Ir para conteúdo

Foto

Navegador abre janela sozinho


Este tópico foi arquivado. Isto significa que você não pode mais responder ao tópico.
35 respostas neste tópico

#1
Pardones

Pardones

    Novato

  • Membro
  • Pip
  • 18 posts
Olá, o Chrome abre algumas páginas de propaganda sozinho no windows 8. Abaixo segue o log do Hijack. Apareceram duas mensagens de erro que eu também envio anexo.

Obrigado pela ajuda!


Logfile of HijackThis v1.99.1
Scan saved at 22:01:41, on 17/02/2013
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.16453)

Running processes:
C:\Users\Pardones\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Users\Pardones\Desktop\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://samsung13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft..../?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft..../?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.2.1.22\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.2.1.22\IPS\IPSBHO.DLL
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Smiley Bar for Facebook - {944FEDFD-C4FD-441D-8275-9C651A9FFBDE} - C:\Program Files (x86)\Smiley Bar for Facebook\ScriptHost.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.2.1.22\coIEPlg.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
O4 - HKLM\..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount
O4 - Startup: Dropbox.lnk = Pardones\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Send to Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Send to Bluetooth - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (HKCU)
O9 - Extra 'Tools' menuitem: Send to Bluetooth - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\bonjour\mdnsnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O11 - Options group: [INTERNATIONAL] International
O13 - Gopher Prefix:
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - (no file)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Alcohol Virtual Drive Auto-mount Service (AxAutoMntSrv) - Alcohol Soft Development Team - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Security Service (BTHSSecurityMgr) - Intel® Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Easy Launcher - Samsung Electronics CO., LTD. - C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: ExpressCache - Condusiv Technologies - C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc (file missing)
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc (file missing)
O23 - Service: Updater Service (IBUpdaterService) - Unknown owner - C:\ProgramData\IBUpdaterService\ibsvc.exe" /SERVICE (file missing)
O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel® ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: Norton Management (MCLIENT) - Unknown owner - C:\Program Files (x86)\Norton Management\Engine\3.2.0.19\ccSvcHst.exe" /s "MCLIENT" /m "C:\Program Files (x86)\Norton Management\Engine\3.2.0.19\diMaster.dll" /prefetch:1 (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Unknown owner - C:\Program Files (x86)\Norton Internet Security\Engine\20.2.1.22\ccSvcHst.exe" /s "NIS" /m "C:\Program Files (x86)\Norton Internet Security\Engine\20.2.1.22\diMaster.dll" /prefetch:1 (file missing)
O23 - Service: Norton Online Backup (NOBU) - Unknown owner - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe" SERVICE (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SW Update Service (SWUpdateService) - Samsung Electronics CO., LTD. - C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - %ProgramFiles%\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %PROGRAMFILES%\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel® PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

Arquivo(s) anexado(s)



#2
CarlosTurco

CarlosTurco

    Assistente

  • Assistente
  • 25.262 posts
Olá, Pardones.

Seja bem-vindo ao Fórum do Linha Defensiva, :legal:

Apareceram duas mensagens de erro que eu também envio anexo.

Para o HijackThis não dar esse erro, clique com o direito sobre o hijackthis.exe e selecione Imagem Postada



Siga os procedimentos abaixo.

1)

Baixe o AdwCleaner e salve no desktop.
http://www.bleepingc...cleaner/dl/125/

Execute o arquivo adwcleaner.exe

*** Usuários do Windows Vista ou Windows 7 clique com o direito sobre o arquivo adwcleaner.exe, depois clique em Imagem Postada.

Clique em Remover.

Abrirá um bloco de notas com o resultado. Selecione, copie e cole o seu conteúdo na próxima resposta.

2)

Baixe o Malwarebytes' Anti-Malware (MBAM)
http://download.cnet...4-10804572.html

Dê um duplo-clique no mbam-setup.exe, escolha a linguagem e na instalação, aceite todas as opções padrão.
  • Verifique se as caixas Atualizar Malwarebytes Anti-Malware e Executar Malwarebytes Anti-Malware estão marcadas e clique então, em Concluir.
  • Se houver atualizações a serem feitas, serão baixadas e instaladas.
  • Ao final da atualização, com o programa aberto, marque Verificação Completa e clique no botão Verificar.
  • Começará então o exame. Aguarde, pois pode demorar.
  • Ao acabar o exame, clique em OK, depois no botão Mostrar Resultados para ver o relatório.
  • Se houver ítens encontrados, certifique-se de que, estão todos marcados e clique no botão Remover.
  • Ao final da desinfecção, abrirá o Bloco de notas com um log e poderá aparecer um aviso se quer reiniciar o PC. (Ver Nota abaixo)
  • O log é automaticamente salvo pelo MBAM e para vê-lo, clique na aba Logs na janela principal do programa.
  • Selecione, copie e cole todo o conteúdo deste log na sua próxima resposta.
NOTA: Se o MBAM encontrar arquivos que não consiga remover, poderá ter de reiniciar o PC (talvez mais de uma vez). Faça isso imediatamente, ao ser perguntado se quer reiniciar o PC.

Em caso de dúvidas, leia o tutorial do programa:
http://linhadefensiv...showtopic=75554

3)

Baixe o MbrScan.exe e salve no desktop.
http://eric71.geekst...ols/MbrScan.exe

Execute o arquivo MbrScan.exe.

Clique no botão Scan. Ao final do exame clique no botão Report. Abrirá um bloco de notas com o resultado do exame. É salvo no desktop com o nome de MbrScan.log.

*** Usuários do Windows Vista ou Windows 7 clique com o direito sobre o arquivo MbrScan.exe, depois clique em Imagem Postada

Selecione, copie e cole o seu conteúdo na próxima resposta.

#3
Pardones

Pardones

    Novato

  • Membro
  • Pip
  • 18 posts
logs abaixo:


# AdwCleaner v2.112 - Logfile created 02/18/2013 at 22:04:26
# Updated 10/02/2013 by Xplode
# Operating system : Windows 8 (64 bits)
# User : Casa - PARDAL
# Boot Mode : Normal
# Running from : C:\Users\Pardones\Desktop\AdwCleaner.exe
# Option [Delete]


***** [Services] *****

Stopped & Deleted : IBUpdaterService

***** [Files / Folders] *****

Deleted on reboot : C:\ProgramData\boost_interprocess
Folder Deleted : C:\Program Files (x86)\file scout
Folder Deleted : C:\ProgramData\IBUpdaterService
Folder Deleted : C:\Users\Pardones\AppData\Roaming\PerformerSoft

***** [Registry] *****

Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{562B9316-C08A-444A-9482-62080DD851AE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Updater Service

***** [Internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16453

[OK] Registry is clean.

-\\ Google Chrome v24.0.1312.57

File : C:\Users\Pardones\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

File : C:\Users\Pardones\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

File : C:\Users\Pardones\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

File : C:\Users\Pardones\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

File : C:\Users\Pardones\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [1553 octets] - [18/02/2013 22:04:26]

########## EOF - C:\AdwCleaner[S1].txt - [1613 octets] ##########




Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Versão da Base de Dados: v2013.02.19.01

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16466
Casa :: PARDAL [limitado]

18/02/2013 22:15:28
mbam-log-2013-02-18 (22-15-28).txt

Tipo de Verificação: Verificação Completa (C:\|)
Opções de verificações ativadas: Memória | Inicialização | Registro | Sistema de arquivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
Opções de verificação desativadas: P2P
Objetos escaneados: 531344
Tempo decorrido: 1 hora(s), 42 minuto(s), 27 segundo(s)

Processos de Memória Detectados: 0
(Não foram detectados ítens maliciosos)

Módulos de Memória Detectados: 0
(Não foram detectados ítens maliciosos)

Chaves de Registro Detectadas: 0
(Não foram detectados ítens maliciosos)

Valores de Registro Detectadas: 0
(Não foram detectados ítens maliciosos)

Itens de Dados no Registro Detectadas: 0
(Não foram detectados ítens maliciosos)

Pastas Detectadas: 0
(Não foram detectados ítens maliciosos)

Arquivos Detectados: 0
(Não foram detectados ítens maliciosos)

(fim)




MBRScan v1.1.1

OS             : Windows 8  (64 bit)
PROCESSOR      : Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
BOOT           : Normal Boot
DATE           : 2013/02/19 (ISO 8601) at 00:10:25
________________________________________________________________________________

DISK           : Device\Harddisk1\DR1 __SanDisk SSD i100 8GB (11.56.04)
BUS_TYPE       : (0x0B)  S-ATA
USE_PIO        : YES
MAX_TRANSFER   : 128 Kb
ALIGNMENT_MASK : dword aligned
________________________________________________________________________________

Device\Harddisk0\DR0 931.5 Go  [Fixed] ==> Unknown MBR Code... ==> PARTITION TABLE FAKED !!

MBR_MD5   : 0011FCE8913B2A47D0BE9ABE0922779C
MBR_SHA1  : 6EC8A7E429444E49EE68ADF8125AB059053B8B6D

Device\Harddisk0\Partition1 2.00 To   0xEE EFI GPT[1] 
________________________________________________________________________________

Device\Harddisk1\DR1 7.46 Go  [Fixed] ==> Unknown MBR Code...

MBR_MD5   : 5CF148D00334652BC05846C86A62D317
MBR_SHA1  : 360D971478E10B4C3C1CE64479C8E3EDC49D9958

Device\Harddisk1\Partition1 7.46 Go   0x73 0x73 
________________________________________________________________________________

############################### Additional scan ################################

DRIVER  : C:\windows\system32\ntoskrnl.exe => Invisible on the disk
ADDRESS : 0x76E7B000
SIZE    : 7.29 Mo

DRIVER  : C:\windows\system32\hal.dll => Invisible on the disk
ADDRESS : 0x76E0F000
SIZE    : 432.0 Ko

DRIVER  : C:\windows\system32\kd.dll => Invisible on the disk
ADDRESS : 0x76079000
SIZE    : 36.0 Ko

DRIVER  : C:\windows\system32\mcupdate_GenuineIntel.dll => Invisible on the disk
ADDRESS : 0x00CF1000
SIZE    : 380.0 Ko

DRIVER  : C:\windows\System32\drivers\CLFS.SYS => Invisible on the disk
ADDRESS : 0x00D50000
SIZE    : 368.0 Ko

DRIVER  : C:\windows\System32\drivers\tm.sys => Invisible on the disk
ADDRESS : 0x00DAC000
SIZE    : 140.0 Ko

DRIVER  : C:\windows\system32\CI.dll => Invisible on the disk
ADDRESS : 0x00C00000
SIZE    : 508.0 Ko

DRIVER  : C:\windows\System32\drivers\msrpc.sys => Invisible on the disk
ADDRESS : 0x00C7F000
SIZE    : 396.0 Ko

DRIVER  : C:\windows\system32\drivers\Wdf01000.sys => Invisible on the disk
ADDRESS : 0x01049000
SIZE    : 776.0 Ko

DRIVER  : C:\windows\system32\drivers\WDFLDR.SYS => Invisible on the disk
ADDRESS : 0x0110B000
SIZE    : 64.0 Ko

DRIVER  : C:\windows\System32\Drivers\acpiex.sys => Invisible on the disk
ADDRESS : 0x0111B000
SIZE    : 92.0 Ko

DRIVER  : C:\windows\System32\Drivers\WppRecorder.sys => Invisible on the disk
ADDRESS : 0x01132000
SIZE    : 44.0 Ko

DRIVER  : C:\windows\System32\drivers\ACPI.sys => Invisible on the disk
ADDRESS : 0x0113D000
SIZE    : 436.0 Ko

DRIVER  : C:\windows\System32\drivers\WMILIB.SYS => Invisible on the disk
ADDRESS : 0x011AA000
SIZE    : 40.0 Ko

DRIVER  : C:\windows\System32\Drivers\cng.sys => Invisible on the disk
ADDRESS : 0x00EA3000
SIZE    : 560.0 Ko

DRIVER  : C:\windows\System32\Drivers\sptd.sys => Invisible on the disk
ADDRESS : 0x014CA000
SIZE    : 1.45 Mo

DRIVER  : C:\windows\System32\drivers\msisadrv.sys => Invisible on the disk
ADDRESS : 0x0163E000
SIZE    : 40.0 Ko

DRIVER  : C:\windows\System32\drivers\vdrvroot.sys => Invisible on the disk
ADDRESS : 0x01648000
SIZE    : 52.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\excsd.sys => Invisible on the disk
ADDRESS : 0x01655000
SIZE    : 764.0 Ko

DRIVER  : C:\windows\System32\drivers\pci.sys => Invisible on the disk
ADDRESS : 0x01714000
SIZE    : 244.0 Ko

DRIVER  : C:\windows\system32\drivers\pdc.sys => Invisible on the disk
ADDRESS : 0x01751000
SIZE    : 92.0 Ko

DRIVER  : C:\windows\System32\drivers\partmgr.sys => Invisible on the disk
ADDRESS : 0x01768000
SIZE    : 104.0 Ko

DRIVER  : C:\windows\System32\drivers\spaceport.sys => Invisible on the disk
ADDRESS : 0x01782000
SIZE    : 292.0 Ko

DRIVER  : C:\windows\System32\drivers\volmgr.sys => Invisible on the disk
ADDRESS : 0x017CB000
SIZE    : 96.0 Ko

DRIVER  : C:\windows\System32\drivers\volmgrx.sys => Invisible on the disk
ADDRESS : 0x01400000
SIZE    : 384.0 Ko

DRIVER  : C:\windows\System32\drivers\mountmgr.sys => Invisible on the disk
ADDRESS : 0x01460000
SIZE    : 104.0 Ko

DRIVER  : C:\windows\System32\drivers\iaStorA.sys => Invisible on the disk
ADDRESS : 0x0181F000
SIZE    : 2.79 Mo

DRIVER  : C:\windows\System32\drivers\storport.sys => Invisible on the disk
ADDRESS : 0x01AE9000
SIZE    : 340.0 Ko

DRIVER  : C:\windows\System32\drivers\EhStorClass.sys => Invisible on the disk
ADDRESS : 0x01B3E000
SIZE    : 104.0 Ko

DRIVER  : C:\windows\system32\drivers\fltmgr.sys => Invisible on the disk
ADDRESS : 0x01B58000
SIZE    : 384.0 Ko

DRIVER  : C:\windows\system32\drivers\NISx64\1402010.016\SYMDS64.SYS => Invisible on the disk
ADDRESS : 0x00F38000
SIZE    : 504.0 Ko

DRIVER  : C:\windows\System32\drivers\fileinfo.sys => Invisible on the disk
ADDRESS : 0x01BB8000
SIZE    : 80.0 Ko

DRIVER  : C:\windows\system32\drivers\NISx64\1402010.016\SYMEFA64.SYS => Invisible on the disk
ADDRESS : 0x00A5E000
SIZE    : 1.10 Mo

DRIVER  : C:\windows\System32\Drivers\Ntfs.sys => Invisible on the disk
ADDRESS : 0x01CAA000
SIZE    : 1.89 Mo

DRIVER  : C:\windows\System32\Drivers\ksecdd.sys => Invisible on the disk
ADDRESS : 0x01E8D000
SIZE    : 108.0 Ko

DRIVER  : C:\windows\System32\drivers\pcw.sys => Invisible on the disk
ADDRESS : 0x01EA8000
SIZE    : 68.0 Ko

DRIVER  : C:\windows\System32\Drivers\Fs_Rec.sys => Invisible on the disk
ADDRESS : 0x01EB9000
SIZE    : 40.0 Ko

DRIVER  : C:\windows\system32\drivers\ndis.sys => Invisible on the disk
ADDRESS : 0x01EC3000
SIZE    : 1004.0 Ko

DRIVER  : C:\windows\system32\drivers\NETIO.SYS => Invisible on the disk
ADDRESS : 0x01C00000
SIZE    : 444.0 Ko

DRIVER  : C:\windows\System32\Drivers\ksecpkg.sys => Invisible on the disk
ADDRESS : 0x01C6F000
SIZE    : 188.0 Ko

DRIVER  : C:\windows\System32\drivers\tcpip.sys => Invisible on the disk
ADDRESS : 0x022C7000
SIZE    : 2.21 Mo

DRIVER  : C:\windows\System32\drivers\fwpkclnt.sys => Invisible on the disk
ADDRESS : 0x024FD000
SIZE    : 416.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\wfplwfs.sys => Invisible on the disk
ADDRESS : 0x02565000
SIZE    : 108.0 Ko

DRIVER  : C:\windows\System32\DRIVERS\fvevol.sys => Invisible on the disk
ADDRESS : 0x02580000
SIZE    : 472.0 Ko

DRIVER  : C:\windows\System32\drivers\volsnap.sys => Invisible on the disk
ADDRESS : 0x02200000
SIZE    : 340.0 Ko

DRIVER  : C:\windows\System32\drivers\rdyboost.sys => Invisible on the disk
ADDRESS : 0x02255000
SIZE    : 236.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\nvpciflt.sys => Invisible on the disk
ADDRESS : 0x02290000
SIZE    : 40.0 Ko

DRIVER  : C:\windows\System32\Drivers\mup.sys => Invisible on the disk
ADDRESS : 0x0229A000
SIZE    : 92.0 Ko

DRIVER  : C:\windows\System32\drivers\disk.sys => Invisible on the disk
ADDRESS : 0x01FBE000
SIZE    : 112.0 Ko

DRIVER  : C:\windows\System32\drivers\CLASSPNP.SYS => Invisible on the disk
ADDRESS : 0x00B77000
SIZE    : 344.0 Ko

DRIVER  : C:\windows\System32\Drivers\crashdmp.sys => Invisible on the disk
ADDRESS : 0x022B1000
SIZE    : 80.0 Ko

DRIVER  : C:\windows\System32\drivers\cdrom.sys => Invisible on the disk
ADDRESS : 0x0474A000
SIZE    : 196.0 Ko

DRIVER  : C:\windows\system32\drivers\MCLIENTx64\0302000.013\ccSetx64.sys => Invisible on the disk
ADDRESS : 0x0477B000
SIZE    : 184.0 Ko

DRIVER  : C:\windows\system32\drivers\NARAx64\0401000.00B\ccSetx64.sys => Invisible on the disk
ADDRESS : 0x047A9000
SIZE    : 184.0 Ko

DRIVER  : C:\windows\system32\drivers\NISx64\1402010.016\ccSetx64.sys => Invisible on the disk
ADDRESS : 0x04400000
SIZE    : 184.0 Ko

DRIVER  : C:\windows\system32\drivers\NISx64\1402010.016\Ironx64.SYS => Invisible on the disk
ADDRESS : 0x0442E000
SIZE    : 228.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\excfs.sys => Invisible on the disk
ADDRESS : 0x047D7000
SIZE    : 36.0 Ko

DRIVER  : C:\windows\System32\Drivers\Null.SYS => Invisible on the disk
ADDRESS : 0x047E0000
SIZE    : 36.0 Ko

DRIVER  : C:\windows\System32\Drivers\Beep.SYS => Invisible on the disk
ADDRESS : 0x047E9000
SIZE    : 32.0 Ko

DRIVER  : C:\windows\System32\drivers\BasicRender.sys => Invisible on the disk
ADDRESS : 0x047F1000
SIZE    : 52.0 Ko

DRIVER  : C:\windows\System32\drivers\dxgkrnl.sys => Invisible on the disk
ADDRESS : 0x048C6000
SIZE    : 1.40 Mo

DRIVER  : C:\windows\System32\drivers\watchdog.sys => Invisible on the disk
ADDRESS : 0x04A2D000
SIZE    : 68.0 Ko

DRIVER  : C:\windows\System32\drivers\dxgmms1.sys => Invisible on the disk
ADDRESS : 0x04A3E000
SIZE    : 312.0 Ko

DRIVER  : C:\windows\System32\drivers\BasicDisplay.sys => Invisible on the disk
ADDRESS : 0x04A8C000
SIZE    : 68.0 Ko

DRIVER  : C:\windows\System32\Drivers\Npfs.SYS => Invisible on the disk
ADDRESS : 0x04A9D000
SIZE    : 72.0 Ko

DRIVER  : C:\windows\System32\Drivers\Msfs.SYS => Invisible on the disk
ADDRESS : 0x04AAF000
SIZE    : 48.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\tdx.sys => Invisible on the disk
ADDRESS : 0x04ABB000
SIZE    : 136.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\TDI.SYS => Invisible on the disk
ADDRESS : 0x04ADD000
SIZE    : 56.0 Ko

DRIVER  : C:\windows\System32\DRIVERS\netbt.sys => Invisible on the disk
ADDRESS : 0x04AEB000
SIZE    : 352.0 Ko

DRIVER  : C:\windows\system32\drivers\afd.sys => Invisible on the disk
ADDRESS : 0x04B43000
SIZE    : 584.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\pacer.sys => Invisible on the disk
ADDRESS : 0x04BD5000
SIZE    : 168.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\vwififlt.sys => Invisible on the disk
ADDRESS : 0x04800000
SIZE    : 88.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\netbios.sys => Invisible on the disk
ADDRESS : 0x04816000
SIZE    : 64.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\rdbss.sys => Invisible on the disk
ADDRESS : 0x04826000
SIZE    : 456.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\wanarp.sys => Invisible on the disk
ADDRESS : 0x04898000
SIZE    : 104.0 Ko

DRIVER  : C:\windows\System32\Drivers\NISx64\1402010.016\SYMNETS.SYS => Invisible on the disk
ADDRESS : 0x00E00000
SIZE    : 456.0 Ko

DRIVER  : C:\windows\system32\Drivers\SYMEVENT64x86.SYS => Invisible on the disk
ADDRESS : 0x00A00000
SIZE    : 224.0 Ko

DRIVER  : C:\windows\system32\drivers\NISx64\1402010.016\SRTSPX64.SYS => Invisible on the disk
ADDRESS : 0x01FE7000
SIZE    : 84.0 Ko

DRIVER  : C:\windows\system32\drivers\nsiproxy.sys => Invisible on the disk
ADDRESS : 0x048B2000
SIZE    : 56.0 Ko

DRIVER  : C:\windows\System32\drivers\npsvctrig.sys => Invisible on the disk
ADDRESS : 0x01C9E000
SIZE    : 48.0 Ko

DRIVER  : C:\windows\System32\drivers\mssmbios.sys => Invisible on the disk
ADDRESS : 0x00A38000
SIZE    : 48.0 Ko

DRIVER  : C:\windows\System32\drivers\discache.sys => Invisible on the disk
ADDRESS : 0x04F36000
SIZE    : 68.0 Ko

DRIVER  : C:\windows\System32\Drivers\dfsc.sys => Invisible on the disk
ADDRESS : 0x04F47000
SIZE    : 132.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\ndistapi.sys => Invisible on the disk
ADDRESS : 0x0524C000
SIZE    : 48.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\ndiswan.sys => Invisible on the disk
ADDRESS : 0x05258000
SIZE    : 188.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\rassstp.sys => Invisible on the disk
ADDRESS : 0x05287000
SIZE    : 120.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\AgileVpn.sys => Invisible on the disk
ADDRESS : 0x052A5000
SIZE    : 96.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\tunnel.sys => Invisible on the disk
ADDRESS : 0x052BD000
SIZE    : 176.0 Ko

DRIVER  : C:\windows\System32\drivers\CompositeBus.sys => Invisible on the disk
ADDRESS : 0x052E9000
SIZE    : 60.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\kdnic.sys => Invisible on the disk
ADDRESS : 0x052F8000
SIZE    : 44.0 Ko

DRIVER  : C:\windows\System32\drivers\umbus.sys => Invisible on the disk
ADDRESS : 0x05303000
SIZE    : 72.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\nvlddmkm.sys => Invisible on the disk
ADDRESS : 0x054FF000
SIZE    : 11.13 Mo

DRIVER  : C:\windows\system32\DRIVERS\igdkmd64.sys => Invisible on the disk
ADDRESS : 0x0664B000
SIZE    : 8.57 Mo

DRIVER  : C:\windows\System32\Drivers\fastfat.SYS => Invisible on the disk
ADDRESS : 0x06EDC000
SIZE    : 220.0 Ko

DRIVER  : C:\windows\System32\drivers\USBXHCI.SYS => Invisible on the disk
ADDRESS : 0x06F13000
SIZE    : 348.0 Ko

DRIVER  : C:\windows\System32\drivers\ucx01000.sys => Invisible on the disk
ADDRESS : 0x06F6A000
SIZE    : 224.0 Ko

DRIVER  : C:\windows\System32\drivers\HECIx64.sys => Invisible on the disk
ADDRESS : 0x06FA2000
SIZE    : 76.0 Ko

DRIVER  : C:\windows\System32\drivers\usbehci.sys => Invisible on the disk
ADDRESS : 0x06FB5000
SIZE    : 88.0 Ko

DRIVER  : C:\windows\System32\drivers\USBPORT.SYS => Invisible on the disk
ADDRESS : 0x06020000
SIZE    : 492.0 Ko

DRIVER  : C:\windows\System32\drivers\HDAudBus.sys => Invisible on the disk
ADDRESS : 0x06FCB000
SIZE    : 88.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\NETwew00.sys => Invisible on the disk
ADDRESS : 0x0703C000
SIZE    : 4.43 Mo

DRIVER  : C:\windows\System32\drivers\vwifibus.sys => Invisible on the disk
ADDRESS : 0x074AB000
SIZE    : 52.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\Rt630x64.sys => Invisible on the disk
ADDRESS : 0x074B8000
SIZE    : 676.0 Ko

DRIVER  : C:\windows\System32\drivers\CmBatt.sys => Invisible on the disk
ADDRESS : 0x07561000
SIZE    : 28.0 Ko

DRIVER  : C:\windows\System32\drivers\BATTC.SYS => Invisible on the disk
ADDRESS : 0x07568000
SIZE    : 48.0 Ko

DRIVER  : C:\windows\System32\drivers\i8042prt.sys => Invisible on the disk
ADDRESS : 0x075B4000
SIZE    : 128.0 Ko

DRIVER  : C:\windows\System32\drivers\kbdclass.sys => Invisible on the disk
ADDRESS : 0x075D4000
SIZE    : 60.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\ETD.sys => Invisible on the disk
ADDRESS : 0x0609B000
SIZE    : 316.0 Ko

DRIVER  : C:\windows\System32\drivers\mouclass.sys => Invisible on the disk
ADDRESS : 0x075E3000
SIZE    : 60.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\GEARAspiWDM.sys => Invisible on the disk
ADDRESS : 0x075F2000
SIZE    : 28.0 Ko

DRIVER  : C:\windows\System32\Drivers\aawgjnqv.SYS => Invisible on the disk
ADDRESS : 0x060EA000
SIZE    : 304.0 Ko

DRIVER  : C:\windows\System32\Drivers\SCSIPORT.SYS => Invisible on the disk
ADDRESS : 0x07000000
SIZE    : 188.0 Ko

DRIVER  : C:\windows\System32\drivers\wmiacpi.sys => Invisible on the disk
ADDRESS : 0x0702F000
SIZE    : 40.0 Ko

DRIVER  : C:\windows\System32\drivers\RadioHIDMini.sys => Invisible on the disk
ADDRESS : 0x07574000
SIZE    : 44.0 Ko

DRIVER  : C:\windows\System32\drivers\mshidkmdf.sys => Invisible on the disk
ADDRESS : 0x0757F000
SIZE    : 36.0 Ko

DRIVER  : C:\windows\System32\drivers\HIDCLASS.SYS => Invisible on the disk
ADDRESS : 0x07588000
SIZE    : 108.0 Ko

DRIVER  : C:\windows\System32\drivers\HIDPARSE.SYS => Invisible on the disk
ADDRESS : 0x075A3000
SIZE    : 32.0 Ko

DRIVER  : C:\windows\System32\drivers\intelppm.sys => Invisible on the disk
ADDRESS : 0x06FE1000
SIZE    : 112.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\raspptp.sys => Invisible on the disk
ADDRESS : 0x06600000
SIZE    : 132.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\rasl2tp.sys => Invisible on the disk
ADDRESS : 0x06621000
SIZE    : 148.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\raspppoe.sys => Invisible on the disk
ADDRESS : 0x06136000
SIZE    : 104.0 Ko

DRIVER  : C:\windows\System32\drivers\swenum.sys => Invisible on the disk
ADDRESS : 0x075AB000
SIZE    : 8.0 Ko

DRIVER  : C:\windows\System32\drivers\ks.sys => Invisible on the disk
ADDRESS : 0x06150000
SIZE    : 316.0 Ko

DRIVER  : C:\windows\System32\drivers\rdpbus.sys => Invisible on the disk
ADDRESS : 0x0619F000
SIZE    : 44.0 Ko

DRIVER  : C:\windows\System32\drivers\AMPPAL.sys => Invisible on the disk
ADDRESS : 0x061AA000
SIZE    : 176.0 Ko

DRIVER  : C:\windows\System32\Drivers\NDProxy.SYS => Invisible on the disk
ADDRESS : 0x061D6000
SIZE    : 80.0 Ko

DRIVER  : C:\windows\System32\drivers\usbhub.sys => Invisible on the disk
ADDRESS : 0x05400000
SIZE    : 504.0 Ko

DRIVER  : C:\windows\System32\drivers\USBD.SYS => Invisible on the disk
ADDRESS : 0x0547E000
SIZE    : 44.0 Ko

DRIVER  : C:\windows\System32\drivers\UsbHub3.sys => Invisible on the disk
ADDRESS : 0x05489000
SIZE    : 460.0 Ko

DRIVER  : C:\windows\system32\drivers\RTKVHD64.sys => Invisible on the disk
ADDRESS : 0x08A01000
SIZE    : 3.91 Mo

DRIVER  : C:\windows\system32\drivers\portcls.sys => Invisible on the disk
ADDRESS : 0x05315000
SIZE    : 300.0 Ko

DRIVER  : C:\windows\system32\drivers\drmk.sys => Invisible on the disk
ADDRESS : 0x05360000
SIZE    : 136.0 Ko

DRIVER  : C:\windows\system32\drivers\ksthunk.sys => Invisible on the disk
ADDRESS : 0x08DEA000
SIZE    : 24.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\IntcDAud.sys => Invisible on the disk
ADDRESS : 0x05382000
SIZE    : 352.0 Ko

DRIVER  : C:\windows\System32\win32k.sys => Invisible on the disk
ADDRESS : 0x00162000
SIZE    : 3.95 Mo

DRIVER  : C:\windows\System32\Drivers\dump_diskdump.sys => Invisible on the disk
ADDRESS : 0x08DF0000
SIZE    : 52.0 Ko

DRIVER  : C:\windows\System32\Drivers\dump_iaStorA.sys => Invisible on the disk
ADDRESS : 0x04467000
SIZE    : 2.79 Mo

DRIVER  : C:\windows\System32\Drivers\dump_dumpfve.sys => Invisible on the disk
ADDRESS : 0x061EA000
SIZE    : 80.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\monitor.sys => Invisible on the disk
ADDRESS : 0x053DA000
SIZE    : 56.0 Ko

DRIVER  : C:\windows\System32\TSDDD.dll => Invisible on the disk
ADDRESS : 0x00715000
SIZE    : 36.0 Ko

DRIVER  : C:\windows\System32\drivers\usbccgp.sys => Invisible on the disk
ADDRESS : 0x05000000
SIZE    : 140.0 Ko

DRIVER  : C:\windows\System32\drivers\hidusb.sys => Invisible on the disk
ADDRESS : 0x05023000
SIZE    : 52.0 Ko

DRIVER  : C:\windows\System32\drivers\KMWDFILTER.sys => Invisible on the disk
ADDRESS : 0x05030000
SIZE    : 48.0 Ko

DRIVER  : C:\windows\System32\drivers\kbdhid.sys => Invisible on the disk
ADDRESS : 0x0503C000
SIZE    : 52.0 Ko

DRIVER  : C:\windows\System32\drivers\mouhid.sys => Invisible on the disk
ADDRESS : 0x05049000
SIZE    : 48.0 Ko

DRIVER  : C:\windows\System32\cdd.dll => Invisible on the disk
ADDRESS : 0x0096A000
SIZE    : 216.0 Ko

DRIVER  : C:\windows\System32\Drivers\usbvideo.sys => Invisible on the disk
ADDRESS : 0x05055000
SIZE    : 208.0 Ko

DRIVER  : C:\windows\system32\drivers\luafv.sys => Invisible on the disk
ADDRESS : 0x05089000
SIZE    : 160.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\lltdio.sys => Invisible on the disk
ADDRESS : 0x050B1000
SIZE    : 80.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\nwifi.sys => Invisible on the disk
ADDRESS : 0x04F7A000
SIZE    : 440.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\ndisuio.sys => Invisible on the disk
ADDRESS : 0x050C5000
SIZE    : 80.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\rspndr.sys => Invisible on the disk
ADDRESS : 0x050D9000
SIZE    : 96.0 Ko

DRIVER  : C:\windows\System32\drivers\condrv.sys => Invisible on the disk
ADDRESS : 0x053E8000
SIZE    : 52.0 Ko

DRIVER  : C:\windows\system32\drivers\HTTP.sys => Invisible on the disk
ADDRESS : 0x1AAA1000
SIZE    : 880.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\bowser.sys => Invisible on the disk
ADDRESS : 0x1AB7D000
SIZE    : 128.0 Ko

DRIVER  : C:\windows\System32\drivers\mpsdrv.sys => Invisible on the disk
ADDRESS : 0x1AB9D000
SIZE    : 92.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\mrxsmb.sys => Invisible on the disk
ADDRESS : 0x1AA00000
SIZE    : 392.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\mrxsmb10.sys => Invisible on the disk
ADDRESS : 0x1ABB4000
SIZE    : 300.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\mrxsmb20.sys => Invisible on the disk
ADDRESS : 0x1AA62000
SIZE    : 232.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\vwifimp.sys => Invisible on the disk
ADDRESS : 0x053F5000
SIZE    : 40.0 Ko

DRIVER  : C:\windows\system32\drivers\Ndu.sys => Invisible on the disk
ADDRESS : 0x00BCD000
SIZE    : 112.0 Ko

DRIVER  : C:\windows\system32\drivers\peauth.sys => Invisible on the disk
ADDRESS : 0x1B238000
SIZE    : 812.0 Ko

DRIVER  : C:\windows\System32\Drivers\secdrv.SYS => Invisible on the disk
ADDRESS : 0x1B303000
SIZE    : 44.0 Ko

DRIVER  : C:\windows\System32\DRIVERS\srvnet.sys => Invisible on the disk
ADDRESS : 0x1B30E000
SIZE    : 272.0 Ko

DRIVER  : C:\windows\System32\drivers\tcpipreg.sys => Invisible on the disk
ADDRESS : 0x1B352000
SIZE    : 72.0 Ko

DRIVER  : C:\windows\System32\DRIVERS\srv2.sys => Invisible on the disk
ADDRESS : 0x1C80A000
SIZE    : 636.0 Ko

DRIVER  : C:\windows\System32\DRIVERS\srv.sys => Invisible on the disk
ADDRESS : 0x1C8A9000
SIZE    : 564.0 Ko

DRIVER  : C:\windows\system32\drivers\WudfPf.sys => Invisible on the disk
ADDRESS : 0x1C936000
SIZE    : 100.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\acpials.sys => Invisible on the disk
ADDRESS : 0x1C94F000
SIZE    : 40.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\WUDFRd.sys => Invisible on the disk
ADDRESS : 0x1C959000
SIZE    : 216.0 Ko

BCD EmsSettings {0CE4991B-E6B3-4B16-B23C-5E0D9250E5D9} => BcdLibraryBoolean_EmsEnabled (16000020)

SystemStartOptions :  NOEXECUTE=OPTIN  NOVGA

________________________________________________________________________________

_______MBR   \Device\Harddisk0\DR0  

0x00000000   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000010   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000020   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000030   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000040   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000050   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000060   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000070   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000080   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000090   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000A0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000B0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000C0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000D0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000E0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000F0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000100   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000110   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000120   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000130   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000140   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000150   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000160   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000170   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000180   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000190   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001A0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001B0   00 00 00 00 00 00 00 00 44 4D 49 4F 00 00 00 00   ........DMIO....
0x000001C0   02 00 EE FF FF FF 01 00 00 00 FF FF FF FF 00 00   ..î.............
0x000001D0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001E0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001F0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA   ..............Uª

_______MBR   \Device\Harddisk1\DR1  

0x00000000   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000010   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000020   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000030   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000040   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000050   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000060   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000070   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000080   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000090   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000A0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000B0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000C0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000D0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000E0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000F0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000100   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000110   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000120   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000130   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000140   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000150   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000160   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000170   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000180   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000190   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001A0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001B0   00 00 00 00 00 00 00 00 EA 2D F0 74 00 00 00 20   ........ê-ðt... 
0x000001C0   21 00 73 FE FF CD 00 08 00 00 00 C0 EE 00 00 00   !.sþ.Í.....Àî...
0x000001D0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001E0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001F0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA   ..............Uª


#4
CarlosTurco

CarlosTurco

    Assistente

  • Assistente
  • 25.262 posts
Bom dia, Pardones.

Device\Harddisk0\DR0 931.5 Go [Fixed] ==> Unknown MBR Code... ==> PARTITION TABLE FAKED !!

Foi detectado um possível problema no seu MBR. Vamos investigar melhor.

1)

Você verá no seu desktop um arquivo criado pelo MBRScan, que é um dump do MBR.

Acesse o VirusTotal.com. Clique no botão Choose File e na janela Escolher arquivo a carregar localize no desktop o dump criado pelo MBRScan:

Dump_Hdd0_DR0.mbr

Clique no botão Scan it!. Agüarde a análise terminar, depois copie o link que estará na barra de endereço do seu navegador e cole na sua próxima resposta. Exemplo:

https://www.virustot...0a92086c8a7cfde
69f711176737737b1d7bdf91b9f4d/analysis/1331728637/


Obs: Se você usar o VirusTotal, caso o arquivo já tenha sido analisado anteriormente pelo site, você verá uma imagem semelhante a esta:

Imagem Postada

Se isso acontecer, reanalise o arquivo.

2)

Observação: leia com atenção todo o procedimento antes de executar a ferramenta.

Baixe e salve-o em seu Desktop Imagem Postada

Dê um duplo-clique no aswMBR.exe para iniciar a ferramenta.
  • Surgirá uma janela de aviso para atualizar o banco de dados, clique em Sim;

    Imagem Postada
  • Ao terminar a atualização clique em Scan
  • Após a conclusão Scan finished sucessfully, clique em Save log para salvá-lo em seu Desktop,
  • Clique em Exit para sair do programa;
  • Selecione, copie e cole o conteúdo do log do aswMBR na sua próxima resposta.
  • Atenção: NÃO clique no botão Fix, apenas aguarde pelos próximos procedimentos.
  • Irá notar no Desktop um outro arquivo chamado MBR.dat.
  • Não delete esse arquivo, pois é um arquivo de backup.
  • Antes de enviar seu log siga os procedimentos abaixo:
  • Clique em cima do arquivo MBR.dat com o botão direito do mouse e compacte-o (zip ou rar);
  • Ao postar o log anexe esse arquivo também na sua resposta!


#5
Pardones

Pardones

    Novato

  • Membro
  • Pip
  • 18 posts
Boa noite Carlos,

Treta essa parada heim! Eu vi que o primeiro programa (adwcleaner) apagou umas coisas, mas o problema continua. Só para exemplificar, agora nesse trâmite de entrar no meu e-mail, pegar o link deste tópico, abri-lo e fazer os procedimentos, duas páginas abriram. Copio abaixo os links delas (não sei se ajuda, mas enfim):

https://secure.viden...adja&subid=1595
http://lp.empire.goo...332032368168797

Fora isso, na terça quando fui tentar entrar no meu e-mail do yahoo direto pela página dele, ao clicar em entrar abriu um aviso do norton dizendo que eu estava sendo direcionado para uma página de phising. cliquei em "sair da página" e o norton emitiu uma mensagem dizendo que tava tudo ok. Depois ficou tudo normal e essa mensagem não apareceu mais.

Bom, vamos aos procedimentos.

URL do virustotal: https://www.virustot...sis/1361492459/

log do aswmbr:

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-02-21 21:29:19
-----------------------------
21:29:19.514 OS Version: Windows x64 6.2.9200
21:29:19.514 Number of processors: 8 586 0x3A09
21:29:19.517 ComputerName: PARDAL UserName: Casa
21:29:19.852 Initialze error 1
21:31:33.912 AVAST engine defs: 13022103
21:31:54.286 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000045
21:31:54.290 Disk 0 Vendor: Size: 0MB BusType: 0
21:31:54.294 Disk 1 \Device\Harddisk1\DR1 -> \Device\00000046
21:31:54.297 Disk 1 Vendor: SanDisk_SSD_i100_8GB 11.56.04 Size: 7641MB BusType: 11
21:31:54.326 Disk 0 MBR read successfully
21:31:54.331 Disk 0 MBR scan
21:31:54.338 Disk 0 unknown MBR code
21:31:54.342 Disk 0 MBR hidden
21:31:54.347 Disk 0 Partition 1 00 EE GPT 2097151 MB offset 1
21:31:54.356 Disk 0 scanning C:\windows\system32\drivers
21:31:54.362 Service scanning
21:31:55.018 Modules scanning
21:31:55.024 Disk 0 trace - called modules:
21:31:55.372 ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0xfffffa8006e802c0]<<sptd.sys storport.sys hal.dll iaStorA.sys
21:31:55.381 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80149d3060]
21:31:55.388 3 CLASSPNP.SYS[fffff880012028aa] -> nt!IofCallDriver -> \Device\00000045[0xfffffa8012dac060]
21:31:55.394 \Driver\iaStorA[0xfffffa8012d68a90] -> IRP_MJ_CREATE -> 0xfffffa8006e802c0
21:31:55.402 AVAST engine scan C:\windows
21:31:55.410 AVAST engine scan C:\windows\system32
21:31:55.417 AVAST engine scan C:\windows\system32\drivers
21:31:55.425 AVAST engine scan C:\Users\Pardones
21:31:55.432 AVAST engine scan C:\ProgramData
21:31:55.441 Scan finished successfully
21:32:14.878 Disk 0 MBR has been saved successfully to "C:\Users\Pardones\Desktop\MBR.dat"
21:32:14.886 The log file has been saved successfully to "C:\Users\Pardones\Desktop\aswMBR.txt"

Também anexei o mbr.dat zipado.

Mais uma vez obrigado pela ajuda!

Arquivo(s) anexado(s)

  • Arquivo anexado  MBR.rar   119bytes   0 Downloads


#6
CarlosTurco

CarlosTurco

    Assistente

  • Assistente
  • 25.262 posts
Olá,

Baixe o RogueKiller e salve no desktop. e salve no desktop.
http://www.sur-la-to...RogueKiller.exe

Execute o arquivo RogueKiller.exe.

*** Usuários do Windows Vista ou Windows 7 clique com o direito sobre o arquivo RogueKiller.exe, depois clique em Imagem Postada.

Clique no botão Verificar e aguarde o exame finalizar.

Clique no botão Report. Abrirá um bloco de notas com informações.

Este log é salvo no desktop com o nome de RKreport[1].txt.

Selecione, copie e cole o conteúdo deste log na sua próxima resposta.

OBS: não use o botão Deletar pois precisamos avaliar os ítens antes de fazer isso.

#7
Pardones

Pardones

    Novato

  • Membro
  • Pip
  • 18 posts
Feito!


RogueKiller V8.5.1 [Feb 21 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo...13-roguekiller/
Website : http://tigzy.geeksto...roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 8 (6.2.9200 ) 64 bits version
Started in : Normal mode
User : Casa [Admin rights]
Mode : Scan -- Date : 02/21/2013 22:16:00
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 3 ¤¤¤
[RUN][BLACKLISTDLL] HKLM\[...]\Run : BTMTrayAgent (rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\windows\system32\drivers\etc\hosts



¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST1000LM024 HN-M101MBB +++++
--- User ---
[MBR] 0011fce8913b2a47d0be9abe0922779c
[BSP] 9a384efd8597366a6ffccff359c25ad4 : MBR Code unknown
Partition table:
0 - [XXXXXX] UNKNOWN (0xee) [VISIBLE] Offset (sectors): 1 | Size: 2097151 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: SanDisk SSD i100 8GB +++++
--- User ---
[MBR] 5cf148d00334652bc05846c86a62d317
[BSP] 0a9420da5d388cf72c9f5653515471d4 : MBR Code unknown
Partition table:
0 - [XXXXXX] UNKNOWN (0x73) [VISIBLE] Offset (sectors): 2048 | Size: 7640 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[1]_S_02212013_02d2216.txt >>
RKreport[1]_S_02212013_02d2216.txt

#8
CarlosTurco

CarlosTurco

    Assistente

  • Assistente
  • 25.262 posts
Pardones,

Estou repassando seu problema para um especialista em remoção de Rootkit.. Ele fará a análise e, caso seja confirmado, indicará os procedimentos a serem adotados.
Peço que aguarde para darmos andamento ao tópico.

#9
Sam Spade

Sam Spade

    Assistente Profissional

  • Assistente Profissional
  • 21.220 posts
Olá Pardones! Baixe esta ferramenta e salve na sua área de trabalho.
Extraia do zip e execute através do clique direito > Executar como administrador.

Clique em Change parameters. Na janela Settings marque esta opção:

Detect TDLFS file system

Clique no botão Start para iniciar o scan e aguarde. Não demora muito.

A ferramenta pode detectar dois tipos de ameaças: malicioso ou suspeito.

Para os itens maliciosos, haverá duas opções: curar ou deletar.

Para os itens suspeitos (Suspicious file), a opção padrão será "ignorar".

Se algo malicioso for detectado, mande deletar e permita que o sistema seja reiniciado.

Atenção: se algo suspeito for detectado, marque a opção "ignorar".

Depois, copie o log e cole na sua resposta. O log ficará salvo em C:\, com um nome parecido com este:
C:\TDSSKiller.2.4.7_23.07.2010_15.31.43_log.txt
Linha Defensiva no Facebook
Junte-se ao ARIS//Linha Defensiva no Twitter
Imagem Postada
Não abandone o seu tópico.
Alguém dedicou parte do seu tempo para ajudá-lo!

#10
Pardones

Pardones

    Novato

  • Membro
  • Pip
  • 18 posts
Bom dia Sam Spade!

Acho que o progama não encontrou nada, segue log:


11:38:57.0670 7300 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
11:38:57.0670 7300 UEFI system
11:38:59.0561 7300 ============================================================
11:38:59.0561 7300 Current date / time: 2013/02/23 11:38:59.0561
11:38:59.0561 7300 SystemInfo:
11:38:59.0561 7300
11:38:59.0561 7300 OS Version: 6.2.9200 ServicePack: 0.0
11:38:59.0561 7300 Product type: Workstation
11:38:59.0561 7300 ComputerName: PARDAL
11:38:59.0562 7300 UserName: Casa
11:38:59.0562 7300 Windows directory: C:\windows
11:38:59.0562 7300 System windows directory: C:\windows
11:38:59.0562 7300 Running under WOW64
11:38:59.0562 7300 Processor architecture: Intel x64
11:38:59.0562 7300 Number of processors: 8
11:38:59.0562 7300 Page size: 0x1000
11:38:59.0562 7300 Boot type: Normal boot
11:38:59.0562 7300 ============================================================
11:39:00.0791 7300 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:39:00.0792 7300 Drive \Device\Harddisk1\DR1 - Size: 0x1DD936000 (7.46 Gb), SectorSize: 0x200, Cylinders: 0x3CE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:39:00.0799 7300 ============================================================
11:39:00.0799 7300 \Device\Harddisk0\DR0:
11:39:00.0799 7300 GPT partitions:
11:39:00.0800 7300 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {80AA0798-AD20-4EF8-903B-82CD3376A2DF}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xFA000
11:39:00.0800 7300 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {995430D0-06D0-4850-A3DD-D24D2506F705}, Name: EFI system partition, StartLBA 0xFA800, BlocksNum 0x96000
11:39:00.0800 7300 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {B22F1D54-DCC6-4CD4-9835-B4E5FB9FAADF}, Name: Microsoft reserved partition, StartLBA 0x190800, BlocksNum 0x40000
11:39:00.0800 7300 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {A7B02524-B72C-417C-912B-B88A0C89458D}, Name: Basic data partition, StartLBA 0x1D0800, BlocksNum 0x7173E801
11:39:00.0800 7300 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {E8F6ADC9-D3F8-457D-8CB4-779FDED9C42C}, Name: Basic data partition, StartLBA 0x7190F001, BlocksNum 0x2BF7800
11:39:00.0800 7300 \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {9E90D306-73FE-492D-4173-636C65706975}, Name: Basic data partition, StartLBA 0x74506801, BlocksNum 0x200000
11:39:00.0800 7300 MBR partitions:
11:39:00.0800 7300 \Device\Harddisk1\DR1:
11:39:00.0801 7300 MBR partitions:
11:39:00.0801 7300 ============================================================
11:39:00.0833 7300 C: <-> \Device\Harddisk0\DR0\Partition4
11:39:00.0833 7300 ============================================================
11:39:00.0833 7300 Initialize success
11:39:00.0833 7300 ============================================================
11:39:23.0674 1724 ============================================================
11:39:23.0674 1724 Scan started
11:39:23.0674 1724 Mode: Manual; TDLFS;
11:39:23.0674 1724 ============================================================
11:39:24.0339 1724 ================ Scan system memory ========================
11:39:24.0339 1724 System memory - ok
11:39:24.0340 1724 ================ Scan services =============================
11:39:24.0583 1724 [ E890C46E4754F0DF51BAFCC8D2E07498 ] 1394ohci C:\windows\System32\drivers\1394ohci.sys
11:39:24.0589 1724 1394ohci - ok
11:39:24.0596 1724 [ 4F18D4C7EA14F11A7211F60D553C03DB ] 3ware C:\windows\system32\drivers\3ware.sys
11:39:24.0600 1724 3ware - ok
11:39:24.0644 1724 [ 975AABEB243B800C23626D6B652C5A9C ] ACPI C:\windows\system32\drivers\ACPI.sys
11:39:24.0656 1724 ACPI - ok
11:39:24.0680 1724 [ E3530CCC4018BBFC39176E579E438BE6 ] acpials C:\windows\system32\DRIVERS\acpials.sys
11:39:24.0685 1724 acpials - ok
11:39:24.0739 1724 [ DC968C37822117E576B933F34A2D130C ] acpiex C:\windows\system32\Drivers\acpiex.sys
11:39:24.0743 1724 acpiex - ok
11:39:24.0758 1724 [ 0CA9F7C3A78227C21A0A7854E245CFB2 ] acpipagr C:\windows\System32\drivers\acpipagr.sys
11:39:24.0761 1724 acpipagr - ok
11:39:24.0767 1724 [ 8EB8DA03B142D3DD1EB9ED8107A76C43 ] AcpiPmi C:\windows\System32\drivers\acpipmi.sys
11:39:24.0769 1724 AcpiPmi - ok
11:39:24.0775 1724 [ CBCE725C5D86ABA7D2604E22951AA9B8 ] acpitime C:\windows\System32\drivers\acpitime.sys
11:39:24.0778 1724 acpitime - ok
11:39:24.0879 1724 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:39:24.0882 1724 AdobeARMservice - ok
11:39:24.0949 1724 [ 93C6388592B99925C1D1576E465BC80F ] adp94xx C:\windows\system32\drivers\adp94xx.sys
11:39:24.0956 1724 adp94xx - ok
11:39:24.0976 1724 [ D27763E0247292654E7F7D16444C7C72 ] adpahci C:\windows\system32\drivers\adpahci.sys
11:39:24.0987 1724 adpahci - ok
11:39:25.0004 1724 [ 67B90070FF48F794AF19F9FCF0080D75 ] adpu320 C:\windows\system32\drivers\adpu320.sys
11:39:25.0012 1724 adpu320 - ok
11:39:25.0040 1724 [ 974AE60BF5B90E31412D93596C968E5B ] AeLookupSvc C:\windows\System32\aelupsvc.dll
11:39:25.0044 1724 AeLookupSvc - ok
11:39:25.0087 1724 [ 36D6A3201721558A8AFBCC09C2DA4C2C ] AFD C:\windows\system32\drivers\afd.sys
11:39:25.0095 1724 AFD - ok
11:39:25.0110 1724 [ 01590377A5AB19E792528C628A2A68F9 ] agp440 C:\windows\system32\drivers\agp440.sys
11:39:25.0114 1724 agp440 - ok
11:39:25.0144 1724 [ D1BE8E6E5B3AF23A4393AF1BF867977A ] ALG C:\windows\System32\alg.exe
11:39:25.0151 1724 ALG - ok
11:39:25.0179 1724 [ 025E8C755BE293E50854D26D1BBE5133 ] AllUserInstallAgent C:\windows\system32\AUInstallAgent.dll
11:39:25.0185 1724 AllUserInstallAgent - ok
11:39:25.0215 1724 [ 5A81054B824004B1ECC04F0034A1CDF9 ] AmdK8 C:\windows\System32\drivers\amdk8.sys
11:39:25.0220 1724 AmdK8 - ok
11:39:25.0234 1724 [ B849D453E644FAB9BC8EF6DC8CA9C4C6 ] AmdPPM C:\windows\System32\drivers\amdppm.sys
11:39:25.0240 1724 AmdPPM - ok
11:39:25.0259 1724 [ 35A0EB5AECB0FA3C41A2FB514A562304 ] amdsata C:\windows\system32\drivers\amdsata.sys
11:39:25.0264 1724 amdsata - ok
11:39:25.0331 1724 [ 00452671904F5EE94B50BF0219C97164 ] amdsbs C:\windows\system32\drivers\amdsbs.sys
11:39:25.0336 1724 amdsbs - ok
11:39:25.0343 1724 [ EA3FFE53E92E59C87E3ECA9BEB20D9B7 ] amdxata C:\windows\system32\drivers\amdxata.sys
11:39:25.0346 1724 amdxata - ok
11:39:25.0396 1724 [ 0C3D62CB6B8F2B3CC42369BAC0F58AD5 ] AMPPAL C:\windows\System32\drivers\AMPPAL.sys
11:39:25.0401 1724 AMPPAL - ok
11:39:25.0409 1724 [ 0C3D62CB6B8F2B3CC42369BAC0F58AD5 ] AMPPALP C:\windows\system32\DRIVERS\amppal.sys
11:39:25.0412 1724 AMPPALP - ok
11:39:25.0555 1724 [ 11DA9AEDEDE229C6BDF6889298E91FDD ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
11:39:25.0563 1724 AMPPALR3 - ok
11:39:25.0576 1724 [ 83B3682CE922FB0F415734B26D9D6233 ] AppID C:\windows\system32\drivers\appid.sys
11:39:25.0580 1724 AppID - ok
11:39:25.0615 1724 [ CE2BEAD7F31816FF0AC490D048C969F9 ] AppIDSvc C:\windows\System32\appidsvc.dll
11:39:25.0618 1724 AppIDSvc - ok
11:39:25.0654 1724 [ D64C4AFEE8277F35EF729A2B924666B0 ] Appinfo C:\windows\System32\appinfo.dll
11:39:25.0656 1724 Appinfo - ok
11:39:25.0719 1724 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:39:25.0720 1724 Apple Mobile Device - ok
11:39:25.0757 1724 [ E933401B392387F4BE34DE8BAF1722A7 ] arc C:\windows\system32\drivers\arc.sys
11:39:25.0760 1724 arc - ok
11:39:25.0824 1724 [ 07CA323EF2E8247A568AB0F3662AD644 ] arcsas C:\windows\system32\drivers\arcsas.sys
11:39:25.0827 1724 arcsas - ok
11:39:25.0833 1724 [ 74DBAEC35366C4EE7670428808715A6A ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
11:39:25.0835 1724 AsyncMac - ok
11:39:25.0847 1724 [ A721FF570C2387E383BDDEA9632863C9 ] atapi C:\windows\system32\drivers\atapi.sys
11:39:25.0849 1724 atapi - ok
11:39:25.0889 1724 [ 810ED88782952228AF9C0985FB7D259E ] AudioEndpointBuilder C:\windows\System32\AudioEndpointBuilder.dll
11:39:25.0895 1724 AudioEndpointBuilder - ok
11:39:25.0947 1724 [ 25CA8B87479A374919563B3EE7136F32 ] Audiosrv C:\windows\System32\Audiosrv.dll
11:39:25.0955 1724 Audiosrv - ok
11:39:26.0097 1724 [ 7692F4B242E45870873CAF4CB85CF769 ] AxAutoMntSrv C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
11:39:26.0099 1724 AxAutoMntSrv - ok
11:39:26.0130 1724 [ 89491EF71D5EA011127832C588002853 ] AxInstSV C:\windows\System32\AxInstSV.dll
11:39:26.0186 1724 AxInstSV - ok
11:39:26.0242 1724 [ 87AB5BB072A3F128541D5B815F82FFDD ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
11:39:26.0248 1724 b06bdrv - ok
11:39:26.0282 1724 [ 81703BC5D68DEDBB086C2368FBE7B334 ] BasicDisplay C:\windows\System32\drivers\BasicDisplay.sys
11:39:26.0284 1724 BasicDisplay - ok
11:39:26.0290 1724 [ 5EC68164E14D25675C98BBB5F09E8606 ] BasicRender C:\windows\System32\drivers\BasicRender.sys
11:39:26.0291 1724 BasicRender - ok
11:39:26.0338 1724 [ 89143A7BA7850F5C7E61B43BB44B6418 ] BDESVC C:\windows\System32\bdesvc.dll
11:39:26.0343 1724 BDESVC - ok
11:39:26.0365 1724 [ 9E7AEA59776D904607985AFFE7E5E183 ] Beep C:\windows\system32\drivers\Beep.sys
11:39:26.0366 1724 Beep - ok
11:39:26.0424 1724 [ 9E6A544F465C582AB42444A217CF04DC ] BFE C:\windows\System32\bfe.dll
11:39:26.0440 1724 BFE - ok
11:39:26.0748 1724 [ 866335C9C0E6733C753FB472C539A6B9 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\BASHDefs\20130208.001\BHDrvx64.sys
11:39:26.0775 1724 BHDrvx64 - ok
11:39:26.0813 1724 [ D598C44A7072D3108D8D8102EC5E07F7 ] BITS C:\windows\System32\qmgr.dll
11:39:26.0823 1724 BITS - ok
11:39:26.0926 1724 [ 13C358D27CBFAF537FA7CA48B9052CF3 ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
11:39:26.0937 1724 Bluetooth Device Monitor - ok
11:39:27.0019 1724 [ 7525C93645FDA8E9D8F677FEA833798A ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
11:39:27.0031 1724 Bluetooth OBEX Service - ok
11:39:27.0096 1724 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
11:39:27.0101 1724 Bonjour Service - ok
11:39:27.0137 1724 [ B17AC10B47C7FCB44D22A1F06415840E ] bowser C:\windows\system32\DRIVERS\bowser.sys
11:39:27.0139 1724 bowser - ok
11:39:27.0176 1724 [ 975398A3D2C1FEA73FC93931978DF354 ] BrokerInfrastructure C:\windows\System32\bisrv.dll
11:39:27.0182 1724 BrokerInfrastructure - ok
11:39:27.0219 1724 [ 310068BDA80B1D55C36580FD8A873FAF ] Browser C:\windows\System32\browser.dll
11:39:27.0222 1724 Browser - ok
11:39:27.0263 1724 [ 3AA4309EBD9491E516F13FE3DC752FEE ] BthAvrcpTg C:\windows\System32\drivers\BthAvrcpTg.sys
11:39:27.0265 1724 BthAvrcpTg - ok
11:39:27.0336 1724 [ 6AB44FF15F12E2CADABA3B8E9B2FBEB8 ] BthEnum C:\windows\System32\drivers\BthEnum.sys
11:39:27.0338 1724 BthEnum - ok
11:39:27.0366 1724 [ 616EB8748C988AEE98D93DA141C3D3B4 ] BthHFEnum C:\windows\System32\drivers\bthhfenum.sys
11:39:27.0368 1724 BthHFEnum - ok
11:39:27.0405 1724 [ DCB4EBD928A6FB368BE6CAE522412DE1 ] bthhfhid C:\windows\System32\drivers\BthHFHid.sys
11:39:27.0408 1724 bthhfhid - ok
11:39:27.0444 1724 [ 42201C346F0B8C458E1E9CDE04D68A2C ] BthLEEnum C:\windows\system32\DRIVERS\BthLEEnum.sys
11:39:27.0450 1724 BthLEEnum - ok
11:39:27.0512 1724 [ 033916CE8784A848B9A3D686B7F66D97 ] BTHMODEM C:\windows\System32\drivers\bthmodem.sys
11:39:27.0514 1724 BTHMODEM - ok
11:39:27.0553 1724 [ 091BB978E9504D0AD14586929431A957 ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
11:39:27.0556 1724 BthPan - ok
11:39:27.0610 1724 [ CFD630EA8B3F593FFA0030FD53BA7908 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
11:39:27.0633 1724 BTHPORT - ok
11:39:27.0672 1724 [ A4387C3D271959313E2577DB7BE8BA7A ] bthserv C:\windows\system32\bthserv.dll
11:39:27.0675 1724 bthserv - ok
11:39:27.0694 1724 [ 53ECA72327243009C4D49BF934134A1B ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
11:39:27.0696 1724 BTHSSecurityMgr - ok
11:39:27.0731 1724 [ 69C903C026CB675E234F4A7C951FD722 ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
11:39:27.0735 1724 BTHUSB - ok
11:39:27.0775 1724 [ 7235891AF09D13C4214DEEE57ED331D0 ] btmaux C:\windows\system32\DRIVERS\btmaux.sys
11:39:27.0777 1724 btmaux - ok
11:39:27.0801 1724 [ 76D0DDD58A773CA1BFB4D30AAE03517A ] btmhsf C:\windows\system32\DRIVERS\btmhsf.sys
11:39:27.0811 1724 btmhsf - ok
11:39:27.0861 1724 [ 248C952C82DF1E23775432774CBB20F1 ] ccSet_MCLIENT C:\windows\system32\drivers\MCLIENTx64\0302000.013\ccSetx64.sys
11:39:27.0867 1724 ccSet_MCLIENT - ok
11:39:27.0923 1724 [ E41F70406C34F1CB667B4B27D81AD162 ] ccSet_NARA C:\windows\system32\drivers\NARAx64\0401000.00B\ccSetx64.sys
11:39:27.0929 1724 ccSet_NARA - ok
11:39:28.0067 1724 [ 248C952C82DF1E23775432774CBB20F1 ] ccSet_NIS C:\windows\system32\drivers\NISx64\1402010.016\ccSetx64.sys
11:39:28.0073 1724 ccSet_NIS - ok
11:39:28.0098 1724 [ 990B1BABE6E81FB18E65A87EBEFB1772 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
11:39:28.0100 1724 cdfs - ok
11:39:28.0160 1724 [ 339BFF85D788268752DA8C9644B188EE ] cdrom C:\windows\System32\drivers\cdrom.sys
11:39:28.0163 1724 cdrom - ok
11:39:28.0195 1724 [ BAF8F0F55BC300E5F882E521F054E345 ] CertPropSvc C:\windows\System32\certprop.dll
11:39:28.0198 1724 CertPropSvc - ok
11:39:28.0214 1724 [ F64B7D1A37CC1D5F421D5359EEC81E2E ] circlass C:\windows\System32\drivers\circlass.sys
11:39:28.0216 1724 circlass - ok
11:39:28.0226 1724 [ 9905168708DB68849B879B5548F68AB3 ] CLFS C:\windows\system32\drivers\CLFS.sys
11:39:28.0231 1724 CLFS - ok
11:39:28.0248 1724 [ 2DC8538A2260647484A6C921CA837313 ] CmBatt C:\windows\System32\drivers\CmBatt.sys
11:39:28.0248 1724 CmBatt - ok
11:39:28.0304 1724 [ E708BFF0473EC6B271EA46B65B16CA56 ] CNG C:\windows\system32\Drivers\cng.sys
11:39:28.0316 1724 CNG - ok
11:39:28.0324 1724 [ 0E5B1E9E7122EDAAF1F6CE047965CA92 ] CompositeBus C:\windows\System32\drivers\CompositeBus.sys
11:39:28.0326 1724 CompositeBus - ok
11:39:28.0331 1724 COMSysApp - ok
11:39:28.0376 1724 [ D9CB0782AF819548072AA45B70F8B22D ] condrv C:\windows\system32\drivers\condrv.sys
11:39:28.0377 1724 condrv - ok
11:39:28.0490 1724 [ E6785ED5842490EDF42A09A9FC50F616 ] cphs C:\windows\SysWow64\IntelCpHeciSvc.exe
11:39:28.0498 1724 cphs - ok
11:39:28.0528 1724 [ F0E78B119D12BA81F163D48C0FF30B9A ] CryptSvc C:\windows\system32\cryptsvc.dll
11:39:28.0530 1724 CryptSvc - ok
11:39:28.0566 1724 [ C4D01BD86D6B207275FC143EEA951D75 ] dam C:\windows\system32\drivers\dam.sys
11:39:28.0568 1724 dam - ok
11:39:28.0616 1724 [ 1EC6E533C954BDDF2A37E7851A7E58FD ] DcomLaunch C:\windows\system32\rpcss.dll
11:39:28.0634 1724 DcomLaunch - ok
11:39:28.0671 1724 [ C8650D1F61149AA546BDBC99172EBBC1 ] defragsvc C:\windows\System32\defragsvc.dll
11:39:28.0679 1724 defragsvc - ok
11:39:28.0704 1724 [ 5EAEF67AE2AF4D2DC664B649DB7B2E16 ] DeviceAssociationService C:\windows\system32\das.dll
11:39:28.0712 1724 DeviceAssociationService - ok
11:39:28.0741 1724 [ 799BE46D45D486704CE0F37CA5385262 ] DeviceInstall C:\windows\system32\umpnpmgr.dll
11:39:28.0748 1724 DeviceInstall - ok
11:39:28.0776 1724 [ 09D9EB9E7898F8E6561473A20CC808B9 ] Dfsc C:\windows\system32\Drivers\dfsc.sys
11:39:28.0779 1724 Dfsc - ok
11:39:28.0837 1724 [ 9E0E72222264745ADEB0E5AC680B0ED6 ] Dhcp C:\windows\system32\dhcpcore.dll
11:39:28.0846 1724 Dhcp - ok
11:39:28.0856 1724 [ 3C736FAE17BA6F91BA37594AAB139CD0 ] discache C:\windows\system32\drivers\discache.sys
11:39:28.0858 1724 discache - ok
11:39:28.0866 1724 [ 560495FF4CA22E1D9B1972FA18F43B6F ] disk C:\windows\system32\drivers\disk.sys
11:39:28.0869 1724 disk - ok
11:39:28.0876 1724 [ 82A7C72593793FE1EADA7A305BD1567A ] dmvsc C:\windows\System32\drivers\dmvsc.sys
11:39:28.0877 1724 dmvsc - ok
11:39:28.0906 1724 [ 066B9710B36AB550E01EEFCA52155968 ] Dnscache C:\windows\System32\dnsrslvr.dll
11:39:28.0913 1724 Dnscache - ok
11:39:28.0942 1724 [ 9949AD2ABA168A618D46C799D6CC898C ] dot3svc C:\windows\System32\dot3svc.dll
11:39:28.0947 1724 dot3svc - ok
11:39:28.0973 1724 [ 109FC3F80BF4F4DC5A071058074F13C1 ] DPS C:\windows\system32\dps.dll
11:39:28.0976 1724 DPS - ok
11:39:29.0019 1724 [ 9C7C183F937951AE17C5B8B3259CF3FF ] drmkaud C:\windows\system32\drivers\drmkaud.sys
11:39:29.0020 1724 drmkaud - ok
11:39:29.0046 1724 [ BF48F32EE248C3D371DA5DC93BBEADA7 ] DsmSvc C:\windows\System32\DeviceSetupManager.dll
11:39:29.0053 1724 DsmSvc - ok
11:39:29.0111 1724 [ 898BF1647BBF012B38EF45C7F9F7A67E ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
11:39:29.0138 1724 DXGKrnl - ok
11:39:29.0173 1724 [ 58BA473DD88F5FC1932282BA683AA03E ] Eaphost C:\windows\System32\eapsvc.dll
11:39:29.0178 1724 Eaphost - ok
11:39:29.0337 1724 [ F9260314A24F744A9E27165956EE95F3 ] Easy Launcher C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
11:39:29.0352 1724 Easy Launcher - ok
11:39:29.0456 1724 [ 5AB97B3282D7D6114949D1EB5C8598E4 ] ebdrv C:\windows\system32\drivers\evbda.sys
11:39:29.0488 1724 ebdrv - ok
11:39:29.0561 1724 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
11:39:29.0572 1724 eeCtrl - ok
11:39:29.0647 1724 [ F702AB6181513303AB0FC8D59E52708B ] EFS C:\windows\System32\lsass.exe
11:39:29.0650 1724 EFS - ok
11:39:29.0701 1724 [ 66D60BD9A4C05616ABECA2A901475098 ] EhStorClass C:\windows\system32\drivers\EhStorClass.sys
11:39:29.0703 1724 EhStorClass - ok
11:39:29.0735 1724 [ A61D0F543024E458C0FE32352E1978E2 ] EhStorTcgDrv C:\windows\system32\drivers\EhStorTcgDrv.sys
11:39:29.0737 1724 EhStorTcgDrv - ok
11:39:29.0816 1724 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
11:39:29.0820 1724 EraserUtilRebootDrv - ok
11:39:29.0826 1724 [ D790D058D67582DB9C84C2D33695FE6B ] ErrDev C:\windows\System32\drivers\errdev.sys
11:39:29.0827 1724 ErrDev - ok
11:39:29.0861 1724 [ 6073E00157E6D99FC8D0D0CC8EF61DF9 ] ETD C:\windows\system32\DRIVERS\ETD.sys
11:39:29.0869 1724 ETD - ok
11:39:29.0905 1724 [ F9E01C2D9F8BC049E04CF5DC24A5F638 ] EventSystem C:\windows\system32\es.dll
11:39:29.0917 1724 EventSystem - ok
11:39:30.0011 1724 [ 933723A47E9B7B22208F79F0F40A249A ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
11:39:30.0017 1724 EvtEng - ok
11:39:30.0045 1724 [ 2F7D6F7E2F264D60D48981C3178B93C7 ] excfs C:\windows\system32\DRIVERS\excfs.sys
11:39:30.0046 1724 excfs - ok
11:39:30.0053 1724 [ 313E08AFCB4C2F6831A5F7A3F847C53E ] excsd C:\windows\system32\DRIVERS\excsd.sys
11:39:30.0057 1724 excsd - ok
11:39:30.0084 1724 [ 7A4D6FEB8C52B3FE855E4DCDF9107E03 ] exfat C:\windows\system32\drivers\exfat.sys
11:39:30.0087 1724 exfat - ok
11:39:30.0127 1724 [ A32BCA68B50B0BE2058A1467F6DD7488 ] ExpressCache C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe
11:39:30.0129 1724 ExpressCache - ok
11:39:30.0158 1724 [ 60996602A7111FD2D086E803F33E4282 ] fastfat C:\windows\system32\drivers\fastfat.sys
11:39:30.0161 1724 fastfat - ok
11:39:30.0204 1724 [ F0E7F8382ED5E138B0DFA4CB5058BCFE ] Fax C:\windows\system32\fxssvc.exe
11:39:30.0219 1724 Fax - ok
11:39:30.0225 1724 [ 73B2D11DF0B6E03A0CB0323218ACB3E4 ] fdc C:\windows\System32\drivers\fdc.sys
11:39:30.0227 1724 fdc - ok
11:39:30.0248 1724 [ 0828E3E7BD77C89149EAD3232BFD38DB ] fdPHost C:\windows\system32\fdPHost.dll
11:39:30.0250 1724 fdPHost - ok
11:39:30.0263 1724 [ 872506AAB591E8908DF4461475AF92DF ] FDResPub C:\windows\system32\fdrespub.dll
11:39:30.0266 1724 FDResPub - ok
11:39:30.0292 1724 [ 0588950D93A426F97C7AAADB1A9B0458 ] fhsvc C:\windows\system32\fhsvc.dll
11:39:30.0298 1724 fhsvc - ok
11:39:30.0305 1724 [ 88A9EBACD1058ABB237A6B4E96E7F397 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
11:39:30.0306 1724 FileInfo - ok
11:39:30.0321 1724 [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02 ] Filetrace C:\windows\system32\drivers\filetrace.sys
11:39:30.0324 1724 Filetrace - ok
11:39:30.0342 1724 [ B1D4C168FF7B8579E3745888658FFB1D ] flpydisk C:\windows\System32\drivers\flpydisk.sys
11:39:30.0344 1724 flpydisk - ok
11:39:30.0356 1724 [ B33EC133AE4E6C1881D2302D93D2467D ] FltMgr C:\windows\system32\drivers\fltmgr.sys
11:39:30.0364 1724 FltMgr - ok
11:39:30.0427 1724 [ 0BCDC0FF11B984162B0CF0FF6E9E0146 ] FontCache C:\windows\system32\FntCache.dll
11:39:30.0446 1724 FontCache - ok
11:39:30.0508 1724 [ 0B56259F5611787222A04A8F254E51D4 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:39:30.0510 1724 FontCache3.0.0.0 - ok
11:39:30.0523 1724 [ A5F7873A39E4E9FAAAE59B7E9E36B705 ] FsDepends C:\windows\system32\drivers\FsDepends.sys
11:39:30.0526 1724 FsDepends - ok
11:39:30.0562 1724 [ A6DD7D491F587F4BC13FB972977DC8E8 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
11:39:30.0564 1724 Fs_Rec - ok
11:39:30.0603 1724 [ FA228F4BB10DC7ED7E7D131C034E2331 ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
11:39:30.0614 1724 fvevol - ok
11:39:30.0635 1724 [ A969D92973DFA895E7776B4BFE36DBB2 ] FxPPM C:\windows\System32\drivers\fxppm.sys
11:39:30.0637 1724 FxPPM - ok
11:39:30.0652 1724 [ 52BC441E07A827EBAB70CDC7EAEDB28D ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
11:39:30.0654 1724 gagp30kx - ok
11:39:30.0694 1724 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
11:39:30.0695 1724 GEARAspiWDM - ok
11:39:30.0714 1724 [ 721F8EEF5E9747F32670DEFF7FB92541 ] gencounter C:\windows\System32\drivers\vmgencounter.sys
11:39:30.0715 1724 gencounter - ok
11:39:30.0739 1724 [ CA18ECFCFFDD638ECE80799A9056B238 ] GPIOClx0101 C:\windows\system32\Drivers\msgpioclx.sys
11:39:30.0742 1724 GPIOClx0101 - ok
11:39:30.0806 1724 [ 5358678C6370F2ADC5291849F6503262 ] gpsvc C:\windows\System32\gpsvc.dll
11:39:30.0833 1724 gpsvc - ok
11:39:30.0864 1724 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:39:30.0865 1724 gupdate - ok
11:39:30.0871 1724 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:39:30.0872 1724 gupdatem - ok
11:39:30.0911 1724 [ 9FC1F11D4D19F61DFE5CC878B4557D3A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
11:39:30.0915 1724 HdAudAddService - ok
11:39:30.0940 1724 [ 7D87B5B6C7188D553E11B59DC7F0B111 ] HDAudBus C:\windows\System32\drivers\HDAudBus.sys
11:39:30.0942 1724 HDAudBus - ok
11:39:30.0949 1724 [ 3F76BBA53D65E85A7F53E7A71082082C ] HidBatt C:\windows\System32\drivers\HidBatt.sys
11:39:30.0951 1724 HidBatt - ok
11:39:30.0958 1724 [ A25BAE8C1F2830C8E5625EC7E4E968BE ] HidBth C:\windows\System32\drivers\hidbth.sys
11:39:30.0960 1724 HidBth - ok
11:39:30.0992 1724 [ CC4A07E51D89575CAB6F4EB590D87CD4 ] hidi2c C:\windows\System32\drivers\hidi2c.sys
11:39:30.0994 1724 hidi2c - ok
11:39:31.0013 1724 [ DC96F7DACB777CDEAEF9958A50BFDA06 ] HidIr C:\windows\System32\drivers\hidir.sys
11:39:31.0015 1724 HidIr - ok
11:39:31.0026 1724 [ FAC37D7B3D6354A5A5E19A45B50B4008 ] hidserv C:\windows\system32\hidserv.dll
11:39:31.0028 1724 hidserv - ok
11:39:31.0051 1724 [ 590B6F71BCDA4368B4BF7D8DF22B60F7 ] HidUsb C:\windows\System32\drivers\hidusb.sys
11:39:31.0053 1724 HidUsb - ok
11:39:31.0073 1724 [ 43F884B61A24377567CD0FEB35236334 ] hkmsvc C:\windows\system32\kmsvc.dll
11:39:31.0078 1724 hkmsvc - ok
11:39:31.0134 1724 [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF ] HomeGroupListener C:\windows\system32\ListSvc.dll
11:39:31.0141 1724 HomeGroupListener - ok
11:39:31.0177 1724 [ E0D9F6FE18FA7F53ADD29AF719CE2B7E ] HomeGroupProvider C:\windows\system32\provsvc.dll
11:39:31.0183 1724 HomeGroupProvider - ok
11:39:31.0190 1724 [ 64DB7A8D97CA53DCCF93D0A1E08342CF ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
11:39:31.0194 1724 HpSAMD - ok
11:39:31.0258 1724 [ 29CB98187BB5711F7759540976D295FC ] HTTP C:\windows\system32\drivers\HTTP.sys
11:39:31.0274 1724 HTTP - ok
11:39:31.0281 1724 [ 2A98301068801700906C06649860FE94 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
11:39:31.0283 1724 hwpolicy - ok
11:39:31.0301 1724 [ DC76901D82097C9E297F20C287CB9A27 ] hyperkbd C:\windows\System32\drivers\hyperkbd.sys
11:39:31.0302 1724 hyperkbd - ok
11:39:31.0308 1724 [ 716413AB3CA12DE0A7222D28C1C9352C ] HyperVideo C:\windows\system32\DRIVERS\HyperVideo.sys
11:39:31.0309 1724 HyperVideo - ok
11:39:31.0330 1724 [ C9E9CBF73AFFBFE3E801EFB516787BA3 ] i8042prt C:\windows\System32\drivers\i8042prt.sys
11:39:31.0332 1724 i8042prt - ok
11:39:31.0382 1724 [ 050F2539E14F9D5E90A4B61738EC29BD ] iaStorA C:\windows\system32\drivers\iaStorA.sys
11:39:31.0388 1724 iaStorA - ok
11:39:31.0414 1724 [ 5E394EBD26FD68AA9300332C46BEDD62 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
11:39:31.0423 1724 iaStorV - ok
11:39:31.0453 1724 [ C430482AC892D52CED021EDDD4D368A2 ] iBtFltCoex C:\windows\system32\DRIVERS\iBtFltCoex.sys
11:39:31.0457 1724 iBtFltCoex - ok
11:39:31.0663 1724 [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\IPSDefs\20130222.001\IDSvia64.sys
11:39:31.0674 1724 IDSVia64 - ok
11:39:31.0864 1724 [ 28388795BDF79464E8FDADB127671734 ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
11:39:31.0970 1724 igfx - ok
11:39:31.0999 1724 [ 24847A06B84339FEEDE5CABF3D27D320 ] iirsp C:\windows\system32\drivers\iirsp.sys
11:39:32.0001 1724 iirsp - ok
11:39:32.0060 1724 [ 531B5A98145DA689741A0AC18F14EA94 ] IKEEXT C:\windows\System32\ikeext.dll
11:39:32.0082 1724 IKEEXT - ok
11:39:32.0090 1724 intaud_WaveExtensible - ok
11:39:32.0193 1724 [ 8524178B895E4BC04776B319DA3A70EC ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
11:39:32.0265 1724 IntcAzAudAddService - ok
11:39:32.0307 1724 [ F5495B38BFB9149925F54F65AB40EFBF ] IntcDAud C:\windows\system32\DRIVERS\IntcDAud.sys
11:39:32.0316 1724 IntcDAud - ok
11:39:32.0362 1724 [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
11:39:32.0369 1724 Intel® Capability Licensing Service Interface - ok
11:39:32.0436 1724 [ 30E9FAC23E2537D82F2836CB81AEE186 ] Intel® ME Service C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
11:39:32.0438 1724 Intel® ME Service - ok
11:39:32.0476 1724 [ 4F37726CF764CA18A8A84F85EF3A7F24 ] intelide C:\windows\system32\drivers\intelide.sys
11:39:32.0479 1724 intelide - ok
11:39:32.0501 1724 [ E15CDF68DD73423F15D4AC404793AF0D ] intelppm C:\windows\System32\drivers\intelppm.sys
11:39:32.0503 1724 intelppm - ok
11:39:32.0526 1724 [ 8FCA66234A0933D796BB780B7953BAB9 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
11:39:32.0529 1724 IpFilterDriver - ok
11:39:32.0576 1724 [ CAC5202757EF68C4849B0DFFA75F6D3C ] iphlpsvc C:\windows\System32\iphlpsvc.dll
11:39:32.0595 1724 iphlpsvc - ok
11:39:32.0601 1724 [ 6E98A046A12AA113F8898AA5D612BD6E ] IPMIDRV C:\windows\System32\drivers\IPMIDrv.sys
11:39:32.0603 1724 IPMIDRV - ok
11:39:32.0626 1724 [ 3969B9C218DD3FAA9F4ED2FFC3651C02 ] IPNAT C:\windows\system32\drivers\ipnat.sys
11:39:32.0628 1724 IPNAT - ok
11:39:32.0660 1724 [ 0F261EC4F514926177C70C1832374231 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
11:39:32.0667 1724 iPod Service - ok
11:39:32.0701 1724 [ 25CD7C4BB2863FFC2B0B311F0AEBF77C ] IRENUM C:\windows\system32\drivers\irenum.sys
11:39:32.0702 1724 IRENUM - ok
11:39:32.0708 1724 [ D940C5BB9DC92E588533C19ABCC3D2C2 ] isapnp C:\windows\system32\drivers\isapnp.sys
11:39:32.0710 1724 isapnp - ok
11:39:32.0752 1724 [ 69C8BF0BC2B0EA10F130F4D3104DC2EF ] iScsiPrt C:\windows\System32\drivers\msiscsi.sys
11:39:32.0760 1724 iScsiPrt - ok
11:39:32.0765 1724 iwdbus - ok
11:39:32.0805 1724 [ 3C4002D339491AF73D663FFC7F6E5ECB ] jhi_service C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
11:39:32.0807 1724 jhi_service - ok
11:39:32.0827 1724 [ 8FBD94B69D6423E20ABCD59D86368B21 ] kbdclass C:\windows\System32\drivers\kbdclass.sys
11:39:32.0829 1724 kbdclass - ok
11:39:32.0836 1724 [ E88C932ABDF8185A62C8F2FC7B051FB6 ] kbdhid C:\windows\System32\drivers\kbdhid.sys
11:39:32.0837 1724 kbdhid - ok
11:39:32.0842 1724 [ FB6C185092E18011EF49989425C2AA87 ] kdnic C:\windows\system32\DRIVERS\kdnic.sys
11:39:32.0844 1724 kdnic - ok
11:39:32.0864 1724 [ F702AB6181513303AB0FC8D59E52708B ] KeyIso C:\windows\system32\lsass.exe
11:39:32.0866 1724 KeyIso - ok
11:39:32.0909 1724 [ 07071C1E3CD8F0F9114AAC8B072CA1E5 ] KMWDFILTER C:\windows\System32\drivers\KMWDFILTER.sys
11:39:32.0912 1724 KMWDFILTER - ok
11:39:32.0925 1724 [ DFA480F6DED551464F3A5B959F437800 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
11:39:32.0929 1724 KSecDD - ok
11:39:32.0978 1724 [ 127FB0AAD232BAAD2C9BBACD374F4FC5 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
11:39:32.0983 1724 KSecPkg - ok
11:39:32.0990 1724 [ 81492FEEBF2F26455B00EE8DBAE8A1B0 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
11:39:32.0991 1724 ksthunk - ok
11:39:33.0027 1724 [ 5825DBACEDC3812B5CF8D40B997BF210 ] KtmRm C:\windows\system32\msdtckrm.dll
11:39:33.0036 1724 KtmRm - ok
11:39:33.0069 1724 [ 256EE31588257E8A555DBFAA13F1908E ] LanmanServer C:\windows\system32\srvsvc.dll
11:39:33.0079 1724 LanmanServer - ok
11:39:33.0110 1724 [ 16650912BE5A94B40E0B3B4C39652B56 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
11:39:33.0115 1724 LanmanWorkstation - ok
11:39:33.0130 1724 [ CEEFD29FC551F289810B0B9381B321DC ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
11:39:33.0133 1724 lltdio - ok
11:39:33.0169 1724 [ BCF53485E0A94722CDE3C4A93CD8EB8C ] lltdsvc C:\windows\System32\lltdsvc.dll
11:39:33.0178 1724 lltdsvc - ok
11:39:33.0192 1724 [ 5A2F7F1CBC2E631A497DAD16164E06D2 ] lmhosts C:\windows\System32\lmhsvc.dll
11:39:33.0194 1724 lmhosts - ok
11:39:33.0229 1724 [ 4269D44BB47A6DA5D80B11F4C8536458 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
11:39:33.0232 1724 LMS - ok
11:39:33.0253 1724 [ 022CDD12161B063D7852B1075BF3FFF2 ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
11:39:33.0256 1724 LSI_SAS - ok
11:39:33.0262 1724 [ 07AD59D669B996F29F91817F0ECFA34F ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
11:39:33.0264 1724 LSI_SAS2 - ok
11:39:33.0271 1724 [ 216FB796AA4E252ACCE93B1BCB80B5EC ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
11:39:33.0273 1724 LSI_SCSI - ok
11:39:33.0291 1724 [ 5E80530AF37102488EE980B4A92AF99F ] LSI_SSS C:\windows\system32\drivers\lsi_sss.sys
11:39:33.0294 1724 LSI_SSS - ok
11:39:33.0312 1724 [ 8FEFDCEE40B75FD23B4BC60DA6576113 ] LSM C:\windows\System32\lsm.dll
11:39:33.0323 1724 LSM - ok
11:39:33.0331 1724 [ 2BDC5D711FA61307CE6190D47C956368 ] luafv C:\windows\system32\drivers\luafv.sys
11:39:33.0335 1724 luafv - ok
11:39:33.0385 1724 [ 4A9258B9597A31DB68EC9740F3A8A70B ] MCLIENT C:\Program Files (x86)\Norton Management\Engine\3.2.0.19\ccSvcHst.exe
11:39:33.0387 1724 MCLIENT - ok
11:39:33.0394 1724 [ 9B0D829C3BE4E7472DB9DD2B79908E3C ] megasas C:\windows\system32\drivers\megasas.sys
11:39:33.0396 1724 megasas - ok
11:39:33.0414 1724 [ ECC3F54C7AFC318271C4F0B4606D8DB0 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
11:39:33.0419 1724 MegaSR - ok
11:39:33.0426 1724 [ 772A1DEEDFDBC244183B5C805D1B7D85 ] MEIx64 C:\windows\System32\drivers\HECIx64.sys
11:39:33.0429 1724 MEIx64 - ok
11:39:33.0455 1724 [ EEE908BE7143FCA48CF0CB87214E2AB8 ] MMCSS C:\windows\system32\mmcss.dll
11:39:33.0458 1724 MMCSS - ok
11:39:33.0465 1724 [ 780098AD5DA8A4822E2563984C85EF7B ] Modem C:\windows\system32\drivers\modem.sys
11:39:33.0466 1724 Modem - ok
11:39:33.0486 1724 [ 83EB0BF7E6EBD5B1AAC97F9DBD5EB935 ] monitor C:\windows\system32\DRIVERS\monitor.sys
11:39:33.0487 1724 monitor - ok
11:39:33.0494 1724 [ 618446B98C79776654340CE27C73485E ] mouclass C:\windows\System32\drivers\mouclass.sys
11:39:33.0495 1724 mouclass - ok
11:39:33.0501 1724 [ CB2527B8B87D83E56FBF3944BBB6F606 ] mouhid C:\windows\System32\drivers\mouhid.sys
11:39:33.0502 1724 mouhid - ok
11:39:33.0509 1724 [ 89D263DBF08119CE16273991C120D6DD ] mountmgr C:\windows\system32\drivers\mountmgr.sys
11:39:33.0511 1724 mountmgr - ok
11:39:33.0555 1724 [ 0D1609DD82C7440F5D5BF21A9D4D5C0C ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
11:39:33.0557 1724 mpsdrv - ok
11:39:33.0610 1724 [ 3031573A739DBEE8923851929D0AF423 ] MpsSvc C:\windows\system32\mpssvc.dll
11:39:33.0630 1724 MpsSvc - ok
11:39:33.0652 1724 [ 3D70147F55F1EC84EB9139ED7FFE48BC ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
11:39:33.0656 1724 MRxDAV - ok
11:39:33.0705 1724 [ 877D60D6E4156EC4A2E0B6871D41BED9 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
11:39:33.0715 1724 mrxsmb - ok
11:39:33.0738 1724 [ 06D5F2FA3C61E8EA91648EA8E9F99FD3 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
11:39:33.0742 1724 mrxsmb10 - ok
11:39:33.0764 1724 [ E078446D4B8622AA6030C7B8A1A08962 ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
11:39:33.0769 1724 mrxsmb20 - ok
11:39:33.0800 1724 [ 98487487D6B3797CA927E9D7B030AE13 ] MsBridge C:\windows\system32\DRIVERS\bridge.sys
11:39:33.0804 1724 MsBridge - ok
11:39:33.0839 1724 [ 4A07458EB4F17573BD39F22029A991C1 ] MSDTC C:\windows\System32\msdtc.exe
11:39:33.0845 1724 MSDTC - ok
11:39:33.0857 1724 [ 3886F1F2A4D2900ABAA7E4486BEEE6A2 ] Msfs C:\windows\system32\drivers\Msfs.sys
11:39:33.0858 1724 Msfs - ok
11:39:33.0889 1724 [ C9BFB0353099B071E70299549C18C8AE ] msgpiowin32 C:\windows\System32\drivers\msgpiowin32.sys
11:39:33.0891 1724 msgpiowin32 - ok
11:39:33.0913 1724 [ D3857A767B91A061B408CCAB02DA4F40 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
11:39:33.0915 1724 mshidkmdf - ok
11:39:33.0930 1724 [ 839B48910FB1E887635C48F3EC11A05E ] mshidumdf C:\windows\System32\drivers\mshidumdf.sys
11:39:33.0931 1724 mshidumdf - ok
11:39:33.0946 1724 [ 55C0DB741E3AB7463242B185B1C2997C ] msisadrv C:\windows\system32\drivers\msisadrv.sys
11:39:33.0947 1724 msisadrv - ok
11:39:33.0984 1724 [ 216C6B035A4BA5560E1255BD8E5BB89F ] MSiSCSI C:\windows\system32\iscsiexe.dll
11:39:33.0989 1724 MSiSCSI - ok
11:39:33.0995 1724 msiserver - ok
11:39:34.0016 1724 [ 509809566E49F4411055864EA8D437CD ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
11:39:34.0018 1724 MSKSSRV - ok
11:39:34.0032 1724 [ 63145201D6458E4958E572E7D6FC2604 ] MsLldp C:\windows\system32\DRIVERS\mslldp.sys
11:39:34.0036 1724 MsLldp - ok
11:39:34.0058 1724 [ 99D526E803DB6D7FF290FD98B6204641 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
11:39:34.0059 1724 MSPCLOCK - ok
11:39:34.0065 1724 [ 06FA77C3E2A491ADCD704C5E73006269 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
11:39:34.0066 1724 MSPQM - ok
11:39:34.0086 1724 [ E134EC4DE11CF78CB01432D180710D84 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
11:39:34.0094 1724 MsRPC - ok
11:39:34.0103 1724 [ B5AECF12F09DEE97C9FCAA5BA016CE1E ] mssmbios C:\windows\System32\drivers\mssmbios.sys
11:39:34.0105 1724 mssmbios - ok
11:39:34.0121 1724 [ 72D66A05E0F99F2528F6C6204FD22AA1 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
11:39:34.0122 1724 MSTEE - ok
11:39:34.0128 1724 [ 8AAAE399FC255FA105D4158CBA289001 ] MTConfig C:\windows\System32\drivers\MTConfig.sys
11:39:34.0129 1724 MTConfig - ok
11:39:34.0136 1724 [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A ] Mup C:\windows\system32\Drivers\mup.sys
11:39:34.0139 1724 Mup - ok
11:39:34.0146 1724 [ 3A1E095277BBD406CEA8EA6B76950664 ] mvumis C:\windows\system32\drivers\mvumis.sys
11:39:34.0147 1724 mvumis - ok
11:39:34.0179 1724 [ D8C1FE237762249C879760E7F3ABFC1F ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
11:39:34.0183 1724 MyWiFiDHCPDNS - ok
11:39:34.0212 1724 [ 4B18840511D720BA118D3017E8165875 ] napagent C:\windows\system32\qagentRT.dll
11:39:34.0222 1724 napagent - ok
11:39:34.0248 1724 [ 43D7388A90A4C6EA346A4D6FF0377479 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
11:39:34.0254 1724 NativeWifiP - ok
11:39:34.0356 1724 [ 88A2F45CE66B904285978D6BB13AFEB2 ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\VirusDefs\20130222.024\ENG64.SYS
11:39:34.0360 1724 NAVENG - ok
11:39:34.0430 1724 [ D2A545DA3A90BBFA40E020C23F1B7A48 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\VirusDefs\20130222.024\EX64.SYS
11:39:34.0468 1724 NAVEX15 - ok
11:39:34.0508 1724 [ 6A0C3996DA7DAE6D6939676D786EEEC4 ] NcaSvc C:\windows\System32\ncasvc.dll
11:39:34.0514 1724 NcaSvc - ok
11:39:34.0539 1724 [ C982FE4CC91DECE2259F494FCEB4030F ] NcdAutoSetup C:\windows\System32\NcdAutoSetup.dll
11:39:34.0543 1724 NcdAutoSetup - ok
11:39:34.0597 1724 [ 0F89AE618DBA5D8AB7A2DFCC375F4159 ] NDIS C:\windows\system32\drivers\ndis.sys
11:39:34.0617 1724 NDIS - ok
11:39:34.0652 1724 [ 39C8A1D9D46F5E83A016BCAB72455284 ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
11:39:34.0654 1724 NdisCap - ok
11:39:34.0676 1724 [ 762941932B7E4C588E48A577BA9D6440 ] NdisImPlatform C:\windows\system32\DRIVERS\NdisImPlatform.sys
11:39:34.0678 1724 NdisImPlatform - ok
11:39:34.0715 1724 [ 7A6F8A6D0E01432EBA294EF29CDD0FA7 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
11:39:34.0717 1724 NdisTapi - ok
11:39:34.0739 1724 [ 79AB68BB3FFF974AD4F41FA559F4EC67 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
11:39:34.0741 1724 Ndisuio - ok
11:39:34.0749 1724 [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
11:39:34.0751 1724 NdisWan - ok
11:39:34.0758 1724 [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NDISWANLEGACY C:\windows\system32\DRIVERS\ndiswan.sys
11:39:34.0760 1724 NDISWANLEGACY - ok
11:39:34.0774 1724 [ CE6EBC0AD38CC6482D8FBB744FF15CE2 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
11:39:34.0777 1724 NDProxy - ok
11:39:34.0785 1724 [ D3F60A4345FCA9C1BE68AD7D0D6DE770 ] Ndu C:\windows\system32\drivers\Ndu.sys
11:39:34.0788 1724 Ndu - ok
11:39:34.0794 1724 [ 7C203A76394F9AE68F69EEE5F9612C4A ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
11:39:34.0795 1724 NetBIOS - ok
11:39:34.0815 1724 [ 7CEC25C682D319D484630B3952C31A11 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
11:39:34.0820 1724 NetBT - ok
11:39:34.0838 1724 [ F702AB6181513303AB0FC8D59E52708B ] Netlogon C:\windows\system32\lsass.exe
11:39:34.0840 1724 Netlogon - ok
11:39:34.0878 1724 [ 89519D29CBEC2121CA65CC29C4D345E0 ] Netman C:\windows\System32\netman.dll
11:39:34.0886 1724 Netman - ok
11:39:34.0906 1724 [ 20F6FD63E6D456114BC8056D62792786 ] netprofm C:\windows\System32\netprofmsvc.dll
11:39:34.0918 1724 netprofm - ok
11:39:34.0980 1724 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:39:34.0982 1724 NetTcpPortSharing - ok
11:39:35.0101 1724 [ 8CEF52F56EE6E9C4DDD374CE8E2E3DC6 ] NETwNe64 C:\windows\system32\DRIVERS\NETwew00.sys
11:39:35.0142 1724 NETwNe64 - ok
11:39:35.0165 1724 [ 12DD2800E4EEA37DC9AE256AD62423B4 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
11:39:35.0168 1724 nfrd960 - ok
11:39:35.0284 1724 [ 4BA84C832E0741A294C4444556DFE993 ] NIS C:\Program Files (x86)\Norton Internet Security\Engine\20.2.1.22\ccSvcHst.exe
11:39:35.0286 1724 NIS - ok
11:39:35.0322 1724 [ 80ABCD4C2DE9FD832477303AE0CA3BE5 ] NlaSvc C:\windows\System32\nlasvc.dll
11:39:35.0332 1724 NlaSvc - ok
11:39:35.0450 1724 [ EC6B98656770A0441C14BB86FEFC90AE ] NOBU C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
11:39:35.0512 1724 NOBU - ok
11:39:35.0545 1724 [ 17E19A742FB30C002F8B43575451DBE1 ] Npfs C:\windows\system32\drivers\Npfs.sys
11:39:35.0547 1724 Npfs - ok
11:39:35.0552 1724 [ 8ED299C30792544264E558BEA79F0947 ] npsvctrig C:\windows\System32\drivers\npsvctrig.sys
11:39:35.0554 1724 npsvctrig - ok
11:39:35.0579 1724 [ 832B5FDF0B5577713FD7F2465FCD0ACE ] nsi C:\windows\system32\nsisvc.dll
11:39:35.0582 1724 nsi - ok
11:39:35.0588 1724 [ 689B3B1E95C70ABF7AFF29F9406EF1E0 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
11:39:35.0589 1724 nsiproxy - ok
11:39:35.0632 1724 [ 4A7EEA9C4AD5CBFDA3C0E5B821C99CAD ] Ntfs C:\windows\system32\drivers\Ntfs.sys
11:39:35.0651 1724 Ntfs - ok
11:39:35.0668 1724 [ 4163ADE07DB51843AE31F65B94F5398D ] Null C:\windows\system32\drivers\Null.sys
11:39:35.0670 1724 Null - ok
11:39:35.0924 1724 [ FE2909F7DFB12B9A20AD207FE23B7E96 ] nvlddmkm C:\windows\system32\DRIVERS\nvlddmkm.sys
11:39:36.0033 1724 nvlddmkm - ok
11:39:36.0059 1724 [ 54C7D4E3A31888FA4BE822F506FE905B ] nvpciflt C:\windows\system32\DRIVERS\nvpciflt.sys
11:39:36.0062 1724 nvpciflt - ok
11:39:36.0084 1724 [ D6D34118263412D3AAA8348A9572B7F2 ] nvraid C:\windows\system32\drivers\nvraid.sys
11:39:36.0087 1724 nvraid - ok
11:39:36.0094 1724 [ 27AFC428D1D32ABD04A86763A4EDDEA9 ] nvstor C:\windows\system32\drivers\nvstor.sys
11:39:36.0097 1724 nvstor - ok
11:39:36.0149 1724 [ 3341D2C91989BC87C3C0BAA97C27253B ] nvsvc C:\windows\system32\nvvsvc.exe
11:39:36.0159 1724 nvsvc - ok
11:39:36.0216 1724 [ 551CE34DAD2DFF0A480781E68B286E4D ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
11:39:36.0228 1724 nvUpdatusService - ok
11:39:36.0244 1724 [ 051CFB5107BAAE510419BDC41F8C4036 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
11:39:36.0246 1724 nv_agp - ok
11:39:36.0311 1724 [ 4965B005492CBA7719E82B71E3245495 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:39:36.0313 1724 ose64 - ok
11:39:36.0488 1724 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:39:36.0568 1724 osppsvc - ok
11:39:36.0608 1724 [ AB76700D764A342D7475FB8F47CAB18C ] p2pimsvc C:\windows\system32\pnrpsvc.dll
11:39:36.0618 1724 p2pimsvc - ok
11:39:36.0643 1724 [ 4319FD931DCD796435ECB5DB4A04FBA5 ] p2psvc C:\windows\system32\p2psvc.dll
11:39:36.0655 1724 p2psvc - ok
11:39:36.0685 1724 [ 4563DAF8C6A740AD7F501E219BD10766 ] Parport C:\windows\System32\drivers\parport.sys
11:39:36.0687 1724 Parport - ok
11:39:36.0709 1724 [ C1D7BA7F0DE487DFEEB51BF8D3EC5562 ] partmgr C:\windows\system32\drivers\partmgr.sys
11:39:36.0712 1724 partmgr - ok
11:39:36.0797 1724 [ 4811D9EC53649105A5A8BEA661B0F936 ] PcaSvc C:\windows\System32\pcasvc.dll
11:39:36.0808 1724 PcaSvc - ok
11:39:36.0818 1724 [ 4A003E8F718C1E6A2050CA98CD53E3E2 ] pci C:\windows\system32\drivers\pci.sys
11:39:36.0821 1724 pci - ok
11:39:36.0836 1724 [ F9908D274D458220F91E89B54D78D837 ] pciide C:\windows\system32\drivers\pciide.sys
11:39:36.0837 1724 pciide - ok
11:39:36.0853 1724 [ 84D19CB6102627932DCB5DFDF89FE269 ] pcmcia C:\windows\system32\drivers\pcmcia.sys
11:39:36.0857 1724 pcmcia - ok
11:39:36.0863 1724 [ CEBBAD5391C2644560C55628A40BFD27 ] pcw C:\windows\system32\drivers\pcw.sys
11:39:36.0865 1724 pcw - ok
11:39:36.0905 1724 [ EF9B4F3136B4C45F421ADE6871659FB6 ] pdc C:\windows\system32\drivers\pdc.sys
11:39:36.0909 1724 pdc - ok
11:39:36.0937 1724 [ 70DBB6A8B52B3830922F1C5789E1BEEB ] PEAUTH C:\windows\system32\drivers\peauth.sys
11:39:36.0946 1724 PEAUTH - ok
11:39:37.0056 1724 [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A ] PerfHost C:\windows\SysWow64\perfhost.exe
11:39:37.0059 1724 PerfHost - ok
11:39:37.0124 1724 [ 6E84BFF58F7643499277F29DFA2F8C8D ] pla C:\windows\system32\pla.dll
11:39:37.0145 1724 pla - ok
11:39:37.0172 1724 [ 799BE46D45D486704CE0F37CA5385262 ] PlugPlay C:\windows\system32\umpnpmgr.dll
11:39:37.0177 1724 PlugPlay - ok
11:39:37.0195 1724 [ 8E2414E818C26C4A9C70CB2B8567F04F ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
11:39:37.0199 1724 PNRPAutoReg - ok
11:39:37.0218 1724 [ AB76700D764A342D7475FB8F47CAB18C ] PNRPsvc C:\windows\system32\pnrpsvc.dll
11:39:37.0224 1724 PNRPsvc - ok
11:39:37.0256 1724 [ 0108C8E5176D590F242701EF5A62CC26 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
11:39:37.0268 1724 PolicyAgent - ok
11:39:37.0302 1724 [ F1E067F56373F11EA4B785CAE823740A ] Power C:\windows\system32\umpo.dll
11:39:37.0308 1724 Power - ok
11:39:37.0343 1724 [ 362D47E5B4D67270DE4B8606036F4ADD ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
11:39:37.0346 1724 PptpMiniport - ok
11:39:37.0459 1724 [ C2D3B3D0060619D5E03E696BD56FF59F ] PrintNotify C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
11:39:37.0494 1724 PrintNotify - ok
11:39:37.0518 1724 [ DD979EB6A7212F60E4AFBE96EDC7AE6D ] Processor C:\windows\System32\drivers\processr.sys
11:39:37.0522 1724 Processor - ok
11:39:37.0559 1724 [ 429E8502AD2227CF88F8840FC5BD590D ] ProfSvc C:\windows\system32\profsvc.dll
11:39:37.0567 1724 ProfSvc - ok
11:39:37.0586 1724 [ EB8034147D4820CD31BFCB11A2A652DF ] Psched C:\windows\system32\DRIVERS\pacer.sys
11:39:37.0588 1724 Psched - ok
11:39:37.0609 1724 [ 0AFBF333B6F87A2F598EAB379AF100B8 ] QWAVE C:\windows\system32\qwave.dll
11:39:37.0616 1724 QWAVE - ok
11:39:37.0652 1724 [ 13D47BB0CCA2FC51BD15F8E85C6A078E ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
11:39:37.0654 1724 QWAVEdrv - ok
11:39:37.0681 1724 [ 194ED3C117525613E701FF257882303E ] RadioHIDMini C:\windows\System32\drivers\RadioHIDMini.sys
11:39:37.0683 1724 RadioHIDMini - ok
11:39:37.0699 1724 [ 873C60F8178100557740A832FCE10B5F ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
11:39:37.0702 1724 RasAcd - ok
11:39:37.0729 1724 [ 69B93F623B130976243ECA3D84CC99CA ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
11:39:37.0731 1724 RasAgileVpn - ok
11:39:37.0746 1724 [ 005F6E54C4A2DA4EBF68FB0392CE8BB0 ] RasAuto C:\windows\System32\rasauto.dll
11:39:37.0751 1724 RasAuto - ok
11:39:37.0775 1724 [ A14D625C5AEE5FFE0F47D1A1D419FAAE ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
11:39:37.0777 1724 Rasl2tp - ok
11:39:37.0808 1724 [ C923C785A2DE0B396AD6D13ACAFF2DE9 ] RasMan C:\windows\System32\rasmans.dll
11:39:37.0816 1724 RasMan - ok
11:39:37.0823 1724 [ 00695B9C2DB6111064499C529E90C042 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
11:39:37.0825 1724 RasPppoe - ok
11:39:37.0831 1724 [ A7F24D8CD1956B0A1FDCB86CC5114DE4 ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
11:39:37.0833 1724 RasSstp - ok
11:39:37.0863 1724 [ B72C33DBD5326B3864CF2091AF8B906B ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
11:39:37.0869 1724 rdbss - ok
11:39:37.0877 1724 [ CA7DF5EC95D8DE0DD24BE7FF97369F68 ] rdpbus C:\windows\System32\drivers\rdpbus.sys
11:39:37.0878 1724 rdpbus - ok
11:39:37.0905 1724 [ B2A3AD74FF2E2FFA73AF2567108231B3 ] RDPDR C:\windows\system32\drivers\rdpdr.sys
11:39:37.0910 1724 RDPDR - ok
11:39:37.0962 1724 [ 57F4787E4602A3FCA719C0A33137C6DA ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
11:39:37.0965 1724 RdpVideoMiniport - ok
11:39:37.0997 1724 [ B3CB0721E81E30419CE7D837EF4EA151 ] RDPWD C:\windows\system32\drivers\RDPWD.sys
11:39:38.0000 1724 RDPWD - ok
11:39:38.0009 1724 [ 62C1F8A0685FE07E998AA296C4F697C4 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
11:39:38.0012 1724 rdyboost - ok
11:39:38.0115 1724 [ A0FF419B61AE47E26ADF3BB15DB4F2FE ] RealNetworks Downloader Resolver Service C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
11:39:38.0116 1724 RealNetworks Downloader Resolver Service - ok
11:39:38.0199 1724 [ 695C4AC7D0B5002040C7540364C43940 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
11:39:38.0201 1724 RegSrvc - ok
11:39:38.0235 1724 [ 3663CCF243EE0C04E9F6F91ED1737273 ] RemoteAccess C:\windows\System32\mprdim.dll
11:39:38.0241 1724 RemoteAccess - ok
11:39:38.0275 1724 [ E80DD61E52EDFFF9DA1ED7260A68855B ] RemoteRegistry C:\windows\system32\regsvc.dll
11:39:38.0281 1724 RemoteRegistry - ok
11:39:38.0309 1724 [ 17EF582CBC4809F96B9E6D0543480763 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
11:39:38.0312 1724 RFCOMM - ok
11:39:38.0345 1724 [ 73F2E030B5C24E4E41401B5F0D59E6FD ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
11:39:38.0350 1724 RpcEptMapper - ok
11:39:38.0378 1724 [ 10B21284B3D964AB3DC45490E57D422E ] RpcLocator C:\windows\system32\locator.exe
11:39:38.0381 1724 RpcLocator - ok
11:39:38.0411 1724 [ 1EC6E533C954BDDF2A37E7851A7E58FD ] RpcSs C:\windows\system32\rpcss.dll
11:39:38.0421 1724 RpcSs - ok
11:39:38.0450 1724 [ E04E770DD198B9399640717145E79EBF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
11:39:38.0451 1724 rspndr - ok
11:39:38.0502 1724 [ 7D9DA8EC6784A9EE213C676709D46BE6 ] RTL8168 C:\windows\system32\DRIVERS\Rt630x64.sys
11:39:38.0510 1724 RTL8168 - ok
11:39:38.0613 1724 [ 4CA0DBA9E224473D664C25E411F5A3BD ] rtport C:\windows\SysWOW64\drivers\rtport.sys
11:39:38.0615 1724 rtport - ok
11:39:38.0646 1724 [ 752EC7DCD2F96871A3857EEE6AFE965A ] s3cap C:\windows\System32\drivers\vms3cap.sys
11:39:38.0647 1724 s3cap - ok
11:39:38.0666 1724 [ F702AB6181513303AB0FC8D59E52708B ] SamSs C:\windows\system32\lsass.exe
11:39:38.0668 1724 SamSs - ok
11:39:38.0672 1724 SBIOSIO - ok
11:39:38.0689 1724 [ 9C7B28CE0D136DB226E24DB3BC817F92 ] sbp2port C:\windows\system32\drivers\sbp2port.sys
11:39:38.0693 1724 sbp2port - ok
11:39:38.0748 1724 [ 14316954FCE79C9DE5A0AFF9D42C83AA ] SCardSvr C:\windows\System32\SCardSvr.dll
11:39:38.0755 1724 SCardSvr - ok
11:39:38.0771 1724 [ 5D7733A12756B267FCA021672B26BC9E ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
11:39:38.0772 1724 scfilter - ok
11:39:38.0811 1724 [ EDCDF4DB82EF825B94B190D544C8C58B ] Schedule C:\windows\system32\schedsvc.dll
11:39:38.0837 1724 Schedule - ok
11:39:38.0878 1724 [ BAF8F0F55BC300E5F882E521F054E345 ] SCPolicySvc C:\windows\System32\certprop.dll
11:39:38.0880 1724 SCPolicySvc - ok
11:39:38.0927 1724 [ 66E29CADF9FF6C8325C356BDD617F7EA ] sdbus C:\windows\System32\drivers\sdbus.sys
11:39:38.0930 1724 sdbus - ok
11:39:38.0951 1724 [ 92968277ED491E4B3DDA361E3952361E ] SDRSVC C:\windows\System32\SDRSVC.dll
11:39:38.0957 1724 SDRSVC - ok
11:39:38.0992 1724 [ BB107AA9980B0DA4E19A3A90C3BD4460 ] sdstor C:\windows\System32\drivers\sdstor.sys
11:39:38.0996 1724 sdstor - ok
11:39:39.0028 1724 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
11:39:39.0029 1724 secdrv - ok
11:39:39.0063 1724 [ CD282626738B6BC92B6E7CD0AAE95B63 ] seclogon C:\windows\system32\seclogon.dll
11:39:39.0067 1724 seclogon - ok
11:39:39.0092 1724 [ 9C51620998F0763039DFA6BF68E475ED ] SENS C:\windows\System32\sens.dll
11:39:39.0096 1724 SENS - ok
11:39:39.0132 1724 [ DDA4CAF29D8C0A297F886BFE561E6659 ] SensorsAlsDriver C:\windows\system32\DRIVERS\WUDFRd.sys
11:39:39.0135 1724 SensorsAlsDriver - ok
11:39:39.0152 1724 [ 0D50B4B860DAB65241628D04CD33ACAE ] SensrSvc C:\windows\system32\sensrsvc.dll
11:39:39.0160 1724 SensrSvc - ok
11:39:39.0184 1724 [ 87C46B239A7EEF30FDFDD5E9BD46130C ] SerCx C:\windows\system32\drivers\SerCx.sys
11:39:39.0186 1724 SerCx - ok
11:39:39.0191 1724 [ 7A1F9347C85FD55E39B8A76B3A25C5AD ] Serenum C:\windows\System32\drivers\serenum.sys
11:39:39.0193 1724 Serenum - ok
11:39:39.0199 1724 [ F640A0A218BBF857F1D04A15D7D939F6 ] Serial C:\windows\System32\drivers\serial.sys
11:39:39.0201 1724 Serial - ok
11:39:39.0206 1724 [ F1A5F56B2620B862CC28FF96A0A6DAAB ] sermouse C:\windows\System32\drivers\sermouse.sys
11:39:39.0208 1724 sermouse - ok
11:39:39.0246 1724 [ CB60A60340788C8D6DE2A269D28086AB ] SessionEnv C:\windows\system32\sessenv.dll
11:39:39.0253 1724 SessionEnv - ok
11:39:39.0259 1724 [ 7EE65419B29302C795714FF8073969A1 ] sfloppy C:\windows\System32\drivers\sfloppy.sys
11:39:39.0260 1724 sfloppy - ok
11:39:39.0300 1724 [ 090AE16F79C8EAD04E6031F863DA85F3 ] SharedAccess C:\windows\System32\ipnathlp.dll
11:39:39.0309 1724 SharedAccess - ok
11:39:39.0367 1724 [ A77F3ABE13FCC698511E5DEC7ACEBD5F ] ShellHWDetection C:\windows\System32\shsvcs.dll
11:39:39.0381 1724 ShellHWDetection - ok
11:39:39.0387 1724 [ 2560721D6F16D5B611C36A3A9D28C1B2 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
11:39:39.0389 1724 SiSRaid2 - ok
11:39:39.0411 1724 [ 3AA8FDE1DBF65BB8B88B053529554A0D ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
11:39:39.0415 1724 SiSRaid4 - ok
11:39:39.0432 1724 [ E660156A4588A84305CB772FD2C0DB21 ] SNMPTRAP C:\windows\System32\snmptrap.exe
11:39:39.0436 1724 SNMPTRAP - ok
11:39:39.0454 1724 [ 465F3C355CE5ED2779B8F460F14C5A78 ] spaceport C:\windows\system32\drivers\spaceport.sys
11:39:39.0458 1724 spaceport - ok
11:39:39.0471 1724 [ 3D8679C8DF52EB26EB7583A4E0A29202 ] SpbCx C:\windows\system32\drivers\SpbCx.sys
11:39:39.0476 1724 SpbCx - ok
11:39:39.0503 1724 [ 3F215BF2D4D8D6756298B25B579772C2 ] Spooler C:\windows\System32\spoolsv.exe
11:39:39.0513 1724 Spooler - ok
11:39:39.0614 1724 [ EC84D961501054F87A6878EC5D53388F ] sppsvc C:\windows\system32\sppsvc.exe
11:39:39.0701 1724 sppsvc - ok
11:39:39.0744 1724 [ D6AB7C13FCDD2E4CAC35244D2C172D9A ] sptd C:\windows\System32\Drivers\sptd.sys
11:39:39.0757 1724 sptd - ok
11:39:39.0859 1724 [ 3510E7021D2637A67FBCB5105EAE945D ] SRTSP C:\windows\System32\Drivers\NISx64\1402010.016\SRTSP64.SYS
11:39:39.0868 1724 SRTSP - ok
11:39:39.0889 1724 [ 1B884D876E87EABF5A3356BBD7321412 ] SRTSPX C:\windows\system32\drivers\NISx64\1402010.016\SRTSPX64.SYS
11:39:39.0891 1724 SRTSPX - ok
11:39:39.0915 1724 [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6 ] srv C:\windows\system32\DRIVERS\srv.sys
11:39:39.0921 1724 srv - ok
11:39:39.0975 1724 [ C2106BB710AA34A046126AED7BCA6964 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
11:39:39.0982 1724 srv2 - ok
11:39:39.0991 1724 [ 9400C71F5A1A380B494B6922F007D485 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
11:39:39.0995 1724 srvnet - ok
11:39:40.0027 1724 [ 7A20882D76D4A78240A5AC9F2C2EBA21 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
11:39:40.0036 1724 SSDPSRV - ok
11:39:40.0043 1724 [ D233B16999A8E626F6004BD7814C57EC ] SstpSvc C:\windows\system32\sstpsvc.dll
11:39:40.0047 1724 SstpSvc - ok
11:39:40.0139 1724 [ E5C796B621F6FBA8616511063D7F0FFE ] StarWindServiceAE C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
11:39:40.0143 1724 StarWindServiceAE - ok
11:39:40.0180 1724 Steam Client Service - ok
11:39:40.0216 1724 [ 4E85355B94CFCB67C135F6521A4895A7 ] stexstor C:\windows\system32\drivers\stexstor.sys
11:39:40.0218 1724 stexstor - ok
11:39:40.0263 1724 [ BAC8A721736AECC55A4F71523AEAB65F ] stisvc C:\windows\System32\wiaservc.dll
11:39:40.0277 1724 stisvc - ok
11:39:40.0284 1724 [ C588BBD37B432CE3204E5765B459E6B2 ] storahci C:\windows\system32\drivers\storahci.sys
11:39:40.0285 1724 storahci - ok
11:39:40.0300 1724 [ F74DBC95A57B1EE866D3732EB5F79BE2 ] storflt C:\windows\system32\DRIVERS\vmstorfl.sys
11:39:40.0302 1724 storflt - ok
11:39:40.0323 1724 [ 5337E138B49ED1F44CCBA4073BC35C20 ] StorSvc C:\windows\system32\storsvc.dll
11:39:40.0328 1724 StorSvc - ok
11:39:40.0344 1724 [ 543CD3CC0E05B8D8815E0D4F040B6F59 ] storvsc C:\windows\system32\drivers\storvsc.sys
11:39:40.0346 1724 storvsc - ok
11:39:40.0362 1724 [ 8BC1C1ED6EF9C985A3FAA6A72F41679A ] svsvc C:\windows\system32\svsvc.dll
11:39:40.0366 1724 svsvc - ok
11:39:40.0380 1724 [ 4AFD66AAE74FFB5986BC240744DC5FC9 ] swenum C:\windows\System32\drivers\swenum.sys
11:39:40.0381 1724 swenum - ok
11:39:40.0410 1724 [ 502F9488540051F3E6C39889ECFA76BB ] swprv C:\windows\System32\swprv.dll
11:39:40.0422 1724 swprv - ok
11:39:40.0455 1724 SWUpdateService - ok
11:39:40.0510 1724 [ 777217682DA76337E8E6EC8AC4412B9B ] SymDS C:\windows\system32\drivers\NISx64\1402010.016\SYMDS64.SYS
11:39:40.0521 1724 SymDS - ok
11:39:40.0556 1724 [ 64D1AF3D04E70A681154FFF1893848F6 ] SymEFA C:\windows\system32\drivers\NISx64\1402010.016\SYMEFA64.SYS
11:39:40.0578 1724 SymEFA - ok
11:39:40.0623 1724 [ 42947647F71E9EF2167B42B372F1DDB7 ] SymELAM C:\windows\system32\drivers\NISx64\1402010.016\SymELAM.sys
11:39:40.0625 1724 SymELAM - ok
11:39:40.0661 1724 [ F5D6D3B7468C46EA2DDC1D19D2A6DA0F ] SymEvent C:\windows\system32\Drivers\SYMEVENT64x86.SYS
11:39:40.0664 1724 SymEvent - ok
11:39:40.0709 1724 [ ADF37F1A715D6C56C8E065FD8569A9A4 ] SymIRON C:\windows\system32\drivers\NISx64\1402010.016\Ironx64.SYS
11:39:40.0716 1724 SymIRON - ok
11:39:40.0761 1724 [ 1605EBD8CB86AFC4430116065995279A ] SymNetS C:\windows\System32\Drivers\NISx64\1402010.016\SYMNETS.SYS
11:39:40.0771 1724 SymNetS - ok
11:39:40.0851 1724 [ DC21E1F06343773D7E24362DCEF7944B ] SysMain C:\windows\system32\sysmain.dll
11:39:40.0877 1724 SysMain - ok
11:39:40.0900 1724 [ E219BF7BCCFE4881B0C053C7E0B47ECC ] SystemEventsBroker C:\windows\System32\SystemEventsBrokerServer.dll
11:39:40.0908 1724 SystemEventsBroker - ok
11:39:40.0928 1724 [ A6C06C45C44AD06C70AF8899AEC15BDC ] TabletInputService C:\windows\System32\TabSvc.dll
11:39:40.0933 1724 TabletInputService - ok
11:39:40.0953 1724 [ 88B7721AB551C4325036B25A34A2BF7B ] TapiSrv C:\windows\System32\tapisrv.dll
11:39:40.0961 1724 TapiSrv - ok
11:39:41.0026 1724 [ 1D644E2D0FC395A055AB1C23C3B43631 ] Tcpip C:\windows\system32\drivers\tcpip.sys
11:39:41.0067 1724 Tcpip - ok
11:39:41.0105 1724 [ 1D644E2D0FC395A055AB1C23C3B43631 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
11:39:41.0126 1724 TCPIP6 - ok
11:39:41.0157 1724 [ 8F2A13A5DF99D72FDDE87F502A66F989 ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
11:39:41.0159 1724 tcpipreg - ok
11:39:41.0168 1724 [ 73DC722CE5DF26D7638CE2446F2655C7 ] tdx C:\windows\system32\DRIVERS\tdx.sys
11:39:41.0170 1724 tdx - ok
11:39:41.0186 1724 [ F7C8AB5D8AFFAA318D6A21093D139BF4 ] terminpt C:\windows\System32\drivers\terminpt.sys
11:39:41.0188 1724 terminpt - ok
11:39:41.0232 1724 [ 541EE228D0DEF392F7B2DFD885DD021B ] TermService C:\windows\System32\termsrv.dll
11:39:41.0245 1724 TermService - ok
11:39:41.0263 1724 [ 519A6F672FFF56B7D8EE8C730CEC8ECD ] Themes C:\windows\system32\themeservice.dll
11:39:41.0268 1724 Themes - ok
11:39:41.0287 1724 [ EEE908BE7143FCA48CF0CB87214E2AB8 ] THREADORDER C:\windows\system32\mmcss.dll
11:39:41.0290 1724 THREADORDER - ok
11:39:41.0323 1724 [ FF4135424A79DCC2998276D8E39C9B4D ] TimeBroker C:\windows\System32\TimeBrokerServer.dll
11:39:41.0330 1724 TimeBroker - ok
11:39:41.0360 1724 [ B44EFE254C0B3719E4037088D24FE4B5 ] TPM C:\windows\system32\drivers\tpm.sys
11:39:41.0365 1724 TPM - ok
11:39:41.0385 1724 [ 8C8CF3041B27E7657ADD0EE17F6DBFCA ] TrkWks C:\windows\System32\trkwks.dll
11:39:41.0389 1724 TrkWks - ok
11:39:41.0443 1724 [ 8D516AEF3C1DF980664CF17BB1FF6093 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
11:39:41.0445 1724 TrustedInstaller - ok
11:39:41.0479 1724 [ 4E7C5FB10A50435523DE0CAA37DE2BD3 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
11:39:41.0482 1724 TsUsbFlt - ok
11:39:41.0489 1724 [ 16D684A820872EE54F6370703AC0B513 ] TsUsbGD C:\windows\System32\drivers\TsUsbGD.sys
11:39:41.0490 1724 TsUsbGD - ok
11:39:41.0505 1724 [ 78C9EE193AC2B4CBDBC48B620314D740 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
11:39:41.0508 1724 tunnel - ok
11:39:41.0529 1724 [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A ] uagp35 C:\windows\system32\drivers\uagp35.sys
11:39:41.0533 1724 uagp35 - ok
11:39:41.0540 1724 [ 6FD6D03B7752C78712E5CFF29A305026 ] UASPStor C:\windows\System32\drivers\uaspstor.sys
11:39:41.0544 1724 UASPStor - ok
11:39:41.0590 1724 [ 1ED222DFE6C13DA50FE081ABF90CAFE1 ] UCX01000 C:\windows\System32\drivers\ucx01000.sys
11:39:41.0597 1724 UCX01000 - ok
11:39:41.0616 1724 [ DC5A461591C71AF7F19DC048A81E3F88 ] udfs C:\windows\system32\DRIVERS\udfs.sys
11:39:41.0624 1724 udfs - ok
11:39:41.0657 1724 [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D ] UI0Detect C:\windows\system32\UI0Detect.exe
11:39:41.0662 1724 UI0Detect - ok
11:39:41.0668 1724 [ 07FEBCDF24FABA0D47B635D85A0FFB7A ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
11:39:41.0670 1724 uliagpkx - ok
11:39:41.0676 1724 [ 02CEB3FE6152668A7BA420B93B664860 ] umbus C:\windows\System32\drivers\umbus.sys
11:39:41.0677 1724 umbus - ok
11:39:41.0682 1724 [ 991EE6B5FC41EAEF99C8AF5B92F2CA09 ] UmPass C:\windows\System32\drivers\umpass.sys
11:39:41.0684 1724 UmPass - ok
11:39:41.0709 1724 [ 43FEFB040A0CC30F795FBF544169594D ] UmRdpService C:\windows\System32\umrdp.dll
11:39:41.0715 1724 UmRdpService - ok
11:39:41.0796 1724 [ DBE2E6388379D5CC78099650541E9566 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
11:39:41.0801 1724 UNS - ok
11:39:41.0824 1724 [ 14D22C411854AA2560AFC94CD2D5E61F ] upnphost C:\windows\System32\upnphost.dll
11:39:41.0831 1724 upnphost - ok
11:39:41.0837 1724 usb3Hub - ok
11:39:41.0888 1724 [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64 C:\windows\System32\Drivers\usbaapl64.sys
11:39:41.0891 1724 USBAAPL64 - ok
11:39:41.0921 1724 [ 3FBE0784E42E7BA93FCC5201D2BAFE23 ] usbaudio C:\windows\system32\drivers\usbaudio.sys
11:39:41.0923 1724 usbaudio - ok
11:39:41.0939 1724 [ 2AF9F0E16D75B8F783A1ACE74EF51C9B ] usbccgp C:\windows\System32\drivers\usbccgp.sys
11:39:41.0941 1724 usbccgp - ok
11:39:41.0977 1724 [ B395B62B62F28106218FA6FB17F4C797 ] usbcir C:\windows\System32\drivers\usbcir.sys
11:39:41.0980 1724 usbcir - ok
11:39:42.0021 1724 [ 52F267AEE8CA5AA5CEB88C6A71EE1E86 ] usbehci C:\windows\System32\drivers\usbehci.sys
11:39:42.0023 1724 usbehci - ok
11:39:42.0073 1724 [ FBB6794E3BBAD92D66D59D206C1F849F ] usbhub C:\windows\System32\drivers\usbhub.sys
11:39:42.0079 1724 usbhub - ok
11:39:42.0117 1724 [ B7A948501424805571BF562BB0BFE31D ] USBHUB3 C:\windows\System32\drivers\UsbHub3.sys
11:39:42.0123 1724 USBHUB3 - ok
11:39:42.0153 1724 [ 325F6179009B5A7F6118951A5BA422AB ] usbohci C:\windows\System32\drivers\usbohci.sys
11:39:42.0155 1724 usbohci - ok
11:39:42.0193 1724 [ BA3ABE0CD1C14B3295BAD0F076B84CAC ] usbprint C:\windows\System32\drivers\usbprint.sys
11:39:42.0194 1724 usbprint - ok
11:39:42.0202 1724 [ F77177F6C95B2116EE7AD23B5EF57007 ] USBSTOR C:\windows\System32\drivers\USBSTOR.SYS
11:39:42.0204 1724 USBSTOR - ok
11:39:42.0219 1724 [ D25EF4A6EC244C5DE85D88A05B7C149D ] usbuhci C:\windows\System32\drivers\usbuhci.sys
11:39:42.0221 1724 usbuhci - ok
11:39:42.0262 1724 [ 09799E701B4327097E9F63D3FE221083 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
11:39:42.0268 1724 usbvideo - ok
11:39:42.0322 1724 [ 9CD4259AD15F84DE27B94A956C978D6C ] USBXHCI C:\windows\System32\drivers\USBXHCI.SYS
11:39:42.0331 1724 USBXHCI - ok
11:39:42.0348 1724 [ F702AB6181513303AB0FC8D59E52708B ] VaultSvc C:\windows\system32\lsass.exe
11:39:42.0351 1724 VaultSvc - ok
11:39:42.0371 1724 [ BACECBFF9C97F7627A60B0E0F1FE7EE8 ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
11:39:42.0373 1724 vdrvroot - ok
11:39:42.0425 1724 [ 8A8CDA9E3CF2E0B4C6CC19FBC6FB9A71 ] vds C:\windows\System32\vds.exe
11:39:42.0442 1724 vds - ok
11:39:42.0449 1724 [ 74FA2D4368DE6F6CE14393EDF1F342BE ] VerifierExt C:\windows\system32\drivers\VerifierExt.sys
11:39:42.0451 1724 VerifierExt - ok
11:39:42.0472 1724 [ 8628FA679F0EC4B709CCD1F6B6A3233B ] vhdmp C:\windows\System32\drivers\vhdmp.sys
11:39:42.0483 1724 vhdmp - ok
11:39:42.0490 1724 [ F5B4A14B00E89250C50982AC762DDD1D ] viaide C:\windows\system32\drivers\viaide.sys
11:39:42.0491 1724 viaide - ok
11:39:42.0498 1724 [ 78DB50F7329F6D1311658DABFFFC8BE0 ] vmbus C:\windows\system32\drivers\vmbus.sys
11:39:42.0502 1724 vmbus - ok
11:39:42.0508 1724 [ ECFEE2F2BA3932C7880D1A8F67D68F91 ] VMBusHID C:\windows\System32\drivers\VMBusHID.sys
11:39:42.0509 1724 VMBusHID - ok
11:39:42.0549 1724 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicheartbeat C:\windows\System32\ICSvc.dll
11:39:42.0559 1724 vmicheartbeat - ok
11:39:42.0568 1724 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmickvpexchange C:\windows\System32\ICSvc.dll
11:39:42.0572 1724 vmickvpexchange - ok
11:39:42.0581 1724 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicrdv C:\windows\System32\ICSvc.dll
11:39:42.0585 1724 vmicrdv - ok
11:39:42.0594 1724 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicshutdown C:\windows\System32\ICSvc.dll
11:39:42.0598 1724 vmicshutdown - ok
11:39:42.0608 1724 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmictimesync C:\windows\System32\ICSvc.dll
11:39:42.0613 1724 vmictimesync - ok
11:39:42.0622 1724 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicvss C:\windows\System32\ICSvc.dll
11:39:42.0626 1724 vmicvss - ok
11:39:42.0645 1724 [ CB60FAAED8B49B812EBBF77EB87D9B18 ] volmgr C:\windows\system32\drivers\volmgr.sys
11:39:42.0647 1724 volmgr - ok
11:39:42.0668 1724 [ A74101DA9809251BCD0E5A26BAE0F824 ] volmgrx C:\windows\system32\drivers\volmgrx.sys
11:39:42.0673 1724 volmgrx - ok
11:39:42.0683 1724 [ 2FB3CDFD5EAF4CD9D4AFAF96877D13AE ] volsnap C:\windows\system32\drivers\volsnap.sys
11:39:42.0688 1724 volsnap - ok
11:39:42.0711 1724 [ A8DA1C1B52ECEA3726DEBED4FF1B700D ] vpci C:\windows\System32\drivers\vpci.sys
11:39:42.0712 1724 vpci - ok
11:39:42.0720 1724 [ 38A60CD9C009C55C6D3B5586F8E6A353 ] vsmraid C:\windows\system32\drivers\vsmraid.sys
11:39:42.0726 1724 vsmraid - ok
11:39:42.0781 1724 [ EA658570314042C914964FC72AB50E6B ] VSS C:\windows\system32\vssvc.exe
11:39:42.0802 1724 VSS - ok
11:39:42.0822 1724 [ A0F6FE0FC2F647C22BBFD6BD4249DBCC ] VSTXRAID C:\windows\system32\drivers\vstxraid.sys
11:39:42.0830 1724 VSTXRAID - ok
11:39:42.0857 1724 [ 62460A45435A26A334907E3F2EA45611 ] vwifibus C:\windows\System32\drivers\vwifibus.sys
11:39:42.0859 1724 vwifibus - ok
11:39:42.0878 1724 [ 095E943D27025E4D588AF0A72CC2318F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
11:39:42.0880 1724 vwififlt - ok
11:39:42.0886 1724 [ 73FA1A41A97A5C34ADC03B3577FF1A86 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
11:39:42.0888 1724 vwifimp - ok
11:39:42.0908 1724 [ F690B6EEAA94576727B24376D7ED3601 ] W32Time C:\windows\system32\w32time.dll
11:39:42.0917 1724 W32Time - ok
11:39:42.0923 1724 [ 6B806E893714019969E2B50D7EF6A4D9 ] WacomPen C:\windows\System32\drivers\wacompen.sys
11:39:42.0926 1724 WacomPen - ok
11:39:42.0951 1724 [ 6081CEC9EF9EB145D8B46655C7708D51 ] Wanarp C:\windows\system32\DRIVERS\wanarp.sys
11:39:42.0956 1724 Wanarp - ok
11:39:42.0961 1724 [ 6081CEC9EF9EB145D8B46655C7708D51 ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
11:39:42.0962 1724 Wanarpv6 - ok
11:39:43.0015 1724 [ 42DF22F8C448E7CD219F6D63743505E2 ] wbengine C:\windows\system32\wbengine.exe
11:39:43.0047 1724 wbengine - ok
11:39:43.0069 1724 [ 31D37B2F6069C631EF0557D322924812 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
11:39:43.0077 1724 WbioSrvc - ok
11:39:43.0087 1724 [ D9C1E82651BF19C6FF69CEC6FD400124 ] Wcmsvc C:\windows\System32\wcmsvc.dll
11:39:43.0095 1724 Wcmsvc - ok
11:39:43.0149 1724 [ 5B5FEAB51172F5513C2CF7B39CFA6A01 ] wcncsvc C:\windows\System32\wcncsvc.dll
11:39:43.0160 1724 wcncsvc - ok
11:39:43.0172 1724 [ E19556D414332E2BEBA1F368229006B4 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
11:39:43.0177 1724 WcsPlugInService - ok
11:39:43.0212 1724 [ B3A4D918DAB90505B6BC7B70632913CB ] Wd C:\windows\system32\drivers\wd.sys
11:39:43.0214 1724 Wd - ok
11:39:43.0239 1724 [ 260F8DFC4D5748F4CCB9B19CFB0E58EA ] WdBoot C:\windows\system32\drivers\WdBoot.sys
11:39:43.0240 1724 WdBoot - ok
11:39:43.0269 1724 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
11:39:43.0278 1724 Wdf01000 - ok
11:39:43.0287 1724 [ 880FFFC4D5BBBB4187B6B04AB2E8C32A ] WdFilter C:\windows\system32\drivers\WdFilter.sys
11:39:43.0290 1724 WdFilter - ok
11:39:43.0305 1724 [ 240FC332484572227CD1DF82407F33E5 ] WdiServiceHost C:\windows\system32\wdi.dll
11:39:43.0310 1724 WdiServiceHost - ok
11:39:43.0315 1724 [ 240FC332484572227CD1DF82407F33E5 ] WdiSystemHost C:\windows\system32\wdi.dll
11:39:43.0319 1724 WdiSystemHost - ok
11:39:43.0376 1724 [ F2002DA5E6B78C15B2CD48CFF8F0FBB6 ] WebClient C:\windows\System32\webclnt.dll
11:39:43.0384 1724 WebClient - ok
11:39:43.0393 1724 [ 35FD720943D4FCD75C3275BF062FF140 ] Wecsvc C:\windows\system32\wecsvc.dll
11:39:43.0400 1724 Wecsvc - ok
11:39:43.0417 1724 [ 4D2612E3C462B68F499D840B1133263E ] wercplsupport C:\windows\System32\wercplsupport.dll
11:39:43.0421 1724 wercplsupport - ok
11:39:43.0439 1724 [ 8E2426162ED6749A127B35D235F21E11 ] WerSvc C:\windows\System32\WerSvc.dll
11:39:43.0445 1724 WerSvc - ok
11:39:43.0452 1724 [ FE762D3498719C3A23471BBA62F747B4 ] WFPLWFS C:\windows\system32\DRIVERS\wfplwfs.sys
11:39:43.0454 1724 WFPLWFS - ok
11:39:43.0474 1724 [ 60E0C220593DA4F7C289CB909D2DBAE0 ] WiaRpc C:\windows\System32\wiarpc.dll
11:39:43.0479 1724 WiaRpc - ok
11:39:43.0503 1724 [ A3C7624A42A3447EF5EDD1ED37FE4E60 ] WIMMount C:\windows\system32\drivers\wimmount.sys
11:39:43.0505 1724 WIMMount - ok
11:39:43.0533 1724 WinDefend - ok
11:39:43.0582 1724 [ 7911470B6018059A880469A63B65700A ] WinHttpAutoProxySvc C:\windows\system32\winhttp.dll
11:39:43.0592 1724 WinHttpAutoProxySvc - ok
11:39:43.0641 1724 [ 3D6B518B71C75C8FA4115A33615C107A ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
11:39:43.0648 1724 Winmgmt - ok
11:39:43.0749 1724 [ 8E212A627F33F6FC3B5F3BB47212F66E ] WinRM C:\windows\system32\WsmSvc.dll
11:39:43.0848 1724 WinRM - ok
11:39:43.0927 1724 [ 6351724B8FA0255C2DBD970297F00B93 ] WlanSvc C:\windows\System32\wlansvc.dll
11:39:43.0956 1724 WlanSvc - ok
11:39:44.0024 1724 [ 08EFA13A2234C8C3B8A99E4B88BE7E9B ] wlidsvc C:\windows\system32\wlidsvc.dll
11:39:44.0061 1724 wlidsvc - ok
11:39:44.0087 1724 [ E2A596CACFC6504306CDB7B593B90084 ] WmiAcpi C:\windows\System32\drivers\wmiacpi.sys
11:39:44.0088 1724 WmiAcpi - ok
11:39:44.0114 1724 [ D113499052C5E541906B727779F0F959 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
11:39:44.0117 1724 wmiApSrv - ok
11:39:44.0136 1724 WMPNetworkSvc - ok
11:39:44.0161 1724 [ C6FF953D5D6F2EAE3B8883474D5076B3 ] wpcfltr C:\windows\system32\DRIVERS\wpcfltr.sys
11:39:44.0163 1724 wpcfltr - ok
11:39:44.0190 1724 [ A6ED163169876BFD2437E872FE2F1509 ] WPCSvc C:\windows\System32\wpcsvc.dll
11:39:44.0194 1724 WPCSvc - ok
11:39:44.0215 1724 [ 94AA5150E35B3ABB7191FE641E3C2473 ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
11:39:44.0221 1724 WPDBusEnum - ok
11:39:44.0244 1724 [ 0346CAFC181C91C6E2330332EB332ED6 ] WpdUpFltr C:\windows\system32\drivers\WpdUpFltr.sys
11:39:44.0247 1724 WpdUpFltr - ok
11:39:44.0282 1724 [ BC8B5CB336E63BB25EAD1CE8EDD34B81 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
11:39:44.0284 1724 ws2ifsl - ok
11:39:44.0307 1724 [ FB0C1B7F94FA08E72F19F6F2CE7210E1 ] wscsvc C:\windows\System32\wscsvc.dll
11:39:44.0312 1724 wscsvc - ok
11:39:44.0317 1724 WSearch - ok
11:39:44.0393 1724 [ C10BFFEE7E0D7A1366E84F251796C51D ] WSService C:\windows\System32\WSService.dll
11:39:44.0418 1724 WSService - ok
11:39:44.0513 1724 [ A8484C0CB54DB48180FB7CA00F1C3F8F ] wuauserv C:\windows\system32\wuaueng.dll
11:39:44.0577 1724 wuauserv - ok
11:39:44.0599 1724 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\windows\system32\drivers\WudfPf.sys
11:39:44.0602 1724 WudfPf - ok
11:39:44.0610 1724 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\windows\System32\drivers\WUDFRd.sys
11:39:44.0612 1724 WUDFRd - ok
11:39:44.0644 1724 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\windows\System32\WUDFSvc.dll
11:39:44.0651 1724 wudfsvc - ok
11:39:44.0659 1724 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFWpdFs C:\windows\system32\DRIVERS\WUDFRd.sys
11:39:44.0662 1724 WUDFWpdFs - ok
11:39:44.0729 1724 [ F9D8D2E6ECE08B278621D5BF3A7240A6 ] WwanSvc C:\windows\System32\wwansvc.dll
11:39:44.0740 1724 WwanSvc - ok
11:39:44.0747 1724 XHCIPort - ok
11:39:44.0866 1724 [ 7055B389BD0DA0B19236BF43CDDF0E1A ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
11:39:44.0877 1724 ZeroConfigService - ok
11:39:44.0900 1724 ================ Scan global ===============================
11:39:44.0941 1724 [ DDC1AFBF9DDF880CE9BD3896114D8DED ] C:\windows\system32\basesrv.dll
11:39:44.0969 1724 [ E9343076AE704D20BB0D01F3AF3EFFEF ] C:\windows\system32\winsrv.dll
11:39:45.0006 1724 [ BD7C6949984D19AAA609896B675E7357 ] C:\windows\system32\sxssrv.dll
11:39:45.0041 1724 [ 8F226143046435C75C033B0C52E90FFE ] C:\windows\system32\services.exe
11:39:45.0048 1724 [Global] - ok
11:39:45.0049 1724 ================ Scan MBR ==================================
11:39:45.0064 1724 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
11:39:45.0169 1724 \Device\Harddisk0\DR0 - ok
11:39:45.0174 1724 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
11:39:45.0289 1724 \Device\Harddisk1\DR1 - ok
11:39:45.0290 1724 ================ Scan VBR ==================================
11:39:45.0327 1724 [ C16C616BB0C20BE9552371FA2263C3E9 ] \Device\Harddisk0\DR0\Partition1
11:39:45.0329 1724 \Device\Harddisk0\DR0\Partition1 - ok
11:39:45.0341 1724 [ E5A11EE2FF093ED1F62ABD4163CFD630 ] \Device\Harddisk0\DR0\Partition2
11:39:45.0342 1724 \Device\Harddisk0\DR0\Partition2 - ok
11:39:45.0354 1724 [ A98163B8413FC0D73582FD8101439AC4 ] \Device\Harddisk0\DR0\Partition3
11:39:45.0354 1724 \Device\Harddisk0\DR0\Partition3 - ok
11:39:45.0373 1724 [ FE2F019395D5BF405E4214E267E9B518 ] \Device\Harddisk0\DR0\Partition4
11:39:45.0375 1724 \Device\Harddisk0\DR0\Partition4 - ok
11:39:45.0408 1724 [ E2144449BC93C73648A4F9F28A9847D2 ] \Device\Harddisk0\DR0\Partition5
11:39:45.0410 1724 \Device\Harddisk0\DR0\Partition5 - ok
11:39:45.0422 1724 [ 5063CD88AC459CDC739E499AFACEA083 ] \Device\Harddisk0\DR0\Partition6
11:39:45.0423 1724 \Device\Harddisk0\DR0\Partition6 - ok
11:39:45.0423 1724 ============================================================
11:39:45.0424 1724 Scan finished
11:39:45.0424 1724 ============================================================
11:39:45.0441 3100 Detected object count: 0
11:39:45.0441 3100 Actual detected object count: 0
11:41:01.0223 3808 Deinitialize success

#11
Sam Spade

Sam Spade

    Assistente Profissional

  • Assistente Profissional
  • 21.220 posts
Vamos precisar criar um disco de recuperação do Windows 8 por medida de segurança. Por favor acesse este link abaixo e crie o disco (não precisa criar também o pendrive):

http://www.tecmundo....recuperacao.htm

Quando tiver feito isso, avise aqui no tópico, para poder prosseguirmos.
Linha Defensiva no Facebook
Junte-se ao ARIS//Linha Defensiva no Twitter
Imagem Postada
Não abandone o seu tópico.
Alguém dedicou parte do seu tempo para ajudá-lo!

#12
Pardones

Pardones

    Novato

  • Membro
  • Pip
  • 18 posts
Feito, também aproveitei e atualizei os backups dos meus documentos e etc..

#13
Sam Spade

Sam Spade

    Assistente Profissional

  • Assistente Profissional
  • 21.220 posts
Ok, siga estas instruções:
  • Clique duas vezes em aswMBR.exe;
  • Clique em Scan;
  • Após a conclusão do scan, clique no botão FixMBR;
Imagem Postada
  • Clique em Yes quando solicitado para a substituir o MBR;
Imagem Postada
  • Reinicie a máquina.
  • Após o reinicio execute novamente a ferramenta;
  • Clique no botão Save log, salve no Desktop e poste o conteúdo em sua próxima resposta.

Linha Defensiva no Facebook
Junte-se ao ARIS//Linha Defensiva no Twitter
Imagem Postada
Não abandone o seu tópico.
Alguém dedicou parte do seu tempo para ajudá-lo!

#14
Pardones

Pardones

    Novato

  • Membro
  • Pip
  • 18 posts
Não consegui rodar o fixMBR, dá um erro "Disk 0 MBR fix error". Segue o log abaixo:



aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-02-27 22:57:36
-----------------------------
22:57:36.649 OS Version: Windows x64 6.2.9200
22:57:36.649 Number of processors: 8 586 0x3A09
22:57:36.649 ComputerName: PARDAL UserName: Casa
22:57:36.852 Initialze error 1
22:57:52.391 AVAST engine defs: 13022701
22:58:01.393 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000045
22:58:01.393 Disk 0 Vendor: ST1000LM024_HN-M101MBB 2AR10002 Size: 953869MB BusType: 11
22:58:01.393 Disk 1 \Device\Harddisk1\DR1 -> \Device\00000046
22:58:01.408 Disk 1 Vendor: SanDisk_SSD_i100_8GB 11.56.04 Size: 7641MB BusType: 11
22:58:01.424 Disk 0 MBR read successfully
22:58:01.424 Disk 0 MBR scan
22:58:01.877 Disk 0 unknown MBR code
22:58:01.893 Disk 0 Partition 1 00 EE GPT 2097151 MB offset 1
22:58:01.893 Disk 0 scanning C:\windows\system32\drivers
22:58:01.893 Service scanning
22:58:05.081 Modules scanning
22:58:05.081 Disk 0 trace - called modules:
22:58:05.096 ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0xfffffa8006eb42c0]<<sptd.sys storport.sys hal.dll iaStorA.sys
22:58:05.112 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800a4b8060]
22:58:05.127 3 CLASSPNP.SYS[fffff88000a028aa] -> nt!IofCallDriver -> \Device\00000045[0xfffffa8007983060]
22:58:05.127 \Driver\iaStorA[0xfffffa80079898f0] -> IRP_MJ_CREATE -> 0xfffffa8006eb42c0
22:58:05.143 AVAST engine scan C:\windows
22:58:05.143 AVAST engine scan C:\windows\system32
22:58:05.159 AVAST engine scan C:\windows\system32\drivers
22:58:05.159 AVAST engine scan C:\Users\Pardones
22:58:05.174 AVAST engine scan C:\ProgramData
22:58:05.174 Scan finished successfully
22:58:11.771 Disk 0 MBR fix error
22:58:27.086 Disk 0 MBR has been saved successfully to "C:\Users\Pardones\Desktop\MBR.dat"
22:58:27.102 The log file has been saved successfully to "C:\Users\Pardones\Desktop\aswMBR2.txt"

#15
Pardones

Pardones

    Novato

  • Membro
  • Pip
  • 18 posts
Ah, será que não tem que rodar o aswMBR como admin?

#16
Sam Spade

Sam Spade

    Assistente Profissional

  • Assistente Profissional
  • 21.220 posts
Atenção: Imprima estas instruções pois você não terá acesso a esta página durante este procedimento. Observe bem os comandos digitados, pois não pode haver erros de digitação, ou os comandos não irão funcionar. Se tiver dúvidas, pergunte antes de fazer.

Baixe o Imagem Postada por um computador limpo e salve-o em um pendrive.

Conecte o pendrive com o Farbar Recovery Scan Tool 64-Bit (FRST64) ao seu computador. Reinicie e fique pressionando a tecla F8, até aparecer um menu com as Opções Avançadas.

Imagem Postada

Escolha a opção Reparar o seu computador e aperte a tecla Enter. Selecione o método de entrada de teclado (seu idioma) e depois clique em Avançar.

Selecione o Sistema Operacional a ser reparado (se houver mais de um). Depois coloque o seu usuário (administrador) e se houver senha, digite-a. Dê o Ok.

Escolha a opção Prompt de Comando.

Imagem Postada

No prompt, digite: notepad

Dê o Enter e o bloco de notas irá abrir. Vá no menu Arquivo e escolha Abrir. Selecione Meu Computador e veja qual é a letra do seu drive removível.

* Isso é porque a letra pode não ser a mesma que aparece em modo normal.

Feche o bloco de notas e na janela do prompt digite:

z:\frst64

ATENÇÃO: substitua o z pela letra que viu que era do seu drive removível.

Tecle Enter. O FRST64 irá rodar. Aceite o contrato e depois clique no botão Scan.

Aguarde e ao final, o log FRST.txt será salvo no seu drive removível.

Reinicie o computador normalmente e depois selecione, copie e cole o conteúdo deste log em sua próxima resposta.
Linha Defensiva no Facebook
Junte-se ao ARIS//Linha Defensiva no Twitter
Imagem Postada
Não abandone o seu tópico.
Alguém dedicou parte do seu tempo para ajudá-lo!

#17
Pardones

Pardones

    Novato

  • Membro
  • Pip
  • 18 posts
Olá Sam Spade,

As instruções estão claras, mas no windows 8 a inicialização mudou e ficou diferente:
http://windows.micro...uding-safe-mode

Fiquei na dúvida de qual opção escolher, já que não existe uma "reparar o seu computador".

Primeiro ele abre um menu com 4 opções: continue / use a device (use a USB drive, network connection, or windows recovery DVD) / troubleshoot (refresh or reset your PC or use advanced tools) / turn off PC]

No troubleshoot tem refresh PC / reset PC e advanced options.
No adv options tem system restore / system image recovery / automatic repair / command prompt / UEFI Firmware settigns / Startup settings

#18
Sam Spade

Sam Spade

    Assistente Profissional

  • Assistente Profissional
  • 21.220 posts
Veja nesta opção em vermelho:

No adv options tem system restore / system image recovery / automatic repair / command prompt / UEFI Firmware settigns / Startup settings
Linha Defensiva no Facebook
Junte-se ao ARIS//Linha Defensiva no Twitter
Imagem Postada
Não abandone o seu tópico.
Alguém dedicou parte do seu tempo para ajudá-lo!

#19
Pardones

Pardones

    Novato

  • Membro
  • Pip
  • 18 posts
Putz, não é possível, to me sentindo um verdadeiro mané nesse windows 8... rs

Tentei entrar pelo prompt de comando, você acredita que ele não enxerga o pen drive? Tentei isso em todas as entradas USB. Depois ao ligar o windows normalmente ele acha pen drive numa boa. Pior ainda, no prompt meu mouse e teclado sem fio funciona normal - o receptor tá no USB. Será que eu to fazendo alguma coisa de errada???

No bloco de notas aparecem 5 drivers:
Local Disk - C:
SAMSUNG_REC - E:
SAMSUNG_REC2 - D:
Boot - X:
CD Drive - F:

#20
Pardones

Pardones

    Novato

  • Membro
  • Pip
  • 18 posts
Consegui rodar usando meu hd removível, segue log:


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-02-2013
Ran by SYSTEM at 05-03-2013 14:57:01
Running from D:\
Windows 8 (X64) OS Language: English(US)
The current controlset is ControlSet001

==================== Registry (Whitelisted) ===================

HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [13191312 2012-08-06] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] %ProgramFiles%\Elantech\ETDCtrl.exe [2862448 2012-08-05] (ELAN Microelectronics Corp.)
HKLM\...\Run: [BTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp [11577216 2012-08-27] (Motorola Solutions, Inc.)
HKLM\...\Run: [SpywareTerminatorShield] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [x]
HKLM\...\Run: [SpywareTerminatorUpdater] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [x]
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [38112 2012-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [946352 2012-12-02] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4 [155488 2012-07-13] (Intel Corporation)
HKLM-x32\...\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2995904 2012-07-10] (Symantec Corporation)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59280 2012-11-28] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [152544 2012-12-12] (Apple Inc.)
HKLM-x32\...\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot [295072 2013-01-26] (RealNetworks, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [252848 2012-07-03] (Sun Microsystems, Inc.)
HKU\Pardones\...\Run: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount [75624 2012-01-05] (Alcohol Soft Development Team)
Tcpip\Parameters: [DhcpNameServer] 200.162.196.29 200.162.194.244
AppInit_DLLs: C:\windows\system32\nvinitx.dll
Startup: C:\Users\Pardones\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> (No File)
Startup: C:\Users\Pardones\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Services (Whitelisted) ===================

3 AllUserInstallAgent; C:\Windows\System32\AUInstallAgent.dll [122368 2012-07-25] (Microsoft Corporation)
2 AudioEndpointBuilder; C:\Windows\System32\AudioEndpointBuilder.dll [169472 2012-11-05] (Microsoft Corporation)
2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
2 BrokerInfrastructure; C:\Windows\System32\bisrv.dll [179712 2012-09-19] (Microsoft Corporation)
3 DeviceAssociationService; C:\Windows\System32\das.dll [342016 2012-07-25] (Microsoft Corporation)
3 DeviceInstall; C:\Windows\System32\umpnpmgr.dll [107008 2012-09-19] (Microsoft Corporation)
3 DsmSvc; C:\Windows\System32\DeviceSetupManager.dll [207872 2012-07-25] (Microsoft Corporation)
2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1593976 2012-08-26] (Samsung Electronics CO., LTD.)
3 EFS; C:\Windows\System32\efssvc.dll [37376 2012-07-25] (Microsoft Corporation)
2 ExpressCache; "C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe" [102224 2012-08-17] (Condusiv Technologies)
3 fhsvc; C:\Windows\System32\fhsvc.dll [116736 2012-09-19] (Microsoft Corporation)
2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-17] (Intel Corporation)
2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
3 KeyIso; C:\Windows\System32\keyiso.dll [59904 2012-07-25] (Microsoft Corporation)
3 KeyIso; C:\Windows\SysWow64\keyiso.dll [43520 2012-07-25] (Microsoft Corporation)
2 LSM; C:\Windows\System32\lsm.dll [438272 2012-07-25] (Microsoft Corporation)
2 MCLIENT; "C:\Program Files (x86)\Norton Management\Engine\3.2.0.19\ccSvcHst.exe" /s "MCLIENT" /m "C:\Program Files (x86)\Norton Management\Engine\3.2.0.19\diMaster.dll" /prefetch:1 [535416 2012-10-11] (Symantec Corporation)
3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-09-24] ()
3 NcaSvc; C:\Windows\System32\ncasvc.dll [161792 2012-07-25] (Microsoft Corporation)
3 NcdAutoSetup; C:\Windows\System32\NcdAutoSetup.dll [73728 2012-07-25] (Microsoft Corporation)
3 Netlogon; C:\Windows\System32\netlogon.dll [743936 2012-07-25] (Microsoft Corporation)
3 Netlogon; C:\Windows\SysWow64\netlogon.dll [634368 2012-07-25] (Microsoft Corporation)
3 netprofm; C:\Windows\System32\netprofmsvc.dll [463872 2012-07-25] (Microsoft Corporation)
2 NIS; "C:\Program Files (x86)\Norton Internet Security\Engine\20.2.1.22\ccSvcHst.exe" /s "NIS" /m "C:\Program Files (x86)\Norton Internet Security\Engine\20.2.1.22\diMaster.dll" /prefetch:1 [535416 2012-12-05] (Symantec Corporation)
2 NOBU; "C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe" SERVICE [3939008 2012-07-10] (Symantec Corporation)
3 PrintNotify; C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll [2675712 2012-11-05] (Microsoft Corporation)
2 RealNetworks Downloader Resolver Service; "C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe" [38608 2012-11-29] ()
3 StorSvc; C:\Windows\SysWow64\storsvc.dll [18432 2012-07-25] (Microsoft Corporation)
3 svsvc; C:\Windows\System32\svsvc.dll [12800 2012-07-25] (Microsoft Corporation)
2 SWUpdateService; C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe /SERVICE [2879176 2012-12-27] (Samsung Electronics CO., LTD.)
3 SystemEventsBroker; C:\Windows\System32\SystemEventsBrokerServer.dll [178176 2012-12-05] (Microsoft Corporation)
3 TimeBroker; C:\Windows\System32\TimeBrokerServer.dll [170496 2012-12-05] (Microsoft Corporation)
3 VaultSvc; C:\Windows\System32\vaultsvc.dll [283648 2012-07-25] (Microsoft Corporation)
3 vmicheartbeat; C:\Windows\System32\ICSvc.dll [336384 2012-07-25] (Microsoft Corporation)
3 vmickvpexchange; C:\Windows\System32\ICSvc.dll [336384 2012-07-25] (Microsoft Corporation)
3 vmicrdv; C:\Windows\System32\ICSvc.dll [336384 2012-07-25] (Microsoft Corporation)
3 vmicshutdown; C:\Windows\System32\ICSvc.dll [336384 2012-07-25] (Microsoft Corporation)
3 vmictimesync; C:\Windows\System32\ICSvc.dll [336384 2012-07-25] (Microsoft Corporation)
3 vmicvss; C:\Windows\System32\ICSvc.dll [336384 2012-07-25] (Microsoft Corporation)
2 Wcmsvc; C:\Windows\System32\wcmsvc.dll [263680 2012-07-25] (Microsoft Corporation)
3 WiaRpc; C:\Windows\System32\wiarpc.dll [65536 2012-07-25] (Microsoft Corporation)
3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [15440 2012-07-25] (Microsoft Corporation)
3 WinHttpAutoProxySvc; C:\Windows\SysWow64\winhttp.dll [516608 2012-11-05] (Microsoft Corporation)
3 wlidsvc; C:\Windows\System32\wlidsvc.dll [1968128 2012-07-25] (Microsoft Corporation)
3 WSService; C:\Windows\System32\WSService.dll [2367528 2012-09-20] (Microsoft Corporation)
2 ZeroConfigService; "C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe" [1153840 2012-09-24] (Intel® Corporation)

==================== Drivers (Whitelisted) =====================

0 3ware; C:\Windows\System32\Drivers\3ware.sys [106736 2012-07-25] (LSI)
0 acpiex; C:\Windows\System32\Drivers\acpiex.sys [77040 2012-07-25] (Microsoft Corporation)
3 acpipagr; C:\Windows\System32\Drivers\acpipagr.sys [10240 2012-07-25] (Microsoft Corporation)
3 acpitime; C:\Windows\System32\Drivers\acpitime.sys [10752 2012-07-25] (Microsoft Corporation)
0 arc; C:\Windows\System32\Drivers\arc.sys [104688 2012-07-25] (PMC-Sierra, Inc.)
0 arcsas; C:\Windows\System32\Drivers\arcsas.sys [108272 2012-07-25] (PMC-Sierra, Inc.)
1 BasicDisplay; C:\Windows\System32\Drivers\BasicDisplay.sys [48640 2012-07-25] (Microsoft Corporation)
1 BasicRender; C:\Windows\System32\Drivers\BasicRender.sys [29696 2012-07-25] (Microsoft Corporation)
1 BHDrvx64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\BASHDefs\20130208.001\BHDrvx64.sys [1388120 2013-01-15] (Symantec Corporation)
3 BthAvrcpTg; C:\Windows\System32\Drivers\BthAvrcpTg.sys [31104 2012-11-26] (Microsoft Corporation)
3 BthHFEnum; C:\Windows\System32\Drivers\BthHFEnum.sys [51200 2012-07-25] (Microsoft Corporation)
3 bthhfhid; C:\Windows\System32\Drivers\bthhfhid.sys [29952 2012-11-26] (Microsoft Corporation)
3 BthLEEnum; C:\Windows\System32\Drivers\BthLEEnum.sys [202752 2012-07-25] (Microsoft Corporation)
3 btmaux; C:\Windows\System32\Drivers\btmaux.sys [121728 2012-08-27] (Motorola Solutions, Inc.)
3 btmhsf; C:\Windows\System32\Drivers\btmhsf.sys [857472 2012-08-29] (Motorola Solutions, Inc.)
1 ccSet_MCLIENT; C:\Windows\system32\drivers\MCLIENTx64\0302000.013\ccSetx64.sys [168096 2012-10-03] (Symantec Corporation)
1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00B\ccSetx64.sys [168608 2012-05-25] (Symantec Corporation)
1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1402010.016\ccSetx64.sys [168096 2012-08-20] (Symantec Corporation)
0 CLFS; C:\Windows\System32\Drivers\CLFS.sys [361200 2012-07-25] (Microsoft Corporation)
3 condrv; C:\Windows\System32\Drivers\condrv.sys [33792 2012-07-25] (Microsoft Corporation)
1 dam; C:\Windows\System32\Drivers\dam.sys [58088 2012-10-10] (Microsoft Corporation)
1 eeCtrl; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-12-15] (Symantec Corporation)
0 EhStorClass; C:\Windows\System32\Drivers\EhStorClass.sys [81136 2012-07-25] (Microsoft Corporation)
0 EhStorTcgDrv; C:\Windows\System32\Drivers\EhStorTcgDrv.sys [113904 2012-07-25] (Microsoft Corporation)
3 EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2012-12-15] (Symantec Corporation)
1 excfs; C:\Windows\System32\Drivers\excfs.sys [23376 2012-08-17] (Condusiv Technologies)
0 excsd; C:\Windows\System32\Drivers\excsd.sys [103248 2012-08-17] (Condusiv Technologies)
3 FxPPM; C:\Windows\System32\Drivers\FxPPM.sys [22528 2012-11-05] (Microsoft Corporation)
3 gencounter; C:\Windows\System32\drivers\vmgencounter.sys [12288 2012-07-25] (Microsoft Corporation)
3 GPIOClx0101; C:\Windows\System32\Drivers\msgpioclx.sys [120040 2012-09-19] (Microsoft Corporation)
3 hidi2c; C:\Windows\System32\Drivers\hidi2c.sys [39936 2012-11-19] (Microsoft Corporation)
3 hyperkbd; C:\Windows\System32\Drivers\hyperkbd.sys [11776 2012-07-25] (Microsoft Corporation)
3 HyperVideo; C:\Windows\System32\Drivers\HyperVideo.sys [24576 2012-07-25] (Microsoft Corporation)
0 iaStorA; C:\Windows\System32\Drivers\iaStorA.sys [645952 2012-07-30] (Intel Corporation)
1 IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\IPSDefs\20130301.002\IDSvia64.sys [513184 2012-12-14] (Symantec Corporation)
3 kdnic; C:\Windows\System32\Drivers\kdnic.sys [18432 2012-07-25] (Microsoft Corporation)
0 LSI_SSS; C:\Windows\System32\Drivers\LSI_SSS.sys [81136 2012-07-25] (LSI Corporation)
3 MsBridge; C:\Windows\system32\DRIVERS\bridge.sys [129536 2012-07-25] (Microsoft Corporation)
3 msgpiowin32; C:\Windows\System32\Drivers\msgpiowin32.sys [28392 2012-09-19] (Microsoft Corporation)
3 mshidumdf; C:\Windows\System32\Drivers\mshidumdf.sys [10752 2012-07-25] (Microsoft Corporation)
3 MsLldp; C:\Windows\System32\Drivers\MsLldp.sys [68608 2012-07-25] (Microsoft Corporation)
0 mvumis; C:\Windows\System32\Drivers\mvumis.sys [64240 2012-07-25] (Marvell Semiconductor, Inc.)
3 NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\VirusDefs\20130301.025\ENG64.SYS [126192 2013-01-17] (Symantec Corporation)
3 NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\VirusDefs\20130301.025\EX64.SYS [2087664 2013-01-17] (Symantec Corporation)
3 NdisImPlatform; C:\Windows\System32\Drivers\NdisImPlatform.sys [126464 2012-07-25] (Microsoft Corporation)
3 NDISWANLEGACY; C:\Windows\system32\DRIVERS\ndiswan.sys [174080 2012-07-25] (Microsoft Corporation)
2 Ndu; C:\Windows\System32\Drivers\Ndu.sys [97792 2012-07-25] (Microsoft Corporation)
3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [4309032 2012-10-10] (Intel Corporation)
1 npsvctrig; C:\Windows\System32\Drivers\npsvctrig.sys [23552 2012-07-25] (Microsoft Corporation)
0 pdc; C:\Windows\System32\Drivers\pdc.sys [69864 2012-11-05] (Microsoft Corporation)
3 RadioHIDMini; C:\Windows\System32\Drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows ® Win 7 DDK provider)
3 RTL8168; C:\Windows\system32\DRIVERS\Rt630x64.sys [683664 2012-06-12] (Realtek )
3 rtport; C:\Windows\SysWow64\Drivers\rtport.sys [15144 2012-09-20] (Windows ® 2003 DDK 3790 provider)
3 sdstor; C:\Windows\System32\Drivers\sdstor.sys [56552 2012-10-10] (Microsoft Corporation)
3 SensorsAlsDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [198656 2012-07-25] (Microsoft Corporation)
3 SerCx; C:\Windows\System32\Drivers\SerCx.sys [62976 2012-07-25] (Microsoft Corporation)
0 spaceport; C:\Windows\System32\Drivers\spaceport.sys [283888 2012-07-25] (Microsoft Corporation)
3 SpbCx; C:\Windows\System32\Drivers\SpbCx.sys [59392 2012-07-25] (Microsoft Corporation)
0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-02-02] (Duplex Secure Ltd.)
3 SRTSP; C:\Windows\System32\Drivers\NISx64\1402010.016\SRTSP64.SYS [776864 2012-10-08] (Symantec Corporation)
1 SRTSPX; C:\Windows\system32\drivers\NISx64\1402010.016\SRTSPX64.SYS [37496 2012-09-06] (Symantec Corporation)
0 storahci; C:\Windows\System32\Drivers\storahci.sys [77552 2012-07-25] (Microsoft Corporation)
0 SymDS; C:\Windows\System32\drivers\NISx64\1402010.016\SYMDS64.SYS [493216 2012-10-03] (Symantec Corporation)
0 SymEFA; C:\Windows\System32\drivers\NISx64\1402010.016\SYMEFA64.SYS [1133216 2012-10-03] (Symantec Corporation)
0 SymELAM; C:\Windows\System32\drivers\NISx64\1402010.016\SymELAM.sys [23448 2012-09-06] (Symantec Corporation)
3 SymEvent; \??\C:\windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2012-12-17] (Symantec Corporation)
1 SymIRON; C:\Windows\system32\drivers\NISx64\1402010.016\Ironx64.SYS [224416 2012-09-06] (Symantec Corporation)
1 SymNetS; C:\Windows\System32\Drivers\NISx64\1402010.016\SYMNETS.SYS [432800 2012-09-06] (Symantec Corporation)
3 UASPStor; C:\Windows\System32\Drivers\UASPStor.sys [97008 2012-07-25] (Microsoft Corporation)
3 UCX01000; C:\Windows\System32\Drivers\UCX01000.sys [212200 2012-09-19] (Microsoft Corporation)
3 USBHUB3; C:\Windows\System32\Drivers\USBHUB3.sys [445160 2012-11-05] (Microsoft Corporation)
3 USBXHCI; C:\Windows\System32\Drivers\USBXHCI.sys [337128 2012-09-19] (Microsoft Corporation)
3 VerifierExt; C:\Windows\System32\Drivers\VerifierExt.sys [106224 2012-07-25] (Microsoft Corporation)
3 vpci; C:\Windows\System32\Drivers\vpci.sys [67824 2012-07-25] (Microsoft Corporation)
0 VSTXRAID; C:\Windows\System32\Drivers\VSTXRAID.sys [322800 2012-07-25] (VIA Corporation)
3 WdBoot; C:\Windows\System32\Drivers\WdBoot.sys [34216 2012-07-25] (Microsoft Corporation)
3 WdFilter; C:\Windows\System32\Drivers\WdFilter.sys [258288 2012-07-25] (Microsoft Corporation)
0 WFPLWFS; C:\Windows\System32\Drivers\WFPLWFS.sys [96496 2012-07-25] (Microsoft Corporation)
3 wpcfltr; C:\Windows\System32\Drivers\wpcfltr.sys [45056 2012-07-25] (Microsoft Corporation)
3 WpdUpFltr; C:\Windows\System32\Drivers\WpdUpFltr.sys [19968 2012-07-25] (Microsoft Corporation)
3 WUDFWpdFs; C:\Windows\system32\DRIVERS\WUDFRd.sys [198656 2012-07-25] (Microsoft Corporation)
3 intaud_WaveExtensible; C:\Windows\system32\drivers\intelaud.sys [x]
3 iwdbus; C:\Windows\System32\drivers\iwdbus.sys [x]
3 SBIOSIO; \??\C:\windiag\SBIOSIO64.SYS [x]
3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [x]
3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [x]

==================== NetSvcs (Whitelisted) ====================


==================== One Month Created Files and Folders ========

2013-03-05 14:56 - 2013-03-05 14:56 - 00000000 ____D C:\FRST
2013-03-04 15:05 - 2013-03-04 15:05 - 00029142 ____A C:\Users\Pardones\Desktop\tse.pptx
2013-02-27 17:58 - 2013-02-27 17:58 - 00002022 ____A C:\Users\Pardones\Desktop\aswMBR2.txt
2013-02-27 17:35 - 2013-02-27 17:34 - 00262560 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-02-27 17:35 - 2013-02-27 17:34 - 00174496 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-02-27 17:35 - 2013-02-27 17:34 - 00174496 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-02-27 17:35 - 2013-02-27 17:34 - 00095648 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-02-25 16:54 - 2013-02-21 11:59 - 02063240 ____A (Samsung Electronics) C:\ProgramData\MakeMarkerFile.exe
2013-02-25 16:54 - 2013-01-12 18:51 - 00003004 ____A C:\ProgramData\MakeMarkerFile.xml
2013-02-21 17:16 - 2013-02-21 17:17 - 00001702 ____A C:\Users\Pardones\Desktop\RKreport[1]_S_02212013_02d2216.txt
2013-02-21 17:13 - 2013-02-21 17:16 - 00000000 ____D C:\Users\Pardones\Desktop\RK_Quarantine
2013-02-21 17:11 - 2013-02-21 17:11 - 00799232 ____A C:\Users\Pardones\Desktop\RogueKiller.exe
2013-02-21 16:33 - 2013-02-21 16:33 - 00000119 ____A C:\Users\Pardones\Desktop\MBR.rar
2013-02-21 16:32 - 2013-02-27 17:58 - 00000512 ____A C:\Users\Pardones\Desktop\MBR.dat
2013-02-21 16:32 - 2013-02-21 16:32 - 00001982 ____A C:\Users\Pardones\Desktop\aswMBR.txt
2013-02-21 16:24 - 2013-02-21 16:26 - 04732416 ____A (AVAST Software) C:\Users\Pardones\Desktop\aswMBR.exe
2013-02-21 16:23 - 2013-02-21 16:49 - 00000402 ____A C:\Users\Pardones\Desktop\Virus total.txt
2013-02-18 19:10 - 2013-02-18 19:10 - 00054300 ____A C:\Users\Pardones\Desktop\MbrScan.log
2013-02-18 19:09 - 2013-02-18 19:10 - 00000512 ____A C:\Users\Pardones\Desktop\Dump_Hdd1_DR1.mbr
2013-02-18 19:09 - 2013-02-18 19:10 - 00000512 ____A C:\Users\Pardones\Desktop\Dump_Hdd0_DR0.mbr
2013-02-18 17:13 - 2013-02-18 17:13 - 00001137 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-02-18 17:13 - 2013-02-18 17:13 - 00000000 ____D C:\Users\Pardones\AppData\Roaming\Malwarebytes
2013-02-18 17:13 - 2013-02-18 17:13 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-02-18 17:13 - 2013-02-18 17:13 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-02-18 17:13 - 2012-12-14 11:49 - 00024176 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2013-02-18 17:08 - 2013-02-18 17:08 - 00001682 ____A C:\Users\Pardones\Desktop\AdwCleaner[S1].txt
2013-02-18 17:08 - 2013-02-18 17:08 - 00000000 ____D C:\ProgramData\boost_interprocess
2013-02-18 17:04 - 2013-02-18 17:04 - 00001682 ____A C:\AdwCleaner[S1].txt
2013-02-18 17:04 - 2013-02-18 17:04 - 00000101 ____A C:\Windows\DeleteOnReboot.bat
2013-02-18 17:00 - 2013-02-18 17:00 - 00147456 ____A (Eric_71) C:\Users\Pardones\Desktop\MbrScan.exe
2013-02-18 16:59 - 2013-02-18 17:01 - 10156344 ____A (Malwarebytes Corporation ) C:\Users\Pardones\Desktop\mbam-setup-1.70.0.1100.exe
2013-02-18 16:58 - 2013-02-18 16:58 - 00587671 ____A C:\Users\Pardones\Desktop\AdwCleaner.exe
2013-02-17 14:49 - 2013-02-17 17:11 - 00000000 ____D C:\Users\Pardones\Desktop\HijackThis
2013-02-11 13:51 - 2013-02-23 06:38 - 02237968 ____A (Kaspersky Lab ZAO) C:\Users\Pardones\Desktop\TDSSKiller.exe
2013-02-08 15:46 - 2013-02-04 13:36 - 00693600 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-02-08 15:46 - 2013-02-04 13:36 - 00081248 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-02-08 15:31 - 2013-02-08 15:31 - 00559728 ____A (Microsoft Corporation) C:\Users\Pardones\Downloads\Setup.X86.pt-BR_HomeStudentRetail_37603a03-b6e1-4a8e-83db-d93af767b416_TX_PR_.exe
2013-02-03 11:06 - 2013-02-03 11:06 - 00051496 ____A (Windows ® Win 7 DDK provider) C:\Windows\System32\Drivers\stflt.sys

==================== One Month Modified Files and Folders =======

2013-03-05 14:56 - 2013-03-05 14:56 - 00000000 ____D C:\FRST
2013-03-05 09:05 - 2012-11-03 15:45 - 00000000 ____D C:\Users\Pardones\AppData\Roaming\Dropbox
2013-03-05 09:05 - 2012-07-26 00:12 - 00000000 ____D C:\Windows\System32\sru
2013-03-05 09:04 - 2012-11-03 12:21 - 00001074 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-03-04 15:15 - 2012-07-25 23:28 - 00848230 ____A C:\Windows\System32\PerfStringBackup.INI
2013-03-04 15:14 - 2012-08-25 17:38 - 00000000 ____D C:\ProgramData\WinClon
2013-03-04 15:11 - 2012-07-25 23:22 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-03-04 15:05 - 2013-03-04 15:05 - 00029142 ____A C:\Users\Pardones\Desktop\tse.pptx
2013-03-04 15:05 - 2012-12-08 08:36 - 00050688 __ASH C:\Users\Pardones\Desktop\Thumbs.db
2013-03-04 14:50 - 2012-07-25 23:21 - 00032393 ____A C:\Windows\setupact.log
2013-03-04 03:49 - 2012-11-11 07:05 - 00000000 ____D C:\Users\Pardones\Documents\Quicken
2013-03-03 19:31 - 2012-11-03 12:21 - 00001078 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-03-03 16:54 - 2012-10-31 20:44 - 00000000 ____D C:\Program Files (x86)\Steam
2013-03-03 09:55 - 2012-11-03 15:59 - 00000000 ___RD C:\Users\Pardones\Dropbox
2013-03-02 07:47 - 2012-07-25 21:26 - 00262144 __ASH C:\Windows\System32\config\BBI
2013-02-27 17:58 - 2013-02-27 17:58 - 00002022 ____A C:\Users\Pardones\Desktop\aswMBR2.txt
2013-02-27 17:58 - 2013-02-21 16:32 - 00000512 ____A C:\Users\Pardones\Desktop\MBR.dat
2013-02-27 17:34 - 2013-02-27 17:35 - 00262560 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-02-27 17:34 - 2013-02-27 17:35 - 00174496 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-02-27 17:34 - 2013-02-27 17:35 - 00174496 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-02-27 17:34 - 2013-02-27 17:35 - 00095648 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-02-27 17:34 - 2012-12-04 13:05 - 00861088 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-02-27 17:34 - 2012-12-04 13:05 - 00782240 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-02-27 17:34 - 2012-12-04 13:05 - 00000000 ____D C:\Program Files (x86)\Java
2013-02-25 18:32 - 2013-01-08 15:47 - 00021504 __ASH C:\Users\Pardones\Documents\Thumbs.db
2013-02-25 17:42 - 2012-07-25 21:26 - 00262144 __ASH C:\Windows\System32\config\ELAM
2013-02-25 17:39 - 2012-08-05 13:07 - 02083368 ____A C:\Windows\PFRO.log
2013-02-25 17:01 - 2012-10-31 09:54 - 00025377 ____A C:\Users\Pardones\AppData\Roaming\AbsoluteReminder.xml
2013-02-23 06:38 - 2013-02-11 13:51 - 02237968 ____A (Kaspersky Lab ZAO) C:\Users\Pardones\Desktop\TDSSKiller.exe
2013-02-21 17:17 - 2013-02-21 17:16 - 00001702 ____A C:\Users\Pardones\Desktop\RKreport[1]_S_02212013_02d2216.txt
2013-02-21 17:16 - 2013-02-21 17:13 - 00000000 ____D C:\Users\Pardones\Desktop\RK_Quarantine
2013-02-21 17:11 - 2013-02-21 17:11 - 00799232 ____A C:\Users\Pardones\Desktop\RogueKiller.exe
2013-02-21 16:49 - 2013-02-21 16:23 - 00000402 ____A C:\Users\Pardones\Desktop\Virus total.txt
2013-02-21 16:33 - 2013-02-21 16:33 - 00000119 ____A C:\Users\Pardones\Desktop\MBR.rar
2013-02-21 16:32 - 2013-02-21 16:32 - 00001982 ____A C:\Users\Pardones\Desktop\aswMBR.txt
2013-02-21 16:26 - 2013-02-21 16:24 - 04732416 ____A (AVAST Software) C:\Users\Pardones\Desktop\aswMBR.exe
2013-02-21 11:59 - 2013-02-25 16:54 - 02063240 ____A (Samsung Electronics) C:\ProgramData\MakeMarkerFile.exe
2013-02-18 19:10 - 2013-02-18 19:10 - 00054300 ____A C:\Users\Pardones\Desktop\MbrScan.log
2013-02-18 19:10 - 2013-02-18 19:09 - 00000512 ____A C:\Users\Pardones\Desktop\Dump_Hdd1_DR1.mbr
2013-02-18 19:10 - 2013-02-18 19:09 - 00000512 ____A C:\Users\Pardones\Desktop\Dump_Hdd0_DR0.mbr
2013-02-18 17:13 - 2013-02-18 17:13 - 00001137 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-02-18 17:13 - 2013-02-18 17:13 - 00000000 ____D C:\Users\Pardones\AppData\Roaming\Malwarebytes
2013-02-18 17:13 - 2013-02-18 17:13 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-02-18 17:13 - 2013-02-18 17:13 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-02-18 17:08 - 2013-02-18 17:08 - 00001682 ____A C:\Users\Pardones\Desktop\AdwCleaner[S1].txt
2013-02-18 17:08 - 2013-02-18 17:08 - 00000000 ____D C:\ProgramData\boost_interprocess
2013-02-18 17:04 - 2013-02-18 17:04 - 00001682 ____A C:\AdwCleaner[S1].txt
2013-02-18 17:04 - 2013-02-18 17:04 - 00000101 ____A C:\Windows\DeleteOnReboot.bat
2013-02-18 17:01 - 2013-02-18 16:59 - 10156344 ____A (Malwarebytes Corporation ) C:\Users\Pardones\Desktop\mbam-setup-1.70.0.1100.exe
2013-02-18 17:00 - 2013-02-18 17:00 - 00147456 ____A (Eric_71) C:\Users\Pardones\Desktop\MbrScan.exe
2013-02-18 16:58 - 2013-02-18 16:58 - 00587671 ____A C:\Users\Pardones\Desktop\AdwCleaner.exe
2013-02-18 15:39 - 2012-11-11 09:58 - 00000000 ____D C:\Users\Pardones\Documents\Tania
2013-02-17 17:11 - 2013-02-17 14:49 - 00000000 ____D C:\Users\Pardones\Desktop\HijackThis
2013-02-17 13:09 - 2012-08-25 17:01 - 02021386 ____A C:\Windows\WindowsUpdate.log
2013-02-16 14:28 - 2012-07-26 00:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-02-08 15:31 - 2013-02-08 15:31 - 00559728 ____A (Microsoft Corporation) C:\Users\Pardones\Downloads\Setup.X86.pt-BR_HomeStudentRetail_37603a03-b6e1-4a8e-83db-d93af767b416_TX_PR_.exe
2013-02-07 02:17 - 2012-11-15 07:53 - 00000000 ____D C:\Users\Pardones\AppData\Local\CrashDumps
2013-02-04 13:36 - 2013-02-08 15:46 - 00693600 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-02-04 13:36 - 2013-02-08 15:46 - 00081248 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-02-03 11:06 - 2013-02-03 11:06 - 00051496 ____A (Windows ® Win 7 DDK provider) C:\Windows\System32\Drivers\stflt.sys


==================== Known DLLs (Whitelisted) =================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe
[2012-11-18 02:21] - [2012-10-10 21:46] - 0517120 ____A (Microsoft Corporation) BCF2036A0DD579E47C008C133550283E

C:\Windows\System32\wininit.exe
[2012-07-25 16:03] - [2012-07-25 19:08] - 0132608 ____A (Microsoft Corporation) FE9AB232B56A12224E8A3F3F9878C9A3

C:\Windows\explorer.exe
[2012-11-18 02:21] - [2012-10-10 23:35] - 2380944 ____A (Microsoft Corporation) E13A31D5254C25406A7946BDD9B06364

C:\Windows\SysWOW64\explorer.exe
[2012-11-18 02:21] - [2012-10-10 21:56] - 2115952 ____A (Microsoft Corporation) 953ADECFF08202A01EFC6110214FDE02

C:\Windows\System32\svchost.exe
[2012-10-31 10:24] - [2012-09-19 22:33] - 0029696 ____A (Microsoft Corporation) EDE27EACE742EE2888C5DD36400A2EC0

C:\Windows\SysWOW64\svchost.exe
[2012-10-31 10:24] - [2012-09-19 21:55] - 0023040 ____A (Microsoft Corporation) A46DC432F81473F526E3994AA483E366

C:\Windows\System32\services.exe
[2012-10-31 10:24] - [2012-09-19 22:33] - 0410624 ____A (Microsoft Corporation) 8F226143046435C75C033B0C52E90FFE

C:\Windows\System32\User32.dll
[2012-10-31 10:24] - [2012-09-19 22:33] - 1342464 ____A (Microsoft Corporation) A99AD14F26BDA7D7F27F76BC91B7EED7

C:\Windows\SysWOW64\User32.dll
[2012-10-31 10:24] - [2012-09-19 20:10] - 1126912 ____A (Microsoft Corporation) BA1C3ACD929A71E88B49C2B6E38F92B3

C:\Windows\System32\userinit.exe
[2012-07-25 16:06] - [2012-07-25 19:08] - 0025088 ____A (Microsoft Corporation) 0E925F7BA032920D58DD284B6181A247

C:\Windows\SysWOW64\userinit.exe
[2012-07-25 16:08] - [2012-07-25 19:21] - 0021504 ____A (Microsoft Corporation) 9F6289D194A04A09671FEED4B6CB6EF7

C:\Windows\System32\Drivers\volsnap.sys
[2012-07-25 18:30] - [2012-07-25 20:57] - 0332016 ____A (Microsoft Corporation) 2FB3CDFD5EAF4CD9D4AFAF96877D13AE


==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points =========================

Restore point made on: 2013-02-08 15:45:46
Restore point made on: 2013-02-17 16:38:33
Restore point made on: 2013-02-25 17:20:50
Restore point made on: 2013-02-27 17:34:31

==================== Memory info ===========================

Percentage of memory in use: 11%
Total physical RAM: 7893.53 MB
Available physical RAM: 7001.7 MB
Total Pagefile: 7893.53 MB
Available Pagefile: 7015.02 MB
Total Virtual: 8192 MB
Available Virtual: 8191.87 MB

==================== Partitions =============================

1 Drive c: () (Fixed) (Total:907.62 GB) (Free:719.91 GB) NTFS
2 Drive d: () (Fixed) (Total:232.88 GB) (Free:45.09 GB) NTFS
3 Drive e: (SAMSUNG_REC2) (Fixed) (Total:21.98 GB) (Free:0.99 GB) NTFS
4 Drive f: (SAMSUNG_REC) (Fixed) (Total:1 GB) (Free:0.22 GB) FAT32 ==>[System with boot components (obtained from reading drive)]
6 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS


Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 931 GB 0 B *
Disk 1 Online 7641 MB 0 B
Disk 2 Online 232 GB 7168 KB

Partitions of Disk 0:
===============

Disk ID: {F6CE8C43-7243-4A19-9D7A-70BD459A33DE}

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Recovery 500 MB 1024 KB
Partition 2 System (partition with boot components) 300 MB 501 MB
Partition 3 Reserved 128 MB 801 MB
Partition 4 Primary 907 GB 929 MB
Partition 5 Recovery 21 GB 908 GB
Partition 6 Recovery 1024 MB 930 GB

==================================================================================

Disk: 0
Partition 1
Type : de94bba4-06d1-4d40-a16a-bfd50179d6ac
Hidden : Yes
Required: Yes
Attrib : 0X8000000000000001

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 Windows RE NTFS Partition 500 MB Healthy Hidden

=========================================================

Disk: 0
Partition 2
Type : c12a7328-f81f-11d2-ba4b-00a0c93ec93b
Hidden : Yes
Required: No
Attrib : 0X8000000000000000

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 SYSTEM FAT32 Partition 300 MB Healthy Hidden

=========================================================

Disk: 0
Partition 3
Type : e3c9e316-0b5c-4db8-817d-f92df00215ae
Hidden : Yes
Required: No
Attrib : 0X8000000000000000

There is no volume associated with this partition.

=========================================================

Disk: 0
Partition 4
Type : ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
Hidden : No
Required: No
Attrib : 0000000000000000

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 C NTFS Partition 907 GB Healthy

=========================================================

Disk: 0
Partition 5
Type : de94bba4-06d1-4d40-a16a-bfd50179d6ac
Hidden : Yes
Required: Yes
Attrib : 0X0000000000000001

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 E SAMSUNG_REC NTFS Partition 21 GB Healthy Hidden

=========================================================

Disk: 0
Partition 6
Type : de94bba4-06d1-4d40-a16a-bfd50179d6ac
Hidden : Yes
Required: Yes
Attrib : 0X0000000000000001

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 5 F SAMSUNG_REC FAT32 Partition 1024 MB Healthy Hidden

=========================================================

Partitions of Disk 1:
===============

Disk ID: 74F02DEA

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 7640 MB 1024 KB

==================================================================================

Disk: 1
Partition 1
Type : 73
Hidden: Yes
Active: No

There is no volume associated with this partition.

=========================================================

Partitions of Disk 2:
===============

Disk ID: 1D6F2507

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 0 Extended 232 GB 8032 KB
Partition 1 Logical 232 GB 8064 KB

==================================================================================

Disk: 2
Partition 1
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 6 D NTFS Partition 232 GB Healthy

=========================================================

Last Boot: 2013-03-03 10:05

==================== End Of Log =============================