lnr123bsr

Okay, I just successfully ran ComboFix in normal mode. (Now I have 3 copies of ComboFix on my desktop.) Here is the log file: ComboFix 12-03-31.03 - Leslie 04/01/2012 10:14:55.1.2 - x86 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3037.2464 [GMT -4:00] Running from: c:\users\Leslie\Desktop\ComboFix3.exe SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Created a new restore point . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\o7t15sWM.exe_ c:\users\Leslie\AppData\Local\{FB03B9CF-CCCB-4896-AD87-37B25AFDD03C} c:\users\Leslie\AppData\Local\{FB03B9CF-CCCB-4896-AD87-37B25AFDD03C}\chrome.manifest c:\users\Leslie\AppData\Local\{FB03B9CF-CCCB-4896-AD87-37B25AFDD03C}\chrome\content\_cfg.js c:\users\Leslie\AppData\Local\{FB03B9CF-CCCB-4896-AD87-37B25AFDD03C}\chrome\content\overlay.xul c:\users\Leslie\AppData\Local\{FB03B9CF-CCCB-4896-AD87-37B25AFDD03C}\install.rdf c:\users\Leslie\AppData\Roaming\Adobe\plugs c:\windows\$NtUninstallKB42325$ c:\windows\system32\config\systemprofile\efc1f03e-5762.exe . . ((((((((((((((((((((((((( Files Created from 2012-03-01 to 2012-04-01 ))))))))))))))))))))))))))))))) . . 2012-04-01 14:21 . 2012-04-01 14:22 -------- d-----w- c:\users\Leslie\AppData\Local\temp 2012-04-01 14:21 . 2012-04-01 14:21 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-04-01 13:19 . 2012-04-01 13:19 -------- d-----w- C:\TDSSKiller_Quarantine 2012-04-01 03:18 . 2012-04-01 05:02 -------- d-----w- C:\ComboFix 2012-04-01 03:11 . 2012-04-01 03:14 -------- d-----w- C:\Leslie 2012-03-30 17:24 . 2012-03-30 17:30 13824 ----a-w- c:\windows\system32\drivers\TrueSight.sys 2012-03-30 05:47 . 2012-03-30 05:47 -------- d-----w- c:\program files\Testing 2012-03-30 03:31 . 2012-03-30 03:31 -------- d-----w- c:\windows\Sun 2012-03-30 03:30 . 2011-12-16 07:54 981504 ------w- c:\windows\system32\wininet.dll 2012-03-29 02:13 . 2012-03-29 02:13 158720 ---ha-w- c:\programdata\Microsoft\Windows\DRM\AFFE.tmp . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-04-01 13:20 . 2009-07-13 23:11 445008 ----a-w- c:\windows\system32\drivers\Wdf01000.sys 2011-11-21 04:04 . 2011-12-02 16:53 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ------- Sigcheck ------- Note: Unsigned files aren't necessarily malware. . [-] 2011-12-16 . BDB7450CC556F238FD973C9DA300FEB8 . 981504 . . [8.00.7600.16385] . . c:\windows\System32\wininet.dll [7] 2011-11-05 . E49448ACD38A375E4FBCCB87056E1467 . 982016 . . [8.00.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.21085_none_1d030f43934664a3\wininet.dll [7] 2011-11-05 . 7F5B51FACA193430346970283C50769F . 981504 . . [8.00.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16912_none_1cc24ad279f27f22\wininet.dll [7] 2011-11-05 . 19714FA7D7204D9BEE1EE12791DA9010 . 981504 . . [8.00.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17720_none_1e9bd7587722d451\wininet.dll [7] 2011-11-05 . 1903228FE0C7D402B26A217F8D7713FD . 982016 . . [8.00.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.21855_none_1f0a05d1905446a1\wininet.dll [7] 2011-08-20 . 7570FA3FC82E08FB637E32D2D95DB41D . 981504 . . [8.00.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.21795_none_1edec43b9074b93e\wininet.dll [7] 2011-08-20 . 1DBC7303366C0C9B80E51C4B4BECB7ED . 981504 . . [8.00.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16869_none_1c933b567a14bf11\wininet.dll [7] 2011-08-20 . 79FFA6C81F9F5B2244C5668D08387EA6 . 982016 . . [8.00.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.21033_none_1d371e4b931fa640\wininet.dll [7] 2011-08-20 . DBF24E87CB605A4F6E7424DD86F7A62C . 981504 . . [8.00.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17671_none_1e66c620774a7c36\wininet.dll [7] 2010-12-18 . F019FCA21F609E34B79AE130681D08F7 . 981504 . . [8.00.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16722_none_1cb7771a79faa0c5\wininet.dll [7] 2010-12-18 . 025031C16D3A486F6AFE1C9B2FB1ADE0 . 981504 . . [8.00.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20861_none_1d14d3eb933996fc\wininet.dll [7] 2010-11-20 . 44214C94911C7CFB1D52CB64D5E8368D . 980992 . . [8.00.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17514_none_1eaaa4a07717236e\wininet.dll [7] 2009-07-14 . 0D874F3BC751CC2198AF2E6783FB8B35 . 977920 . . [8.00.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16385_none_1c7990d87a289fd4\wininet.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2011-12-05 19:17 94208 ----a-w- c:\users\Leslie\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2011-12-05 19:17 94208 ----a-w- c:\users\Leslie\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2011-12-05 19:17 94208 ----a-w- c:\users\Leslie\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2012-01-13 981680] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\PCANotify] 2003-05-29 16:00 8704 ----a-w- c:\windows\System32\PCANotify.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup backupExtension=.CommonStartup . [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^QuickBooks Update Agent.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk backup=c:\windows\pss\QuickBooks Update Agent.lnk.CommonStartup backupExtension=.CommonStartup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0] 2009-02-27 18:14 640376 ----a-w- c:\program files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher] 2009-02-27 22:54 38768 ----a-w- c:\program files\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2009-02-27 23:10 35696 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon] 2011-09-27 12:22 59240 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ConnectionCenter] 2010-10-12 21:24 304568 ----a-w- c:\program files\Citrix\ICA Client\concentr.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds] 2010-08-25 23:45 171032 ----a-w- c:\windows\System32\hkcmd.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] 2007-05-08 20:24 54840 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon] 2008-07-22 22:33 150528 ----a-w- c:\program files\HP\Digital Imaging\bin\HpqSRmon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif] 2009-06-05 01:03 186904 ----a-w- c:\program files\Intel\Intel Matrix Storage Manager\IAAnotif.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray] 2010-08-25 23:45 136216 ----a-w- c:\windows\System32\igfxtray.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Intuit SyncManager] 2011-02-22 07:28 1497352 ----a-w- c:\program files\Common Files\Intuit\Sync\IntuitSyncManager.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2011-11-13 05:24 421736 ----a-w- c:\program files\iTunes\iTunesHelper.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)] 2012-01-13 18:53 981680 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbam.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware (reboot)] 2012-01-13 18:53 981680 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbam.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVDDXSrv] 2009-06-25 02:19 140520 ----a-w- c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence] 2010-08-25 23:45 170520 ----a-w- c:\windows\System32\igfxpers.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2010-11-29 22:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl] 2009-05-23 08:22 7514656 ----a-w- c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2009-10-11 09:17 149280 ----a-w- c:\program files\Java\jre6\bin\jusched.exe . R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-03-13 1343400] R3 XIRLINK;IBM PC Camera;c:\windows\system32\DRIVERS\C-itnt.sys [2000-09-26 486176] S1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\DRIVERS\ctxusbm.sys [2010-07-14 65584] S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSrv.exe [2009-03-31 81920] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-05-23 167936] . . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 HPService REG_MULTI_SZ HPSLPSVC hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.yahoo.com/ uInternet Settings,ProxyOverride = *.local IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\users\Leslie\AppData\Roaming\Mozilla\Firefox\Profiles\bgknw8eh.default\ FF - prefs.js: network.proxy.type - 0 . - - - - ORPHANS REMOVED - - - - . Toolbar-Locked - (no file) SafeBoot-42492281.sys MSConfigStartUp-MaxtorOneTouch - c:\program files\Maxtor\OneTouch\utils\OneTouch.exe MSConfigStartUp-mxomssmenu - c:\program files\Maxtor\OneTouch Status\maxmenumgr.exe . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2012-04-01 10:24:06 ComboFix-quarantined-files.txt 2012-04-01 14:24 . Pre-Run: 414,448,537,600 bytes free Post-Run: 414,391,406,592 bytes free . - - End Of File - - 11EA22BF5B5B008D935E12264E4FAE68

I can't uninstall Combofix. When it crashed the first time yesterday, I reinstalled it as ComboFix2 and ran that and it crashed too. Now I've tried ComboFix /uninstall and I get a message saying Windows cannot find 'ComboFix2.exe' When I try ComboFix2 /uninstall I get 0 items in the search results. Now when I try to download ComboFix a third time it asks me if I want to replace my existing copy or save it as a new name. What should I do? Thanks.

I ran TDSSKiller in Safe Mode. When I ran it, some threats were marked as Cure and some as Skip. I did not change anything. Here are the results: 09:17:47.0319 1596 TDSS rootkit removing tool 2.7.23.0 Mar 26 2012 13:40:18 09:17:47.0684 1596 ============================================================ 09:17:47.0684 1596 Current date / time: 2012/04/01 09:17:47.0684 09:17:47.0684 1596 SystemInfo: 09:17:47.0684 1596 09:17:47.0684 1596 OS Version: 6.1.7601 ServicePack: 1.0 09:17:47.0684 1596 Product type: Workstation 09:17:47.0684 1596 ComputerName: LESLIE-PC 09:17:47.0685 1596 UserName: Leslie 09:17:47.0685 1596 Windows directory: C:\Windows 09:17:47.0685 1596 System windows directory: C:\Windows 09:17:47.0685 1596 Processor architecture: Intel x86 09:17:47.0685 1596 Number of processors: 2 09:17:47.0685 1596 Page size: 0x1000 09:17:47.0685 1596 Boot type: Safe boot with network 09:17:47.0685 1596 ============================================================ 09:17:47.0975 1596 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 09:17:47.0976 1596 \Device\Harddisk0\DR0: 09:17:47.0976 1596 MBR used 09:17:47.0976 1596 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000 09:17:47.0976 1596 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x38625830 09:17:48.0066 1596 Initialize success 09:17:48.0066 1596 ============================================================ 09:18:04.0073 1868 ============================================================ 09:18:04.0073 1868 Scan started 09:18:04.0073 1868 Mode: Manual; SigCheck; TDLFS; 09:18:04.0073 1868 ============================================================ 09:18:05.0423 1868 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys 09:18:05.0541 1868 1394ohci - ok 09:18:05.0590 1868 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys 09:18:05.0601 1868 ACPI - ok 09:18:05.0754 1868 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys 09:18:05.0815 1868 AcpiPmi - ok 09:18:05.0970 1868 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys 09:18:05.0983 1868 adp94xx - ok 09:18:06.0076 1868 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys 09:18:06.0086 1868 adpahci - ok 09:18:06.0105 1868 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys 09:18:06.0114 1868 adpu320 - ok 09:18:06.0154 1868 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll 09:18:06.0194 1868 AeLookupSvc - ok 09:18:06.0283 1868 AERTFilters (7a841462ad4749f8a07b27ae8e8947b8) C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe 09:18:06.0351 1868 AERTFilters - ok 09:18:06.0474 1868 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys 09:18:06.0605 1868 AFD - ok 09:18:06.0642 1868 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys 09:18:06.0649 1868 agp440 - ok 09:18:06.0718 1868 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys 09:18:06.0726 1868 aic78xx - ok 09:18:06.0842 1868 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe 09:18:06.0891 1868 ALG - ok 09:18:06.0970 1868 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys 09:18:06.0976 1868 aliide - ok 09:18:07.0056 1868 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys 09:18:07.0063 1868 amdagp - ok 09:18:07.0125 1868 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys 09:18:07.0132 1868 amdide - ok 09:18:07.0188 1868 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys 09:18:07.0227 1868 AmdK8 - ok 09:18:07.0302 1868 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys 09:18:07.0326 1868 AmdPPM - ok 09:18:07.0386 1868 amdsata (e7f4d42d8076ec60e21715cd11743a0d) C:\Windows\system32\drivers\amdsata.sys 09:18:07.0394 1868 amdsata - ok 09:18:07.0477 1868 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys 09:18:07.0486 1868 amdsbs - ok 09:18:07.0547 1868 amdxata (146459d2b08bfdcbfa856d9947043c81) C:\Windows\system32\drivers\amdxata.sys 09:18:07.0555 1868 amdxata - ok 09:18:07.0619 1868 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys 09:18:07.0725 1868 AppID - ok 09:18:07.0872 1868 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll 09:18:07.0910 1868 AppIDSvc - ok 09:18:07.0974 1868 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll 09:18:08.0012 1868 Appinfo - ok 09:18:08.0179 1868 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 09:18:08.0187 1868 Apple Mobile Device - ok 09:18:08.0322 1868 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys 09:18:08.0330 1868 arc - ok 09:18:08.0350 1868 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys 09:18:08.0388 1868 arcsas - ok 09:18:08.0414 1868 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys 09:18:08.0505 1868 AsyncMac - ok 09:18:08.0634 1868 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys 09:18:08.0641 1868 atapi - ok 09:18:08.0708 1868 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll 09:18:08.0732 1868 AudioEndpointBuilder - ok 09:18:08.0739 1868 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll 09:18:08.0760 1868 Audiosrv - ok 09:18:08.0872 1868 awhost32 (958038b812e2b6ab998e115194b8d2b7) C:\Program Files\Symantec\pcAnywhere\awhost32.exe 09:18:08.0895 1868 awhost32 ( UnsignedFile.Multi.Generic ) - warning 09:18:08.0895 1868 awhost32 - detected UnsignedFile.Multi.Generic (1) 09:18:08.0973 1868 awlegacy (abfe3ab22767eeb5e7d91b1b3bb2901c) C:\Windows\System32\Drivers\awlegacy.sys 09:18:08.0991 1868 awlegacy ( UnsignedFile.Multi.Generic ) - warning 09:18:08.0991 1868 awlegacy - detected UnsignedFile.Multi.Generic (1) 09:18:09.0041 1868 AW_HOST (852d995a4b283c341a2baefaa8067671) C:\Windows\system32\drivers\aw_host5.sys 09:18:09.0054 1868 AW_HOST ( UnsignedFile.Multi.Generic ) - warning 09:18:09.0054 1868 AW_HOST - detected UnsignedFile.Multi.Generic (1) 09:18:09.0110 1868 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll 09:18:09.0155 1868 AxInstSV - ok 09:18:09.0408 1868 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys 09:18:09.0456 1868 b06bdrv - ok 09:18:09.0518 1868 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys 09:18:09.0537 1868 b57nd60x - ok 09:18:09.0627 1868 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll 09:18:09.0664 1868 BDESVC - ok 09:18:09.0774 1868 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys 09:18:09.0812 1868 Beep - ok 09:18:09.0948 1868 BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll 09:18:09.0996 1868 BFE - ok 09:18:10.0051 1868 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\System32\qmgr.dll 09:18:10.0111 1868 BITS - ok 09:18:10.0184 1868 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys 09:18:10.0208 1868 blbdrive - ok 09:18:10.0309 1868 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe 09:18:10.0319 1868 Bonjour Service - ok 09:18:10.0409 1868 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys 09:18:10.0426 1868 bowser - ok 09:18:10.0450 1868 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys 09:18:10.0488 1868 BrFiltLo - ok 09:18:10.0505 1868 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys 09:18:10.0529 1868 BrFiltUp - ok 09:18:10.0679 1868 BridgeMP (77361d72a04f18809d0efb6cceb74d4b) C:\Windows\system32\DRIVERS\bridge.sys 09:18:10.0717 1868 BridgeMP - ok 09:18:10.0785 1868 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll 09:18:10.0819 1868 Browser - ok 09:18:10.0846 1868 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys 09:18:10.0872 1868 Brserid - ok 09:18:10.0939 1868 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys 09:18:10.0963 1868 BrSerWdm - ok 09:18:10.0969 1868 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys 09:18:10.0997 1868 BrUsbMdm - ok 09:18:11.0017 1868 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys 09:18:11.0058 1868 BrUsbSer - ok 09:18:11.0115 1868 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys 09:18:11.0138 1868 BTHMODEM - ok 09:18:11.0192 1868 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll 09:18:11.0221 1868 bthserv - ok 09:18:11.0265 1868 BVRPMPR5 (6598d078d5446197aed6b46c6a2a3431) C:\Windows\system32\drivers\BVRPMPR5.SYS 09:18:11.0284 1868 BVRPMPR5 ( UnsignedFile.Multi.Generic ) - warning 09:18:11.0284 1868 BVRPMPR5 - detected UnsignedFile.Multi.Generic (1) 09:18:11.0436 1868 catchme - ok 09:18:11.0548 1868 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys 09:18:11.0583 1868 cdfs - ok 09:18:11.0716 1868 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\drivers\cdrom.sys 09:18:11.0731 1868 cdrom - ok 09:18:11.0872 1868 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll 09:18:11.0902 1868 CertPropSvc - ok 09:18:11.0967 1868 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys 09:18:12.0012 1868 circlass - ok 09:18:12.0168 1868 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys 09:18:12.0178 1868 CLFS - ok 09:18:12.0295 1868 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 09:18:12.0309 1868 clr_optimization_v2.0.50727_32 - ok 09:18:12.0372 1868 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys 09:18:12.0395 1868 CmBatt - ok 09:18:12.0503 1868 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys 09:18:12.0511 1868 cmdide - ok 09:18:12.0553 1868 CNG (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys 09:18:12.0573 1868 CNG - ok 09:18:12.0625 1868 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys 09:18:12.0632 1868 Compbatt - ok 09:18:12.0742 1868 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys 09:18:12.0767 1868 CompositeBus - ok 09:18:12.0819 1868 COMSysApp - ok 09:18:12.0859 1868 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys 09:18:12.0876 1868 crcdisk - ok 09:18:12.0966 1868 CryptSvc (a585bebf7d054bd9618eda0922d5484a) C:\Windows\system32\cryptsvc.dll 09:18:13.0002 1868 CryptSvc - ok 09:18:13.0096 1868 ctxusbm (cb6ff7012bb5d59d7c12350db795ce1f) C:\Windows\system32\DRIVERS\ctxusbm.sys 09:18:13.0109 1868 ctxusbm - ok 09:18:13.0212 1868 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll 09:18:13.0249 1868 DcomLaunch - ok 09:18:13.0295 1868 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll 09:18:13.0326 1868 defragsvc - ok 09:18:13.0442 1868 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys 09:18:13.0490 1868 DfsC - ok 09:18:13.0578 1868 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll 09:18:13.0624 1868 Dhcp - ok 09:18:13.0704 1868 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys 09:18:13.0739 1868 discache - ok 09:18:13.0800 1868 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys 09:18:13.0807 1868 Disk - ok 09:18:13.0852 1868 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll 09:18:13.0890 1868 Dnscache - ok 09:18:13.0978 1868 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll 09:18:14.0025 1868 dot3svc - ok 09:18:14.0114 1868 Dot4 (b5e479eb83707dd698f66953e922042c) C:\Windows\system32\DRIVERS\Dot4.sys 09:18:14.0183 1868 Dot4 - ok 09:18:14.0302 1868 Dot4Print (caefd09b6a6249c53a67d55a9a9fcabf) C:\Windows\system32\DRIVERS\Dot4Prt.sys 09:18:14.0323 1868 Dot4Print - ok 09:18:14.0354 1868 dot4usb (cf491ff38d62143203c065260567e2f7) C:\Windows\system32\DRIVERS\dot4usb.sys 09:18:14.0404 1868 dot4usb - ok 09:18:14.0434 1868 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll 09:18:14.0464 1868 DPS - ok 09:18:14.0704 1868 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys 09:18:14.0725 1868 drmkaud - ok 09:18:14.0755 1868 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys 09:18:14.0773 1868 DXGKrnl - ok 09:18:14.0815 1868 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll 09:18:14.0845 1868 EapHost - ok 09:18:15.0075 1868 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys 09:18:15.0125 1868 ebdrv - ok 09:18:15.0176 1868 EFS (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe 09:18:15.0210 1868 EFS - ok 09:18:15.0312 1868 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe 09:18:15.0340 1868 ehRecvr - ok 09:18:15.0386 1868 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe 09:18:15.0442 1868 ehSched - ok 09:18:15.0609 1868 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys 09:18:15.0623 1868 elxstor - ok 09:18:15.0692 1868 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys 09:18:15.0719 1868 ErrDev - ok 09:18:15.0818 1868 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll 09:18:15.0865 1868 EventSystem - ok 09:18:15.0934 1868 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys 09:18:15.0970 1868 exfat - ok 09:18:16.0109 1868 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys 09:18:16.0147 1868 fastfat - ok 09:18:16.0228 1868 Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe 09:18:16.0276 1868 Fax - ok 09:18:16.0338 1868 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys 09:18:16.0373 1868 fdc - ok 09:18:16.0434 1868 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll 09:18:16.0471 1868 fdPHost - ok 09:18:16.0526 1868 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll 09:18:16.0554 1868 FDResPub - ok 09:18:16.0606 1868 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys 09:18:16.0627 1868 FileInfo - ok 09:18:16.0691 1868 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys 09:18:16.0730 1868 Filetrace - ok 09:18:16.0953 1868 FLEXnet Licensing Service (f76d04f7413b07daa029f6520b64b4e8) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe 09:18:16.0984 1868 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning 09:18:16.0985 1868 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1) 09:18:17.0072 1868 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys 09:18:17.0103 1868 flpydisk - ok 09:18:17.0193 1868 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys 09:18:17.0203 1868 FltMgr - ok 09:18:17.0264 1868 FontCache (fa6c66e4364d7da57aade5dcc03bb999) C:\Windows\system32\FntCache.dll 09:18:17.0310 1868 FontCache - ok 09:18:17.0609 1868 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 09:18:17.0616 1868 FontCache3.0.0.0 - ok 09:18:17.0686 1868 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys 09:18:17.0694 1868 FsDepends - ok 09:18:17.0758 1868 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys 09:18:17.0765 1868 Fs_Rec - ok 09:18:17.0880 1868 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys 09:18:17.0906 1868 fvevol - ok 09:18:17.0994 1868 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys 09:18:18.0001 1868 gagp30kx - ok 09:18:18.0075 1868 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 09:18:18.0091 1868 GEARAspiWDM - ok 09:18:18.0117 1868 Gernuwa (fd25177ced6751c14de170d8282ced90) C:\Windows\system32\drivers\Gernuwa.sys 09:18:18.0129 1868 Gernuwa ( UnsignedFile.Multi.Generic ) - warning 09:18:18.0129 1868 Gernuwa - detected UnsignedFile.Multi.Generic (1) 09:18:18.0179 1868 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll 09:18:18.0223 1868 gpsvc - ok 09:18:18.0314 1868 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys 09:18:18.0365 1868 hcw85cir - ok 09:18:18.0427 1868 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys 09:18:18.0446 1868 HDAudBus - ok 09:18:18.0523 1868 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys 09:18:18.0549 1868 HidBatt - ok 09:18:18.0568 1868 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys 09:18:18.0591 1868 HidBth - ok 09:18:18.0729 1868 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys 09:18:18.0780 1868 HidIr - ok 09:18:18.0826 1868 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\System32\hidserv.dll 09:18:18.0873 1868 hidserv - ok 09:18:19.0076 1868 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\drivers\hidusb.sys 09:18:19.0107 1868 HidUsb - ok 09:18:19.0201 1868 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll 09:18:19.0216 1868 hkmsvc - ok 09:18:19.0248 1868 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll 09:18:19.0279 1868 HomeGroupListener - ok 09:18:19.0310 1868 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll 09:18:19.0357 1868 HomeGroupProvider - ok 09:18:19.0497 1868 hpqcxs08 (1dae5c46d42b02a6d5862e1482efb390) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll 09:18:19.0528 1868 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning 09:18:19.0528 1868 hpqcxs08 - detected UnsignedFile.Multi.Generic (1) 09:18:19.0528 1868 hpqddsvc (99e8eef42fe2f4af29b08c3355dd7685) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll 09:18:19.0544 1868 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning 09:18:19.0544 1868 hpqddsvc - detected UnsignedFile.Multi.Generic (1) 09:18:19.0684 1868 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys 09:18:19.0700 1868 HpSAMD - ok 09:18:19.0918 1868 HPSLPSVC (79737e0f7d25de8405cb34d4c9882253) C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL 09:18:20.0043 1868 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning 09:18:20.0043 1868 HPSLPSVC - detected UnsignedFile.Multi.Generic (1) 09:18:20.0184 1868 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys 09:18:20.0199 1868 HTTP - ok 09:18:20.0246 1868 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys 09:18:20.0262 1868 hwpolicy - ok 09:18:20.0371 1868 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys 09:18:20.0386 1868 i8042prt - ok 09:18:20.0511 1868 IAANTMON (7548066df68a8a1a56b043359f915f37) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe 09:18:20.0511 1868 IAANTMON - ok 09:18:20.0620 1868 iaStor (d483687eace0c065ee772481a96e05f5) C:\Windows\system32\DRIVERS\iaStor.sys 09:18:20.0620 1868 iaStor - ok 09:18:20.0714 1868 iaStorV (a3cae5d281db4cff7cff8233507ee5ad) C:\Windows\system32\drivers\iaStorV.sys 09:18:20.0714 1868 iaStorV - ok 09:18:20.0792 1868 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 09:18:20.0823 1868 idsvc - ok 09:18:21.0166 1868 igfx (8266ae06df974e5ba047b3e9e9e70b3f) C:\Windows\system32\DRIVERS\igdkmd32.sys 09:18:21.0432 1868 igfx - ok 09:18:21.0572 1868 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys 09:18:21.0588 1868 iirsp - ok 09:18:21.0775 1868 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll 09:18:21.0822 1868 IKEEXT - ok 09:18:21.0902 1868 IntcAzAudAddService (8b27c21412ae4404eb0acfe1d98579ec) C:\Windows\system32\drivers\RTKVHDA.sys 09:18:21.0953 1868 IntcAzAudAddService - ok 09:18:22.0056 1868 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys 09:18:22.0063 1868 intelide - ok 09:18:22.0126 1868 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys 09:18:22.0151 1868 intelppm - ok 09:18:22.0194 1868 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll 09:18:22.0227 1868 IPBusEnum - ok 09:18:22.0303 1868 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys 09:18:22.0347 1868 IpFilterDriver - ok 09:18:22.0400 1868 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll 09:18:22.0437 1868 iphlpsvc - ok 09:18:22.0461 1868 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys 09:18:22.0486 1868 IPMIDRV - ok 09:18:22.0646 1868 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys 09:18:22.0677 1868 IPNAT - ok 09:18:22.0884 1868 iPod Service (ca1972397b845b2f53f5dc63c22fd98a) C:\Program Files\iPod\bin\iPodService.exe 09:18:22.0901 1868 iPod Service - ok 09:18:23.0003 1868 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys 09:18:23.0027 1868 IRENUM - ok 09:18:23.0054 1868 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys 09:18:23.0068 1868 isapnp - ok 09:18:23.0088 1868 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys 09:18:23.0098 1868 iScsiPrt - ok 09:18:23.0127 1868 JRAID (d7b5b5c5130b775ec7e32edd780d737f) C:\Windows\system32\DRIVERS\jraid.sys 09:18:23.0164 1868 JRAID - ok 09:18:23.0280 1868 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys 09:18:23.0287 1868 kbdclass - ok 09:18:23.0343 1868 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys 09:18:23.0361 1868 kbdhid - ok 09:18:23.0391 1868 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe 09:18:23.0400 1868 KeyIso - ok 09:18:23.0432 1868 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys 09:18:23.0453 1868 KSecDD - ok 09:18:23.0524 1868 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys 09:18:23.0533 1868 KSecPkg - ok 09:18:23.0560 1868 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll 09:18:23.0598 1868 KtmRm - ok 09:18:23.0633 1868 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\System32\srvsvc.dll 09:18:23.0672 1868 LanmanServer - ok 09:18:23.0791 1868 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll 09:18:23.0810 1868 LanmanWorkstation - ok 09:18:23.0956 1868 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys 09:18:23.0984 1868 lltdio - ok 09:18:24.0011 1868 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll 09:18:24.0043 1868 lltdsvc - ok 09:18:24.0102 1868 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll 09:18:24.0121 1868 lmhosts - ok 09:18:24.0196 1868 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys 09:18:24.0204 1868 LSI_FC - ok 09:18:24.0222 1868 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys 09:18:24.0230 1868 LSI_SAS - ok 09:18:24.0239 1868 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys 09:18:24.0255 1868 LSI_SAS2 - ok 09:18:24.0295 1868 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys 09:18:24.0303 1868 LSI_SCSI - ok 09:18:24.0344 1868 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys 09:18:24.0380 1868 luafv - ok 09:18:24.0406 1868 MaxBackServiceInt - ok 09:18:24.0483 1868 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll 09:18:24.0493 1868 Mcx2Svc - ok 09:18:24.0532 1868 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys 09:18:24.0539 1868 megasas - ok 09:18:24.0584 1868 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys 09:18:24.0600 1868 MegaSR - ok 09:18:24.0625 1868 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll 09:18:24.0669 1868 MMCSS - ok 09:18:24.0750 1868 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys 09:18:24.0768 1868 Modem - ok 09:18:24.0807 1868 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys 09:18:24.0826 1868 monitor - ok 09:18:24.0887 1868 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\drivers\mouclass.sys 09:18:24.0894 1868 mouclass - ok 09:18:25.0022 1868 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys 09:18:25.0031 1868 mouhid - ok 09:18:25.0069 1868 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys 09:18:25.0077 1868 mountmgr - ok 09:18:25.0124 1868 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys 09:18:25.0133 1868 mpio - ok 09:18:25.0151 1868 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys 09:18:25.0184 1868 mpsdrv - ok 09:18:25.0264 1868 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll 09:18:25.0299 1868 MpsSvc - ok 09:18:25.0398 1868 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys 09:18:25.0426 1868 MRxDAV - ok 09:18:25.0559 1868 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys 09:18:25.0574 1868 mrxsmb - ok 09:18:25.0597 1868 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys 09:18:25.0607 1868 mrxsmb10 - ok 09:18:25.0635 1868 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys 09:18:25.0660 1868 mrxsmb20 - ok 09:18:25.0692 1868 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys 09:18:25.0699 1868 msahci - ok 09:18:25.0773 1868 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys 09:18:25.0781 1868 msdsm - ok 09:18:25.0815 1868 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe 09:18:25.0835 1868 MSDTC - ok 09:18:25.0932 1868 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys 09:18:25.0951 1868 Msfs - ok 09:18:26.0011 1868 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys 09:18:26.0045 1868 mshidkmdf - ok 09:18:26.0076 1868 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys 09:18:26.0083 1868 msisadrv - ok 09:18:26.0159 1868 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll 09:18:26.0178 1868 MSiSCSI - ok 09:18:26.0184 1868 msiserver - ok 09:18:26.0290 1868 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys 09:18:26.0325 1868 MSKSSRV - ok 09:18:26.0346 1868 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys 09:18:26.0378 1868 MSPCLOCK - ok 09:18:26.0427 1868 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys 09:18:26.0460 1868 MSPQM - ok 09:18:26.0541 1868 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys 09:18:26.0550 1868 MsRPC - ok 09:18:26.0585 1868 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys 09:18:26.0602 1868 mssmbios - ok 09:18:26.0645 1868 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys 09:18:26.0664 1868 MSTEE - ok 09:18:26.0683 1868 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys 09:18:26.0706 1868 MTConfig - ok 09:18:26.0778 1868 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys 09:18:26.0785 1868 Mup - ok 09:18:26.0813 1868 MXOPSWD (c29f284ff7ab4ed38ce419a9424e52a2) C:\Windows\system32\DRIVERS\mxopswd.sys 09:18:26.0848 1868 MXOPSWD - ok 09:18:26.0885 1868 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll 09:18:26.0922 1868 napagent - ok 09:18:27.0036 1868 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys 09:18:27.0049 1868 NativeWifiP - ok 09:18:27.0085 1868 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys 09:18:27.0104 1868 NDIS - ok 09:18:27.0139 1868 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys 09:18:27.0159 1868 NdisCap - ok 09:18:27.0266 1868 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys 09:18:27.0298 1868 NdisTapi - ok 09:18:27.0326 1868 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys 09:18:27.0358 1868 Ndisuio - ok 09:18:27.0494 1868 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys 09:18:27.0512 1868 NdisWan - ok 09:18:27.0571 1868 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys 09:18:27.0603 1868 NDProxy - ok 09:18:27.0674 1868 Net Driver HPZ12 (510c138564486ff926a3f773205c63d1) C:\Windows\system32\HPZinw12.dll 09:18:27.0677 1868 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning 09:18:27.0677 1868 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1) 09:18:27.0753 1868 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys 09:18:27.0789 1868 NetBIOS - ok 09:18:27.0823 1868 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys 09:18:27.0856 1868 NetBT - ok 09:18:27.0898 1868 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe 09:18:27.0908 1868 Netlogon - ok 09:18:27.0984 1868 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll 09:18:28.0032 1868 Netman - ok 09:18:28.0184 1868 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll 09:18:28.0230 1868 netprofm - ok 09:18:28.0304 1868 NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 09:18:28.0311 1868 NetTcpPortSharing - ok 09:18:28.0424 1868 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys 09:18:28.0431 1868 nfrd960 - ok 09:18:28.0468 1868 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll 09:18:28.0506 1868 NlaSvc - ok 09:18:28.0551 1868 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys 09:18:28.0584 1868 Npfs - ok 09:18:28.0691 1868 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll 09:18:28.0710 1868 nsi - ok 09:18:28.0767 1868 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys 09:18:28.0798 1868 nsiproxy - ok 09:18:28.0898 1868 Ntfs (33c3093d09017cfe2e219f2472bff6eb) C:\Windows\system32\drivers\Ntfs.sys 09:18:28.0923 1868 Ntfs - ok 09:18:29.0007 1868 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys 09:18:29.0041 1868 Null - ok 09:18:29.0071 1868 nvraid (af2eec9580c1d32fb7eaf105d9784061) C:\Windows\system32\drivers\nvraid.sys 09:18:29.0080 1868 nvraid - ok 09:18:29.0098 1868 nvstor (9283c58ebaa2618f93482eb5dabcec82) C:\Windows\system32\drivers\nvstor.sys 09:18:29.0107 1868 nvstor - ok 09:18:29.0121 1868 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys 09:18:29.0129 1868 nv_agp - ok 09:18:29.0260 1868 odserv (84de1dd996b48b05ace31ad015fa108a) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 09:18:29.0271 1868 odserv - ok 09:18:29.0348 1868 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys 09:18:29.0369 1868 ohci1394 - ok 09:18:29.0482 1868 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 09:18:29.0489 1868 ose - ok 09:18:29.0605 1868 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll 09:18:29.0647 1868 p2pimsvc - ok 09:18:29.0704 1868 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll 09:18:29.0733 1868 p2psvc - ok 09:18:29.0789 1868 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys 09:18:29.0798 1868 Parport - ok 09:18:29.0853 1868 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys 09:18:29.0861 1868 partmgr - ok 09:18:29.0878 1868 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys 09:18:29.0904 1868 Parvdm - ok 09:18:29.0957 1868 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll 09:18:29.0970 1868 PcaSvc - ok 09:18:30.0018 1868 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys 09:18:30.0027 1868 pci - ok 09:18:30.0093 1868 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys 09:18:30.0101 1868 pciide - ok 09:18:30.0129 1868 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys 09:18:30.0138 1868 pcmcia - ok 09:18:30.0162 1868 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys 09:18:30.0169 1868 pcw - ok 09:18:30.0238 1868 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys 09:18:30.0283 1868 PEAUTH - ok 09:18:30.0469 1868 PEVSystemStart (f042ee4c8d66248d9b86dcf52abae416) C:\ComboFix2\pev.3XE 09:18:30.0502 1868 PEVSystemStart ( UnsignedFile.Multi.Generic ) - warning 09:18:30.0502 1868 PEVSystemStart - detected UnsignedFile.Multi.Generic (1) 09:18:30.0595 1868 pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll 09:18:30.0645 1868 pla - ok 09:18:30.0676 1868 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll 09:18:30.0719 1868 PlugPlay - ok 09:18:30.0924 1868 Pml Driver HPZ12 (37e5e8ffbad35605daeec3224ea0e465) C:\Windows\system32\HPZipm12.dll 09:18:30.0944 1868 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning 09:18:30.0944 1868 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1) 09:18:30.0971 1868 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll 09:18:30.0991 1868 PNRPAutoReg - ok 09:18:31.0013 1868 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll 09:18:31.0025 1868 PNRPsvc - ok 09:18:31.0062 1868 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll 09:18:31.0096 1868 PolicyAgent - ok 09:18:31.0159 1868 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll 09:18:31.0194 1868 Power - ok 09:18:31.0259 1868 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys 09:18:31.0288 1868 PptpMiniport - ok 09:18:31.0311 1868 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys 09:18:31.0320 1868 Processor - ok 09:18:31.0428 1868 ProfSvc (43ca4ccc22d52fb58e8988f0198851d0) C:\Windows\system32\profsvc.dll 09:18:31.0448 1868 ProfSvc - ok 09:18:31.0481 1868 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe 09:18:31.0490 1868 ProtectedStorage - ok 09:18:31.0561 1868 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys 09:18:31.0592 1868 Psched - ok 09:18:31.0696 1868 PxHelp20 (40fedd328f98245ad201cf5f9f311724) C:\Windows\system32\Drivers\PxHelp20.sys 09:18:31.0701 1868 PxHelp20 - ok 09:18:31.0797 1868 QBCFMonitorService (d2c73b0f27d0750887a3da3bd28f930c) C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe 09:18:31.0806 1868 QBCFMonitorService ( UnsignedFile.Multi.Generic ) - warning 09:18:31.0806 1868 QBCFMonitorService - detected UnsignedFile.Multi.Generic (1) 09:18:31.0847 1868 QBFCService (6bee1814470dc12fa20c53dfc3c97ebb) C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe 09:18:31.0857 1868 QBFCService ( UnsignedFile.Multi.Generic ) - warning 09:18:31.0857 1868 QBFCService - detected UnsignedFile.Multi.Generic (1) 09:18:31.0963 1868 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys 09:18:31.0991 1868 ql2300 - ok 09:18:32.0005 1868 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys 09:18:32.0013 1868 ql40xx - ok 09:18:32.0046 1868 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll 09:18:32.0073 1868 QWAVE - ok 09:18:32.0163 1868 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys 09:18:32.0174 1868 QWAVEdrv - ok 09:18:32.0190 1868 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys 09:18:32.0219 1868 RasAcd - ok 09:18:32.0278 1868 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys 09:18:32.0308 1868 RasAgileVpn - ok 09:18:32.0380 1868 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll 09:18:32.0413 1868 RasAuto - ok 09:18:32.0438 1868 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys 09:18:32.0469 1868 Rasl2tp - ok 09:18:32.0531 1868 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll 09:18:32.0565 1868 RasMan - ok 09:18:32.0673 1868 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys 09:18:32.0693 1868 RasPppoe - ok 09:18:32.0709 1868 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys 09:18:32.0743 1868 RasSstp - ok 09:18:32.0774 1868 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys 09:18:32.0808 1868 rdbss - ok 09:18:32.0897 1868 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys 09:18:32.0917 1868 rdpbus - ok 09:18:32.0950 1868 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys 09:18:32.0978 1868 RDPCDD - ok 09:18:33.0022 1868 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys 09:18:33.0039 1868 RDPENCDD - ok 09:18:33.0110 1868 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys 09:18:33.0137 1868 RDPREFMP - ok 09:18:33.0178 1868 RDPWD (288b06960d78428ff89e811632684e20) C:\Windows\system32\drivers\RDPWD.sys 09:18:33.0213 1868 RDPWD - ok 09:18:33.0305 1868 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys 09:18:33.0314 1868 rdyboost - ok 09:18:33.0385 1868 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll 09:18:33.0431 1868 RemoteAccess - ok 09:18:33.0466 1868 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll 09:18:33.0486 1868 RemoteRegistry - ok 09:18:33.0575 1868 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll 09:18:33.0605 1868 RpcEptMapper - ok 09:18:33.0638 1868 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe 09:18:33.0659 1868 RpcLocator - ok 09:18:33.0691 1868 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll 09:18:33.0712 1868 RpcSs - ok 09:18:33.0784 1868 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys 09:18:33.0820 1868 rspndr - ok 09:18:33.0921 1868 RTL8167 (26a9d6227d12b9d9da5a81bb9b55d810) C:\Windows\system32\DRIVERS\Rt86win7.sys 09:18:33.0964 1868 RTL8167 - ok 09:18:34.0005 1868 SamSs (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe 09:18:34.0016 1868 SamSs - ok 09:18:34.0124 1868 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys 09:18:34.0133 1868 sbp2port - ok 09:18:34.0212 1868 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll 09:18:34.0232 1868 SCardSvr - ok 09:18:34.0271 1868 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys 09:18:34.0308 1868 scfilter - ok 09:18:34.0350 1868 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll 09:18:34.0394 1868 Schedule - ok 09:18:34.0577 1868 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll 09:18:34.0594 1868 SCPolicySvc - ok 09:18:34.0620 1868 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll 09:18:34.0660 1868 SDRSVC - ok 09:18:34.0764 1868 SeaPort (d358e077a0a05d9b12da22d137ee8464) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 09:18:34.0774 1868 SeaPort - ok 09:18:34.0867 1868 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 09:18:34.0905 1868 secdrv - ok 09:18:34.0929 1868 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll 09:18:34.0964 1868 seclogon - ok 09:18:35.0036 1868 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll 09:18:35.0069 1868 SENS - ok 09:18:35.0112 1868 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll 09:18:35.0153 1868 SensrSvc - ok 09:18:35.0188 1868 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys 09:18:35.0205 1868 Serenum - ok 09:18:35.0354 1868 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys 09:18:35.0363 1868 Serial - ok 09:18:35.0406 1868 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys 09:18:35.0432 1868 sermouse - ok 09:18:35.0475 1868 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll 09:18:35.0509 1868 SessionEnv - ok 09:18:35.0606 1868 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys 09:18:35.0625 1868 sffdisk - ok 09:18:35.0653 1868 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys 09:18:35.0663 1868 sffp_mmc - ok 09:18:35.0681 1868 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys 09:18:35.0718 1868 sffp_sd - ok 09:18:35.0747 1868 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys 09:18:35.0756 1868 sfloppy - ok 09:18:35.0853 1868 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll 09:18:35.0896 1868 SharedAccess - ok 09:18:35.0933 1868 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll 09:18:35.0964 1868 ShellHWDetection - ok 09:18:36.0027 1868 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys 09:18:36.0042 1868 sisagp - ok 09:18:36.0144 1868 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys 09:18:36.0152 1868 SiSRaid2 - ok 09:18:36.0196 1868 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys 09:18:36.0204 1868 SiSRaid4 - ok 09:18:36.0248 1868 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys 09:18:36.0276 1868 Smb - ok 09:18:36.0357 1868 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe 09:18:36.0385 1868 SNMPTRAP - ok 09:18:36.0468 1868 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys 09:18:36.0475 1868 spldr - ok 09:18:36.0590 1868 Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe 09:18:36.0674 1868 Spooler - ok 09:18:36.0798 1868 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe 09:18:36.0899 1868 sppsvc - ok 09:18:36.0930 1868 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll 09:18:36.0949 1868 sppuinotify - ok 09:18:37.0029 1868 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys 09:18:37.0067 1868 srv - ok 09:18:37.0145 1868 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys 09:18:37.0156 1868 srv2 - ok 09:18:37.0183 1868 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys 09:18:37.0192 1868 srvnet - ok 09:18:37.0281 1868 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll 09:18:37.0303 1868 SSDPSRV - ok 09:18:37.0336 1868 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll 09:18:37.0373 1868 SstpSvc - ok 09:18:37.0553 1868 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys 09:18:37.0560 1868 stexstor - ok 09:18:37.0641 1868 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll 09:18:37.0676 1868 StiSvc - ok 09:18:37.0772 1868 stllssvr (e476c66713c842f58e61a95826ed1d57) C:\Program Files\Common Files\SureThing Shared\stllssvr.exe 09:18:37.0778 1868 stllssvr - ok 09:18:37.0841 1868 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys 09:18:37.0848 1868 swenum - ok 09:18:37.0978 1868 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll 09:18:38.0003 1868 swprv - ok 09:18:38.0121 1868 SymEvent (083fe6483dc16a02af2434d04b7d7aea) C:\Program Files\Symantec\SYMEVENT.SYS 09:18:38.0127 1868 SymEvent - ok 09:18:38.0223 1868 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll 09:18:38.0249 1868 SysMain - ok 09:18:38.0282 1868 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll 09:18:38.0321 1868 TabletInputService - ok 09:18:38.0382 1868 TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll 09:18:38.0427 1868 TapiSrv - ok 09:18:38.0503 1868 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll 09:18:38.0523 1868 TBS - ok 09:18:38.0621 1868 Tcpip (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\drivers\tcpip.sys 09:18:38.0648 1868 Tcpip - ok 09:18:38.0736 1868 TCPIP6 (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\DRIVERS\tcpip.sys 09:18:38.0760 1868 TCPIP6 - ok 09:18:38.0844 1868 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys 09:18:38.0873 1868 tcpipreg - ok 09:18:38.0921 1868 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys 09:18:38.0947 1868 TDPIPE - ok 09:18:38.0977 1868 TDTCP (2c10395baa4847f83042813c515cc289) C:\Windows\system32\drivers\tdtcp.sys 09:18:39.0005 1868 TDTCP - ok 09:18:39.0094 1868 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys 09:18:39.0122 1868 tdx - ok 09:18:39.0152 1868 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys 09:18:39.0159 1868 TermDD - ok 09:18:39.0198 1868 TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll 09:18:39.0222 1868 TermService - ok 09:18:39.0295 1868 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll 09:18:39.0321 1868 Themes - ok 09:18:39.0339 1868 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll 09:18:39.0359 1868 THREADORDER - ok 09:18:39.0434 1868 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll 09:18:39.0467 1868 TrkWks - ok 09:18:39.0603 1868 TrueSight (1512d11c1e1e37a4ae2e2b62794f0d2e) c:\windows\system32\drivers\TrueSight.sys 09:18:39.0606 1868 TrueSight ( UnsignedFile.Multi.Generic ) - warning 09:18:39.0606 1868 TrueSight - detected UnsignedFile.Multi.Generic (1) 09:18:39.0662 1868 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe 09:18:39.0698 1868 TrustedInstaller - ok 09:18:39.0714 1868 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys 09:18:39.0749 1868 tssecsrv - ok 09:18:39.0845 1868 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys 09:18:39.0878 1868 TsUsbFlt - ok 09:18:39.0936 1868 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys 09:18:39.0972 1868 tunnel - ok 09:18:40.0006 1868 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys 09:18:40.0013 1868 uagp35 - ok 09:18:40.0088 1868 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys 09:18:40.0117 1868 udfs - ok 09:18:40.0154 1868 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe 09:18:40.0180 1868 UI0Detect - ok 09:18:40.0225 1868 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys 09:18:40.0232 1868 uliagpkx - ok 09:18:40.0334 1868 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys 09:18:40.0352 1868 umbus - ok 09:18:40.0380 1868 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys 09:18:40.0388 1868 UmPass - ok 09:18:40.0430 1868 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll 09:18:40.0464 1868 upnphost - ok 09:18:40.0556 1868 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys 09:18:40.0572 1868 USBAAPL - ok 09:18:40.0600 1868 usbccgp (7e72e7d7e0757d59481d530fd2b0bfae) C:\Windows\system32\DRIVERS\usbccgp.sys 09:18:40.0622 1868 usbccgp - ok 09:18:40.0646 1868 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys 09:18:40.0656 1868 usbcir - ok 09:18:40.0675 1868 usbehci (1c333bfd60f2fed2c7ad5daf533cb742) C:\Windows\system32\DRIVERS\usbehci.sys 09:18:40.0697 1868 usbehci - ok 09:18:40.0780 1868 usbhub (9d22aad9ac6a07c691a1113e5f860868) C:\Windows\system32\drivers\usbhub.sys 09:18:40.0792 1868 usbhub - ok 09:18:40.0808 1868 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys 09:18:40.0817 1868 usbohci - ok 09:18:40.0832 1868 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys 09:18:40.0841 1868 usbprint - ok 09:18:40.0875 1868 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys 09:18:40.0900 1868 usbscan - ok 09:18:40.0923 1868 USBSTOR (bf63ebfc6979fefb2bc03df7989a0c1a) C:\Windows\system32\DRIVERS\USBSTOR.SYS 09:18:40.0932 1868 USBSTOR - ok 09:18:41.0018 1868 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\DRIVERS\usbuhci.sys 09:18:41.0026 1868 usbuhci - ok 09:18:41.0098 1868 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll 09:18:41.0137 1868 UxSms - ok 09:18:41.0163 1868 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe 09:18:41.0172 1868 VaultSvc - ok 09:18:41.0278 1868 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys 09:18:41.0285 1868 vdrvroot - ok 09:18:41.0322 1868 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe 09:18:41.0346 1868 vds - ok 09:18:41.0380 1868 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys 09:18:41.0406 1868 vga - ok 09:18:41.0477 1868 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys 09:18:41.0496 1868 VgaSave - ok 09:18:41.0533 1868 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys 09:18:41.0542 1868 vhdmp - ok 09:18:41.0596 1868 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys 09:18:41.0603 1868 viaagp - ok 09:18:41.0639 1868 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys 09:18:41.0664 1868 ViaC7 - ok 09:18:41.0735 1868 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys 09:18:41.0741 1868 viaide - ok 09:18:41.0793 1868 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys 09:18:41.0800 1868 volmgr - ok 09:18:41.0843 1868 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys 09:18:41.0886 1868 volmgrx - ok 09:18:41.0967 1868 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys 09:18:41.0977 1868 volsnap - ok 09:18:42.0041 1868 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys 09:18:42.0050 1868 vsmraid - ok 09:18:42.0099 1868 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe 09:18:42.0147 1868 VSS - ok 09:18:42.0232 1868 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys 09:18:42.0251 1868 vwifibus - ok 09:18:42.0307 1868 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll 09:18:42.0351 1868 W32Time - ok 09:18:42.0439 1868 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys 09:18:42.0467 1868 WacomPen - ok 09:18:42.0572 1868 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys 09:18:42.0606 1868 WANARP - ok 09:18:42.0609 1868 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys 09:18:42.0629 1868 Wanarpv6 - ok 09:18:42.0737 1868 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\Windows\system32\Wat\WatAdminSvc.exe 09:18:42.0765 1868 WatAdminSvc - ok 09:18:42.0812 1868 wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe 09:18:42.0840 1868 wbengine - ok 09:18:42.0880 1868 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll 09:18:42.0893 1868 WbioSrvc - ok 09:18:43.0065 1868 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll 09:18:43.0079 1868 wcncsvc - ok 09:18:43.0089 1868 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll 09:18:43.0125 1868 WcsPlugInService - ok 09:18:43.0185 1868 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys 09:18:43.0192 1868 Wd - ok 09:18:43.0227 1868 Wdf01000 (73c5809c82828e34232f9811cb51490e) C:\Windows\system32\drivers\Wdf01000.sys 09:18:43.0230 1868 Suspicious file (Forged): C:\Windows\system32\drivers\Wdf01000.sys. Real md5: 73c5809c82828e34232f9811cb51490e, Fake md5: 9950e3d0f08141c7e89e64456ae7dc73 09:18:43.0231 1868 Wdf01000 ( Virus.Win32.Rloader.a ) - infected 09:18:43.0231 1868 Wdf01000 - detected Virus.Win32.Rloader.a (0) 09:18:43.0261 1868 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll 09:18:43.0286 1868 WdiServiceHost - ok 09:18:43.0290 1868 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll 09:18:43.0301 1868 WdiSystemHost - ok 09:18:43.0354 1868 WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll 09:18:43.0384 1868 WebClient - ok 09:18:43.0424 1868 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll 09:18:43.0446 1868 Wecsvc - ok 09:18:43.0486 1868 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll 09:18:43.0505 1868 wercplsupport - ok 09:18:43.0577 1868 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll 09:18:43.0628 1868 WerSvc - ok 09:18:43.0716 1868 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys 09:18:43.0783 1868 WfpLwf - ok 09:18:43.0797 1868 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys 09:18:43.0811 1868 WIMMount - ok 09:18:44.0003 1868 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll 09:18:44.0038 1868 WinDefend - ok 09:18:44.0044 1868 WinHttpAutoProxySvc - ok 09:18:44.0148 1868 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll 09:18:44.0168 1868 Winmgmt - ok 09:18:44.0218 1868 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll 09:18:44.0255 1868 WinRM - ok 09:18:44.0376 1868 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys 09:18:44.0398 1868 WinUsb - ok 09:18:44.0438 1868 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll 09:18:44.0473 1868 Wlansvc - ok 09:18:44.0491 1868 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys 09:18:44.0500 1868 WmiAcpi - ok 09:18:44.0637 1868 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe 09:18:44.0647 1868 wmiApSrv - ok 09:18:44.0752 1868 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe 09:18:44.0819 1868 WMPNetworkSvc - ok 09:18:44.0883 1868 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll 09:18:44.0896 1868 WPCSvc - ok 09:18:44.0928 1868 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll 09:18:44.0968 1868 WPDBusEnum - ok 09:18:45.0008 1868 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys 09:18:45.0043 1868 ws2ifsl - ok 09:18:45.0210 1868 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\system32\wscsvc.dll 09:18:45.0222 1868 wscsvc - ok 09:18:45.0228 1868 WSearch - ok 09:18:45.0286 1868 wuauserv (3026418a50c5b4761befa632cedb7406) C:\Windows\system32\wuaueng.dll 09:18:45.0333 1868 wuauserv - ok 09:18:45.0381 1868 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys 09:18:45.0412 1868 WudfPf - ok 09:18:45.0550 1868 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys 09:18:45.0570 1868 WUDFRd - ok 09:18:45.0636 1868 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll 09:18:45.0664 1868 wudfsvc - ok 09:18:45.0701 1868 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll 09:18:45.0715 1868 WwanSvc - ok 09:18:45.0830 1868 XIRLINK (246095d4fbb90fdfac8e50e37f0bbd26) C:\Windows\system32\DRIVERS\C-itnt.sys 09:18:45.0855 1868 XIRLINK ( UnsignedFile.Multi.Generic ) - warning 09:18:45.0855 1868 XIRLINK - detected UnsignedFile.Multi.Generic (1) 09:18:45.0899 1868 MBR (0x1B8) (faf3db026c90f586e5993588661e2612) \Device\Harddisk0\DR0 09:18:45.0932 1868 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - infected 09:18:45.0932 1868 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.b (0) 09:18:45.0960 1868 \Device\Harddisk0\DR0 ( TDSS File System ) - warning 09:18:45.0960 1868 \Device\Harddisk0\DR0 - detected TDSS File System (1) 09:18:45.0988 1868 Boot (0x1200) (9d19430d8b7aa3a7c4b810714bed685f) \Device\Harddisk0\DR0\Partition0 09:18:45.0989 1868 \Device\Harddisk0\DR0\Partition0 - ok 09:18:46.0005 1868 Boot (0x1200) (1bd29860322acba25c85b6fe4f0117d3) \Device\Harddisk0\DR0\Partition1 09:18:46.0006 1868 \Device\Harddisk0\DR0\Partition1 - ok 09:18:46.0007 1868 ============================================================ 09:18:46.0007 1868 Scan finished 09:18:46.0007 1868 ============================================================ 09:18:46.0014 2908 Detected object count: 19 09:18:46.0014 2908 Actual detected object count: 19 09:19:41.0042 2908 awhost32 ( UnsignedFile.Multi.Generic ) - skipped by user 09:19:41.0042 2908 awhost32 ( UnsignedFile.Multi.Generic ) - User select action: Skip 09:19:41.0042 2908 awlegacy ( UnsignedFile.Multi.Generic ) - skipped by user 09:19:41.0042 2908 awlegacy ( UnsignedFile.Multi.Generic ) - User select action: Skip 09:19:41.0043 2908 AW_HOST ( UnsignedFile.Multi.Generic ) - skipped by user 09:19:41.0044 2908 AW_HOST ( UnsignedFile.Multi.Generic ) - User select action: Skip 09:19:41.0045 2908 BVRPMPR5 ( UnsignedFile.Multi.Generic ) - skipped by user 09:19:41.0045 2908 BVRPMPR5 ( UnsignedFile.Multi.Generic ) - User select action: Skip 09:19:41.0046 2908 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user 09:19:41.0046 2908 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 09:19:41.0047 2908 Gernuwa ( UnsignedFile.Multi.Generic ) - skipped by user 09:19:41.0047 2908 Gernuwa ( UnsignedFile.Multi.Generic ) - User select action: Skip 09:19:41.0049 2908 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user 09:19:41.0049 2908 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip 09:19:41.0050 2908 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user 09:19:41.0050 2908 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 09:19:41.0052 2908 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user 09:19:41.0052 2908 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip 09:19:41.0053 2908 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user 09:19:41.0053 2908 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 09:19:41.0054 2908 PEVSystemStart ( UnsignedFile.Multi.Generic ) - skipped by user 09:19:41.0054 2908 PEVSystemStart ( UnsignedFile.Multi.Generic ) - User select action: Skip 09:19:41.0058 2908 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user 09:19:41.0058 2908 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 09:19:41.0058 2908 QBCFMonitorService ( UnsignedFile.Multi.Generic ) - skipped by user 09:19:41.0058 2908 QBCFMonitorService ( UnsignedFile.Multi.Generic ) - User select action: Skip 09:19:41.0060 2908 QBFCService ( UnsignedFile.Multi.Generic ) - skipped by user 09:19:41.0060 2908 QBFCService ( UnsignedFile.Multi.Generic ) - User select action: Skip 09:19:41.0062 2908 TrueSight ( UnsignedFile.Multi.Generic ) - skipped by user 09:19:41.0062 2908 TrueSight ( UnsignedFile.Multi.Generic ) - User select action: Skip 09:19:41.0162 2908 C:\Windows\system32\drivers\Wdf01000.sys - copied to quarantine 09:19:41.0200 2908 Backup copy found, using it.. 09:19:41.0211 2908 C:\Windows\system32\drivers\Wdf01000.sys - will be cured on reboot 09:19:41.0211 2908 Wdf01000 ( Virus.Win32.Rloader.a ) - User select action: Cure 09:19:41.0213 2908 XIRLINK ( UnsignedFile.Multi.Generic ) - skipped by user 09:19:41.0213 2908 XIRLINK ( UnsignedFile.Multi.Generic ) - User select action: Skip 09:19:41.0333 2908 \Device\Harddisk0\DR0\# - copied to quarantine 09:19:41.0333 2908 \Device\Harddisk0\DR0 - copied to quarantine 09:19:41.0360 2908 \Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine 09:19:41.0366 2908 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine 09:19:41.0368 2908 \Device\Harddisk0\DR0\TDLFS\phx.dll - copied to quarantine 09:19:41.0372 2908 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine 09:19:41.0380 2908 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine 09:19:41.0401 2908 \Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine 09:19:41.0408 2908 \Device\Harddisk0\DR0\TDLFS\phdx - copied to quarantine 09:19:41.0409 2908 \Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine 09:19:41.0410 2908 \Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine 09:19:41.0412 2908 \Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine 09:19:41.0413 2908 \Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine 09:19:41.0416 2908 \Device\Harddisk0\DR0\TDLFS\phlx - copied to quarantine 09:19:41.0448 2908 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - will be cured on reboot 09:19:41.0448 2908 \Device\Harddisk0\DR0 - ok 09:19:41.0450 2908 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - User select action: Cure 09:19:41.0450 2908 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user 09:19:41.0450 2908 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip 09:20:04.0224 1256 Deinitialize success

I have tried combofix twice. It crashed both times. One message I did get said that it was rootkit zero access.

I can't get into Normal mode any more. It says it can't load the desktop. Before I sent you the last DDS and Attach screens I was able to successfully run Malwarebytes and nothing was found.

Now when I search in google using quotes I get a completely blank page.

When I'm not in safe mode, it looks like svchost.exe is using more and more memory. Here is Attach and DDS when not in safe mode. Thanks. Attach: . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 2/16/2010 4:24:46 PM System Uptime: 3/31/2012 12:42:24 PM (0 hours ago) . Motherboard: Dell Inc. | | 0CKCXH Processor: Intel® Core2 Duo CPU E7500 @ 2.93GHz | Socket 775 | 2928/266mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 451 GiB total, 386.121 GiB free. D: is CDROM () F: is Removable . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP141: 2/2/2012 5:09:57 PM - Scheduled Checkpoint RP142: 2/10/2012 12:00:02 AM - Scheduled Checkpoint RP143: 2/26/2012 12:28:25 PM - Scheduled Checkpoint RP144: 3/5/2012 8:16:16 AM - Scheduled Checkpoint RP145: 3/13/2012 8:43:01 AM - Scheduled Checkpoint RP146: 3/21/2012 7:36:08 PM - Scheduled Checkpoint RP147: 3/29/2012 2:24:18 PM - Scheduled Checkpoint RP148: 3/29/2012 11:29:56 PM - Windows Update RP150: 3/30/2012 10:20:46 AM - Windows Update . ==== Installed Programs ====================== . 32 Bit HP CIO Components Installer Adobe Acrobat 9 Standard - English, Français, Deutsch Adobe Acrobat 9.1.2 - CPSID_49166 Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader 9.1.2 AIO_Scan Aleks 3.15 Apple Application Support Apple Mobile Device Support Apple Software Update Bonjour BufferChm C7200 C7200_Help Canon DIGITAL CAMERA Solution Disk Software Guide CANON iMAGE GATEWAY Task for ZoomBrowser EX Canon Internet Library for ZoomBrowser EX Canon MovieEdit Task for ZoomBrowser EX Canon Personal Printing Guide Canon PowerShot SX120 IS Camera User Guide Canon Utilities CameraWindow Canon Utilities CameraWindow DC Canon Utilities CameraWindow DC 8 Canon Utilities MyCamera Canon Utilities PhotoStitch Canon Utilities ZoomBrowser EX Canon ZoomBrowser EX Memory Card Utility Citrix online plug-in - web Citrix online plug-in (DV) Citrix online plug-in (HDX) Citrix online plug-in (USB) Citrix online plug-in (Web) Copy Dell Backup and Recovery Manager Dell Edoc Viewer Destinations DeviceDiscovery DocProc Dropbox Fax GPBaseService2 HP Imaging Device Functions 13.0 HP Photosmart All-In-One Driver Software 13.0 Rel. 2 HP Photosmart Essential 3.5 HP Smart Web Printing 4.51 HP Solution Center 13.0 HP Update HPPhotoGadget HPPhotoSmartDiscLabel_PaperLabel HPPhotoSmartDiscLabel_PrintOnDisc HPPhotoSmartDiscLabelContent1 hpphotosmartdisclabelplugin HPPhotosmartEssential HPProductAssistant Intel® Graphics Media Accelerator Driver Intel® TV Wizard Intel® Matrix Storage Manager iTunes Java 6 Update 17 Junk Mail filter update LiveReg (Symantec Corporation) LiveUpdate 1.80 (Symantec Corporation) Malwarebytes Anti-Malware version 1.60.1.1000 MFCLOC Microsoft Application Error Reporting Microsoft Choice Guard Microsoft Office 2007 Primary Interop Assemblies Microsoft Office Basic 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office Outlook MUI (English) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Search Enhancement Pack Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Sync Framework Runtime Native v1.0 (x86) Microsoft Sync Framework Services Native v1.0 (x86) Microsoft Visual Studio 2005 Tools for Office Runtime Mozilla Firefox 8.0.1 (x86 en-US) MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 4.0 SP2 Parser and SDK Network OCR Software by I.R.I.S. 13.0 PowerDVD DX PS_AIO_02_ProductContext PS_AIO_02_Software PS_AIO_02_Software_Min QuickBooks QuickBooks Pro 2010 QuickTime Realtek High Definition Audio Driver Roxio Creator Audio Roxio Creator Copy Roxio Creator Data Roxio Creator DE 10.3 Roxio Creator Tools Roxio Express Labeler 3 Roxio Update Manager Scan Skype Toolbars Skype™ 4.2 SmartWebPrinting SolutionCenter Status Symantec pcAnywhere Toolbox TrayApp UnloadSupport ViewChoice WebReg Where in the World Is Carmen Sandiego? Treasures of Knowledge Windows Live Communications Platform Windows Live Essentials Windows Live Mail Windows Live Movie Maker Windows Live Photo Gallery Windows Live Sign-in Assistant Windows Live Sync Windows Live Toolbar Windows Live Upload Tool Windows Live Writer . ==== Event Viewer Messages From Past Week ======== . 3/31/2012 12:41:13 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. 3/31/2012 12:32:12 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 3/31/2012 11:45:09 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 3/30/2012 9:54:29 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {D3DCB472-7261-43CE-924B-0704BD730D5F} 3/30/2012 9:54:29 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF} 3/30/2012 9:07:06 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046} 3/30/2012 12:30:39 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334} 3/30/2012 12:30:05 AM, Error: Service Control Manager [7023] - The Power service terminated with the following error: The service has not been started. 3/30/2012 12:29:58 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000c5 (0x00000004, 0x00000002, 0x00000000, 0x831317ff). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 033012-55848-01. 3/30/2012 12:29:57 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Plug and Play service to connect. 3/30/2012 12:29:57 AM, Error: Service Control Manager [7001] - The Windows Driver Foundation - User-mode Driver Framework service depends on the Plug and Play service which failed to start because of the following error: The service did not respond to the start or control request in a timely fashion. 3/30/2012 12:29:57 AM, Error: Service Control Manager [7001] - The Windows Audio service depends on the Windows Audio Endpoint Builder service which failed to start because of the following error: The dependency service or group failed to start. 3/30/2012 12:29:57 AM, Error: Service Control Manager [7001] - The Windows Audio Endpoint Builder service depends on the Plug and Play service which failed to start because of the following error: The service did not respond to the start or control request in a timely fashion. 3/30/2012 12:29:57 AM, Error: Service Control Manager [7000] - The Plug and Play service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 3/30/2012 12:19:30 AM, Error: Service Control Manager [7000] - The 5762 service failed to start due to the following error: The system cannot find the file specified. 3/30/2012 12:18:59 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service. 3/30/2012 12:18:29 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the LanmanServer service. 3/30/2012 12:00:17 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR2. 3/30/2012 11:45:15 AM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start. 3/30/2012 11:45:14 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 3/30/2012 11:45:13 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 3/30/2012 11:44:22 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: awlegacy ctxusbm discache spldr Wanarpv6 3/30/2012 11:40:38 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MMCSS service. 3/30/2012 11:40:38 AM, Error: Service Control Manager [7000] - The Multimedia Class Scheduler service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 3/30/2012 11:39:08 AM, Error: Service Control Manager [7000] - The Multimedia Class Scheduler service failed to start due to the following error: A thread could not be created for the service. 3/30/2012 11:36:11 AM, Error: Service Control Manager [7023] - The Multimedia Class Scheduler service terminated with the following error: Not enough storage is available to process this command. 3/30/2012 10:21:49 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80004005: Realtek - Network - Realtek PCIe GBE Family Controller. 3/30/2012 10:21:05 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Windows 7 (KB2639308). 3/30/2012 10:21:05 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80004005: Intel Corporation - Display - Intel® G45/G43 Express Chipset. 3/30/2012 1:39:45 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the TCP/IP NetBIOS Helper service to connect. 3/30/2012 1:39:45 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Network Store Interface Service service to connect. 3/30/2012 1:39:45 AM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The service did not respond to the start or control request in a timely fashion. 3/30/2012 1:39:45 AM, Error: Service Control Manager [7001] - The Windows Image Acquisition (WIA) service depends on the Shell Hardware Detection service which failed to start because of the following error: The dependency service or group failed to start. 3/30/2012 1:39:45 AM, Error: Service Control Manager [7001] - The Windows Firewall service depends on the Base Filtering Engine service which failed to start because of the following error: The dependency service or group failed to start. 3/30/2012 1:39:45 AM, Error: Service Control Manager [7001] - The Task Scheduler service depends on the Windows Event Log service which failed to start because of the following error: The service did not respond to the start or control request in a timely fashion. 3/30/2012 1:39:45 AM, Error: Service Control Manager [7001] - The Server service depends on the Security Accounts Manager service which failed to start because of the following error: The dependency service or group failed to start. 3/30/2012 1:39:45 AM, Error: Service Control Manager [7001] - The Security Center service depends on the Windows Management Instrumentation service which failed to start because of the following error: The dependency service or group failed to start. 3/30/2012 1:39:45 AM, Error: Service Control Manager [7001] - The Print Spooler service depends on the Remote Procedure Call (RPC) service which failed to start because of the following error: The dependency service or group failed to start. 3/30/2012 1:39:45 AM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Remote Procedure Call (RPC) service which failed to start because of the following error: The dependency service or group failed to start. 3/30/2012 1:39:45 AM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The service did not respond to the start or control request in a timely fashion. 3/30/2012 1:39:45 AM, Error: Service Control Manager [7001] - The Intel® Matrix Storage Event Monitor service depends on the Windows Management Instrumentation service which failed to start because of the following error: The dependency service or group failed to start. 3/30/2012 1:39:45 AM, Error: Service Control Manager [7001] - The HP CUE DeviceDiscovery Service service depends on the Remote Procedure Call (RPC) service which failed to start because of the following error: The dependency service or group failed to start. 3/30/2012 1:39:45 AM, Error: Service Control Manager [7001] - The DNS Client service depends on the Network Store Interface Service service which failed to start because of the following error: The service did not respond to the start or control request in a timely fashion. 3/30/2012 1:39:45 AM, Error: Service Control Manager [7001] - The Distributed Link Tracking Client service depends on the Remote Procedure Call (RPC) service which failed to start because of the following error: The dependency service or group failed to start. 3/30/2012 1:39:45 AM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Network Store Interface Service service which failed to start because of the following error: The service did not respond to the start or control request in a timely fashion. 3/30/2012 1:39:45 AM, Error: Service Control Manager [7001] - The Cryptographic Services service depends on the Remote Procedure Call (RPC) service which failed to start because of the following error: The dependency service or group failed to start. 3/30/2012 1:39:45 AM, Error: Service Control Manager [7001] - The Base Filtering Engine service depends on the Remote Procedure Call (RPC) service which failed to start because of the following error: The dependency service or group failed to start. 3/30/2012 1:39:45 AM, Error: Service Control Manager [7000] - The TCP/IP NetBIOS Helper service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 3/30/2012 1:39:45 AM, Error: Service Control Manager [7000] - The Network Store Interface Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 3/30/2012 1:39:44 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Event Log service to connect. 3/30/2012 1:39:44 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Driver Foundation - User-mode Driver Framework service to connect. 3/30/2012 1:39:44 AM, Error: Service Control Manager [7001] - The Windows Audio service depends on the Remote Procedure Call (RPC) service which failed to start because of the following error: The dependency service or group failed to start. 3/30/2012 1:39:44 AM, Error: Service Control Manager [7001] - The User Profile Service service depends on the Remote Procedure Call (RPC) service which failed to start because of the following error: The dependency service or group failed to start. 3/30/2012 1:39:44 AM, Error: Service Control Manager [7001] - The System Event Notification Service service depends on the COM+ Event System service which failed to start because of the following error: The dependency service or group failed to start. 3/30/2012 1:39:44 AM, Error: Service Control Manager [7001] - The Security Accounts Manager service depends on the Remote Procedure Call (RPC) service which failed to start because of the following error: The dependency service or group failed to start. 3/30/2012 1:39:44 AM, Error: Service Control Manager [7001] - The Group Policy Client service depends on the Remote Procedure Call (RPC) service which failed to start because of the following error: The dependency service or group failed to start. 3/30/2012 1:39:44 AM, Error: Service Control Manager [7001] - The COM+ Event System service depends on the Remote Procedure Call (RPC) service which failed to start because of the following error: The dependency service or group failed to start. 3/30/2012 1:39:44 AM, Error: Service Control Manager [7000] - The Windows Event Log service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 3/30/2012 1:39:44 AM, Error: Service Control Manager [7000] - The Windows Driver Foundation - User-mode Driver Framework service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 3/30/2012 1:39:43 AM, Error: Service Control Manager [7001] - The Remote Procedure Call (RPC) service depends on the DCOM Server Process Launcher service which failed to start because of the following error: The client of a component requested an operation which is not valid given the state of the component instance. 3/30/2012 1:39:42 AM, Error: Service Control Manager [7000] - The DCOM Server Process Launcher service failed to start due to the following error: The client of a component requested an operation which is not valid given the state of the component instance. 3/30/2012 1:29:30 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error: An instance of the service is already running. 3/30/2012 1:27:30 AM, Error: Service Control Manager [7034] - The Application Information service terminated unexpectedly. It has done this 1 time(s). 3/30/2012 1:27:30 AM, Error: Service Control Manager [7031] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 3/30/2012 1:27:30 AM, Error: Service Control Manager [7031] - The User Profile Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 3/30/2012 1:27:30 AM, Error: Service Control Manager [7031] - The Themes service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 3/30/2012 1:27:30 AM, Error: Service Control Manager [7031] - The Task Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 3/30/2012 1:27:30 AM, Error: Service Control Manager [7031] - The System Event Notification Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 3/30/2012 1:27:30 AM, Error: Service Control Manager [7031] - The Shell Hardware Detection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 3/30/2012 1:27:30 AM, Error: Service Control Manager [7031] - The Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 3/30/2012 1:27:30 AM, Error: Service Control Manager [7031] - The Multimedia Class Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 3/30/2012 1:27:30 AM, Error: Service Control Manager [7031] - The IP Helper service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 3/30/2012 1:27:30 AM, Error: Service Control Manager [7031] - The Group Policy Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 3/30/2012 1:27:30 AM, Error: Service Control Manager [7031] - The Computer Browser service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 3/30/2012 1:27:30 AM, Error: Service Control Manager [7031] - The Application Experience service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 3/30/2012 1:19:15 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service BITS with arguments "" in order to run the server: {4991D34B-80A1-4291-83B6-3328366B9097} 3/29/2012 9:59:03 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR8. 3/29/2012 9:58:53 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR7. 3/29/2012 9:58:29 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR6. 3/29/2012 9:57:21 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR5. 3/29/2012 9:57:03 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Schedule service. 3/29/2012 9:54:03 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the iphlpsvc service. 3/29/2012 9:51:03 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SENS service. 3/29/2012 9:05:45 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR4. 3/29/2012 8:33:30 PM, Error: AeLookupSvc [1] - The Application Experience Lookup service failed to initialize. 3/29/2012 8:33:01 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR3. 3/29/2012 6:31:13 PM, Error: Service Control Manager [7023] - The Problem Reports and Solutions Control Panel Support service terminated with the following error: Not enough storage is available to process this command. 3/29/2012 5:47:16 PM, Error: Service Control Manager [7000] - The Application Experience service failed to start due to the following error: A thread could not be created for the service. 3/29/2012 5:25:24 PM, Error: Service Control Manager [7023] - The Application Experience service terminated with the following error: Not enough storage is available to process this command. 3/29/2012 4:47:35 PM, Error: Schannel [36888] - The following fatal alert was generated: 40. The internal error state is 107. 3/29/2012 4:47:35 PM, Error: Schannel [36874] - An SSL 3.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed. 3/29/2012 11:52:46 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1. 3/29/2012 10:44:03 PM, Error: Service Control Manager [7023] - The Software Protection service terminated with the following error: The system cannot find the file specified. 3/29/2012 10:42:03 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: spldr 3/29/2012 10:41:56 PM, Error: Service Control Manager [7000] - The Link-Layer Topology Discovery Responder service failed to start due to the following error: The driver was not loaded because the system is booting into safe mode. 3/29/2012 10:41:56 PM, Error: Service Control Manager [7000] - The Link-Layer Topology Discovery Mapper I/O Driver service failed to start due to the following error: The driver was not loaded because the system is booting into safe mode. 3/29/2012 10:24:16 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start. 3/29/2012 10:23:57 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89} 3/29/2012 10:23:57 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E} 3/29/2012 10:23:44 PM, Error: Service Control Manager [7031] - The Windows Driver Foundation - User-mode Driver Framework service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 3/29/2012 10:23:44 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD awlegacy ctxusbm DfsC discache NetBIOS NetBT nsiproxy Psched rdbss spldr tdx Wanarpv6 WfpLwf 3/29/2012 10:23:44 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 3/29/2012 10:23:44 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 3/29/2012 10:23:44 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning. 3/29/2012 10:23:44 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 3/29/2012 10:23:44 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 3/29/2012 10:23:44 PM, Error: Service Control Manager [7001] - The Security Center service depends on the Windows Management Instrumentation service which failed to start because of the following error: The client of a component requested an operation which is not valid given the state of the component instance. 3/29/2012 10:23:44 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning. 3/29/2012 10:23:44 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 3/29/2012 10:23:44 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 3/29/2012 10:23:44 PM, Error: Service Control Manager [7001] - The Intel® Matrix Storage Event Monitor service depends on the Windows Management Instrumentation service which failed to start because of the following error: The client of a component requested an operation which is not valid given the state of the component instance. 3/29/2012 10:23:44 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning. 3/29/2012 10:23:44 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 3/29/2012 10:15:59 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Multimedia Class Scheduler service to connect. 3/29/2012 10:15:59 PM, Error: Service Control Manager [7001] - The Windows Audio service depends on the Multimedia Class Scheduler service which failed to start because of the following error: The service did not respond to the start or control request in a timely fashion. 3/29/2012 10:15:59 PM, Error: Service Control Manager [7000] - The TCP/IP NetBIOS Helper service failed to start due to the following error: The client of a component requested an operation which is not valid given the state of the component instance. 3/29/2012 10:15:59 PM, Error: Service Control Manager [7000] - The Desktop Window Manager Session Manager service failed to start due to the following error: The client of a component requested an operation which is not valid given the state of the component instance. 3/29/2012 10:10:10 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the gpsvc service. 3/29/2012 10:09:40 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Appinfo service. 3/29/2012 1:17:28 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {B77C4C36-0154-4C52-AB49-FAA03837E47F} and APPID {EA022610-0748-4C24-B229-6C507EBDFDBB} to the user Leslie-PC\Leslie SID (S-1-5-21-4099890314-3804951730-309443565-1001) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. 3/28/2012 7:25:58 PM, Error: Schannel [36888] - The following fatal alert was generated: 10. The internal error state is 10. 3/28/2012 10:42:46 PM, Error: Service Control Manager [7000] - The Multimedia Class Scheduler service failed to start due to the following error: The client of a component requested an operation which is not valid given the state of the component instance. 3/27/2012 1:10:08 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service. . ==== End Of File =========================== DDS: . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 8.0.7601.17514 Run by Leslie at 12:47:47 on 2012-03-31 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3037.1695 [GMT -4:00] . SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k hpdevmgmt C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\System32\svchost.exe -k HPZ12 C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe C:\Windows\system32\svchost.exe -k HPService C:\Windows\system32\WUDFHost.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe C:\Windows\system32\sppsvc.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\SearchProtocolHost.exe \\?\C:\Windows\system32\wbem\WMIADAP.EXE C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.yahoo.com/ uInternet Settings,ProxyOverride = *.local BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SearchHelper.dll BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Append to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert Link Target to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECapture.html IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab TCP: DhcpNameServer = 192.168.1.1 TCP: Interfaces\{6CE5E210-CC52-41B7-AF91-12C5C703AB63} : DhcpNameServer = 192.168.1.1 Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll Handler: intu-help-qb3 - {c5e479ea-0a65-4b05-8c6c-2fc8cc682eb4} - c:\program files\intuit\quickbooks 2010\HelpAsyncPluggableProtocol.dll Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - c:\windows\system32\mscoree.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll Notify: igfxcui - igfxdev.dll Notify: PCANotify - PCANotify.dll . ================= FIREFOX =================== . FF - ProfilePath - c:\users\leslie\appdata\roaming\mozilla\firefox\profiles\bgknw8eh.default\ FF - prefs.js: network.proxy.type - 0 FF - plugin: c:\program files\canon\zoombrowser ex\program\NPCIG.dll FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll . ============= SERVICES / DRIVERS =============== . R1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\drivers\ctxusbm.sys [2010-7-14 65584] R2 AERTFilters;Andrea RT Filters Service;c:\program files\realtek\audio\hda\AERTSrv.exe [2009-12-3 81920] R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-12-3 167936] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888] S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-3-13 52224] S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2011-3-13 1343400] S3 XIRLINK;IBM PC Camera;c:\windows\system32\drivers\C-itNT.sys [2010-10-4 486176] . =============== Created Last 30 ================ . 2012-03-30 17:24:43 13824 ----a-w- c:\windows\system32\drivers\TrueSight.sys 2012-03-30 05:47:40 -------- d-----w- c:\program files\Testing 2012-03-30 04:04:03 99328 ---ha-w- c:\programdata\o7t15sWM.exe_ 2012-03-30 03:30:53 981504 ------w- c:\windows\system32\wininet.dll 2012-03-29 02:13:01 158720 ---ha-w- c:\programdata\microsoft\windows\drm\AFFE.tmp . ==================== Find3M ==================== . . ============= FINISH: 12:49:53.95 ===============

I thought my problems were solved, but I'm stilling having problems. I tried to reinstall MBAM but I'm getting Access Denied. I tried Roguekiller but I the program stops working even after renaming it. Here are my most recent Attach and DDS files. Thanks. Attach: S SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . . ==== Disk Partitions ========================= . . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . No restore point in system. . ==== Installed Programs ====================== . 32 Bit HP CIO Components Installer Adobe Acrobat 9 Standard - English, Français, Deutsch Adobe Acrobat 9.1.2 - CPSID_49166 Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader 9.1.2 AIO_Scan Aleks 3.15 Apple Application Support Apple Mobile Device Support Apple Software Update Bonjour BufferChm C7200 C7200_Help Canon DIGITAL CAMERA Solution Disk Software Guide CANON iMAGE GATEWAY Task for ZoomBrowser EX Canon Internet Library for ZoomBrowser EX Canon MovieEdit Task for ZoomBrowser EX Canon Personal Printing Guide Canon PowerShot SX120 IS Camera User Guide Canon Utilities CameraWindow Canon Utilities CameraWindow DC Canon Utilities CameraWindow DC 8 Canon Utilities MyCamera Canon Utilities PhotoStitch Canon Utilities ZoomBrowser EX Canon ZoomBrowser EX Memory Card Utility Citrix online plug-in - web Citrix online plug-in (DV) Citrix online plug-in (HDX) Citrix online plug-in (USB) Citrix online plug-in (Web) Copy Dell Backup and Recovery Manager Dell Edoc Viewer Destinations DeviceDiscovery DocProc Dropbox Fax GPBaseService2 HP Imaging Device Functions 13.0 HP Photosmart All-In-One Driver Software 13.0 Rel. 2 HP Photosmart Essential 3.5 HP Smart Web Printing 4.51 HP Solution Center 13.0 HP Update HPPhotoGadget HPPhotoSmartDiscLabel_PaperLabel HPPhotoSmartDiscLabel_PrintOnDisc HPPhotoSmartDiscLabelContent1 hpphotosmartdisclabelplugin HPPhotosmartEssential HPProductAssistant Intel® Graphics Media Accelerator Driver Intel® TV Wizard Intel® Matrix Storage Manager iTunes Java 6 Update 17 Junk Mail filter update LiveReg (Symantec Corporation) LiveUpdate 1.80 (Symantec Corporation) Malwarebytes Anti-Malware version 1.60.1.1000 MFCLOC Microsoft Application Error Reporting Microsoft Choice Guard Microsoft Office 2007 Primary Interop Assemblies Microsoft Office Basic 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office Outlook MUI (English) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Search Enhancement Pack Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Sync Framework Runtime Native v1.0 (x86) Microsoft Sync Framework Services Native v1.0 (x86) Microsoft Visual Studio 2005 Tools for Office Runtime Mozilla Firefox 8.0.1 (x86 en-US) MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 4.0 SP2 Parser and SDK Network OCR Software by I.R.I.S. 13.0 PowerDVD DX PS_AIO_02_ProductContext PS_AIO_02_Software PS_AIO_02_Software_Min QuickBooks QuickBooks Pro 2010 QuickTime Realtek High Definition Audio Driver Roxio Creator Audio Roxio Creator Copy Roxio Creator Data Roxio Creator DE 10.3 Roxio Creator Tools Roxio Express Labeler 3 Roxio Update Manager Scan Skype Toolbars Skype™ 4.2 SmartWebPrinting SolutionCenter Status Symantec pcAnywhere Toolbox TrayApp UnloadSupport ViewChoice WebReg Where in the World Is Carmen Sandiego? Treasures of Knowledge Windows Live Communications Platform Windows Live Essentials Windows Live Mail Windows Live Movie Maker Windows Live Photo Gallery Windows Live Sign-in Assistant Windows Live Sync Windows Live Toolbar Windows Live Upload Tool Windows Live Writer . ==== End Of File =========================== . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 8.0.7601.17514 Run by Leslie at 11:00:26 on 2012-03-30 . ============== Running Processes =============== . . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.yahoo.com/ uInternet Settings,ProxyOverride = *.local BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SearchHelper.dll BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Append to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert Link Target to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECapture.html IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab TCP: DhcpNameServer = 192.168.1.1 TCP: Interfaces\{6CE5E210-CC52-41B7-AF91-12C5C703AB63} : DhcpNameServer = 192.168.1.1 Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll Handler: intu-help-qb3 - {c5e479ea-0a65-4b05-8c6c-2fc8cc682eb4} - c:\program files\intuit\quickbooks 2010\HelpAsyncPluggableProtocol.dll Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - c:\windows\system32\mscoree.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll Notify: igfxcui - igfxdev.dll Notify: PCANotify - PCANotify.dll . ================= FIREFOX =================== . FF - ProfilePath - c:\users\leslie\appdata\roaming\mozilla\firefox\profiles\bgknw8eh.default\ FF - prefs.js: network.proxy.type - 0 FF - plugin: c:\program files\canon\zoombrowser ex\program\NPCIG.dll FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll . ============= SERVICES / DRIVERS =============== . . =============== Created Last 30 ================ . 2012-03-30 14:39:03 13824 ----a-w- c:\windows\system32\drivers\TrueSight.sys 2012-03-30 05:47:40 -------- d-----w- c:\program files\Testing 2012-03-30 04:04:03 99328 ---ha-w- c:\programdata\o7t15sWM.exe_ 2012-03-30 03:30:53 981504 ------w- c:\windows\system32\wininet.dll 2012-03-29 02:13:01 158720 ---ha-w- c:\programdata\microsoft\windows\drm\AFFE.tmp . ==================== Find3M ==================== . . ============= FINISH: 11:00:56.72 ===============

I finally got Malwarebytes to run (had to rename the installation file); found 3 problems; now everything appears to be okay

My google searching starting resulting in a completely white screen and then the system started hanging. I updated and ran malwarebytes but nothing was found. I tried system restore but an unspecified error occurred. Any help would be appreciated. Thanks. Here is DDS: er_2011-08-26.01) - NTFSx86 Internet Explorer: 8.0.7601.17514 Run by Leslie at 0:23:06 on 2012-03-30 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3037.1131 [GMT -4:00] . SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k hpdevmgmt C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\System32\svchost.exe -k HPZ12 C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe C:\Windows\system32\svchost.exe -k HPService C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\SearchIndexer.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\wuauclt.exe C:\Windows\System32\svchost.exe -k swprv C:\Windows\System32\svchost.exe -k secsvcs C:\PROGRA~1\Java\jre6\bin\jp2launcher.exe C:\Program Files\Java\jre6\bin\java.exe C:\Windows\system32\conhost.exe C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe C:\Program Files\Windows Live\Toolbar\wltuser.exe C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe C:\Windows\system32\Macromed\Flash\FlashUtil11e_ActiveX.exe C:\Windows\servicing\TrustedInstaller.exe C:\ProgramData\vQKjDyPeBbSvEb.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.yahoo.com/ uInternet Settings,ProxyOverride = *.local BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SearchHelper.dll BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript mRun: [intuit SyncManager] c:\program files\common files\intuit\sync\IntuitSyncManager.exe startup mRun: [dplaysvr] c:\windows\system32\config\systemprofile\appdata\local\dplaysvr.exe mRun: [vQKjDyPeBbSvEb.exe] c:\programdata\vQKjDyPeBbSvEb.exe dRun: [dplaysvr] c:\windows\system32\config\systemprofile\appdata\local\dplaysvr.exe dRun: [Windows Update Server] c:\windows\system32\config\systemprofile\efc1f03e-5762.exe mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: DisableTaskMgr = 1 (0x1) dPolicies-system: DisableTaskMgr = 1 (0x1) IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Append to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert Link Target to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECapture.html IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab TCP: DhcpNameServer = 192.168.1.1 TCP: Interfaces\{6CE5E210-CC52-41B7-AF91-12C5C703AB63} : DhcpNameServer = 192.168.1.1 Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll Handler: intu-help-qb3 - {c5e479ea-0a65-4b05-8c6c-2fc8cc682eb4} - c:\program files\intuit\quickbooks 2010\HelpAsyncPluggableProtocol.dll Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - c:\windows\system32\mscoree.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll Notify: igfxcui - igfxdev.dll Notify: PCANotify - PCANotify.dll . ================= FIREFOX =================== . FF - ProfilePath - c:\users\leslie\appdata\roaming\mozilla\firefox\profiles\bgknw8eh.default\ FF - prefs.js: network.proxy.type - 0 FF - plugin: c:\program files\canon\zoombrowser ex\program\NPCIG.dll FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll . ============= SERVICES / DRIVERS =============== . R1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\drivers\ctxusbm.sys [2010-7-14 65584] R2 AERTFilters;Andrea RT Filters Service;c:\program files\realtek\audio\hda\AERTSrv.exe [2009-12-3 81920] R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-12-3 167936] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888] S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-3-13 52224] S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2011-3-13 1343400] S3 XIRLINK;IBM PC Camera;c:\windows\system32\drivers\C-itNT.sys [2010-10-4 486176] SUnknown 5762;5762; [x] . =============== Created Last 30 ================ . 2012-03-30 04:21:05 318464 ----a-w- c:\programdata\vQKjDyPeBbSvEb.exe 2012-03-30 04:09:58 99328 ----a-w- c:\programdata\o7t15sWM.exe 2012-03-30 04:04:03 99328 ----a-w- c:\programdata\o7t15sWM.exe_ 2012-03-29 02:13:01 158720 ----a-w- c:\programdata\microsoft\windows\drm\AFFE.tmp . ==================== Find3M ==================== . . ============= FINISH: 0:24:09.19 =============== Here is Attach: . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 2/16/2010 4:24:46 PM System Uptime: 3/29/2012 11:59:31 PM (1 hours ago) . Motherboard: Dell Inc. | | 0CKCXH Processor: Intel® Core2 Duo CPU E7500 @ 2.93GHz | Socket 775 | 2928/266mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 451 GiB total, 385.368 GiB free. D: is CDROM () G: is Removable . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP140: 1/26/2012 1:31:11 PM - Windows Update RP141: 2/2/2012 5:09:57 PM - Scheduled Checkpoint RP142: 2/10/2012 12:00:02 AM - Scheduled Checkpoint RP143: 2/26/2012 12:28:25 PM - Scheduled Checkpoint RP144: 3/5/2012 8:16:16 AM - Scheduled Checkpoint RP145: 3/13/2012 8:43:01 AM - Scheduled Checkpoint RP146: 3/21/2012 7:36:08 PM - Scheduled Checkpoint RP147: 3/29/2012 2:24:18 PM - Scheduled Checkpoint RP148: 3/29/2012 11:29:56 PM - Windows Update . ==== Installed Programs ====================== . 32 Bit HP CIO Components Installer Adobe Acrobat 9 Standard - English, Français, Deutsch Adobe Acrobat 9.1.2 - CPSID_49166 Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader 9.1.2 AIO_Scan Aleks 3.15 Apple Application Support Apple Mobile Device Support Apple Software Update Bonjour BufferChm C7200 C7200_Help Canon DIGITAL CAMERA Solution Disk Software Guide CANON iMAGE GATEWAY Task for ZoomBrowser EX Canon Internet Library for ZoomBrowser EX Canon MovieEdit Task for ZoomBrowser EX Canon Personal Printing Guide Canon PowerShot SX120 IS Camera User Guide Canon Utilities CameraWindow Canon Utilities CameraWindow DC Canon Utilities CameraWindow DC 8 Canon Utilities MyCamera Canon Utilities PhotoStitch Canon Utilities ZoomBrowser EX Canon ZoomBrowser EX Memory Card Utility Citrix online plug-in - web Citrix online plug-in (DV) Citrix online plug-in (HDX) Citrix online plug-in (USB) Citrix online plug-in (Web) Copy Dell Backup and Recovery Manager Dell Edoc Viewer Destinations DeviceDiscovery DocProc Dropbox Fax GPBaseService2 HP Imaging Device Functions 13.0 HP Photosmart All-In-One Driver Software 13.0 Rel. 2 HP Photosmart Essential 3.5 HP Smart Web Printing 4.51 HP Solution Center 13.0 HP Update HPPhotoGadget HPPhotoSmartDiscLabel_PaperLabel HPPhotoSmartDiscLabel_PrintOnDisc HPPhotoSmartDiscLabelContent1 hpphotosmartdisclabelplugin HPPhotosmartEssential HPProductAssistant Intel® Graphics Media Accelerator Driver Intel® TV Wizard Intel® Matrix Storage Manager iTunes Java 6 Update 17 Junk Mail filter update LiveReg (Symantec Corporation) LiveUpdate 1.80 (Symantec Corporation) Malwarebytes Anti-Malware version 1.60.1.1000 MFCLOC Microsoft Application Error Reporting Microsoft Choice Guard Microsoft Office 2007 Primary Interop Assemblies Microsoft Office Basic 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office Outlook MUI (English) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Search Enhancement Pack Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Sync Framework Runtime Native v1.0 (x86) Microsoft Sync Framework Services Native v1.0 (x86) Microsoft Visual Studio 2005 Tools for Office Runtime Mozilla Firefox 8.0.1 (x86 en-US) MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 4.0 SP2 Parser and SDK Network OCR Software by I.R.I.S. 13.0 PowerDVD DX PS_AIO_02_ProductContext PS_AIO_02_Software PS_AIO_02_Software_Min QuickBooks QuickBooks Pro 2010 QuickTime Realtek High Definition Audio Driver Roxio Creator Audio Roxio Creator Copy Roxio Creator Data Roxio Creator DE 10.3 Roxio Creator Tools Roxio Express Labeler 3 Roxio Update Manager Scan Skype Toolbars Skype™ 4.2 SmartWebPrinting SolutionCenter Status Symantec pcAnywhere Toolbox TrayApp UnloadSupport ViewChoice WebReg Where in the World Is Carmen Sandiego? Treasures of Knowledge Windows Live Communications Platform Windows Live Essentials Windows Live Mail Windows Live Movie Maker Windows Live Photo Gallery Windows Live Sign-in Assistant Windows Live Sync Windows Live Toolbar Windows Live Upload Tool Windows Live Writer . ==== Event Viewer Messages From Past Week ======== . 3/30/2012 12:19:30 AM, Error: Service Control Manager [7000] - The 5762 service failed to start due to the following error: The system cannot find the file specified. 3/30/2012 12:18:59 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service. 3/30/2012 12:18:29 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the LanmanServer service. 3/30/2012 12:00:17 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR2. 3/29/2012 9:59:03 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR8. 3/29/2012 9:58:53 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR7. 3/29/2012 9:58:29 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR6. 3/29/2012 9:57:21 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR5. 3/29/2012 9:57:03 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Schedule service. 3/29/2012 9:54:03 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the iphlpsvc service. 3/29/2012 9:51:03 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SENS service. 3/29/2012 9:05:45 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR4. 3/29/2012 8:33:30 PM, Error: AeLookupSvc [1] - The Application Experience Lookup service failed to initialize. 3/29/2012 8:33:05 PM, Error: Service Control Manager [7000] - The Multimedia Class Scheduler service failed to start due to the following error: A thread could not be created for the service. 3/29/2012 8:33:01 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR3. 3/29/2012 6:31:13 PM, Error: Service Control Manager [7023] - The Problem Reports and Solutions Control Panel Support service terminated with the following error: Not enough storage is available to process this command. 3/29/2012 5:47:16 PM, Error: Service Control Manager [7000] - The Application Experience service failed to start due to the following error: A thread could not be created for the service. 3/29/2012 5:38:31 PM, Error: Service Control Manager [7023] - The Multimedia Class Scheduler service terminated with the following error: Not enough storage is available to process this command. 3/29/2012 5:25:24 PM, Error: Service Control Manager [7023] - The Application Experience service terminated with the following error: Not enough storage is available to process this command. 3/29/2012 4:47:35 PM, Error: Schannel [36888] - The following fatal alert was generated: 40. The internal error state is 107. 3/29/2012 4:47:35 PM, Error: Schannel [36874] - An SSL 3.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed. 3/29/2012 11:57:46 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MMCSS service. 3/29/2012 11:57:46 PM, Error: Service Control Manager [7000] - The Multimedia Class Scheduler service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 3/29/2012 11:52:46 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1. 3/29/2012 11:30:52 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Windows 7 (KB2639308). 3/29/2012 11:17:42 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. 3/29/2012 11:17:41 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start. 3/29/2012 11:17:41 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 3/29/2012 11:17:41 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 3/29/2012 11:17:37 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 3/29/2012 11:17:27 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 3/29/2012 11:17:22 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: awlegacy ctxusbm discache spldr Wanarpv6 3/29/2012 10:44:03 PM, Error: Service Control Manager [7023] - The Software Protection service terminated with the following error: The system cannot find the file specified. 3/29/2012 10:42:03 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: spldr 3/29/2012 10:41:56 PM, Error: Service Control Manager [7000] - The Link-Layer Topology Discovery Responder service failed to start due to the following error: The driver was not loaded because the system is booting into safe mode. 3/29/2012 10:41:56 PM, Error: Service Control Manager [7000] - The Link-Layer Topology Discovery Mapper I/O Driver service failed to start due to the following error: The driver was not loaded because the system is booting into safe mode. 3/29/2012 10:24:16 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start. 3/29/2012 10:23:57 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89} 3/29/2012 10:23:57 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E} 3/29/2012 10:23:44 PM, Error: Service Control Manager [7031] - The Windows Driver Foundation - User-mode Driver Framework service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 3/29/2012 10:23:44 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD awlegacy ctxusbm DfsC discache NetBIOS NetBT nsiproxy Psched rdbss spldr tdx Wanarpv6 WfpLwf 3/29/2012 10:23:44 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 3/29/2012 10:23:44 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 3/29/2012 10:23:44 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning. 3/29/2012 10:23:44 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 3/29/2012 10:23:44 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 3/29/2012 10:23:44 PM, Error: Service Control Manager [7001] - The Security Center service depends on the Windows Management Instrumentation service which failed to start because of the following error: The client of a component requested an operation which is not valid given the state of the component instance. 3/29/2012 10:23:44 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning. 3/29/2012 10:23:44 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 3/29/2012 10:23:44 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 3/29/2012 10:23:44 PM, Error: Service Control Manager [7001] - The Intel® Matrix Storage Event Monitor service depends on the Windows Management Instrumentation service which failed to start because of the following error: The client of a component requested an operation which is not valid given the state of the component instance. 3/29/2012 10:23:44 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning. 3/29/2012 10:23:44 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 3/29/2012 10:15:59 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Multimedia Class Scheduler service to connect. 3/29/2012 10:15:59 PM, Error: Service Control Manager [7001] - The Windows Audio service depends on the Multimedia Class Scheduler service which failed to start because of the following error: The service did not respond to the start or control request in a timely fashion. 3/29/2012 10:15:59 PM, Error: Service Control Manager [7000] - The TCP/IP NetBIOS Helper service failed to start due to the following error: The client of a component requested an operation which is not valid given the state of the component instance. 3/29/2012 10:15:59 PM, Error: Service Control Manager [7000] - The Desktop Window Manager Session Manager service failed to start due to the following error: The client of a component requested an operation which is not valid given the state of the component instance. 3/29/2012 10:10:10 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the gpsvc service. 3/29/2012 10:09:40 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Appinfo service. 3/29/2012 1:17:28 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {B77C4C36-0154-4C52-AB49-FAA03837E47F} and APPID {EA022610-0748-4C24-B229-6C507EBDFDBB} to the user Leslie-PC\Leslie SID (S-1-5-21-4099890314-3804951730-309443565-1001) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. 3/28/2012 7:25:58 PM, Error: Schannel [36888] - The following fatal alert was generated: 10. The internal error state is 10. 3/28/2012 10:42:46 PM, Error: Service Control Manager [7000] - The Multimedia Class Scheduler service failed to start due to the following error: The client of a component requested an operation which is not valid given the state of the component instance. 3/27/2012 1:10:08 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service. . ==== End Of File ===========================