpio - ok 19:30:33.0594 0736 [ C92B9ABDB65A5991E00C28F13491DBA2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 19:30:33.0597 0736 mpsdrv - ok 19:30:33.0643 0736 [ 897E3BAF68BA406A61682AE39C83900C ] MpsSvc C:\Windows\system32\mpssvc.dll 19:30:33.0653 0736 MpsSvc - ok 19:30:33.0663 0736 [ 3C200630A89EF2C0864D515B7A75802E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys 19:30:33.0666 0736 Mraid35x - ok 19:30:33.0699 0736 [ 7C1DE4AA96DC0C071611F9E7DE02A68D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 19:30:33.0702 0736 MRxDAV - ok 19:30:33.0757 0736 [ 1485811B320FF8C7EDAD1CAEBB1C6C2B ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 19:30:33.0760 0736 mrxsmb - ok 19:30:33.0813 0736 [ 3B929A60C833FC615FD97FBA82BC7632 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 19:30:33.0818 0736 mrxsmb10 - ok 19:30:33.0874 0736 [ C64AB3E1F53B4F5B5BB6D796B2D7BEC3 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 19:30:33.0876 0736 mrxsmb20 - ok 19:30:33.0897 0736 [ 1AC860612B85D8E85EE257D372E39F4D ] msahci C:\Windows\system32\drivers\msahci.sys 19:30:33.0899 0736 msahci - ok 19:30:33.0907 0736 [ 264BBB4AAF312A485F0E44B65A6B7202 ] msdsm C:\Windows\system32\drivers\msdsm.sys 19:30:33.0910 0736 msdsm - ok 19:30:33.0939 0736 [ 7EC02CE772F068ED0BEAFA3DA341A9BC ] MSDTC C:\Windows\System32\msdtc.exe 19:30:33.0943 0736 MSDTC - ok 19:30:33.0964 0736 [ 704F59BFC4512D2BB0146AEC31B10A7C ] Msfs C:\Windows\system32\drivers\Msfs.sys 19:30:33.0965 0736 Msfs - ok 19:30:34.0001 0736 [ 00EBC952961664780D43DCA157E79B27 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 19:30:34.0002 0736 msisadrv - ok 19:30:34.0024 0736 [ 366B0C1F4478B519C181E37D43DCDA32 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 19:30:34.0028 0736 MSiSCSI - ok 19:30:34.0035 0736 msiserver - ok 19:30:34.0075 0736 [ 0EA73E498F53B96D83DBFCA074AD4CF8 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 19:30:34.0076 0736 MSKSSRV - ok 19:30:34.0126 0736 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe 19:30:34.0128 0736 MsMpSvc - ok 19:30:34.0147 0736 [ 52E59B7E992A58E740AA63F57EDBAE8B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 19:30:34.0149 0736 MSPCLOCK - ok 19:30:34.0160 0736 [ 49084A75BAE043AE02D5B44D02991BB2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 19:30:34.0162 0736 MSPQM - ok 19:30:34.0194 0736 [ DC6CCF440CDEDE4293DB41C37A5060A5 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 19:30:34.0201 0736 MsRPC - ok 19:30:34.0238 0736 [ 855796E59DF77EA93AF46F20155BF55B ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys 19:30:34.0239 0736 mssmbios - ok 19:30:34.0329 0736 MSSQL$SQLEXPRESS - ok 19:30:34.0447 0736 [ F1761C8FB2B25A32C6D63E36BB88C3AE ] MSSQLServerADHelper100 c:\Program Files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE 19:30:34.0449 0736 MSSQLServerADHelper100 - ok 19:30:34.0467 0736 [ 86D632D75D05D5B7C7C043FA3564AE86 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 19:30:34.0470 0736 MSTEE - ok 19:30:34.0741 0736 [ CB4A082AF58D1A0969F931816D5CFB05 ] msvsmon90 C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe 19:30:34.0815 0736 msvsmon90 - ok 19:30:34.0862 0736 [ 0CC49F78D8ACA0877D885F149084E543 ] Mup C:\Windows\system32\Drivers\mup.sys 19:30:34.0865 0736 Mup - ok 19:30:34.0923 0736 [ A5B10C845E7538C60C0F5D87A57CB3F5 ] napagent C:\Windows\system32\qagentRT.dll 19:30:34.0931 0736 napagent - ok 19:30:34.0982 0736 [ 2007B826C4ACD94AE32232B41F0842B9 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 19:30:34.0986 0736 NativeWifiP - ok 19:30:35.0055 0736 [ 65950E07329FCEE8E6516B17C8D0ABB6 ] NDIS C:\Windows\system32\drivers\ndis.sys 19:30:35.0067 0736 NDIS - ok 19:30:35.0107 0736 [ 64DF698A425478E321981431AC171334 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 19:30:35.0108 0736 NdisTapi - ok 19:30:35.0120 0736 [ 8BAA43196D7B5BB972C9A6B2BBF61A19 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 19:30:35.0121 0736 Ndisuio - ok 19:30:35.0171 0736 [ F8158771905260982CE724076419EF19 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 19:30:35.0175 0736 NdisWan - ok 19:30:35.0210 0736 [ 9CB77ED7CB72850253E973A2D6AFDF49 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 19:30:35.0212 0736 NDProxy - ok 19:30:35.0230 0736 [ A499294F5029A7862ADC115BDA7371CE ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 19:30:35.0232 0736 NetBIOS - ok 19:30:35.0269 0736 [ FC2C792EBDDC8E28DF939D6A92C83D61 ] netbt C:\Windows\system32\DRIVERS\netbt.sys 19:30:35.0274 0736 netbt - ok 19:30:35.0302 0736 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] Netlogon C:\Windows\system32\lsass.exe 19:30:35.0303 0736 Netlogon - ok 19:30:35.0342 0736 [ 9B63B29DEFC0F3115A559D2597BF5D75 ] Netman C:\Windows\System32\netman.dll 19:30:35.0349 0736 Netman - ok 19:30:35.0365 0736 [ 7846D0136CC2B264926A73047BA7688A ] netprofm C:\Windows\System32\netprofm.dll 19:30:35.0372 0736 netprofm - ok 19:30:35.0403 0736 [ 74751DDA198165947FD7454D83F49825 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 19:30:35.0405 0736 NetTcpPortSharing - ok 19:30:35.0423 0736 [ 4AC08BD6AF2DF42E0C3196D826C8AEA7 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 19:30:35.0426 0736 nfrd960 - ok 19:30:35.0479 0736 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys 19:30:35.0482 0736 NisDrv - ok 19:30:35.0539 0736 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe 19:30:35.0546 0736 NisSrv - ok 19:30:35.0569 0736 [ F145BF4C4668E7E312069F81EF847CFC ] NlaSvc C:\Windows\System32\nlasvc.dll 19:30:35.0574 0736 NlaSvc - ok 19:30:35.0614 0736 [ B298874F8E0EA93F06EC40AA8D146478 ] Npfs C:\Windows\system32\drivers\Npfs.sys 19:30:35.0616 0736 Npfs - ok 19:30:35.0647 0736 [ ACB62BAA1C319B17752553DF3026EEEB ] nsi C:\Windows\system32\nsisvc.dll 19:30:35.0650 0736 nsi - ok 19:30:35.0660 0736 [ 1523AF19EE8B030BA682F7A53537EAEB ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 19:30:35.0662 0736 nsiproxy - ok 19:30:35.0734 0736 [ BAC869DFB98E499BA4D9BB1FB43270E1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 19:30:35.0758 0736 Ntfs - ok 19:30:35.0797 0736 [ DD5D684975352B85B52E3FD5347C20CB ] Null C:\Windows\system32\drivers\Null.sys 19:30:35.0798 0736 Null - ok 19:30:35.0850 0736 [ 2C040B7ADA5B06F6FACADAC8514AA034 ] nvraid C:\Windows\system32\drivers\nvraid.sys 19:30:35.0853 0736 nvraid - ok 19:30:35.0861 0736 [ F7EA0FE82842D05EDA3EFDD376DBFDBA ] nvstor C:\Windows\system32\drivers\nvstor.sys 19:30:35.0864 0736 nvstor - ok 19:30:35.0873 0736 [ 19067CA93075EF4823E3938A686F532F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 19:30:35.0877 0736 nv_agp - ok 19:30:35.0886 0736 NwlnkFlt - ok 19:30:35.0896 0736 NwlnkFwd - ok 19:30:35.0979 0736 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 19:30:35.0987 0736 odserv - ok 19:30:36.0034 0736 [ B5B1CE65AC15BBD11C0619E3EF7CFC28 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys 19:30:36.0036 0736 ohci1394 - ok 19:30:36.0088 0736 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 19:30:36.0091 0736 ose - ok 19:30:36.0150 0736 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2pimsvc C:\Windows\system32\p2psvc.dll 19:30:36.0163 0736 p2pimsvc - ok 19:30:36.0180 0736 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2psvc C:\Windows\system32\p2psvc.dll 19:30:36.0187 0736 p2psvc - ok 19:30:36.0234 0736 [ 4C6A7FD04DDF4DB88791048382E3EDB1 ] Parport C:\Windows\system32\DRIVERS\parport.sys 19:30:36.0237 0736 Parport - ok 19:30:36.0276 0736 [ B43751085E2ABE389DA466BC62A4B987 ] partmgr C:\Windows\system32\drivers\partmgr.sys 19:30:36.0279 0736 partmgr - ok 19:30:36.0353 0736 [ 55223EEFABFDB84A926515FEBAB50D9A ] pbfilter C:\Program Files\PeerBlock\pbfilter.sys 19:30:36.0355 0736 pbfilter - ok 19:30:36.0388 0736 [ 9AB157B374192FF276C1628FBDBA2B0E ] PcaSvc C:\Windows\System32\pcasvc.dll 19:30:36.0391 0736 PcaSvc - ok 19:30:36.0426 0736 [ 47AB1E0FC9D0E12BB53BA246E3A0906D ] pci C:\Windows\system32\drivers\pci.sys 19:30:36.0430 0736 pci - ok 19:30:36.0483 0736 [ 2657F6C0B78C36D95034BE109336E382 ] pciide C:\Windows\system32\drivers\pciide.sys 19:30:36.0484 0736 pciide - ok 19:30:36.0511 0736 [ 037661F3D7C507C9993B7010CEEE6288 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 19:30:36.0516 0736 pcmcia - ok 19:30:36.0554 0736 [ 58865916F53592A61549B04941BFD80D ] PEAUTH C:\Windows\system32\drivers\peauth.sys 19:30:36.0566 0736 PEAUTH - ok 19:30:36.0599 0736 [ 0ED8727EA0172860F47258456C06CAEA ] PerfHost C:\Windows\SysWow64\perfhost.exe 19:30:36.0602 0736 PerfHost - ok 19:30:36.0670 0736 [ E9E68C1A0F25CF4A7AC966EEA74EE89E ] pla C:\Windows\system32\pla.dll 19:30:36.0692 0736 pla - ok 19:30:36.0743 0736 [ FE6B0F59215C9FD9F9D26539C58C8B82 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 19:30:36.0750 0736 PlugPlay - ok 19:30:36.0769 0736 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPAutoReg C:\Windows\system32\p2psvc.dll 19:30:36.0777 0736 PNRPAutoReg - ok 19:30:36.0796 0736 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPsvc C:\Windows\system32\p2psvc.dll 19:30:36.0805 0736 PNRPsvc - ok 19:30:36.0858 0736 [ A6D06378F37BDBA0C0019294C2AABBD0 ] Point64 C:\Windows\system32\DRIVERS\point64k.sys 19:30:36.0860 0736 Point64 - ok 19:30:36.0914 0736 [ 89A5560671C2D8B4A4B51F3E1AA069D8 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 19:30:36.0924 0736 PolicyAgent - ok 19:30:36.0978 0736 [ 23386E9952025F5F21C368971E2E7301 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 19:30:36.0981 0736 PptpMiniport - ok 19:30:37.0013 0736 [ 5080E59ECEE0BC923F14018803AA7A01 ] Processor C:\Windows\system32\DRIVERS\processr.sys 19:30:37.0014 0736 Processor - ok 19:30:37.0047 0736 [ E058CE4FC2449D8BFA14739C83B7FF2A ] ProfSvc C:\Windows\system32\profsvc.dll 19:30:37.0052 0736 ProfSvc - ok 19:30:37.0076 0736 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] ProtectedStorage C:\Windows\system32\lsass.exe 19:30:37.0078 0736 ProtectedStorage - ok 19:30:37.0114 0736 [ C5AB7F0809392D0DA027F4A2A81BFA31 ] PSched C:\Windows\system32\DRIVERS\pacer.sys 19:30:37.0117 0736 PSched - ok 19:30:37.0145 0736 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys 19:30:37.0147 0736 PxHlpa64 - ok 19:30:37.0197 0736 [ 0B83F4E681062F3839BE2EC1D98FD94A ] ql2300 C:\Windows\system32\drivers\ql2300.sys 19:30:37.0216 0736 ql2300 - ok 19:30:37.0227 0736 [ E1C80F8D4D1E39EF9595809C1369BF2A ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 19:30:37.0230 0736 ql40xx - ok 19:30:37.0272 0736 [ 90574842C3DA781E279061A3EFF91F07 ] QWAVE C:\Windows\system32\qwave.dll 19:30:37.0279 0736 QWAVE - ok 19:30:37.0303 0736 [ E8D76EDAB77EC9C634C27B8EAC33ADC5 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 19:30:37.0304 0736 QWAVEdrv - ok 19:30:37.0322 0736 [ 1013B3B663A56D3DDD784F581C1BD005 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 19:30:37.0323 0736 RasAcd - ok 19:30:37.0359 0736 [ B2AE18F847D07F0044404DDF7CB04497 ] RasAuto C:\Windows\System32\rasauto.dll 19:30:37.0362 0736 RasAuto - ok 19:30:37.0395 0736 [ AC7BC4D42A7E558718DFDEC599BBFC2C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 19:30:37.0399 0736 Rasl2tp - ok 19:30:37.0424 0736 [ 3AD83E4046C43BE510DE681588ACB8AF ] RasMan C:\Windows\System32\rasmans.dll 19:30:37.0431 0736 RasMan - ok 19:30:37.0480 0736 [ 4517FBF8B42524AFE4EDE1DE102AAE3E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 19:30:37.0482 0736 RasPppoe - ok 19:30:37.0526 0736 [ C6A593B51F34C33E5474539544072527 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 19:30:37.0529 0736 RasSstp - ok 19:30:37.0568 0736 [ 322DB5C6B55E8D8EE8D6F358B2AAABB1 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 19:30:37.0574 0736 rdbss - ok 19:30:37.0605 0736 [ 603900CC05F6BE65CCBF373800AF3716 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 19:30:37.0606 0736 RDPCDD - ok 19:30:37.0643 0736 [ C045D1FB111C28DF0D1BE8D4BDA22C06 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys 19:30:37.0649 0736 rdpdr - ok 19:30:37.0656 0736 [ CAB9421DAF3D97B33D0D055858E2C3AB ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 19:30:37.0657 0736 RDPENCDD - ok 19:30:37.0709 0736 [ AE4BD9E1C33D351D8E607FC81F15160C ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 19:30:37.0714 0736 RDPWD - ok 19:30:37.0733 0736 [ C612B9557DA73F70D41F8A6FBC8E5344 ] RemoteAccess C:\Windows\System32\mprdim.dll 19:30:37.0737 0736 RemoteAccess - ok 19:30:37.0765 0736 [ 44B9D8EC2F3EF3A0EFB00857AF70D861 ] RemoteRegistry C:\Windows\system32\regsvc.dll 19:30:37.0770 0736 RemoteRegistry - ok 19:30:37.0827 0736 [ F46C457840D4B7A4DAAFEE739CE04102 ] RpcLocator C:\Windows\system32\locator.exe 19:30:37.0829 0736 RpcLocator - ok 19:30:37.0877 0736 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] RpcSs C:\Windows\system32\rpcss.dll 19:30:37.0886 0736 RpcSs - ok 19:30:37.0908 0736 [ 22A9CB08B1A6707C1550C6BF099AAE73 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 19:30:37.0911 0736 rspndr - ok 19:30:37.0943 0736 RSUSBSTOR - ok 19:30:37.0989 0736 [ F8DA8FC39CE5859C0D8C0FE6524CE465 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys 19:30:37.0993 0736 RTHDMIAzAudService - ok 19:30:38.0002 0736 Rts516xIR - ok 19:30:38.0026 0736 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] SamSs C:\Windows\system32\lsass.exe 19:30:38.0028 0736 SamSs - ok 19:30:38.0060 0736 [ CD9C693589C60AD59BBBCFB0E524E01B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 19:30:38.0063 0736 sbp2port - ok 19:30:38.0107 0736 [ FD1CDCF108D5EF3366F00D18B70FB89B ] SCardSvr C:\Windows\System32\SCardSvr.dll 19:30:38.0112 0736 SCardSvr - ok 19:30:38.0173 0736 [ 0F838C811AD295D2A4489B9993096C63 ] Schedule C:\Windows\system32\schedsvc.dll 19:30:38.0187 0736 Schedule - ok 19:30:38.0228 0736 [ 5A268127633C7EE2A7FB87F39D748D56 ] SCPolicySvc C:\Windows\System32\certprop.dll 19:30:38.0229 0736 SCPolicySvc - ok 19:30:38.0256 0736 [ 4FF71B076A7760FE75EA5AE2D0EE0018 ] SDRSVC C:\Windows\System32\SDRSVC.dll 19:30:38.0260 0736 SDRSVC - ok 19:30:38.0275 0736 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys 19:30:38.0277 0736 secdrv - ok 19:30:38.0288 0736 [ 5ACDCBC67FCF894A1815B9F96D704490 ] seclogon C:\Windows\system32\seclogon.dll 19:30:38.0291 0736 seclogon - ok 19:30:38.0303 0736 [ 90973A64B96CD647FF81C79443618EED ] SENS C:\Windows\system32\sens.dll 19:30:38.0306 0736 SENS - ok 19:30:38.0321 0736 [ 2449316316411D65BD2C761A6FFB2CE2 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys 19:30:38.0322 0736 Serenum - ok 19:30:38.0336 0736 [ 4B438170BE2FC8E0BD35EE87A960F84F ] Serial C:\Windows\system32\DRIVERS\serial.sys 19:30:38.0339 0736 Serial - ok 19:30:38.0371 0736 [ A842F04833684BCEEA7336211BE478DF ] sermouse C:\Windows\system32\drivers\sermouse.sys 19:30:38.0373 0736 sermouse - ok 19:30:38.0415 0736 [ A8E4A4407A09F35DCCC3771AF590B0C4 ] SessionEnv C:\Windows\system32\sessenv.dll 19:30:38.0418 0736 SessionEnv - ok 19:30:38.0427 0736 [ 14D4B4465193A87C127933978E8C4106 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 19:30:38.0429 0736 sffdisk - ok 19:30:38.0438 0736 [ 7073AEE3F82F3D598E3825962AA98AB2 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 19:30:38.0440 0736 sffp_mmc - ok 19:30:38.0449 0736 [ 35E59EBE4A01A0532ED67975161C7B82 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 19:30:38.0450 0736 sffp_sd - ok 19:30:38.0458 0736 [ 6B7838C94135768BD455CBDC23E39E5F ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 19:30:38.0460 0736 sfloppy - ok 19:30:38.0497 0736 [ 4C5AEE179DA7E1EE9A9CCB9DA289AF34 ] SharedAccess C:\Windows\System32\ipnathlp.dll 19:30:38.0504 0736 SharedAccess - ok 19:30:38.0561 0736 [ 56793271ECDEDD350C5ADD305603E963 ] ShellHWDetection C:\Windows\System32\shsvcs.dll 19:30:38.0568 0736 ShellHWDetection - ok 19:30:38.0576 0736 [ 7A5DE502AEB719D4594C6471060A78B3 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys 19:30:38.0579 0736 SiSRaid2 - ok 19:30:38.0604 0736 [ 3A2F769FAB9582BC720E11EA1DFB184D ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 19:30:38.0607 0736 SiSRaid4 - ok 19:30:38.0660 0736 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe 19:30:38.0663 0736 SkypeUpdate - ok 19:30:38.0769 0736 [ A9A27A8E257B45A604FDAD4F26FE7241 ] slsvc C:\Windows\system32\SLsvc.exe 19:30:38.0808 0736 slsvc - ok 19:30:38.0857 0736 [ FD74B4B7C2088E390A30C85A896FC3AF ] SLUINotify C:\Windows\system32\SLUINotify.dll 19:30:38.0861 0736 SLUINotify - ok 19:30:38.0910 0736 [ 290B6F6A0EC4FCDFC90F5CB6D7020473 ] Smb C:\Windows\system32\DRIVERS\smb.sys 19:30:38.0913 0736 Smb - ok 19:30:38.0947 0736 [ F8F47F38909823B1AF28D60B96340CFF ] SNMPTRAP C:\Windows\System32\snmptrap.exe 19:30:38.0950 0736 SNMPTRAP - ok 19:30:38.0997 0736 [ 386C3C63F00A7040C7EC5E384217E89D ] spldr C:\Windows\system32\drivers\spldr.sys 19:30:38.0999 0736 spldr - ok 19:30:39.0051 0736 [ F66FF751E7EFC816D266977939EF5DC3 ] Spooler C:\Windows\System32\spoolsv.exe 19:30:39.0058 0736 Spooler - ok 19:30:39.0150 0736 [ 602884696850C86434530790B110E8EB ] sptd C:\Windows\system32\Drivers\sptd.sys 19:30:39.0150 0736 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850C86434530790B110E8EB 19:30:39.0154 0736 sptd ( LockedFile.Multi.Generic ) - warning 19:30:39.0154 0736 sptd - detected LockedFile.Multi.Generic (1) 19:30:39.0192 0736 [ EB2FD937449B7ACEB39372F875EB8E78 ] SQLAgent$SQLEXPRESS c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE 19:30:39.0199 0736 SQLAgent$SQLEXPRESS - ok 19:30:39.0279 0736 [ 99DE6ACFA5CA83FAD6A765C81C6F129F ] SQLBrowser c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe 19:30:39.0284 0736 SQLBrowser - ok 19:30:39.0355 0736 [ 6D65985945B03CA59B67D0B73702FC7B ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe 19:30:39.0358 0736 SQLWriter - ok 19:30:39.0407 0736 [ 880A57FCCB571EBD063D4DD50E93E46D ] srv C:\Windows\system32\DRIVERS\srv.sys 19:30:39.0416 0736 srv - ok 19:30:39.0461 0736 [ A1AD14A6D7A37891FFFECA35EBBB0730 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 19:30:39.0465 0736 srv2 - ok 19:30:39.0490 0736 [ 4BED62F4FA4D8300973F1151F4C4D8A7 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 19:30:39.0493 0736 srvnet - ok 19:30:39.0543 0736 [ 192C74646EC5725AEF3F80D19FF75F6A ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 19:30:39.0548 0736 SSDPSRV - ok 19:30:39.0564 0736 [ 2EE3FA0308E6185BA64A9A7F2E74332B ] SstpSvc C:\Windows\system32\sstpsvc.dll 19:30:39.0569 0736 SstpSvc - ok 19:30:39.0617 0736 [ 15825C1FBFB8779992CB65087F316AF5 ] stisvc C:\Windows\System32\wiaservc.dll 19:30:39.0628 0736 stisvc - ok 19:30:39.0657 0736 [ 8A851CA908B8B974F89C50D2E18D4F0C ] swenum C:\Windows\system32\DRIVERS\swenum.sys 19:30:39.0659 0736 swenum - ok 19:30:39.0754 0736 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe 19:30:39.0763 0736 SwitchBoard - ok 19:30:39.0856 0736 [ 6DE37F4DE19D4EFD9C48C43ADDBC949A ] swprv C:\Windows\System32\swprv.dll 19:30:39.0865 0736 swprv - ok 19:30:39.0884 0736 [ 2F26A2C6FC96B29BEFF5D8ED74E6625B ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys 19:30:39.0886 0736 Symc8xx - ok 19:30:39.0894 0736 [ A909667976D3BCCD1DF813FED517D837 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys 19:30:39.0896 0736 Sym_hi - ok 19:30:39.0905 0736 [ 36887B56EC2D98B9C362F6AE4DE5B7B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys 19:30:39.0907 0736 Sym_u3 - ok 19:30:39.0960 0736 [ 92D7A8B0F87B036F17D25885937897A6 ] SysMain C:\Windows\system32\sysmain.dll 19:30:39.0975 0736 SysMain - ok 19:30:39.0997 0736 [ 005CE42567F9113A3BCCB3B20073B029 ] TabletInputService C:\Windows\System32\TabSvc.dll 19:30:40.0001 0736 TabletInputService - ok 19:30:40.0054 0736 [ CC2562B4D55E0B6A4758C65407F63B79 ] TapiSrv C:\Windows\System32\tapisrv.dll 19:30:40.0061 0736 TapiSrv - ok 19:30:40.0088 0736 [ CDBE8D7C1E201B911CDC346D06617FB5 ] TBS C:\Windows\System32\tbssvc.dll 19:30:40.0091 0736 TBS - ok 19:30:40.0166 0736 [ AC8D5728E6AD6A7C4819D9A67008337A ] Tcpip C:\Windows\system32\drivers\tcpip.sys 19:30:40.0189 0736 Tcpip - ok 19:30:40.0217 0736 [ AC8D5728E6AD6A7C4819D9A67008337A ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys 19:30:40.0229 0736 Tcpip6 - ok 19:30:40.0260 0736 [ FD8FDE859E38E40A20085EBB0C22B416 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 19:30:40.0262 0736 tcpipreg - ok 19:30:40.0291 0736 [ 1D8BF4AAA5FB7A2761475781DC1195BC ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 19:30:40.0292 0736 TDPIPE - ok 19:30:40.0301 0736 [ 7F7E00CDF609DF657F4CDA02DD1C9BB1 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 19:30:40.0303 0736 TDTCP - ok 19:30:40.0333 0736 [ 458919C8C42E398DC4802178D5FFEE27 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 19:30:40.0336 0736 tdx - ok 19:30:40.0367 0736 [ 8C19678D22649EC002EF2282EAE92F98 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys 19:30:40.0369 0736 TermDD - ok 19:30:40.0419 0736 [ 5CDD30BC217082DAC71A9878D9BFD566 ] TermService C:\Windows\System32\termsrv.dll 19:30:40.0429 0736 TermService - ok 19:30:40.0461 0736 [ 56793271ECDEDD350C5ADD305603E963 ] Themes C:\Windows\system32\shsvcs.dll 19:30:40.0465 0736 Themes - ok 19:30:40.0505 0736 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] THREADORDER C:\Windows\system32\mmcss.dll 19:30:40.0507 0736 THREADORDER - ok 19:30:That does not appear to be the complete TDSSKiller log. Could you please run it again and just post the bottom 10 lines of the log?14:04:57.0761 4580 ================ Scan global =============================== 14:04:57.0793 4580 [ 060DC3A7A9A2626031EB23D90151428D ] C:\Windows\system32\basesrv.dll 14:04:57.0834 4580 [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll 14:04:57.0851 4580 [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll 14:04:57.0897 4580 [ 934E0B7D77FF78C18D9F8891221B6DE3 ] C:\Windows\system32\services.exe 14:04:57.0902 4580 [Global] - ok 14:04:57.0903 4580 ================ Scan MBR ================================== 14:04:57.0921 4580 [ B751AF1ACDDD7A1A71313731839F4ECB ] \Device\Harddisk0\DR0 14:05:00.0571 4580 \Device\Harddisk0\DR0 - ok 14:05:00.0586 4580 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1 14:05:00.0590 4580 \Device\Harddisk1\DR1 - ok 14:05:00.0596 4580 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk2\DR2 14:05:00.0895 4580 \Device\Harddisk2\DR2 - ok 14:05:00.0896 4580 ================ Scan VBR ================================== 14:05:00.0901 4580 [ AB2522FC70605093AF8A9F7397AFBB75 ] \Device\Harddisk0\DR0\Partition1 14:05:00.0902 4580 \Device\Harddisk0\DR0\Partition1 - ok 14:05:00.0911 4580 [ F5BE331CDEDDC5FE4288744E7456CB28 ] \Device\Harddisk1\DR1\Partition1 14:05:00.0913 4580 \Device\Harddisk1\DR1\Partition1 - ok 14:05:00.0920 4580 [ 27693C0DC8219674FFDA01A04EF5AF78 ] \Device\Harddisk2\DR2\Partition1 14:05:00.0922 4580 \Device\Harddisk2\DR2\Partition1 - ok 14:05:00.0924 4580 ============================================================ 14:05:00.0925 4580 Scan finished 14:05:00.0925 4580 ============================================================ 14:05:00.0949 5484 Detected object count: 1 14:05:00.0949 5484 Actual detected object count: 1 14:05:21.0270 5484 sptd ( LockedFile.Multi.Generic ) - skipped by user 14:05:21.0270 5484 sptd ( LockedFile.Multi.Generic ) - User select action: Skip Please run TDSSKiller again and, this time, You need to choose action Cure Cure is not one of the options. I assume you mean Delete. See attached. [year+ old attachment deleted by admin] Quote from: zulubanshee on December 28, 2012, 05:37:59 PM Cure is not one of the options. I assume you mean Delete. See attached.Sorry, please use "delete".Machine was rebooted. I can't believe this is such a problem. Thanks very much for spending so much time on it. 18:17:23.0309 3720 ================ Scan global =============================== 18:17:23.0387 3720 [ 060DC3A7A9A2626031EB23D90151428D ] C:\Windows\system32\basesrv.dll 18:17:23.0574 3720 [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll 18:17:23.0652 3720 [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll 18:17:23.0870 3720 [ 934E0B7D77FF78C18D9F8891221B6DE3 ] C:\Windows\system32\services.exe 18:17:23.0870 3720 [Global] - ok 18:17:23.0870 3720 ================ Scan MBR ================================== 18:17:23.0948 3720 [ B751AF1ACDDD7A1A71313731839F4ECB ] \Device\Harddisk0\DR0 18:17:26.0805 3720 \Device\Harddisk0\DR0 - ok 18:17:26.0884 3720 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1 18:17:26.0894 3720 \Device\Harddisk1\DR1 - ok 18:17:26.0907 3720 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk2\DR2 18:17:27.0263 3720 \Device\Harddisk2\DR2 - ok 18:17:27.0264 3720 ================ Scan VBR ================================== 18:17:27.0298 3720 [ AB2522FC70605093AF8A9F7397AFBB75 ] \Device\Harddisk0\DR0\Partition1 18:17:27.0299 3720 \Device\Harddisk0\DR0\Partition1 - ok 18:17:27.0306 3720 [ F5BE331CDEDDC5FE4288744E7456CB28 ] \Device\Harddisk1\DR1\Partition1 18:17:27.0309 3720 \Device\Harddisk1\DR1\Partition1 - ok 18:17:27.0327 3720 [ 27693C0DC8219674FFDA01A04EF5AF78 ] \Device\Harddisk2\DR2\Partition1 18:17:27.0329 3720 \Device\Harddisk2\DR2\Partition1 - ok 18:17:27.0357 3720 ============================================================ 18:17:27.0357 3720 Scan finished 18:17:27.0357 3720 ============================================================ 18:17:27.0467 4396 Detected object count: 1 18:17:27.0467 4396 Actual detected object count: 1 18:17:32.0013 4396 C:\Windows\system32\Drivers\sptd.sys - copied to quarantine 18:17:32.0132 4396 HKLM\SYSTEM\ControlSet001\services\sptd - will be deleted on reboot 18:17:32.0166 4396 HKLM\SYSTEM\ControlSet003\services\sptd - will be deleted on reboot 18:17:32.0953 4396 C:\Windows\system32\Drivers\sptd.sys - will be deleted on reboot 18:17:32.0953 4396 sptd ( LockedFile.Multi.Generic ) - User select action: Delete Any change?Well like i said above, it's definitely better than it was, but still at least 25% of pages have problems loading. I'm starting to think that I might have to REFORMAT. Quote from: zulubanshee on December 30, 2012, 11:22:42 AM Well like i said above, it's definitely better than it was, but still at least 25% of pages have problems loading. I'm starting to think that I might have to reformat.That would be your best option which will give you virtually a new computer. Well thanks for your help dude. You're welcome. I will lock this thread. If you need it re-opened, please send me a pm. |
|