We’d like to remind Forumites to please avoid political debate on the Forum.
This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
PC problem
square_bear
Posts: 3,865 Forumite
My computer is showing several messages:
1.
Write Fault Error.
A write command during the test has failed to complete. This maybe due to a media or read/write error. The system generates a exception error when using a referenceto an invalid systemmemory address.
Cancel, Try again, Continue.
(This message appears about 20 times on each occasion )
2.
Serious Disc Error Writing drive.
3.
Critical Error.
Hard Drive controller failure.
4.
This device cannot find enough free resorces that it can use.
5.
Seek Error. Sector not found.
6.
Data error reading drive C:/
7.
Critical drive.
Also I notice the items in the Favourites file have gone missing.
Can people from other computers near me gain access to my computer and cause interference or problems for me?
What does this all mean?
Can I sort this out myself or do I call in an expert?
Thanks.
1.
Write Fault Error.
A write command during the test has failed to complete. This maybe due to a media or read/write error. The system generates a exception error when using a referenceto an invalid systemmemory address.
Cancel, Try again, Continue.
(This message appears about 20 times on each occasion )
2.
Serious Disc Error Writing drive.
3.
Critical Error.
Hard Drive controller failure.
4.
This device cannot find enough free resorces that it can use.
5.
Seek Error. Sector not found.
6.
Data error reading drive C:/
7.
Critical drive.
Also I notice the items in the Favourites file have gone missing.
Can people from other computers near me gain access to my computer and cause interference or problems for me?
What does this all mean?
Can I sort this out myself or do I call in an expert?
Thanks.
0
Comments
-
Looks like possible malware.
Download DDS from the link below and save it to your desktop:
Link
After you've downloaded it and saved it to your desktop:- Double click DDS to run it.
- When it's finished, DDS will open two logs:
- DDS.txt
- Attach.txt
Copy & paste the contents of just DDS.txt for now and post it here (you may need to split the log over separate posts)0 -
Thanks for the reply.
When I run the link it stops at about 75% of the process.
The computer freezes and I have to switch it off at the mains to start again.
What can I do now?0 -
square_bear wrote: »Thanks for the reply.
When I run the link it stops at about 75% of the process.
The computer freezes and I have to switch it off at the mains to start again.
What can I do now?
Are you running the file straight from the link?
You need to save it first to your desktop and then run it from there once it has downloaded.
Stilll having problems? Try this version. Again download & save it to your desktop, then run it.
LINK
Expand Scan & check (tick) attach.txt > Expand options for DDS.txt & uncheck Check MBR
See if that runs.
If you're still having problems downloading or running it there are a number of things to try.
Download this file (WiNlOgOn.exe) from the link below - again save it to your desktop, then run it, then try to run DDS again.
http://www.bleepingcomputer.com/download/rkill/
Scroll down to WiNlOgOn.exe Download Link
If you have problems downloading either that or DDS, boot to safe mode with networking (restart and tap f8 until you reach the Advanced boot options screen), and download it/them from there.
Don't run them in safe mode though, restart to normal mode and run them from there - WiNlOgOn.exe first, then DDS.0 -
I click the link. A box appears that says 'Do you want to run or save this file?'
I click save. An icon appears on my desktop.
I click the desktop icon. A box appears 'File Download, Security Warning'
With options to 'Run, Save or Cancel.'
I can see the 0% down load box tucked behind this box, but i can't get to it.
So, I click 'run'. The process runs until about 75% of the bar appears, then it stops.
What am I doing wrong?0 -
You're not doing anything wrong by the looks of it - the infection must be blocking it, download the other file I mentioned and run that first. That should stop the infection's running processes to allow you to run any diagnostic or removal tools.
Malwarebytes anti-malware should remove this quite easily if you have it installed?
Run a quick scan.
http://helpdesk.malwarebytes.org/entries/20872371-use-chameleon-to-run-malwarebytes-anti-malware-on-infected-systems
I'm out for the rest of the day at the football, so won't be able to answer any further questions till tomorrow.
Hopefully someone else might chip in.0 -
I did have Malwarebytes installed, but now all that's left are basic Microsoft Office, Google Chrome and Windows Live programmes. Everything else has disappeared.
I'm calling my usual tech guy to come and sort it out.
Thanks for all of your help.0 -
These are the types of things you are looking at.
http://www.bleepingcomputer.com/virus-removal/remove-hdd-repair
http://www.bleepingcomputer.com/virus-removal/remove-smart-hdd
http://www.bleepingcomputer.com/virus-removal/remove-data-recovery0 -
Looks like possible malware.
Download DDS from the link below and save it to your desktop:
Link
After you've downloaded it and saved it to your desktop:- Double click DDS to run it.
- When it's finished, DDS will open two logs:
- DDS.txt
- Attach.txt
Copy & paste the contents of just DDS.txt for now and post it here (you may need to split the log over separate posts)
DDS (Ver_2011-09-30.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702
Run by Wareham at 14:14:11 on 2012-08-25
#Option MBR scan is disabled.
#Option Extended Search is enabled.
Microsoft Windows XP Professional 5.1.2600.3.1252.44.1033.18.1534.895 [GMT 1:00]
.
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
============== Running Processes ================
.
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\AVG\AVG2012\avgnsx.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://www.google.co.uk/
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
uURLSearchHooks: WiseConvert Toolbar: {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - c:\program files\wiseconvert\prxtbWise.dll
dURLSearchHooks: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - <orphaned>
dURLSearchHooks: AVG Security Toolbar BHO: {A3BC75A2-1F87-4686-AA43-5347D756017C} -
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: MediaBar: {0974BA1E-64EC-11DE-B2A5-E43756D89593} -
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - c:\program files\avg\avg2012\avgdtiex.dll
BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - c:\program files\avg\avg2012\avgssie.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: UrlHelper Class: {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} -
BHO: SSVHelper Class: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - c:\program files\windows ilivid toolbar\datamngr\toolbar\searchqudtx.dll
BHO: AVG Security Toolbar BHO: {A3BC75A2-1F87-4686-AA43-5347D756017C} -
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.7529.1424\swg.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: WiseConvert Toolbar: {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - c:\program files\wiseconvert\prxtbWise.dll
BHO: DeLorme Send To GPS: {FBAAD182-3C7A-4BC4-A5E9-207B8E0F02FD} - c:\program files\delorme\sendtogps\PNPluginForIE.dll
BHO: SMTTB2009 Class: {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - c:\program files\dealbulldog toolbar\tbcore3.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: AVG Security Toolbar: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} -
TB: DealBulldog Toolbar: {338B4DFE-2E2C-4338-9E41-E176D497299E} - c:\program files\dealbulldog toolbar\tbcore3.dll
TB: WiseConvert Toolbar: {EBD898F8-FCF6-4694-BC3B-EABC7271EEB1} - c:\program files\wiseconvert\prxtbWise.dll
TB: AVG Security Toolbar: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} -
TB: MediaBar: {0974BA1E-64EC-11DE-B2A5-E43756D89593} -
TB: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - c:\program files\windows ilivid toolbar\datamngr\toolbar\searchqudtx.dll
TB: DealBulldog Toolbar: {338B4DFE-2E2C-4338-9E41-E176D497299E} - c:\program files\dealbulldog toolbar\tbcore3.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: WiseConvert Toolbar: {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - c:\program files\wiseconvert\prxtbWise.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [PCSuiteTrayApplication] c:\program files\nokia\nokia pc suite 6\LaunchApplication.exe -startup
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [KernelFaultCheck] c:\windows\system32\dumprep 0 -k
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
dRun: [ALUAlert] c:\program files\symantec\liveupdate\ALUNotify.exe
dRun: [Nokia.PCSync] c:\program files\nokia\nokia pc suite 6\PcSync2.exe /NoDialog
StartupFolder: c:\docume~1\wareham\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office14\ONENOTEM.EXE
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: &Search - http://tbedits.televisionfanatic.com/one-toolbaredits/menusearch.jhtml?s=100000415&p=XPxdm033YYgb&si=3442065&a=B6944AA5-0C99-46AE-B727-30C6B5D57249&n=2011122815
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBC} - c:\program files\java\jre6\bin\jp2iexp.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - c:\program files\avg\avg2012\avgdtiex.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} - hxxp://www.eset.eu/buxus/docs/OnlineScanner.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1342472329187
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} - hxxp://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{C1E44A67-9FB3-420A-8537-2C3E85CEF7CD} : DHCPNameServer = 192.168.1.254
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} -
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-4-19 24896]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2010-9-7 31952]
R0 xfilt;VIA SATA IDE Hot-plug Driver;c:\windows\system32\drivers\xfilt.sys [2008-2-26 11264]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2010-9-7 235216]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2010-9-7 301248]
R2 aawservice;Ad-Aware 2007 Service;c:\program files\lavasoft\ad-aware 2007\aawservice.exe [2008-1-4 587096]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\avgidsagent.exe [2012-7-4 5160568]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2012-2-14 193288]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2011-12-23 139856]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\avgidsfilterx.sys [2011-12-23 24144]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2011-12-23 17232]
RUnknown syshost32;syshost32; [x]
S1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2010-9-7 41040]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-2-2 135664]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-6 250056]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\avg\avg10\toolbar\toolbarbroker.exe --> c:\program files\avg\avg10\toolbar\ToolbarBroker.exe [?]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-2-2 135664]
S3 kbeepm;kbeepm;\??\c:\docume~1\wareham\locals~1\temp\kbeepm.sys --> c:\docume~1\wareham\locals~1\temp\kbeepm.sys [?]
S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
S3 usb2vcom;USB to Serial Bridge Controller;c:\windows\system32\drivers\usb2vcom.sys [2008-6-3 30368]
.
=============== Created Last 60 ================
.
2012-08-24 19:40:15 71296 ----a-w- c:\windows\system32\drivers\6d926cb3c7f34037.sys
2012-08-24 05:48:32
d
w- c:\program files\winlogon.exe
2012-08-19 06:47:57
d
w- c:\documents and settings\wareham\application data\PriceGong
2012-08-19 06:47:05
d
w- c:\program files\Conduit
2012-08-19 06:47:02
d
w- c:\documents and settings\wareham\local settings\application data\WiseConvert
2012-08-19 06:47:01
d
w- c:\documents and settings\wareham\local settings\application data\Conduit
2012-08-19 06:45:35
d
w- c:\program files\WiseConvert
2012-07-23 10:04:40
d--h--w- c:\documents and settings\wareham\application data\RealNetworks
2012-07-21 12:17:47
d--h--w- c:\program files\DeLorme
2012-07-19 12:31:39
d-sh--w- C:\found.004
2012-07-16 21:19:07
d--h--w- c:\documents and settings\wareham\application data\Malwarebytes
2012-07-16 21:18:40
d--h--w- c:\documents and settings\all users\application data\Malwarebytes
2012-07-16 21:18:39 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-07-16 21:18:39
d--h--w- c:\program files\Malwarebytes' Anti-Malware
2012-07-16 20:25:46 14592 -c-ha-w- c:\windows\system32\dllcache\kbdhid.sys
2012-07-16 20:25:46 14592 ---ha-w- c:\windows\system32\drivers\kbdhid.sys
2012-07-16 20:24:08 21504 -c-ha-w- c:\windows\system32\dllcache\hidserv.dll
2012-07-16 20:24:08 21504 ---ha-w- c:\windows\system32\hidserv.dll
2012-07-06 13:58:51 78336 -c-h--w- c:\windows\system32\dllcache\browser.dll
.
==================== Find6M ====================
.
2012-08-14 18:29:24 70344 ---ha-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-08-14 18:29:24 426184 ---ha-w- c:\windows\system32\FlashPlayerApp.exe
2012-07-25 09:18:12 98304 ---ha-w- c:\windows\system32\CmdLineExt.dll
2012-07-06 13:58:51 78336 ---ha-w- c:\windows\system32\browser.dll
2012-07-04 14:05:18 139784 ---ha-w- c:\windows\system32\drivers\rdpwd.sys
2012-07-03 13:40:15 1866112 ---ha-w- c:\windows\system32\win32k.sys
2012-07-02 17:49:33 916992 ---ha-w- c:\windows\system32\wininet.dll
2012-07-02 17:49:32 43520 ---ha-w- c:\windows\system32\licmgr10.dll
2012-07-02 17:49:32 1469440 ---h--w- c:\windows\system32\inetcpl.cpl
2012-07-02 12:05:43 385024 ---ha-w- c:\windows\system32\html.iec
2012-06-06 07:49:52 1070152 ---ha-w- c:\windows\system32\MSCOMCTL.OCX
2012-06-05 15:50:25 1372672 ---h--w- c:\windows\system32\msxml6.dll
2012-06-05 15:50:25 1172480 ---ha-w- c:\windows\system32\msxml3.dll
2012-06-04 16:35:26 222448 ---ha-w- c:\windows\system32\muweb.dll
2012-06-04 04:32:08 152576 ---ha-w- c:\windows\system32\schannel.dll
2012-06-02 14:19:44 22040 ---ha-w- c:\windows\system32\wucltui.dll.mui
2012-06-02 14:19:38 219160 ---ha-w- c:\windows\system32\wuaucpl.cpl
2012-06-02 14:19:38 15384 ---ha-w- c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 14:19:34 15384 ---ha-w- c:\windows\system32\wuapi.dll.mui
2012-06-02 14:19:30 17944 ---ha-w- c:\windows\system32\wuaueng.dll.mui
2012-06-02 14:18:58 275696 ---ha-w- c:\windows\system32\mucltui.dll
2012-06-02 14:18:58 17136 ---ha-w- c:\windows\system32\mucltui.dll.mui
2012-05-31 13:22:09 599040 ---ha-w- c:\windows\system32\crypt32.dll
2012-05-14 09:22:41 345600 ---ha-w- c:\windows\system32\localspl.dll
2012-05-04 13:16:13 2148352 ---ha-w- c:\windows\system32\ntoskrnl.exe
2012-05-04 12:32:19 2026496 ---ha-w- c:\windows\system32\ntkrnlpa.exe
2012-04-19 03:50:26 24896 ---ha-w- c:\windows\system32\drivers\avgidshx.sys
2012-03-19 04:17:28 301248 ---ha-w- c:\windows\system32\drivers\avgtdix.sys
2012-02-29 14:10:16 177664 ---ha-w- c:\windows\system32\wintrust.dll
2012-02-29 14:10:16 148480 ---ha-w- c:\windows\system32\imagehlp.dll
.
============= FINISH: 14:16:42.20 ===============
I finally found a way to get this info for you.
What now, please.0 -
Download tdsskiller.exe from the link below and save it to your desktop
LINK- Double click TDSSKiller.exe
- Click Start scan and allow it to scan.
- If Malicious objects are detected, the default action will be Cure, ensure Cure is selected then click Continue
- If suspicious objects are detected, the default action will be Skip, ensure Skip is selected then click Continue
- It may ask you to reboot the computer to complete the process. Click on Reboot Now and allow the computer to reboot.
- A log will be created on your root (usually C:) drive. EG: C:\TDSSKiller.Version_Date_Time_log.txt.
- If no reboot is required, click on Report. A log file should appear.
- Post the contents in your next reply
0 -
07:37:42.0921 3140 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
07:37:44.0593 3140 ============================================================
07:37:44.0593 3140 Current date / time: 2012/08/27 07:37:44.0593
07:37:44.0593 3140 SystemInfo:
07:37:44.0593 3140
07:37:44.0593 3140 OS Version: 5.1.2600 ServicePack: 3.0
07:37:44.0593 3140 Product type: Workstation
07:37:44.0593 3140 ComputerName: USER-2167439A17
07:37:44.0593 3140 UserName: Wareham
07:37:44.0593 3140 Windows directory: C:\WINDOWS
07:37:44.0593 3140 System windows directory: C:\WINDOWS
07:37:44.0593 3140 Processor architecture: Intel x86
07:37:44.0593 3140 Number of processors: 2
07:37:44.0593 3140 Page size: 0x1000
07:37:44.0593 3140 Boot type: Normal boot
07:37:44.0593 3140 ============================================================
07:37:52.0390 3140 !crdlk
07:37:52.0734 3140 Drive \Device\Harddisk0\DR0 - Size: 0x1315740000 (76.34 Gb), SectorSize: 0x200, Cylinders: 0x26EC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'A'
07:37:52.0750 3140 ============================================================
07:37:52.0750 3140 \Device\Harddisk0\DR0:
07:37:52.0750 3140 MBR partitions:
07:37:52.0750 3140 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x98A40EC
07:37:52.0750 3140 ============================================================
07:37:52.0781 3140 C: <-> \Device\Harddisk0\DR0\Partition1
07:37:52.0781 3140 ============================================================
07:37:52.0781 3140 Initialize success
07:37:52.0781 3140 ============================================================
07:37:55.0281 3564 ============================================================
07:37:55.0281 3564 Scan started
07:37:55.0281 3564 Mode: Manual;
07:37:55.0281 3564 ============================================================
07:37:56.0125 3564 ================ Scan system memory ========================
07:37:56.0125 3564 System memory - ok
07:37:56.0125 3564 ================ Scan services =============================
07:37:56.0296 3564 [ 914A9709FC3BF419AD2F85547F2A4832 ] 61883 C:\WINDOWS\system32\DRIVERS\61883.sys
07:37:56.0296 3564 61883 - ok
07:37:56.0328 3564 Suspicious service (NoAccess): 6d926cb3c7f34037
07:37:56.0390 3564 [ 6328BE727FD766F0F818222DE92A1D64 ] 6d926cb3c7f34037 C:\WINDOWS\System32\Drivers\6d926cb3c7f34037.sys
07:37:56.0390 3564 Suspicious file (NoAccess): C:\WINDOWS\System32\Drivers\6d926cb3c7f34037.sys. md5: 6328BE727FD766F0F818222DE92A1D64
07:37:56.0593 3564 6d926cb3c7f34037 ( Rootkit.Win32.Necurs.gen ) - infected
07:37:56.0593 3564 6d926cb3c7f34037 - detected Rootkit.Win32.Necurs.gen (0)
07:37:56.0687 3564 [ 0629361FAC4576BA48AB39F4903DCE9E ] aawservice C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
07:37:56.0687 3564 aawservice - ok
07:37:56.0718 3564 Abiosdsk - ok
07:37:56.0750 3564 abp480n5 - ok
07:37:56.0796 3564 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
07:37:56.0796 3564 ACPI - ok
07:37:56.0843 3564 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
07:37:56.0843 3564 ACPIEC - ok
07:37:56.0953 3564 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
07:37:56.0953 3564 AdobeFlashPlayerUpdateSvc - ok
07:37:56.0968 3564 adpu160m - ok
07:37:57.0031 3564 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
07:37:57.0031 3564 aec - ok
07:37:57.0093 3564 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
07:37:57.0093 3564 AFD - ok
07:37:57.0093 3564 Aha154x - ok
07:37:57.0125 3564 aic78u2 - ok
07:37:57.0140 3564 aic78xx - ok
07:37:57.0171 3564 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
07:37:57.0187 3564 Alerter - ok
07:37:57.0218 3564 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
07:37:57.0218 3564 ALG - ok
07:37:57.0234 3564 AliIde - ok
07:37:57.0265 3564 amsint - ok
07:37:57.0328 3564 [ 018857EAD9A077A56AEDFC0E5EF7A24A ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
07:37:57.0328 3564 Apple Mobile Device - ok
07:37:57.0390 3564 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
07:37:57.0390 3564 AppMgmt - ok
07:37:57.0437 3564 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
07:37:57.0437 3564 Arp1394 - ok
07:37:57.0468 3564 asc - ok
07:37:57.0500 3564 asc3350p - ok
07:37:57.0531 3564 asc3550 - ok
07:37:57.0687 3564 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
07:37:57.0796 3564 aspnet_state - ok
07:37:57.0843 3564 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
07:37:57.0843 3564 AsyncMac - ok
07:37:57.0875 3564 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
07:37:57.0890 3564 atapi - ok
07:37:57.0890 3564 Atdisk - ok
07:37:57.0937 3564 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
07:37:57.0937 3564 Atmarpc - ok
07:37:57.0984 3564 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
07:37:57.0984 3564 AudioSrv - ok
07:37:58.0015 3564 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
07:37:58.0015 3564 audstub - ok
07:37:58.0093 3564 [ F8E6956A614F15A0860474C5E2A7DE6B ] Avc C:\WINDOWS\system32\DRIVERS\avc.sys
07:37:58.0093 3564 Avc - ok
07:37:58.0187 3564 AVG Security Toolbar Service - ok
07:37:58.0390 3564 [ D67719BCFDE5798F5C30D14EFED3BCAF ] AVGIDSAgent C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
07:37:58.0515 3564 AVGIDSAgent - ok
07:37:58.0578 3564 [ 1074F787080068C71303B61FAE7E7CA4 ] AVGIDSDriver C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys
07:37:58.0578 3564 AVGIDSDriver - ok
07:37:58.0640 3564 [ 61A7E0B02F82CFF3DB2445BBE50B3589 ] AVGIDSFilter C:\WINDOWS\system32\DRIVERS\avgidsfilterx.sys
07:37:58.0640 3564 AVGIDSFilter - ok
07:37:58.0718 3564 [ D63D83659EEDF60B3A3E620281A888E5 ] AVGIDSHX C:\WINDOWS\system32\DRIVERS\avgidshx.sys
07:37:58.0718 3564 AVGIDSHX - ok
07:37:58.0781 3564 [ BAF975B72062F53D327788E99D64197E ] AVGIDSShim C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys
07:37:58.0781 3564 AVGIDSShim - ok
07:37:58.0843 3564 [ DDA6A2A18841E4C9172BB85958B8D948 ] Avgldx86 C:\WINDOWS\system32\DRIVERS\avgldx86.sys
07:37:58.0843 3564 Avgldx86 - ok
07:37:58.0921 3564 [ CCDD61545AAEA265977E4B1EFDC74E8C ] Avgmfx86 C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
07:37:58.0921 3564 Avgmfx86 - ok
07:37:58.0984 3564 [ 1FD90B28D2C3100BF4500199C8AD6358 ] Avgrkx86 C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
07:37:58.0984 3564 Avgrkx86 - ok
07:37:59.0078 3564 [ 1263F2554ACE925C237A40B4C568D815 ] Avgtdix C:\WINDOWS\system32\DRIVERS\avgtdix.sys
07:37:59.0078 3564 Avgtdix - ok
07:37:59.0140 3564 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Program Files\AVG\AVG2012\avgwdsvc.exe
07:37:59.0140 3564 avgwd - ok
07:37:59.0187 3564 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
07:37:59.0187 3564 Beep - ok
07:37:59.0250 3564 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
07:37:59.0281 3564 BITS - ok
07:37:59.0390 3564 [ F832F1505AD8B83474BD9A5B1B985E01 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
07:37:59.0390 3564 Bonjour Service - ok
07:37:59.0437 3564 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
07:37:59.0437 3564 Browser - ok
07:37:59.0468 3564 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
07:37:59.0468 3564 cbidf2k - ok
07:37:59.0546 3564 [ A9ACC4B9730B6D5B0BB2BFFDC53F0812 ] CCALib8 C:\Program Files\Canon\CAL\CALMAIN.exe
07:37:59.0546 3564 CCALib8 - ok
07:37:59.0593 3564 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
07:37:59.0593 3564 CCDECODE - ok
07:37:59.0625 3564 cd20xrnt - ok
07:37:59.0656 3564 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
07:37:59.0656 3564 Cdaudio - ok
07:37:59.0671 3564 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
07:37:59.0671 3564 Cdfs - ok
07:37:59.0718 3564 [ 248349293CA42EE5DB61DC1FD85A2F49 ] cdrbsdrv C:\WINDOWS\system32\drivers\cdrbsdrv.sys
07:37:59.0718 3564 cdrbsdrv - ok
07:37:59.0765 3564 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
07:37:59.0765 3564 Cdrom - ok
07:37:59.0781 3564 Changer - ok
07:37:59.0828 3564 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
07:37:59.0828 3564 CiSvc - ok
07:37:59.0859 3564 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
07:37:59.0859 3564 ClipSrv - ok
07:37:59.0921 3564 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
07:38:00.0046 3564 clr_optimization_v2.0.50727_32 - ok
07:38:00.0093 3564 CmdIde - ok
07:38:00.0109 3564 COMSysApp - ok
07:38:00.0140 3564 Cpqarray - ok
07:38:00.0187 3564 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
07:38:00.0187 3564 CryptSvc - ok
07:38:00.0203 3564 dac2w2k - ok
07:38:00.0218 3564 dac960nt - ok
07:38:00.0281 3564 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
07:38:00.0296 3564 DcomLaunch - ok
07:38:00.0328 3564 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
07:38:00.0328 3564 Dhcp - ok
07:38:00.0359 3564 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
07:38:00.0359 3564 Disk - ok
07:38:00.0390 3564 dmadmin - ok
07:38:00.0453 3564 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
07:38:00.0468 3564 dmboot - ok
07:38:00.0531 3564 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
07:38:00.0531 3564 dmio - ok
07:38:00.0562 3564 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
07:38:00.0562 3564 dmload - ok
07:38:00.0609 3564 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
07:38:00.0609 3564 dmserver - ok
07:38:00.0640 3564 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
07:38:00.0640 3564 DMusic - ok
07:38:00.0687 3564 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
07:38:00.0703 3564 Dnscache - ok
07:38:00.0750 3564 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
07:38:00.0750 3564 Dot3svc - ok
07:38:00.0781 3564 dpti2o - ok
07:38:00.0812 3564 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
07:38:00.0812 3564 drmkaud - ok
07:38:00.0859 3564 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
07:38:00.0875 3564 EapHost - ok
07:38:00.0921 3564 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
07:38:00.0921 3564 ERSvc - ok
07:38:00.0968 3564 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
07:38:00.0968 3564 Eventlog - ok
07:38:01.0031 3564 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
07:38:01.0031 3564 EventSystem - ok
07:38:01.0062 3564 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
07:38:01.0062 3564 Fastfat - ok
07:38:01.0109 3564 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
07:38:01.0109 3564 FastUserSwitchingCompatibility - ok
07:38:01.0156 3564 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
07:38:01.0156 3564 Fdc - ok
07:38:01.0203 3564 [ E9648254056BCE81A85380C0C3647DC4 ] FETNDIS C:\WINDOWS\system32\DRIVERS\fetnd5.sys
07:38:01.0203 3564 FETNDIS - ok
07:38:01.0234 3564 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
07:38:01.0234 3564 Fips - ok
07:38:01.0250 3564 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
07:38:01.0250 3564 Flpydisk - ok
07:38:01.0281 3564 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
07:38:01.0281 3564 FltMgr - ok
07:38:01.0375 3564 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
07:38:01.0375 3564 FontCache3.0.0.0 - ok
07:38:01.0421 3564 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
07:38:01.0421 3564 Fs_Rec - ok
07:38:01.0468 3564 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
07:38:01.0468 3564 Ftdisk - ok
07:38:01.0515 3564 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
07:38:01.0515 3564 GEARAspiWDM - ok
07:38:01.0562 3564 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
07:38:01.0562 3564 Gpc - ok
07:38:01.0687 3564 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
07:38:01.0687 3564 gupdate - ok
07:38:01.0750 3564 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
07:38:01.0750 3564 gupdatem - ok
07:38:01.0843 3564 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
07:38:01.0843 3564 gusvc - ok
07:38:01.0890 3564 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
07:38:01.0890 3564 HDAudBus - ok
07:38:01.0953 3564 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
07:38:01.0968 3564 helpsvc - ok
07:38:02.0000 3564 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
07:38:02.0000 3564 HidServ - ok
07:38:02.0078 3564 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
07:38:02.0078 3564 HidUsb - ok
07:38:02.0140 3564 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
07:38:02.0140 3564 hkmsvc - ok
07:38:02.0187 3564 hpn - ok
07:38:02.0265 3564 [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
07:38:02.0265 3564 hpqcxs08 - ok
07:38:02.0296 3564 [ 7DA3211AC63EDD90B8ECA1CA1ABFD43B ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
07:38:02.0296 3564 hpqddsvc - ok
07:38:02.0343 3564 [ D03D10F7DED688FECF50F8FBF1EA9B8A ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
07:38:02.0343 3564 HPZid412 - ok
07:38:02.0359 3564 [ 89F41658929393487B6B7D13C8528CE3 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
07:38:02.0359 3564 HPZipr12 - ok
07:38:02.0406 3564 [ ABCB05CCDBF03000354B9553820E39F8 ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
07:38:02.0406 3564 HPZius12 - ok
07:38:02.0453 3564 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
07:38:02.0453 3564 HTTP - ok
07:38:02.0500 3564 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
07:38:02.0500 3564 HTTPFilter - ok
07:38:02.0515 3564 i2omgmt - ok
07:38:02.0546 3564 i2omp - ok
07:38:02.0578 3564 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
07:38:02.0578 3564 i8042prt - ok
07:38:02.0687 3564 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
07:38:02.0718 3564 idsvc - ok
07:38:02.0765 3564 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
07:38:02.0765 3564 Imapi - ok
07:38:02.0796 3564 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
07:38:02.0796 3564 ImapiService - ok
07:38:02.0828 3564 ini910u - ok
07:38:02.0984 3564 [ CBDDAB14249B2F05407FC09AB8FFFB88 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
07:38:03.0015 3564 IntcAzAudAddService - ok
07:38:03.0046 3564 IntelIde - ok
07:38:03.0093 3564 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
07:38:03.0093 3564 intelppm - ok
07:38:03.0125 3564 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
07:38:03.0125 3564 Ip6Fw - ok
07:38:03.0140 3564 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
07:38:03.0140 3564 IpFilterDriver - ok
07:38:03.0156 3564 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
07:38:03.0156 3564 IpInIp - ok
07:38:03.0203 3564 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
07:38:03.0203 3564 IpNat - ok
07:38:03.0265 3564 [ 0CA8C2E721617AA2F923A8151C96FB33 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
07:38:03.0281 3564 iPod Service - ok
07:38:03.0296 3564 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
07:38:03.0296 3564 IPSec - ok
07:38:03.0328 3564 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
07:38:03.0328 3564 IRENUM - ok
07:38:03.0359 3564 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
07:38:03.0359 3564 isapnp - ok
07:38:03.0453 3564 [ 381B25DC8E958D905B33130D500BBF29 ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
07:38:03.0453 3564 JavaQuickStarterService - ok
07:38:03.0500 3564 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
07:38:03.0500 3564 Kbdclass - ok
07:38:03.0578 3564 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
07:38:03.0578 3564 kbdhid - ok
07:38:03.0718 3564 kbeepm - ok
07:38:03.0765 3564 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
07:38:03.0765 3564 kmixer - ok
07:38:03.0812 3564 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
07:38:03.0828 3564 KSecDD - ok
07:38:03.0859 3564 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
07:38:03.0859 3564 lanmanserver - ok
07:38:03.0921 3564 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
07:38:03.0921 3564 lanmanworkstation - ok
07:38:03.0937 3564 lbrtfdc - ok
07:38:04.0000 3564 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
07:38:04.0000 3564 LmHosts - ok
07:38:04.0046 3564 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
07:38:04.0046 3564 MDM - ok
07:38:04.0109 3564 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
07:38:04.0109 3564 Messenger - ok
07:38:04.0156 3564 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
07:38:04.0156 3564 mnmdd - ok
07:38:04.0203 3564 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
07:38:04.0203 3564 mnmsrvc - ok
07:38:04.0250 3564 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
07:38:04.0250 3564 Modem - ok
07:38:04.0265 3564 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
07:38:04.0281 3564 Mouclass - ok
07:38:04.0328 3564 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
07:38:04.0328 3564 mouhid - ok
07:38:04.0390 3564 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
07:38:04.0390 3564 MountMgr - ok
07:38:04.0421 3564 mraid35x - ok
07:38:04.0437 3564 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
07:38:04.0453 3564 MRxDAV - ok
07:38:04.0500 3564 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
07:38:04.0500 3564 MRxSmb - ok
07:38:04.0531 3564 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
07:38:04.0531 3564 MSDTC - ok
07:38:04.0593 3564 [ 1477849772712BAC69C144DCF2C9CE81 ] MSDV C:\WINDOWS\system32\DRIVERS\msdv.sys
07:38:04.0593 3564 MSDV - ok
07:38:04.0625 3564 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
07:38:04.0625 3564 Msfs - ok
07:38:04.0640 3564 MSIServer - ok
07:38:04.0687 3564 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
07:38:04.0687 3564 MSKSSRV - ok
07:38:04.0703 3564 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
07:38:04.0703 3564 MSPCLOCK - ok
07:38:04.0718 3564 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
07:38:04.0718 3564 MSPQM - ok
07:38:04.0765 3564 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
07:38:04.0765 3564 mssmbios - ok
07:38:04.0828 3564 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
07:38:04.0828 3564 MSTEE - ok
07:38:04.0875 3564 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
07:38:04.0875 3564 Mup - ok
07:38:04.0921 3564 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
07:38:04.0921 3564 NABTSFEC - ok
07:38:04.0984 3564 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
07:38:04.0984 3564 napagent - ok0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 352.9K Banking & Borrowing
- 253.9K Reduce Debt & Boost Income
- 454.7K Spending & Discounts
- 245.9K Work, Benefits & Business
- 602K Mortgages, Homes & Bills
- 177.8K Life & Family
- 259.8K Travel & Transport
- 1.5M Hobbies & Leisure
- 16K Discuss & Feedback
- 37.7K Read-Only Boards