Jump to content

I am not sure if I am still infected

SarahL2011
 Share

Recommended Posts

SarahL2011

SarahL2011

Posted
Posted

Hi,

I received great help from Gringo a couple of weeks ago cleaning up my system. I haven't downloaded any new apps (and very few files) since then, but the problems I was having have now resurfaced. I may not have clarified all of them previously but here is that closed thread:

http://forums.malwarebytes.org/index.php?showtopic=123014&pid=650057&st=0entry650057

What happens now is that after about 5 minutes, apps stop opening--I click on them in the Taskbar, doubleclick from desktop or select them from Start Menu, and the same thing happens. Machine gives the "please wait" type icon for about ten seconds, then stops trying to open it. If I do Ctrl-Alt-Del I get black screen then the following message:

"The logon process was unable to display security and logon options when CTRL-ALT-DEL was pressed. If the operating system does not respond, press ESC or restart the computer using the power switch."

I then have to do a hard shutdown to get the computer to shut down--if I try anything else, it never completely shuts down, just keeps running a couple of processes (which I can't see since I can't get to the task manager.)

It all feels like there is some kind of deep malware running. Hope you can help!

I ran full scan of latest update of MWB, it found nothing. Here are the DDS and Attach logs:

DDS:

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 9.0.8112.16470

Run by Kevin Lofgren at 11:28:47 on 2013-04-03

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4004.2404 [GMT -4:00]

.

AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}

.

============== Running Processes ===============

.

C:\PROGRA~2\AVG\AVG2013\avgrsa.exe

C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe

C:\windows\system32\lsm.exe

C:\windows\system32\svchost.exe -k DcomLaunch

C:\windows\system32\svchost.exe -k RPCSS

C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\windows\system32\svchost.exe -k LocalService

C:\Program Files\IDT\WDM\STacSV64.exe

C:\windows\system32\svchost.exe -k NetworkService

C:\windows\system32\WLANExt.exe

C:\windows\System32\spoolsv.exe

C:\windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\AxiomCoders\ACProtector\ACProtector.exe

C:\Program Files\IDT\WDM\AESTSr64.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe

C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\windows\System32\svchost.exe -k HPZ12

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

C:\windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe

C:\windows\system32\Dwm.exe

C:\windows\Explorer.EXE

C:\windows\system32\taskhost.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\DellTPad\Apoint.exe

C:\Program Files\IDT\WDM\sttray64.exe

C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe

C:\Program Files (x86)\AVG\AVG2013\avgemca.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe

C:\Program Files (x86)\AVG\AVG2013\avgui.exe

C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe

C:\windows\SysWOW64\RunDll32.exe

C:\windows\system32\SearchIndexer.exe

C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files\DellTPad\ApMsgFwd.exe

C:\Program Files\DellTPad\HidFind.exe

C:\Program Files\DellTPad\Apntex.exe

C:\windows\system32\SearchProtocolHost.exe

C:\windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe

C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe

C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\windows\system32\sppsvc.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\windows\System32\svchost.exe -k WerSvcGroup

C:\windows\system32\SearchFilterHost.exe

C:\windows\system32\svchost.exe -k netsvcs

C:\windows\system32\wbem\wmiprvse.exe

C:\windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.yahoo.com/

BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL

TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

EB: Adobe PDF: {182EC0BE-5110-49C8-A062-BEB1D02A220B} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

mRun: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup

mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

uPolicies-Explorer: NoDrives = dword:0

mPolicies-Explorer: NoDrives = dword:0

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: Append to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert link target to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: Convert link target to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert selected links to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Convert selected links to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Convert selection to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: Convert selection to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105

IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

LSP: %systemroot%\AxiomLsp.dll

.

INFO: HKCU has more than 50 listed domains.

If you wish to scan all of them, select the 'Force scan all domains' option.

.

DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab

TCP: NameServer = 65.32.5.111 65.32.5.112

TCP: Interfaces\{700CAC20-9E2E-4FD7-9235-2DE8D9F7581E} : DHCPNameServer = 10.0.1.1

TCP: Interfaces\{FA84A3EA-7D81-40E5-9BCA-9041796D5547} : DHCPNameServer = 65.32.5.111 65.32.5.112

TCP: Interfaces\{FA84A3EA-7D81-40E5-9BCA-9041796D5547}\1666F687F586F6D656 : DHCPNameServer = 192.168.7.254

TCP: Interfaces\{FA84A3EA-7D81-40E5-9BCA-9041796D5547}\261627269656769627C6E6F647 : DHCPNameServer = 192.168.0.1

TCP: Interfaces\{FA84A3EA-7D81-40E5-9BCA-9041796D5547}\34F464D27455543545 : DHCPNameServer = 10.1.4.2 8.8.8.8

TCP: Interfaces\{FA84A3EA-7D81-40E5-9BCA-9041796D5547}\64162737471627 : DHCPNameServer = 10.0.1.1

TCP: Interfaces\{FA84A3EA-7D81-40E5-9BCA-9041796D5547}\D61696E6566756E647 : DHCPNameServer = 209.244.0.3 209.244.0.4

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

SSODL: WebCheck - <orphaned>

x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL

x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

x64-Run: [igfxTray] C:\windows\System32\igfxtray.exe

x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe

x64-Run: [Persistence] C:\windows\System32\igfxpers.exe

x64-Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe

x64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe

x64-Run: [stage Remote] C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe -Quiet

x64-Run: [DellStage] "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup

x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab

x64-DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab

x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab

x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

x64-Notify: igfxcui - igfxdev.dll

x64-SSODL: WebCheck - <orphaned>

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Kevin Lofgren\AppData\Roaming\Mozilla\Firefox\Profiles\ri5jkz4a.default\

FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Research In Motion Limited\BlackBerry App World Browser Plugin\npappworld.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll

FF - plugin: C:\windows\SysWOW64\npDeployJava1.dll

FF - plugin: C:\windows\SysWOW64\npmproxy.dll

FF - ExtSQL: 2013-03-09 11:37; rankchecker@seobook.com; C:\Users\Kevin Lofgren\AppData\Roaming\Mozilla\Firefox\Profiles\ri5jkz4a.default\extensions\rankchecker@seobook.com.xpi

.

============= SERVICES / DRIVERS ===============

.

R0 AVGIDSHA;AVGIDSHA;C:\windows\System32\drivers\avgidsha.sys [2012-10-15 63328]

R0 Avgloga;AVG Logging Driver;C:\windows\System32\drivers\avgloga.sys [2012-9-21 225120]

R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\windows\System32\drivers\avgmfx64.sys [2012-11-16 111968]

R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\windows\System32\drivers\avgrkx64.sys [2012-9-14 40800]

R0 PxHlpa64;PxHlpa64;C:\windows\System32\drivers\PxHlpa64.sys [2012-3-3 55856]

R1 AVGIDSDriver;AVGIDSDriver;C:\windows\System32\drivers\avgidsdrivera.sys [2012-10-22 154464]

R1 Avgldx64;AVG AVI Loader Driver;C:\windows\System32\drivers\avgldx64.sys [2012-10-2 185696]

R1 Avgtdia;AVG TDI Driver;C:\windows\System32\drivers\avgtdia.sys [2012-9-21 200032]

R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\windows\System32\drivers\dtsoftbus01.sys [2013-2-27 283200]

R2 ACProtector;AC Auto-update system;C:\Program Files\AxiomCoders\ACProtector\ACProtector.exe [2012-7-30 142808]

R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2012-3-3 89600]

R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2012-11-16 5814904]

R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2012-10-22 196664]

R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]

R2 DellDigitalDelivery;Dell Digital Delivery Service;C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2013-3-13 187912]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-3-3 13336]

R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]

R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-3-3 2656280]

R3 IntcDAud;Intel® Display Audio;C:\windows\System32\drivers\IntcDAud.sys [2012-3-3 317440]

R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2012-3-3 533096]

R3 Sftfs;Sftfs;C:\windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]

R3 Sftplay;Sftplay;C:\windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]

R3 Sftredir;Sftredir;C:\windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]

R3 Sftvol;Sftvol;C:\windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]

R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]

S3 BTWAMPFL;BTWAMPFL;C:\windows\System32\drivers\btwampfl.sys [2012-3-3 349736]

S3 btwl2cap;Bluetooth L2CAP Service;C:\windows\System32\drivers\btwl2cap.sys [2012-3-3 39464]

S3 DigiartyVirtualCDBus;Digiarty Virtual Driver;C:\windows\System32\drivers\DigiartyVirtualCDBus.sys [2012-8-21 276256]

S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;C:\Program Files\Dell Support Center\pcdsrvc_x64.pkms [2011-12-13 25072]

S3 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\RtsUStor.sys [2012-3-3 250984]

S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]

S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]

S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\drivers\usbaapl64.sys [2012-7-9 52736]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2012-5-22 1255736]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]

.

=============== Created Last 30 ================

.

2013-03-29 19:18:51 19968 ----a-w- C:\windows\System32\drivers\usb8023.sys

2013-03-29 19:14:29 -------- d-----w- C:\Program Files (x86)\Dell Digital Delivery

.

==================== Find3M ====================

.

2013-02-27 06:37:45 283200 ----a-w- C:\windows\System32\drivers\dtsoftbus01.sys

2013-02-12 05:45:24 135168 ----a-w- C:\windows\apppatch\AppPatch64\AcXtrnal.dll

2013-02-12 05:45:22 350208 ----a-w- C:\windows\apppatch\AppPatch64\AcLayers.dll

2013-02-12 05:45:22 308736 ----a-w- C:\windows\apppatch\AppPatch64\AcGenral.dll

2013-02-12 05:45:22 111104 ----a-w- C:\windows\apppatch\AppPatch64\acspecfc.dll

2013-02-12 04:48:31 474112 ----a-w- C:\windows\apppatch\AcSpecfc.dll

2013-02-12 04:48:26 2176512 ----a-w- C:\windows\apppatch\AcGenral.dll

2013-02-02 06:57:02 2312704 ----a-w- C:\windows\System32\jscript9.dll

2013-02-02 06:47:24 1494528 ----a-w- C:\windows\System32\inetcpl.cpl

2013-02-02 06:47:19 1392128 ----a-w- C:\windows\System32\wininet.dll

2013-02-02 06:42:18 173056 ----a-w- C:\windows\System32\ieUnatt.exe

2013-02-02 06:41:51 599040 ----a-w- C:\windows\System32\vbscript.dll

2013-02-02 06:38:01 2382848 ----a-w- C:\windows\System32\mshtml.tlb

2013-02-02 03:38:35 1800704 ----a-w- C:\windows\SysWow64\jscript9.dll

2013-02-02 03:30:32 1427968 ----a-w- C:\windows\SysWow64\inetcpl.cpl

2013-02-02 03:30:21 1129472 ----a-w- C:\windows\SysWow64\wininet.dll

2013-02-02 03:26:47 142848 ----a-w- C:\windows\SysWow64\ieUnatt.exe

2013-02-02 03:26:21 420864 ----a-w- C:\windows\SysWow64\vbscript.dll

2013-02-02 03:23:28 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb

2013-01-17 07:28:58 273840 ------w- C:\windows\System32\MpSigStub.exe

2013-01-13 21:17:03 9728 ---ha-w- C:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll

2013-01-13 21:17:02 2560 ---ha-w- C:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll

2013-01-13 21:16:42 10752 ---ha-w- C:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll

2013-01-13 21:12:46 3584 ---ha-w- C:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll

2013-01-13 21:11:21 4096 ---ha-w- C:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll

2013-01-13 21:11:08 5632 ---ha-w- C:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll

2013-01-13 21:11:07 5632 ---ha-w- C:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll

2013-01-13 21:11:07 3072 ---ha-w- C:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll

2013-01-13 21:11:07 3072 ---ha-w- C:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll

2013-01-13 20:35:31 9728 ---ha-w- C:\windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll

2013-01-13 20:35:31 2560 ---ha-w- C:\windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll

2013-01-13 20:35:18 10752 ---ha-w- C:\windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll

2013-01-13 20:32:07 3584 ---ha-w- C:\windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll

2013-01-13 20:31:48 4096 ---ha-w- C:\windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll

2013-01-13 20:31:41 5632 ---ha-w- C:\windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll

2013-01-13 20:31:40 5632 ---ha-w- C:\windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll

2013-01-13 20:31:40 3072 ---ha-w- C:\windows\System32\api-ms-win-downlevel-version-l1-1-0.dll

2013-01-13 20:31:40 3072 ---ha-w- C:\windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll

2013-01-13 20:31:00 1247744 ----a-w- C:\windows\SysWow64\DWrite.dll

2013-01-13 20:22:22 1988096 ----a-w- C:\windows\SysWow64\d3d10warp.dll

2013-01-13 20:20:31 293376 ----a-w- C:\windows\SysWow64\dxgi.dll

2013-01-13 20:09:00 249856 ----a-w- C:\windows\SysWow64\d3d10_1core.dll

2013-01-13 20:08:43 220160 ----a-w- C:\windows\SysWow64\d3d10core.dll

2013-01-13 20:08:35 1504768 ----a-w- C:\windows\SysWow64\d3d11.dll

2013-01-13 19:59:04 1643520 ----a-w- C:\windows\System32\DWrite.dll

2013-01-13 19:58:28 1175552 ----a-w- C:\windows\System32\FntCache.dll

2013-01-13 19:54:01 604160 ----a-w- C:\windows\SysWow64\d3d10level9.dll

2013-01-13 19:53:58 207872 ----a-w- C:\windows\SysWow64\WindowsCodecsExt.dll

2013-01-13 19:53:14 187392 ----a-w- C:\windows\SysWow64\UIAnimation.dll

2013-01-13 19:51:30 2565120 ----a-w- C:\windows\System32\d3d10warp.dll

2013-01-13 19:49:17 363008 ----a-w- C:\windows\System32\dxgi.dll

2013-01-13 19:48:47 161792 ----a-w- C:\windows\SysWow64\d3d10_1.dll

2013-01-13 19:46:25 1080832 ----a-w- C:\windows\SysWow64\d3d10.dll

2013-01-13 19:43:21 1230336 ----a-w- C:\windows\SysWow64\WindowsCodecs.dll

2013-01-13 19:38:39 333312 ----a-w- C:\windows\System32\d3d10_1core.dll

2013-01-13 19:38:32 1887232 ----a-w- C:\windows\System32\d3d11.dll

2013-01-13 19:38:21 296960 ----a-w- C:\windows\System32\d3d10core.dll

2013-01-13 19:37:57 3419136 ----a-w- C:\windows\SysWow64\d2d1.dll

2013-01-13 19:25:04 245248 ----a-w- C:\windows\System32\WindowsCodecsExt.dll

2013-01-13 19:24:33 648192 ----a-w- C:\windows\System32\d3d10level9.dll

2013-01-13 19:24:30 221184 ----a-w- C:\windows\System32\UIAnimation.dll

2013-01-13 19:20:42 194560 ----a-w- C:\windows\System32\d3d10_1.dll

2013-01-13 19:20:04 1238528 ----a-w- C:\windows\System32\d3d10.dll

2013-01-13 19:15:40 1424384 ----a-w- C:\windows\System32\WindowsCodecs.dll

2013-01-13 19:10:36 3928064 ----a-w- C:\windows\System32\d2d1.dll

2013-01-13 19:02:06 417792 ----a-w- C:\windows\SysWow64\WMPhoto.dll

2013-01-13 18:34:58 364544 ----a-w- C:\windows\SysWow64\XpsGdiConverter.dll

2013-01-13 18:32:43 465920 ----a-w- C:\windows\System32\WMPhoto.dll

2013-01-13 18:09:52 522752 ----a-w- C:\windows\System32\XpsGdiConverter.dll

2013-01-13 17:26:42 1158144 ----a-w- C:\windows\SysWow64\XpsPrint.dll

2013-01-13 17:05:09 1682432 ----a-w- C:\windows\System32\XpsPrint.dll

2013-01-05 05:53:43 5553512 ----a-w- C:\windows\System32\ntoskrnl.exe

2013-01-05 05:00:15 3967848 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe

2013-01-05 05:00:11 3913064 ----a-w- C:\windows\SysWow64\ntoskrnl.exe

2013-01-04 06:11:21 2284544 ----a-w- C:\windows\SysWow64\msmpeg2vdec.dll

2013-01-04 06:11:13 2776576 ----a-w- C:\windows\System32\msmpeg2vdec.dll

2013-01-04 05:46:09 215040 ----a-w- C:\windows\System32\winsrv.dll

2013-01-04 04:51:16 5120 ----a-w- C:\windows\SysWow64\wow32.dll

2013-01-04 04:43:21 44032 ----a-w- C:\windows\apppatch\acwow64.dll

2013-01-04 03:26:48 3153408 ----a-w- C:\windows\System32\win32k.sys

2013-01-04 02:47:35 25600 ----a-w- C:\windows\SysWow64\setup16.exe

2013-01-04 02:47:34 7680 ----a-w- C:\windows\SysWow64\instnm.exe

2013-01-04 02:47:34 2048 ----a-w- C:\windows\SysWow64\user.exe

2013-01-04 02:47:33 14336 ----a-w- C:\windows\SysWow64\ntvdm64.dll

.

============= FINISH: 11:29:57.90 ===============

Here is the Attach log:

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume2

Install Date: 5/20/2012 5:01:02 PM

System Uptime: 4/3/2013 11:23:53 AM (0 hours ago)

.

Motherboard: Dell Inc. | | 01HXXJ

Processor: Intel® Core i3-2350M CPU @ 2.30GHz | CPU 1 | 2300/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 451 GiB total, 374.341 GiB free.

D: is CDROM ()

F: is CDROM ()

.

==== Disabled Device Manager Items =============

.

Class GUID: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}

Description: Dell Wireless 1701 Bluetooth v3.0+HS

Device ID: USB\VID_0A5C&PID_21BC\642737D63CA6

Manufacturer: Broadcom

Name: Dell Wireless 1701 Bluetooth v3.0+HS

PNP Device ID: USB\VID_0A5C&PID_21BC\642737D63CA6

Service: BTHUSB

.

==== System Restore Points ===================

.

RP89: 2/27/2013 1:37:50 AM - Device Driver Package Install: DT Soft Ltd System devices

RP90: 2/28/2013 10:49:01 PM - Revo Uninstaller's restore point - Java 7 Update 7

RP91: 2/28/2013 10:49:24 PM - Removed Java 7 Update 7

RP92: 2/28/2013 10:51:55 PM - Revo Uninstaller's restore point - JavaFX 2.1.1

RP93: 2/28/2013 10:52:05 PM - Removed JavaFX 2.1.1

RP94: 3/2/2013 11:41:01 PM - Revo Uninstaller's restore point - UltraISO Premium V9.53

RP95: 3/2/2013 11:42:43 PM - Revo Uninstaller's restore point - BitTorrent

RP96: 3/2/2013 11:44:08 PM - Revo Uninstaller's restore point - BDlot DVD ISO Master 3.0.2

RP97: 3/2/2013 11:58:46 PM - Revo Uninstaller's restore point - Nero Update

RP98: 3/3/2013 12:02:56 AM - Revo Uninstaller's restore point - SyncUP

RP99: 3/3/2013 4:04:06 PM - Revo Uninstaller's restore point - Home Inventory Pro 2011

RP100: 3/3/2013 4:16:44 PM - Revo Uninstaller's restore point - Bochs 2.6 (remove only)

RP101: 3/3/2013 4:43:49 PM - Installed ABC Inventory Software

RP102: 3/3/2013 4:44:03 PM - Installed Microsoft Office Access Runtime (English) 2007

RP103: 3/3/2013 4:50:45 PM - Revo Uninstaller's restore point - ABC Inventory Software

RP104: 3/6/2013 11:53:38 PM - Revo Uninstaller's restore point - Google Chrome

RP105: 3/7/2013 10:43:32 PM - Windows Update

RP106: 3/8/2013 9:13:33 PM - Windows Update

RP107: 3/9/2013 12:35:55 AM - Windows Update

RP108: 3/30/2013 11:21:50 PM - Windows Update

RP109: 4/3/2013 12:43:46 AM - Revo Uninstaller's restore point - Google Chrome

.

==== Installed Programs ======================

.

Acala DVD Copy 3.4.4

Acala DVD Ripper Professional 6.3.5.275

Accidental Damage Services Agreement

Adobe Acrobat 8 Standard

Adobe Acrobat 8.1.0 Standard

Adobe AIR

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 ActiveX 64-bit

Adobe Flash Player 11 Plugin

Advanced Audio FX Engine

AIM for Windows

Amazon Kindle

Apple Application Support

Apple Mobile Device Support

Apple Software Update

AVG 2013

AxiomCoders FB Limiter version 1.5.0

Banctec Service Agreement

BlackBerry App World Browser Plugin

Bonjour

calibre

Canon MP530

CCleaner

Cisco WebEx Meetings

Complete Care Business Service Agreement

Consumer In-Home Service Agreement

Craigslist Anywhere

Cricut Driver v2.01

Cricut Craft Room®

D3DX10

DAEMON Tools Lite

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition

Dell Digital Delivery

Dell Edoc Viewer

Dell Getting Started Guide

Dell Home Systems Service Agreement

Dell Product Registration

Dell Stage

Dell Stage Remote

Dell Support Center

Dell Touchpad

DirectX 9 Runtime

DW WLAN Card

File Shredder 2.0

Google Talk (remove only)

GoToMeeting 5.1.0.880

HandBrake 0.9.6

HP Deskjet 1050 J410 series Basic Device Software

HP Deskjet 1050 J410 series Help

iCloud

IDT Audio

Intel® Control Center

Intel® Management Engine Components

Intel® Processor Graphics

Intel® Rapid Storage Technology

iTunes

Java 7 Update 1 (64-bit)

Junk Mail filter update

LongTailPro - Version 2.1.7

Malwarebytes Anti-Malware version 1.70.0.1100

Mesh Runtime

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft Application Error Reporting

Microsoft Office 2010 Service Pack 1 (SP1)

Microsoft Office Access MUI (English) 2010

Microsoft Office Access Runtime (English) 2007

Microsoft Office Access Setup Metadata MUI (English) 2010

Microsoft Office Click-to-Run 2010

Microsoft Office Excel MUI (English) 2010

Microsoft Office Home and Student 2010

Microsoft Office Office 64-bit Components 2010

Microsoft Office OneNote MUI (English) 2010

Microsoft Office Outlook MUI (English) 2010

Microsoft Office PowerPoint MUI (English) 2010

Microsoft Office Project MUI (English) 2010

Microsoft Office Project Professional 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (French) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (English) 2010

Microsoft Office Publisher MUI (English) 2010

Microsoft Office Shared 64-bit MUI (English) 2010

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010

Microsoft Office Shared MUI (English) 2010

Microsoft Office Shared Setup Metadata MUI (English) 2010

Microsoft Office Single Image 2010

Microsoft Office Word MUI (English) 2010

Microsoft Project 2010 Service Pack 1 (SP1)

Microsoft Project Professional 2010

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Mozilla Firefox 13.0.1 (x86 en-US)

Mozilla Maintenance Service

MSVCRT

MSVCRT_amd64

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

NOOK for PC

PhotoShowExpress

PlayReady PC Runtime x86

Premium Service Agreement

QualxServ Service Agreement

Quickset64

QuickTime

RBVirtualFolder64Inst

Realtek Ethernet Controller Driver

Realtek USB 2.0 Card Reader

Revo Uninstaller 1.94

Roxio Activation Module

Roxio BackOnTrack

Roxio Burn

Roxio Creator Starter

Roxio Express Labeler 3

Roxio File Backup

Scrum Solution Starter for Microsoft Project 2010

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft .NET Framework 4 Extended (KB2736428)

Security Update for Microsoft .NET Framework 4 Extended (KB2742595)

Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition

Security Update for Microsoft Filter Pack 2.0 (KB2553501) 32-Bit Edition

Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553091)

Security Update for Microsoft Office 2010 (KB2553096)

Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition

Security Update for Microsoft OneNote 2010 (KB2760600) 32-Bit Edition

Security Update for Microsoft Visio Viewer 2010 (KB2687505) 32-Bit Edition

Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition

Skype™ 5.10

Sonic CinePlayer Decoder Pack

SpywareBlaster 4.6

StartMeeting

The Extractor

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

Update for Microsoft Office 2010 (KB2553065)

Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition

Update for Microsoft Office 2010 (KB2566458)

Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition

Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition

Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition

Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition

Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition

Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition

Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition

Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition

Visual Studio 2010 x64 Redistributables

WIDCOMM Bluetooth Software

Windows Live Communications Platform

Windows Live Essentials

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Language Selector

Windows Live Mail

Windows Live Mesh

Windows Live Mesh ActiveX Control for Remote Connections

Windows Live Messenger

Windows Live MIME IFilter

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live Remote Client

Windows Live Remote Client Resources

Windows Live Remote Service

Windows Live Remote Service Resources

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

WinZip

Yahoo! Messenger

Yahoo! Software Update

.

==== Event Viewer Messages From Past Week ========

.

4/3/2013 12:39:24 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MMCSS service.

4/3/2013 12:39:24 AM, Error: Service Control Manager [7000] - The Multimedia Class Scheduler service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

4/3/2013 12:08:02 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.

4/3/2013 12:08:02 AM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

4/3/2013 12:07:41 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

4/3/2013 12:07:33 AM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

4/3/2013 12:07:33 AM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535.

4/3/2013 12:00:30 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Background Intelligent Transfer Service service, but this action failed with the following error: An instance of the service is already running.

4/3/2013 11:29:32 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Server service, but this action failed with the following error: An instance of the service is already running.

4/3/2013 11:29:32 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Application Experience service, but this action failed with the following error: An instance of the service is already running.

4/3/2013 11:28:32 AM, Error: Service Control Manager [7034] - The Application Information service terminated unexpectedly. It has done this 1 time(s).

4/3/2013 11:28:32 AM, Error: Service Control Manager [7031] - The Windows Update service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

4/3/2013 11:28:32 AM, Error: Service Control Manager [7031] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

4/3/2013 11:28:32 AM, Error: Service Control Manager [7031] - The User Profile Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

4/3/2013 11:28:32 AM, Error: Service Control Manager [7031] - The Themes service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

4/3/2013 11:28:32 AM, Error: Service Control Manager [7031] - The Task Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

4/3/2013 11:28:32 AM, Error: Service Control Manager [7031] - The System Event Notification Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

4/3/2013 11:28:32 AM, Error: Service Control Manager [7031] - The Shell Hardware Detection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

4/3/2013 11:28:32 AM, Error: Service Control Manager [7031] - The Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

4/3/2013 11:28:32 AM, Error: Service Control Manager [7031] - The Secondary Logon service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

4/3/2013 11:28:32 AM, Error: Service Control Manager [7031] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

4/3/2013 11:28:32 AM, Error: Service Control Manager [7031] - The Multimedia Class Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

4/3/2013 11:28:32 AM, Error: Service Control Manager [7031] - The IP Helper service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

4/3/2013 11:28:32 AM, Error: Service Control Manager [7031] - The IKE and AuthIP IPsec Keying Modules service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

4/3/2013 11:28:32 AM, Error: Service Control Manager [7031] - The Group Policy Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

4/3/2013 11:28:32 AM, Error: Service Control Manager [7031] - The Extensible Authentication Protocol service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

4/3/2013 11:28:32 AM, Error: Service Control Manager [7031] - The Computer Browser service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

4/3/2013 11:28:32 AM, Error: Service Control Manager [7031] - The Background Intelligent Transfer Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

4/3/2013 11:28:32 AM, Error: Service Control Manager [7031] - The Application Experience service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

4/3/2013 11:26:05 AM, Error: Service Control Manager [7034] - The Windows Live ID Sign-in Assistant service terminated unexpectedly. It has done this 3 time(s).

4/3/2013 11:25:51 AM, Error: Service Control Manager [7031] - The Windows Live ID Sign-in Assistant service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

4/3/2013 11:25:45 AM, Error: Service Control Manager [7023] - The Peer Name Resolution Protocol service terminated with the following error: %%-2140993535

4/3/2013 11:25:45 AM, Error: Service Control Manager [7001] - The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: %%-2140993535

4/3/2013 11:25:45 AM, Error: Microsoft-Windows-PNRPSvc [102] - The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.

4/3/2013 11:25:38 AM, Error: Service Control Manager [7031] - The Windows Live ID Sign-in Assistant service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

4/3/2013 11:24:39 AM, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.

4/3/2013 11:17:37 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error: An instance of the service is already running.

4/3/2013 11:17:37 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Computer Browser service, but this action failed with the following error: An instance of the service is already running.

4/3/2013 11:01:41 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the EapHost service.

4/3/2013 11:01:41 AM, Error: Service Control Manager [7000] - The Extensible Authentication Protocol service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

4/3/2013 11:01:11 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the gpsvc service.

4/3/2013 11:01:11 AM, Error: Service Control Manager [7000] - The Group Policy Client service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

4/3/2013 11:00:41 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IKEEXT service.

4/3/2013 11:00:41 AM, Error: Service Control Manager [7000] - The IKE and AuthIP IPsec Keying Modules service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

4/3/2013 11:00:11 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the iphlpsvc service.

4/3/2013 11:00:11 AM, Error: Service Control Manager [7000] - The IP Helper service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

4/3/2013 10:59:41 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Multimedia Class Scheduler service, but this action failed with the following error: An instance of the service is already running.

4/3/2013 10:59:41 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ProfSvc service.

4/3/2013 10:59:41 AM, Error: Service Control Manager [7000] - The User Profile Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

4/3/2013 10:59:11 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the RasMan service.

4/3/2013 10:59:11 AM, Error: Service Control Manager [7000] - The Remote Access Connection Manager service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

4/3/2013 10:58:41 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the seclogon service.

4/3/2013 10:58:41 AM, Error: Service Control Manager [7000] - The Secondary Logon service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

4/3/2013 10:58:11 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SENS service.

4/3/2013 10:58:11 AM, Error: Service Control Manager [7000] - The System Event Notification Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

4/2/2013 4:33:30 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.

4/2/2013 4:33:30 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.

4/2/2013 4:33:22 PM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\windows\System32\bcmihvsrv64.dll Error Code: 21

4/2/2013 4:33:06 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AVGIDSDriver Avgldx64 discache spldr Wanarpv6

4/2/2013 3:54:01 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Schedule service.

4/2/2013 3:53:31 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the wuauserv service.

4/2/2013 3:50:51 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Winmgmt service.

4/2/2013 3:49:50 PM, Error: Service Control Manager [7031] - The AVG WatchDog service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.

4/2/2013 11:42:26 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.

4/2/2013 11:41:36 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

4/2/2013 11:41:36 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

4/2/2013 11:41:34 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}

4/2/2013 11:41:34 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}

4/2/2013 11:41:33 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

4/2/2013 11:41:25 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}

4/2/2013 11:41:13 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD AVGIDSDriver Avgldx64 Avgtdia DfsC discache NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vwififlt Wanarpv6 WfpLwf ws2ifsl

4/2/2013 11:41:13 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

4/2/2013 11:41:13 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

4/2/2013 11:41:13 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.

4/2/2013 11:41:13 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

4/2/2013 11:41:13 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

4/2/2013 11:41:13 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.

4/2/2013 11:41:13 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

4/2/2013 11:41:13 PM, Error: Service Control Manager [7001] - The Network Connections service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

4/2/2013 11:41:13 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

4/2/2013 11:41:13 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.

4/2/2013 11:41:13 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

4/2/2013 11:41:13 PM, Error: Service Control Manager [7001] - The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error: The dependency service or group failed to start.

4/2/2013 11:41:13 PM, Error: Service Control Manager [7001] - The AVGIDSAgent service depends on the AVGIDSDriver service which failed to start because of the following error: A device attached to the system is not functioning.

4/2/2013 11:36:46 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Avgldx64

4/2/2013 11:36:44 AM, Error: Service Control Manager [7024] - The AVGIDSAgent service terminated with service-specific error %%-536805256.

4/2/2013 11:36:43 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the AC Auto-update system service to connect.

4/2/2013 11:36:43 AM, Error: Service Control Manager [7000] - The AC Auto-update system service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

3/30/2013 11:11:39 PM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume OS.

3/30/2013 10:50:57 PM, Error: Service Control Manager [7000] - The Dell Digital Delivery Service service failed to start due to the following error: The system cannot find the file specified.

3/29/2013 3:14:22 PM, Error: Service Control Manager [7034] - The Dell Digital Delivery Service service terminated unexpectedly. It has done this 1 time(s).

.

==== End Of File ===========================

Link to post
Share on other sites
Larusso

Larusso

Posted
Posted

Hy

my name is Daniel and I will be assisting you with your Malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.
  • I am currently visiting an evening school and working nightshift only which might be evening for you. In this time I am mostly online with my mobile devices and won't be able to reply.

Please download Farbar's Service Scanner and run it on the computer with the issue.

  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender

    [*]Press "Scan".[*]It will create a log (FSS.txt) in the same directory the tool is run.[*]Please copy and paste the log to your reply.

Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.exe and save it to your desktop

  • Execute TDSSKiller.exe by doubleclicking on it.
  • Press Start Scan
  • If Malicious objects are found, do NOT select Cure. Change the action to Skip, and save the log.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt

Please post the contents of that log in your next reply.

Link to post
Share on other sites
SarahL2011

SarahL2011

Posted
  • Author
Posted

Thanks Daniel for your help.

I ran both in "Safe Mode Without Networking" because now it is hanging on startup. :(

FSS file:

Farbar Service Scanner Version: 03-03-2013

Ran by Kevin Lofgren (administrator) on 03-04-2013 at 15:05:14

Running from "C:\Users\Kevin Lofgren\Desktop"

Windows 7 Home Premium Service Pack 1 (X64)

Boot Mode: Minimal

****************************************************************

Internet Services:

============

Dnscache Service is not running. Checking service configuration:

The start type of Dnscache service is OK.

The ImagePath of Dnscache service is OK.

The ServiceDll of Dnscache service is OK.

Dhcp Service is not running. Checking service configuration:

The start type of Dhcp service is OK.

The ImagePath of Dhcp service is OK.

The ServiceDll of Dhcp service is OK.

Nsi Service is not running. Checking service configuration:

The start type of Nsi service is OK.

The ImagePath of Nsi service is OK.

The ServiceDll of Nsi service is OK.

nsiproxy Service is not running. Checking service configuration:

The start type of nsiproxy service is OK.

The ImagePath of nsiproxy service is OK.

tdx Service is not running. Checking service configuration:

The start type of tdx service is OK.

The ImagePath of tdx service is OK.

afd Service is not running. Checking service configuration:

The start type of afd service is OK.

The ImagePath of afd service is OK.

Connection Status:

==============

Attempt to access Local Host IP returned error: Localhost is blocked: Other errors

There is no connection to network.

Attempt to access Google IP returned error. Other errors

Attempt to access Google.com returned error: Other errors

Attempt to access Yahoo IP returned error. Other errors

Attempt to access Yahoo.com returned error: Other errors

Windows Firewall:

=============

mpsdrv Service is not running. Checking service configuration:

The start type of mpsdrv service is OK.

The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:

The start type of MpsSvc service is OK.

The ImagePath of MpsSvc service is OK.

The ServiceDll of MpsSvc service is OK.

bfe Service is not running. Checking service configuration:

The start type of bfe service is OK.

The ImagePath of bfe service is OK.

The ServiceDll of bfe service is OK.

Firewall Disabled Policy:

==================

System Restore:

============

SDRSVC Service is not running. Checking service configuration:

The start type of SDRSVC service is OK.

The ImagePath of SDRSVC service is OK.

The ServiceDll of SDRSVC service is OK.

VSS Service is not running. Checking service configuration:

The start type of VSS service is OK.

The ImagePath of VSS service is OK.

System Restore Disabled Policy:

========================

Action Center:

============

wscsvc Service is not running. Checking service configuration:

The start type of wscsvc service is OK.

The ImagePath of wscsvc service is OK.

The ServiceDll of wscsvc service is OK.

Windows Update:

============

wuauserv Service is not running. Checking service configuration:

The start type of wuauserv service is OK.

The ImagePath of wuauserv service is OK.

The ServiceDll of wuauserv service is OK.

BITS Service is not running. Checking service configuration:

The start type of BITS service is OK.

The ImagePath of BITS service is OK.

The ServiceDll of BITS service is OK.

EventSystem Service is not running. Checking service configuration:

The start type of EventSystem service is OK.

The ImagePath of EventSystem service is OK.

The ServiceDll of EventSystem service is OK.

Windows Autoupdate Disabled Policy:

============================

Windows Defender:

==============

WinDefend Service is not running. Checking service configuration:

The start type of WinDefend service is set to Demand. The default start type is Auto.

The ImagePath of WinDefend service is OK.

The ServiceDll of WinDefend service is OK.

Windows Defender Disabled Policy:

==========================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]

"DisableAntiSpyware"=DWORD:1

Other Services:

==============

File Check:

========

C:\Windows\System32\nsisvc.dll => MD5 is legit

C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit

C:\Windows\System32\dhcpcore.dll => MD5 is legit

C:\Windows\System32\drivers\afd.sys => MD5 is legit

C:\Windows\System32\drivers\tdx.sys => MD5 is legit

C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit

C:\Windows\System32\dnsrslvr.dll => MD5 is legit

C:\Windows\System32\mpssvc.dll => MD5 is legit

C:\Windows\System32\bfe.dll => MD5 is legit

C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit

C:\Windows\System32\SDRSVC.dll => MD5 is legit

C:\Windows\System32\vssvc.exe => MD5 is legit

C:\Windows\System32\wscsvc.dll => MD5 is legit

C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit

C:\Windows\System32\wuaueng.dll => MD5 is legit

C:\Windows\System32\qmgr.dll => MD5 is legit

C:\Windows\System32\es.dll => MD5 is legit

C:\Windows\System32\cryptsvc.dll => MD5 is legit

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\System32\rpcss.dll => MD5 is legit

**** End of log ****

TDSS log:

15:05:39.0384 0868 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42

15:05:39.0525 0868 ============================================================

15:05:39.0525 0868 Current date / time: 2013/04/03 15:05:39.0525

15:05:39.0525 0868 SystemInfo:

15:05:39.0525 0868

15:05:39.0525 0868 OS Version: 6.1.7601 ServicePack: 1.0

15:05:39.0525 0868 Product type: Workstation

15:05:39.0525 0868 ComputerName: FARSTAR-PC1

15:05:39.0525 0868 UserName: Kevin Lofgren

15:05:39.0525 0868 Windows directory: C:\windows

15:05:39.0525 0868 System windows directory: C:\windows

15:05:39.0525 0868 Running under WOW64

15:05:39.0525 0868 Processor architecture: Intel x64

15:05:39.0525 0868 Number of processors: 4

15:05:39.0525 0868 Page size: 0x1000

15:05:39.0525 0868 Boot type: Safe boot

15:05:39.0525 0868 ============================================================

15:05:40.0352 0868 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

15:05:40.0352 0868 Drive \Device\Harddisk1\DR1 - Size: 0x753000000 (29.30 Gb), SectorSize: 0x200, Cylinders: 0xEF0, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'

15:05:40.0352 0868 Drive \Device\Harddisk2\DR2 - Size: 0x7A1000000 (30.52 Gb), SectorSize: 0x200, Cylinders: 0xF8F, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'

15:05:40.0367 0868 ============================================================

15:05:40.0367 0868 \Device\Harddisk0\DR0:

15:05:40.0367 0868 MBR partitions:

15:05:40.0367 0868 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D4C000

15:05:40.0367 0868 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D7E800, BlocksNum 0x38607030

15:05:40.0367 0868 \Device\Harddisk1\DR1:

15:05:40.0367 0868 MBR partitions:

15:05:40.0367 0868 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x3A97FC1

15:05:40.0367 0868 \Device\Harddisk2\DR2:

15:05:40.0367 0868 MBR partitions:

15:05:40.0367 0868 ============================================================

15:05:40.0430 0868 C: <-> \Device\Harddisk0\DR0\Partition2

15:05:40.0430 0868 ============================================================

15:05:40.0430 0868 Initialize success

15:05:40.0430 0868 ============================================================

15:05:47.0231 0528 ============================================================

15:05:47.0231 0528 Scan started

15:05:47.0231 0528 Mode: Manual;

15:05:47.0231 0528 ============================================================

15:05:47.0450 0528 ================ Scan system memory ========================

15:05:47.0450 0528 System memory - ok

15:05:47.0450 0528 ================ Scan services =============================

15:05:47.0621 0528 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys

15:05:47.0637 0528 1394ohci - ok

15:05:47.0668 0528 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys

15:05:47.0668 0528 ACPI - ok

15:05:47.0746 0528 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys

15:05:47.0746 0528 AcpiPmi - ok

15:05:47.0855 0528 [ 166E339BD4D8141E3BED519FC1004B56 ] ACProtector C:\Program Files\AxiomCoders\ACProtector\ACProtector.exe

15:05:47.0871 0528 ACProtector - ok

15:05:47.0918 0528 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\drivers\adp94xx.sys

15:05:47.0918 0528 adp94xx - ok

15:05:47.0980 0528 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\drivers\adpahci.sys

15:05:47.0996 0528 adpahci - ok

15:05:48.0027 0528 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\drivers\adpu320.sys

15:05:48.0027 0528 adpu320 - ok

15:05:48.0074 0528 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll

15:05:48.0089 0528 AeLookupSvc - ok

15:05:48.0183 0528 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe

15:05:48.0183 0528 AESTFilters - ok

15:05:48.0230 0528 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys

15:05:48.0245 0528 AFD - ok

15:05:48.0276 0528 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys

15:05:48.0276 0528 agp440 - ok

15:05:48.0354 0528 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe

15:05:48.0354 0528 ALG - ok

15:05:48.0386 0528 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys

15:05:48.0386 0528 aliide - ok

15:05:48.0401 0528 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys

15:05:48.0401 0528 amdide - ok

15:05:48.0417 0528 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\drivers\amdk8.sys

15:05:48.0417 0528 AmdK8 - ok

15:05:48.0432 0528 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\drivers\amdppm.sys

15:05:48.0432 0528 AmdPPM - ok

15:05:48.0464 0528 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys

15:05:48.0464 0528 amdsata - ok

15:05:48.0495 0528 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\drivers\amdsbs.sys

15:05:48.0495 0528 amdsbs - ok

15:05:48.0526 0528 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys

15:05:48.0526 0528 amdxata - ok

15:05:48.0604 0528 [ 6690E42CED5D067233ABAD42DA141213 ] ApfiltrService C:\windows\system32\DRIVERS\Apfiltr.sys

15:05:48.0604 0528 ApfiltrService - ok

15:05:48.0651 0528 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys

15:05:48.0651 0528 AppID - ok

15:05:48.0713 0528 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll

15:05:48.0713 0528 AppIDSvc - ok

15:05:48.0744 0528 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll

15:05:48.0744 0528 Appinfo - ok

15:05:48.0900 0528 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

15:05:48.0900 0528 Apple Mobile Device - ok

15:05:48.0963 0528 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\drivers\arc.sys

15:05:48.0963 0528 arc - ok

15:05:49.0010 0528 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\drivers\arcsas.sys

15:05:49.0025 0528 arcsas - ok

15:05:49.0166 0528 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

15:05:49.0197 0528 aspnet_state - ok

15:05:49.0228 0528 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys

15:05:49.0244 0528 AsyncMac - ok

15:05:49.0275 0528 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys

15:05:49.0275 0528 atapi - ok

15:05:49.0353 0528 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll

15:05:49.0368 0528 AudioEndpointBuilder - ok

15:05:49.0384 0528 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll

15:05:49.0400 0528 AudioSrv - ok

15:05:49.0634 0528 [ 4AFC14AFA58878FAA1D249E7E90EA54B ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe

15:05:49.0805 0528 AVGIDSAgent - ok

15:05:49.0883 0528 [ 388056EBD5FE6718FE669078DBE37897 ] AVGIDSDriver C:\windows\system32\DRIVERS\avgidsdrivera.sys

15:05:49.0883 0528 AVGIDSDriver - ok

15:05:49.0899 0528 [ 550E981747D6A6C55078C77346FFC2C6 ] AVGIDSHA C:\windows\system32\DRIVERS\avgidsha.sys

15:05:49.0899 0528 AVGIDSHA - ok

15:05:49.0946 0528 [ 5989592A91A17587799792A81E1541D4 ] Avgldx64 C:\windows\system32\DRIVERS\avgldx64.sys

15:05:49.0946 0528 Avgldx64 - ok

15:05:50.0008 0528 [ 3FC43AA02545FCDDC22817829114DEC8 ] Avgloga C:\windows\system32\DRIVERS\avgloga.sys

15:05:50.0008 0528 Avgloga - ok

15:05:50.0024 0528 [ 841C40C193889730848849AC220D9242 ] Avgmfx64 C:\windows\system32\DRIVERS\avgmfx64.sys

15:05:50.0024 0528 Avgmfx64 - ok

15:05:50.0055 0528 [ FE4F444DBE4BBBDFD8FECF49398DEFC7 ] Avgrkx64 C:\windows\system32\DRIVERS\avgrkx64.sys

15:05:50.0055 0528 Avgrkx64 - ok

15:05:50.0117 0528 [ 6E634525613D48A1D1657FB21F21F3B2 ] Avgtdia C:\windows\system32\DRIVERS\avgtdia.sys

15:05:50.0133 0528 Avgtdia - ok

15:05:50.0164 0528 [ 6B72E1E329C4E98C6B6FDD2D265E3BA3 ] avgwd C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe

15:05:50.0164 0528 avgwd - ok

15:05:50.0242 0528 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll

15:05:50.0242 0528 AxInstSV - ok

15:05:50.0289 0528 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys

15:05:50.0304 0528 b06bdrv - ok

15:05:50.0351 0528 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys

15:05:50.0351 0528 b57nd60a - ok

15:05:50.0507 0528 [ 783F1C7ED6B39454A8D1028D4F30768D ] BCM43XX C:\windows\system32\DRIVERS\bcmwl664.sys

15:05:50.0616 0528 BCM43XX - ok

15:05:50.0648 0528 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll

15:05:50.0648 0528 BDESVC - ok

15:05:50.0694 0528 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys

15:05:50.0694 0528 Beep - ok

15:05:50.0741 0528 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll

15:05:50.0757 0528 BFE - ok

15:05:50.0819 0528 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\system32\qmgr.dll

15:05:50.0835 0528 BITS - ok

15:05:50.0866 0528 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys

15:05:50.0882 0528 blbdrive - ok

15:05:50.0975 0528 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

15:05:50.0991 0528 Bonjour Service - ok

15:05:51.0022 0528 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys

15:05:51.0022 0528 bowser - ok

15:05:51.0069 0528 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys

15:05:51.0069 0528 BrFiltLo - ok

15:05:51.0069 0528 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys

15:05:51.0069 0528 BrFiltUp - ok

15:05:51.0100 0528 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\windows\system32\DRIVERS\bridge.sys

15:05:51.0116 0528 BridgeMP - ok

15:05:51.0147 0528 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll

15:05:51.0147 0528 Browser - ok

15:05:51.0194 0528 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys

15:05:51.0209 0528 Brserid - ok

15:05:51.0256 0528 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys

15:05:51.0256 0528 BrSerWdm - ok

15:05:51.0256 0528 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys

15:05:51.0256 0528 BrUsbMdm - ok

15:05:51.0272 0528 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys

15:05:51.0272 0528 BrUsbSer - ok

15:05:51.0303 0528 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\windows\system32\drivers\BthEnum.sys

15:05:51.0303 0528 BthEnum - ok

15:05:51.0318 0528 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys

15:05:51.0334 0528 BTHMODEM - ok

15:05:51.0350 0528 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\windows\system32\DRIVERS\bthpan.sys

15:05:51.0350 0528 BthPan - ok

15:05:51.0428 0528 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys

15:05:51.0428 0528 BTHPORT - ok

15:05:51.0490 0528 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll

15:05:51.0490 0528 bthserv - ok

15:05:51.0537 0528 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys

15:05:51.0537 0528 BTHUSB - ok

15:05:51.0584 0528 [ A0DFB69ADE3444C78B17636FCF28E898 ] BTWAMPFL C:\windows\system32\DRIVERS\btwampfl.sys

15:05:51.0599 0528 BTWAMPFL - ok

15:05:51.0630 0528 [ F6135859A582A7294BA7A3336E08BAA1 ] btwaudio C:\windows\system32\drivers\btwaudio.sys

15:05:51.0630 0528 btwaudio - ok

15:05:51.0677 0528 [ 3DEF2370E414B4E299673558BA171A51 ] btwavdt C:\windows\system32\DRIVERS\btwavdt.sys

15:05:51.0677 0528 btwavdt - ok

15:05:51.0771 0528 [ B7DEA77EE893806859072274EE8EC8FC ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

15:05:51.0786 0528 btwdins - ok

15:05:51.0864 0528 [ 9AD0FA253ED531D39FB2D74FE12A5FA9 ] btwl2cap C:\windows\system32\DRIVERS\btwl2cap.sys

15:05:51.0864 0528 btwl2cap - ok

15:05:51.0911 0528 [ 9937E0E4DFC0030560A6DFE9D3A94B39 ] btwrchid C:\windows\system32\DRIVERS\btwrchid.sys

15:05:51.0911 0528 btwrchid - ok

15:05:51.0942 0528 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys

15:05:51.0942 0528 cdfs - ok

15:05:52.0005 0528 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys

15:05:52.0005 0528 cdrom - ok

15:05:52.0036 0528 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll

15:05:52.0052 0528 CertPropSvc - ok

15:05:52.0083 0528 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\drivers\circlass.sys

15:05:52.0083 0528 circlass - ok

15:05:52.0114 0528 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys

15:05:52.0114 0528 CLFS - ok

15:05:52.0192 0528 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

15:05:52.0192 0528 clr_optimization_v2.0.50727_32 - ok

15:05:52.0254 0528 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

15:05:52.0254 0528 clr_optimization_v2.0.50727_64 - ok

15:05:52.0317 0528 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

15:05:52.0395 0528 clr_optimization_v4.0.30319_32 - ok

15:05:52.0410 0528 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

15:05:52.0457 0528 clr_optimization_v4.0.30319_64 - ok

15:05:52.0488 0528 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys

15:05:52.0488 0528 CmBatt - ok

15:05:52.0520 0528 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys

15:05:52.0520 0528 cmdide - ok

15:05:52.0582 0528 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys

15:05:52.0582 0528 CNG - ok

15:05:52.0613 0528 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\drivers\compbatt.sys

15:05:52.0613 0528 Compbatt - ok

15:05:52.0644 0528 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys

15:05:52.0644 0528 CompositeBus - ok

15:05:52.0676 0528 COMSysApp - ok

15:05:52.0691 0528 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\drivers\crcdisk.sys

15:05:52.0691 0528 crcdisk - ok

15:05:52.0769 0528 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\windows\system32\cryptsvc.dll

15:05:52.0769 0528 CryptSvc - ok

15:05:52.0816 0528 CtClsFlt - ok

15:05:52.0894 0528 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

15:05:52.0910 0528 cvhsvc - ok

15:05:53.0003 0528 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll

15:05:53.0003 0528 DcomLaunch - ok

15:05:53.0066 0528 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll

15:05:53.0066 0528 defragsvc - ok

15:05:53.0175 0528 [ 37F54F1D659D25CF02CE9979920231AF ] DellDigitalDelivery C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe

15:05:53.0175 0528 DellDigitalDelivery - ok

15:05:53.0222 0528 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys

15:05:53.0222 0528 DfsC - ok

15:05:53.0284 0528 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll

15:05:53.0284 0528 Dhcp - ok

15:05:53.0346 0528 [ 79B9D7643C9E3AD10B89DF8EF0A9D2FE ] DigiartyVirtualCDBus C:\windows\system32\drivers\DigiartyVirtualCDBus.sys

15:05:53.0346 0528 DigiartyVirtualCDBus - ok

15:05:53.0409 0528 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys

15:05:53.0409 0528 discache - ok

15:05:53.0456 0528 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\drivers\disk.sys

15:05:53.0456 0528 Disk - ok

15:05:53.0471 0528 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll

15:05:53.0487 0528 Dnscache - ok

15:05:53.0534 0528 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll

15:05:53.0534 0528 dot3svc - ok

15:05:53.0596 0528 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll

15:05:53.0596 0528 DPS - ok

15:05:53.0627 0528 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys

15:05:53.0627 0528 drmkaud - ok

15:05:53.0705 0528 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\windows\system32\DRIVERS\dtsoftbus01.sys

15:05:53.0705 0528 dtsoftbus01 - ok

15:05:53.0752 0528 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys

15:05:53.0768 0528 DXGKrnl - ok

15:05:53.0814 0528 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll

15:05:53.0814 0528 EapHost - ok

15:05:53.0908 0528 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\drivers\evbda.sys

15:05:54.0017 0528 ebdrv - ok

15:05:54.0048 0528 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe

15:05:54.0048 0528 EFS - ok

15:05:54.0142 0528 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe

15:05:54.0158 0528 ehRecvr - ok

15:05:54.0173 0528 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe

15:05:54.0189 0528 ehSched - ok

15:05:54.0267 0528 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\drivers\elxstor.sys

15:05:54.0282 0528 elxstor - ok

15:05:54.0282 0528 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys

15:05:54.0282 0528 ErrDev - ok

15:05:54.0329 0528 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll

15:05:54.0345 0528 EventSystem - ok

15:05:54.0376 0528 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys

15:05:54.0376 0528 exfat - ok

15:05:54.0407 0528 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys

15:05:54.0407 0528 fastfat - ok

15:05:54.0470 0528 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe

15:05:54.0485 0528 Fax - ok

15:05:54.0501 0528 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\drivers\fdc.sys

15:05:54.0501 0528 fdc - ok

15:05:54.0516 0528 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll

15:05:54.0516 0528 fdPHost - ok

15:05:54.0532 0528 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll

15:05:54.0532 0528 FDResPub - ok

15:05:54.0548 0528 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys

15:05:54.0548 0528 FileInfo - ok

15:05:54.0594 0528 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys

15:05:54.0594 0528 Filetrace - ok

15:05:54.0657 0528 [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

15:05:54.0672 0528 FLEXnet Licensing Service - ok

15:05:54.0719 0528 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\drivers\flpydisk.sys

15:05:54.0719 0528 flpydisk - ok

15:05:54.0750 0528 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys

15:05:54.0750 0528 FltMgr - ok

15:05:54.0828 0528 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\windows\system32\FntCache.dll

15:05:54.0844 0528 FontCache - ok

15:05:54.0906 0528 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

15:05:54.0906 0528 FontCache3.0.0.0 - ok

15:05:54.0953 0528 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys

15:05:54.0953 0528 FsDepends - ok

15:05:55.0000 0528 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys

15:05:55.0000 0528 Fs_Rec - ok

15:05:55.0016 0528 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys

15:05:55.0031 0528 fvevol - ok

15:05:55.0047 0528 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys

15:05:55.0047 0528 gagp30kx - ok

15:05:55.0140 0528 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys

15:05:55.0140 0528 GEARAspiWDM - ok

15:05:55.0203 0528 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll

15:05:55.0218 0528 gpsvc - ok

15:05:55.0234 0528 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys

15:05:55.0250 0528 hcw85cir - ok

15:05:55.0281 0528 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys

15:05:55.0296 0528 HdAudAddService - ok

15:05:55.0312 0528 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys

15:05:55.0328 0528 HDAudBus - ok

15:05:55.0328 0528 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\drivers\HidBatt.sys

15:05:55.0328 0528 HidBatt - ok

15:05:55.0343 0528 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\drivers\hidbth.sys

15:05:55.0343 0528 HidBth - ok

15:05:55.0343 0528 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\drivers\hidir.sys

15:05:55.0343 0528 HidIr - ok

15:05:55.0390 0528 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\System32\hidserv.dll

15:05:55.0390 0528 hidserv - ok

15:05:55.0437 0528 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys

15:05:55.0437 0528 HidUsb - ok

15:05:55.0484 0528 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll

15:05:55.0484 0528 hkmsvc - ok

15:05:55.0499 0528 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll

15:05:55.0499 0528 HomeGroupListener - ok

15:05:55.0546 0528 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll

15:05:55.0562 0528 HomeGroupProvider - ok

15:05:55.0577 0528 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys

15:05:55.0577 0528 HpSAMD - ok

15:05:55.0640 0528 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys

15:05:55.0640 0528 HTTP - ok

15:05:55.0671 0528 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys

15:05:55.0671 0528 hwpolicy - ok

15:05:55.0686 0528 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys

15:05:55.0702 0528 i8042prt - ok

15:05:55.0764 0528 [ D469B77687E12FE43E344806740B624D ] iaStor C:\windows\system32\DRIVERS\iaStor.sys

15:05:55.0764 0528 iaStor - ok

15:05:55.0842 0528 [ 983FC69644DDF0486C8DFEA262948D1A ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

15:05:55.0842 0528 IAStorDataMgrSvc - ok

15:05:55.0874 0528 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys

15:05:55.0889 0528 iaStorV - ok

15:05:55.0952 0528 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

15:05:55.0967 0528 idsvc - ok

15:05:56.0295 0528 [ 795C99DC4F574C97C03D0BB39CF099EE ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys

15:05:56.0591 0528 igfx - ok

15:05:56.0622 0528 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\drivers\iirsp.sys

15:05:56.0622 0528 iirsp - ok

15:05:56.0685 0528 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll

15:05:56.0700 0528 IKEEXT - ok

15:05:56.0747 0528 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\windows\system32\DRIVERS\IntcDAud.sys

15:05:56.0747 0528 IntcDAud - ok

15:05:56.0778 0528 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys

15:05:56.0778 0528 intelide - ok

15:05:56.0810 0528 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys

15:05:56.0810 0528 intelppm - ok

15:05:56.0856 0528 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll

15:05:56.0856 0528 IPBusEnum - ok

15:05:56.0872 0528 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys

15:05:56.0872 0528 IpFilterDriver - ok

15:05:56.0919 0528 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\windows\System32\iphlpsvc.dll

15:05:56.0919 0528 iphlpsvc - ok

15:05:56.0934 0528 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys

15:05:56.0950 0528 IPMIDRV - ok

15:05:56.0950 0528 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys

15:05:56.0950 0528 IPNAT - ok

15:05:57.0028 0528 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe

15:05:57.0044 0528 iPod Service - ok

15:05:57.0075 0528 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys

15:05:57.0090 0528 IRENUM - ok

15:05:57.0106 0528 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys

15:05:57.0106 0528 isapnp - ok

15:05:57.0184 0528 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys

15:05:57.0200 0528 iScsiPrt - ok

15:05:57.0262 0528 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys

15:05:57.0262 0528 kbdclass - ok

15:05:57.0293 0528 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys

15:05:57.0293 0528 kbdhid - ok

15:05:57.0324 0528 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe

15:05:57.0324 0528 KeyIso - ok

15:05:57.0371 0528 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys

15:05:57.0371 0528 KSecDD - ok

15:05:57.0387 0528 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys

15:05:57.0387 0528 KSecPkg - ok

15:05:57.0418 0528 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys

15:05:57.0418 0528 ksthunk - ok

15:05:57.0465 0528 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll

15:05:57.0480 0528 KtmRm - ok

15:05:57.0543 0528 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\System32\srvsvc.dll

15:05:57.0543 0528 LanmanServer - ok

15:05:57.0574 0528 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll

15:05:57.0574 0528 LanmanWorkstation - ok

15:05:57.0621 0528 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys

15:05:57.0621 0528 lltdio - ok

15:05:57.0668 0528 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll

15:05:57.0668 0528 lltdsvc - ok

15:05:57.0683 0528 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll

15:05:57.0683 0528 lmhosts - ok

15:05:57.0730 0528 [ 98B16E756243BEA9410E32025B19C06F ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

15:05:57.0730 0528 LMS - ok

15:05:57.0761 0528 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys

15:05:57.0777 0528 LSI_FC - ok

15:05:57.0792 0528 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys

15:05:57.0792 0528 LSI_SAS - ok

15:05:57.0808 0528 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys

15:05:57.0808 0528 LSI_SAS2 - ok

15:05:57.0839 0528 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys

15:05:57.0839 0528 LSI_SCSI - ok

15:05:57.0870 0528 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys

15:05:57.0886 0528 luafv - ok

15:05:57.0917 0528 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll

15:05:57.0933 0528 Mcx2Svc - ok

15:05:57.0933 0528 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\drivers\megasas.sys

15:05:57.0948 0528 megasas - ok

15:05:57.0980 0528 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\drivers\MegaSR.sys

15:05:57.0995 0528 MegaSR - ok

15:05:58.0026 0528 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\windows\system32\DRIVERS\HECIx64.sys

15:05:58.0026 0528 MEIx64 - ok

15:05:58.0073 0528 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll

15:05:58.0073 0528 MMCSS - ok

15:05:58.0073 0528 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys

15:05:58.0073 0528 Modem - ok

15:05:58.0104 0528 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys

15:05:58.0104 0528 monitor - ok

15:05:58.0104 0528 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys

15:05:58.0120 0528 mouclass - ok

15:05:58.0136 0528 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\drivers\mouhid.sys

15:05:58.0136 0528 mouhid - ok

15:05:58.0167 0528 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys

15:05:58.0167 0528 mountmgr - ok

15:05:58.0245 0528 [ 15D5398EED42C2504BB3D4FC875C15D1 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

15:05:58.0245 0528 MozillaMaintenance - ok

15:05:58.0276 0528 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys

15:05:58.0276 0528 mpio - ok

15:05:58.0307 0528 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys

15:05:58.0307 0528 mpsdrv - ok

15:05:58.0354 0528 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\windows\system32\mpssvc.dll

15:05:58.0370 0528 MpsSvc - ok

15:05:58.0370 0528 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys

15:05:58.0385 0528 MRxDAV - ok

15:05:58.0401 0528 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys

15:05:58.0401 0528 mrxsmb - ok

15:05:58.0416 0528 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys

15:05:58.0432 0528 mrxsmb10 - ok

15:05:58.0463 0528 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys

15:05:58.0479 0528 mrxsmb20 - ok

15:05:58.0479 0528 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\drivers\msahci.sys

15:05:58.0479 0528 msahci - ok

15:05:58.0526 0528 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys

15:05:58.0526 0528 msdsm - ok

15:05:58.0572 0528 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe

15:05:58.0572 0528 MSDTC - ok

15:05:58.0604 0528 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys

15:05:58.0604 0528 Msfs - ok

15:05:58.0635 0528 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys

15:05:58.0635 0528 mshidkmdf - ok

15:05:58.0650 0528 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys

15:05:58.0650 0528 msisadrv - ok

15:05:58.0697 0528 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll

15:05:58.0713 0528 MSiSCSI - ok

15:05:58.0713 0528 msiserver - ok

15:05:58.0760 0528 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys

15:05:58.0760 0528 MSKSSRV - ok

15:05:58.0760 0528 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys

15:05:58.0760 0528 MSPCLOCK - ok

15:05:58.0791 0528 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys

15:05:58.0791 0528 MSPQM - ok

15:05:58.0822 0528 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys

15:05:58.0822 0528 MsRPC - ok

15:05:58.0838 0528 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys

15:05:58.0838 0528 mssmbios - ok

15:05:58.0853 0528 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys

15:05:58.0853 0528 MSTEE - ok

15:05:58.0884 0528 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\drivers\MTConfig.sys

15:05:58.0884 0528 MTConfig - ok

15:05:58.0947 0528 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys

15:05:58.0947 0528 Mup - ok

15:05:58.0994 0528 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll

15:05:59.0009 0528 napagent - ok

15:05:59.0056 0528 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys

15:05:59.0072 0528 NativeWifiP - ok

15:05:59.0134 0528 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\windows\system32\drivers\ndis.sys

15:05:59.0150 0528 NDIS - ok

15:05:59.0196 0528 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys

15:05:59.0196 0528 NdisCap - ok

15:05:59.0243 0528 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys

15:05:59.0243 0528 NdisTapi - ok

15:05:59.0274 0528 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys

15:05:59.0290 0528 Ndisuio - ok

15:05:59.0306 0528 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys

15:05:59.0306 0528 NdisWan - ok

15:05:59.0321 0528 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys

15:05:59.0321 0528 NDProxy - ok

15:05:59.0368 0528 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys

15:05:59.0368 0528 NetBIOS - ok

15:05:59.0384 0528 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys

15:05:59.0384 0528 NetBT - ok

15:05:59.0399 0528 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe

15:05:59.0415 0528 Netlogon - ok

15:05:59.0477 0528 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll

15:05:59.0493 0528 Netman - ok

15:05:59.0524 0528 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

15:05:59.0602 0528 NetMsmqActivator - ok

15:05:59.0602 0528 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

15:05:59.0618 0528 NetPipeActivator - ok

15:05:59.0633 0528 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll

15:05:59.0633 0528 netprofm - ok

15:05:59.0649 0528 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

15:05:59.0664 0528 NetTcpActivator - ok

15:05:59.0664 0528 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

15:05:59.0664 0528 NetTcpPortSharing - ok

15:05:59.0696 0528 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys

15:05:59.0711 0528 nfrd960 - ok

15:05:59.0789 0528 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\windows\System32\nlasvc.dll

15:05:59.0789 0528 NlaSvc - ok

15:05:59.0820 0528 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys

15:05:59.0820 0528 Npfs - ok

15:05:59.0867 0528 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll

15:05:59.0867 0528 nsi - ok

15:05:59.0883 0528 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys

15:05:59.0883 0528 nsiproxy - ok

15:05:59.0945 0528 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\windows\system32\drivers\Ntfs.sys

15:05:59.0976 0528 Ntfs - ok

15:06:00.0008 0528 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys

15:06:00.0008 0528 Null - ok

15:06:00.0086 0528 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys

15:06:00.0086 0528 nvraid - ok

15:06:00.0101 0528 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys

15:06:00.0101 0528 nvstor - ok

15:06:00.0132 0528 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys

15:06:00.0132 0528 nv_agp - ok

15:06:00.0164 0528 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys

15:06:00.0164 0528 ohci1394 - ok

15:06:00.0195 0528 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

15:06:00.0195 0528 ose - ok

15:06:00.0382 0528 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

15:06:00.0507 0528 osppsvc - ok

15:06:00.0554 0528 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll

15:06:00.0554 0528 p2pimsvc - ok

15:06:00.0600 0528 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll

15:06:00.0616 0528 p2psvc - ok

15:06:00.0663 0528 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\drivers\parport.sys

15:06:00.0678 0528 Parport - ok

15:06:00.0694 0528 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys

15:06:00.0710 0528 partmgr - ok

15:06:00.0725 0528 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll

15:06:00.0741 0528 PcaSvc - ok

15:06:00.0834 0528 [ 7317A0B550F7AC0223B7070897670476 ] PCDSRVC{1E208CE0-FB7451FF-06020101}_0 c:\program files\dell support center\pcdsrvc_x64.pkms

15:06:00.0866 0528 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - ok

15:06:00.0897 0528 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys

15:06:00.0897 0528 pci - ok

15:06:00.0928 0528 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\drivers\pciide.sys

15:06:00.0928 0528 pciide - ok

15:06:00.0944 0528 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\drivers\pcmcia.sys

15:06:00.0944 0528 pcmcia - ok

15:06:01.0006 0528 [ AF7CE12C4F3DC8CB2B07685C916BBCFE ] pcouffin C:\windows\system32\Drivers\pcouffin.sys

15:06:01.0006 0528 pcouffin - ok

15:06:01.0022 0528 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys

15:06:01.0022 0528 pcw - ok

15:06:01.0084 0528 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys

15:06:01.0084 0528 PEAUTH - ok

15:06:01.0162 0528 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe

15:06:01.0178 0528 PerfHost - ok

15:06:01.0271 0528 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll

15:06:01.0287 0528 pla - ok

15:06:01.0365 0528 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll

15:06:01.0365 0528 PlugPlay - ok

15:06:01.0427 0528 [ F485770EEC8959684CC4C4786B63C06C ] Pml Driver HPZ12 C:\windows\system32\HPZipm12.dll

15:06:01.0443 0528 Pml Driver HPZ12 - ok

15:06:01.0458 0528 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll

15:06:01.0458 0528 PNRPAutoReg - ok

15:06:01.0474 0528 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll

15:06:01.0490 0528 PNRPsvc - ok

15:06:01.0536 0528 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll

15:06:01.0536 0528 PolicyAgent - ok

15:06:01.0599 0528 [ A2CCA4FB273E6050F17A0A416CFF2FCD ] Power C:\windows\system32\umpo.dll

15:06:01.0599 0528 Power - ok

15:06:01.0661 0528 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys

15:06:01.0661 0528 PptpMiniport - ok

15:06:01.0677 0528 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\drivers\processr.sys

15:06:01.0677 0528 Processor - ok

15:06:01.0739 0528 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll

15:06:01.0739 0528 ProfSvc - ok

15:06:01.0755 0528 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe

15:06:01.0755 0528 ProtectedStorage - ok

15:06:01.0802 0528 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys

15:06:01.0802 0528 Psched - ok

15:06:01.0864 0528 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\windows\system32\Drivers\PxHlpa64.sys

15:06:01.0864 0528 PxHlpa64 - ok

15:06:01.0926 0528 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\drivers\ql2300.sys

15:06:01.0958 0528 ql2300 - ok

15:06:01.0973 0528 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\drivers\ql40xx.sys

15:06:01.0989 0528 ql40xx - ok

15:06:02.0020 0528 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll

15:06:02.0020 0528 QWAVE - ok

15:06:02.0067 0528 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys

15:06:02.0067 0528 QWAVEdrv - ok

15:06:02.0098 0528 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys

15:06:02.0098 0528 RasAcd - ok

15:06:02.0160 0528 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys

15:06:02.0160 0528 RasAgileVpn - ok

15:06:02.0176 0528 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll

15:06:02.0176 0528 RasAuto - ok

15:06:02.0207 0528 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys

15:06:02.0223 0528 Rasl2tp - ok

15:06:02.0238 0528 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll

15:06:02.0254 0528 RasMan - ok

15:06:02.0285 0528 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys

15:06:02.0285 0528 RasPppoe - ok

15:06:02.0301 0528 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys

15:06:02.0316 0528 RasSstp - ok

15:06:02.0348 0528 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys

15:06:02.0363 0528 rdbss - ok

15:06:02.0379 0528 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\drivers\rdpbus.sys

15:06:02.0379 0528 rdpbus - ok

15:06:02.0394 0528 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys

15:06:02.0394 0528 RDPCDD - ok

15:06:02.0426 0528 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys

15:06:02.0426 0528 RDPENCDD - ok

15:06:02.0441 0528 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys

15:06:02.0441 0528 RDPREFMP - ok

15:06:02.0488 0528 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys

15:06:02.0488 0528 RDPWD - ok

15:06:02.0535 0528 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys

15:06:02.0535 0528 rdyboost - ok

15:06:02.0582 0528 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll

15:06:02.0597 0528 RemoteAccess - ok

15:06:02.0628 0528 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll

15:06:02.0628 0528 RemoteRegistry - ok

15:06:02.0675 0528 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys

15:06:02.0675 0528 RFCOMM - ok

15:06:02.0691 0528 [ 5790BCA445CC40DF8B38C2C48608AAC2 ] RimUsb C:\windows\system32\Drivers\RimUsb_AMD64.sys

15:06:02.0691 0528 RimUsb - ok

15:06:02.0847 0528 [ 3C957189B31C34D3AD21967B12B6AED7 ] RoxMediaDB12OEM c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe

15:06:02.0862 0528 RoxMediaDB12OEM - ok

15:06:02.0925 0528 [ 2B73088CC2CA757A172B425C9398E5BC ] RoxWatch12 c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe

15:06:02.0940 0528 RoxWatch12 - ok

15:06:02.0972 0528 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll

15:06:02.0972 0528 RpcEptMapper - ok

15:06:03.0018 0528 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe

15:06:03.0018 0528 RpcLocator - ok

15:06:03.0050 0528 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll

15:06:03.0065 0528 RpcSs - ok

15:06:03.0112 0528 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys

15:06:03.0112 0528 rspndr - ok

15:06:03.0174 0528 [ BE29B0A3AC1E8BD02FFAB8CEE86BADFA ] RSUSBSTOR C:\windows\system32\Drivers\RtsUStor.sys

15:06:03.0174 0528 RSUSBSTOR - ok

15:06:03.0237 0528 [ E50CFB92986DCAB49DE93788FD695813 ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys

15:06:03.0252 0528 RTL8167 - ok

15:06:03.0284 0528 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe

15:06:03.0284 0528 SamSs - ok

15:06:03.0299 0528 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys

15:06:03.0315 0528 sbp2port - ok

15:06:03.0346 0528 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll

15:06:03.0346 0528 SCardSvr - ok

15:06:03.0362 0528 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys

15:06:03.0362 0528 scfilter - ok

15:06:03.0440 0528 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll

15:06:03.0471 0528 Schedule - ok

15:06:03.0502 0528 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll

15:06:03.0502 0528 SCPolicySvc - ok

15:06:03.0549 0528 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll

15:06:03.0549 0528 SDRSVC - ok

15:06:03.0596 0528 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys

15:06:03.0596 0528 secdrv - ok

15:06:03.0627 0528 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll

15:06:03.0642 0528 seclogon - ok

15:06:03.0658 0528 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\system32\sens.dll

15:06:03.0658 0528 SENS - ok

15:06:03.0689 0528 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll

15:06:03.0705 0528 SensrSvc - ok

15:06:03.0736 0528 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\drivers\serenum.sys

15:06:03.0736 0528 Serenum - ok

15:06:03.0767 0528 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\drivers\serial.sys

15:06:03.0767 0528 Serial - ok

15:06:03.0783 0528 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\drivers\sermouse.sys

15:06:03.0783 0528 sermouse - ok

15:06:03.0845 0528 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll

15:06:03.0845 0528 SessionEnv - ok

15:06:03.0876 0528 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys

15:06:03.0876 0528 sffdisk - ok

15:06:03.0892 0528 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys

15:06:03.0892 0528 sffp_mmc - ok

15:06:03.0892 0528 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys

15:06:03.0892 0528 sffp_sd - ok

15:06:03.0908 0528 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\drivers\sfloppy.sys

15:06:03.0908 0528 sfloppy - ok

15:06:03.0954 0528 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\windows\system32\DRIVERS\Sftfslh.sys

15:06:03.0970 0528 Sftfs - ok

15:06:04.0032 0528 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

15:06:04.0048 0528 sftlist - ok

15:06:04.0079 0528 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\windows\system32\DRIVERS\Sftplaylh.sys

15:06:04.0079 0528 Sftplay - ok

15:06:04.0126 0528 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\windows\system32\DRIVERS\Sftredirlh.sys

15:06:04.0126 0528 Sftredir - ok

15:06:04.0142 0528 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\windows\system32\DRIVERS\Sftvollh.sys

15:06:04.0142 0528 Sftvol - ok

15:06:04.0188 0528 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

15:06:04.0188 0528 sftvsa - ok

15:06:04.0235 0528 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll

15:06:04.0251 0528 SharedAccess - ok

15:06:04.0282 0528 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll

15:06:04.0298 0528 ShellHWDetection - ok

15:06:04.0344 0528 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys

15:06:04.0344 0528 SiSRaid2 - ok

15:06:04.0376 0528 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys

15:06:04.0376 0528 SiSRaid4 - ok

15:06:04.0438 0528 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe

15:06:04.0438 0528 SkypeUpdate - ok

15:06:04.0454 0528 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys

15:06:04.0469 0528 Smb - ok

15:06:04.0516 0528 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe

15:06:04.0516 0528 SNMPTRAP - ok

15:06:04.0532 0528 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys

15:06:04.0547 0528 spldr - ok

15:06:04.0610 0528 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe

15:06:04.0610 0528 Spooler - ok

15:06:04.0734 0528 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe

15:06:04.0828 0528 sppsvc - ok

15:06:04.0875 0528 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll

15:06:04.0875 0528 sppuinotify - ok

15:06:04.0937 0528 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys

15:06:04.0937 0528 srv - ok

15:06:04.0968 0528 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys

15:06:04.0968 0528 srv2 - ok

15:06:04.0984 0528 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys

15:06:04.0984 0528 srvnet - ok

15:06:05.0046 0528 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll

15:06:05.0046 0528 SSDPSRV - ok

15:06:05.0078 0528 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll

15:06:05.0078 0528 SstpSvc - ok

15:06:05.0171 0528 [ A6B2EC3A2B6AD7C3F7B2F3495CADE4C0 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe

15:06:05.0187 0528 STacSV - ok

15:06:05.0202 0528 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\drivers\stexstor.sys

15:06:05.0218 0528 stexstor - ok

15:06:05.0265 0528 [ EBA98394A7D58F7552C52192BD8FA7E6 ] STHDA C:\windows\system32\DRIVERS\stwrt64.sys

15:06:05.0280 0528 STHDA - ok

15:06:05.0312 0528 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll

15:06:05.0327 0528 stisvc - ok

15:06:05.0374 0528 [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr c:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe

15:06:05.0390 0528 stllssvr - ok

15:06:05.0405 0528 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\DRIVERS\swenum.sys

15:06:05.0405 0528 swenum - ok

15:06:05.0452 0528 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll

15:06:05.0468 0528 swprv - ok

15:06:05.0514 0528 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll

15:06:05.0546 0528 SysMain - ok

15:06:05.0577 0528 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll

15:06:05.0577 0528 TabletInputService - ok

15:06:05.0639 0528 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll

15:06:05.0639 0528 TapiSrv - ok

15:06:05.0655 0528 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll

15:06:05.0670 0528 TBS - ok

15:06:05.0764 0528 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\windows\system32\drivers\tcpip.sys

15:06:05.0795 0528 Tcpip - ok

15:06:05.0842 0528 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys

15:06:05.0873 0528 TCPIP6 - ok

15:06:05.0904 0528 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys

15:06:05.0904 0528 tcpipreg - ok

15:06:05.0951 0528 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys

15:06:05.0951 0528 TDPIPE - ok

15:06:05.0982 0528 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys

15:06:05.0982 0528 TDTCP - ok

15:06:06.0029 0528 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys

15:06:06.0029 0528 tdx - ok

15:06:06.0060 0528 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\DRIVERS\termdd.sys

15:06:06.0060 0528 TermDD - ok

15:06:06.0092 0528 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll

15:06:06.0107 0528 TermService - ok

15:06:06.0138 0528 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll

15:06:06.0138 0528 Themes - ok

15:06:06.0170 0528 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll

15:06:06.0185 0528 THREADORDER - ok

15:06:06.0216 0528 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll

15:06:06.0216 0528 TrkWks - ok

15:06:06.0263 0528 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe

15:06:06.0263 0528 TrustedInstaller - ok

15:06:06.0294 0528 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys

15:06:06.0294 0528 tssecsrv - ok

15:06:06.0341 0528 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys

15:06:06.0341 0528 TsUsbFlt - ok

15:06:06.0388 0528 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys

15:06:06.0388 0528 TsUsbGD - ok

15:06:06.0435 0528 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys

15:06:06.0435 0528 tunnel - ok

15:06:06.0450 0528 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\drivers\uagp35.sys

15:06:06.0450 0528 uagp35 - ok

15:06:06.0497 0528 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys

15:06:06.0497 0528 udfs - ok

15:06:06.0528 0528 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe

15:06:06.0528 0528 UI0Detect - ok

15:06:06.0560 0528 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys

15:06:06.0560 0528 uliagpkx - ok

15:06:06.0591 0528 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\DRIVERS\umbus.sys

15:06:06.0591 0528 umbus - ok

15:06:06.0638 0528 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\drivers\umpass.sys

15:06:06.0638 0528 UmPass - ok

15:06:06.0762 0528 [ 7A78ED1088890114DFDE2C4AB038D6B6 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

15:06:06.0856 0528 UNS - ok

15:06:06.0887 0528 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll

15:06:06.0887 0528 upnphost - ok

15:06:06.0934 0528 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\windows\system32\Drivers\usbaapl64.sys

15:06:06.0934 0528 USBAAPL64 - ok

15:06:06.0965 0528 [ 19AD7990C0B67E48DAC5B26F99628223 ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys

15:06:06.0965 0528 usbccgp - ok

15:06:06.0996 0528 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys

15:06:06.0996 0528 usbcir - ok

15:06:07.0028 0528 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\DRIVERS\usbehci.sys

15:06:07.0028 0528 usbehci - ok

15:06:07.0090 0528 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys

15:06:07.0106 0528 usbhub - ok

15:06:07.0121 0528 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\drivers\usbohci.sys

15:06:07.0121 0528 usbohci - ok

15:06:07.0168 0528 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys

15:06:07.0168 0528 usbprint - ok

15:06:07.0246 0528 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys

15:06:07.0246 0528 usbscan - ok

15:06:07.0277 0528 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS

15:06:07.0277 0528 USBSTOR - ok

15:06:07.0293 0528 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys

15:06:07.0293 0528 usbuhci - ok

15:06:07.0340 0528 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\system32\Drivers\usbvideo.sys

15:06:07.0340 0528 usbvideo - ok

15:06:07.0386 0528 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll

15:06:07.0386 0528 UxSms - ok

15:06:07.0402 0528 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe

15:06:07.0402 0528 VaultSvc - ok

15:06:07.0433 0528 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys

15:06:07.0449 0528 vdrvroot - ok

15:06:07.0464 0528 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe

15:06:07.0480 0528 vds - ok

15:06:07.0527 0528 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys

15:06:07.0527 0528 vga - ok

15:06:07.0542 0528 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys

15:06:07.0542 0528 VgaSave - ok

15:06:07.0558 0528 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys

15:06:07.0558 0528 vhdmp - ok

15:06:07.0589 0528 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys

15:06:07.0589 0528 viaide - ok

15:06:07.0620 0528 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys

15:06:07.0620 0528 volmgr - ok

15:06:07.0636 0528 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys

15:06:07.0652 0528 volmgrx - ok

15:06:07.0667 0528 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\windows\system32\drivers\volsnap.sys

15:06:07.0683 0528 volsnap - ok

15:06:07.0714 0528 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\drivers\vsmraid.sys

15:06:07.0714 0528 vsmraid - ok

15:06:07.0792 0528 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe

15:06:07.0823 0528 VSS - ok

15:06:07.0854 0528 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys

15:06:07.0854 0528 vwifibus - ok

15:06:07.0886 0528 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys

15:06:07.0901 0528 vwififlt - ok

15:06:07.0932 0528 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll

15:06:07.0948 0528 W32Time - ok

15:06:07.0964 0528 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\drivers\wacompen.sys

15:06:07.0964 0528 WacomPen - ok

15:06:08.0010 0528 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys

15:06:08.0010 0528 WANARP - ok

15:06:08.0026 0528 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys

15:06:08.0026 0528 Wanarpv6 - ok

15:06:08.0120 0528 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe

15:06:08.0135 0528 WatAdminSvc - ok

15:06:08.0213 0528 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe

15:06:08.0244 0528 wbengine - ok

15:06:08.0276 0528 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll

15:06:08.0276 0528 WbioSrvc - ok

15:06:08.0338 0528 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll

15:06:08.0338 0528 wcncsvc - ok

15:06:08.0354 0528 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll

15:06:08.0369 0528 WcsPlugInService - ok

15:06:08.0416 0528 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\drivers\wd.sys

15:06:08.0416 0528 Wd - ok

15:06:08.0463 0528 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys

15:06:08.0478 0528 Wdf01000 - ok

15:06:08.0494 0528 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll

15:06:08.0494 0528 WdiServiceHost - ok

15:06:08.0510 0528 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll

15:06:08.0510 0528 WdiSystemHost - ok

15:06:08.0588 0528 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll

15:06:08.0603 0528 WebClient - ok

15:06:08.0619 0528 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll

15:06:08.0634 0528 Wecsvc - ok

15:06:08.0650 0528 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll

15:06:08.0650 0528 wercplsupport - ok

15:06:08.0697 0528 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll

15:06:08.0697 0528 WerSvc - ok

15:06:08.0728 0528 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys

15:06:08.0728 0528 WfpLwf - ok

15:06:08.0806 0528 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\windows\system32\DRIVERS\wimfltr.sys

15:06:08.0806 0528 WimFltr - ok

15:06:08.0822 0528 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys

15:06:08.0822 0528 WIMMount - ok

15:06:08.0853 0528 WinDefend - ok

15:06:08.0868 0528 WinHttpAutoProxySvc - ok

15:06:08.0931 0528 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll

15:06:08.0946 0528 Winmgmt - ok

15:06:09.0024 0528 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll

15:06:09.0056 0528 WinRM - ok

15:06:09.0134 0528 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys

15:06:09.0149 0528 WinUsb - ok

15:06:09.0212 0528 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll

15:06:09.0227 0528 Wlansvc - ok

15:06:09.0274 0528 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe

15:06:09.0274 0528 wlcrasvc - ok

15:06:09.0368 0528 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

15:06:09.0414 0528 wlidsvc - ok

15:06:09.0430 0528 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\DRIVERS\wmiacpi.sys

15:06:09.0430 0528 WmiAcpi - ok

15:06:09.0477 0528 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe

15:06:09.0477 0528 wmiApSrv - ok

15:06:09.0524 0528 WMPNetworkSvc - ok

15:06:09.0539 0528 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll

15:06:09.0539 0528 WPCSvc - ok

15:06:09.0586 0528 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll

15:06:09.0586 0528 WPDBusEnum - ok

15:06:09.0602 0528 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys

15:06:09.0602 0528 ws2ifsl - ok

15:06:09.0648 0528 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\windows\system32\wscsvc.dll

15:06:09.0648 0528 wscsvc - ok

15:06:09.0664 0528 WSearch - ok

15:06:09.0758 0528 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll

15:06:09.0789 0528 wuauserv - ok

15:06:09.0820 0528 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\windows\system32\drivers\WudfPf.sys

15:06:09.0820 0528 WudfPf - ok

15:06:09.0867 0528 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys

15:06:09.0867 0528 WUDFRd - ok

15:06:09.0914 0528 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\windows\System32\WUDFSvc.dll

15:06:09.0914 0528 wudfsvc - ok

15:06:09.0960 0528 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll

15:06:09.0960 0528 WwanSvc - ok

15:06:10.0085 0528 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

15:06:10.0085 0528 YahooAUService - ok

15:06:10.0116 0528 ================ Scan global ===============================

15:06:10.0163 0528 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll

15:06:10.0210 0528 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\windows\system32\winsrv.dll

15:06:10.0226 0528 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\windows\system32\winsrv.dll

15:06:10.0272 0528 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll

15:06:10.0304 0528 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe

15:06:10.0319 0528 [Global] - ok

15:06:10.0319 0528 ================ Scan MBR ==================================

15:06:10.0335 0528 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0

15:06:10.0522 0528 \Device\Harddisk0\DR0 - ok

15:06:10.0522 0528 [ 739B36F7A373FC81121D831231B6D311 ] \Device\Harddisk1\DR1

15:06:15.0280 0528 \Device\Harddisk1\DR1 - ok

15:06:15.0280 0528 [ F8E972BA58FB7B404AD5B50BB85171FB ] \Device\Harddisk2\DR2

15:06:21.0005 0528 \Device\Harddisk2\DR2 - ok

15:06:21.0005 0528 ================ Scan VBR ==================================

15:06:21.0005 0528 [ B4A651EA79A9998884DA67ECFFB5E2E7 ] \Device\Harddisk0\DR0\Partition1

15:06:21.0021 0528 \Device\Harddisk0\DR0\Partition1 - ok

15:06:21.0036 0528 [ 9353CF31A6EC515E78353D1600509A2F ] \Device\Harddisk0\DR0\Partition2

15:06:21.0036 0528 \Device\Harddisk0\DR0\Partition2 - ok

15:06:21.0052 0528 [ E8278925C78C45695E08D2E5AF77A19A ] \Device\Harddisk1\DR1\Partition1

15:06:21.0052 0528 \Device\Harddisk1\DR1\Partition1 - ok

15:06:21.0052 0528 ============================================================

15:06:21.0052 0528 Scan finished

15:06:21.0052 0528 ============================================================

15:06:21.0068 0800 Detected object count: 0

15:06:21.0068 0800 Actual detected object count: 0

15:06:30.0662 1040 Deinitialize success

Link to post
Share on other sites
Larusso

Larusso

Posted
Posted

Download Farbar Recovery Scan Tool 64-Bit and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:

  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.

To enter System Recovery Options by using Windows installation disc:

  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.

On the System Recovery Options menu you will get the following options:


    • Startup Repair
      System Restore
      Windows Complete PC Restore
      Windows Memory Diagnostic Tool
      Command Prompt

[*]Select Command Prompt

[*]In the command window type in notepad and press Enter.

[*]The notepad opens. Under File menu select Open.

[*]Select "Computer" and find your flash drive letter and close the notepad.

[*]In the command window type e:\frst64 and press Enter

Note: Replace letter e with the drive letter of your flash drive.

[*]The tool will start to run.

[*]When the tool opens click Yes to disclaimer.

[*]Press Scan button.

[*]It will make a log ( FRST.txt ) on the flash drive. Please copy and paste it to your reply.

Link to post
Share on other sites
SarahL2011

SarahL2011

Posted
  • Author
Posted

Here is the FRST log:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-03-2013 (ATTENTION: FRST version is 22 days old)

Ran by SYSTEM at 04-04-2013 12:39:45

Running from G:\

Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)

The current controlset is ControlSet001

==================== Registry (Whitelisted) ===================

HKLM\...\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe [608112 2011-03-29] (Alps Electric Co., Ltd.)

HKLM\...\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe [1128448 2011-05-27] (IDT, Inc.)

HKLM\...\Run: [stage Remote] C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe -Quiet [2022976 2011-06-27] ()

HKLM\...\Run: [DellStage] "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup [482661 2011-11-03] ()

HKLM-x32\...\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-12] (Intel Corporation)

HKLM-x32\...\Run: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup [2829241 2011-11-03] ()

HKLM-x32\...\Run: [] [x]

HKLM-x32\...\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY [3147384 2012-12-11] (AVG Technologies CZ, s.r.o.)

Tcpip\Parameters: [DhcpNameServer] 65.32.5.111 65.32.5.112

Startup: C:\ProgramData\Start Menu\Programs\Startup\Bluetooth.lnk

ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

==================== Services (Whitelisted) ===================

2 ACProtector; "C:\Program Files\AxiomCoders\ACProtector\ACProtector.exe" [142808 2012-02-29] (AxiomCoders)

2 AVGIDSAgent; "C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe" [5814904 2012-11-16] (AVG Technologies CZ, s.r.o.)

2 avgwd; "C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe" [196664 2012-10-22] (AVG Technologies CZ, s.r.o.)

==================== Drivers (Whitelisted) =====================

1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [154464 2012-10-22] (AVG Technologies CZ, s.r.o. )

0 AVGIDSHA; C:\Windows\System32\Drivers\AVGIDSHA.sys [63328 2012-10-15] (AVG Technologies CZ, s.r.o. )

1 Avgldx64; C:\Windows\System32\Drivers\Avgldx64.sys [185696 2012-10-02] (AVG Technologies CZ, s.r.o.)

0 Avgloga; C:\Windows\System32\Drivers\Avgloga.sys [225120 2012-09-21] (AVG Technologies CZ, s.r.o.)

0 Avgmfx64; C:\Windows\System32\Drivers\Avgmfx64.sys [111968 2012-11-16] (AVG Technologies CZ, s.r.o.)

0 Avgrkx64; C:\Windows\System32\Drivers\Avgrkx64.sys [40800 2012-09-14] (AVG Technologies CZ, s.r.o.)

1 Avgtdia; C:\Windows\System32\Drivers\Avgtdia.sys [200032 2012-09-21] (AVG Technologies CZ, s.r.o.)

3 DigiartyVirtualCDBus; C:\Windows\System32\Drivers\DigiartyVirtualCDBus.sys [276256 2012-08-21] (Digiarty Software, Inc.)

1 dtsoftbus01; C:\Windows\System32\Drivers\dtsoftbus01.sys [283200 2013-02-27] (DT Soft Ltd)

3 CtClsFlt; C:\Windows\System32\DRIVERS\CtClsFlt.sys [x]

3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0; \??\c:\program files\dell support center\pcdsrvc_x64.pkms [x]

==================== NetSvcs (Whitelisted) ====================

==================== One Month Created Files and Folders ========

2013-04-04 12:39 - 2013-04-04 12:39 - 00000000 ____D C:\FRST

2013-04-03 14:05 - 2013-04-03 14:05 - 00005206 ____A C:\Users\Kevin Lofgren\Desktop\FSS.txt

2013-04-03 14:04 - 2013-04-03 13:59 - 02237968 ____A (Kaspersky Lab ZAO) C:\Users\Kevin Lofgren\Desktop\tdsskiller.exe

2013-04-03 14:04 - 2013-04-03 13:59 - 00354265 ____A (Farbar) C:\Users\Kevin Lofgren\Desktop\FSS.exe

2013-04-02 23:44 - 2013-04-02 23:44 - 00001051 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk

2013-04-02 23:44 - 2013-04-02 23:44 - 00001051 ____A C:\ProgramData\Desktop\Mozilla Firefox.lnk

2013-04-02 23:10 - 2013-04-02 23:10 - 00137466 ____A C:\Users\Kevin Lofgren\Desktop\bookmarks_4_3_13-2.html

2013-04-02 23:10 - 2013-04-02 23:10 - 00137466 ____A C:\Users\Kevin Lofgren\Desktop\bookmarks_4_3_13.html

2013-04-02 23:05 - 2013-04-04 10:33 - 00000616 ____A C:\Windows\setupact.log

2013-04-02 23:05 - 2013-04-02 23:05 - 00000000 ____A C:\Windows\setuperr.log

2013-04-02 23:00 - 2013-04-03 13:47 - 00090605 ____A C:\Windows\WindowsUpdate.log

2013-04-02 22:55 - 2013-04-03 10:30 - 00031577 ____A C:\Users\Kevin Lofgren\Desktop\attach.txt

2013-04-02 22:55 - 2013-04-03 10:29 - 00023227 ____A C:\Users\Kevin Lofgren\Desktop\dds.txt

2013-04-02 22:53 - 2013-04-02 22:41 - 00688992 ____R (Swearware) C:\Users\Kevin Lofgren\Desktop\dds.com

2013-03-30 22:24 - 2013-02-02 02:31 - 17815040 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll

2013-03-30 22:24 - 2013-02-02 01:58 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll

2013-03-30 22:24 - 2013-02-02 01:57 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll

2013-03-30 22:24 - 2013-02-02 01:48 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll

2013-03-30 22:24 - 2013-02-02 01:47 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl

2013-03-30 22:24 - 2013-02-02 01:47 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll

2013-03-30 22:24 - 2013-02-02 01:46 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll

2013-03-30 22:24 - 2013-02-02 01:43 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll

2013-03-30 22:24 - 2013-02-02 01:42 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll

2013-03-30 22:24 - 2013-02-02 01:42 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe

2013-03-30 22:24 - 2013-02-02 01:41 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll

2013-03-30 22:24 - 2013-02-02 01:40 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll

2013-03-30 22:24 - 2013-02-02 01:39 - 02147840 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll

2013-03-30 22:24 - 2013-02-02 01:38 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb

2013-03-30 22:24 - 2013-02-02 01:38 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll

2013-03-30 22:24 - 2013-02-02 01:34 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll

2013-03-30 22:24 - 2013-02-01 23:09 - 12321792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2013-03-30 22:24 - 2013-02-01 22:42 - 09738240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2013-03-30 22:24 - 2013-02-01 22:38 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2013-03-30 22:24 - 2013-02-01 22:31 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2013-03-30 22:24 - 2013-02-01 22:30 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2013-03-30 22:24 - 2013-02-01 22:30 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2013-03-30 22:24 - 2013-02-01 22:29 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll

2013-03-30 22:24 - 2013-02-01 22:27 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2013-03-30 22:24 - 2013-02-01 22:26 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2013-03-30 22:24 - 2013-02-01 22:26 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2013-03-30 22:24 - 2013-02-01 22:26 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2013-03-30 22:24 - 2013-02-01 22:25 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2013-03-30 22:24 - 2013-02-01 22:23 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2013-03-30 22:24 - 2013-02-01 22:23 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2013-03-30 22:24 - 2013-02-01 22:23 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2013-03-30 22:24 - 2013-02-01 22:20 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2013-03-30 22:23 - 2013-03-30 22:23 - 00000000 ____D C:\Program Files\Microsoft Silverlight

2013-03-30 22:23 - 2013-03-30 22:23 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight

2013-03-30 22:16 - 2013-03-30 22:16 - 00003536 ____N C:\bootsqm.dat

2013-03-29 14:18 - 2013-02-11 23:12 - 00019968 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usb8023.sys

2013-03-29 14:14 - 2013-03-29 14:14 - 00000000 ____D C:\Program Files (x86)\Dell Digital Delivery

2013-03-09 23:12 - 2013-03-09 23:12 - 00000538 ____A C:\Users\Kevin Lofgren\Downloads\calendarsummary_03092013.xls

2013-03-09 11:45 - 2013-03-09 11:45 - 00037702 ____A C:\Users\Kevin Lofgren\My Documents\skyline keywords.xlsx

2013-03-09 11:45 - 2013-03-09 11:45 - 00037702 ____A C:\Users\Kevin Lofgren\Documents\skyline keywords.xlsx

2013-03-07 23:56 - 2013-03-07 23:56 - 00000663 ____A C:\Users\Kevin Lofgren\Desktop\threats.txt

2013-03-07 22:47 - 2013-03-07 22:47 - 00000000 ____D C:\Users\Default\Application Data\TuneUp Software

2013-03-07 22:47 - 2013-03-07 22:47 - 00000000 ____D C:\Users\Default\AppData\Roaming\TuneUp Software

2013-03-07 22:47 - 2013-03-07 22:47 - 00000000 ____D C:\Users\Default User\Application Data\TuneUp Software

2013-03-07 22:47 - 2013-03-07 22:47 - 00000000 ____D C:\Users\Default User\AppData\Roaming\TuneUp Software

2013-03-06 23:57 - 2013-04-02 23:46 - 00000000 ____D C:\Program Files (x86)\Google

2013-03-06 23:30 - 2013-03-06 23:30 - 00130038 ____A C:\Users\Kevin Lofgren\My Documents\bookmarks_3_6_13_2.html

2013-03-06 23:30 - 2013-03-06 23:30 - 00130038 ____A C:\Users\Kevin Lofgren\Documents\bookmarks_3_6_13_2.html

2013-03-06 23:21 - 2013-03-06 23:21 - 00130038 ____A C:\Users\Kevin Lofgren\Desktop\bookmarks_3_6_13.html

==================== One Month Modified Files and Folders =======

2013-04-04 10:33 - 2013-04-02 23:05 - 00000616 ____A C:\Windows\setupact.log

2013-04-04 10:33 - 2009-07-14 00:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT

2013-04-03 18:12 - 2013-03-03 01:08 - 00000000 ____D C:\Users\Kevin Lofgren\Desktop\Cleanup Desktop 3-3-13

2013-04-03 18:09 - 2009-07-14 00:13 - 00779788 ____A C:\Windows\System32\PerfStringBackup.INI

2013-04-03 14:05 - 2013-04-03 14:05 - 00005206 ____A C:\Users\Kevin Lofgren\Desktop\FSS.txt

2013-04-03 13:59 - 2013-04-03 14:04 - 02237968 ____A (Kaspersky Lab ZAO) C:\Users\Kevin Lofgren\Desktop\tdsskiller.exe

2013-04-03 13:59 - 2013-04-03 14:04 - 00354265 ____A (Farbar) C:\Users\Kevin Lofgren\Desktop\FSS.exe

2013-04-03 13:51 - 2009-07-13 23:45 - 00020928 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2013-04-03 13:51 - 2009-07-13 23:45 - 00020928 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2013-04-03 13:49 - 2013-04-02 23:00 - 00090605 ____A C:\Windows\WindowsUpdate.log

2013-04-03 13:47 - 2012-05-20 16:04 - 00000422 ____A C:\Windows\Tasks\SystemToolsDailyTest.job

2013-04-03 13:47 - 2009-07-14 00:08 - 00032556 ____A C:\Windows\Tasks\SCHEDLGU.TXT

2013-04-03 10:30 - 2013-04-02 22:55 - 00031577 ____A C:\Users\Kevin Lofgren\Desktop\attach.txt

2013-04-03 10:29 - 2013-04-02 22:55 - 00023227 ____A C:\Users\Kevin Lofgren\Desktop\dds.txt

2013-04-03 09:57 - 2013-02-21 22:36 - 00000000 ____D C:\ProgramData\MFAData

2013-04-03 09:57 - 2013-02-21 22:36 - 00000000 ____D C:\ProgramData\Application Data\MFAData

2013-04-03 09:54 - 2012-03-03 16:00 - 00000000 ____D C:\ProgramData\Sonic

2013-04-03 09:54 - 2012-03-03 16:00 - 00000000 ____D C:\ProgramData\Application Data\Sonic

2013-04-02 23:46 - 2013-03-06 23:57 - 00000000 ____D C:\Program Files (x86)\Google

2013-04-02 23:44 - 2013-04-02 23:44 - 00001051 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk

2013-04-02 23:44 - 2013-04-02 23:44 - 00001051 ____A C:\ProgramData\Desktop\Mozilla Firefox.lnk

2013-04-02 23:44 - 2012-05-21 13:42 - 00000000 ____D C:\Users\Kevin Lofgren\Local Settings\Google

2013-04-02 23:44 - 2012-05-21 13:42 - 00000000 ____D C:\Users\Kevin Lofgren\Local Settings\Application Data\Google

2013-04-02 23:44 - 2012-05-21 13:42 - 00000000 ____D C:\Users\Kevin Lofgren\AppData\Local\Google

2013-04-02 23:10 - 2013-04-02 23:10 - 00137466 ____A C:\Users\Kevin Lofgren\Desktop\bookmarks_4_3_13-2.html

2013-04-02 23:10 - 2013-04-02 23:10 - 00137466 ____A C:\Users\Kevin Lofgren\Desktop\bookmarks_4_3_13.html

2013-04-02 23:05 - 2013-04-02 23:05 - 00000000 ____A C:\Windows\setuperr.log

2013-04-02 22:41 - 2013-04-02 22:53 - 00688992 ____R (Swearware) C:\Users\Kevin Lofgren\Desktop\dds.com

2013-03-30 22:46 - 2012-05-20 16:04 - 00000564 ____A C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job

2013-03-30 22:30 - 2012-05-21 11:16 - 00000000 ____D C:\ProgramData\Microsoft Help

2013-03-30 22:30 - 2012-05-21 11:16 - 00000000 ____D C:\ProgramData\Application Data\Microsoft Help

2013-03-30 22:27 - 2012-05-31 09:55 - 72013344 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe

2013-03-30 22:23 - 2013-03-30 22:23 - 00000000 ____D C:\Program Files\Microsoft Silverlight

2013-03-30 22:23 - 2013-03-30 22:23 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight

2013-03-30 22:16 - 2013-03-30 22:16 - 00003536 ____N C:\bootsqm.dat

2013-03-29 14:14 - 2013-03-29 14:14 - 00000000 ____D C:\Program Files (x86)\Dell Digital Delivery

2013-03-29 14:14 - 2012-03-03 18:28 - 00000000 ____D C:\Dell

2013-03-10 09:43 - 2013-03-03 20:47 - 00036301 ____A C:\Users\Kevin Lofgren\Desktop\Rohrig.xlsx

2013-03-09 23:12 - 2013-03-09 23:12 - 00000538 ____A C:\Users\Kevin Lofgren\Downloads\calendarsummary_03092013.xls

2013-03-09 11:45 - 2013-03-09 11:45 - 00037702 ____A C:\Users\Kevin Lofgren\My Documents\skyline keywords.xlsx

2013-03-09 11:45 - 2013-03-09 11:45 - 00037702 ____A C:\Users\Kevin Lofgren\Documents\skyline keywords.xlsx

2013-03-09 11:45 - 2012-08-13 14:58 - 00007602 ____A C:\Users\Kevin Lofgren\Local Settings\Resmon.ResmonCfg

2013-03-09 11:45 - 2012-08-13 14:58 - 00007602 ____A C:\Users\Kevin Lofgren\Local Settings\Application Data\Resmon.ResmonCfg

2013-03-09 11:45 - 2012-08-13 14:58 - 00007602 ____A C:\Users\Kevin Lofgren\AppData\Local\Resmon.ResmonCfg

2013-03-08 21:57 - 2013-02-24 18:00 - 00000000 ____D C:\Qoobox

2013-03-07 23:56 - 2013-03-07 23:56 - 00000663 ____A C:\Users\Kevin Lofgren\Desktop\threats.txt

2013-03-07 22:47 - 2013-03-07 22:47 - 00000000 ____D C:\Users\Default\Application Data\TuneUp Software

2013-03-07 22:47 - 2013-03-07 22:47 - 00000000 ____D C:\Users\Default\AppData\Roaming\TuneUp Software

2013-03-07 22:47 - 2013-03-07 22:47 - 00000000 ____D C:\Users\Default User\Application Data\TuneUp Software

2013-03-07 22:47 - 2013-03-07 22:47 - 00000000 ____D C:\Users\Default User\AppData\Roaming\TuneUp Software

2013-03-07 22:47 - 2013-02-21 22:54 - 00000967 ____A C:\Users\Public\Desktop\AVG 2013.lnk

2013-03-07 22:47 - 2013-02-21 22:54 - 00000967 ____A C:\ProgramData\Desktop\AVG 2013.lnk

2013-03-07 00:20 - 2013-02-26 02:13 - 00000204 ____A C:\Users\Kevin Lofgren\Application Data\ltpReg.txt

2013-03-07 00:20 - 2013-02-26 02:13 - 00000204 ____A C:\Users\Kevin Lofgren\AppData\Roaming\ltpReg.txt

2013-03-06 23:57 - 2012-05-21 13:42 - 00000000 ____D C:\Users\Kevin Lofgren\Local Settings\Deployment

2013-03-06 23:57 - 2012-05-21 13:42 - 00000000 ____D C:\Users\Kevin Lofgren\Local Settings\Application Data\Deployment

2013-03-06 23:57 - 2012-05-21 13:42 - 00000000 ____D C:\Users\Kevin Lofgren\AppData\Local\Deployment

2013-03-06 23:56 - 2012-05-21 13:42 - 00000000 ____D C:\Users\Kevin Lofgren\AppData\Local\Apps\2.0

2013-03-06 23:30 - 2013-03-06 23:30 - 00130038 ____A C:\Users\Kevin Lofgren\My Documents\bookmarks_3_6_13_2.html

2013-03-06 23:30 - 2013-03-06 23:30 - 00130038 ____A C:\Users\Kevin Lofgren\Documents\bookmarks_3_6_13_2.html

2013-03-06 23:21 - 2013-03-06 23:21 - 00130038 ____A C:\Users\Kevin Lofgren\Desktop\bookmarks_3_6_13.html

==================== Known DLLs (Whitelisted) =================

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK

HKLM\...\exefile\DefaultIcon: %1 => OK

HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points =========================

Restore point made on: 2013-02-27 01:38:03

Restore point made on: 2013-02-28 22:49:14

Restore point made on: 2013-02-28 22:49:40

Restore point made on: 2013-02-28 22:52:00

Restore point made on: 2013-02-28 22:52:22

Restore point made on: 2013-03-02 23:41:18

Restore point made on: 2013-03-02 23:42:47

Restore point made on: 2013-03-02 23:44:12

Restore point made on: 2013-03-02 23:58:50

Restore point made on: 2013-03-03 00:03:00

Restore point made on: 2013-03-03 16:04:16

Restore point made on: 2013-03-03 16:16:48

Restore point made on: 2013-03-03 16:43:53

Restore point made on: 2013-03-03 16:44:33

Restore point made on: 2013-03-03 16:50:49

Restore point made on: 2013-03-06 23:53:52

Restore point made on: 2013-03-07 22:43:54

Restore point made on: 2013-03-08 21:13:48

Restore point made on: 2013-03-09 00:36:02

Restore point made on: 2013-03-30 22:22:19

Restore point made on: 2013-04-02 23:43:59

==================== Memory info ===========================

Percentage of memory in use: 22%

Total physical RAM: 4004.27 MB

Available physical RAM: 3107.42 MB

Total Pagefile: 4002.47 MB

Available Pagefile: 3093.71 MB

Total Virtual: 8192 MB

Available Virtual: 8191.9 MB

==================== Partitions =============================

1 Drive c: (OS) (Fixed) (Total:451.01 GB) (Free:374.2 GB) NTFS

3 Drive e: () (Removable) (Total:29.28 GB) (Free:19.05 GB) FAT32

4 Drive f: (Recovery) (Fixed) (Total:14.65 GB) (Free:6.83 GB) NTFS ==>[system with boot components (obtained from reading drive)]

5 Drive g: () (Removable) (Total:30.5 GB) (Free:27.26 GB) FAT32

7 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

Disk ### Status Size Free Dyn Gpt

-------- ------------- ------- ------- --- ---

Disk 0 Online 465 GB 0 B

Disk 1 Online 29 GB 0 B

Disk 2 Online 30 GB 0 B

Disk 3 No Media 0 B 0 B

Partitions of Disk 0:

===============

Disk ID: 3F997465

Partition ### Type Size Offset

------------- ---------------- ------- -------

Partition 1 OEM 100 MB 1024 KB

Partition 2 Primary 14 GB 101 MB

Partition 3 Primary 451 GB 14 GB

==================================================================================

Disk: 0

Partition 1

Type : DE

Hidden: Yes

Active: No

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 6 DELLUTILITY FAT Partition 100 MB Healthy Hidden

=========================================================

Disk: 0

Partition 2

Type : 07

Hidden: No

Active: Yes

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 1 F Recovery NTFS Partition 14 GB Healthy

=========================================================

Disk: 0

Partition 3

Type : 07

Hidden: No

Active: No

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 2 C OS NTFS Partition 451 GB Healthy

=========================================================

Partitions of Disk 1:

===============

Disk ID: 04DD5721

Partition ### Type Size Offset

------------- ---------------- ------- -------

Partition 1 Primary 29 GB 31 KB

==================================================================================

Disk: 1

Partition 1

Type : 0C

Hidden: No

Active: Yes

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 3 E FAT32 Removable 29 GB Healthy

=========================================================

Partitions of Disk 2:

===============

Disk ID: 00000001

Partition ### Type Size Offset

------------- ---------------- ------- -------

* Partition 1 Primary 30 GB 0 B

==================================================================================

Disk: 2

There is no partition selected.

There is no partition selected.

Please select a partition and try again.

=========================================================

============================== MBR Partition Table ==================

==============================

Partitions of Disk 0:

===============

Disk ID: 3F997465

Partition 1:

=========

Hex: 00202100DEDF130C0008000000200300

Active: NO

Type: DE

Size: 100 MB

Partition 2:

=========

Hex: 80DF140C07FEFFFF0028030000C0D401

Active: YES

Type: 07 (NTFS)

Size: 15 GB

Partition 3:

=========

Hex: 00FEFFFF07FEFFFF00E8D70130706038

Active: NO

Type: 07 (NTFS)

Size: 451 GB

==============================

Partitions of Disk 1:

===============

Disk ID: 04DD5721

Partition 1:

=========

Hex: 800101000CFEBFEF3F000000C17FA903

Active: YES

Type: 0C

Size: 29 GB

==============================

Partitions of Disk 2:

===============

Disk ID: 2C6B7369

Partition 1:

=========

Hex: 6E64207468656E20707265737320616E

Active: NO

Type: 68

Size: 883 GB

Partition 2:

=========

Hex: 79206B65790D0A000000494F20202020

Active: NO

Type: 79

Size: 257 GB

Partition 3:

=========

Hex: 20205359534D53444F53202020535953

Active: NO

Type: 53

Size: 667 GB

Partition 4:

=========

Hex: 7E010057494E424F4F54205359530000

Active: NO

Type: 49

Size: 10 MB

Last Boot: 2013-03-08 21:50

==================== End Of Log =============================

Link to post
Share on other sites
Larusso

Larusso

Posted
Posted

Looks clean as well.

Please press the Windows Key. Into the Search-Line type cmd.

Rightclick on the cmd.exe and choose "Run as Admin".

Type in the command below and hit Enter

netsh winsock reset

You should see a message that the Winsock was reset. Reboot and let me know if this has fixed your problems :)

Link to post
Share on other sites
LDTate

LDTate

Posted
Posted

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.