Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with ScrInject.B.Gen virus


  • Please log in to reply
9 replies to this topic

#1 wolf6541

wolf6541

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:05:03 AM

Posted 02 October 2012 - 06:32 PM

Hello folks, I've been trying to remove this since hours now by various ways, did scan multiple times with eset, hijackthis and mbam -

C:\Users\user\AppData\Local\Mozilla\Firefox\Profiles\gc0jsdz8.default\Cache\0\C4\FBB7Cd01
HTML/ScrInject.B.Gen virus

the mbam can't detect it at all (its up to date) as well as the hijack, the nod did but its not able to clean it for some reason and on a third full scan it stopped detecting it, however my pc is still going slow and nod continues to display more and more blocked attacks.

I did scan on safe mode with nod, the command prompt appeared, it did something that I couldn't understand because there were only ???s displayed and nothing else.

Apart the above, everything else is clean so far.

I'm not sure if I'm still infected as nod stopped detecting it, the whole hdd/registry and etc are clean according to the last scans at least.

Edited by wolf6541, 02 October 2012 - 06:35 PM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:03 AM

Posted 02 October 2012 - 06:43 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 wolf6541

wolf6541
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:05:03 AM

Posted 02 October 2012 - 08:32 PM

Thanks for your fast reply.
The ESET scanner found no threats, here it goes the other two -

TDSSkiller

18:26:39.0572 0968  TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
18:26:40.0352 0968  ============================================================
18:26:40.0352 0968  Current date / time: 2012/10/02 18:26:40.0352
18:26:40.0352 0968  SystemInfo:
18:26:40.0352 0968  
18:26:40.0352 0968  OS Version: 6.1.7601 ServicePack: 1.0
18:26:40.0352 0968  Product type: Workstation
18:26:40.0352 0968  ComputerName: WOLF-PC
18:26:40.0352 0968  UserName: user
18:26:40.0352 0968  Windows directory: C:\Windows
18:26:40.0352 0968  System windows directory: C:\Windows
18:26:40.0352 0968  Running under WOW64
18:26:40.0352 0968  Processor architecture: Intel x64
18:26:40.0352 0968  Number of processors: 4
18:26:40.0352 0968  Page size: 0x1000
18:26:40.0352 0968  Boot type: Normal boot
18:26:40.0352 0968  ============================================================
18:26:41.0942 0968  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:26:41.0972 0968  ============================================================
18:26:41.0972 0968  \Device\Harddisk0\DR0:
18:26:41.0972 0968  MBR partitions:
18:26:41.0972 0968  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
18:26:41.0972 0968  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xC7FF800
18:26:41.0972 0968  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xC832000, BlocksNum 0x2DB53800
18:26:41.0972 0968  ============================================================
18:26:42.0012 0968  C: <-> \Device\Harddisk0\DR0\Partition2
18:26:42.0102 0968  D: <-> \Device\Harddisk0\DR0\Partition3
18:26:42.0112 0968  ============================================================
18:26:42.0112 0968  Initialize success
18:26:42.0112 0968  ============================================================
18:27:12.0372 4232  ============================================================
18:27:12.0372 4232  Scan started
18:27:12.0372 4232  Mode: Manual; TDLFS; 
18:27:12.0372 4232  ============================================================
18:27:13.0012 4232  ================ Scan system memory ========================
18:27:13.0012 4232  System memory - ok
18:27:13.0012 4232  ================ Scan services =============================
18:27:13.0282 4232  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
18:27:13.0312 4232  1394ohci - ok
18:27:13.0362 4232  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
18:27:13.0382 4232  ACPI - ok
18:27:13.0392 4232  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
18:27:13.0402 4232  AcpiPmi - ok
18:27:13.0482 4232  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:27:13.0492 4232  AdobeARMservice - ok
18:27:13.0582 4232  [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:27:13.0582 4232  AdobeFlashPlayerUpdateSvc - ok
18:27:13.0652 4232  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
18:27:13.0672 4232  adp94xx - ok
18:27:13.0712 4232  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
18:27:13.0742 4232  adpahci - ok
18:27:13.0752 4232  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
18:27:13.0772 4232  adpu320 - ok
18:27:13.0802 4232  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
18:27:13.0802 4232  AeLookupSvc - ok
18:27:13.0862 4232  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
18:27:13.0882 4232  AFD - ok
18:27:13.0932 4232  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
18:27:13.0952 4232  agp440 - ok
18:27:13.0992 4232  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
18:27:13.0992 4232  ALG - ok
18:27:14.0022 4232  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
18:27:14.0032 4232  aliide - ok
18:27:14.0042 4232  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
18:27:14.0052 4232  amdide - ok
18:27:14.0092 4232  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
18:27:14.0102 4232  AmdK8 - ok
18:27:14.0112 4232  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
18:27:14.0142 4232  AmdPPM - ok
18:27:14.0162 4232  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
18:27:14.0172 4232  amdsata - ok
18:27:14.0212 4232  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
18:27:14.0222 4232  amdsbs - ok
18:27:14.0242 4232  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
18:27:14.0252 4232  amdxata - ok
18:27:14.0292 4232  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
18:27:14.0302 4232  AppID - ok
18:27:14.0332 4232  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
18:27:14.0332 4232  AppIDSvc - ok
18:27:14.0362 4232  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
18:27:14.0362 4232  Appinfo - ok
18:27:14.0432 4232  [ BA957E7ACD2B44FA3B01FAA64F6A9060 ] AppleCharger    C:\Windows\system32\DRIVERS\AppleCharger.sys
18:27:14.0432 4232  AppleCharger - ok
18:27:14.0462 4232  [ 95EF7247C50C7241FDAE39A9B3AFF4AE ] AppleChargerSrv C:\Windows\system32\AppleChargerSrv.exe
18:27:14.0462 4232  AppleChargerSrv - ok
18:27:14.0502 4232  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt         C:\Windows\System32\appmgmts.dll
18:27:14.0502 4232  AppMgmt - ok
18:27:14.0532 4232  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
18:27:14.0542 4232  arc - ok
18:27:14.0562 4232  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
18:27:14.0562 4232  arcsas - ok
18:27:14.0622 4232  aspnet_state - ok
18:27:14.0642 4232  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
18:27:14.0652 4232  AsyncMac - ok
18:27:14.0662 4232  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
18:27:14.0662 4232  atapi - ok
18:27:14.0712 4232  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:27:14.0742 4232  AudioEndpointBuilder - ok
18:27:14.0752 4232  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
18:27:14.0762 4232  AudioSrv - ok
18:27:14.0822 4232  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
18:27:14.0822 4232  AxInstSV - ok
18:27:14.0882 4232  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
18:27:14.0912 4232  b06bdrv - ok
18:27:14.0942 4232  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
18:27:14.0962 4232  b57nd60a - ok
18:27:15.0032 4232  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
18:27:15.0032 4232  BDESVC - ok
18:27:15.0052 4232  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
18:27:15.0062 4232  Beep - ok
18:27:15.0112 4232  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
18:27:15.0112 4232  BFE - ok
18:27:15.0202 4232  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
18:27:15.0232 4232  BITS - ok
18:27:15.0262 4232  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
18:27:15.0292 4232  blbdrive - ok
18:27:15.0332 4232  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
18:27:15.0352 4232  bowser - ok
18:27:15.0372 4232  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
18:27:15.0372 4232  BrFiltLo - ok
18:27:15.0372 4232  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
18:27:15.0382 4232  BrFiltUp - ok
18:27:15.0442 4232  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
18:27:15.0442 4232  Browser - ok
18:27:15.0452 4232  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
18:27:15.0472 4232  Brserid - ok
18:27:15.0492 4232  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
18:27:15.0502 4232  BrSerWdm - ok
18:27:15.0512 4232  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
18:27:15.0522 4232  BrUsbMdm - ok
18:27:15.0522 4232  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
18:27:15.0522 4232  BrUsbSer - ok
18:27:15.0532 4232  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
18:27:15.0542 4232  BTHMODEM - ok
18:27:15.0582 4232  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
18:27:15.0582 4232  bthserv - ok
18:27:15.0632 4232  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
18:27:15.0632 4232  cdfs - ok
18:27:15.0682 4232  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
18:27:15.0702 4232  cdrom - ok
18:27:15.0732 4232  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
18:27:15.0732 4232  CertPropSvc - ok
18:27:15.0742 4232  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
18:27:15.0742 4232  circlass - ok
18:27:15.0772 4232  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
18:27:15.0792 4232  CLFS - ok
18:27:15.0812 4232  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:27:15.0812 4232  clr_optimization_v2.0.50727_32 - ok
18:27:15.0912 4232  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:27:15.0912 4232  clr_optimization_v2.0.50727_64 - ok
18:27:15.0992 4232  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:27:16.0002 4232  clr_optimization_v4.0.30319_32 - ok
18:27:16.0022 4232  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:27:16.0022 4232  clr_optimization_v4.0.30319_64 - ok
18:27:16.0042 4232  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
18:27:16.0052 4232  CmBatt - ok
18:27:16.0082 4232  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
18:27:16.0092 4232  cmdide - ok
18:27:16.0162 4232  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
18:27:16.0202 4232  CNG - ok
18:27:16.0232 4232  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
18:27:16.0242 4232  Compbatt - ok
18:27:16.0262 4232  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
18:27:16.0262 4232  CompositeBus - ok
18:27:16.0272 4232  COMSysApp - ok
18:27:16.0292 4232  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
18:27:16.0292 4232  crcdisk - ok
18:27:16.0342 4232  [ 4F5414602E2544A4554D95517948B705 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
18:27:16.0342 4232  CryptSvc - ok
18:27:16.0392 4232  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC             C:\Windows\system32\drivers\csc.sys
18:27:16.0402 4232  CSC - ok
18:27:16.0462 4232  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService      C:\Windows\System32\cscsvc.dll
18:27:16.0462 4232  CscService - ok
18:27:16.0542 4232  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
18:27:16.0572 4232  DcomLaunch - ok
18:27:16.0652 4232  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
18:27:16.0652 4232  defragsvc - ok
18:27:16.0682 4232  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
18:27:16.0712 4232  DfsC - ok
18:27:16.0772 4232  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
18:27:16.0782 4232  Dhcp - ok
18:27:16.0812 4232  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
18:27:16.0822 4232  discache - ok
18:27:16.0852 4232  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
18:27:16.0862 4232  Disk - ok
18:27:16.0902 4232  [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
18:27:16.0902 4232  dmvsc - ok
18:27:16.0922 4232  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
18:27:16.0932 4232  Dnscache - ok
18:27:16.0952 4232  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
18:27:16.0952 4232  dot3svc - ok
18:27:16.0962 4232  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
18:27:16.0962 4232  DPS - ok
18:27:16.0992 4232  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
18:27:16.0992 4232  drmkaud - ok
18:27:17.0042 4232  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
18:27:17.0082 4232  DXGKrnl - ok
18:27:17.0132 4232  [ 0ABCCFBEF6B3D1068F48C9D98BC0E3A4 ] eamon           C:\Windows\system32\DRIVERS\eamon.sys
18:27:17.0162 4232  eamon - ok
18:27:17.0192 4232  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
18:27:17.0202 4232  EapHost - ok
18:27:17.0312 4232  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
18:27:17.0382 4232  ebdrv - ok
18:27:17.0402 4232  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
18:27:17.0412 4232  EFS - ok
18:27:17.0432 4232  [ 15E6B6F1B574EED0511498D0C2CB168D ] ehdrv           C:\Windows\system32\DRIVERS\ehdrv.sys
18:27:17.0452 4232  ehdrv - ok
18:27:17.0512 4232  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
18:27:17.0522 4232  ehRecvr - ok
18:27:17.0532 4232  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
18:27:17.0532 4232  ehSched - ok
18:27:17.0622 4232  [ F15F247839FCBA3CFFE198001CA84B21 ] EhttpSrv        D:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
18:27:17.0622 4232  EhttpSrv - ok
18:27:17.0682 4232  [ A4F25AFBDECE8C5D14229B84ADAF4CCE ] ekrn            D:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
18:27:17.0702 4232  ekrn - ok
18:27:17.0732 4232  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
18:27:17.0742 4232  elxstor - ok
18:27:17.0752 4232  [ ADA75E19E22386608DA20C174F3E978A ] epfwwfpr        C:\Windows\system32\DRIVERS\epfwwfpr.sys
18:27:17.0762 4232  epfwwfpr - ok
18:27:17.0782 4232  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
18:27:17.0782 4232  ErrDev - ok
18:27:17.0812 4232  [ F4845B5EECA94D200F621BBAAF7946C1 ] EtronHub3       C:\Windows\system32\Drivers\EtronHub3.sys
18:27:17.0832 4232  EtronHub3 - ok
18:27:17.0852 4232  [ 4A5945B5CDCF8EC3F842AE8AAA146A1F ] EtronXHCI       C:\Windows\system32\Drivers\EtronXHCI.sys
18:27:17.0852 4232  EtronXHCI - ok
18:27:17.0882 4232  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
18:27:17.0892 4232  EventSystem - ok
18:27:17.0902 4232  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
18:27:17.0922 4232  exfat - ok
18:27:17.0952 4232  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
18:27:17.0952 4232  fastfat - ok
18:27:18.0082 4232  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
18:27:18.0102 4232  Fax - ok
18:27:18.0122 4232  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
18:27:18.0132 4232  fdc - ok
18:27:18.0172 4232  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
18:27:18.0172 4232  fdPHost - ok
18:27:18.0202 4232  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
18:27:18.0202 4232  FDResPub - ok
18:27:18.0222 4232  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
18:27:18.0232 4232  FileInfo - ok
18:27:18.0252 4232  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
18:27:18.0252 4232  Filetrace - ok
18:27:18.0272 4232  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
18:27:18.0272 4232  flpydisk - ok
18:27:18.0292 4232  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
18:27:18.0312 4232  FltMgr - ok
18:27:18.0342 4232  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache       C:\Windows\system32\FntCache.dll
18:27:18.0352 4232  FontCache - ok
18:27:18.0392 4232  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:27:18.0392 4232  FontCache3.0.0.0 - ok
18:27:18.0412 4232  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
18:27:18.0422 4232  FsDepends - ok
18:27:18.0472 4232  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
18:27:18.0502 4232  Fs_Rec - ok
18:27:18.0572 4232  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
18:27:18.0602 4232  fvevol - ok
18:27:18.0612 4232  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
18:27:18.0642 4232  gagp30kx - ok
18:27:18.0702 4232  [ 7907E14F9BCF3A4689C9A74A1A873CB6 ] gdrv            C:\Windows\gdrv.sys
18:27:18.0742 4232  gdrv - ok
18:27:18.0782 4232  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
18:27:18.0782 4232  gpsvc - ok
18:27:18.0812 4232  [ 8126331FBD4ED29EB3B356F9C905064D ] GVTDrv64        C:\Windows\GVTDrv64.sys
18:27:18.0812 4232  GVTDrv64 - ok
18:27:18.0842 4232  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
18:27:18.0842 4232  hcw85cir - ok
18:27:18.0872 4232  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:27:18.0882 4232  HdAudAddService - ok
18:27:18.0902 4232  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
18:27:18.0902 4232  HDAudBus - ok
18:27:18.0912 4232  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
18:27:18.0942 4232  HidBatt - ok
18:27:18.0942 4232  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
18:27:18.0952 4232  HidBth - ok
18:27:18.0962 4232  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
18:27:18.0972 4232  HidIr - ok
18:27:18.0992 4232  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
18:27:18.0992 4232  hidserv - ok
18:27:19.0022 4232  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
18:27:19.0032 4232  HidUsb - ok
18:27:19.0112 4232  [ FD1837DEE0A1D7F180D7B301C0656511 ] HiPatchService  D:\Program Files\Hi-Rez Studios\HiPatchService.exe
18:27:19.0112 4232  HiPatchService - ok
18:27:19.0162 4232  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
18:27:19.0162 4232  hkmsvc - ok
18:27:19.0172 4232  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:27:19.0182 4232  HomeGroupListener - ok
18:27:19.0192 4232  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:27:19.0202 4232  HomeGroupProvider - ok
18:27:19.0222 4232  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
18:27:19.0222 4232  HpSAMD - ok
18:27:19.0242 4232  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
18:27:19.0262 4232  HTTP - ok
18:27:19.0282 4232  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
18:27:19.0292 4232  hwpolicy - ok
18:27:19.0312 4232  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
18:27:19.0322 4232  i8042prt - ok
18:27:19.0342 4232  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
18:27:19.0362 4232  iaStorV - ok
18:27:19.0402 4232  [ 33D4D4A24791587E83F7EE05A446FB7E ] ICCS            C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
18:27:19.0412 4232  ICCS - ok
18:27:19.0462 4232  [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
18:27:19.0462 4232  IDriverT - ok
18:27:19.0502 4232  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:27:19.0502 4232  idsvc - ok
18:27:19.0522 4232  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
18:27:19.0532 4232  iirsp - ok
18:27:19.0562 4232  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
18:27:19.0562 4232  IKEEXT - ok
18:27:19.0622 4232  [ 2D66067C7A8A0112156BCD1C0BAA7042 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
18:27:19.0632 4232  Intel(R) Capability Licensing Service Interface - ok
18:27:19.0652 4232  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
18:27:19.0652 4232  intelide - ok
18:27:19.0672 4232  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
18:27:19.0672 4232  intelppm - ok
18:27:19.0702 4232  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
18:27:19.0702 4232  IPBusEnum - ok
18:27:19.0712 4232  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:27:19.0712 4232  IpFilterDriver - ok
18:27:19.0732 4232  [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
18:27:19.0742 4232  iphlpsvc - ok
18:27:19.0752 4232  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
18:27:19.0752 4232  IPMIDRV - ok
18:27:19.0752 4232  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
18:27:19.0772 4232  IPNAT - ok
18:27:19.0792 4232  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
18:27:19.0792 4232  IRENUM - ok
18:27:19.0802 4232  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
18:27:19.0812 4232  isapnp - ok
18:27:19.0832 4232  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
18:27:19.0832 4232  iScsiPrt - ok
18:27:19.0862 4232  [ 6BCEF45131C8B8E1C558BE540B190B3C ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
18:27:19.0862 4232  iusb3hcs - ok
18:27:19.0882 4232  [ F080EADA8715F811B58BD35BB774F2F9 ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
18:27:19.0892 4232  iusb3hub - ok
18:27:19.0902 4232  [ 0F1756D9396740F053221FA6260FCE66 ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
18:27:19.0942 4232  iusb3xhc - ok
18:27:19.0982 4232  [ 166FC0B36842135BC2D3C32DF70ED0D6 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
18:27:19.0992 4232  jhi_service - ok
18:27:20.0012 4232  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
18:27:20.0022 4232  kbdclass - ok
18:27:20.0032 4232  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
18:27:20.0032 4232  kbdhid - ok
18:27:20.0052 4232  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
18:27:20.0052 4232  KeyIso - ok
18:27:20.0062 4232  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
18:27:20.0072 4232  KSecDD - ok
18:27:20.0082 4232  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
18:27:20.0082 4232  KSecPkg - ok
18:27:20.0112 4232  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
18:27:20.0112 4232  ksthunk - ok
18:27:20.0132 4232  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
18:27:20.0132 4232  KtmRm - ok
18:27:20.0162 4232  [ B8040D3B97B16B89701E31A17353856C ] L1C             C:\Windows\system32\DRIVERS\L1C62x64.sys
18:27:20.0182 4232  L1C - ok
18:27:20.0212 4232  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
18:27:20.0212 4232  LanmanServer - ok
18:27:20.0232 4232  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:27:20.0242 4232  LanmanWorkstation - ok
18:27:20.0262 4232  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
18:27:20.0282 4232  lltdio - ok
18:27:20.0292 4232  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
18:27:20.0302 4232  lltdsvc - ok
18:27:20.0322 4232  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
18:27:20.0322 4232  lmhosts - ok
18:27:20.0352 4232  [ C56E64BA70DC822B84D100A6F8D690D3 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
18:27:20.0352 4232  LMS - ok
18:27:20.0382 4232  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
18:27:20.0392 4232  LSI_FC - ok
18:27:20.0392 4232  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
18:27:20.0402 4232  LSI_SAS - ok
18:27:20.0412 4232  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
18:27:20.0422 4232  LSI_SAS2 - ok
18:27:20.0422 4232  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
18:27:20.0432 4232  LSI_SCSI - ok
18:27:20.0452 4232  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
18:27:20.0452 4232  luafv - ok
18:27:20.0502 4232  [ B9FC4CCE5758B816F27DD4D1EED11841 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
18:27:20.0502 4232  MBAMProtector - ok
18:27:20.0562 4232  [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler   D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
18:27:20.0572 4232  MBAMScheduler - ok
18:27:20.0592 4232  [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService     D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
18:27:20.0602 4232  MBAMService - ok
18:27:20.0642 4232  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
18:27:20.0642 4232  Mcx2Svc - ok
18:27:20.0652 4232  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
18:27:20.0672 4232  megasas - ok
18:27:20.0692 4232  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
18:27:20.0702 4232  MegaSR - ok
18:27:20.0732 4232  [ 6B01B7414A105B9E51652089A03027CF ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
18:27:20.0732 4232  MEIx64 - ok
18:27:20.0752 4232  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
18:27:20.0752 4232  MMCSS - ok
18:27:20.0762 4232  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
18:27:20.0762 4232  Modem - ok
18:27:20.0792 4232  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
18:27:20.0802 4232  monitor - ok
18:27:20.0822 4232  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
18:27:20.0822 4232  mouclass - ok
18:27:20.0832 4232  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
18:27:20.0832 4232  mouhid - ok
18:27:20.0842 4232  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
18:27:20.0852 4232  mountmgr - ok
18:27:20.0912 4232  [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:27:20.0932 4232  MozillaMaintenance - ok
18:27:20.0952 4232  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
18:27:20.0962 4232  mpio - ok
18:27:20.0962 4232  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
18:27:20.0982 4232  mpsdrv - ok
18:27:21.0012 4232  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
18:27:21.0022 4232  MpsSvc - ok
18:27:21.0032 4232  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
18:27:21.0042 4232  MRxDAV - ok
18:27:21.0062 4232  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
18:27:21.0062 4232  mrxsmb - ok
18:27:21.0082 4232  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:27:21.0082 4232  mrxsmb10 - ok
18:27:21.0092 4232  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:27:21.0092 4232  mrxsmb20 - ok
18:27:21.0102 4232  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
18:27:21.0112 4232  msahci - ok
18:27:21.0122 4232  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
18:27:21.0132 4232  msdsm - ok
18:27:21.0162 4232  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
18:27:21.0162 4232  MSDTC - ok
18:27:21.0182 4232  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
18:27:21.0182 4232  Msfs - ok
18:27:21.0192 4232  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
18:27:21.0192 4232  mshidkmdf - ok
18:27:21.0212 4232  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
18:27:21.0212 4232  msisadrv - ok
18:27:21.0252 4232  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
18:27:21.0252 4232  MSiSCSI - ok
18:27:21.0252 4232  msiserver - ok
18:27:21.0282 4232  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
18:27:21.0282 4232  MSKSSRV - ok
18:27:21.0292 4232  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
18:27:21.0292 4232  MSPCLOCK - ok
18:27:21.0292 4232  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
18:27:21.0312 4232  MSPQM - ok
18:27:21.0322 4232  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
18:27:21.0332 4232  MsRPC - ok
18:27:21.0332 4232  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
18:27:21.0342 4232  mssmbios - ok
18:27:21.0352 4232  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
18:27:21.0352 4232  MSTEE - ok
18:27:21.0452 4232  [ CB4A082AF58D1A0969F931816D5CFB05 ] msvsmon90       C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe
18:27:21.0502 4232  msvsmon90 - ok
18:27:21.0522 4232  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
18:27:21.0522 4232  MTConfig - ok
18:27:21.0542 4232  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
18:27:21.0542 4232  Mup - ok
18:27:21.0572 4232  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
18:27:21.0582 4232  napagent - ok
18:27:21.0602 4232  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
18:27:21.0622 4232  NativeWifiP - ok
18:27:21.0652 4232  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
18:27:21.0662 4232  NDIS - ok
18:27:21.0682 4232  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
18:27:21.0692 4232  NdisCap - ok
18:27:21.0702 4232  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
18:27:21.0702 4232  NdisTapi - ok
18:27:21.0702 4232  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
18:27:21.0702 4232  Ndisuio - ok
18:27:21.0712 4232  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
18:27:21.0722 4232  NdisWan - ok
18:27:21.0732 4232  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
18:27:21.0752 4232  NDProxy - ok
18:27:21.0762 4232  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
18:27:21.0772 4232  NetBIOS - ok
18:27:21.0792 4232  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
18:27:21.0802 4232  NetBT - ok
18:27:21.0812 4232  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
18:27:21.0812 4232  Netlogon - ok
18:27:21.0852 4232  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
18:27:21.0852 4232  Netman - ok
18:27:21.0862 4232  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
18:27:21.0862 4232  netprofm - ok
18:27:21.0882 4232  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:27:21.0892 4232  NetTcpPortSharing - ok
18:27:21.0912 4232  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
18:27:21.0922 4232  nfrd960 - ok
18:27:21.0942 4232  [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc          C:\Windows\System32\nlasvc.dll
18:27:21.0952 4232  NlaSvc - ok
18:27:21.0952 4232  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
18:27:21.0962 4232  Npfs - ok
18:27:21.0972 4232  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
18:27:21.0972 4232  nsi - ok
18:27:21.0982 4232  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
18:27:21.0992 4232  nsiproxy - ok
18:27:22.0012 4232  [ A2F74975097F52A00745F9637451FDD8 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
18:27:22.0042 4232  Ntfs - ok
18:27:22.0062 4232  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
18:27:22.0072 4232  Null - ok
18:27:22.0112 4232  [ F2662FDC20518EE8A8EED4F61BA42349 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
18:27:22.0112 4232  NVHDA - ok
18:27:22.0312 4232  [ 9C1996DD3C0469BC8933321F15709F5A ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:27:22.0492 4232  nvlddmkm - ok
18:27:22.0502 4232  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
18:27:22.0512 4232  nvraid - ok
18:27:22.0522 4232  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
18:27:22.0542 4232  nvstor - ok
18:27:22.0582 4232  [ E5AFBE55415828EE6230F148425A30E4 ] NVSvc           C:\Windows\system32\nvvsvc.exe
18:27:22.0592 4232  NVSvc - ok
18:27:22.0612 4232  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
18:27:22.0622 4232  nv_agp - ok
18:27:22.0622 4232  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
18:27:22.0632 4232  ohci1394 - ok
18:27:22.0652 4232  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
18:27:22.0652 4232  p2pimsvc - ok
18:27:22.0672 4232  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
18:27:22.0672 4232  p2psvc - ok
18:27:22.0682 4232  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys
18:27:22.0692 4232  Parport - ok
18:27:22.0712 4232  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
18:27:22.0722 4232  partmgr - ok
18:27:22.0742 4232  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
18:27:22.0742 4232  PcaSvc - ok
18:27:22.0772 4232  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
18:27:22.0792 4232  pci - ok
18:27:22.0792 4232  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
18:27:22.0802 4232  pciide - ok
18:27:22.0822 4232  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
18:27:22.0832 4232  pcmcia - ok
18:27:22.0872 4232  [ C98CD9EE0012DF72206BD519DB9780D4 ] PCToolsSSDMonitorSvc C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
18:27:22.0882 4232  PCToolsSSDMonitorSvc - ok
18:27:22.0892 4232  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
18:27:22.0902 4232  pcw - ok
18:27:22.0912 4232  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
18:27:22.0932 4232  PEAUTH - ok
18:27:22.0962 4232  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
18:27:22.0972 4232  PeerDistSvc - ok
18:27:23.0042 4232  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
18:27:23.0042 4232  PerfHost - ok
18:27:23.0082 4232  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
18:27:23.0092 4232  pla - ok
18:27:23.0132 4232  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
18:27:23.0132 4232  PlugPlay - ok
18:27:23.0132 4232  PnkBstrA - ok
18:27:23.0152 4232  PnkBstrB - ok
18:27:23.0172 4232  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
18:27:23.0172 4232  PNRPAutoReg - ok
18:27:23.0192 4232  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
18:27:23.0192 4232  PNRPsvc - ok
18:27:23.0222 4232  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
18:27:23.0232 4232  PolicyAgent - ok
18:27:23.0242 4232  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
18:27:23.0252 4232  Power - ok
18:27:23.0272 4232  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
18:27:23.0302 4232  PptpMiniport - ok
18:27:23.0312 4232  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
18:27:23.0322 4232  Processor - ok
18:27:23.0342 4232  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
18:27:23.0342 4232  ProfSvc - ok
18:27:23.0352 4232  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:27:23.0352 4232  ProtectedStorage - ok
18:27:23.0362 4232  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
18:27:23.0372 4232  Psched - ok
18:27:23.0402 4232  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
18:27:23.0422 4232  ql2300 - ok
18:27:23.0442 4232  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
18:27:23.0442 4232  ql40xx - ok
18:27:23.0472 4232  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
18:27:23.0472 4232  QWAVE - ok
18:27:23.0482 4232  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
18:27:23.0492 4232  QWAVEdrv - ok
18:27:23.0492 4232  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
18:27:23.0502 4232  RasAcd - ok
18:27:23.0522 4232  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
18:27:23.0522 4232  RasAgileVpn - ok
18:27:23.0542 4232  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
18:27:23.0542 4232  RasAuto - ok
18:27:23.0552 4232  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
18:27:23.0572 4232  Rasl2tp - ok
18:27:23.0602 4232  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
18:27:23.0602 4232  RasMan - ok
18:27:23.0612 4232  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
18:27:23.0622 4232  RasPppoe - ok
18:27:23.0622 4232  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
18:27:23.0632 4232  RasSstp - ok
18:27:23.0662 4232  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
18:27:23.0672 4232  rdbss - ok
18:27:23.0672 4232  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
18:27:23.0692 4232  rdpbus - ok
18:27:23.0702 4232  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
18:27:23.0702 4232  RDPCDD - ok
18:27:23.0722 4232  [ 1B6163C503398B23FF8B939C67747683 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
18:27:23.0742 4232  RDPDR - ok
18:27:23.0742 4232  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
18:27:23.0742 4232  RDPENCDD - ok
18:27:23.0762 4232  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
18:27:23.0762 4232  RDPREFMP - ok
18:27:23.0772 4232  [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
18:27:23.0782 4232  RdpVideoMiniport - ok
18:27:23.0802 4232  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
18:27:23.0822 4232  RDPWD - ok
18:27:23.0842 4232  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
18:27:23.0842 4232  rdyboost - ok
18:27:23.0862 4232  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
18:27:23.0872 4232  RemoteAccess - ok
18:27:23.0892 4232  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
18:27:23.0892 4232  RemoteRegistry - ok
18:27:23.0902 4232  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
18:27:23.0912 4232  RpcEptMapper - ok
18:27:23.0922 4232  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
18:27:23.0922 4232  RpcLocator - ok
18:27:23.0942 4232  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
18:27:23.0942 4232  RpcSs - ok
18:27:23.0972 4232  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
18:27:23.0972 4232  rspndr - ok
18:27:23.0992 4232  [ E60C0A09F997826C7627B244195AB581 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
18:27:23.0992 4232  s3cap - ok
18:27:24.0002 4232  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
18:27:24.0012 4232  SamSs - ok
18:27:24.0022 4232  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
18:27:24.0032 4232  sbp2port - ok
18:27:24.0042 4232  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
18:27:24.0052 4232  SCardSvr - ok
18:27:24.0052 4232  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
18:27:24.0062 4232  scfilter - ok
18:27:24.0092 4232  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
18:27:24.0102 4232  Schedule - ok
18:27:24.0112 4232  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
18:27:24.0112 4232  SCPolicySvc - ok
18:27:24.0132 4232  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
18:27:24.0142 4232  SDRSVC - ok
18:27:24.0152 4232  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
18:27:24.0172 4232  secdrv - ok
18:27:24.0182 4232  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
18:27:24.0182 4232  seclogon - ok
18:27:24.0202 4232  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
18:27:24.0202 4232  SENS - ok
18:27:24.0212 4232  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
18:27:24.0212 4232  SensrSvc - ok
18:27:24.0222 4232  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
18:27:24.0232 4232  Serenum - ok
18:27:24.0252 4232  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
18:27:24.0282 4232  Serial - ok
18:27:24.0292 4232  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
18:27:24.0302 4232  sermouse - ok
18:27:24.0312 4232  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
18:27:24.0322 4232  SessionEnv - ok
18:27:24.0342 4232  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
18:27:24.0352 4232  sffdisk - ok
18:27:24.0352 4232  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
18:27:24.0362 4232  sffp_mmc - ok
18:27:24.0362 4232  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
18:27:24.0362 4232  sffp_sd - ok
18:27:24.0372 4232  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
18:27:24.0382 4232  sfloppy - ok
18:27:24.0392 4232  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
18:27:24.0402 4232  SharedAccess - ok
18:27:24.0422 4232  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:27:24.0422 4232  ShellHWDetection - ok
18:27:24.0442 4232  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
18:27:24.0452 4232  SiSRaid2 - ok
18:27:24.0472 4232  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
18:27:24.0482 4232  SiSRaid4 - ok
18:27:24.0542 4232  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
18:27:24.0572 4232  SkypeUpdate - ok
18:27:24.0592 4232  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
18:27:24.0602 4232  Smb - ok
18:27:24.0612 4232  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
18:27:24.0612 4232  SNMPTRAP - ok
18:27:24.0632 4232  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
18:27:24.0642 4232  spldr - ok
18:27:24.0662 4232  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
18:27:24.0672 4232  Spooler - ok
18:27:24.0732 4232  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
18:27:24.0762 4232  sppsvc - ok
18:27:24.0772 4232  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
18:27:24.0782 4232  sppuinotify - ok
18:27:24.0812 4232  [ 602884696850C86434530790B110E8EB ] sptd            C:\Windows\system32\Drivers\sptd.sys
18:27:24.0812 4232  Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850C86434530790B110E8EB
18:27:24.0812 4232  sptd ( LockedFile.Multi.Generic ) - warning
18:27:24.0812 4232  sptd - detected LockedFile.Multi.Generic (1)
18:27:24.0842 4232  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
18:27:24.0862 4232  srv - ok
18:27:24.0882 4232  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
18:27:24.0892 4232  srv2 - ok
18:27:24.0902 4232  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
18:27:24.0902 4232  srvnet - ok
18:27:24.0942 4232  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
18:27:24.0942 4232  SSDPSRV - ok
18:27:24.0952 4232  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
18:27:24.0962 4232  SstpSvc - ok
18:27:24.0982 4232  [ EF806D212D34B0E173BAEB3564D53E37 ] ss_bbus         C:\Windows\system32\DRIVERS\ss_bbus.sys
18:27:24.0992 4232  ss_bbus - ok
18:27:25.0012 4232  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
18:27:25.0012 4232  stexstor - ok
18:27:25.0042 4232  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
18:27:25.0052 4232  stisvc - ok
18:27:25.0062 4232  [ 7785DC213270D2FC066538DAF94087E7 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
18:27:25.0062 4232  storflt - ok
18:27:25.0072 4232  [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
18:27:25.0082 4232  storvsc - ok
18:27:25.0102 4232  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
18:27:25.0102 4232  swenum - ok
18:27:25.0122 4232  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
18:27:25.0132 4232  swprv - ok
18:27:25.0142 4232  [ C3A39C4079305480972D29C44B868C78 ] Synth3dVsc      C:\Windows\system32\drivers\synth3dvsc.sys
18:27:25.0152 4232  Synth3dVsc - ok
18:27:25.0182 4232  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
18:27:25.0202 4232  SysMain - ok
18:27:25.0212 4232  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:27:25.0212 4232  TabletInputService - ok
18:27:25.0232 4232  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
18:27:25.0242 4232  TapiSrv - ok
18:27:25.0252 4232  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
18:27:25.0252 4232  TBS - ok
18:27:25.0292 4232  [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
18:27:25.0312 4232  Tcpip - ok
18:27:25.0342 4232  [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
18:27:25.0352 4232  TCPIP6 - ok
18:27:25.0372 4232  [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
18:27:25.0372 4232  tcpipreg - ok
18:27:25.0382 4232  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
18:27:25.0392 4232  TDPIPE - ok
18:27:25.0422 4232  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
18:27:25.0422 4232  TDTCP - ok
18:27:25.0442 4232  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
18:27:25.0452 4232  tdx - ok
18:27:25.0462 4232  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
18:27:25.0472 4232  TermDD - ok
18:27:25.0472 4232  [ 2B5BDFF688EC9871D7EC5837833374E9 ] terminpt        C:\Windows\system32\drivers\terminpt.sys
18:27:25.0482 4232  terminpt - ok
18:27:25.0512 4232  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
18:27:25.0522 4232  TermService - ok
18:27:25.0522 4232  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
18:27:25.0532 4232  Themes - ok
18:27:25.0542 4232  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
18:27:25.0542 4232  THREADORDER - ok
18:27:25.0552 4232  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
18:27:25.0552 4232  TrkWks - ok
18:27:25.0592 4232  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:27:25.0602 4232  TrustedInstaller - ok
18:27:25.0612 4232  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
18:27:25.0612 4232  tssecsrv - ok
18:27:25.0652 4232  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
18:27:25.0662 4232  TsUsbFlt - ok
18:27:25.0672 4232  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
18:27:25.0672 4232  TsUsbGD - ok
18:27:25.0682 4232  [ E1748D04AE40118B62BC18AC86032192 ] tsusbhub        C:\Windows\system32\drivers\tsusbhub.sys
18:27:25.0682 4232  tsusbhub - ok
18:27:25.0692 4232  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
18:27:25.0702 4232  tunnel - ok
18:27:25.0712 4232  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
18:27:25.0722 4232  uagp35 - ok
18:27:25.0732 4232  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
18:27:25.0732 4232  udfs - ok
18:27:25.0752 4232  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
18:27:25.0752 4232  UI0Detect - ok
18:27:25.0772 4232  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
18:27:25.0782 4232  uliagpkx - ok
18:27:25.0792 4232  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
18:27:25.0802 4232  umbus - ok
18:27:25.0812 4232  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
18:27:25.0822 4232  UmPass - ok
18:27:25.0832 4232  [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService    C:\Windows\System32\umrdp.dll
18:27:25.0832 4232  UmRdpService - ok
18:27:25.0862 4232  [ 0F9E1BC7E2BEA1A4108EC9736CF0C2D9 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
18:27:25.0872 4232  UNS - ok
18:27:25.0892 4232  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
18:27:25.0892 4232  upnphost - ok
18:27:25.0932 4232  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\drivers\usbccgp.sys
18:27:25.0942 4232  usbccgp - ok
18:27:25.0952 4232  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
18:27:25.0952 4232  usbcir - ok
18:27:25.0962 4232  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
18:27:25.0972 4232  usbehci - ok
18:27:25.0992 4232  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
18:27:26.0012 4232  usbhub - ok
18:27:26.0012 4232  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
18:27:26.0022 4232  usbohci - ok
18:27:26.0022 4232  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\drivers\usbprint.sys
18:27:26.0032 4232  usbprint - ok
18:27:26.0042 4232  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:27:26.0062 4232  USBSTOR - ok
18:27:26.0092 4232  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
18:27:26.0092 4232  usbuhci - ok
18:27:26.0102 4232  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
18:27:26.0102 4232  UxSms - ok
18:27:26.0112 4232  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
18:27:26.0112 4232  VaultSvc - ok
18:27:26.0132 4232  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
18:27:26.0152 4232  vdrvroot - ok
18:27:26.0162 4232  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
18:27:26.0172 4232  vds - ok
18:27:26.0192 4232  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
18:27:26.0202 4232  vga - ok
18:27:26.0212 4232  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
18:27:26.0222 4232  VgaSave - ok
18:27:26.0222 4232  VGPU - ok
18:27:26.0222 4232  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
18:27:26.0232 4232  vhdmp - ok
18:27:26.0292 4232  [ E8AF45C4FE2457D003E1842806F38748 ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
18:27:26.0312 4232  VIAHdAudAddService - ok
18:27:26.0322 4232  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
18:27:26.0322 4232  viaide - ok
18:27:26.0332 4232  [ 05D6657A9CCFD269D05D41BFFDCE9498 ] VIAKaraokeService C:\Windows\system32\viakaraokesrv.exe
18:27:26.0332 4232  VIAKaraokeService - ok
18:27:26.0352 4232  [ 86EA3E79AE350FEA5331A1303054005F ] vmbus           C:\Windows\system32\drivers\vmbus.sys
18:27:26.0382 4232  vmbus - ok
18:27:26.0402 4232  [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
18:27:26.0402 4232  VMBusHID - ok
18:27:26.0412 4232  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
18:27:26.0432 4232  volmgr - ok
18:27:26.0432 4232  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
18:27:26.0442 4232  volmgrx - ok
18:27:26.0442 4232  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
18:27:26.0462 4232  volsnap - ok
18:27:26.0472 4232  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
18:27:26.0482 4232  vsmraid - ok
18:27:26.0522 4232  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
18:27:26.0542 4232  VSS - ok
18:27:26.0542 4232  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
18:27:26.0552 4232  vwifibus - ok
18:27:26.0572 4232  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
18:27:26.0572 4232  W32Time - ok
18:27:26.0592 4232  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
18:27:26.0592 4232  WacomPen - ok
18:27:26.0622 4232  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
18:27:26.0632 4232  WANARP - ok
18:27:26.0632 4232  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
18:27:26.0632 4232  Wanarpv6 - ok
18:27:26.0682 4232  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
18:27:26.0692 4232  WatAdminSvc - ok
18:27:26.0722 4232  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
18:27:26.0742 4232  wbengine - ok
18:27:26.0752 4232  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
18:27:26.0762 4232  WbioSrvc - ok
18:27:26.0772 4232  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
18:27:26.0782 4232  wcncsvc - ok
18:27:26.0782 4232  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:27:26.0792 4232  WcsPlugInService - ok
18:27:26.0812 4232  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
18:27:26.0812 4232  Wd - ok
18:27:26.0832 4232  [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
18:27:26.0832 4232  Wdf01000 - ok
18:27:26.0852 4232  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
18:27:26.0862 4232  WdiServiceHost - ok
18:27:26.0862 4232  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
18:27:26.0862 4232  WdiSystemHost - ok
18:27:26.0872 4232  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
18:27:26.0882 4232  WebClient - ok
18:27:26.0882 4232  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
18:27:26.0892 4232  Wecsvc - ok
18:27:26.0902 4232  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
18:27:26.0902 4232  wercplsupport - ok
18:27:26.0912 4232  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
18:27:26.0922 4232  WerSvc - ok
18:27:26.0942 4232  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
18:27:26.0952 4232  WfpLwf - ok
18:27:26.0982 4232  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
18:27:26.0982 4232  WIMMount - ok
18:27:27.0002 4232  WinDefend - ok
18:27:27.0012 4232  WinHttpAutoProxySvc - ok
18:27:27.0052 4232  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
18:27:27.0062 4232  Winmgmt - ok
18:27:27.0112 4232  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
18:27:27.0132 4232  WinRM - ok
18:27:27.0172 4232  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
18:27:27.0172 4232  Wlansvc - ok
18:27:27.0192 4232  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
18:27:27.0192 4232  WmiAcpi - ok
18:27:27.0222 4232  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
18:27:27.0222 4232  wmiApSrv - ok
18:27:27.0232 4232  WMPNetworkSvc - ok
18:27:27.0262 4232  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
18:27:27.0262 4232  WPCSvc - ok
18:27:27.0272 4232  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
18:27:27.0282 4232  WPDBusEnum - ok
18:27:27.0292 4232  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
18:27:27.0302 4232  ws2ifsl - ok
18:27:27.0322 4232  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
18:27:27.0322 4232  wscsvc - ok
18:27:27.0322 4232  WSearch - ok
18:27:27.0372 4232  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
18:27:27.0392 4232  wuauserv - ok
18:27:27.0402 4232  [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
18:27:27.0412 4232  WudfPf - ok
18:27:27.0442 4232  [ CF8D590BE3373029D57AF80914190682 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
18:27:27.0452 4232  WUDFRd - ok
18:27:27.0472 4232  [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
18:27:27.0482 4232  wudfsvc - ok
18:27:27.0492 4232  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
18:27:27.0492 4232  WwanSvc - ok
18:27:27.0512 4232  ================ Scan global ===============================
18:27:27.0532 4232  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
18:27:27.0552 4232  [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
18:27:27.0562 4232  [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
18:27:27.0572 4232  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
18:27:27.0592 4232  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
18:27:27.0592 4232  [Global] - ok
18:27:27.0602 4232  ================ Scan MBR ==================================
18:27:27.0612 4232  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:27:28.0102 4232  \Device\Harddisk0\DR0 - ok
18:27:28.0112 4232  ================ Scan VBR ==================================
18:27:28.0112 4232  [ 540DAEC3ECAB7369BEC38DF8232DF4A6 ] \Device\Harddisk0\DR0\Partition1
18:27:28.0112 4232  \Device\Harddisk0\DR0\Partition1 - ok
18:27:28.0142 4232  [ C480F91D7DF0D9C908BF5478FB9F7923 ] \Device\Harddisk0\DR0\Partition2
18:27:28.0152 4232  \Device\Harddisk0\DR0\Partition2 - ok
18:27:28.0172 4232  [ 6482A88B59104A24970EE0F245E62A02 ] \Device\Harddisk0\DR0\Partition3
18:27:28.0172 4232  \Device\Harddisk0\DR0\Partition3 - ok
18:27:28.0172 4232  ============================================================
18:27:28.0172 4232  Scan finished
18:27:28.0172 4232  ============================================================
18:27:28.0192 4496  Detected object count: 1
18:27:28.0192 4496  Actual detected object count: 1
18:27:54.0262 4496  sptd ( LockedFile.Multi.Generic ) - skipped by user
18:27:54.0262 4496  sptd ( LockedFile.Multi.Generic ) - User select action: Skip 


aswMBR

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-10-02 18:19:11
-----------------------------
18:19:11.311    OS Version: Windows x64 6.1.7601 Service Pack 1
18:19:11.311    Number of processors: 4 586 0x2A07
18:19:11.311    ComputerName: WOLF-PC  UserName: user
18:19:13.051    Initialize success
18:20:05.851    AVAST engine defs: 12100300
18:21:13.802    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP3T0L0-3
18:21:13.802    Disk 0 Vendor: Hitachi_HDS721050CLA360 JP2OA50E Size: 476940MB BusType: 3
18:21:13.812    Disk 0 MBR read successfully
18:21:13.812    Disk 0 MBR scan
18:21:13.822    Disk 0 Windows 7 default MBR code
18:21:13.822    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 2048
18:21:13.842    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       102399 MB offset 206848
18:21:13.862    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       374439 MB offset 209920000
18:21:13.892    Disk 0 scanning C:\Windows\system32\drivers
18:21:22.842    Service scanning
18:21:43.092    Modules scanning
18:21:43.092    Disk 0 trace - called modules:
18:21:43.112    ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0xfffffa80043c12c0]<<spnw.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys 
18:21:43.442    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80047cc060]
18:21:43.442    3 CLASSPNP.SYS[fffff88000cc143f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP3T0L0-3[0xfffffa8004553060]
18:21:43.452    \Driver\atapi[0xfffffa80044ff260] -> IRP_MJ_CREATE -> 0xfffffa80043c12c0
18:21:44.062    AVAST engine scan C:\Windows
18:21:45.352    AVAST engine scan C:\Windows\system32
18:23:50.992    AVAST engine scan C:\Windows\system32\drivers
18:24:03.392    AVAST engine scan C:\Users\user
18:24:38.312    Disk 0 MBR has been saved successfully to "C:\Users\user\Desktop\MBR.dat"
18:24:38.352    The log file has been saved successfully to "C:\Users\user\Desktop\aswMBR.txt"

Edited by wolf6541, 02 October 2012 - 08:45 PM.


#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:03 AM

Posted 02 October 2012 - 08:42 PM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#5 wolf6541

wolf6541
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:05:03 AM

Posted 02 October 2012 - 09:47 PM

Continuing -

Minitoolbox

MiniToolBox by Farbar  Version: 23-07-2012
Ran by user (administrator) on 02-10-2012 at 19:00:57
Microsoft Windows 7 Ultimate  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ============================== 

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ============================== 


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20) = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : wolf-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
   Physical Address. . . . . . . . . : 90-2B-34-33-3B-E4
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::1dd3:8a2c:b27e:7e14%11(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.100(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Tuesday, October 02, 2012 2:52:38 PM
   Lease Expires . . . . . . . . . . : Tuesday, October 02, 2012 8:52:38 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 244329268
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-DF-0E-75-90-2B-34-33-3B-E4
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{20905343-CF69-4EF3-9AE9-5FEE01899432}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fb:104f:19c1:b1a5:13bf(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::104f:19c1:b1a5:13bf%12(Preferred) 
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  UnKnown
Address:  192.168.1.1

Name:    google.com
Addresses:  2a00:1450:4001:c01::8a
	  209.85.148.113
	  209.85.148.138
	  209.85.148.139
	  209.85.148.100
	  209.85.148.101
	  209.85.148.102


Pinging google.com [209.85.148.102] with 32 bytes of data:
Request timed out.
Request timed out.

Ping statistics for 209.85.148.102:
    Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),
Server:  UnKnown
Address:  192.168.1.1

Name:    yahoo.com
Addresses:  98.138.253.109
	  98.139.183.24
	  72.30.38.140


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Request timed out.
Request timed out.

Ping statistics for 72.30.38.140:
    Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),
Server:  UnKnown
Address:  192.168.1.1

Name:    bleepingcomputer.com
Address:  208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Request timed out.
Request timed out.

Ping statistics for 208.43.87.2:
    Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=3ms TTL=128
Reply from 127.0.0.1: bytes=32 time=1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 1ms, Maximum = 3ms, Average = 2ms
===========================================================================
Interface List
 11...90 2b 34 33 3b e4 ......Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
  1...........................Software Loopback Interface 1
 13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.100     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link     192.168.1.100    276
    192.168.1.100  255.255.255.255         On-link     192.168.1.100    276
    192.168.1.255  255.255.255.255         On-link     192.168.1.100    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.1.100    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.1.100    276
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 12     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 12     58 2001::/32                On-link
 12    306 2001:0:5ef5:79fb:104f:19c1:b1a5:13bf/128
                                    On-link
 11    276 fe80::/64                On-link
 12    306 fe80::/64                On-link
 12    306 fe80::104f:19c1:b1a5:13bf/128
                                    On-link
 11    276 fe80::1dd3:8a2c:b27e:7e14/128
                                    On-link
  1    306 ff00::/8                 On-link
 12    306 ff00::/8                 On-link
 11    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/02/2012 06:53:32 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/02/2012 06:34:54 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/02/2012 05:54:48 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/02/2012 02:54:24 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/02/2012 02:51:34 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/02/2012 02:40:04 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/02/2012 08:36:24 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/01/2012 07:40:48 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/30/2012 03:55:30 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/29/2012 10:33:28 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (10/02/2012 02:50:35 PM) (Source: DCOM) (User: )
Description: 1084NVSvc{DCAB0989-1301-4319-BE5F-ADE89F88581C}

Error: (10/02/2012 02:50:09 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068

Error: (10/02/2012 02:50:09 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068

Error: (10/02/2012 02:50:09 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068

Error: (10/02/2012 02:50:09 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068

Error: (10/02/2012 02:50:09 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068

Error: (10/02/2012 02:50:09 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068

Error: (10/02/2012 02:50:08 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068

Error: (10/02/2012 02:50:08 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068

Error: (10/02/2012 02:50:08 PM) (Source: DCOM) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}


Microsoft Office Sessions:
=========================
Error: (10/02/2012 06:53:32 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\user\Downloads\esetsmartinstaller_enu.exe

Error: (10/02/2012 06:34:54 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\user\Downloads\esetsmartinstaller_enu.exe

Error: (10/02/2012 05:54:48 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\user\Downloads\esetsmartinstaller_enu.exe

Error: (10/02/2012 02:54:24 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/02/2012 02:51:34 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/02/2012 02:40:04 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/02/2012 08:36:24 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/01/2012 07:40:48 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/30/2012 03:55:30 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/29/2012 10:33:28 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


=========================== Installed Programs ============================

@BIOS (Version: 2.23)
Adobe Flash Player 11 Plugin (Version: 11.4.402.265)
Adobe Reader X (10.1.4) (Version: 10.1.4)
ASIO4ALL (Version: 2.11 Beta1)
ASUS nVidia Driver (Version: 1.00.0000)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (Version: 2.0.4.4)
AutoGreen B12.0206.1 (Version: 1.00.0000)
ESET NOD32 Antivirus (Version: 4.0.435.0)
ESET Online Scanner v3
Etron USB3.0 Host Controller (Version: 0.109)
EVEREST Ultimate Edition v5.50 (Version: 5.50)
FAM 1.0.0.0 (Version: 1.0.0.0)
FileZilla Client 3.5.3 (Version: 3.5.3)
FL Studio 10
Hi-Rez Studios Authenticate and Update Service (Version: 3.0.0.0)
HiJackThis (Version: 1.0.0)
IL Download Manager
Intel(R) Management Engine Components (Version: 8.0.0.1351)
Intel(R) USB 3.0 eXtensible Host Controller Driver (Version: 1.0.3.214)
Intel® Trusted Connect Service Client (Version: 1.23.216.0)
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
Medieval II Total War (Version: 1.00.0000)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft SQL Server 2008 Management Objects (Version: 10.0.1600.22)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Express Edition with SP1 - ENU
Microsoft Visual C++ 2008 Express Edition with SP1 - ENU (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU (Version: 9.0.30729)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU Service Pack 1 (KB945140) (Version: 1)
Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries (Version: 6.1.5288.17011)
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enu (Version: 3.5.30729)
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32 (Version: 6.1.5295.17011)
Miroslav Philharmonik (Version: 1.0.0)
Mozilla Firefox 15.0.1 (x86 en-US) (Version: 15.0.1)
Mozilla Maintenance Service (Version: 15.0.1)
MSVCRT (Version: 14.0.1468.721)
Native Instruments Service Center (Version: 2.3.2.926)
Notepad++ (Version: 6.1.8)
NVIDIA 3D Vision Controller Driver (Version: 267.67)
NVIDIA 3D Vision Controller Driver 267.85 (Version: 267.85)
NVIDIA Control Panel 267.85 (Version: 267.85)
NVIDIA Graphics Driver 267.85 (Version: 267.85)
NVIDIA HD Audio Driver 1.2.22.1 (Version: 1.2.22.1)
NVIDIA Install Application (Version: 2.265.41.0)
NVIDIA PhysX (Version: 9.10.0514)
NVIDIA PhysX System Software 9.10.0514 (Version: 9.10.0514)
ON_OFF Charge B11.1102.1 (Version: 1.00.0001)
Platform (Version: 1.39)
Registry Mechanic 10.0 (Version: 10.0)
Rome - Total War(TM) (Version: 1.0)
Skype™ 5.10 (Version: 5.10.116)
SQL Server System CLR Types (Version: 10.0.1600.22)
Tribes Ascend (Version: 1.0.1103.1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
VIA Platform Device Manager (Version: 1.39)
VLC media player 1.1.2 (Version: 1.1.2)
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live Messenger (Version: 14.0.8117.0416)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Upload Tool (Version: 14.0.8014.1029)
WinRAR 4.20 (64-bit) (Version: 4.20.0)
Xfire (remove only)
Your Uninstaller! 2008 Version 6.0 (Version: 6.0)

========================= Memory info: ===================================

Percentage of memory in use: 52%
Total physical RAM: 4057.96 MB
Available physical RAM: 1920.13 MB
Total Pagefile: 8114.11 MB
Available Pagefile: 5346.48 MB
Total Virtual: 4095.88 MB
Available Virtual: 3958.24 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:100 GB) (Free:73.37 GB) NTFS
2 Drive d: () (Fixed) (Total:365.66 GB) (Free:226.23 GB) NTFS

========================= Users: ========================================

User accounts for \\WOLF-PC

Administrator            ASPNET                   Guest                    
user                   

========================= Restore Points ==================================

26-09-2012 23:16:12 Windows Update
01-10-2012 01:08:02 Installed Hi-Rez Studios Games
01-10-2012 15:21:46 Installed DirectX
02-10-2012 01:14:08 Windows Update

**** End of log ****


FSS

Farbar Service Scanner Version: 19-09-2012
Ran by user (administrator) on 02-10-2012 at 19:01:44
Running from "C:\Users\user\Downloads"
Microsoft Windows 7 Ultimate  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error: Google IP is offline
Attempt to access Google.com returned error: Google.com is offline
Attempt to access Yahoo IP returned error: Yahoo IP is offline
Attempt to access Yahoo.com returned error: Yahoo.com is offline


Windows Firewall:
=============

Firewall Disabled Policy: 
==================


System Restore:
============

System Restore Disabled Policy: 
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy: 
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

MBAM

Malwarebytes Anti-Malware (Trial) 1.65.0.1400
www.malwarebytes.org

Database version: v2012.10.02.10

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
user :: WOLF-PC [administrator]

Protection: Enabled

10/2/2012 7:08:16 PM
mbam-log-2012-10-02 (19-42-05).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 439187
Time elapsed: 33 minute(s), 42 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


Adware cleaner; After the restart, the windows stopped loading on normal boot (freezes) :blink: I'm currently on safe mode.

# AdwCleaner v2.003 - Logfile created 10/02/2012 at 20:04:01
# Updated 23/09/2012 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (64 bits)
# User : user - WOLF-PC
# Boot Mode : Normal
# Running from : C:\Users\user\Downloads\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

Folder Found : C:\Program Files (x86)\splashtop
Folder Found : C:\Users\user\AppData\Roaming\splashtop

***** [Registry] *****

Key Found : HKLM\SOFTWARE\Classes\S

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v15.0.1 (en-US)

Profile name : default 
File : C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\gc0jsdz8.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [840 octets] - [02/10/2012 20:04:01]

########## EOF - C:\AdwCleaner[R1].txt - [899 octets] ##########

Edited by wolf6541, 02 October 2012 - 10:48 PM.


#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:03 AM

Posted 02 October 2012 - 10:56 PM

Do not edit your posts.Make a new reply.

what happens when you boot into normal mode?

#7 wolf6541

wolf6541
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:05:03 AM

Posted 03 October 2012 - 10:27 AM

It just freezes after typing the password.

Edited by wolf6541, 03 October 2012 - 10:28 AM.


#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:03 AM

Posted 03 October 2012 - 10:28 AM

Try a clean boot

http://www.askdrtech.com/solutions/post/How-to-perform-a-clean-startup-%28clean-boot%29-in-Windows-7.aspx

Now boot into normal mode and let me know if that works

#9 wolf6541

wolf6541
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:05:03 AM

Posted 03 October 2012 - 12:14 PM

I tried this but without success, I formated the drive, thanks for your help anyway.

Edited by wolf6541, 03 October 2012 - 12:19 PM.


#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:03 AM

Posted 03 October 2012 - 01:41 PM

You're welcome :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users