Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

asus laptop win 7 random bsod and select proper boot


  • Please log in to reply
13 replies to this topic

#1 danger.sg

danger.sg

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:06:21 AM

Posted 26 December 2012 - 10:45 AM

Over the last couple months my computer has been intermittently freezing up, bsod-ing and restarting with an error that says to select proper boot drive or press control alt delete to restart. After power cycling my system over for a couple times, it boots up back to the log in screen without an issue, and then everything will be fine for a couple days.

Please help, I have no idea what's wrong.

I've ran malwarebyte and spybot and deleted issues, but it has seemed to have no positive effect.

Edited by hamluis, 27 December 2012 - 12:19 PM.
Moved from Win 7 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 danger.sg

danger.sg
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:06:21 AM

Posted 26 December 2012 - 10:49 AM

also I had a similar issue a while ago and this forum helped solve the issue.. but I haven't changed the way i use the computer (i.e. I stopped using bitorrent and p2p software. I mostly just play games.)

#3 hamluis

hamluis

    Moderator


  • Moderator
  • 56,415 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:05:21 AM

Posted 26 December 2012 - 02:42 PM

Please download MiniToolBox , save it to your desktop and run it.

Checkmark the following checkboxes:
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size.

Click Go and paste the content into your next post.

Also...please Publish a Snapshot using Speccy - http://www.bleepingcomputer.com/forums/topic323892.html/page__p__1797792#entry1797792 .

Louis

#4 danger.sg

danger.sg
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:06:21 AM

Posted 26 December 2012 - 05:01 PM

MiniToolBox by Farbar Version: 25-11-2012
Ran by Kid Danger (administrator) on 26-12-2012 at 13:57:25
Running from "C:\Users\Kid Danger\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Event log errors: ===============================

Application errors:
==================
Error: (12/26/2012 00:43:50 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (12/26/2012 00:41:06 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (12/25/2012 07:41:12 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 81011

Error: (12/25/2012 07:41:12 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 81011

Error: (12/25/2012 07:41:12 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/25/2012 07:41:11 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 80013

Error: (12/25/2012 07:41:11 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 80013

Error: (12/25/2012 07:41:11 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/25/2012 07:41:10 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 79015

Error: (12/25/2012 07:41:10 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 79015


System errors:
=============
Error: (12/26/2012 07:19:01 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
sptd

Error: (12/26/2012 07:18:53 AM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (12/26/2012 07:18:51 AM) (Source: Service Control Manager) (User: )
Description: The Internet Connection Sharing (ICS) service depends the following service: BFE. This service might not be installed.

Error: (12/26/2012 07:18:51 AM) (Source: Service Control Manager) (User: )
Description: The SBSD Security Center Service service depends the following service: wscsvc. This service might not be installed.

Error: (12/26/2012 07:18:51 AM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

Error: (12/26/2012 07:18:49 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (12/26/2012 07:18:49 AM) (Source: Service Control Manager) (User: )
Description: The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

Error: (12/26/2012 07:18:46 AM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (12/26/2012 07:18:26 AM) (Source: sptd) (User: )
Description: Driver detected an internal error in its data structures for .

Error: (12/26/2012 07:03:46 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
sptd


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
Date: 2012-04-05 21:10:30.047
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-04-05 21:10:30.016
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-04-05 21:10:29.985
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-04-05 21:10:29.954
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-04-05 21:01:53.671
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-04-05 21:01:53.640
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-04-05 21:01:53.608
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-04-05 21:01:53.577
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-04-05 20:57:12.621
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-04-05 20:57:12.590
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Adobe AIR (Version: 2.5.1.17730)
Adobe Digital Editions
Adobe Flash Player 11 ActiveX (Version: 11.5.502.135)
Adobe Flash Player 11 Plugin (Version: 11.5.502.135)
Adobe Photoshop CS5 (Version: 12.0)
Adobe Reader X (10.1.0) (Version: 10.1.0)
Age of Empires Online
Akamai NetSession Interface
AMD Accelerated Video Transcoding (Version: 2.00.0002)
AMD APP SDK Runtime (Version: 10.0.923.1)
AMD Catalyst Install Manager (Version: 8.0.873.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Media Foundation Decoders (Version: 1.0.70405.2224)
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (Version: 2.1.3.127)
ASUS LifeFrame3 (Version: 3.0.20)
ASUS Live Update (Version: 2.5.9)
ASUS Power4Gear Hybrid (Version: 1.1.37)
ATI AVIVO64 Codecs (Version: 10.12.0.41217)
ATI Problem Report Wizard (Version: 3.0.804.0)
ATK Package (Version: 1.0.0005)
Bonjour (Version: 3.0.0.10)
Borderlands 2
BulletStorm (Version: 1.0.0001.130)
Call of Duty: Black Ops - Multiplayer
Call of Duty: Modern Warfare 3 - Multiplayer
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center (Version: 2012.0405.2205.37728)
Catalyst Control Center Graphics Previews Common (Version: 2012.0405.2205.37728)
Catalyst Control Center InstallProxy (Version: 2012.0405.2205.37728)
Catalyst Control Center Localization All (Version: 2012.0405.2205.37728)
ccc-utility64 (Version: 2012.0405.2205.37728)
CCC Help Chinese Standard (Version: 2012.0405.2204.37728)
CCC Help Chinese Traditional (Version: 2012.0405.2204.37728)
CCC Help Czech (Version: 2012.0405.2204.37728)
CCC Help Danish (Version: 2012.0405.2204.37728)
CCC Help Dutch (Version: 2012.0405.2204.37728)
CCC Help English (Version: 2012.0405.2204.37728)
CCC Help Finnish (Version: 2012.0405.2204.37728)
CCC Help French (Version: 2012.0405.2204.37728)
CCC Help German (Version: 2012.0405.2204.37728)
CCC Help Greek (Version: 2012.0405.2204.37728)
CCC Help Hungarian (Version: 2012.0405.2204.37728)
CCC Help Italian (Version: 2012.0405.2204.37728)
CCC Help Japanese (Version: 2012.0405.2204.37728)
CCC Help Korean (Version: 2012.0405.2204.37728)
CCC Help Norwegian (Version: 2012.0405.2204.37728)
CCC Help Polish (Version: 2012.0405.2204.37728)
CCC Help Portuguese (Version: 2012.0405.2204.37728)
CCC Help Russian (Version: 2012.0405.2204.37728)
CCC Help Spanish (Version: 2012.0405.2204.37728)
CCC Help Swedish (Version: 2012.0405.2204.37728)
CCC Help Thai (Version: 2012.0405.2204.37728)
CCC Help Turkish (Version: 2012.0405.2204.37728)
CCleaner (Version: 3.17)
CDisplay 1.8
Cheat Engine 6.1
Command & Conquer Generals (Version: 0.50.0000)
Command and ConquerTM Generals Zero Hour (Version: 1.00.0000)
DAEMON Tools Lite (Version: 4.40.2.0131)
Dead Rising 2
Dead Rising 2 (Version: 1.0.0001.130)
Dead Rising 2 (Version: 1.0.0002.130)
Dead Space 2
Deadlight
Diablo III (Version: 1.0.6.13644)
Dungeon Defenders
Endless Space
ESET Online Scanner v3
Fable III (Version: 1.0.0001.131)
ffdshow [rev 2527] [2008-12-19] (Version: 1.0)
FLV Player
FoxTab Media Player
FTL: Faster Than Light
Google Talk Plugin (Version: 3.10.2.10212)
Grand Theft Auto IV (Version: 1.0.0013.131)
Hi-Rez Studios Authenticate and Update Service (Version: 3.0.0.0)
HiJackThis (Version: 1.0.0)
HP Deskjet 1050 J410 series Basic Device Software (Version: 22.50.231.0)
HP Deskjet 1050 J410 series Help (Version: 140.0.66.66)
HP Photo Creations (Version: 1.0.0.3781)
HP Photosmart Plus B210 series Basic Device Software (Version: 22.50.231.0)
HP Photosmart Plus B210 series Help (Version: 140.0.54.54)
HP Photosmart Plus B210 series Product Improvement Study (Version: 22.50.231.0)
HP Update (Version: 5.002.006.003)
HydraVision (Version: 4.2.184.0)
Impulse
Impulse (Version: 1.0)
InterActual Player
iTunes (Version: 10.6.1.7)
Java 7 Update 7 (Version: 7.0.70)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 31 (Version: 6.0.310)
League of Legends (Version: 1.3)
Mabinogi
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (Version: 3.5.30730.0)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server Compact 4.0 x64 ENU (Version: 4.0.8482.1)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Microsoft XNA Framework Redistributable 3.1 (Version: 3.1.10527.0)
Microsoft XNA Framework Redistributable 4.0 (Version: 4.0.20823.0)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
MotoHelper 2.0.51 Driver 5.1.0 (Version: 2.0.51)
MotoHelper MergeModules (Version: 1.2.0)
Motorola Mobile Drivers Installation 5.1.0 (Version: 5.1.0)
Mozilla Firefox 17.0.1 (x86 en-US) (Version: 17.0.1)
Mozilla Maintenance Service (Version: 17.0.1)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Nexon Game Manager
NVIDIA PhysX (Version: 9.11.1107)
Oblivion - Orrery (Version: 1.00.0000)
Oblivion - Spell Tomes (Version: 1.00.0000)
Oblivion - Thieves Den (Version: 1.00.0000)
OpenAL
Overlord II
Pando Media Booster (Version: 2.6.0.8)
PDF Settings CS5 (Version: 10.0)
PunkBuster Services (Version: 0.993)
QuickTime (Version: 7.71.80.42)
Realm of the Mad God
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer
Realtek High Definition Audio Driver (Version: 6.0.1.5978)
RealUpgrade 1.1 (Version: 1.1.0)
Revo Uninstaller 1.93 (Version: 1.93)
Sid Meier's Civilization V
Solar 2
Space Pirates and Zombies
Speccy (Version: 1.16)
Spybot - Search & Destroy (Version: 1.6.2)
Star Trek Online
StarCraft II (Version: 1.5.3.23260)
StarCraft II Beta (Version: 1.5.0.22334)
Steam (Version: 1.0.0.0)
Stellar Impact
Synaptics Pointing Device Driver (Version: 15.0.11.0)
System Requirements Lab (Version: 4.1.72.0)
Torchlight (Version: 1.13)
Tribes: Ascend
Tropico 3: Absolute Power
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
Verizon V CAST Media Manager
Vindictus
VLC media player 2.0.0 (Version: 2.0.0)
Warhammer 40,000: Dawn of War Gold Edition
Warhammer 40,000: Dawn of War – Dark Crusade
Warhammer 40,000: Dawn of War – Winter Assault
Warhammer® 40,000™: Dawn of War® II
Warhammer® 40,000™: Dawn of War® II - Chaos Rising™
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
WinFlash (Version: 2.30.3)
WinZip 15.0 (Version: 15.0.9334)
X3 Terran Conflict v2.5
Xvid Video Codec (Version: 1.3.2)

========================= Memory info: ===================================

Percentage of memory in use: 35%
Total physical RAM: 6068.55 MB
Available physical RAM: 3940.09 MB
Total Pagefile: 12135.29 MB
Available Pagefile: 9576.49 MB
Total Virtual: 4095.88 MB
Available Virtual: 3976.64 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:465.66 GB) (Free:174.15 GB) NTFS

========================= Users: ========================================

User accounts for \\KIDDANGER-PC

Administrator ASPNET Guest
Kid Danger


**** End of log ****



Snapshot: http://speccy.piriform.com/results/OSsu6tGiPdhv0ou5lYRZbz6

Edited by danger.sg, 26 December 2012 - 05:03 PM.


#5 hamluis

hamluis

    Moderator


  • Moderator
  • 56,415 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:05:21 AM

Posted 27 December 2012 - 12:18 PM

Appears to me that you have thought that you have malware issues.

Since this is not a forum for such, I will move this topic to the Am I Infected forum, where the more knowledgeable can take a look.

Louis

#6 danger.sg

danger.sg
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:06:21 AM

Posted 27 December 2012 - 01:55 PM

can anyone help?

#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:21 AM

Posted 28 December 2012 - 11:47 PM

Sorry we missed you..
Is Defender the only antivirus you use?

We need to do a few things to see if we can find the issue.

Re-run MiniToolBox
Please download MiniToolBox, save it to your desktop and run it.Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List Installed Programs
  • List Users, Partitions and Memory size.

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



We need to disable Spybot S&D's "TeaTimer"
TeaTimer works by preventing ANY changes to the system. It will attempt to undo any fixes we run, because it blocks these fixes from running.

In order to safeguard your system from problems that can be brought on by a half finished fix, we need to disable TeaTimer. We can reenable it when we're done if you like.
  • Open SpyBot Search and Destroy by going to Start -> All Programs -> Spybot Search and Destroy -> Spybot Search and Destroy.
  • If prompted with a legal dialog, accept the warning.
  • Click Mode > Advanced Mode.
    Posted Image
  • You may be presented with a warning dialog. If so, click Yes
  • Click on Tools and then Resident
    Posted Image
  • Uncheck this checkbox: "Resident TeaTimer {protection of over-all system settings) active"
  • Close/Exit Spybot Search and Destroy



Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results.



ADW Cleaner

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.



Run ESET again.
I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image
      icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

NOTE:Sometimes if ESET finds no infections it will not create a log.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 danger.sg

danger.sg
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:06:21 AM

Posted 29 December 2012 - 12:13 AM

MiniToolBox by Farbar Version: 25-11-2012
Ran by Kid Danger (administrator) on 28-12-2012 at 21:10:27
Running from "C:\Users\Kid Danger\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

Hosts file not detected in the default directory
========================= IP Configuration: ================================

Atheros AR9285 Wireless Network Adapter = Wireless Network Connection (Connected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Hardware not present)
Atheros AR8131 PCI-E Gigabit Ethernet Controller (NDIS 6.20) = Local Area Connection (Media disconnected)
The following helper DLL cannot be loaded: WSHELPER.DLL.


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global taskoffload=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : KidDanger-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : Home

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR8131 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
Physical Address. . . . . . . . . : E0-CB-4E-A2-F0-28
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : Home
Description . . . . . . . . . . . : Atheros AR9285 Wireless Network Adapter
Physical Address. . . . . . . . . : 1C-4B-D6-5A-E4-38
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::6c50:28fc:380:384e%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.16(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Thursday, December 27, 2012 10:45:11 AM
Lease Expires . . . . . . . . . . : Saturday, December 29, 2012 10:45:16 AM
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 186403798
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-A1-A8-1D-E0-CB-4E-A2-F0-28
DNS Servers . . . . . . . . . . . : 192.168.0.1
205.171.3.25
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{35AE63E4-8F5E-4786-99F3-C7FEEA1C5A7B}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{619A858F-6DD7-4319-AA17-6ACEF8EC21DF}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{E89158DC-05A2-422D-AA8D-01F93671DCE0}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Pinging google.com [173.194.33.40] with 32 bytes of data:
Reply from 173.194.33.40: bytes=32 time=129ms TTL=57
Reply from 173.194.33.40: bytes=32 time=120ms TTL=57

Ping statistics for 173.194.33.40:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 120ms, Maximum = 129ms, Average = 124ms

Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=151ms TTL=51
Reply from 98.139.183.24: bytes=32 time=133ms TTL=53

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 133ms, Maximum = 151ms, Average = 142ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
11...e0 cb 4e a2 f0 28 ......Atheros AR8131 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
10...1c 4b d6 5a e4 38 ......Atheros AR9285 Wireless Network Adapter
1...........................Software Loopback Interface 1
16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.16 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.16 281
192.168.0.16 255.255.255.255 On-link 192.168.0.16 281
192.168.0.255 255.255.255.255 On-link 192.168.0.16 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.16 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.16 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
10 281 fe80::/64 On-link
10 281 fe80::6c50:28fc:380:384e/128
On-link
1 306 ff00::/8 On-link
10 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 C:\Windows\SysWOW64\nwprovau.dll [File Not found] ()
Catalog5 03 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 04 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 mswsock.dll [File Not found] ()
Catalog9 02 mswsock.dll [File Not found] ()
Catalog9 03 mswsock.dll [File Not found] ()
Catalog9 04 mswsock.dll [File Not found] ()
Catalog9 05 mswsock.dll [File Not found] ()
Catalog9 06 mswsock.dll [File Not found] ()
Catalog9 07 mswsock.dll [File Not found] ()
Catalog9 08 mswsock.dll [File Not found] ()
Catalog9 09 mswsock.dll [File Not found] ()
Catalog9 10 mswsock.dll [File Not found] ()
Catalog9 11 mswsock.dll [File Not found] ()
Catalog9 12 mswsock.dll [File Not found] ()
Catalog9 13 mswsock.dll [File Not found] ()
Catalog9 14 mswsock.dll [File Not found] ()
Catalog9 15 mswsock.dll [File Not found] ()
Catalog9 16 mswsock.dll [File Not found] ()
Catalog9 17 mswsock.dll [File Not found] ()
Catalog9 18 mswsock.dll [File Not found] ()
Catalog9 19 mswsock.dll [File Not found] ()
Catalog9 20 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 21 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 22 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 23 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 24 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 25 mswsock.dll [File Not found] ()
Catalog9 26 mswsock.dll [File Not found] ()
Catalog9 27 mswsock.dll [File Not found] ()
Catalog9 28 mswsock.dll [File Not found] ()
Catalog9 29 mswsock.dll [File Not found] ()
x64-Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 09 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 mswsock.dll [File Not found] ()
x64-Catalog9 02 mswsock.dll [File Not found] ()
x64-Catalog9 03 mswsock.dll [File Not found] ()
x64-Catalog9 04 mswsock.dll [File Not found] ()
x64-Catalog9 05 mswsock.dll [File Not found] ()
x64-Catalog9 06 mswsock.dll [File Not found] ()
x64-Catalog9 07 mswsock.dll [File Not found] ()
x64-Catalog9 08 mswsock.dll [File Not found] ()
x64-Catalog9 09 mswsock.dll [File Not found] ()
x64-Catalog9 10 mswsock.dll [File Not found] ()

=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Adobe AIR (Version: 2.5.1.17730)
Adobe Digital Editions
Adobe Flash Player 11 ActiveX (Version: 11.5.502.135)
Adobe Flash Player 11 Plugin (Version: 11.5.502.135)
Adobe Photoshop CS5 (Version: 12.0)
Adobe Reader X (10.1.0) (Version: 10.1.0)
Age of Empires Online
Akamai NetSession Interface
AMD Accelerated Video Transcoding (Version: 2.00.0002)
AMD APP SDK Runtime (Version: 10.0.923.1)
AMD Catalyst Install Manager (Version: 8.0.873.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Media Foundation Decoders (Version: 1.0.70405.2224)
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (Version: 2.1.3.127)
ASUS LifeFrame3 (Version: 3.0.20)
ASUS Live Update (Version: 2.5.9)
ASUS Power4Gear Hybrid (Version: 1.1.37)
ATI AVIVO64 Codecs (Version: 10.12.0.41217)
ATI Problem Report Wizard (Version: 3.0.804.0)
ATK Package (Version: 1.0.0005)
Bonjour (Version: 3.0.0.10)
Borderlands 2
BulletStorm (Version: 1.0.0001.130)
Call of Duty: Black Ops - Multiplayer
Call of Duty: Modern Warfare 3 - Multiplayer
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center (Version: 2012.0405.2205.37728)
Catalyst Control Center Graphics Previews Common (Version: 2012.0405.2205.37728)
Catalyst Control Center InstallProxy (Version: 2012.0405.2205.37728)
Catalyst Control Center Localization All (Version: 2012.0405.2205.37728)
ccc-utility64 (Version: 2012.0405.2205.37728)
CCC Help Chinese Standard (Version: 2012.0405.2204.37728)
CCC Help Chinese Traditional (Version: 2012.0405.2204.37728)
CCC Help Czech (Version: 2012.0405.2204.37728)
CCC Help Danish (Version: 2012.0405.2204.37728)
CCC Help Dutch (Version: 2012.0405.2204.37728)
CCC Help English (Version: 2012.0405.2204.37728)
CCC Help Finnish (Version: 2012.0405.2204.37728)
CCC Help French (Version: 2012.0405.2204.37728)
CCC Help German (Version: 2012.0405.2204.37728)
CCC Help Greek (Version: 2012.0405.2204.37728)
CCC Help Hungarian (Version: 2012.0405.2204.37728)
CCC Help Italian (Version: 2012.0405.2204.37728)
CCC Help Japanese (Version: 2012.0405.2204.37728)
CCC Help Korean (Version: 2012.0405.2204.37728)
CCC Help Norwegian (Version: 2012.0405.2204.37728)
CCC Help Polish (Version: 2012.0405.2204.37728)
CCC Help Portuguese (Version: 2012.0405.2204.37728)
CCC Help Russian (Version: 2012.0405.2204.37728)
CCC Help Spanish (Version: 2012.0405.2204.37728)
CCC Help Swedish (Version: 2012.0405.2204.37728)
CCC Help Thai (Version: 2012.0405.2204.37728)
CCC Help Turkish (Version: 2012.0405.2204.37728)
CCleaner (Version: 3.17)
CDisplay 1.8
Cheat Engine 6.1
Command & Conquer Generals (Version: 0.50.0000)
Command and ConquerTM Generals Zero Hour (Version: 1.00.0000)
DAEMON Tools Lite (Version: 4.40.2.0131)
Dead Rising 2
Dead Rising 2 (Version: 1.0.0001.130)
Dead Rising 2 (Version: 1.0.0002.130)
Dead Space 2
Deadlight
Diablo III (Version: 1.0.6.13644)
Dungeon Defenders
Endless Space
ESET Online Scanner v3
Fable III (Version: 1.0.0001.131)
ffdshow [rev 2527] [2008-12-19] (Version: 1.0)
FLV Player
FoxTab Media Player
FTL: Faster Than Light
Google Talk Plugin (Version: 3.10.2.10212)
Grand Theft Auto IV (Version: 1.0.0013.131)
Hi-Rez Studios Authenticate and Update Service (Version: 3.0.0.0)
HiJackThis (Version: 1.0.0)
HP Deskjet 1050 J410 series Basic Device Software (Version: 22.50.231.0)
HP Deskjet 1050 J410 series Help (Version: 140.0.66.66)
HP Photo Creations (Version: 1.0.0.3781)
HP Photosmart Plus B210 series Basic Device Software (Version: 22.50.231.0)
HP Photosmart Plus B210 series Help (Version: 140.0.54.54)
HP Photosmart Plus B210 series Product Improvement Study (Version: 22.50.231.0)
HP Update (Version: 5.002.006.003)
HydraVision (Version: 4.2.184.0)
Impulse
Impulse (Version: 1.0)
InterActual Player
iTunes (Version: 10.6.1.7)
Java 7 Update 7 (Version: 7.0.70)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 31 (Version: 6.0.310)
League of Legends (Version: 1.3)
Mabinogi
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (Version: 3.5.30730.0)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server Compact 4.0 x64 ENU (Version: 4.0.8482.1)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Microsoft XNA Framework Redistributable 3.1 (Version: 3.1.10527.0)
Microsoft XNA Framework Redistributable 4.0 (Version: 4.0.20823.0)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
MotoHelper 2.0.51 Driver 5.1.0 (Version: 2.0.51)
MotoHelper MergeModules (Version: 1.2.0)
Motorola Mobile Drivers Installation 5.1.0 (Version: 5.1.0)
Mozilla Firefox 17.0.1 (x86 en-US) (Version: 17.0.1)
Mozilla Maintenance Service (Version: 17.0.1)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Nexon Game Manager
NVIDIA PhysX (Version: 9.11.1107)
Oblivion - Orrery (Version: 1.00.0000)
Oblivion - Spell Tomes (Version: 1.00.0000)
Oblivion - Thieves Den (Version: 1.00.0000)
OpenAL
Overlord II
Pando Media Booster (Version: 2.6.0.8)
PDF Settings CS5 (Version: 10.0)
PunkBuster Services (Version: 0.993)
QuickTime (Version: 7.71.80.42)
Realm of the Mad God
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer
Realtek High Definition Audio Driver (Version: 6.0.1.5978)
RealUpgrade 1.1 (Version: 1.1.0)
Revo Uninstaller 1.93 (Version: 1.93)
Sid Meier's Civilization V
Solar 2
Space Pirates and Zombies
Speccy (Version: 1.19)
Spybot - Search & Destroy (Version: 1.6.2)
Star Trek Online
StarCraft II (Version: 1.5.3.23260)
StarCraft II Beta (Version: 1.5.0.22334)
Steam (Version: 1.0.0.0)
Stellar Impact
Synaptics Pointing Device Driver (Version: 15.0.11.0)
System Requirements Lab (Version: 4.1.72.0)
Torchlight (Version: 1.13)
Tribes: Ascend
Tropico 3: Absolute Power
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
Verizon V CAST Media Manager
Vindictus
VLC media player 2.0.0 (Version: 2.0.0)
Warhammer 40,000: Dawn of War Gold Edition
Warhammer 40,000: Dawn of War – Dark Crusade
Warhammer 40,000: Dawn of War – Winter Assault
Warhammer® 40,000™: Dawn of War® II
Warhammer® 40,000™: Dawn of War® II - Chaos Rising™
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
WinFlash (Version: 2.30.3)
WinZip 15.0 (Version: 15.0.9334)
X3 Terran Conflict v2.5
Xvid Video Codec (Version: 1.3.2)

========================= Memory info: ===================================

Percentage of memory in use: 39%
Total physical RAM: 6068.55 MB
Available physical RAM: 3648.7 MB
Total Pagefile: 12135.29 MB
Available Pagefile: 9183.71 MB
Total Virtual: 4095.88 MB
Available Virtual: 3956.23 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:465.66 GB) (Free:174.05 GB) NTFS

========================= Users: ========================================

User accounts for \\KIDDANGER-PC

Administrator ASPNET Guest
Kid Danger


**** End of log ****


Starting second step

#9 danger.sg

danger.sg
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:06:21 AM

Posted 29 December 2012 - 12:26 AM

21:21:53.0172 1772 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
21:21:53.0952 1772 ============================================================
21:21:53.0952 1772 Current date / time: 2012/12/28 21:21:53.0952
21:21:53.0952 1772 SystemInfo:
21:21:53.0952 1772
21:21:53.0952 1772 OS Version: 6.1.7601 ServicePack: 1.0
21:21:53.0952 1772 Product type: Workstation
21:21:53.0952 1772 ComputerName: KIDDANGER-PC
21:21:53.0952 1772 UserName: Kid Danger
21:21:53.0952 1772 Windows directory: C:\Windows
21:21:53.0952 1772 System windows directory: C:\Windows
21:21:53.0952 1772 Running under WOW64
21:21:53.0952 1772 Processor architecture: Intel x64
21:21:53.0952 1772 Number of processors: 8
21:21:53.0952 1772 Page size: 0x1000
21:21:53.0952 1772 Boot type: Normal boot
21:21:53.0952 1772 ============================================================
21:21:55.0153 1772 BG loaded
21:21:55.0902 1772 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:21:55.0918 1772 ============================================================
21:21:55.0918 1772 \Device\Harddisk0\DR0:
21:21:55.0918 1772 MBR partitions:
21:21:55.0918 1772 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
21:21:55.0918 1772 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
21:21:55.0918 1772 ============================================================
21:21:55.0949 1772 C: <-> \Device\Harddisk0\DR0\Partition2
21:21:55.0949 1772 ============================================================
21:21:55.0949 1772 Initialize success
21:21:55.0949 1772 ============================================================
21:23:10.0907 3396 ============================================================
21:23:10.0907 3396 Scan started
21:23:10.0907 3396 Mode: Manual;
21:23:10.0907 3396 ============================================================
21:23:14.0620 3396 ================ Scan system memory ========================
21:23:14.0620 3396 System memory - ok
21:23:14.0620 3396 ================ Scan services =============================
21:23:16.0024 3396 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
21:23:16.0071 3396 1394ohci - ok
21:23:16.0227 3396 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
21:23:16.0227 3396 ACPI - ok
21:23:16.0289 3396 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
21:23:16.0289 3396 AcpiPmi - ok
21:23:16.0882 3396 [ 11A52CF7B265631DEEB24C6149309EFF ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:23:16.0882 3396 AdobeARMservice - ok
21:23:17.0506 3396 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:23:17.0521 3396 AdobeFlashPlayerUpdateSvc - ok
21:23:17.0771 3396 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
21:23:17.0771 3396 adp94xx - ok
21:23:17.0865 3396 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
21:23:17.0865 3396 adpahci - ok
21:23:17.0943 3396 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
21:23:17.0943 3396 adpu320 - ok
21:23:18.0005 3396 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:23:18.0005 3396 AeLookupSvc - ok
21:23:18.0114 3396 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
21:23:18.0114 3396 AFD - ok
21:23:18.0177 3396 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
21:23:18.0177 3396 agp440 - ok
21:23:18.0582 3396 [ B9B98E08EC127900025F42462D3D0A66 ] Akamai c:\program files (x86)\common files\akamai/netsession_win_ce5ba24.dll
21:23:18.0582 3396 Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_ce5ba24.dll. md5: B9B98E08EC127900025F42462D3D0A66
21:23:18.0598 3396 Akamai ( HiddenFile.Multi.Generic ) - warning
21:23:18.0598 3396 Akamai - detected HiddenFile.Multi.Generic (1)
21:23:18.0645 3396 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
21:23:18.0645 3396 ALG - ok
21:23:18.0691 3396 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
21:23:18.0691 3396 aliide - ok
21:23:18.0754 3396 [ 20C8A3E435A47F0408A1EA674AFA6194 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
21:23:18.0754 3396 AMD External Events Utility - ok
21:23:18.0785 3396 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
21:23:18.0785 3396 amdide - ok
21:23:18.0832 3396 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
21:23:18.0832 3396 AmdK8 - ok
21:23:20.0080 3396 [ 0B45C18B0F3EE996D25BAA4E74884B83 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
21:23:20.0127 3396 amdkmdag - ok
21:23:20.0283 3396 [ 0E57258E5CC4CC7A9A9A877AFDF0CEC6 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
21:23:20.0283 3396 amdkmdap - ok
21:23:20.0329 3396 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
21:23:20.0329 3396 AmdPPM - ok
21:23:20.0485 3396 [ 6EC6D772EAE38DC17C14AED9B178D24B ] amdsata C:\Windows\system32\drivers\amdsata.sys
21:23:20.0485 3396 amdsata - ok
21:23:20.0579 3396 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
21:23:20.0579 3396 amdsbs - ok
21:23:20.0657 3396 [ 1142A21DB581A84EA5597B03A26EBAA0 ] amdxata C:\Windows\system32\drivers\amdxata.sys
21:23:20.0657 3396 amdxata - ok
21:23:20.0719 3396 [ 363571BC0C79E394E69300D1F2E3DDAE ] androidusb C:\Windows\system32\Drivers\androidusb.sys
21:23:20.0735 3396 androidusb - ok
21:23:20.0813 3396 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
21:23:20.0813 3396 AppID - ok
21:23:20.0875 3396 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
21:23:20.0875 3396 AppIDSvc - ok
21:23:21.0000 3396 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
21:23:21.0000 3396 Appinfo - ok
21:23:21.0234 3396 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:23:21.0234 3396 Apple Mobile Device - ok
21:23:21.0312 3396 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
21:23:21.0328 3396 arc - ok
21:23:21.0390 3396 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
21:23:21.0390 3396 arcsas - ok
21:23:21.0499 3396 [ 18E5C2F937F9DEB8C282DF66A3761925 ] ASLDRService C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
21:23:21.0499 3396 ASLDRService - ok
21:23:21.0640 3396 [ 4C016FD76ED5C05E84CA8CAB77993961 ] ASMMAP64 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
21:23:21.0640 3396 ASMMAP64 - ok
21:23:22.0061 3396 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:23:22.0342 3396 aspnet_state - ok
21:23:22.0389 3396 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:23:22.0389 3396 AsyncMac - ok
21:23:22.0467 3396 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
21:23:22.0467 3396 atapi - ok
21:23:22.0638 3396 [ A5E770426D18F8EF332A593F3289DA91 ] athr C:\Windows\system32\DRIVERS\athrx.sys
21:23:22.0654 3396 athr - ok
21:23:22.0732 3396 [ 24464B908E143D2561E9E452FEE97309 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
21:23:22.0732 3396 AtiHDAudioService - ok
21:23:22.0810 3396 [ D481083348138B4933ACFE95812DB71C ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
21:23:22.0810 3396 AtiHdmiService - ok
21:23:24.0105 3396 [ 0B45C18B0F3EE996D25BAA4E74884B83 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
21:23:24.0151 3396 atikmdag - ok
21:23:24.0214 3396 [ 7910158929571214A959D5A6D16DD9C0 ] ATKGFNEXSrv C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
21:23:24.0214 3396 ATKGFNEXSrv - ok
21:23:24.0307 3396 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:23:24.0307 3396 AudioEndpointBuilder - ok
21:23:24.0323 3396 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
21:23:24.0323 3396 AudioSrv - ok
21:23:24.0401 3396 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
21:23:24.0401 3396 AxInstSV - ok
21:23:24.0479 3396 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
21:23:24.0495 3396 b06bdrv - ok
21:23:24.0510 3396 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
21:23:24.0526 3396 b57nd60a - ok
21:23:24.0541 3396 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
21:23:24.0557 3396 BDESVC - ok
21:23:24.0557 3396 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
21:23:24.0557 3396 Beep - ok
21:23:24.0619 3396 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
21:23:24.0635 3396 BITS - ok
21:23:24.0666 3396 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
21:23:24.0666 3396 blbdrive - ok
21:23:24.0822 3396 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
21:23:24.0822 3396 Bonjour Service - ok
21:23:24.0885 3396 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:23:24.0885 3396 bowser - ok
21:23:24.0900 3396 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:23:24.0900 3396 BrFiltLo - ok
21:23:24.0931 3396 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:23:24.0931 3396 BrFiltUp - ok
21:23:24.0947 3396 [ 5C2F352A4E961D72518261257AAE204B ] Bridge C:\Windows\system32\DRIVERS\bridge.sys
21:23:24.0947 3396 Bridge - ok
21:23:24.0947 3396 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
21:23:24.0963 3396 BridgeMP - ok
21:23:25.0056 3396 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
21:23:25.0056 3396 Browser - ok
21:23:25.0119 3396 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
21:23:25.0119 3396 Brserid - ok
21:23:25.0134 3396 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
21:23:25.0134 3396 BrSerWdm - ok
21:23:25.0165 3396 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
21:23:25.0165 3396 BrUsbMdm - ok
21:23:25.0165 3396 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
21:23:25.0165 3396 BrUsbSer - ok
21:23:25.0181 3396 BTCFilterService - ok
21:23:25.0212 3396 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
21:23:25.0212 3396 BTHMODEM - ok
21:23:25.0228 3396 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
21:23:25.0228 3396 bthserv - ok
21:23:25.0259 3396 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:23:25.0259 3396 cdfs - ok
21:23:25.0321 3396 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
21:23:25.0321 3396 cdrom - ok
21:23:25.0368 3396 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
21:23:25.0384 3396 CertPropSvc - ok
21:23:25.0415 3396 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
21:23:25.0415 3396 circlass - ok
21:23:25.0446 3396 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
21:23:25.0446 3396 CLFS - ok
21:23:25.0524 3396 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:23:25.0524 3396 clr_optimization_v2.0.50727_32 - ok
21:23:25.0587 3396 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:23:25.0587 3396 clr_optimization_v2.0.50727_64 - ok
21:23:25.0727 3396 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:23:25.0852 3396 clr_optimization_v4.0.30319_32 - ok
21:23:25.0867 3396 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:23:25.0961 3396 clr_optimization_v4.0.30319_64 - ok
21:23:25.0992 3396 clwvd - ok
21:23:26.0023 3396 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
21:23:26.0023 3396 CmBatt - ok
21:23:26.0086 3396 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
21:23:26.0086 3396 cmdide - ok
21:23:26.0148 3396 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
21:23:26.0148 3396 CNG - ok
21:23:26.0195 3396 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
21:23:26.0195 3396 Compbatt - ok
21:23:26.0242 3396 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
21:23:26.0242 3396 CompositeBus - ok
21:23:26.0257 3396 COMSysApp - ok
21:23:26.0273 3396 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
21:23:26.0273 3396 crcdisk - ok
21:23:26.0320 3396 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:23:26.0320 3396 CryptSvc - ok
21:23:26.0398 3396 [ 1CA90212A99DB6975C344826D11055C9 ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
21:23:26.0398 3396 dc3d - ok
21:23:26.0538 3396 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
21:23:26.0554 3396 DcomLaunch - ok
21:23:26.0585 3396 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
21:23:26.0601 3396 defragsvc - ok
21:23:26.0647 3396 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
21:23:26.0647 3396 DfsC - ok
21:23:26.0725 3396 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
21:23:26.0741 3396 Dhcp - ok
21:23:26.0772 3396 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
21:23:26.0772 3396 discache - ok
21:23:26.0850 3396 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
21:23:26.0850 3396 Disk - ok
21:23:26.0897 3396 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:23:26.0897 3396 Dnscache - ok
21:23:26.0991 3396 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
21:23:26.0991 3396 dot3svc - ok
21:23:27.0037 3396 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
21:23:27.0037 3396 DPS - ok
21:23:27.0069 3396 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:23:27.0069 3396 drmkaud - ok
21:23:27.0131 3396 [ FB9BEF3401EE5ECC2603311B9C64F44A ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
21:23:27.0131 3396 dtsoftbus01 - ok
21:23:27.0256 3396 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:23:27.0256 3396 DXGKrnl - ok
21:23:27.0287 3396 EagleX64 - ok
21:23:27.0303 3396 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
21:23:27.0303 3396 EapHost - ok
21:23:27.0771 3396 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
21:23:28.0067 3396 ebdrv - ok
21:23:28.0161 3396 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
21:23:28.0161 3396 EFS - ok
21:23:28.0504 3396 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
21:23:28.0519 3396 ehRecvr - ok
21:23:28.0551 3396 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
21:23:28.0551 3396 ehSched - ok
21:23:28.0597 3396 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
21:23:28.0613 3396 elxstor - ok
21:23:28.0644 3396 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
21:23:28.0660 3396 ErrDev - ok
21:23:28.0707 3396 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
21:23:28.0707 3396 EventSystem - ok
21:23:28.0738 3396 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
21:23:28.0738 3396 exfat - ok
21:23:28.0769 3396 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:23:28.0769 3396 fastfat - ok
21:23:28.0863 3396 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
21:23:28.0863 3396 Fax - ok
21:23:28.0894 3396 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
21:23:28.0894 3396 fdc - ok
21:23:28.0925 3396 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
21:23:28.0925 3396 fdPHost - ok
21:23:28.0941 3396 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
21:23:28.0941 3396 FDResPub - ok
21:23:29.0003 3396 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:23:29.0003 3396 FileInfo - ok
21:23:29.0050 3396 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:23:29.0050 3396 Filetrace - ok
21:23:29.0065 3396 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
21:23:29.0065 3396 flpydisk - ok
21:23:29.0128 3396 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:23:29.0128 3396 FltMgr - ok
21:23:29.0268 3396 [ B4447F606BB19FD8AD0BAFB59B90F5D9 ] FontCache C:\Windows\system32\FntCache.dll
21:23:29.0268 3396 FontCache - ok
21:23:29.0362 3396 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:23:29.0362 3396 FontCache3.0.0.0 - ok
21:23:29.0409 3396 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
21:23:29.0409 3396 FsDepends - ok
21:23:29.0455 3396 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:23:29.0471 3396 Fs_Rec - ok
21:23:29.0549 3396 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
21:23:29.0549 3396 fvevol - ok
21:23:29.0580 3396 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
21:23:29.0580 3396 gagp30kx - ok
21:23:29.0643 3396 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:23:29.0643 3396 GEARAspiWDM - ok
21:23:29.0689 3396 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
21:23:29.0689 3396 gpsvc - ok
21:23:29.0705 3396 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
21:23:29.0705 3396 hcw85cir - ok
21:23:29.0767 3396 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:23:29.0767 3396 HdAudAddService - ok
21:23:29.0830 3396 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
21:23:29.0830 3396 HDAudBus - ok
21:23:29.0845 3396 hexmagic - ok
21:23:29.0861 3396 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
21:23:29.0861 3396 HidBatt - ok
21:23:29.0861 3396 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
21:23:29.0861 3396 HidBth - ok
21:23:29.0877 3396 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
21:23:29.0892 3396 HidIr - ok
21:23:29.0923 3396 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
21:23:29.0923 3396 hidserv - ok
21:23:29.0986 3396 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
21:23:29.0986 3396 HidUsb - ok
21:23:30.0189 3396 [ FD1837DEE0A1D7F180D7B301C0656511 ] HiPatchService C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
21:23:30.0189 3396 HiPatchService - ok
21:23:30.0282 3396 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
21:23:30.0282 3396 hkmsvc - ok
21:23:30.0345 3396 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:23:30.0345 3396 HomeGroupListener - ok
21:23:30.0423 3396 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:23:30.0423 3396 HomeGroupProvider - ok
21:23:30.0501 3396 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
21:23:30.0501 3396 HpSAMD - ok
21:23:30.0688 3396 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:23:30.0688 3396 HTTP - ok
21:23:30.0735 3396 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
21:23:30.0735 3396 hwpolicy - ok
21:23:30.0813 3396 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
21:23:30.0813 3396 i8042prt - ok
21:23:30.0875 3396 [ BBB3B6DF1ABB0FE35802EDE85CC1C011 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
21:23:30.0875 3396 iaStor - ok
21:23:30.0953 3396 [ 3DF4395A7CF8B7A72A5F4606366B8C2D ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
21:23:30.0953 3396 iaStorV - ok
21:23:31.0047 3396 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
21:23:31.0062 3396 IDriverT - ok
21:23:31.0203 3396 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:23:31.0203 3396 idsvc - ok
21:23:31.0249 3396 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
21:23:31.0249 3396 iirsp - ok
21:23:31.0327 3396 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
21:23:31.0343 3396 IKEEXT - ok
21:23:31.0468 3396 [ 045555F0D572BB48498D040C31E9DC6A ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:23:31.0483 3396 IntcAzAudAddService - ok
21:23:31.0530 3396 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
21:23:31.0530 3396 intelide - ok
21:23:31.0577 3396 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
21:23:31.0577 3396 intelppm - ok
21:23:31.0608 3396 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
21:23:31.0608 3396 IPBusEnum - ok
21:23:31.0671 3396 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:23:31.0671 3396 IpFilterDriver - ok
21:23:31.0733 3396 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
21:23:31.0733 3396 IPMIDRV - ok
21:23:31.0780 3396 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
21:23:31.0780 3396 IPNAT - ok
21:23:31.0936 3396 [ 50D6CCC6FF5561F9F56946B3E6164FB8 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
21:23:31.0936 3396 iPod Service - ok
21:23:31.0967 3396 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:23:31.0967 3396 IRENUM - ok
21:23:32.0014 3396 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
21:23:32.0014 3396 isapnp - ok
21:23:32.0061 3396 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
21:23:32.0061 3396 iScsiPrt - ok
21:23:32.0107 3396 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
21:23:32.0107 3396 kbdclass - ok
21:23:32.0154 3396 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
21:23:32.0154 3396 kbdhid - ok
21:23:32.0185 3396 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
21:23:32.0185 3396 KeyIso - ok
21:23:32.0217 3396 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:23:32.0217 3396 KSecDD - ok
21:23:32.0232 3396 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
21:23:32.0232 3396 KSecPkg - ok
21:23:32.0263 3396 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
21:23:32.0263 3396 ksthunk - ok
21:23:32.0310 3396 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
21:23:32.0310 3396 KtmRm - ok
21:23:32.0388 3396 [ 9DDC68B87A9B837736A2B193EE14A4A5 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
21:23:32.0388 3396 L1C - ok
21:23:32.0466 3396 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
21:23:32.0466 3396 LanmanServer - ok
21:23:32.0513 3396 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:23:32.0513 3396 LanmanWorkstation - ok
21:23:32.0560 3396 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:23:32.0560 3396 lltdio - ok
21:23:32.0591 3396 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:23:32.0607 3396 lltdsvc - ok
21:23:32.0622 3396 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
21:23:32.0622 3396 lmhosts - ok
21:23:32.0653 3396 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
21:23:32.0653 3396 LSI_FC - ok
21:23:32.0669 3396 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
21:23:32.0669 3396 LSI_SAS - ok
21:23:32.0685 3396 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:23:32.0685 3396 LSI_SAS2 - ok
21:23:32.0700 3396 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:23:32.0700 3396 LSI_SCSI - ok
21:23:32.0731 3396 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
21:23:32.0731 3396 luafv - ok
21:23:32.0794 3396 [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
21:23:32.0794 3396 MBAMProtector - ok
21:23:32.0872 3396 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
21:23:32.0872 3396 MBAMScheduler - ok
21:23:32.0965 3396 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
21:23:32.0965 3396 MBAMService - ok
21:23:33.0028 3396 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
21:23:33.0028 3396 Mcx2Svc - ok
21:23:33.0043 3396 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
21:23:33.0043 3396 megasas - ok
21:23:33.0075 3396 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
21:23:33.0075 3396 MegaSR - ok
21:23:33.0106 3396 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
21:23:33.0106 3396 MMCSS - ok
21:23:33.0121 3396 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
21:23:33.0121 3396 Modem - ok
21:23:33.0153 3396 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:23:33.0153 3396 monitor - ok
21:23:33.0153 3396 motandroidusb - ok
21:23:33.0184 3396 motccgp - ok
21:23:33.0184 3396 motccgpfl - ok
21:23:33.0184 3396 motmodem - ok
21:23:33.0355 3396 [ 3BBC6C2402242401F791548AAEBF3D39 ] MotoHelper C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
21:23:33.0355 3396 MotoHelper - ok
21:23:33.0355 3396 MotoSwitchService - ok
21:23:33.0355 3396 Motousbnet - ok
21:23:33.0387 3396 motusbdevice - ok
21:23:33.0465 3396 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
21:23:33.0465 3396 mouclass - ok
21:23:33.0527 3396 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
21:23:33.0527 3396 mouhid - ok
21:23:33.0667 3396 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
21:23:33.0667 3396 mountmgr - ok
21:23:33.0995 3396 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:23:33.0995 3396 MozillaMaintenance - ok
21:23:34.0089 3396 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
21:23:34.0104 3396 mpio - ok
21:23:34.0229 3396 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:23:34.0229 3396 mpsdrv - ok
21:23:34.0338 3396 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:23:34.0338 3396 MRxDAV - ok
21:23:34.0432 3396 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:23:34.0432 3396 mrxsmb - ok
21:23:34.0557 3396 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:23:34.0557 3396 mrxsmb10 - ok
21:23:34.0603 3396 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:23:34.0603 3396 mrxsmb20 - ok
21:23:34.0635 3396 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
21:23:34.0635 3396 msahci - ok
21:23:34.0697 3396 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
21:23:34.0697 3396 msdsm - ok
21:23:34.0759 3396 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
21:23:34.0759 3396 MSDTC - ok
21:23:34.0806 3396 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:23:34.0806 3396 Msfs - ok
21:23:34.0837 3396 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
21:23:34.0837 3396 mshidkmdf - ok
21:23:34.0884 3396 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
21:23:34.0884 3396 msisadrv - ok
21:23:34.0931 3396 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:23:34.0947 3396 MSiSCSI - ok
21:23:34.0947 3396 msiserver - ok
21:23:34.0978 3396 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:23:34.0978 3396 MSKSSRV - ok
21:23:34.0993 3396 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:23:35.0009 3396 MSPCLOCK - ok
21:23:35.0009 3396 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:23:35.0009 3396 MSPQM - ok
21:23:35.0071 3396 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:23:35.0071 3396 MsRPC - ok
21:23:35.0134 3396 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
21:23:35.0134 3396 mssmbios - ok
21:23:35.0181 3396 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:23:35.0181 3396 MSTEE - ok
21:23:35.0196 3396 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
21:23:35.0196 3396 MTConfig - ok
21:23:35.0259 3396 [ 032D35C996F21D19A205A7C8F0B76F3C ] MTsensor C:\Windows\system32\DRIVERS\ATK64AMD.sys
21:23:35.0259 3396 MTsensor - ok
21:23:35.0305 3396 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
21:23:35.0321 3396 Mup - ok
21:23:35.0368 3396 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
21:23:35.0383 3396 napagent - ok
21:23:35.0446 3396 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:23:35.0446 3396 NativeWifiP - ok
21:23:35.0524 3396 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
21:23:35.0539 3396 NDIS - ok
21:23:35.0555 3396 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
21:23:35.0571 3396 NdisCap - ok
21:23:35.0602 3396 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:23:35.0602 3396 NdisTapi - ok
21:23:35.0649 3396 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:23:35.0649 3396 Ndisuio - ok
21:23:35.0695 3396 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:23:35.0695 3396 NdisWan - ok
21:23:35.0742 3396 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:23:35.0742 3396 NDProxy - ok
21:23:35.0805 3396 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:23:35.0805 3396 NetBIOS - ok
21:23:35.0851 3396 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
21:23:35.0851 3396 NetBT - ok
21:23:35.0883 3396 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
21:23:35.0898 3396 Netlogon - ok
21:23:35.0945 3396 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
21:23:35.0945 3396 Netman - ok
21:23:36.0039 3396 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:23:36.0226 3396 NetMsmqActivator - ok
21:23:36.0226 3396 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:23:36.0241 3396 NetPipeActivator - ok
21:23:36.0273 3396 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
21:23:36.0273 3396 netprofm - ok
21:23:36.0288 3396 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:23:36.0288 3396 NetTcpActivator - ok
21:23:36.0304 3396 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:23:36.0304 3396 NetTcpPortSharing - ok
21:23:36.0366 3396 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
21:23:36.0366 3396 nfrd960 - ok
21:23:36.0444 3396 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
21:23:36.0444 3396 NlaSvc - ok
21:23:36.0460 3396 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:23:36.0460 3396 Npfs - ok
21:23:36.0491 3396 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
21:23:36.0491 3396 nsi - ok
21:23:36.0522 3396 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:23:36.0522 3396 nsiproxy - ok
21:23:36.0631 3396 [ 05D78AA5CB5F3F5C31160BDB955D0B7C ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:23:36.0663 3396 Ntfs - ok
21:23:36.0694 3396 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
21:23:36.0694 3396 Null - ok
21:23:36.0756 3396 [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48 ] nvraid C:\Windows\system32\drivers\nvraid.sys
21:23:36.0756 3396 nvraid - ok
21:23:36.0819 3396 [ F7CD50FE7139F07E77DA8AC8033D1832 ] nvstor C:\Windows\system32\drivers\nvstor.sys
21:23:36.0819 3396 nvstor - ok
21:23:36.0881 3396 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
21:23:36.0881 3396 nv_agp - ok
21:23:37.0146 3396 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:23:37.0146 3396 odserv - ok
21:23:37.0209 3396 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
21:23:37.0209 3396 ohci1394 - ok
21:23:37.0349 3396 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:23:37.0349 3396 ose - ok
21:23:37.0396 3396 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
21:23:37.0396 3396 p2pimsvc - ok
21:23:37.0489 3396 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
21:23:37.0489 3396 p2psvc - ok
21:23:37.0552 3396 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
21:23:37.0583 3396 Parport - ok
21:23:37.0661 3396 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:23:37.0661 3396 partmgr - ok
21:23:37.0708 3396 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
21:23:37.0723 3396 PcaSvc - ok
21:23:37.0848 3396 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
21:23:37.0848 3396 pci - ok
21:23:37.0879 3396 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
21:23:37.0895 3396 pciide - ok
21:23:37.0926 3396 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
21:23:37.0926 3396 pcmcia - ok
21:23:37.0942 3396 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
21:23:37.0942 3396 pcw - ok
21:23:37.0973 3396 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:23:37.0973 3396 PEAUTH - ok
21:23:38.0067 3396 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
21:23:38.0082 3396 PerfHost - ok
21:23:38.0285 3396 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
21:23:38.0301 3396 pla - ok
21:23:38.0410 3396 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:23:38.0410 3396 PlugPlay - ok
21:23:38.0457 3396 PnkBstrA - ok
21:23:38.0488 3396 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
21:23:38.0488 3396 PNRPAutoReg - ok
21:23:38.0503 3396 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
21:23:38.0503 3396 PNRPsvc - ok
21:23:38.0597 3396 [ 4F0878FD62D5F7444C5F1C4C66D9D293 ] Point64 C:\Windows\system32\DRIVERS\point64.sys
21:23:38.0722 3396 Point64 - ok
21:23:38.0878 3396 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:23:38.0878 3396 PolicyAgent - ok
21:23:38.0909 3396 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
21:23:38.0925 3396 Power - ok
21:23:39.0003 3396 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:23:39.0003 3396 PptpMiniport - ok
21:23:39.0034 3396 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
21:23:39.0034 3396 Processor - ok
21:23:39.0081 3396 [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc C:\Windows\system32\profsvc.dll
21:23:39.0081 3396 ProfSvc - ok
21:23:39.0096 3396 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:23:39.0096 3396 ProtectedStorage - ok
21:23:39.0159 3396 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
21:23:39.0159 3396 Psched - ok
21:23:39.0252 3396 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
21:23:39.0252 3396 ql2300 - ok
21:23:39.0299 3396 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
21:23:39.0299 3396 ql40xx - ok
21:23:39.0346 3396 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
21:23:39.0346 3396 QWAVE - ok
21:23:39.0361 3396 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:23:39.0377 3396 QWAVEdrv - ok
21:23:39.0408 3396 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:23:39.0408 3396 RasAcd - ok
21:23:39.0455 3396 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
21:23:39.0455 3396 RasAgileVpn - ok
21:23:39.0486 3396 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
21:23:39.0502 3396 RasAuto - ok
21:23:39.0564 3396 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:23:39.0564 3396 Rasl2tp - ok
21:23:39.0642 3396 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
21:23:39.0642 3396 RasMan - ok
21:23:39.0720 3396 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:23:39.0720 3396 RasPppoe - ok
21:23:39.0783 3396 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:23:39.0783 3396 RasSstp - ok
21:23:39.0845 3396 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:23:39.0845 3396 rdbss - ok
21:23:39.0892 3396 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
21:23:39.0892 3396 rdpbus - ok
21:23:39.0907 3396 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
21:23:39.0907 3396 RDPCDD - ok
21:23:39.0939 3396 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
21:23:39.0939 3396 RDPENCDD - ok
21:23:39.0954 3396 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
21:23:39.0954 3396 RDPREFMP - ok
21:23:40.0048 3396 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:23:40.0048 3396 RDPWD - ok
21:23:40.0126 3396 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
21:23:40.0126 3396 rdyboost - ok
21:23:40.0219 3396 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
21:23:40.0235 3396 RemoteAccess - ok
21:23:40.0329 3396 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:23:40.0329 3396 RemoteRegistry - ok
21:23:40.0453 3396 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
21:23:40.0453 3396 RpcEptMapper - ok
21:23:40.0485 3396 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
21:23:40.0485 3396 RpcLocator - ok
21:23:40.0563 3396 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
21:23:40.0563 3396 RpcSs - ok
21:23:40.0609 3396 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:23:40.0625 3396 rspndr - ok
21:23:40.0828 3396 [ 483C537E69FA97C77F7FE0E2E1C1F102 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
21:23:40.0828 3396 RTHDMIAzAudService - ok
21:23:40.0843 3396 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
21:23:40.0843 3396 SamSs - ok
21:23:40.0921 3396 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
21:23:40.0921 3396 sbp2port - ok
21:23:41.0343 3396 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
21:23:41.0374 3396 SBSDWSCService - ok
21:23:41.0405 3396 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:23:41.0421 3396 SCardSvr - ok
21:23:41.0483 3396 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
21:23:41.0483 3396 scfilter - ok
21:23:41.0561 3396 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
21:23:41.0561 3396 Schedule - ok
21:23:41.0608 3396 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
21:23:41.0608 3396 SCPolicySvc - ok
21:23:41.0686 3396 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:23:41.0686 3396 SDRSVC - ok
21:23:41.0733 3396 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:23:41.0733 3396 secdrv - ok
21:23:41.0779 3396 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
21:23:41.0779 3396 seclogon - ok
21:23:41.0811 3396 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
21:23:41.0811 3396 SENS - ok
21:23:41.0826 3396 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
21:23:41.0857 3396 SensrSvc - ok
21:23:41.0935 3396 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
21:23:41.0935 3396 Serenum - ok
21:23:41.0982 3396 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
21:23:41.0982 3396 Serial - ok
21:23:42.0107 3396 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
21:23:42.0123 3396 sermouse - ok
21:23:42.0201 3396 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
21:23:42.0201 3396 SessionEnv - ok
21:23:42.0263 3396 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
21:23:42.0263 3396 sffdisk - ok
21:23:42.0357 3396 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
21:23:42.0357 3396 sffp_mmc - ok
21:23:42.0403 3396 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
21:23:42.0403 3396 sffp_sd - ok
21:23:42.0450 3396 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
21:23:42.0450 3396 sfloppy - ok
21:23:43.0761 3396 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:23:43.0761 3396 SharedAccess - ok
21:23:44.0447 3396 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:23:44.0463 3396 ShellHWDetection - ok
21:23:44.0665 3396 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:23:44.0665 3396 SiSRaid2 - ok
21:23:44.0712 3396 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
21:23:44.0712 3396 SiSRaid4 - ok
21:23:44.0759 3396 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
21:23:44.0775 3396 Smb - ok
21:23:44.0806 3396 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:23:44.0821 3396 SNMPTRAP - ok
21:23:44.0837 3396 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
21:23:44.0837 3396 spldr - ok
21:23:44.0977 3396 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
21:23:44.0977 3396 Spooler - ok
21:23:45.0430 3396 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
21:23:45.0492 3396 sppsvc - ok
21:23:45.0555 3396 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
21:23:45.0555 3396 sppuinotify - ok
21:23:45.0804 3396 [ AA90A319BB067E0D149B4C95608C4B05 ] sptd C:\Windows\system32\Drivers\sptd.sys
21:23:45.0804 3396 sptd - ok
21:23:45.0882 3396 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
21:23:45.0882 3396 srv - ok
21:23:45.0945 3396 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:23:45.0945 3396 srv2 - ok
21:23:45.0991 3396 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:23:45.0991 3396 srvnet - ok
21:23:46.0069 3396 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:23:46.0069 3396 SSDPSRV - ok
21:23:46.0085 3396 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:23:46.0085 3396 SstpSvc - ok
21:23:46.0194 3396 Steam Client Service - ok
21:23:46.0225 3396 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
21:23:46.0241 3396 stexstor - ok
21:23:46.0303 3396 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
21:23:46.0303 3396 StillCam - ok
21:23:46.0397 3396 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
21:23:46.0397 3396 stisvc - ok
21:23:46.0444 3396 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
21:23:46.0444 3396 swenum - ok
21:23:46.0865 3396 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
21:23:46.0865 3396 SwitchBoard - ok
21:23:47.0037 3396 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
21:23:47.0037 3396 swprv - ok
21:23:47.0130 3396 [ 01A658167619075BAAD31C96074C0B38 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
21:23:47.0130 3396 SynTP - ok
21:23:47.0395 3396 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
21:23:47.0395 3396 SysMain - ok
21:23:47.0442 3396 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:23:47.0442 3396 TabletInputService - ok
21:23:47.0567 3396 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
21:23:47.0567 3396 TapiSrv - ok
21:23:47.0629 3396 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
21:23:47.0645 3396 TBS - ok
21:23:47.0801 3396 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:23:47.0848 3396 Tcpip - ok
21:23:47.0863 3396 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
21:23:47.0880 3396 TCPIP6 - ok
21:23:47.0911 3396 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:23:47.0911 3396 tcpipreg - ok
21:23:47.0958 3396 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
21:23:47.0958 3396 TDPIPE - ok
21:23:47.0989 3396 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
21:23:47.0989 3396 TDTCP - ok
21:23:48.0036 3396 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:23:48.0036 3396 tdx - ok
21:23:48.0083 3396 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
21:23:48.0083 3396 TermDD - ok
21:23:48.0176 3396 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
21:23:48.0192 3396 TermService - ok
21:23:48.0270 3396 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
21:23:48.0270 3396 Themes - ok
21:23:48.0286 3396 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
21:23:48.0286 3396 THREADORDER - ok
21:23:48.0317 3396 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
21:23:48.0317 3396 TrkWks - ok
21:23:48.0364 3396 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:23:48.0364 3396 TrustedInstaller - ok
21:23:48.0410 3396 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
21:23:48.0410 3396 tssecsrv - ok
21:23:48.0473 3396 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
21:23:48.0473 3396 TsUsbFlt - ok
21:23:48.0535 3396 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:23:48.0535 3396 tunnel - ok
21:23:48.0551 3396 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
21:23:48.0566 3396 uagp35 - ok
21:23:48.0598 3396 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:23:48.0613 3396 udfs - ok
21:23:48.0660 3396 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:23:48.0660 3396 UI0Detect - ok
21:23:48.0785 3396 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
21:23:48.0800 3396 uliagpkx - ok
21:23:48.0878 3396 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
21:23:48.0878 3396 umbus - ok
21:23:48.0910 3396 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
21:23:48.0910 3396 UmPass - ok
21:23:48.0941 3396 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
21:23:48.0956 3396 upnphost - ok
21:23:49.0003 3396 [ 54D4B48D443E7228BF64CF7CDC3118AC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
21:23:49.0003 3396 USBAAPL64 - ok
21:23:49.0081 3396 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
21:23:49.0081 3396 usbaudio - ok
21:23:49.0128 3396 [ 481DFF26B4DCA8F4CBAC1F7DCE1D6829 ] usbccgp C:\Windows\system32\drivers\usbccgp.sys
21:23:49.0144 3396 usbccgp - ok
21:23:49.0190 3396 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
21:23:49.0190 3396 usbcir - ok
21:23:49.0237 3396 [ 74EE782B1D9C241EFE425565854C661C ] usbehci C:\Windows\system32\drivers\usbehci.sys
21:23:49.0237 3396 usbehci - ok
21:23:49.0378 3396 [ DC96BD9CCB8403251BCF25047573558E ] usbhub C:\Windows\system32\drivers\usbhub.sys
21:23:49.0378 3396 usbhub - ok
21:23:49.0393 3396 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\drivers\usbohci.sys
21:23:49.0393 3396 usbohci - ok
21:23:49.0440 3396 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
21:23:49.0440 3396 usbprint - ok
21:23:49.0487 3396 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
21:23:49.0487 3396 usbscan - ok
21:23:49.0518 3396 [ D76510CFA0FC09023077F22C2F979D86 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
21:23:49.0534 3396 USBSTOR - ok
21:23:49.0580 3396 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
21:23:49.0580 3396 usbuhci - ok
21:23:49.0627 3396 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
21:23:49.0627 3396 usbvideo - ok
21:23:49.0674 3396 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
21:23:49.0674 3396 UxSms - ok
21:23:49.0705 3396 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
21:23:49.0705 3396 VaultSvc - ok
21:23:49.0768 3396 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
21:23:49.0768 3396 vdrvroot - ok
21:23:49.0814 3396 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
21:23:49.0814 3396 vds - ok
21:23:49.0877 3396 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
21:23:49.0877 3396 vga - ok
21:23:49.0908 3396 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
21:23:49.0908 3396 VgaSave - ok
21:23:49.0986 3396 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
21:23:49.0986 3396 vhdmp - ok
21:23:50.0048 3396 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
21:23:50.0048 3396 viaide - ok
21:23:50.0095 3396 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
21:23:50.0095 3396 volmgr - ok
21:23:50.0236 3396 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:23:50.0236 3396 volmgrx - ok
21:23:50.0376 3396 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
21:23:50.0376 3396 volsnap - ok
21:23:50.0407 3396 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
21:23:50.0423 3396 vsmraid - ok
21:23:50.0501 3396 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
21:23:50.0516 3396 VSS - ok
21:23:50.0532 3396 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
21:23:50.0548 3396 vwifibus - ok
21:23:50.0626 3396 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
21:23:50.0626 3396 vwififlt - ok
21:23:50.0735 3396 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
21:23:50.0735 3396 vwifimp - ok
21:23:50.0938 3396 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
21:23:50.0953 3396 W32Time - ok
21:23:50.0984 3396 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
21:23:51.0000 3396 WacomPen - ok
21:23:51.0140 3396 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
21:23:51.0156 3396 WANARP - ok
21:23:51.0172 3396 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:23:51.0172 3396 Wanarpv6 - ok
21:23:51.0281 3396 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
21:23:51.0328 3396 WatAdminSvc - ok
21:23:51.0702 3396 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
21:23:51.0718 3396 wbengine - ok
21:23:51.0764 3396 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
21:23:51.0764 3396 WbioSrvc - ok
21:23:51.0811 3396 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:23:51.0811 3396 wcncsvc - ok
21:23:51.0827 3396 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:23:51.0827 3396 WcsPlugInService - ok
21:23:51.0858 3396 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
21:23:51.0858 3396 Wd - ok
21:23:51.0874 3396 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:23:51.0889 3396 Wdf01000 - ok
21:23:51.0920 3396 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:23:51.0920 3396 WdiServiceHost - ok
21:23:51.0920 3396 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:23:51.0920 3396 WdiSystemHost - ok
21:23:51.0967 3396 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
21:23:51.0967 3396 WebClient - ok
21:23:51.0998 3396 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:23:51.0998 3396 Wecsvc - ok
21:23:52.0030 3396 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:23:52.0030 3396 wercplsupport - ok
21:23:52.0061 3396 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
21:23:52.0061 3396 WerSvc - ok
21:23:52.0108 3396 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
21:23:52.0108 3396 WfpLwf - ok
21:23:52.0123 3396 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
21:23:52.0123 3396 WIMMount - ok
21:23:52.0123 3396 WinHttpAutoProxySvc - ok
21:23:52.0201 3396 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:23:52.0201 3396 Winmgmt - ok
21:23:52.0700 3396 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
21:23:52.0981 3396 WinRM - ok
21:23:53.0200 3396 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
21:23:53.0231 3396 WinUsb - ok
21:23:53.0418 3396 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
21:23:53.0434 3396 Wlansvc - ok
21:23:54.0042 3396 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:23:54.0042 3396 wlidsvc - ok
21:23:54.0104 3396 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
21:23:54.0104 3396 WmiAcpi - ok
21:23:54.0198 3396 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:23:54.0198 3396 wmiApSrv - ok
21:23:54.0260 3396 WMPNetworkSvc - ok
21:23:54.0385 3396 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:23:54.0416 3396 WPCSvc - ok
21:23:54.0463 3396 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:23:54.0463 3396 WPDBusEnum - ok
21:23:54.0526 3396 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:23:54.0526 3396 ws2ifsl - ok
21:23:54.0526 3396 WSearch - ok
21:23:54.0635 3396 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
21:23:54.0791 3396 wuauserv - ok
21:23:54.0806 3396 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:23:54.0806 3396 WudfPf - ok
21:23:54.0884 3396 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
21:23:54.0900 3396 WUDFRd - ok
21:23:54.0947 3396 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:23:54.0947 3396 wudfsvc - ok
21:23:55.0025 3396 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
21:23:55.0025 3396 WwanSvc - ok
21:23:55.0274 3396 X6va005 - ok
21:23:55.0399 3396 [ 4A5CE13408945E525503B5F73D29B9C5 ] xnacc C:\Windows\system32\DRIVERS\xnacc.sys
21:23:55.0430 3396 xnacc - ok
21:23:55.0446 3396 xsherlock - ok
21:23:55.0462 3396 ================ Scan global ===============================
21:23:55.0477 3396 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
21:23:55.0571 3396 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
21:23:55.0571 3396 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
21:23:55.0618 3396 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
21:23:55.0711 3396 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
21:23:55.0711 3396 [Global] - ok
21:23:55.0711 3396 ================ Scan MBR ==================================
21:23:55.0742 3396 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:23:56.0257 3396 \Device\Harddisk0\DR0 - ok
21:23:56.0257 3396 ================ Scan VBR ==================================
21:23:56.0288 3396 [ C74C0936C4B3347D1EA2824C2BB1FAAE ] \Device\Harddisk0\DR0\Partition1
21:23:56.0288 3396 \Device\Harddisk0\DR0\Partition1 - ok
21:23:56.0351 3396 [ F2BD5DCA5A9F41CFA2F1BB4240186B44 ] \Device\Harddisk0\DR0\Partition2
21:23:56.0351 3396 \Device\Harddisk0\DR0\Partition2 - ok
21:23:56.0351 3396 ============================================================
21:23:56.0351 3396 Scan finished
21:23:56.0351 3396 ============================================================
21:23:56.0366 3464 Detected object count: 1
21:23:56.0366 3464 Actual detected object count: 1
21:24:00.0188 3464 Akamai ( HiddenFile.Multi.Generic ) - skipped by user
21:24:00.0188 3464 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip

#10 danger.sg

danger.sg
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:06:21 AM

Posted 29 December 2012 - 12:37 AM

# AdwCleaner v2.103 - Logfile created 12/28/2012 at 21:31:37
# Updated 25/12/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Kid Danger - KIDDANGER-PC
# Boot Mode : Normal
# Running from : C:\Users\Kid Danger\Desktop\Save\protect\Computer tools\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Deleted on reboot : C:\Users\Kid Danger\Desktop\Save
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
File Deleted : C:\user.js
File Deleted : C:\Users\Kid Danger\AppData\Roaming\Mozilla\Firefox\Profiles\ejn4i42o.default\searchplugins

\Conduit.xml
File Deleted : C:\Users\Kid Danger\AppData\Roaming\Mozilla\Firefox\Profiles\ejn4i42o.default\searchplugins

\daemon-search.xml
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\ProgramData\blekko toolbars
Folder Deleted : C:\Users\Kid Danger\AppData\Local\Conduit
Folder Deleted : C:\Users\Kid Danger\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Kid Danger\AppData\Roaming\Mozilla\Firefox\Profiles\ejn4i42o.default\Conduit
Folder Deleted : C:\Users\Kid Danger\AppData\Roaming\Mozilla\Firefox\Profiles\ejn4i42o.default\ConduitEngine
Folder Deleted : C:\Users\Kid Danger\AppData\Roaming\Mozilla\Firefox\Profiles\ejn4i42o.default\CT2790392
Folder Deleted : C:\Users\Kid Danger\AppData\Roaming\Mozilla\Firefox\Profiles\ejn4i42o.default\extensions

\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
Folder Deleted : C:\Users\Kid Danger\AppData\Roaming\Mozilla\Firefox\Profiles\ejn4i42o.default\extensions

\cacaoweb@cacaoweb.org
Folder Deleted : C:\Users\Kid Danger\AppData\Roaming\Mozilla\Firefox\Profiles\ejn4i42o.default\extensions

\crossriderapp2258@crossrider.com
Folder Deleted : C:\Users\Kid Danger\AppData\Roaming\Mozilla\Firefox\Profiles\ejn4i42o.default\extensions

\engine@conduit.com

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\cacaoweb
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-

4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2790392
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7B63B2922B174135AFC0E1377DD81EC2}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-

185A7020515B}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-

4E364A424E17}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Mozilla Firefox v17.0.1 (en-US)

File : C:\Users\Kid Danger\AppData\Roaming\Mozilla\Firefox\Profiles\ejn4i42o.default\prefs.js

C:\Users\Kid Danger\AppData\Roaming\Mozilla\Firefox\Profiles\ejn4i42o.default\user.js ... Deleted !

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [4051 octets] - [28/12/2012 21:31:37]

########## EOF - C:\AdwCleaner[S1].txt - [4111 octets] ##########

#11 danger.sg

danger.sg
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:06:21 AM

Posted 29 December 2012 - 01:00 AM

C:\FRST\Quarantine\tfsnifs.dll Win64/Sirefef.W trojan
C:\Program Files (x86)\Cheat Engine 6.1\cheatengine-i386.exe a variant of Win32/HackTool.CheatEngine.AB application


ESET.


::Steps completed

#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:21 AM

Posted 29 December 2012 - 07:41 PM

Great ! This can be the causeof the BSOD...Sirefef.W trojan

Do this next and let me know how it is..


Go to Start ... Run and type in cmd
A dos Window will appear.
Type in the dos window: netsh winsock reset
Click on the enter key.

Reboot your system to complete the process.


Re Run Minitoolbox with only this checked..... List Winsock Entries

Click Go and post the result.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 danger.sg

danger.sg
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:06:21 AM

Posted 30 December 2012 - 09:43 AM

MiniToolBox by Farbar Version: 25-11-2012
Ran by Kid Danger (administrator) on 30-12-2012 at 06:42:31
Running from "C:\Users\Kid Danger\Downloads"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 C:\Windows\SysWOW64\nwprovau.dll [File Not found] ()
Catalog5 03 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 04 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 09 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

**** End of log ****

#14 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:21 AM

Posted 30 December 2012 - 07:55 PM

Since that did not fully fix the Winsock,I suspect there is still some of this left,Win64/Sirefef.W trojan.
We need a new topic and a deeper look. Please follow this Preparation Guide and post in a new topic.

Let me know if all went well.

Include this link back to here...
http://www.bleepingcomputer.com/forums/topic479701.html/page__pid__2933971#entry2933971
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users