Toshiba Laptop Boot Issues

FatalityTech

FatalityTech

Member
So i had a client bring me her Toshiba Laptop. It was Full of Malware and the MBR was screwed up. So we did file recovery and did a wipe and reload. She just brought the machine back and it will not boot.

It does one of two things after the splash screen
It either shows a black screen with a flashing cursor
or it is just a black screen

I can get it to boot if i do a Start up recovery from the Win 7 repair disk.
But it will only reboot sucesfully once maybe twice then the same problem.

Any thoughts on this would be great, Thanks

Specs:
Toshiba C655
AMD Athlon duel core
4 GB ram
Windows 7 Home Premium 64 bit
 
Have you ran rootkit scanner like tdsskiller? or Malwarebytes antirootkit?

Usually this behavior means its an issue with the hdd or its a rootkit/mbr infection.
 
Ran Rootkit scanners and Malware bytes for good mojo and did find a rootkit. However for the first time in dealing with this problem i got an Error Message.

File: \Boot\BCD
Status: 0xc000000e9
info: An unexpected I/O error has occured.

Nothing is or has been connected to the system. I am Running Western Digital's HDD scan now to see if it is a Hard drive issue.

Does anyone have any other suggestions?

Thanks Again.
 
You say you had a rootkit? Can you post the log that showed it? Are you able to boot into windows or no? If so, please do the following.

Download and Run ComboFix
If you already have Combofix, please delete this copy and download it again as it's being updated regularly.
  • Download this file here :

    Combofix

  • When the page loads click on the blue combofix download link next to the BleepingComputer Mirror.
  • Save the file to your windows desktop. The combofix icon will look like this when it has downloaded to your desktop.

    cf-icon.jpg
  • We are almost ready to start ComboFix, but before we do so, we need to take some preventative measures so that there are no conflicts with other programs when running ComboFix. At this point you should do the following:

  • Close all open Windows including this one.
  • Close or disable all running Antivirus, Antispyware, and Firewall programs as they may interfere with the proper running of ComboFix. Instructions on disabling these type of programs can be found here.
    Once these two steps have been completed, double-click on the ComboFix icon found on your desktop. Please note, that once you start ComboFix you should not click anywhere on the ComboFix window as it can cause the program to stall. In fact, when ComboFix is running, do not touch your computer at all. The scan could take a while, so please be patient.
  • Please click on I agree on the disclaimer window.
  • ComboFix will now install itself on to your computer. When it is done, a blue screen will appear as shown below.

    cf-preparing.jpg

  • ComboFix is now preparing to run. When it has finished ComboFix will automatically attempt to create a System Restore point so that if any problems occur while using the program you can restore back to your previous configuration. When ComboFix has finished creating the restore point, it will then backup your Windows Registry as shown in the image below.

    erunt.jpg

  • Once the Windows Registry has finished being backed up, ComboFix will attempt to detect if you have the Windows Recovery Console installed. If you already have it installed, you can skip to this section and continue reading. Otherwise you will see the following message as shown below:

    recovery-console-prompt.jpg

  • At the above message box, please click on the Yes button in order for ComboFix to continue. Please follow the steps and instructions given by ComboFix in order to finish the installation of the Recovery Console.
  • Please click on yes in the next window to continue scanning for malware.
  • ComboFix will now disconnect your computer from the Internet, so do not be surprised or concerned if you receive any warnings stating that you are no longer on the Internet. When ComboFix has finished it will automatically restore your Internet connection.
  • ComboFix will now start scanning your computer for known infections. This procedure can take some time, so please be patient.
  • While the program is scanning your computer, it will change your clock format, so do not be concerned when you see this happen. When ComboFix is finished it will restore your clock settings to their previous settings. You will also see the text in the ComboFix window being updated as it goes through the various stages of its scan. An example of this can be seen below.

    still-scanning-clockchanges.jpg

  • When ComboFix has finished running, you will see a screen stating that it is preparing the log report.
  • This can take a while, so please be patient. If you see your Windows desktop disappear, do not worry. This is normal and ComboFix will restore your desktop before it is finished. Eventually you will see a new screen that states the program is almost finished and telling you the programs log file, or report, will be located at C:\ComboFix.txt.
  • When ComboFix has finished, it will automatically close the program and change your clock back to its original format. It will then display the log file automatically for you.
  • Now you just click on the edit menu and click on select all, then click on the edit menu again and click on copy. Then come to the forum in your reply and right click on your mouse and click on paste.

If for some reason, if you try to run a program or open a file and you get an error message saying "illegal operation attempted on a registry key that has been marked for deletion", please just reboot your pc and you'll be fine.


In your next reply please post:
  • The ComboFix log
  • A fresh HiJackThis log
  • An update on how your computer is running
 
I Unfortunaly do not have the log for the rootkit, i do however have the other things you asked for.

Combo Fix Log

ComboFix 13-09-10.03 - Geek 09/11/2013 14:19:43.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3835.2797 [GMT -7:00]
Running from: c:\users\Geek\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\cc_20130905_141638.reg
.
.
((((((((((((((((((((((((( Files Created from 2013-08-11 to 2013-09-11 )))))))))))))))))))))))))))))))
.
.
2013-09-11 21:26 . 2013-09-11 21:26 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-09-11 20:54 . 2013-08-20 08:46 9515512 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{AE55708E-52DE-4837-81C3-ED800F233962}\mpengine.dll
2013-09-11 20:34 . 2013-08-05 02:25 155584 ----a-w- c:\windows\system32\drivers\ataport.sys
2013-09-09 19:00 . 2010-01-02 08:10 -------- d-----w- C:\sc16v180
2013-09-08 21:22 . 2010-01-02 08:10 -------- d-----w- c:\program files\CrystalDiskMark
2013-09-08 21:22 . 2010-01-02 08:10 -------- d-----w- c:\programdata\AVG SafeGuard toolbar
2013-09-08 21:22 . 2010-01-02 08:10 -------- d-----w- c:\program files (x86)\Common Files\AVG Secure Search
2013-09-08 21:22 . 2010-01-02 08:10 -------- d-----w- c:\program files (x86)\AVG SafeGuard toolbar
2013-09-08 21:21 . 2013-09-08 21:21 -------- d--h--w- c:\programdata\Common Files
2013-09-08 05:10 . 2013-09-08 05:10 -------- d-----w- c:\programdata\AskPartnerNetwork
2013-09-08 05:10 . 2013-09-08 05:10 -------- d-----w- c:\program files (x86)\AskPartnerNetwork
2013-09-08 05:10 . 2013-09-08 05:10 -------- d-----w- c:\programdata\APN
2013-09-08 05:08 . 2013-09-08 05:08 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-09-08 05:08 . 2013-09-08 05:08 -------- d-----w- c:\program files (x86)\Java
2013-09-08 05:07 . 2013-09-08 05:07 -------- d-----w- c:\programdata\McAfee
2013-09-08 05:02 . 2013-09-08 05:02 -------- d-----w- c:\program files (x86)\OpenOffice 4
2013-09-05 23:21 . 2013-09-05 23:21 -------- dc----w- c:\windows\system32\DRVSTORE
2013-09-05 23:21 . 2012-08-21 20:01 33240 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2013-09-05 23:20 . 2013-09-05 23:20 -------- d-----w- c:\program files\iPod
2013-09-05 23:20 . 2013-09-05 23:21 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-09-05 23:20 . 2013-09-05 23:21 -------- d-----w- c:\program files\iTunes
2013-09-05 23:20 . 2013-09-05 23:21 -------- d-----w- c:\program files (x86)\iTunes
2013-09-05 23:20 . 2013-09-05 23:20 -------- d-----w- c:\programdata\Apple Computer
2013-09-05 23:15 . 2013-09-05 23:15 -------- d-----w- c:\program files (x86)\Apple Software Update
2013-09-05 23:15 . 2013-09-05 23:15 -------- d-----w- c:\program files\Common Files\Apple
2013-09-05 23:14 . 2013-09-05 23:14 -------- d-----w- c:\program files (x86)\Bonjour
2013-09-05 23:14 . 2013-09-05 23:14 -------- d-----w- c:\program files\Bonjour
2013-09-05 23:14 . 2013-09-05 23:20 -------- d-----w- c:\program files (x86)\Common Files\Apple
2013-09-05 23:14 . 2013-09-05 23:15 -------- d-----w- c:\programdata\Apple
2013-09-05 20:48 . 2013-09-05 20:48 965008 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{88555F59-B4E2-4CB1-AA20-E75DAC1F0E62}\gapaengine.dll
2013-09-05 20:47 . 2013-09-05 20:47 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2013-09-05 20:47 . 2013-09-05 20:47 -------- d-----w- c:\program files\Microsoft Security Client
2013-09-05 20:45 . 2013-09-05 20:45 -------- d-----w- c:\program files (x86)\Google
2013-09-05 19:22 . 2013-04-02 22:51 1643520 ----a-w- c:\windows\system32\DWrite.dll
2013-09-05 19:22 . 2013-04-09 23:34 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll
2013-09-05 19:22 . 2013-09-05 19:22 -------- d-----w- c:\program files (x86)\Microsoft.NET
2013-09-05 19:21 . 2010-01-02 08:10 -------- d-sh--w- c:\windows\Installer
2013-09-05 19:12 . 2013-09-05 19:12 -------- d-----w- c:\windows\SysWow64\Wat
2013-09-05 19:12 . 2013-09-05 19:12 -------- d-----w- c:\windows\system32\Wat
2013-09-05 19:06 . 2012-08-23 15:09 3072 ----a-w- c:\windows\system32\drivers\en-US\tsusbflt.sys.mui
2013-09-05 19:04 . 2013-01-13 19:53 187392 ----a-w- c:\windows\SysWow64\UIAnimation.dll
2013-09-05 19:04 . 2013-01-13 19:24 221184 ----a-w- c:\windows\system32\UIAnimation.dll
2013-09-05 19:04 . 2013-01-04 06:11 2284544 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2013-09-05 19:04 . 2013-01-04 06:11 2776576 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2013-09-05 18:53 . 2013-09-05 18:53 0 ----a-w- c:\windows\ativpsrm.bin
2013-09-05 18:18 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-09-05 18:18 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2013-09-05 18:18 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2013-09-05 18:18 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2013-09-05 18:09 . 2013-09-11 20:39 -------- d-----w- c:\windows\system32\MRT
2013-09-05 18:01 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2013-09-05 18:01 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2013-09-05 18:00 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2013-09-05 18:00 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2013-09-05 18:00 . 2010-09-30 10:41 100864 ----a-w- c:\windows\system32\fontsub.dll
2013-09-05 18:00 . 2010-09-30 06:47 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2013-09-05 18:00 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2013-09-05 18:00 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2013-09-05 18:00 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2013-09-05 18:00 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2013-09-05 18:00 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2013-09-05 18:00 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2013-09-05 18:00 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2013-09-05 17:58 . 2013-08-20 07:46 9515512 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{90AE8BC7-F06B-45FE-B592-75D56254DE6B}\mpengine.dll
2013-09-05 17:54 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2013-09-05 17:54 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll
2013-09-05 17:54 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2013-09-05 17:54 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2013-09-05 17:54 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2013-09-05 17:54 . 2013-09-11 20:43 -------- d-----w- c:\windows\Panther
2013-09-05 17:47 . 2013-05-10 05:49 30720 ----a-w- c:\windows\system32\cryptdlg.dll
2013-09-05 17:46 . 2013-02-27 06:02 111448 ----a-w- c:\windows\system32\consent.exe
2013-09-05 17:45 . 2012-10-03 17:44 70656 ----a-w- c:\windows\system32\nlaapi.dll
2013-09-05 17:44 . 2011-11-17 06:35 395776 ----a-w- c:\windows\system32\webio.dll
2013-09-05 17:39 . 2011-11-19 14:58 77312 ----a-w- c:\windows\system32\packager.dll
2013-09-05 17:39 . 2011-11-19 14:01 67072 ----a-w- c:\windows\SysWow64\packager.dll
2013-09-05 17:32 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2013-09-05 17:32 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2013-09-05 17:32 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2013-09-05 17:06 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2013-09-05 17:06 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2013-09-05 17:06 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2013-09-05 17:06 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2013-09-05 17:05 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2013-09-05 17:05 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2013-09-05 17:05 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2013-09-05 17:05 . 2012-06-02 22:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2013-09-05 17:05 . 2012-06-02 22:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2013-09-05 17:04 . 2010-01-02 07:12 -------- d-----w- c:\users\Geek
2013-09-05 17:04 . 2013-09-05 17:04 -------- d-----w- C:\Recovery
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-08-20 08:46 . 2010-01-02 07:39 9515512 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-08-02 01:48 . 2013-09-11 20:34 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-06-19 04:50 . 2013-06-19 04:50 247216 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2013-06-19 04:50 . 2013-06-19 04:50 139616 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-22 59720]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-08-16 152392]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-09-05 20:45 1177552 ----a-w- c:\program files (x86)\Google\Chrome\Application\29.0.1547.66\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-09-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-09-05 20:45]
.
2013-09-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-09-05 20:45]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-08-14 1573160]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-07-19 1356240]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
TCP: DhcpNameServer = 68.105.28.12 68.105.29.12 68.105.28.11
.
- - - - ORPHANS REMOVED - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-09-11 14:34:40
ComboFix-quarantined-files.txt 2013-09-11 21:34
.
Pre-Run: 214,522,982,400 bytes free
Post-Run: 214,599,557,120 bytes free
.
- - End Of File - - 7F22B725A88DFD1620EA8AEA7DD4A239
A36C5E4F47E84449FF07ED3517B43A31


HiJack This Log

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 2:36:36 PM, on 9/11/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16686)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Users\Geek\Downloads\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 5136 bytes



The machine is running a little better, but it is having problems starting still.
Thanks again for all the help guys.
 
I still see adware in the hijackthis log but don't think that would cause it to have booting issues. What rootkit scanner did you run? Was it tdsskiller? If not, run it now.

Please download and run TDSSkiller

When the program opens, click on the start scan button.

tdssstartscan_zps32a151cd.jpg


TDSSKiller will now scan your computer for the TDSS infection. When the scan has finished it will display a result screen stating whether or not the infection was found on your computer. If it was found it will display a screen similar to the one below.

2663-2-eng.png


To remove the infections simply click on the Continue button and TDSSKiller will attempt to clean them or remove them.

After trying to clean them it will pop up with the results of the scan and its actions.

2663_3_en.png


Please reboot the system if asked to do so.

After running there will be a log that will be located at the root of your c:\ drive labeled tdsskiller with a series of numbers after it example, C:\TDSSKiller.2.4.7_23.07.2010_15.31.43_log.txt

Please open the log and copy and paste it back here.

Lets run this as well.

Please download AdwCleaner by Xplode onto your Desktop.



•Please close all open programs and internet browsers.
•Double click on adwcleaner.exe to run the tool.
•Click on Scan.
•After the scan you will need to click on clean for it to delete the adware.
•Your computer will be rebooted automatically. A text file will open after the restart.
•Please post the content of that logfile in your reply.
•You can find the logfile at C:\AdwCleaner[Sn].txt as well - n is the order number.
 
23:36:14.0416 0x0b6c TDSS rootkit removing tool 2.9.2.0 Aug 15 2013 16:44:29
23:36:15.0898 0x0b6c ====================
23:36:15.0898 0x0b6c Current date / time: 2010/01/01 23:36:15.0898
23:36:15.0898 0x0b6c SystemInfo:
23:36:15.0898 0x0b6c
23:36:15.0898 0x0b6c OS Version: 6.1.7601 ServicePack: 1.0
23:36:15.0898 0x0b6c Product type: Workstation
23:36:15.0898 0x0b6c ComputerName: GEEK-PC
23:36:15.0898 0x0b6c UserName: Geek
23:36:15.0898 0x0b6c Windows directory: C:\Windows
23:36:15.0898 0x0b6c System windows directory: C:\Windows
23:36:15.0898 0x0b6c Running under WOW64
23:36:15.0898 0x0b6c Processor architecture: Intel x64
23:36:15.0898 0x0b6c Number of processors: 2
23:36:15.0898 0x0b6c Page size: 0x1000
23:36:15.0898 0x0b6c Boot type: Normal boot
23:36:15.0898 0x0b6c =================

23:36:17.0864 0x0b6c Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x8730, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xE0, Type 'K0', Flags 0x00000040
23:36:17.0880 0x0b6c Drive \Device\Harddisk2\DR2 - Size: 0x1DE000000 (7.47 Gb), SectorSize: 0x200, Cylinders: 0x3CE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
23:36:17.0895 0x0b6c ============================

23:36:17.0895 0x0b6c \Device\Harddisk0\DR0:
23:36:17.0895 0x0b6c MBR partitions:
23:36:17.0895 0x0b6c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
23:36:17.0895 0x0b6c \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D192800
23:36:17.0895 0x0b6c \Device\Harddisk2\DR2:
23:36:17.0895 0x0b6c MBR partitions:
23:36:17.0895 0x0b6c \Device\Harddisk2\DR2\Partition1: MBR, Type 0xB, StartLBA 0x3F, BlocksNum 0xEEFFC1
23:36:17.0895 0x0b6c ============================================================
23:36:17.0926 0x0b6c C: <-> \Device\Harddisk0\DR0\Partition2
23:36:17.0926 0x0b6c ==========================

23:36:17.0926 0x0b6c Initialize success
23:36:17.0926 0x0b6c ===============================

23:36:19.0986 0x090c =====================
==
23:36:19.0986 0x090c Scan started
23:36:19.0986 0x090c Mode: Manual;
23:36:19.0986 0x090c =======================
==
23:36:21.0561 0x090c ================ Scan system memory ========================
23:36:21.0561 0x090c System memory - ok
23:36:21.0561 0x090c ================ Scan services =============================
23:36:21.0920 0x090c [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
23:36:21.0936 0x090c 1394ohci - ok
23:36:21.0982 0x090c [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
23:36:21.0982 0x090c ACPI - ok
23:36:22.0014 0x090c [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
23:36:22.0014 0x090c AcpiPmi - ok
23:36:22.0076 0x090c [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
23:36:22.0076 0x090c adp94xx - ok
23:36:22.0107 0x090c [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
23:36:22.0107 0x090c adpahci - ok
23:36:22.0138 0x090c [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
23:36:22.0138 0x090c adpu320 - ok
23:36:22.0170 0x090c [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
23:36:22.0170 0x090c AeLookupSvc - ok
23:36:22.0263 0x090c [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
23:36:22.0279 0x090c AFD - ok
23:36:22.0294 0x090c [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
23:36:22.0294 0x090c agp440 - ok
23:36:22.0341 0x090c [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
23:36:22.0341 0x090c ALG - ok
23:36:22.0341 0x090c [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
23:36:22.0341 0x090c aliide - ok
23:36:22.0404 0x090c [ D696F317BD465A602566F8E1DCCE15F7 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
23:36:22.0404 0x090c AMD External Events Utility - ok
23:36:22.0404 0x090c [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
23:36:22.0419 0x090c amdide - ok
23:36:22.0450 0x090c [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
23:36:22.0450 0x090c AmdK8 - ok
23:36:22.0482 0x090c [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
23:36:22.0482 0x090c AmdPPM - ok
23:36:22.0528 0x090c [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
23:36:22.0528 0x090c amdsata - ok
23:36:22.0560 0x090c [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
23:36:22.0560 0x090c amdsbs - ok
23:36:22.0591 0x090c [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
23:36:22.0591 0x090c amdxata - ok
23:36:22.0638 0x090c [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
23:36:22.0638 0x090c AppID - ok
23:36:22.0669 0x090c [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
23:36:22.0669 0x090c AppIDSvc - ok
23:36:22.0731 0x090c [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
23:36:22.0731 0x090c Appinfo - ok
23:36:22.0903 0x090c [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
23:36:22.0903 0x090c Apple Mobile Device - ok
23:36:22.0950 0x090c [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
23:36:22.0950 0x090c arc - ok
23:36:22.0950 0x090c [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
23:36:22.0950 0x090c arcsas - ok
23:36:22.0965 0x090c [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
23:36:22.0965 0x090c AsyncMac - ok
23:36:22.0965 0x090c [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
23:36:22.0965 0x090c atapi - ok
23:36:23.0043 0x090c [ 88A02B6046356E6BE4E387FAA7451439 ] athr C:\Windows\system32\DRIVERS\athrx.sys
23:36:23.0090 0x090c athr - ok
23:36:23.0293 0x090c [ 52BD95CAA9CAE8977FE043E9AD6D2D0E ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
23:36:23.0449 0x090c atikmdag - ok
23:36:23.0542 0x090c [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:36:23.0542 0x090c AudioEndpointBuilder - ok
23:36:23.0574 0x090c [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
23:36:23.0574 0x090c AudioSrv - ok
23:36:23.0652 0x090c [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
23:36:23.0652 0x090c AxInstSV - ok
23:36:23.0714 0x090c [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
23:36:23.0730 0x090c b06bdrv - ok
23:36:23.0808 0x090c [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
23:36:23.0808 0x090c b57nd60a - ok
23:36:23.0886 0x090c [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
23:36:23.0886 0x090c BDESVC - ok
23:36:23.0932 0x090c [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
23:36:23.0932 0x090c Beep - ok
23:36:24.0026 0x090c [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
23:36:24.0042 0x090c BFE - ok
23:36:24.0088 0x090c [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
23:36:24.0104 0x090c BITS - ok
23:36:24.0151 0x090c [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
23:36:24.0151 0x090c blbdrive - ok
23:36:24.0322 0x090c [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
23:36:24.0322 0x090c Bonjour Service - ok
23:36:24.0369 0x090c [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
23:36:24.0369 0x090c bowser - ok
23:36:24.0400 0x090c [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
23:36:24.0400 0x090c BrFiltLo - ok
23:36:24.0416 0x090c [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
23:36:24.0416 0x090c BrFiltUp - ok
23:36:24.0447 0x090c [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
23:36:24.0447 0x090c Browser - ok
23:36:24.0463 0x090c [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
23:36:24.0463 0x090c Brserid - ok
23:36:24.0478 0x090c [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
23:36:24.0478 0x090c BrSerWdm - ok
23:36:24.0478 0x090c [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
23:36:24.0478 0x090c BrUsbMdm - ok
23:36:24.0494 0x090c [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
23:36:24.0494 0x090c BrUsbSer - ok
23:36:24.0541 0x090c [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
23:36:24.0541 0x090c BTHMODEM - ok
23:36:24.0572 0x090c [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
23:36:24.0572 0x090c bthserv - ok
23:36:24.0603 0x090c [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
23:36:24.0603 0x090c cdfs - ok
23:36:24.0681 0x090c [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
23:36:24.0681 0x090c cdrom - ok
23:36:24.0728 0x090c [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
23:36:24.0728 0x090c CertPropSvc - ok
23:36:24.0775 0x090c [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
23:36:24.0775 0x090c circlass - ok
23:36:24.0806 0x090c [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
23:36:24.0806 0x090c CLFS - ok
23:36:24.0915 0x090c [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:36:24.0915 0x090c clr_optimization_v2.0.50727_32 - ok
23:36:24.0962 0x090c [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:36:24.0962 0x090c clr_optimization_v2.0.50727_64 - ok
23:36:25.0087 0x090c [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:36:25.0134 0x090c clr_optimization_v4.0.30319_32 - ok
23:36:25.0165 0x090c [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:36:25.0165 0x090c clr_optimization_v4.0.30319_64 - ok
23:36:25.0227 0x090c [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
23:36:25.0227 0x090c CmBatt - ok
23:36:25.0243 0x090c [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
23:36:25.0243 0x090c cmdide - ok
23:36:25.0274 0x090c [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
23:36:25.0290 0x090c CNG - ok
23:36:25.0321 0x090c [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
23:36:25.0321 0x090c Compbatt - ok
23:36:25.0336 0x090c [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
23:36:25.0336 0x090c CompositeBus - ok
23:36:25.0352 0x090c COMSysApp - ok
23:36:25.0383 0x090c [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
23:36:25.0383 0x090c crcdisk - ok
23:36:25.0446 0x090c [ 6B400F211BEE880A37A1ED0368776BF4 ] CryptSvc C:\Windows\system32\cryptsvc.dll
23:36:25.0446 0x090c CryptSvc - ok
23:36:25.0492 0x090c [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
23:36:25.0492 0x090c DcomLaunch - ok
23:36:25.0555 0x090c [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
23:36:25.0555 0x090c defragsvc - ok
23:36:25.0555 0x090c [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
23:36:25.0570 0x090c DfsC - ok
23:36:25.0617 0x090c [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
23:36:25.0617 0x090c Dhcp - ok
23:36:25.0633 0x090c [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
23:36:25.0633 0x090c discache - ok
23:36:25.0695 0x090c [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
23:36:25.0711 0x090c Disk - ok
23:36:25.0726 0x090c [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
23:36:25.0726 0x090c Dnscache - ok
23:36:25.0758 0x090c [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
23:36:25.0758 0x090c dot3svc - ok
23:36:25.0773 0x090c [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
23:36:25.0773 0x090c DPS - ok
23:36:25.0836 0x090c [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
23:36:25.0836 0x090c drmkaud - ok
23:36:25.0882 0x090c [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
23:36:25.0882 0x090c DXGKrnl - ok
23:36:25.0960 0x090c [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
23:36:25.0960 0x090c EapHost - ok
23:36:26.0054 0x090c [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
23:36:26.0148 0x090c ebdrv - ok
23:36:26.0226 0x090c [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
23:36:26.0226 0x090c EFS - ok
23:36:26.0319 0x090c [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
23:36:26.0319 0x090c ehRecvr - ok
23:36:26.0350 0x090c [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
23:36:26.0366 0x090c ehSched - ok
23:36:26.0413 0x090c [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
23:36:26.0413 0x090c elxstor - ok
23:36:26.0444 0x090c [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
23:36:26.0460 0x090c ErrDev - ok
23:36:26.0475 0x090c [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
23:36:26.0491 0x090c EventSystem - ok
23:36:26.0491 0x090c [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
23:36:26.0491 0x090c exfat - ok
23:36:26.0506 0x090c [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
23:36:26.0506 0x090c fastfat - ok
23:36:26.0569 0x090c [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
23:36:26.0569 0x090c Fax - ok
23:36:26.0584 0x090c [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
23:36:26.0584 0x090c fdc - ok
23:36:26.0600 0x090c [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
23:36:26.0600 0x090c fdPHost - ok
23:36:26.0616 0x090c [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
23:36:26.0616 0x090c FDResPub - ok
23:36:26.0631 0x090c [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
23:36:26.0631 0x090c FileInfo - ok
23:36:26.0631 0x090c [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
23:36:26.0631 0x090c Filetrace - ok
23:36:26.0647 0x090c [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
23:36:26.0647 0x090c flpydisk - ok
23:36:26.0662 0x090c [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
23:36:26.0678 0x090c FltMgr - ok
23:36:26.0725 0x090c [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
23:36:26.0756 0x090c FontCache - ok
23:36:26.0818 0x090c [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:36:26.0818 0x090c FontCache3.0.0.0 - ok
23:36:26.0834 0x090c [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
23:36:26.0834 0x090c FsDepends - ok
23:36:26.0865 0x090c [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
23:36:26.0865 0x090c Fs_Rec - ok
23:36:26.0943 0x090c [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
23:36:26.0943 0x090c fvevol - ok
23:36:26.0990 0x090c [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
23:36:26.0990 0x090c gagp30kx - ok
23:36:27.0068 0x090c [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
23:36:27.0068 0x090c GEARAspiWDM - ok
23:36:27.0115 0x090c [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
23:36:27.0115 0x090c gpsvc - ok
23:36:27.0224 0x090c [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:36:27.0224 0x090c gupdate - ok
23:36:27.0240 0x090c [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:36:27.0240 0x090c gupdatem - ok
23:36:27.0240 0x090c [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
23:36:27.0255 0x090c hcw85cir - ok
23:36:27.0318 0x090c [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:36:27.0318 0x090c HdAudAddService - ok
23:36:27.0364 0x090c [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
23:36:27.0364 0x090c HDAudBus - ok
23:36:27.0380 0x090c [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
23:36:27.0380 0x090c HidBatt - ok
23:36:27.0380 0x090c [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
23:36:27.0380 0x090c HidBth - ok
23:36:27.0396 0x090c [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
23:36:27.0396 0x090c HidIr - ok
23:36:27.0411 0x090c [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
23:36:27.0442 0x090c hidserv - ok
23:36:27.0458 0x090c [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
23:36:27.0458 0x090c HidUsb - ok
23:36:27.0489 0x090c [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
23:36:27.0505 0x090c hkmsvc - ok
23:36:27.0536 0x090c [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
23:36:27.0536 0x090c HomeGroupListener - ok
23:36:27.0552 0x090c [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
23:36:27.0552 0x090c HomeGroupProvider - ok
23:36:27.0567 0x090c [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
23:36:27.0567 0x090c HpSAMD - ok
23:36:27.0614 0x090c [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
23:36:27.0630 0x090c HTTP - ok
23:36:27.0676 0x090c [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
23:36:27.0676 0x090c hwpolicy - ok
23:36:27.0692 0x090c [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
23:36:27.0692 0x090c i8042prt - ok
23:36:27.0786 0x090c [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
23:36:27.0786 0x090c iaStorV - ok
23:36:27.0848 0x090c [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:36:27.0879 0x090c idsvc - ok
23:36:27.0942 0x090c [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
23:36:27.0942 0x090c iirsp - ok
23:36:27.0988 0x090c [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
23:36:28.0004 0x090c IKEEXT - ok
23:36:28.0020 0x090c [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
23:36:28.0020 0x090c intelide - ok
23:36:28.0082 0x090c [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
23:36:28.0082 0x090c intelppm - ok
23:36:28.0098 0x090c [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
23:36:28.0098 0x090c IPBusEnum - ok
23:36:28.0113 0x090c [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:36:28.0113 0x090c IpFilterDriver - ok
23:36:28.0160 0x090c [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
23:36:28.0160 0x090c iphlpsvc - ok
23:36:28.0160 0x090c [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
23:36:28.0176 0x090c IPMIDRV - ok
23:36:28.0176 0x090c [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
23:36:28.0176 0x090c IPNAT - ok
23:36:28.0254 0x090c [ 78486992AC657AE5065C4A2135838570 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
23:36:28.0269 0x090c iPod Service - ok
23:36:28.0285 0x090c [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
23:36:28.0285 0x090c IRENUM - ok
23:36:28.0300 0x090c [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
23:36:28.0300 0x090c isapnp - ok
23:36:28.0332 0x090c [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
23:36:28.0332 0x090c iScsiPrt - ok
23:36:28.0347 0x090c [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
23:36:28.0347 0x090c kbdclass - ok
23:36:28.0378 0x090c [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
23:36:28.0378 0x090c kbdhid - ok
23:36:28.0410 0x090c [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
23:36:28.0410 0x090c KeyIso - ok
23:36:28.0441 0x090c [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
23:36:28.0441 0x090c KSecDD - ok
23:36:28.0472 0x090c [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
23:36:28.0472 0x090c KSecPkg - ok
23:36:28.0503 0x090c [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
23:36:28.0503 0x090c ksthunk - ok
23:36:28.0566 0x090c [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
23:36:28.0581 0x090c KtmRm - ok
23:36:28.0612 0x090c [ 655A5D8E80869781CCE23760ADA7E695 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
23:36:28.0612 0x090c L1C - ok
23:36:28.0659 0x090c [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
23:36:28.0659 0x090c LanmanServer - ok
23:36:28.0690 0x090c [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:36:28.0690 0x090c LanmanWorkstation - ok
23:36:28.0737 0x090c [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
23:36:28.0737 0x090c lltdio - ok
23:36:28.0800 0x090c [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
23:36:28.0815 0x090c lltdsvc - ok
23:36:28.0846 0x090c [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
23:36:28.0846 0x090c lmhosts - ok
23:36:28.0893 0x090c [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
23:36:28.0893 0x090c LSI_FC - ok
23:36:28.0909 0x090c [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
23:36:28.0909 0x090c LSI_SAS - ok
23:36:28.0909 0x090c [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
23:36:28.0924 0x090c LSI_SAS2 - ok
23:36:28.0924 0x090c [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
23:36:28.0924 0x090c LSI_SCSI - ok
23:36:28.0956 0x090c [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
23:36:28.0956 0x090c luafv - ok
23:36:28.0987 0x090c [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
23:36:28.0987 0x090c Mcx2Svc - ok
23:36:29.0002 0x090c [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
 
23:36:29.0002 0x090c megasas - ok
23:36:29.0018 0x090c [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
23:36:29.0034 0x090c MegaSR - ok
23:36:29.0065 0x090c [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
23:36:29.0080 0x090c MMCSS - ok
23:36:29.0096 0x090c [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
23:36:29.0096 0x090c Modem - ok
23:36:29.0127 0x090c [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
23:36:29.0127 0x090c monitor - ok
23:36:29.0127 0x090c [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
23:36:29.0127 0x090c mouclass - ok
23:36:29.0158 0x090c [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\drivers\mouhid.sys
23:36:29.0174 0x090c mouhid - ok
23:36:29.0174 0x090c [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
23:36:29.0174 0x090c mountmgr - ok
23:36:29.0236 0x090c [ FC1D590039EF06A381768710E6C07E75 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
23:36:29.0252 0x090c MpFilter - ok
23:36:29.0268 0x090c [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
23:36:29.0268 0x090c mpio - ok
23:36:29.0268 0x090c [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
23:36:29.0268 0x090c mpsdrv - ok
23:36:29.0314 0x090c [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
23:36:29.0330 0x090c MpsSvc - ok
23:36:29.0361 0x090c [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
23:36:29.0361 0x090c MRxDAV - ok
23:36:29.0377 0x090c [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
23:36:29.0392 0x090c mrxsmb - ok
23:36:29.0408 0x090c [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:36:29.0439 0x090c mrxsmb10 - ok
23:36:29.0455 0x090c [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:36:29.0455 0x090c mrxsmb20 - ok
23:36:29.0470 0x090c [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
23:36:29.0470 0x090c msahci - ok
23:36:29.0470 0x090c [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
23:36:29.0486 0x090c msdsm - ok
23:36:29.0517 0x090c [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
23:36:29.0517 0x090c MSDTC - ok
23:36:29.0533 0x090c [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
23:36:29.0533 0x090c Msfs - ok
23:36:29.0548 0x090c [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
23:36:29.0548 0x090c mshidkmdf - ok
23:36:29.0564 0x090c [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
23:36:29.0564 0x090c msisadrv - ok
23:36:29.0626 0x090c [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
23:36:29.0626 0x090c MSiSCSI - ok
23:36:29.0642 0x090c msiserver - ok
23:36:29.0673 0x090c [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
23:36:29.0673 0x090c MSKSSRV - ok
23:36:29.0751 0x090c [ FD909D744ACFCF61CAC3A77854F8B301 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
23:36:29.0751 0x090c MsMpSvc - ok
23:36:29.0798 0x090c [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
23:36:29.0798 0x090c MSPCLOCK - ok
23:36:29.0798 0x090c [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
23:36:29.0798 0x090c MSPQM - ok
23:36:29.0814 0x090c [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
23:36:29.0814 0x090c MsRPC - ok
23:36:29.0829 0x090c [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
23:36:29.0829 0x090c mssmbios - ok
23:36:29.0892 0x090c [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
23:36:29.0892 0x090c MSTEE - ok
23:36:29.0907 0x090c [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
23:36:29.0907 0x090c MTConfig - ok
23:36:29.0907 0x090c [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
23:36:29.0907 0x090c Mup - ok
23:36:29.0954 0x090c [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
23:36:29.0954 0x090c napagent - ok
23:36:30.0048 0x090c [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
23:36:30.0048 0x090c NativeWifiP - ok
23:36:30.0094 0x090c [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
23:36:30.0110 0x090c NDIS - ok
23:36:30.0172 0x090c [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
23:36:30.0188 0x090c NdisCap - ok
23:36:30.0204 0x090c [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
23:36:30.0219 0x090c NdisTapi - ok
23:36:30.0235 0x090c [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
23:36:30.0235 0x090c Ndisuio - ok
23:36:30.0235 0x090c [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
23:36:30.0235 0x090c NdisWan - ok
23:36:30.0250 0x090c [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
23:36:30.0250 0x090c NDProxy - ok
23:36:30.0266 0x090c [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
23:36:30.0266 0x090c NetBIOS - ok
23:36:30.0282 0x090c [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
23:36:30.0282 0x090c NetBT - ok
23:36:30.0328 0x090c [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
23:36:30.0328 0x090c Netlogon - ok
23:36:30.0422 0x090c [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
23:36:30.0422 0x090c Netman - ok
23:36:30.0484 0x090c [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
23:36:30.0500 0x090c netprofm - ok
23:36:30.0531 0x090c [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:36:30.0531 0x090c NetTcpPortSharing - ok
23:36:30.0562 0x090c [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
23:36:30.0562 0x090c nfrd960 - ok
23:36:30.0625 0x090c [ 8FB3C853E886E1E4D57271672486111C ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
23:36:30.0625 0x090c NisDrv - ok
23:36:30.0656 0x090c [ EC445A9F0FB52E5F467C156FFF6F6D93 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
23:36:30.0672 0x090c NisSrv - ok
23:36:30.0718 0x090c [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
23:36:30.0734 0x090c NlaSvc - ok
23:36:30.0734 0x090c [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
23:36:30.0734 0x090c Npfs - ok
23:36:30.0750 0x090c [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
23:36:30.0750 0x090c nsi - ok
23:36:30.0765 0x090c [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
23:36:30.0765 0x090c nsiproxy - ok
23:36:30.0843 0x090c [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
23:36:30.0874 0x090c Ntfs - ok
23:36:30.0890 0x090c [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
23:36:30.0890 0x090c Null - ok
23:36:30.0906 0x090c [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
23:36:30.0921 0x090c nvraid - ok
23:36:30.0952 0x090c [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
23:36:30.0952 0x090c nvstor - ok
23:36:30.0968 0x090c [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
23:36:30.0984 0x090c nv_agp - ok
23:36:30.0984 0x090c [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
23:36:30.0984 0x090c ohci1394 - ok
23:36:31.0030 0x090c [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
23:36:31.0030 0x090c p2pimsvc - ok
23:36:31.0062 0x090c [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
23:36:31.0062 0x090c p2psvc - ok
23:36:31.0062 0x090c [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
23:36:31.0077 0x090c Parport - ok
23:36:31.0093 0x090c [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
23:36:31.0093 0x090c partmgr - ok
23:36:31.0124 0x090c [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
23:36:31.0124 0x090c PcaSvc - ok
23:36:31.0140 0x090c [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
23:36:31.0140 0x090c pci - ok
23:36:31.0155 0x090c [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
23:36:31.0155 0x090c pciide - ok
23:36:31.0171 0x090c [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
23:36:31.0186 0x090c pcmcia - ok
23:36:31.0186 0x090c [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
23:36:31.0186 0x090c pcw - ok
23:36:31.0202 0x090c [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
23:36:31.0202 0x090c PEAUTH - ok
23:36:31.0327 0x090c [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
23:36:31.0327 0x090c PerfHost - ok
23:36:31.0420 0x090c [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
23:36:31.0452 0x090c pla - ok
23:36:31.0530 0x090c [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
23:36:31.0530 0x090c PlugPlay - ok
23:36:31.0592 0x090c [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
23:36:31.0592 0x090c PNRPAutoReg - ok
23:36:31.0608 0x090c [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
23:36:31.0608 0x090c PNRPsvc - ok
23:36:31.0639 0x090c [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
23:36:31.0654 0x090c PolicyAgent - ok
23:36:31.0717 0x090c [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
23:36:31.0732 0x090c Power - ok
23:36:31.0779 0x090c [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
23:36:31.0779 0x090c PptpMiniport - ok
23:36:31.0795 0x090c [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
23:36:31.0795 0x090c Processor - ok
23:36:31.0826 0x090c [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
23:36:31.0842 0x090c ProfSvc - ok
23:36:31.0857 0x090c [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
23:36:31.0857 0x090c ProtectedStorage - ok
23:36:31.0920 0x090c [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
23:36:31.0920 0x090c Psched - ok
23:36:31.0966 0x090c [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
23:36:31.0998 0x090c ql2300 - ok
23:36:31.0998 0x090c [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
23:36:32.0013 0x090c ql40xx - ok
23:36:32.0044 0x090c [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
23:36:32.0044 0x090c QWAVE - ok
23:36:32.0060 0x090c [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
23:36:32.0060 0x090c QWAVEdrv - ok
23:36:32.0060 0x090c [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
23:36:32.0060 0x090c RasAcd - ok
23:36:32.0122 0x090c [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
23:36:32.0122 0x090c RasAgileVpn - ok
23:36:32.0138 0x090c [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
23:36:32.0138 0x090c RasAuto - ok
23:36:32.0138 0x090c [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
23:36:32.0154 0x090c Rasl2tp - ok
23:36:32.0169 0x090c [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
23:36:32.0169 0x090c RasMan - ok
23:36:32.0200 0x090c [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
23:36:32.0200 0x090c RasPppoe - ok
23:36:32.0247 0x090c [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
23:36:32.0247 0x090c RasSstp - ok
23:36:32.0263 0x090c [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
23:36:32.0263 0x090c rdbss - ok
23:36:32.0278 0x090c [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
23:36:32.0278 0x090c rdpbus - ok
23:36:32.0294 0x090c [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
23:36:32.0294 0x090c RDPCDD - ok
23:36:32.0341 0x090c [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
23:36:32.0341 0x090c RDPENCDD - ok
23:36:32.0372 0x090c [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
23:36:32.0372 0x090c RDPREFMP - ok
23:36:32.0434 0x090c [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
23:36:32.0434 0x090c RdpVideoMiniport - ok
23:36:32.0497 0x090c [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
23:36:32.0497 0x090c RDPWD - ok
23:36:32.0497 0x090c [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
23:36:32.0512 0x090c rdyboost - ok
23:36:32.0559 0x090c [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
23:36:32.0559 0x090c RemoteAccess - ok
23:36:32.0575 0x090c [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
23:36:32.0575 0x090c RemoteRegistry - ok
23:36:32.0590 0x090c [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
23:36:32.0590 0x090c RpcEptMapper - ok
23:36:32.0622 0x090c [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
23:36:32.0637 0x090c RpcLocator - ok
23:36:32.0637 0x090c [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
23:36:32.0637 0x090c RpcSs - ok
23:36:32.0668 0x090c [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
23:36:32.0668 0x090c rspndr - ok
23:36:32.0684 0x090c [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
23:36:32.0684 0x090c SamSs - ok
23:36:32.0700 0x090c [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
23:36:32.0700 0x090c sbp2port - ok
23:36:32.0715 0x090c [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
23:36:32.0715 0x090c SCardSvr - ok
23:36:32.0731 0x090c [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
23:36:32.0731 0x090c scfilter - ok
23:36:32.0762 0x090c [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
23:36:32.0793 0x090c Schedule - ok
23:36:32.0824 0x090c [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
23:36:32.0824 0x090c SCPolicySvc - ok
23:36:32.0840 0x090c [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
23:36:32.0840 0x090c SDRSVC - ok
23:36:32.0871 0x090c [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
23:36:32.0871 0x090c secdrv - ok
23:36:32.0902 0x090c [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
23:36:32.0902 0x090c seclogon - ok
23:36:32.0918 0x090c [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
23:36:32.0918 0x090c SENS - ok
23:36:32.0949 0x090c [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
23:36:32.0965 0x090c SensrSvc - ok
23:36:32.0980 0x090c [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
23:36:32.0980 0x090c Serenum - ok
23:36:32.0980 0x090c [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
23:36:32.0980 0x090c Serial - ok
23:36:32.0996 0x090c [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
23:36:32.0996 0x090c sermouse - ok
23:36:33.0027 0x090c [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
23:36:33.0027 0x090c SessionEnv - ok
23:36:33.0027 0x090c [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
23:36:33.0027 0x090c sffdisk - ok
23:36:33.0043 0x090c [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
23:36:33.0043 0x090c sffp_mmc - ok
23:36:33.0043 0x090c [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
23:36:33.0043 0x090c sffp_sd - ok
23:36:33.0043 0x090c [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
23:36:33.0058 0x090c sfloppy - ok
23:36:33.0074 0x090c [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
23:36:33.0090 0x090c SharedAccess - ok
23:36:33.0105 0x090c [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:36:33.0121 0x090c ShellHWDetection - ok
23:36:33.0152 0x090c [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
23:36:33.0152 0x090c SiSRaid2 - ok
23:36:33.0152 0x090c [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
23:36:33.0152 0x090c SiSRaid4 - ok
23:36:33.0168 0x090c [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
23:36:33.0168 0x090c Smb - ok
23:36:33.0199 0x090c [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
23:36:33.0199 0x090c SNMPTRAP - ok
23:36:33.0214 0x090c [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
23:36:33.0214 0x090c spldr - ok
23:36:33.0246 0x090c [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
23:36:33.0261 0x090c Spooler - ok
23:36:33.0433 0x090c [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
23:36:33.0495 0x090c sppsvc - ok
23:36:33.0526 0x090c [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
23:36:33.0526 0x090c sppuinotify - ok
23:36:33.0589 0x090c [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
23:36:33.0604 0x090c srv - ok
23:36:33.0667 0x090c [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
23:36:33.0682 0x090c srv2 - ok
23:36:33.0714 0x090c [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
23:36:33.0714 0x090c srvnet - ok
23:36:33.0745 0x090c [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
23:36:33.0776 0x090c SSDPSRV - ok
23:36:33.0792 0x090c [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
23:36:33.0792 0x090c SstpSvc - ok
23:36:33.0823 0x090c [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
23:36:33.0823 0x090c stexstor - ok
23:36:33.0885 0x090c [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
23:36:33.0885 0x090c stisvc - ok
23:36:33.0901 0x090c [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
23:36:33.0901 0x090c swenum - ok
23:36:33.0916 0x090c [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
23:36:33.0932 0x090c swprv - ok
23:36:34.0010 0x090c [ D8EDB37F6E235A47E12F1EAFD85C2B6F ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
23:36:34.0010 0x090c SynTP - ok
23:36:34.0088 0x090c [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
23:36:34.0135 0x090c SysMain - ok
23:36:34.0150 0x090c [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:36:34.0150 0x090c TabletInputService - ok
23:36:34.0182 0x090c [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
23:36:34.0182 0x090c TapiSrv - ok
23:36:34.0197 0x090c [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
23:36:34.0197 0x090c TBS - ok
23:36:34.0275 0x090c [ DB74544B75566C974815E79A62433F29 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
23:36:34.0322 0x090c Tcpip - ok
23:36:34.0400 0x090c [ DB74544B75566C974815E79A62433F29 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
23:36:34.0416 0x090c TCPIP6 - ok
23:36:34.0447 0x090c [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
23:36:34.0447 0x090c tcpipreg - ok
23:36:34.0494 0x090c [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
23:36:34.0494 0x090c TDPIPE - ok
23:36:34.0525 0x090c [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
23:36:34.0525 0x090c TDTCP - ok
23:36:34.0540 0x090c [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
23:36:34.0540 0x090c tdx - ok
23:36:34.0540 0x090c [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
23:36:34.0540 0x090c TermDD - ok
23:36:34.0587 0x090c [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
23:36:34.0587 0x090c TermService - ok
23:36:34.0618 0x090c [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
23:36:34.0618 0x090c Themes - ok
23:36:34.0650 0x090c [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
23:36:34.0650 0x090c THREADORDER - ok
23:36:34.0665 0x090c [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
23:36:34.0665 0x090c TrkWks - ok
23:36:34.0728 0x090c [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:36:34.0728 0x090c TrustedInstaller - ok
23:36:34.0759 0x090c [ 4CE278FC9671BA81A138D70823FCAA09 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
23:36:34.0759 0x090c tssecsrv - ok
23:36:34.0821 0x090c [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
23:36:34.0837 0x090c TsUsbFlt - ok
23:36:34.0852 0x090c [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
23:36:34.0852 0x090c TsUsbGD - ok
23:36:34.0915 0x090c [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
23:36:34.0915 0x090c tunnel - ok
23:36:34.0962 0x090c [ 9A744CC3D804EC38A6C2C65BC3C6FCD8 ] TVALZ C:\Windows\system32\DRIVERS\TVALZ_O.SYS
23:36:34.0962 0x090c TVALZ - ok
23:36:34.0993 0x090c [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
23:36:34.0993 0x090c uagp35 - ok
23:36:35.0024 0x090c [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
23:36:35.0024 0x090c udfs - ok
23:36:35.0055 0x090c [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
23:36:35.0055 0x090c UI0Detect - ok
23:36:35.0071 0x090c [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
23:36:35.0071 0x090c uliagpkx - ok
23:36:35.0086 0x090c [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
23:36:35.0086 0x090c umbus - ok
23:36:35.0102 0x090c [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
23:36:35.0102 0x090c UmPass - ok
23:36:35.0133 0x090c [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
23:36:35.0133 0x090c upnphost - ok
23:36:35.0164 0x090c [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
23:36:35.0180 0x090c usbccgp - ok
23:36:35.0227 0x090c [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
23:36:35.0227 0x090c usbcir - ok
23:36:35.0242 0x090c [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
23:36:35.0242 0x090c usbehci - ok
23:36:35.0258 0x090c [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
23:36:35.0258 0x090c usbhub - ok
23:36:35.0274 0x090c [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
23:36:35.0274 0x090c usbohci - ok
23:36:35.0289 0x090c [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
23:36:35.0305 0x090c usbprint - ok
23:36:35.0320 0x090c [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:36:35.0320 0x090c USBSTOR - ok
23:36:35.0336 0x090c [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
23:36:35.0352 0x090c usbuhci - ok
23:36:35.0414 0x090c [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
23:36:35.0414 0x090c usbvideo - ok
23:36:35.0445 0x090c [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
23:36:35.0445 0x090c UxSms - ok
23:36:35.0461 0x090c [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
23:36:35.0461 0x090c VaultSvc - ok
23:36:35.0508 0x090c [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
23:36:35.0508 0x090c vdrvroot - ok
23:36:35.0586 0x090c [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
23:36:35.0601 0x090c vds - ok
23:36:35.0617 0x090c [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
23:36:35.0617 0x090c vga - ok
23:36:35.0617 0x090c [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
23:36:35.0632 0x090c VgaSave - ok
23:36:35.0664 0x090c [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
23:36:35.0664 0x090c vhdmp - ok
23:36:35.0679 0x090c [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
23:36:35.0679 0x090c viaide - ok
23:36:35.0695 0x090c [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
23:36:35.0695 0x090c volmgr - ok
23:36:35.0710 0x090c [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
23:36:35.0710 0x090c volmgrx - ok
23:36:35.0726 0x090c [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
23:36:35.0726 0x090c volsnap - ok
23:36:35.0773 0x090c [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
23:36:35.0773 0x090c vsmraid - ok
23:36:35.0866 0x090c [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
23:36:35.0913 0x090c VSS - ok
23:36:35.0929 0x090c [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
23:36:35.0929 0x090c vwifibus - ok
23:36:35.0929 0x090c [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
23:36:35.0929 0x090c vwififlt - ok
23:36:35.0944 0x090c [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
23:36:35.0944 0x090c W32Time - ok
23:36:35.0960 0x090c [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
23:36:35.0960 0x090c WacomPen - ok
23:36:35.0991 0x090c [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
23:36:35.0991 0x090c WANARP - ok
23:36:36.0007 0x090c [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
23:36:36.0007 0x090c Wanarpv6 - ok
23:36:36.0100 0x090c [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
23:36:36.0132 0x090c WatAdminSvc - ok
23:36:36.0210 0x090c [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
23:36:36.0241 0x090c wbengine - ok
23:36:36.0241 0x090c [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
23:36:36.0256 0x090c WbioSrvc - ok
23:36:36.0272 0x090c [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
23:36:36.0272 0x090c wcncsvc - ok
23:36:36.0288 0x090c [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:36:36.0288 0x090c WcsPlugInService - ok
23:36:36.0303 0x090c [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
23:36:36.0303 0x090c Wd - ok
23:36:36.0350 0x090c [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
23:36:36.0350 0x090c Wdf01000 - ok
23:36:36.0366 0x090c [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
23:36:36.0366 0x090c WdiServiceHost - ok
23:36:36.0381 0x090c [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
23:36:36.0381 0x090c WdiSystemHost - ok
23:36:36.0397 0x090c [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
23:36:36.0397 0x090c WebClient - ok
23:36:36.0428 0x090c [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
23:36:36.0428 0x090c Wecsvc - ok
23:36:36.0459 0x090c [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
23:36:36.0459 0x090c wercplsupport - ok
23:36:36.0506 0x090c [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
23:36:36.0506 0x090c WerSvc - ok
23:36:36.0522 0x090c [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
23:36:36.0522 0x090c WfpLwf - ok
23:36:36.0553 0x090c [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
23:36:36.0553 0x090c WIMMount - ok
23:36:36.0615 0x090c WinDefend - ok
23:36:36.0646 0x090c WinHttpAutoProxySvc - ok
23:36:36.0740 0x090c [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
23:36:36.0756 0x090c Winmgmt - ok
23:36:36.0818 0x090c [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
23:36:36.0865 0x090c WinRM - ok
23:36:36.0974 0x090c [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
23:36:36.0990 0x090c Wlansvc - ok
23:36:36.0990 0x090c [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
23:36:36.0990 0x090c WmiAcpi - ok
23:36:37.0021 0x090c [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
23:36:37.0021 0x090c wmiApSrv - ok
23:36:37.0052 0x090c WMPNetworkSvc - ok
23:36:37.0068 0x090c [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
23:36:37.0068 0x090c WPCSvc - ok
23:36:37.0083 0x090c [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
23:36:37.0099 0x090c WPDBusEnum - ok
23:36:37.0114 0x090c [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
23:36:37.0114 0x090c ws2ifsl - ok
23:36:37.0130 0x090c [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
23:36:37.0130 0x090c wscsvc - ok
23:36:37.0130 0x090c WSearch - ok
23:36:37.0208 0x090c [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
23:36:37.0270 0x090c wuauserv - ok
23:36:37.0302 0x090c [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
23:36:37.0302 0x090c WudfPf - ok
23:36:37.0348 0x090c [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
23:36:37.0348 0x090c WUDFRd - ok
23:36:37.0380 0x090c [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
23:36:37.0380 0x090c wudfsvc - ok
23:36:37.0442 0x090c [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll
23:36:37.0442 0x090c WwanSvc - ok
23:36:37.0489 0x090c ================ Scan global ===============================
23:36:37.0520 0x090c [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
23:36:37.0551 0x090c [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
23:36:37.0567 0x090c [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
23:36:37.0598 0x090c [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
23:36:37.0629 0x090c [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
23:36:37.0629 0x090c [Global] - ok
23:36:37.0629 0x090c ================ Scan MBR ==================================
23:36:37.0660 0x090c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
23:36:38.0035 0x090c \Device\Harddisk0\DR0 - ok
23:36:38.0050 0x090c [ 739B36F7A373FC81121D831231B6D311 ] \Device\Harddisk2\DR2
23:36:42.0949 0x090c \Device\Harddisk2\DR2 - ok
23:36:42.0949 0x090c ================ Scan VBR ==================================
23:36:42.0980 0x090c [ 79A57AA6DE232EFB969A162DA99A67FD ] \Device\Harddisk0\DR0\Partition1
23:36:42.0980 0x090c \Device\Harddisk0\DR0\Partition1 - ok
23:36:42.0996 0x090c [ CC4615BD6D47D4D6DB3ECC4136725AD6 ] \Device\Harddisk0\DR0\Partition2
23:36:42.0996 0x090c \Device\Harddisk0\DR0\Partition2 - ok
23:36:42.0996 0x090c [ 3F13C69CEE2B7DE2C146E3CCDE381AFA ] \Device\Harddisk2\DR2\Partition1
23:36:42.0996 0x090c \Device\Harddisk2\DR2\Partition1 - ok
23:36:42.0996 0x090c ============================================================
23:36:42.0996 0x090c Scan finished
23:36:42.0996 0x090c ============================================================
23:36:43.0011 0x0544 Detected object count: 0
23:36:43.0011 0x0544 Actual detected object count: 0
23:36:49.0220 0x0304 Deinitialize success
 
# AdwCleaner v3.003 - Report created 13/09/2013 at 07:52:23
# Updated 07/09/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Geek - GEEK-PC
# Running from : C:\Users\Geek\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\AskPartnerNetwork
Folder Deleted : C:\Program Files (x86)\AskPartnerNetwork
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search

***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16686


-\\ Google Chrome v29.0.1547.66

[ File : C:\Users\Geek\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [961 octets] - [13/09/2013 07:43:42]
AdwCleaner[S0].txt - [899 octets] - [13/09/2013 07:52:23]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [958 octets] ##########



I am thinking the HDD may be bad, not quite sure yet, i did run Western Digitals Drive program and it found quite a few bad sectors. For now i am booted into windows and it is running okay. Thanks again for the help.
 
If it found bad sectors I would start replacing it. Back up your data before drive isn't useable anymore.
 
Yeah i have contacted the client and let her now that the drive needs to be replaced. I will let you all know how it runs with a new drive in it. Thanks again guys.
 
You must log in or register to reply here.
Back
Top