Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Computer freezes, forces a shut down


  • Please log in to reply
29 replies to this topic

#1 Emphyzema

Emphyzema

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:02:48 AM

Posted 08 December 2012 - 01:41 PM

Hi,
Thanks for taking the time to look at this. My computer has been having an issue as of recently. I'll be playing a game or watching an online stream and the computer will freeze up. I can move my mouse around, can close out of windows on the internet, audio for streaming music/video/game continues for a while and some visual things like a countdown timer for disconnecting me from the game. This all eventually stops probably 20 seconds after it started and my whole computer freezes and I can only move my mouse and open/close files but it will show nothing within them. At this point I can't ctrl+alt+delete or bring up the task manager at all and have to manually power down and restart. I have gotten a blue screen two times total, after the first time it changed the default hard drive to boot from.

At first I thought this was a hard-drive failing because of this default change so I tested for this using CrystalDisk. It found I had reallocated sector counts on one of my hard drives but this is my third one for storage I stole from my old computer. So I'm not sure if this is the problem, a virus, or hardware failing somewhere within my computer.

Thanks for any help

BC AdBot (Login to Remove)

 


#2 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:07:48 AM

Posted 08 December 2012 - 02:19 PM

Hello,

I will be helping you with your problems. Please be patient while I assist you.

Some points for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do NOT run, install or uninstall any programs, unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.

NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

----------------------------------------------

Please do the following:

:step1:

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
  • Double-click on TDSSKiller.exe on your desktop to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click on change parameters
  • Under Objects to scan, check the boxes next to Verify file digital signatures, Detect TDLFS file system, then click OK.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not an option, Skip instead, do NOT choose Delete or Quarantine unless instructed.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the full contents of that file in your next reply. - If the log is too long, then split it into multiple posts.


:step2:

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the full contents of that document.


:step3:

Please download Farbar Service Scanner and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press Scan.
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the full contents of the log in your next reply.


:step4:

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (Only Problems)
  • List Users, Partitions and Memory size.
  • List Minidump Files
  • List Restore points
NOTE: When using "Reset FF Proxy Settings" option Firefox should be closed.

Click Go and post the full contents of the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#3 Emphyzema

Emphyzema
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:02:48 AM

Posted 08 December 2012 - 02:35 PM

First Test

14:29:47.0000 4260 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
14:29:47.0323 4260 ============================================================
14:29:47.0323 4260 Current date / time: 2012/12/08 14:29:47.0323
14:29:47.0323 4260 SystemInfo:
14:29:47.0323 4260
14:29:47.0323 4260 OS Version: 6.1.7601 ServicePack: 1.0
14:29:47.0323 4260 Product type: Workstation
14:29:47.0324 4260 ComputerName: DAVID-PC
14:29:47.0324 4260 UserName: David
14:29:47.0324 4260 Windows directory: C:\Windows
14:29:47.0324 4260 System windows directory: C:\Windows
14:29:47.0324 4260 Running under WOW64
14:29:47.0324 4260 Processor architecture: Intel x64
14:29:47.0324 4260 Number of processors: 4
14:29:47.0324 4260 Page size: 0x1000
14:29:47.0324 4260 Boot type: Normal boot
14:29:47.0324 4260 ============================================================
14:29:47.0530 4260 Drive \Device\Harddisk1\DR1 - Size: 0xEE8156000 (59.63 Gb), SectorSize: 0x200, Cylinders: 0x1E67, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:29:47.0536 4260 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:29:47.0547 4260 Drive \Device\Harddisk2\DR2 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:29:47.0557 4260 ============================================================
14:29:47.0558 4260 \Device\Harddisk1\DR1:
14:29:47.0558 4260 MBR partitions:
14:29:47.0558 4260 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
14:29:47.0558 4260 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x770D800
14:29:47.0558 4260 \Device\Harddisk0\DR0:
14:29:47.0561 4260 MBR partitions:
14:29:47.0561 4260 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1B747, BlocksNum 0x3A369790
14:29:47.0561 4260 \Device\Harddisk2\DR2:
14:29:47.0561 4260 MBR partitions:
14:29:47.0561 4260 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
14:29:47.0561 4260 ============================================================
14:29:47.0563 4260 C: <-> \Device\Harddisk1\DR1\Partition2
14:29:47.0591 4260 E: <-> \Device\Harddisk0\DR0\Partition1
14:29:47.0605 4260 B: <-> \Device\Harddisk2\DR2\Partition1
14:29:47.0605 4260 ============================================================
14:29:47.0605 4260 Initialize success
14:29:47.0605 4260 ============================================================
14:30:27.0190 5000 ============================================================
14:30:27.0190 5000 Scan started
14:30:27.0190 5000 Mode: Manual; SigCheck; TDLFS;
14:30:27.0190 5000 ============================================================
14:30:27.0332 5000 ================ Scan system memory ========================
14:30:27.0332 5000 System memory - ok
14:30:27.0332 5000 ================ Scan services =============================
14:30:27.0363 5000 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
14:30:27.0433 5000 1394ohci - ok
14:30:27.0439 5000 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
14:30:27.0450 5000 ACPI - ok
14:30:27.0452 5000 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
14:30:27.0463 5000 AcpiPmi - ok
14:30:27.0477 5000 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:30:27.0486 5000 AdobeFlashPlayerUpdateSvc - ok
14:30:27.0493 5000 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
14:30:27.0505 5000 adp94xx - ok
14:30:27.0510 5000 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
14:30:27.0520 5000 adpahci - ok
14:30:27.0524 5000 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
14:30:27.0533 5000 adpu320 - ok
14:30:27.0537 5000 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:30:27.0560 5000 AeLookupSvc - ok
14:30:27.0568 5000 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
14:30:27.0580 5000 AFD - ok
14:30:27.0583 5000 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
14:30:27.0591 5000 agp440 - ok
14:30:27.0594 5000 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
14:30:27.0604 5000 ALG - ok
14:30:27.0606 5000 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
14:30:27.0614 5000 aliide - ok
14:30:27.0665 5000 ALSysIO - ok
14:30:27.0684 5000 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
14:30:27.0698 5000 amdide - ok
14:30:27.0703 5000 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
14:30:27.0715 5000 AmdK8 - ok
14:30:27.0718 5000 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
14:30:27.0729 5000 AmdPPM - ok
14:30:27.0732 5000 [ 6EC6D772EAE38DC17C14AED9B178D24B ] amdsata C:\Windows\system32\drivers\amdsata.sys
14:30:27.0740 5000 amdsata - ok
14:30:27.0745 5000 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
14:30:27.0754 5000 amdsbs - ok
14:30:27.0757 5000 [ 1142A21DB581A84EA5597B03A26EBAA0 ] amdxata C:\Windows\system32\drivers\amdxata.sys
14:30:27.0765 5000 amdxata - ok
14:30:27.0773 5000 [ F9DAC844B1D370DA4C984D4C22F5E696 ] AntiSpywareService C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe
14:30:27.0785 5000 AntiSpywareService - ok
14:30:27.0788 5000 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
14:30:27.0811 5000 AppID - ok
14:30:27.0814 5000 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:30:27.0837 5000 AppIDSvc - ok
14:30:27.0840 5000 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
14:30:27.0862 5000 Appinfo - ok
14:30:27.0866 5000 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:30:27.0872 5000 Apple Mobile Device - ok
14:30:27.0875 5000 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
14:30:27.0883 5000 arc - ok
14:30:27.0886 5000 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
14:30:27.0893 5000 arcsas - ok
14:30:27.0896 5000 [ 912A215CE180A6E7C923C662D7EC777D ] AsrAppCharger C:\Windows\system32\DRIVERS\AsrAppCharger.sys
14:30:27.0907 5000 AsrAppCharger - ok
14:30:27.0909 5000 [ 5A68B880C16AD5A6AA20B49A47FFFF24 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
14:30:27.0916 5000 aswFsBlk - ok
14:30:27.0918 5000 [ 230613BE2D3DA8053879BE5ED2848F2D ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
14:30:27.0925 5000 aswMonFlt - ok
14:30:27.0928 5000 [ 0DC1996AE4178D7D14744EF6B3082313 ] aswRdr C:\Windows\system32\drivers\aswRdr.sys
14:30:27.0934 5000 aswRdr - ok
14:30:27.0940 5000 [ B6FF911C23775CDFDD49612D92637AF4 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
14:30:27.0952 5000 aswSnx - ok
14:30:27.0956 5000 [ 5A590D8516376AED1829FC07D3BDAA4B ] aswSP C:\Windows\system32\drivers\aswSP.sys
14:30:27.0965 5000 aswSP - ok
14:30:27.0967 5000 [ 3239C0082FB0C1C4EE323730B85690A5 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
14:30:27.0974 5000 aswTdi - ok
14:30:27.0976 5000 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:30:27.0999 5000 AsyncMac - ok
14:30:28.0001 5000 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
14:30:28.0008 5000 atapi - ok
14:30:28.0018 5000 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:30:28.0044 5000 AudioEndpointBuilder - ok
14:30:28.0054 5000 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
14:30:28.0079 5000 AudioSrv - ok
14:30:28.0124 5000 [ C76769F246250EDAD34A5581419E9D60 ] avast! Antivirus B:\Program Files\Avast\AvastSvc.exe
14:30:28.0138 5000 avast! Antivirus - ok
14:30:28.0144 5000 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:30:28.0170 5000 AxInstSV - ok
14:30:28.0181 5000 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
14:30:28.0203 5000 b06bdrv - ok
14:30:28.0211 5000 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
14:30:28.0225 5000 b57nd60a - ok
14:30:28.0231 5000 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
14:30:28.0241 5000 BDESVC - ok
14:30:28.0243 5000 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
14:30:28.0267 5000 Beep - ok
14:30:28.0278 5000 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
14:30:28.0305 5000 BFE - ok
14:30:28.0317 5000 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
14:30:28.0346 5000 BITS - ok
14:30:28.0348 5000 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
14:30:28.0357 5000 blbdrive - ok
14:30:28.0364 5000 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:30:28.0374 5000 Bonjour Service - ok
14:30:28.0377 5000 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:30:28.0385 5000 bowser - ok
14:30:28.0387 5000 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
14:30:28.0398 5000 BrFiltLo - ok
14:30:28.0400 5000 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
14:30:28.0410 5000 BrFiltUp - ok
14:30:28.0413 5000 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
14:30:28.0422 5000 Browser - ok
14:30:28.0427 5000 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
14:30:28.0438 5000 Brserid - ok
14:30:28.0441 5000 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
14:30:28.0451 5000 BrSerWdm - ok
14:30:28.0453 5000 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
14:30:28.0463 5000 BrUsbMdm - ok
14:30:28.0465 5000 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
14:30:28.0474 5000 BrUsbSer - ok
14:30:28.0476 5000 [ FF7C57973EEAD140062238C5A0B7D455 ] BTCFilterService C:\Windows\system32\DRIVERS\motfilt.sys
14:30:28.0486 5000 BTCFilterService - ok
14:30:28.0489 5000 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
14:30:28.0499 5000 BTHMODEM - ok
14:30:28.0504 5000 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
14:30:28.0527 5000 bthserv - ok
14:30:28.0530 5000 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:30:28.0552 5000 cdfs - ok
14:30:28.0556 5000 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
14:30:28.0566 5000 cdrom - ok
14:30:28.0569 5000 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
14:30:28.0592 5000 CertPropSvc - ok
14:30:28.0611 5000 [ 33B82CF69E41B38A2EC0C3CABDE80D6E ] cFosSpeed C:\Windows\system32\DRIVERS\cfosspeed6.sys
14:30:28.0635 5000 cFosSpeed - ok
14:30:28.0642 5000 [ 760085908644D2988F1B504C3FCA6959 ] cFosSpeedS C:\Program Files\ASRock\XFast LAN\spd.exe
14:30:28.0652 5000 cFosSpeedS - ok
14:30:28.0655 5000 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
14:30:28.0666 5000 circlass - ok
14:30:28.0673 5000 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
14:30:28.0683 5000 CLFS - ok
14:30:28.0688 5000 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:30:28.0695 5000 clr_optimization_v2.0.50727_32 - ok
14:30:28.0700 5000 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:30:28.0706 5000 clr_optimization_v2.0.50727_64 - ok
14:30:28.0709 5000 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
14:30:28.0717 5000 CmBatt - ok
14:30:28.0720 5000 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
14:30:28.0727 5000 cmdide - ok
14:30:28.0732 5000 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
14:30:28.0747 5000 CNG - ok
14:30:28.0750 5000 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
14:30:28.0757 5000 Compbatt - ok
14:30:28.0759 5000 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
14:30:28.0769 5000 CompositeBus - ok
14:30:28.0771 5000 COMSysApp - ok
14:30:28.0774 5000 [ 71879A4AB90D21BCCF9E3CFCF0BB5F4A ] copperhd C:\Windows\system32\drivers\copperhd.sys
14:30:28.0781 5000 copperhd - ok
14:30:28.0784 5000 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
14:30:28.0790 5000 crcdisk - ok
14:30:28.0796 5000 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:30:28.0806 5000 CryptSvc - ok
14:30:28.0815 5000 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
14:30:28.0841 5000 DcomLaunch - ok
14:30:28.0847 5000 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
14:30:28.0872 5000 defragsvc - ok
14:30:28.0876 5000 [ 59D90B6A7FBC4CC712DD7C5868618480 ] DeviceMonitorService C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe
14:30:28.0883 5000 DeviceMonitorService - ok
14:30:28.0886 5000 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:30:28.0909 5000 DfsC - ok
14:30:28.0917 5000 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
14:30:28.0942 5000 Dhcp - ok
14:30:28.0945 5000 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
14:30:28.0967 5000 discache - ok
14:30:28.0970 5000 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
14:30:28.0978 5000 Disk - ok
14:30:28.0981 5000 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:30:28.0991 5000 Dnscache - ok
14:30:28.0996 5000 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
14:30:29.0020 5000 dot3svc - ok
14:30:29.0025 5000 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
14:30:29.0048 5000 DPS - ok
14:30:29.0050 5000 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:30:29.0060 5000 drmkaud - ok
14:30:29.0073 5000 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:30:29.0089 5000 DXGKrnl - ok
14:30:29.0091 5000 EagleX64 - ok
14:30:29.0095 5000 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
14:30:29.0122 5000 EapHost - ok
14:30:29.0176 5000 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
14:30:29.0216 5000 ebdrv - ok
14:30:29.0219 5000 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
14:30:29.0233 5000 EFS - ok
14:30:29.0244 5000 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:30:29.0257 5000 ehRecvr - ok
14:30:29.0261 5000 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
14:30:29.0271 5000 ehSched - ok
14:30:29.0281 5000 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
14:30:29.0296 5000 elxstor - ok
14:30:29.0298 5000 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
14:30:29.0307 5000 ErrDev - ok
14:30:29.0310 5000 [ DF2F6C1E55F6E81CFC7F688380D85816 ] EtronHub3 C:\Windows\system32\Drivers\EtronHub3.sys
14:30:29.0319 5000 EtronHub3 - ok
14:30:29.0321 5000 [ E093ABFB67A4B9D94F80611A7D0A8BB9 ] EtronXHCI C:\Windows\system32\Drivers\EtronXHCI.sys
14:30:29.0329 5000 EtronXHCI - ok
14:30:29.0337 5000 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
14:30:29.0363 5000 EventSystem - ok
14:30:29.0367 5000 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
14:30:29.0391 5000 exfat - ok
14:30:29.0396 5000 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:30:29.0420 5000 fastfat - ok
14:30:29.0430 5000 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
14:30:29.0444 5000 Fax - ok
14:30:29.0446 5000 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
14:30:29.0455 5000 fdc - ok
14:30:29.0457 5000 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
14:30:29.0480 5000 fdPHost - ok
14:30:29.0482 5000 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
14:30:29.0505 5000 FDResPub - ok
14:30:29.0508 5000 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:30:29.0515 5000 FileInfo - ok
14:30:29.0518 5000 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:30:29.0540 5000 Filetrace - ok
14:30:29.0543 5000 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
14:30:29.0551 5000 flpydisk - ok
14:30:29.0557 5000 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:30:29.0566 5000 FltMgr - ok
14:30:29.0568 5000 [ FE95AE537B41A7E2F4CFE353064DC4AF ] FNETTBOH_305 C:\Windows\system32\drivers\FNETTBOH_305.SYS
14:30:29.0575 5000 FNETTBOH_305 - ok
14:30:29.0577 5000 [ 7C3C4B4C951EC1BDFD4F769D05E2CC68 ] FNETURPX C:\Windows\system32\drivers\FNETURPX.SYS
14:30:29.0583 5000 FNETURPX - ok
14:30:29.0598 5000 [ B4447F606BB19FD8AD0BAFB59B90F5D9 ] FontCache C:\Windows\system32\FntCache.dll
14:30:29.0628 5000 FontCache - ok
14:30:29.0631 5000 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:30:29.0638 5000 FontCache3.0.0.0 - ok
14:30:29.0640 5000 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:30:29.0648 5000 FsDepends - ok
14:30:29.0650 5000 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:30:29.0657 5000 Fs_Rec - ok
14:30:29.0662 5000 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:30:29.0673 5000 fvevol - ok
14:30:29.0676 5000 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
14:30:29.0683 5000 gagp30kx - ok
14:30:29.0686 5000 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:30:29.0691 5000 GEARAspiWDM - ok
14:30:29.0702 5000 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
14:30:29.0729 5000 gpsvc - ok
14:30:29.0732 5000 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
14:30:29.0740 5000 hcw85cir - ok
14:30:29.0746 5000 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:30:29.0758 5000 HdAudAddService - ok
14:30:29.0762 5000 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
14:30:29.0773 5000 HDAudBus - ok
14:30:29.0775 5000 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
14:30:29.0784 5000 HidBatt - ok
14:30:29.0787 5000 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
14:30:29.0798 5000 HidBth - ok
14:30:29.0800 5000 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
14:30:29.0810 5000 HidIr - ok
14:30:29.0813 5000 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
14:30:29.0836 5000 hidserv - ok
14:30:29.0839 5000 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
14:30:29.0847 5000 HidUsb - ok
14:30:29.0851 5000 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:30:29.0883 5000 hkmsvc - ok
14:30:29.0891 5000 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:30:29.0906 5000 HomeGroupListener - ok
14:30:29.0911 5000 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:30:29.0924 5000 HomeGroupProvider - ok
14:30:29.0927 5000 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
14:30:29.0936 5000 HpSAMD - ok
14:30:29.0947 5000 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:30:29.0991 5000 HTTP - ok
14:30:29.0993 5000 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:30:30.0000 5000 hwpolicy - ok
14:30:30.0003 5000 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
14:30:30.0012 5000 i8042prt - ok
14:30:30.0019 5000 [ 3DF4395A7CF8B7A72A5F4606366B8C2D ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
14:30:30.0029 5000 iaStorV - ok
14:30:30.0042 5000 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:30:30.0055 5000 idsvc - ok
14:30:30.0058 5000 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
14:30:30.0065 5000 iirsp - ok
14:30:30.0077 5000 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
14:30:30.0104 5000 IKEEXT - ok
14:30:30.0136 5000 [ C7124DA48E557D8F88D0D7F1254557F4 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
14:30:30.0168 5000 IntcAzAudAddService - ok
14:30:30.0171 5000 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
14:30:30.0178 5000 intelide - ok
14:30:30.0180 5000 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:30:30.0189 5000 intelppm - ok
14:30:30.0193 5000 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:30:30.0217 5000 IPBusEnum - ok
14:30:30.0220 5000 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:30:30.0243 5000 IpFilterDriver - ok
14:30:30.0252 5000 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
14:30:30.0278 5000 iphlpsvc - ok
14:30:30.0281 5000 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
14:30:30.0291 5000 IPMIDRV - ok
14:30:30.0294 5000 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:30:30.0318 5000 IPNAT - ok
14:30:30.0327 5000 [ 50D6CCC6FF5561F9F56946B3E6164FB8 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
14:30:30.0341 5000 iPod Service - ok
14:30:30.0344 5000 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:30:30.0355 5000 IRENUM - ok
14:30:30.0358 5000 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:30:30.0365 5000 isapnp - ok
14:30:30.0370 5000 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
14:30:30.0379 5000 iScsiPrt - ok
14:30:30.0385 5000 [ 54F694C6CD3A1149BA3A8BDACC83BADC ] ITMRTSVC C:\Program Files (x86)\CA\PPRT\bin\ITMRTSVC.exe
14:30:30.0393 5000 ITMRTSVC - ok
14:30:30.0396 5000 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
14:30:30.0403 5000 kbdclass - ok
14:30:30.0406 5000 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
14:30:30.0414 5000 kbdhid - ok
14:30:30.0417 5000 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
14:30:30.0426 5000 KeyIso - ok
14:30:30.0428 5000 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:30:30.0436 5000 KSecDD - ok
14:30:30.0440 5000 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:30:30.0448 5000 KSecPkg - ok
14:30:30.0451 5000 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
14:30:30.0473 5000 ksthunk - ok
14:30:30.0480 5000 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
14:30:30.0505 5000 KtmRm - ok
14:30:30.0510 5000 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
14:30:30.0534 5000 LanmanServer - ok
14:30:30.0538 5000 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:30:30.0563 5000 LanmanWorkstation - ok
14:30:30.0566 5000 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:30:30.0589 5000 lltdio - ok
14:30:30.0595 5000 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:30:30.0620 5000 lltdsvc - ok
14:30:30.0623 5000 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:30:30.0646 5000 lmhosts - ok
14:30:30.0650 5000 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
14:30:30.0658 5000 LSI_FC - ok
14:30:30.0661 5000 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
14:30:30.0669 5000 LSI_SAS - ok
14:30:30.0672 5000 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
14:30:30.0679 5000 LSI_SAS2 - ok
14:30:30.0683 5000 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
14:30:30.0691 5000 LSI_SCSI - ok
14:30:30.0694 5000 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
14:30:30.0717 5000 luafv - ok
14:30:30.0719 5000 [ 8FF2D95CBA49B405C5DE27039FF0BF35 ] MBfilt C:\Windows\system32\drivers\MBfilt64.sys
14:30:30.0726 5000 MBfilt - ok
14:30:30.0729 5000 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:30:30.0739 5000 Mcx2Svc - ok
14:30:30.0741 5000 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
14:30:30.0748 5000 megasas - ok
14:30:30.0754 5000 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
14:30:30.0763 5000 MegaSR - ok
14:30:30.0766 5000 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
14:30:30.0772 5000 MEIx64 - ok
14:30:30.0775 5000 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
14:30:30.0799 5000 MMCSS - ok
14:30:30.0802 5000 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
14:30:30.0825 5000 Modem - ok
14:30:30.0828 5000 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:30:30.0838 5000 monitor - ok
14:30:30.0841 5000 [ D69F1E9A944A5F46A494AF901ED41118 ] motandroidusb C:\Windows\system32\Drivers\motoandroid.sys
14:30:30.0851 5000 motandroidusb - ok
14:30:30.0854 5000 [ 43E754047C6DEE50666554D3C66D6279 ] motccgp C:\Windows\system32\DRIVERS\motccgp.sys
14:30:30.0864 5000 motccgp - ok
14:30:30.0866 5000 [ 577399C75CF85AC68E7830EB150F45EF ] motccgpfl C:\Windows\system32\DRIVERS\motccgpfl.sys
14:30:30.0877 5000 motccgpfl - ok
14:30:30.0879 5000 motmodem - ok
14:30:30.0883 5000 [ 11AAA0083D30F4677AD2B218EE7F5CE9 ] Motorola Device Manager C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
14:30:30.0890 5000 Motorola Device Manager - ok
14:30:30.0892 5000 [ 19BC2161C3FCCED802F1BCD9B78C3466 ] MotoSwitchService C:\Windows\system32\DRIVERS\motswch.sys
14:30:30.0902 5000 MotoSwitchService - ok
14:30:30.0904 5000 [ C4F1495598C7E1FEF53BCFD84A5BD53E ] Motousbnet C:\Windows\system32\DRIVERS\Motousbnet.sys
14:30:30.0914 5000 Motousbnet - ok
14:30:30.0917 5000 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:30:30.0924 5000 mouclass - ok
14:30:30.0927 5000 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:30:30.0936 5000 mouhid - ok
14:30:30.0939 5000 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:30:30.0947 5000 mountmgr - ok
14:30:30.0951 5000 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
14:30:30.0959 5000 mpio - ok
14:30:30.0962 5000 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:30:30.0985 5000 mpsdrv - ok
14:30:30.0997 5000 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
14:30:31.0025 5000 MpsSvc - ok
14:30:31.0029 5000 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:30:31.0042 5000 MRxDAV - ok
14:30:31.0045 5000 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:30:31.0055 5000 mrxsmb - ok
14:30:31.0059 5000 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:30:31.0069 5000 mrxsmb10 - ok
14:30:31.0072 5000 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:30:31.0081 5000 mrxsmb20 - ok
14:30:31.0084 5000 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
14:30:31.0091 5000 msahci - ok
14:30:31.0095 5000 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
14:30:31.0103 5000 msdsm - ok
14:30:31.0107 5000 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
14:30:31.0117 5000 MSDTC - ok
14:30:31.0121 5000 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:30:31.0143 5000 Msfs - ok
14:30:31.0145 5000 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:30:31.0168 5000 mshidkmdf - ok
14:30:31.0170 5000 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:30:31.0177 5000 msisadrv - ok
14:30:31.0181 5000 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:30:31.0221 5000 MSiSCSI - ok
14:30:31.0223 5000 msiserver - ok
14:30:31.0225 5000 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:30:31.0248 5000 MSKSSRV - ok
14:30:31.0250 5000 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:30:31.0273 5000 MSPCLOCK - ok
14:30:31.0275 5000 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:30:31.0298 5000 MSPQM - ok
14:30:31.0304 5000 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:30:31.0314 5000 MsRPC - ok
14:30:31.0318 5000 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
14:30:31.0325 5000 mssmbios - ok
14:30:31.0327 5000 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:30:31.0350 5000 MSTEE - ok
14:30:31.0352 5000 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
14:30:31.0360 5000 MTConfig - ok
14:30:31.0363 5000 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
14:30:31.0370 5000 Mup - ok
14:30:31.0375 5000 [ 4FAD606C7AEB336E5AA4A005DE09CA80 ] mv91xx C:\Windows\system32\DRIVERS\mv91xx.sys
14:30:31.0384 5000 mv91xx - ok
14:30:31.0392 5000 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
14:30:31.0419 5000 napagent - ok
14:30:31.0425 5000 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:30:31.0440 5000 NativeWifiP - ok
14:30:31.0454 5000 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
14:30:31.0470 5000 NDIS - ok
14:30:31.0472 5000 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:30:31.0496 5000 NdisCap - ok
14:30:31.0498 5000 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:30:31.0521 5000 NdisTapi - ok
14:30:31.0524 5000 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:30:31.0546 5000 Ndisuio - ok
14:30:31.0550 5000 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:30:31.0573 5000 NdisWan - ok
14:30:31.0576 5000 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:30:31.0598 5000 NDProxy - ok
14:30:31.0600 5000 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:30:31.0623 5000 NetBIOS - ok
14:30:31.0628 5000 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:30:31.0651 5000 NetBT - ok
14:30:31.0654 5000 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
14:30:31.0662 5000 Netlogon - ok
14:30:31.0669 5000 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
14:30:31.0694 5000 Netman - ok
14:30:31.0702 5000 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
14:30:31.0729 5000 netprofm - ok
14:30:31.0732 5000 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:30:31.0739 5000 NetTcpPortSharing - ok
14:30:31.0742 5000 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
14:30:31.0749 5000 nfrd960 - ok
14:30:31.0755 5000 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
14:30:31.0779 5000 NlaSvc - ok
14:30:31.0782 5000 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:30:31.0804 5000 Npfs - ok
14:30:31.0807 5000 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
14:30:31.0830 5000 nsi - ok
14:30:31.0833 5000 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:30:31.0856 5000 nsiproxy - ok
14:30:31.0879 5000 [ 05D78AA5CB5F3F5C31160BDB955D0B7C ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:30:31.0901 5000 Ntfs - ok
14:30:31.0903 5000 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
14:30:31.0926 5000 Null - ok
14:30:31.0930 5000 [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
14:30:31.0938 5000 NVHDA - ok
14:30:32.0068 5000 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:30:32.0195 5000 nvlddmkm - ok
14:30:32.0201 5000 [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48 ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:30:32.0209 5000 nvraid - ok
14:30:32.0213 5000 [ F7CD50FE7139F07E77DA8AC8033D1832 ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:30:32.0222 5000 nvstor - ok
14:30:32.0230 5000 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] nvsvc C:\Windows\system32\nvvsvc.exe
14:30:32.0246 5000 nvsvc - ok
14:30:32.0257 5000 [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
14:30:32.0275 5000 nvUpdatusService - ok
14:30:32.0278 5000 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:30:32.0286 5000 nv_agp - ok
14:30:32.0293 5000 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:30:32.0303 5000 odserv - ok
14:30:32.0306 5000 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
14:30:32.0315 5000 ohci1394 - ok
14:30:32.0319 5000 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:30:32.0326 5000 ose - ok
14:30:32.0332 5000 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
14:30:32.0343 5000 p2pimsvc - ok
14:30:32.0350 5000 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
14:30:32.0362 5000 p2psvc - ok
14:30:32.0365 5000 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
14:30:32.0374 5000 Parport - ok
14:30:32.0377 5000 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:30:32.0384 5000 partmgr - ok
14:30:32.0388 5000 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
14:30:32.0402 5000 PcaSvc - ok
14:30:32.0406 5000 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
14:30:32.0415 5000 pci - ok
14:30:32.0417 5000 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
14:30:32.0425 5000 pciide - ok
14:30:32.0429 5000 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
14:30:32.0439 5000 pcmcia - ok
14:30:32.0441 5000 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
14:30:32.0448 5000 pcw - ok
14:30:32.0458 5000 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:30:32.0485 5000 PEAUTH - ok
14:30:32.0499 5000 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
14:30:32.0509 5000 PerfHost - ok
14:30:32.0529 5000 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
14:30:32.0561 5000 pla - ok
14:30:32.0572 5000 [ AB168D5CF1CD69F9FA6F09C828FEA660 ] PlantronicsGC C:\Windows\system32\drivers\PLTGC.sys
14:30:32.0588 5000 PlantronicsGC - ok
14:30:32.0594 5000 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:30:32.0606 5000 PlugPlay - ok
14:30:32.0609 5000 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:30:32.0618 5000 PNRPAutoReg - ok
14:30:32.0624 5000 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:30:32.0635 5000 PNRPsvc - ok
14:30:32.0643 5000 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:30:32.0669 5000 PolicyAgent - ok
14:30:32.0674 5000 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
14:30:32.0699 5000 Power - ok
14:30:32.0703 5000 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:30:32.0726 5000 PptpMiniport - ok
14:30:32.0729 5000 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
14:30:32.0738 5000 Processor - ok
14:30:32.0743 5000 [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc C:\Windows\system32\profsvc.dll
14:30:32.0768 5000 ProfSvc - ok
14:30:32.0770 5000 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:30:32.0780 5000 ProtectedStorage - ok
14:30:32.0783 5000 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:30:32.0806 5000 Psched - ok
14:30:32.0810 5000 [ EA735BF6DF13A857A83C99BF27A422AD ] PST Service C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
14:30:32.0813 5000 PST Service ( UnsignedFile.Multi.Generic ) - warning
14:30:32.0813 5000 PST Service - detected UnsignedFile.Multi.Generic (1)
14:30:32.0833 5000 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
14:30:32.0853 5000 ql2300 - ok
14:30:32.0857 5000 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
14:30:32.0865 5000 ql40xx - ok
14:30:32.0869 5000 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
14:30:32.0883 5000 QWAVE - ok
14:30:32.0886 5000 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:30:32.0897 5000 QWAVEdrv - ok
14:30:32.0900 5000 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:30:32.0922 5000 RasAcd - ok
14:30:32.0925 5000 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:30:32.0948 5000 RasAgileVpn - ok
14:30:32.0951 5000 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
14:30:32.0976 5000 RasAuto - ok
14:30:32.0980 5000 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:30:33.0003 5000 Rasl2tp - ok
14:30:33.0009 5000 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
14:30:33.0035 5000 RasMan - ok
14:30:33.0038 5000 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:30:33.0061 5000 RasPppoe - ok
14:30:33.0064 5000 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:30:33.0088 5000 RasSstp - ok
14:30:33.0094 5000 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:30:33.0117 5000 rdbss - ok
14:30:33.0120 5000 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
14:30:33.0130 5000 rdpbus - ok
14:30:33.0132 5000 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:30:33.0155 5000 RDPCDD - ok
14:30:33.0160 5000 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:30:33.0183 5000 RDPENCDD - ok
14:30:33.0186 5000 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
14:30:33.0209 5000 RDPREFMP - ok
14:30:33.0212 5000 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:30:33.0222 5000 RDPWD - ok
14:30:33.0227 5000 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:30:33.0235 5000 rdyboost - ok
14:30:33.0239 5000 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
14:30:33.0263 5000 RemoteAccess - ok
14:30:33.0267 5000 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:30:33.0293 5000 RemoteRegistry - ok
14:30:33.0296 5000 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:30:33.0321 5000 RpcEptMapper - ok
14:30:33.0323 5000 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
14:30:33.0333 5000 RpcLocator - ok
14:30:33.0341 5000 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
14:30:33.0368 5000 RpcSs - ok
14:30:33.0371 5000 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:30:33.0394 5000 rspndr - ok
14:30:33.0402 5000 [ F4C374B1C46DE294B573BB43723AC3F6 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
14:30:33.0412 5000 RTL8167 - ok
14:30:33.0415 5000 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
14:30:33.0424 5000 SamSs - ok
14:30:33.0427 5000 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:30:33.0434 5000 sbp2port - ok
14:30:33.0440 5000 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:30:33.0466 5000 SCardSvr - ok
14:30:33.0468 5000 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:30:33.0491 5000 scfilter - ok
14:30:33.0506 5000 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
14:30:33.0537 5000 Schedule - ok
14:30:33.0540 5000 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
14:30:33.0562 5000 SCPolicySvc - ok
14:30:33.0567 5000 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:30:33.0578 5000 SDRSVC - ok
14:30:33.0581 5000 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:30:33.0604 5000 secdrv - ok
14:30:33.0606 5000 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
14:30:33.0630 5000 seclogon - ok
14:30:33.0633 5000 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
14:30:33.0657 5000 SENS - ok
14:30:33.0660 5000 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
14:30:33.0671 5000 SensrSvc - ok
14:30:33.0673 5000 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
14:30:33.0682 5000 Serenum - ok
14:30:33.0685 5000 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
14:30:33.0695 5000 Serial - ok
14:30:33.0697 5000 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
14:30:33.0707 5000 sermouse - ok
14:30:33.0713 5000 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
14:30:33.0737 5000 SessionEnv - ok
14:30:33.0740 5000 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
14:30:33.0750 5000 sffdisk - ok
14:30:33.0752 5000 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:30:33.0762 5000 sffp_mmc - ok
14:30:33.0764 5000 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
14:30:33.0774 5000 sffp_sd - ok
14:30:33.0777 5000 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
14:30:33.0785 5000 sfloppy - ok
14:30:33.0792 5000 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:30:33.0817 5000 SharedAccess - ok
14:30:33.0824 5000 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:30:33.0849 5000 ShellHWDetection - ok
14:30:33.0852 5000 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
14:30:33.0860 5000 SiSRaid2 - ok
14:30:33.0863 5000 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
14:30:33.0870 5000 SiSRaid4 - ok
14:30:33.0874 5000 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
14:30:33.0881 5000 SkypeUpdate - ok
14:30:33.0884 5000 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:30:33.0908 5000 Smb - ok
14:30:33.0911 5000 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:30:33.0922 5000 SNMPTRAP - ok
14:30:33.0924 5000 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
14:30:33.0931 5000 spldr - ok
14:30:33.0940 5000 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
14:30:33.0970 5000 Spooler - ok
14:30:34.0023 5000 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
14:30:34.0110 5000 sppsvc - ok
14:30:34.0113 5000 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
14:30:34.0140 5000 sppuinotify - ok
14:30:34.0148 5000 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
14:30:34.0160 5000 srv - ok
14:30:34.0166 5000 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:30:34.0179 5000 srv2 - ok
14:30:34.0184 5000 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:30:34.0196 5000 srvnet - ok
14:30:34.0201 5000 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:30:34.0234 5000 SSDPSRV - ok
14:30:34.0237 5000 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:30:34.0269 5000 SstpSvc - ok
14:30:34.0271 5000 Steam Client Service - ok
14:30:34.0278 5000 [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
14:30:34.0288 5000 Stereo Service - ok
14:30:34.0291 5000 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
14:30:34.0298 5000 stexstor - ok
14:30:34.0307 5000 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
14:30:34.0323 5000 stisvc - ok
14:30:34.0326 5000 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
14:30:34.0333 5000 swenum - ok
14:30:34.0341 5000 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
14:30:34.0368 5000 swprv - ok
14:30:34.0391 5000 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
14:30:34.0433 5000 SysMain - ok
14:30:34.0437 5000 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:30:34.0454 5000 TabletInputService - ok
14:30:34.0461 5000 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
14:30:34.0492 5000 TapiSrv - ok
14:30:34.0495 5000 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
14:30:34.0520 5000 TBS - ok
14:30:34.0535 5000 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:30:34.0560 5000 Tcpip - ok
14:30:34.0576 5000 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:30:34.0600 5000 TCPIP6 - ok
14:30:34.0604 5000 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:30:34.0627 5000 tcpipreg - ok
14:30:34.0630 5000 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:30:34.0638 5000 TDPIPE - ok
14:30:34.0640 5000 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:30:34.0649 5000 TDTCP - ok
14:30:34.0652 5000 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:30:34.0675 5000 tdx - ok
14:30:34.0678 5000 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
14:30:34.0686 5000 TermDD - ok
14:30:34.0696 5000 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
14:30:34.0724 5000 TermService - ok
14:30:34.0727 5000 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
14:30:34.0740 5000 Themes - ok
14:30:34.0743 5000 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
14:30:34.0766 5000 THREADORDER - ok
14:30:34.0770 5000 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
14:30:34.0795 5000 TrkWks - ok
14:30:34.0799 5000 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:30:34.0822 5000 TrustedInstaller - ok
14:30:34.0826 5000 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:30:34.0849 5000 tssecsrv - ok
14:30:34.0852 5000 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
14:30:34.0860 5000 TsUsbFlt - ok
14:30:34.0862 5000 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
14:30:34.0871 5000 TsUsbGD - ok
14:30:34.0874 5000 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:30:34.0913 5000 tunnel - ok
14:30:34.0916 5000 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
14:30:34.0924 5000 uagp35 - ok
14:30:34.0930 5000 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:30:34.0955 5000 udfs - ok
14:30:34.0959 5000 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:30:34.0970 5000 UI0Detect - ok
14:30:34.0973 5000 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:30:34.0981 5000 uliagpkx - ok
14:30:34.0983 5000 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
14:30:34.0992 5000 umbus - ok
14:30:34.0995 5000 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
14:30:35.0004 5000 UmPass - ok
14:30:35.0006 5000 UNDPX2A - ok
14:30:35.0008 5000 UNDPX2K - ok
14:30:35.0015 5000 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
14:30:35.0042 5000 upnphost - ok
14:30:35.0044 5000 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
14:30:35.0053 5000 USBAAPL64 - ok
14:30:35.0056 5000 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
14:30:35.0067 5000 usbaudio - ok
14:30:35.0070 5000 [ 481DFF26B4DCA8F4CBAC1F7DCE1D6829 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:30:35.0080 5000 usbccgp - ok
14:30:35.0083 5000 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
14:30:35.0094 5000 usbcir - ok
14:30:35.0096 5000 [ 74EE782B1D9C241EFE425565854C661C ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
14:30:35.0106 5000 usbehci - ok
14:30:35.0112 5000 [ DC96BD9CCB8403251BCF25047573558E ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:30:35.0123 5000 usbhub - ok
14:30:35.0126 5000 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\drivers\usbohci.sys
14:30:35.0135 5000 usbohci - ok
14:30:35.0137 5000 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
14:30:35.0148 5000 usbprint - ok
14:30:35.0152 5000 [ D76510CFA0FC09023077F22C2F979D86 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:30:35.0161 5000 USBSTOR - ok
14:30:35.0166 5000 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
14:30:35.0175 5000 usbuhci - ok
14:30:35.0177 5000 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
14:30:35.0202 5000 UxSms - ok
14:30:35.0205 5000 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
14:30:35.0214 5000 VaultSvc - ok
14:30:35.0216 5000 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
14:30:35.0224 5000 vdrvroot - ok
14:30:35.0232 5000 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
14:30:35.0259 5000 vds - ok
14:30:35.0262 5000 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:30:35.0272 5000 vga - ok
14:30:35.0274 5000 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
14:30:35.0297 5000 VgaSave - ok
14:30:35.0302 5000 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
14:30:35.0311 5000 vhdmp - ok
14:30:35.0314 5000 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
14:30:35.0321 5000 viaide - ok
14:30:35.0324 5000 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:30:35.0331 5000 volmgr - ok
14:30:35.0338 5000 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:30:35.0348 5000 volmgrx - ok
14:30:35.0354 5000 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:30:35.0363 5000 volsnap - ok
14:30:35.0367 5000 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
14:30:35.0376 5000 vsmraid - ok
14:30:35.0396 5000 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
14:30:35.0430 5000 VSS - ok
14:30:35.0433 5000 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
14:30:35.0444 5000 vwifibus - ok
14:30:35.0450 5000 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
14:30:35.0478 5000 W32Time - ok
14:30:35.0482 5000 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
14:30:35.0491 5000 WacomPen - ok
14:30:35.0494 5000 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
14:30:35.0518 5000 WANARP - ok
14:30:35.0521 5000 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:30:35.0543 5000 Wanarpv6 - ok
14:30:35.0558 5000 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
14:30:35.0577 5000 WatAdminSvc - ok
14:30:35.0597 5000 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
14:30:35.0638 5000 wbengine - ok
14:30:35.0646 5000 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
14:30:35.0676 5000 WbioSrvc - ok
14:30:35.0686 5000 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:30:35.0718 5000 wcncsvc - ok
14:30:35.0722 5000 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:30:35.0734 5000 WcsPlugInService - ok
14:30:35.0737 5000 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
14:30:35.0746 5000 Wd - ok
14:30:35.0756 5000 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:30:35.0769 5000 Wdf01000 - ok
14:30:35.0772 5000 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:30:35.0786 5000 WdiServiceHost - ok
14:30:35.0789 5000 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:30:35.0803 5000 WdiSystemHost - ok
14:30:35.0808 5000 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
14:30:35.0822 5000 WebClient - ok
14:30:35.0828 5000 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:30:35.0853 5000 Wecsvc - ok
14:30:35.0856 5000 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:30:35.0881 5000 wercplsupport - ok
14:30:35.0884 5000 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
14:30:35.0910 5000 WerSvc - ok
14:30:35.0912 5000 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
14:30:35.0936 5000 WfpLwf - ok
14:30:35.0938 5000 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
14:30:35.0946 5000 WIMMount - ok
14:30:35.0947 5000 WinDefend - ok
14:30:35.0951 5000 WinHttpAutoProxySvc - ok
14:30:35.0957 5000 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:30:35.0982 5000 Winmgmt - ok
14:30:36.0008 5000 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
14:30:36.0045 5000 WinRM - ok
14:30:36.0050 5000 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
14:30:36.0060 5000 WinUsb - ok
14:30:36.0073 5000 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
14:30:36.0091 5000 Wlansvc - ok
14:30:36.0094 5000 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
14:30:36.0103 5000 WmiAcpi - ok
14:30:36.0108 5000 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:30:36.0118 5000 wmiApSrv - ok
14:30:36.0120 5000 WMPNetworkSvc - ok
14:30:36.0123 5000 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:30:36.0133 5000 WPCSvc - ok
14:30:36.0137 5000 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:30:36.0148 5000 WPDBusEnum - ok
14:30:36.0151 5000 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:30:36.0174 5000 ws2ifsl - ok
14:30:36.0177 5000 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
14:30:36.0191 5000 wscsvc - ok
14:30:36.0193 5000 WSearch - ok
14:30:36.0213 5000 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
14:30:36.0245 5000 wuauserv - ok
14:30:36.0248 5000 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:30:36.0272 5000 WudfPf - ok
14:30:36.0276 5000 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:30:36.0300 5000 WUDFRd - ok
14:30:36.0303 5000 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:30:36.0328 5000 wudfsvc - ok
14:30:36.0332 5000 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
14:30:36.0348 5000 WwanSvc - ok
14:30:36.0351 5000 ================ Scan global ===============================
14:30:36.0353 5000 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
14:30:36.0357 5000 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
14:30:36.0362 5000 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
14:30:36.0367 5000 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
14:30:36.0374 5000 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
14:30:36.0377 5000 [Global] - ok
14:30:36.0377 5000 ================ Scan MBR ==================================
14:30:36.0378 5000 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
14:30:36.0458 5000 \Device\Harddisk1\DR1 - ok
14:30:36.0464 5000 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:30:36.0603 5000 \Device\Harddisk0\DR0 - ok
14:30:36.0616 5000 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
14:30:36.0711 5000 \Device\Harddisk2\DR2 - ok
14:30:36.0711 5000 ================ Scan VBR ==================================
14:30:36.0714 5000 [ A1F9B725CFA93B39FBFC4FAEEB2FDB78 ] \Device\Harddisk1\DR1\Partition1
14:30:36.0716 5000 \Device\Harddisk1\DR1\Partition1 - ok
14:30:36.0719 5000 [ F90AD7BB69208B803CD30F9F792ABE0E ] \Device\Harddisk1\DR1\Partition2
14:30:36.0720 5000 \Device\Harddisk1\DR1\Partition2 - ok
14:30:36.0723 5000 [ E7E14587BF85A50A7F2D258E959DCF7B ] \Device\Harddisk0\DR0\Partition1
14:30:36.0725 5000 \Device\Harddisk0\DR0\Partition1 - ok
14:30:36.0728 5000 [ BC2A9FFC20AD4A89F98ACF6FF6C03C73 ] \Device\Harddisk2\DR2\Partition1
14:30:36.0730 5000 \Device\Harddisk2\DR2\Partition1 - ok
14:30:36.0730 5000 ============================================================
14:30:36.0730 5000 Scan finished
14:30:36.0730 5000 ============================================================
14:30:36.0740 4200 Detected object count: 1
14:30:36.0740 4200 Actual detected object count: 1
14:31:18.0195 4200 PST Service ( UnsignedFile.Multi.Generic ) - skipped by user
14:31:18.0195 4200 PST Service ( UnsignedFile.Multi.Generic ) - User select action: Skip

Second

Results of screen317's Security Check version 0.99.56
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 8 Out of date!
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
avast! Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
JavaFX 2.1.1
Java™ 6 Update 31
Java 7 Update 9
Adobe Flash Player 11.4.402.287 Flash Player out of Date!
Adobe Reader 9 Adobe Reader out of Date!
Google Chrome 21.0.1180.83
Google Chrome 21.0.1180.89
Google Chrome 22.0.1229.79
Google Chrome 22.0.1229.92
Google Chrome 22.0.1229.94
Google Chrome 23.0.1271.64
Google Chrome 23.0.1271.91
Google Chrome 23.0.1271.95
````````Process Check: objlist.exe by Laurent````````
Avast AvastSvc.exe
Avast AvastUI.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 1%
````````````````````End of Log``````````````````````

#4 Emphyzema

Emphyzema
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:02:48 AM

Posted 08 December 2012 - 02:37 PM

Farbar Service Scanner Version: 07-12-2012
Ran by David (administrator) on 08-12-2012 at 14:36:28
Running from "C:\Users\David\Downloads"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#5 Emphyzema

Emphyzema
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:02:48 AM

Posted 08 December 2012 - 02:38 PM

MiniToolBox by Farbar Version: 25-11-2012
Ran by David (administrator) on 08-12-2012 at 14:38:00
Running from "C:\Users\David\Downloads"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : David-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : ri.cox.net

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : ri.cox.net
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 00-25-22-DE-B6-B8
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::c466:c5ae:3cd4:7725%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.104(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Saturday, December 08, 2012 2:26:45 PM
Lease Expires . . . . . . . . . . : Saturday, December 08, 2012 5:26:44 PM
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 234890530
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-0B-26-3C-00-25-22-DE-B6-B8
DNS Servers . . . . . . . . . . . : 192.168.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.ri.cox.net:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : ri.cox.net
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:3cf0:2d58:3f57:ff97(Preferred)
Link-local IPv6 Address . . . . . : fe80::3cf0:2d58:3f57:ff97%13(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: UnKnown
Address: 192.168.0.1

Name: google.com
Addresses: 2607:f8b0:4007:801::1000
74.125.227.110
74.125.227.96
74.125.227.97
74.125.227.98
74.125.227.99
74.125.227.100
74.125.227.101
74.125.227.102
74.125.227.103
74.125.227.104
74.125.227.105


Pinging google.com [74.125.224.194] with 32 bytes of data:
Reply from 74.125.224.194: bytes=32 time=89ms TTL=50
Reply from 74.125.224.194: bytes=32 time=89ms TTL=50

Ping statistics for 74.125.224.194:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 89ms, Maximum = 89ms, Average = 89ms
Server: UnKnown
Address: 192.168.0.1

Name: yahoo.com
Addresses: 72.30.38.140
98.138.253.109
98.139.183.24


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=137ms TTL=54
Reply from 72.30.38.140: bytes=32 time=144ms TTL=54

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 137ms, Maximum = 144ms, Average = 140ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
11...00 25 22 de b6 b8 ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.104 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.104 276
192.168.0.104 255.255.255.255 On-link 192.168.0.104 276
192.168.0.255 255.255.255.255 On-link 192.168.0.104 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.104 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.104 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
13 58 ::/0 On-link
1 306 ::1/128 On-link
13 58 2001::/32 On-link
13 306 2001:0:9d38:953c:3cf0:2d58:3f57:ff97/128
On-link
11 276 fe80::/64 On-link
13 306 fe80::/64 On-link
13 306 fe80::3cf0:2d58:3f57:ff97/128
On-link
11 276 fe80::c466:c5ae:3cd4:7725/128
On-link
1 306 ff00::/8 On-link
13 306 ff00::/8 On-link
11 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (12/08/2012 02:28:34 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/08/2012 02:00:02 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (12/08/2012 01:59:52 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Native.XSplitBroadcaster.exe,type="win32",version="1.0.0.0"1".
Dependent Assembly Native.XSplitBroadcaster.exe,type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (12/08/2012 01:10:38 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/08/2012 00:06:37 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/08/2012 11:04:25 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/07/2012 09:52:43 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/07/2012 09:28:28 PM) (Source: Application Error) (User: )
Description: Faulting application name: nvtray.exe, version: 7.17.13.697, time stamp: 0x506b3bc0
Faulting module name: nvtray.exe, version: 7.17.13.697, time stamp: 0x506b3bc0
Exception code: 0x40000015
Fault offset: 0x0000000000153481
Faulting process id: 0x85c
Faulting application start time: 0xnvtray.exe0
Faulting application path: nvtray.exe1
Faulting module path: nvtray.exe2
Report Id: nvtray.exe3

Error: (12/07/2012 08:47:55 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/07/2012 07:42:43 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (12/08/2012 02:26:44 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 2:08:43 PM on ?12/?8/?2012 was unexpected.

Error: (12/08/2012 01:08:47 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 1:04:42 PM on ?12/?8/?2012 was unexpected.

Error: (12/08/2012 00:04:48 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 12:01:30 PM on ?12/?8/?2012 was unexpected.

Error: (12/08/2012 11:02:36 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 10:49:48 PM on ?12/?7/?2012 was unexpected.

Error: (12/07/2012 09:50:54 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 9:45:00 PM on ?12/?7/?2012 was unexpected.

Error: (12/07/2012 09:28:28 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069

Error: (12/07/2012 09:28:28 PM) (Source: Service Control Manager) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:
%%1330

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (12/07/2012 08:48:16 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069

Error: (12/07/2012 08:48:16 PM) (Source: Service Control Manager) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:
%%1330

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (12/07/2012 08:46:04 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 8:40:48 PM on ?12/?7/?2012 was unexpected.


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

µTorrent (Version: 3.1.3)
7-Zip 9.20
Acrobat.com (Version: 0.0.0)
Acrobat.com (Version: 1.1.377)
Adobe AIR (Version: 1.0.4990)
Adobe AIR (Version: 1.0.8.4990)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.287)
Adobe Flash Player 11 Plugin (Version: 11.4.402.287)
Adobe Reader 9 (Version: 9.0.0)
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (Version: 2.1.3.127)
ASPCA Reminder by We-Care.com v4.0.19.1 (Version: 4.0.19.1)
ASRock App Charger v1.0.4
ASRock eXtreme Tuner v0.1.98
ASRock InstantBoot v1.26
Assassin's Creed Brotherhood (Version: 1.03)
avast! Free Antivirus (Version: 6.0.1289.0)
Bonjour (Version: 3.0.0.10)
CA Pest Patrol Realtime Protection (Version: 001.001.0034)
calibre (Version: 0.9.0)
Core Temp 1.0 RC2 (Version: 1.0)
Counter-Strike: Condition Zero
CrystalDiskInfo 5.1.1 (Version: 5.1.1)
Day of Defeat
DisplayFusion 4.1 (Version: 4.1.0.0)
Dota 2 Test
DragonNest
Etron USB3.0 Host Controller (Version: 0.96)
EverQuest II
Fallout: New Vegas
Google Chrome (Version: 23.0.1271.95)
Intel® Management Engine Components (Version: 7.0.0.1144)
iTunes (Version: 10.6.1.7)
Java 7 Update 9 (Version: 7.0.90)
Java Auto Updater (Version: 2.1.9.0)
Java™ 6 Update 31 (Version: 6.0.310)
JavaFX 2.1.1 (Version: 2.1.1)
League of Legends (Version: 1.3)
Left 4 Dead
Left 4 Dead 2
marvell 91xx driver (Version: 1.0.0.1047)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Reader
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
MotoCast (Version: 2.0.31)
MotoHelper MergeModules (Version: 1.2.0)
Motorola Device Manager (Version: 2.2.35)
Motorola Device Software Update (Version: 1.0.41)
MOTOROLA MEDIA LINK (Version: 1.9.0002.0)
Motorola Mobile Drivers Installation 5.9.0 (Version: 5.9.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
NetAssistant (Version: 3.6.5)
NetAssistant for Firefox (Version: 3.6.5)
NirSoft BlueScreenView
NVIDIA 3D Vision Controller Driver 306.97 (Version: 306.97)
NVIDIA 3D Vision Driver 306.97 (Version: 306.97)
NVIDIA Control Panel 306.97 (Version: 306.97)
NVIDIA Graphics Driver 306.97 (Version: 306.97)
NVIDIA HD Audio Driver 1.3.18.0 (Version: 1.3.18.0)
NVIDIA Install Application (Version: 2.1002.85.551)
NVIDIA PhysX (Version: 9.12.0604)
NVIDIA PhysX System Software 9.12.0604 (Version: 9.12.0604)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.0697)
NVIDIA Update 1.10.8 (Version: 1.10.8)
NVIDIA Update Components (Version: 1.10.8)
Plantronics® GameCom 780 Software for Dolby® Headphone (Version: 1.00.0001)
QuickTime (Version: 7.70.80.34)
Rainmeter (Version: 2.1 r959)
Realtek Ethernet Controller Driver (Version: 7.44.421.2011)
Realtek High Definition Audio Driver (Version: 6.0.1.6378)
Ricochet
Skype Click to Call (Version: 5.9.9216)
Skype™ 6.0 (Version: 6.0.126)
The Elder Scrolls V: Skyrim
The Sims™ 3 (Version: 1.0.631)
THX TruStudio (Version: 1.00.01)
Ubisoft Game Launcher (Version: 1.0.0.0)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
uTorrentControl2 Toolbar (Version: 6.8.11.4)
VLC media player 1.1.11 (Version: 1.1.11)
Warcraft III: All Products
XFast LAN v6.61 (Version: 6.61)
XFastUsb
XFINITY Toolbar (Version: 3.5.1.10)
XSplit (Version: 1.1.1210.1801)

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 23%
Total physical RAM: 8174.7 MB
Available physical RAM: 6244.16 MB
Total Pagefile: 16347.58 MB
Available Pagefile: 14304.52 MB
Total Virtual: 4095.88 MB
Available Virtual: 3962.5 MB

========================= Partitions: =====================================

1 Drive b: (Storage HDD) (Fixed) (Total:931.51 GB) (Free:533.19 GB) NTFS
2 Drive c: () (Fixed) (Total:59.53 GB) (Free:12.42 GB) NTFS
4 Drive e: (XPS HDD) (Fixed) (Total:465.71 GB) (Free:440.02 GB) NTFS

========================= Users: ========================================

User accounts for \\DAVID-PC

Administrator David Guest
UpdatusUser

========================= Minidump Files ==================================

No minidump file found

========================= Restore Points ==================================

07-12-2012 22:54:45 Removed Active@ ISO Burner
07-12-2012 23:05:05 Windows Backup

**** End of log ****

#6 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:07:48 AM

Posted 08 December 2012 - 03:29 PM

Hi

I see that there are lots of outdated software, and indications of a problem with nvidia software.
I'ld like you to do following first though:

:step1:

Going over your logs I noticed that you have utorrent installed.
  • Avoid peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
  • P2p programs share a directory or set of directories on your computer to the world. Anyone can type in a search, and potentially download something from your computer. This makes the machine an open web server -- massively increasing the attack surface of the machine.
  • To reduce the risk of infection avoid using any P2P applications.
It is pretty much certain that if you continue to use P2P programs, you will get infected again.
I would recommend that you uninstall utorrent, however that choice is up to you.

If you choose to remove these programs, you can do so via:

  • Click the "Windows Orb" button - Posted Image.
  • Click Control Panel then Programs and Features..

If you wish to keep it, please do not use it until your computer is cleaned.


:step2:

Download Malwarebytes' Anti-Malware (aka MBAM): http://www.malwarebytes.org/mbam-download.php to your desktop.

  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to Update Malwarebytes'
    Anti-Malware
    and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform full scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad.
  • Post the log in your next reply.

If requested by MBAM, restart the computer.

The log can also be found here:
C:\Documents and Settings\<Username>\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Users\<Username>\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt


:step3:

I'd like us to scan your machine with ESET Online Scanner:

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.

Note: Vista/Windows 7 users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image
      icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • On ESET: Click the Back button, then the Finish button.
Note: Do not forget to re-enable your Anti-Virus application after running the above scan!


:step4:

Please download AdwCleaner by Xplode onto your desktop.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Search.
  • A logfile will automatically open after the scan has finished.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[R1].txt as well.


:step5:

How is the computer running now?

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#7 Emphyzema

Emphyzema
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:02:48 AM

Posted 08 December 2012 - 04:20 PM

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.12.08.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
David :: DAVID-PC [administrator]

12/8/2012 3:33:11 PM
mbam-log-2012-12-08 (15-33-11).txt

Scan type: Full scan (B:\|C:\|E:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 474607
Time elapsed: 46 minute(s), 39 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#8 Emphyzema

Emphyzema
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:02:48 AM

Posted 08 December 2012 - 04:26 PM

# AdwCleaner v2.011 - Logfile created 12/08/2012 at 16:26:10
# Updated 02/12/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : David - DAVID-PC
# Boot Mode : Normal
# Running from : C:\Users\David\Downloads\AdwCleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

Folder Found : C:\Program Files (x86)\Conduit
Folder Found : C:\Program Files (x86)\Free Offers from Freeze.com
Folder Found : C:\Program Files (x86)\uTorrentControl2
Folder Found : C:\ProgramData\WeCareReminder
Folder Found : C:\Users\David\AppData\Local\Conduit
Folder Found : C:\Users\David\AppData\LocalLow\Conduit
Folder Found : C:\Users\David\AppData\LocalLow\uTorrentControl2
Folder Found : C:\Users\David\AppData\Roaming\OpenCandy

***** [Registry] *****

Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\AppDataLow\Software\uTorrentControl2
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{687578B9-7132-4A7A-80E4-30EE31099E03}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{687578B9-7132-4A7A-80E4-30EE31099E03}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Found : HKCU\Software\wecarereminder
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4FBBF769-ECEB-420A-B536-133B1D505C36}
Key Found : HKLM\SOFTWARE\Classes\AppID\IEHelperv2.5.0.DLL
Key Found : HKLM\SOFTWARE\Classes\IEHelperv250.WeCareReminder
Key Found : HKLM\SOFTWARE\Classes\IEHelperv250.WeCareReminder.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3072253
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{B12920CF-BE13-4C09-890D-1B6EFFFE2FBE}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\Freeze.com
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D4AAF2A6-F6D1-49A5-BA1A-B20735DF1955}
Key Found : HKLM\Software\uTorrentControl2
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{687578B9-7132-4A7A-80E4-30EE31099E03}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4AAF2A6-F6D1-49A5-BA1A-B20735DF1955}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F773BB94-6C19-4643-A570-0E429103D1C3}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F773BB94-6C19-4643-A570-0E429103D1C3}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7C7DB146-8AE0-44D4-A480-07DF73B8F3F1}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC5B6CDA-8F90-4740-9A8C-28AC5D3C73FE}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DD6E9B0E-2628-4B5F-9EEA-CDF9C959B75C}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{687578B9-7132-4A7A-80E4-30EE31099E03}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentControl2 Toolbar
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKU\S-1-5-21-3358757767-1032604339-382766289-1000\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Found : HKU\S-1-5-21-3358757767-1032604339-382766289-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{687578B9-7132-4A7A-80E4-30EE31099E03}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{687578B9-7132-4A7A-80E4-30EE31099E03}]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{687578B9-7132-4A7A-80E4-30EE31099E03}]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7601.17514

[HKCU\Software\Microsoft\Internet Explorer\Main - Search Page] = hxxp://feed.snap.do/?publisher=Download&dpid=Download&co=US&userid=555cbce0-d2ca-4dbd-aed1-725423f2b515&searchtype=ds&q={searchTerms}
[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://feed.snap.do/?publisher=Download&dpid=Download&co=US&userid=555cbce0-d2ca-4dbd-aed1-725423f2b515&searchtype=hp
[HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://feed.snap.do/?publisher=Download&dpid=Download&co=US&userid=555cbce0-d2ca-4dbd-aed1-725423f2b515&searchtype=ds&q={searchTerms}
[HKCU\Software\Microsoft\Internet Explorer\Search - Default_Search_URL] = hxxp://feed.snap.do/?publisher=Download&dpid=Download&co=US&userid=555cbce0-d2ca-4dbd-aed1-725423f2b515&searchtype=ds&q={searchTerms}
[HKCU\Software\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://feed.snap.do/?publisher=Download&dpid=Download&co=US&userid=555cbce0-d2ca-4dbd-aed1-725423f2b515&searchtype=ds&q={searchTerms}

-\\ Google Chrome v23.0.1271.95

File : C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [6824 octets] - [08/12/2012 16:26:10]

########## EOF - C:\AdwCleaner[R1].txt - [6884 octets] ##########

#9 Emphyzema

Emphyzema
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:02:48 AM

Posted 08 December 2012 - 04:28 PM

B:\DAVID-PC\Backup Set 2011-09-21 024032\Backup Files 2011-09-25 190000\Backup files 2.zip HTML/ScrInject.B.Gen virus
B:\DAVID-PC\Backup Set 2011-09-21 024032\Backup Files 2011-09-25 190000\Backup files 4.zip multiple threats
B:\DAVID-PC\Backup Set 2011-09-21 024032\Backup Files 2011-10-02 190000\Backup files 2.zip HTML/ScrInject.B.Gen virus
B:\DAVID-PC\Backup Set 2011-10-09 222322\Backup Files 2011-10-09 222322\Backup files 3.zip multiple threats
B:\DAVID-PC\Backup Set 2011-10-09 222322\Backup Files 2011-10-16 204232\Backup files 3.zip a variant of Win32/InstallIQ application
B:\DAVID-PC\Backup Set 2011-10-24 003807\Backup Files 2011-10-24 003807\Backup files 4.zip multiple threats
B:\DAVID-PC\Backup Set 2011-11-06 202052\Backup Files 2011-11-06 202052\Backup files 3.zip HTML/ScrInject.B.Gen virus
B:\DAVID-PC\Backup Set 2011-12-04 203050\Backup Files 2011-12-04 203050\Backup files 2.zip JS/Kryptik.DY trojan
B:\DAVID-PC\Backup Set 2011-12-04 203050\Backup Files 2011-12-11 190000\Backup files 4.zip a variant of Java/TrojanDownloader.Agent.NDJ trojan
B:\DAVID-PC\Backup Set 2011-12-04 203050\Backup Files 2011-12-18 225507\Backup files 1.zip HTML/Iframe.B.Gen virus
B:\DAVID-PC\Backup Set 2011-12-04 203050\Backup Files 2011-12-18 225507\Backup files 2.zip multiple threats
B:\DAVID-PC\Backup Set 2011-12-04 203050\Backup Files 2011-12-18 225507\Backup files 3.zip HTML/Iframe.B.Gen virus
B:\DAVID-PC\Backup Set 2011-12-04 203050\Backup Files 2011-12-18 225507\Backup files 4.zip HTML/Iframe.B.Gen virus
B:\DAVID-PC\Backup Set 2011-12-25 233143\Backup Files 2011-12-25 233143\Backup files 5.zip a variant of Java/TrojanDownloader.Agent.NDJ trojan
B:\DAVID-PC\Backup Set 2012-01-08 190000\Backup Files 2012-01-08 190000\Backup files 5.zip a variant of Java/TrojanDownloader.Agent.NDJ trojan
B:\DAVID-PC\Backup Set 2012-01-08 190000\Backup Files 2012-01-15 190000\Backup files 2.zip HTML/ScrInject.B.Gen virus
B:\DAVID-PC\Backup Set 2012-01-23 005909\Backup Files 2012-01-23 005909\Backup files 2.zip a variant of Java/TrojanDownloader.Agent.NDJ trojan
B:\DAVID-PC\Backup Set 2012-02-20 014536\Backup Files 2012-02-20 014536\Backup files 2.zip JS/SecurityDisabler.A.Gen application
B:\DAVID-PC\Backup Set 2012-02-20 014536\Backup Files 2012-02-20 014536\Backup files 3.zip a variant of Java/TrojanDownloader.Agent.NDJ trojan
B:\DAVID-PC\Backup Set 2012-02-20 014536\Backup Files 2012-03-25 190000\Backup files 2.zip a variant of Win32/OpenInstall application
B:\DAVID-PC\Backup Set 2012-02-20 014536\Backup Files 2012-04-15 213419\Backup files 1.zip a variant of Win32/InstallIQ application
B:\DAVID-PC\Backup Set 2012-02-20 014536\Backup Files 2012-04-15 213419\Backup files 5.zip a variant of Win32/InstallIQ application
B:\DAVID-PC\Backup Set 2012-02-20 014536\Backup Files 2012-04-22 190006\Backup files 2.zip a variant of Win32/InstallCore.D application
B:\DAVID-PC\Backup Set 2012-02-20 014536\Backup Files 2012-04-22 190006\Backup files 3.zip Win32/OpenCandy application
B:\DAVID-PC\Backup Set 2012-06-17 190006\Backup Files 2012-06-17 190006\Backup files 1.zip JS/SecurityDisabler.A.Gen application



This one wasn't complete, it was at 50 minutes and only 10% so i'm going to restart it

edit: The test got to 99% before my computer froze but I saw that it had only 26 errors rather than the 25 here

Edited by Emphyzema, 08 December 2012 - 05:40 PM.


#10 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:07:48 AM

Posted 08 December 2012 - 08:42 PM

IMPORTANT NOTE: One or more of the identified infections is a backdoor Trojan.

Backdoor Trojans, Botnets, and IRCBots are very dangerous because they compromise system integrity by making changes that allow it to be used by the attacker for malicious purposes.
They can disable your anti-virus and security tools to prevent detection and removal. Remote attackers use backdoors as a means of accessing and taking control of a computer that bypasses security mechanisms.
This type of exploit allows them to steal sensitive information like passwords, personal and financial data which is then sent back to the hacker.
Read Danger: Remote Access Trojans.

You should disconnect the computer from the Internet and from any networked computers until it is cleaned. If your computer was used for online banking, paying bills, has credit card information or other sensitive data on it, all passwords should be changed immediately to include those used for taxes, email, eBay, paypal and any other online activities.
You should consider them to be compromised and change passwords from a clean computer, not the infected one. If not, an attacker may get the new passwords and transaction information.
Banking and credit card institutions should be notified immediately of the possible security breach. Failure to notify your financial institution and local law enforcement can result in refusal to reimburse funds lost due to fraud or similar criminal activity.
If using a router, you need to reset it with a strong logon/password before connecting again.

Although the infection has been identified and may be removed, your machine has likely been compromised and there is no way to be sure the computer can ever be trusted again. It is dangerous and incorrect to assume the computer is secure even if the malware appears to have been removed.
In some instances an infection may have caused so much damage to your system that it cannot be successfully cleaned or repaired. The malware may leave so many remnants behind that security tools cannot find them.
Many experts in the security community believe that once infected with this type of malware, the best course of action is to wipe the drive clean, reformat and reinstall the OS. Please read:

Whenever a system has been compromised by a backdoor payload, it is impossible to know if or how much the backdoor has been used to affect your system...There are only a few ways to return a compromised system to a confident security configuration. These include:
• Reimaging the system
• Restoring the entire system using a full system backup from before the backdoor infection
• Reformatting and reinstalling the system

Backdoors and What They Mean to You

This is what Jesper M. Johansson, Security Program Manager at Microsoft TechNet has to say:

The only way to clean a compromised system is to flatten and rebuild. That’s right. If you have a system that has been completely compromised, the only thing you can do is to flatten the system (reformat the system disk) and rebuild it from scratch (reinstall Windows and your applications).

Help: I Got Hacked. Now What Do I Do?.

We will do our best to clean the computer of any infections seen on the log. However, because of the nature of this Trojan, I cannot offer a total
guarantee that there are no remnants left in the system, or that the computer will be trustworthy.

Many security experts believe that once infected with this type of Trojan, the best course of action is to reformat and reinstall the Operating System.
Making this decision is based on what the computer is used for, and what information can be accessed from it.

Knowing the above, do you wish to proceed with cleaning the malware from the computer?

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#11 Emphyzema

Emphyzema
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:02:48 AM

Posted 08 December 2012 - 08:45 PM

yes I dont mind wiping everything and starting over

#12 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:07:48 AM

Posted 08 December 2012 - 09:15 PM

Hi

Ok. The drive will be wiped, so if there are any files on the PC that you need, you will need to back them up before the reformat.

Note: Do NOT backup any files ending in .exe, .com, .scr, .pif, and .bat since files of these types are more likely to be infected.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#13 Emphyzema

Emphyzema
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:02:48 AM

Posted 08 December 2012 - 09:17 PM

Alright what should i do next

#14 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:07:48 AM

Posted 09 December 2012 - 06:16 AM

Do you have a Windows disk to hand?
Also you will need your Windows Product key for the reinstallation of windows after the disk has been wiped.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#15 Emphyzema

Emphyzema
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:02:48 AM

Posted 09 December 2012 - 09:27 AM

Yeah i have both on hand, just do a complete wipe of everything thru the os?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users