Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Vista Computer with Blue Screen of Death (Virus/Malware issue)


  • Please log in to reply
36 replies to this topic

#1 StuMic

StuMic

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:04:00 AM

Posted 29 September 2012 - 11:11 PM

Hello,

My friends computer was experiencing issues related to viruses/malware so I started running several different scans to try and remove the virus. She previously did not have any anti-virus programs so the first thing I did was install AVG2013. I then ran a scan and removed some minor threats. I then downloaded malwarebytes and ran a full system scan.

About 10 minutes into the malwarebytes scan the system crashed and the blue error screen popped up. It was the same one as the one shown here:

http://s281.photobucket.com/albums/kk221/hanzo_Kunai/web/?action=view&current=blue-screen-of-death1.jpg&sort=ascending

Now whenever I start up the computer the blue screen appears and the computer crashes before I can even get to the log on screen. I still have access to the safe mode though so I have been trying to fix things by running a few other scans such as Spybot Search and Destroy and ccleanerbut nothing is working.

I have since removed Spybot, ccleaner, and malwarebytes but still have AVG. I attempted a system restore but it failed.

Could someone please help me!

Thanks,
StuMic

Edited by hamluis, 30 September 2012 - 06:49 AM.
Moved from Vista to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:00 AM

Posted 30 September 2012 - 03:49 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 StuMic

StuMic
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:04:00 AM

Posted 30 September 2012 - 01:14 PM

Thank you for your reply.

Here is the LOG report from TDSSkiller:

09:24:26.0710 1248 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
09:24:27.0225 1248 ============================================================
09:24:27.0225 1248 Current date / time: 2012/09/30 09:24:27.0225
09:24:27.0225 1248 SystemInfo:
09:24:27.0225 1248
09:24:27.0225 1248 OS Version: 6.0.6002 ServicePack: 2.0
09:24:27.0225 1248 Product type: Workstation
09:24:27.0225 1248 ComputerName: VICTORIA-PC
09:24:27.0225 1248 UserName: Victoria
09:24:27.0225 1248 Windows directory: C:\Windows
09:24:27.0225 1248 System windows directory: C:\Windows
09:24:27.0225 1248 Running under WOW64
09:24:27.0225 1248 Processor architecture: Intel x64
09:24:27.0225 1248 Number of processors: 2
09:24:27.0225 1248 Page size: 0x1000
09:24:27.0225 1248 Boot type: Safe boot with network
09:24:27.0225 1248 ============================================================
09:24:27.0660 1248 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:24:27.0664 1248 ============================================================
09:24:27.0664 1248 \Device\Harddisk0\DR0:
09:24:27.0665 1248 MBR partitions:
09:24:27.0665 1248 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000
09:24:27.0665 1248 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x1B465170
09:24:27.0665 1248 ============================================================
09:24:27.0741 1248 C: <-> \Device\Harddisk0\DR0\Partition2
09:24:27.0776 1248 E: <-> \Device\Harddisk0\DR0\Partition1
09:24:27.0776 1248 ============================================================
09:24:27.0776 1248 Initialize success
09:24:27.0776 1248 ============================================================
09:25:01.0604 1356 ============================================================
09:25:01.0604 1356 Scan started
09:25:01.0604 1356 Mode: Manual; TDLFS;
09:25:01.0604 1356 ============================================================
09:25:01.0729 1356 ================ Scan system memory ========================
09:25:01.0729 1356 System memory - ok
09:25:01.0729 1356 ================ Scan services =============================
09:25:01.0885 1356 [ EAE3D29874F8D26E3EC9886FE6D8FBF5 ] acedrv09 C:\Windows\system32\drivers\acedrv09.sys
09:25:01.0885 1356 acedrv09 - ok
09:25:01.0916 1356 [ 1965AAFFAB07E3FB03C77F81BEBA3547 ] ACPI C:\Windows\system32\drivers\acpi.sys
09:25:01.0932 1356 ACPI - ok
09:25:01.0978 1356 [ F14215E37CF124104575073F782111D2 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
09:25:01.0978 1356 adp94xx - ok
09:25:02.0010 1356 [ 7D05A75E3066861A6610F7EE04FF085C ] adpahci C:\Windows\system32\drivers\adpahci.sys
09:25:02.0010 1356 adpahci - ok
09:25:02.0056 1356 [ 820A201FE08A0C345B3BEDBC30E1A77C ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
09:25:02.0056 1356 adpu160m - ok
09:25:02.0072 1356 [ 9B4AB6854559DC168FBB4C24FC52E794 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
09:25:02.0072 1356 adpu320 - ok
09:25:02.0119 1356 [ 0F421175574BFE0BF2F4D8E910A253BB ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
09:25:02.0119 1356 AeLookupSvc - ok
09:25:02.0212 1356 [ 9CAC9E19D71E4AF99920FCC3ECA0E3F1 ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_cce24a4c\AESTSr64.exe
09:25:02.0212 1356 AESTFilters - ok
09:25:02.0275 1356 [ 0CC146C4ADDEA45791B18B1E2659F4A9 ] AFD C:\Windows\system32\drivers\afd.sys
09:25:02.0275 1356 AFD - ok
09:25:02.0337 1356 [ F6F6793B7F17B550ECFDBD3B229173F7 ] agp440 C:\Windows\system32\drivers\agp440.sys
09:25:02.0337 1356 agp440 - ok
09:25:02.0353 1356 [ 222CB641B4B8A1D1126F8033F9FD6A00 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
09:25:02.0368 1356 aic78xx - ok
09:25:02.0384 1356 [ 5922F4F59B7868F3D74BBBBEB7B825A3 ] ALG C:\Windows\System32\alg.exe
09:25:02.0384 1356 ALG - ok
09:25:02.0384 1356 [ 9544C2C55541C0C6BFD7B489D0E7D430 ] aliide C:\Windows\system32\drivers\aliide.sys
09:25:02.0400 1356 aliide - ok
09:25:02.0400 1356 [ 970FA5059E61E30D25307B99903E991E ] amdide C:\Windows\system32\drivers\amdide.sys
09:25:02.0400 1356 amdide - ok
09:25:02.0415 1356 [ CDC3632A3A5EA4DBB83E46076A3165A1 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
09:25:02.0415 1356 AmdK8 - ok
09:25:02.0446 1356 [ 8C85C812569DF851E7A2159147323DFA ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
09:25:02.0462 1356 ApfiltrService - ok
09:25:02.0509 1356 [ 9C37B3FD5615477CB9A0CD116CF43F5C ] Appinfo C:\Windows\System32\appinfo.dll
09:25:02.0509 1356 Appinfo - ok
09:25:02.0602 1356 [ 3DEBBECF665DCDDE3A95D9B902010817 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
09:25:02.0602 1356 Apple Mobile Device - ok
09:25:02.0618 1356 [ BA8417D4765F3988FF921F30F630E303 ] arc C:\Windows\system32\drivers\arc.sys
09:25:02.0618 1356 arc - ok
09:25:02.0649 1356 [ 9D41C435619733B34CC16A511E644B11 ] arcsas C:\Windows\system32\drivers\arcsas.sys
09:25:02.0665 1356 arcsas - ok
09:25:02.0696 1356 [ 22D13FF3DAFEC2A80634752B1EAA2DE6 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
09:25:02.0696 1356 AsyncMac - ok
09:25:02.0696 1356 [ F988BB0690CD660318037908E9B8DBF7 ] atapi C:\Windows\system32\drivers\atapi.sys
09:25:02.0696 1356 atapi - ok
09:25:02.0758 1356 [ 79318C744693EC983D20E9337A2F8196 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:25:02.0758 1356 AudioEndpointBuilder - ok
09:25:02.0805 1356 [ 79318C744693EC983D20E9337A2F8196 ] AudioSrv C:\Windows\System32\Audiosrv.dll
09:25:02.0821 1356 AudioSrv - ok
09:25:02.0883 1356 [ 7C813EB232C7AEFA627A12A104DDA221 ] Automatic LiveUpdate Scheduler C:\Program Files (x86)\Symantec\LiveUpdate\AluSchedulerSvc.exe
09:25:02.0899 1356 Automatic LiveUpdate Scheduler - ok
09:25:03.0211 1356 [ 1D7D0D5D33D8B1507EC5FBFE332E5657 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
09:25:03.0367 1356 AVGIDSAgent - ok
09:25:03.0429 1356 [ 5FD4D6C35738899905E16E5284981427 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
09:25:03.0429 1356 AVGIDSDriver - ok
09:25:03.0445 1356 [ 132251CBBB95062E12FF21E212EB8FB4 ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
09:25:03.0460 1356 AVGIDSHA - ok
09:25:03.0476 1356 [ 996FCACE7A8EFD926C8BB2C70A40C83F ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
09:25:03.0492 1356 Avgldx64 - ok
09:25:03.0523 1356 [ 3E0E2D8CD63C58A37CF81704E83459DD ] Avgloga C:\Windows\system32\DRIVERS\avgloga.sys
09:25:03.0523 1356 Avgloga - ok
09:25:03.0538 1356 [ DC353C527816297BD11B13EA60C9BE75 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
09:25:03.0538 1356 Avgmfx64 - ok
09:25:03.0570 1356 [ 639CBC2F67FB25F9AB31957D9BF5CF8F ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
09:25:03.0570 1356 Avgrkx64 - ok
09:25:03.0601 1356 [ 1917293728A872BF520952F69E024FE6 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
09:25:03.0601 1356 Avgtdia - ok
09:25:03.0648 1356 [ DE24B2CA078FC6A7EAA53B1DFD3F61CF ] avgtp C:\Windows\system32\drivers\avgtpx64.sys
09:25:03.0648 1356 avgtp - ok
09:25:03.0694 1356 [ 42F11F37CC06D9AB6528AF2E215B8799 ] avgwd C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
09:25:03.0694 1356 avgwd - ok
09:25:03.0741 1356 [ A7C9995BA861FCE78B2CEAAE61D39FD7 ] BCM42RLY C:\Windows\system32\drivers\BCM42RLY.sys
09:25:03.0741 1356 BCM42RLY - ok
09:25:03.0835 1356 [ D32F962B71FEE6BDAAEE630BB2C17280 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
09:25:03.0850 1356 BCM43XX - ok
09:25:03.0913 1356 [ FFB96C2589FFA60473EAD78B39FBDE29 ] BFE C:\Windows\System32\bfe.dll
09:25:03.0928 1356 BFE - ok
09:25:03.0960 1356 [ 6D316F4859634071CC25C4FD4589AD2C ] BITS C:\Windows\System32\qmgr.dll
09:25:04.0069 1356 BITS - ok
09:25:04.0100 1356 [ 79FEEB40056683F8F61398D81DDA65D2 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
09:25:04.0116 1356 blbdrive - ok
09:25:04.0194 1356 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
09:25:04.0209 1356 Bonjour Service - ok
09:25:04.0256 1356 [ 2348447A80920B2493A9B582A23E81E1 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
09:25:04.0256 1356 bowser - ok
09:25:04.0287 1356 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
09:25:04.0287 1356 BrFiltLo - ok
09:25:04.0287 1356 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
09:25:04.0287 1356 BrFiltUp - ok
09:25:04.0318 1356 [ A1B39DE453433B115B4EA69EE0343816 ] Browser C:\Windows\System32\browser.dll
09:25:04.0318 1356 Browser - ok
09:25:04.0350 1356 [ F0F0BA4D815BE446AA6A4583CA3BCA9B ] Brserid C:\Windows\system32\drivers\brserid.sys
09:25:04.0350 1356 Brserid - ok
09:25:04.0381 1356 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
09:25:04.0381 1356 BrSerWdm - ok
09:25:04.0396 1356 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
09:25:04.0396 1356 BrUsbMdm - ok
09:25:04.0428 1356 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
09:25:04.0428 1356 BrUsbSer - ok
09:25:04.0428 1356 [ E0777B34E05F8A82A21856EFC900C29F ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
09:25:04.0428 1356 BTHMODEM - ok
09:25:04.0459 1356 [ B4D787DB8D30793A4D4DF9FEED18F136 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
09:25:04.0459 1356 cdfs - ok
09:25:04.0474 1356 [ C025AA69BE3D0D25C7A2E746EF6F94FC ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
09:25:04.0474 1356 cdrom - ok
09:25:04.0521 1356 [ 5A268127633C7EE2A7FB87F39D748D56 ] CertPropSvc C:\Windows\System32\certprop.dll
09:25:04.0521 1356 CertPropSvc - ok
09:25:04.0568 1356 [ 02EA568D498BBDD4BA55BF3FCE34D456 ] circlass C:\Windows\system32\drivers\circlass.sys
09:25:04.0568 1356 circlass - ok
09:25:04.0599 1356 [ 3DCA9A18B204939CFB24BEA53E31EB48 ] CLFS C:\Windows\system32\CLFS.sys
09:25:04.0615 1356 CLFS - ok
09:25:04.0693 1356 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:25:04.0693 1356 clr_optimization_v2.0.50727_32 - ok
09:25:04.0740 1356 [ CE07A466201096F021CD09D631B21540 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:25:04.0740 1356 clr_optimization_v2.0.50727_64 - ok
09:25:04.0833 1356 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:25:04.0864 1356 clr_optimization_v4.0.30319_32 - ok
09:25:04.0880 1356 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:25:04.0896 1356 clr_optimization_v4.0.30319_64 - ok
09:25:04.0927 1356 [ B52D9A14CE4101577900A364BA86F3DF ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
09:25:04.0927 1356 CmBatt - ok
09:25:04.0958 1356 [ E5D5499A1C50A54B5161296B6AFE6192 ] cmdide C:\Windows\system32\drivers\cmdide.sys
09:25:04.0958 1356 cmdide - ok
09:25:04.0989 1356 [ 7FB8AD01DB0EABE60C8A861531A8F431 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
09:25:04.0989 1356 Compbatt - ok
09:25:04.0989 1356 COMSysApp - ok
09:25:05.0052 1356 [ A8585B6412253803CE8EFCBD6D6DC15C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
09:25:05.0052 1356 crcdisk - ok
09:25:05.0098 1356 [ 18918613E63F387CDE4D95CA7D49DCF7 ] CryptSvc C:\Windows\system32\cryptsvc.dll
09:25:05.0098 1356 CryptSvc - ok
09:25:05.0145 1356 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] DcomLaunch C:\Windows\system32\rpcss.dll
09:25:05.0176 1356 DcomLaunch - ok
09:25:05.0192 1356 [ 8B722BA35205C71E7951CDC4CDBADE19 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
09:25:05.0192 1356 DfsC - ok
09:25:05.0301 1356 [ C647F468F7DE343DF8C143655C5557D4 ] DFSR C:\Windows\system32\DFSR.exe
09:25:05.0379 1356 DFSR - ok
09:25:05.0426 1356 [ 3ED0321127CE70ACDAABBF77E157C2A7 ] Dhcp C:\Windows\System32\dhcpcsvc.dll
09:25:05.0442 1356 Dhcp - ok
09:25:05.0473 1356 [ B0107E40ECDB5FA692EBF832F295D905 ] disk C:\Windows\system32\drivers\disk.sys
09:25:05.0473 1356 disk - ok
09:25:05.0535 1356 [ 06230F1B721494A6DF8D47FD395BB1B0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
09:25:05.0535 1356 Dnscache - ok
09:25:05.0613 1356 [ 0840ABBBDF438691EE65A20040635CBE ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
09:25:05.0613 1356 DockLoginService - ok
09:25:05.0644 1356 [ 1A7156DD1E850E9914E5E991E3225B94 ] dot3svc C:\Windows\System32\dot3svc.dll
09:25:05.0660 1356 dot3svc - ok
09:25:05.0691 1356 [ 1583B39790DB3EAEC7EDB0CB0140C708 ] DPS C:\Windows\system32\dps.dll
09:25:05.0691 1356 DPS - ok
09:25:05.0738 1356 [ F1A78A98CFC2EE02144C6BEC945447E6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
09:25:05.0738 1356 drmkaud - ok
09:25:05.0785 1356 [ E828CDCA431D1F98D33501DFC390079A ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
09:25:05.0800 1356 DXGKrnl - ok
09:25:05.0863 1356 [ 17D40652EF3E55EEAE187A89DF40965A ] e1express C:\Windows\system32\DRIVERS\e1e6032e.sys
09:25:05.0878 1356 e1express - ok
09:25:05.0910 1356 [ 264CEE7B031A9D6C827F3D0CB031F2FE ] E1G60 C:\Windows\system32\DRIVERS\E1G6032E.sys
09:25:05.0910 1356 E1G60 - ok
09:25:05.0925 1356 [ C2303883FD9BE49DC36A6400643002EA ] EapHost C:\Windows\System32\eapsvc.dll
09:25:05.0925 1356 EapHost - ok
09:25:05.0956 1356 [ 5F94962BE5A62DB6E447FF6470C4F48A ] Ecache C:\Windows\system32\drivers\ecache.sys
09:25:05.0972 1356 Ecache - ok
09:25:06.0034 1356 [ 066108AE4C35835081598827A1A7D08D ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
09:25:06.0050 1356 eeCtrl - ok
09:25:06.0112 1356 [ 14CE384D2E27B64C256BDA4DC39C312D ] ehRecvr C:\Windows\ehome\ehRecvr.exe
09:25:06.0128 1356 ehRecvr - ok
09:25:06.0144 1356 [ B93159C1313D66FDFBBE876F5189CD52 ] ehSched C:\Windows\ehome\ehsched.exe
09:25:06.0144 1356 ehSched - ok
09:25:06.0175 1356 [ F5EE2527D74449868E3C3227A59BCD28 ] ehstart C:\Windows\ehome\ehstart.dll
09:25:06.0175 1356 ehstart - ok
09:25:06.0222 1356 [ C4636D6E10469404AB5308D9FD45ED07 ] elxstor C:\Windows\system32\drivers\elxstor.sys
09:25:06.0222 1356 elxstor - ok
09:25:06.0253 1356 [ A9B18B63A4FD6BAAB83326706D857FAB ] EMDMgmt C:\Windows\system32\emdmgmt.dll
09:25:06.0253 1356 EMDMgmt - ok
09:25:06.0284 1356 [ 991FAB6AA066E1214EFB5B496FB7959A ] ErrDev C:\Windows\system32\drivers\errdev.sys
09:25:06.0284 1356 ErrDev - ok
09:25:06.0331 1356 [ E12F22B73F153DECE721CD45EC05B4AF ] EventSystem C:\Windows\system32\es.dll
09:25:06.0331 1356 EventSystem - ok
09:25:06.0362 1356 [ 486844F47B6636044A42454614ED4523 ] exfat C:\Windows\system32\drivers\exfat.sys
09:25:06.0378 1356 exfat - ok
09:25:06.0471 1356 Fabs - ok
09:25:06.0502 1356 [ 1A4BEE34277784619DDAF0422C0C6E23 ] fastfat C:\Windows\system32\drivers\fastfat.sys
09:25:06.0518 1356 fastfat - ok
09:25:06.0534 1356 [ 81B79B6DF71FA1D2C6D688D830616E39 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
09:25:06.0534 1356 fdc - ok
09:25:06.0565 1356 [ BB9267ACACD8B7533DD936C34A0CBA5E ] fdPHost C:\Windows\system32\fdPHost.dll
09:25:06.0565 1356 fdPHost - ok
09:25:06.0580 1356 [ 300C80931EABBE1DB7591C516EFE8D0F ] FDResPub C:\Windows\system32\fdrespub.dll
09:25:06.0580 1356 FDResPub - ok
09:25:06.0596 1356 [ 457B7D1D533E4BD62A99AED9C7BB4C59 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
09:25:06.0596 1356 FileInfo - ok
09:25:06.0612 1356 [ D421327FD6EFCCAF884A54C58E1B0D7F ] Filetrace C:\Windows\system32\drivers\filetrace.sys
09:25:06.0612 1356 Filetrace - ok
09:25:06.0705 1356 [ 167D24A045499EBEF438F231976158DF ] FirebirdServerMAGIXInstance C:\Program Files (x86)\MAGIX\Common\Database\bin\fbserver.exe
09:25:06.0752 1356 FirebirdServerMAGIXInstance - ok
09:25:06.0768 1356 [ 230923EA2B80F79B0F88D90F87B87EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
09:25:06.0768 1356 flpydisk - ok
09:25:06.0799 1356 [ E3041BC26D6930D61F42AEDB79C91720 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
09:25:06.0799 1356 FltMgr - ok
09:25:06.0846 1356 [ BC5B0BE5AF3510B0FD8C140EE42C6D3E ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:25:06.0861 1356 FontCache3.0.0.0 - ok
09:25:06.0877 1356 [ 29D99E860A1CA0A03C6A733FDD0DA703 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
09:25:06.0877 1356 Fs_Rec - ok
09:25:06.0892 1356 [ C8E416668D3DC2BE3D4FE4C79224997F ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
09:25:06.0892 1356 gagp30kx - ok
09:25:06.0939 1356 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
09:25:06.0939 1356 GEARAspiWDM - ok
09:25:06.0986 1356 [ A0E1B575BA8F504968CD40C0FAEB2384 ] gpsvc C:\Windows\System32\gpsvc.dll
09:25:07.0002 1356 gpsvc - ok
09:25:07.0080 1356 [ 626A24ED1228580B9518C01930936DF9 ] gupdate1c9ff903df66060 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:25:07.0080 1356 gupdate1c9ff903df66060 - ok
09:25:07.0095 1356 [ 626A24ED1228580B9518C01930936DF9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:25:07.0095 1356 gupdatem - ok
09:25:07.0126 1356 [ 408DDD80EEDE47175F6844817B90213E ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
09:25:07.0126 1356 gusvc - ok
09:25:07.0158 1356 [ F942C5820205F2FB453243EDFEC82A3D ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
09:25:07.0189 1356 HDAudBus - ok
09:25:07.0220 1356 [ B4881C84A180E75B8C25DC1D726C375F ] HidBth C:\Windows\system32\drivers\hidbth.sys
09:25:07.0220 1356 HidBth - ok
09:25:07.0236 1356 [ 4E77A77E2C986E8F88F996BB3E1AD829 ] HidIr C:\Windows\system32\drivers\hidir.sys
09:25:07.0236 1356 HidIr - ok
09:25:07.0267 1356 [ 59361D38A297755D46A540E450202B2A ] hidserv C:\Windows\system32\hidserv.dll
09:25:07.0267 1356 hidserv - ok
09:25:07.0314 1356 [ 443BDD2D30BB4F00795C797E2CF99EDF ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
09:25:07.0314 1356 HidUsb - ok
09:25:07.0329 1356 [ B12F367EA39C0795FD57E31242CE1A5A ] hkmsvc C:\Windows\system32\kmsvc.dll
09:25:07.0329 1356 hkmsvc - ok
09:25:07.0360 1356 [ D7109A1E6BD2DFDBCBA72A6BC626A13B ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
09:25:07.0360 1356 HpCISSs - ok
09:25:07.0407 1356 [ 098F1E4E5C9CB5B0063A959063631610 ] HTTP C:\Windows\system32\drivers\HTTP.sys
09:25:07.0423 1356 HTTP - ok
09:25:07.0438 1356 [ DA94C854CEA5FAC549D4E1F6E88349E8 ] i2omp C:\Windows\system32\drivers\i2omp.sys
09:25:07.0438 1356 i2omp - ok
09:25:07.0470 1356 [ CBB597659A2713CE0C9CC20C88C7591F ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
09:25:07.0470 1356 i8042prt - ok
09:25:07.0516 1356 [ 7B96206E4BDD2FE582F0DBC46F5F410E ] IAANTMON C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
09:25:07.0516 1356 IAANTMON - ok
09:25:07.0563 1356 [ 07FB761600EFF44AF02C35B8B57E5863 ] iaStor C:\Windows\system32\drivers\iastor.sys
09:25:07.0563 1356 iaStor - ok
09:25:07.0579 1356 [ 3E3BF3627D886736D0B4E90054F929F6 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
09:25:07.0594 1356 iaStorV - ok
09:25:07.0641 1356 [ 749F5F8CEDCA70F2A512945325FC489D ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:25:07.0657 1356 idsvc - ok
09:25:07.0875 1356 [ D4A887F145E96FA9F08C1D1D67EA6546 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
09:25:08.0016 1356 igfx - ok
09:25:08.0047 1356 [ 8C3951AD2FE886EF76C7B5027C3125D3 ] iirsp C:\Windows\system32\drivers\iirsp.sys
09:25:08.0047 1356 iirsp - ok
09:25:08.0094 1356 [ 0C9EA6E654E7B0471741E343A6C671AF ] IKEEXT C:\Windows\System32\ikeext.dll
09:25:08.0109 1356 IKEEXT - ok
09:25:08.0125 1356 [ DF797A12176F11B2D301C5B234BB200E ] intelide C:\Windows\system32\drivers\intelide.sys
09:25:08.0125 1356 intelide - ok
09:25:08.0140 1356 [ BFD84AF32FA1BAD6231C4585CB469630 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
09:25:08.0140 1356 intelppm - ok
09:25:08.0156 1356 [ 5624BC1BC5EEB49C0AB76A8114F05EA3 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
09:25:08.0172 1356 IPBusEnum - ok
09:25:08.0187 1356 [ D8AABC341311E4780D6FCE8C73C0AD81 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:25:08.0187 1356 IpFilterDriver - ok
09:25:08.0218 1356 [ BF0DBFA9792C5C14FA00F61C75116C1B ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
09:25:08.0234 1356 iphlpsvc - ok
09:25:08.0234 1356 IpInIp - ok
09:25:08.0265 1356 [ 9C2EE2E6E5A7203BFAE15C299475EC67 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
09:25:08.0265 1356 IPMIDRV - ok
09:25:08.0281 1356 [ B7E6212F581EA5F6AB0C3A6CEEEB89BE ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
09:25:08.0296 1356 IPNAT - ok
09:25:08.0343 1356 [ EE4C2A137C7088911A8919EFFC9812E7 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
09:25:08.0390 1356 iPod Service - ok
09:25:08.0406 1356 [ 8C42CA155343A2F11D29FECA67FAA88D ] IRENUM C:\Windows\system32\drivers\irenum.sys
09:25:08.0406 1356 IRENUM - ok
09:25:08.0421 1356 [ 0672BFCEDC6FC468A2B0500D81437F4F ] isapnp C:\Windows\system32\drivers\isapnp.sys
09:25:08.0421 1356 isapnp - ok
09:25:08.0452 1356 [ E4FDF99599F27EC25D2CF6D754243520 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
09:25:08.0452 1356 iScsiPrt - ok
09:25:08.0468 1356 [ 63C766CDC609FF8206CB447A65ABBA4A ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
09:25:08.0484 1356 iteatapi - ok
09:25:08.0499 1356 [ 1281FE73B17664631D12F643CBEA3F59 ] iteraid C:\Windows\system32\drivers\iteraid.sys
09:25:08.0499 1356 iteraid - ok
09:25:08.0515 1356 [ 423696F3BA6472DD17699209B933BC26 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
09:25:08.0515 1356 kbdclass - ok
09:25:08.0546 1356 [ BF8783A5066CFECF45095459E8010FA7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
09:25:08.0546 1356 kbdhid - ok
09:25:08.0577 1356 [ 40348DCEC0712ED42231C5F90A69A690 ] KeyIso C:\Windows\system32\lsass.exe
09:25:08.0577 1356 KeyIso - ok
09:25:08.0624 1356 [ 476E2C1DCEA45895994BEF11C2A98715 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
09:25:08.0640 1356 KSecDD - ok
09:25:08.0671 1356 [ 1D419CF43DB29396ECD7113D129D94EB ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
09:25:08.0671 1356 ksthunk - ok
09:25:08.0718 1356 [ 1FAF6926F3416D3DA05C5B265491BDAE ] KtmRm C:\Windows\system32\msdtckrm.dll
09:25:08.0733 1356 KtmRm - ok
09:25:08.0764 1356 [ 50C7A3CB427E9BB5ED0708A669956AB5 ] LanmanServer C:\Windows\system32\srvsvc.dll
09:25:08.0780 1356 LanmanServer - ok
09:25:08.0827 1356 [ CAF86FC1388BE1E470F1A7B43E348ADB ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:25:08.0827 1356 LanmanWorkstation - ok
09:25:08.0920 1356 [ 63ED50A6ED61829C2DEF5B733D258A05 ] LiveUpdate C:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_4.EXE
09:25:08.0983 1356 LiveUpdate - ok
09:25:08.0998 1356 [ 96ECE2659B6654C10A0C310AE3A6D02C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
09:25:09.0014 1356 lltdio - ok
09:25:09.0045 1356 [ 961CCBD0B1CCB5675D64976FAE37D092 ] lltdsvc C:\Windows\System32\lltdsvc.dll
09:25:09.0045 1356 lltdsvc - ok
09:25:09.0061 1356 [ A47F8080CACC23C91FE823AD19AA5612 ] lmhosts C:\Windows\System32\lmhsvc.dll
09:25:09.0061 1356 lmhosts - ok
09:25:09.0092 1356 [ ACBE1AF32D3123E330A07BFBC5EC4A9B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
09:25:09.0092 1356 LSI_FC - ok
09:25:09.0123 1356 [ 799FFB2FC4729FA46D2157C0065B3525 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
09:25:09.0123 1356 LSI_SAS - ok
09:25:09.0139 1356 [ F445FF1DAAD8A226366BFAF42551226B ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
09:25:09.0139 1356 LSI_SCSI - ok
09:25:09.0154 1356 [ 52F87B9CC8932C2A7375C3B2A9BE5E3E ] luafv C:\Windows\system32\drivers\luafv.sys
09:25:09.0154 1356 luafv - ok
09:25:09.0186 1356 MAUSBPRODUCER - ok
09:25:09.0201 1356 MBAMProtector - ok
09:25:09.0201 1356 MBAMScheduler - ok
09:25:09.0217 1356 MBAMService - ok
09:25:09.0232 1356 McComponentHostService - ok
09:25:09.0248 1356 [ 76A58DF02BD4EA29F189B82D0BEF17F8 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
09:25:09.0248 1356 Mcx2Svc - ok
09:25:09.0279 1356 [ 5C5CD6AACED32FB26C3FB34B3DCF972F ] megasas C:\Windows\system32\drivers\megasas.sys
09:25:09.0279 1356 megasas - ok
09:25:09.0326 1356 [ 859BC2436B076C77C159ED694ACFE8F8 ] MegaSR C:\Windows\system32\drivers\megasr.sys
09:25:09.0326 1356 MegaSR - ok
09:25:09.0357 1356 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] MMCSS C:\Windows\system32\mmcss.dll
09:25:09.0357 1356 MMCSS - ok
09:25:09.0373 1356 [ 59848D5CC74606F0EE7557983BB73C2E ] Modem C:\Windows\system32\drivers\modem.sys
09:25:09.0373 1356 Modem - ok
09:25:09.0388 1356 [ C247CC2A57E0A0C8C6DCCF7807B3E9E5 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
09:25:09.0404 1356 monitor - ok
09:25:09.0404 1356 [ 9367304E5E412B120CF5F4EA14E4E4F1 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
09:25:09.0404 1356 mouclass - ok
09:25:09.0435 1356 [ C2C2BD5C5CE5AAF786DDD74B75D2AC69 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
09:25:09.0435 1356 mouhid - ok
09:25:09.0451 1356 [ 11BC9B1E8801B01F7F6ADB9EAD30019B ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
09:25:09.0451 1356 MountMgr - ok
09:25:09.0482 1356 [ F8276EB8698142884498A528DFEA8478 ] mpio C:\Windows\system32\drivers\mpio.sys
09:25:09.0482 1356 mpio - ok
09:25:09.0498 1356 [ C92B9ABDB65A5991E00C28F13491DBA2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
09:25:09.0498 1356 mpsdrv - ok
09:25:09.0544 1356 [ 897E3BAF68BA406A61682AE39C83900C ] MpsSvc C:\Windows\system32\mpssvc.dll
09:25:09.0560 1356 MpsSvc - ok
09:25:09.0591 1356 [ 3C200630A89EF2C0864D515B7A75802E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
09:25:09.0607 1356 Mraid35x - ok
09:25:09.0638 1356 [ 7C1DE4AA96DC0C071611F9E7DE02A68D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
09:25:09.0638 1356 MRxDAV - ok
09:25:09.0669 1356 [ 1485811B320FF8C7EDAD1CAEBB1C6C2B ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
09:25:09.0669 1356 mrxsmb - ok
09:25:09.0700 1356 [ 3B929A60C833FC615FD97FBA82BC7632 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:25:09.0716 1356 mrxsmb10 - ok
09:25:09.0732 1356 [ C64AB3E1F53B4F5B5BB6D796B2D7BEC3 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:25:09.0732 1356 mrxsmb20 - ok
09:25:09.0747 1356 [ 730B784962D22D2C6481EAE2370E7C8C ] msahci C:\Windows\system32\drivers\msahci.sys
09:25:09.0747 1356 msahci - ok
09:25:09.0794 1356 [ 264BBB4AAF312A485F0E44B65A6B7202 ] msdsm C:\Windows\system32\drivers\msdsm.sys
09:25:09.0794 1356 msdsm - ok
09:25:09.0810 1356 [ 7EC02CE772F068ED0BEAFA3DA341A9BC ] MSDTC C:\Windows\System32\msdtc.exe
09:25:09.0825 1356 MSDTC - ok
09:25:09.0872 1356 [ 704F59BFC4512D2BB0146AEC31B10A7C ] Msfs C:\Windows\system32\drivers\Msfs.sys
09:25:09.0872 1356 Msfs - ok
09:25:09.0903 1356 [ 00EBC952961664780D43DCA157E79B27 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
09:25:09.0903 1356 msisadrv - ok
09:25:09.0919 1356 [ 366B0C1F4478B519C181E37D43DCDA32 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
09:25:09.0934 1356 MSiSCSI - ok
09:25:09.0934 1356 msiserver - ok
09:25:09.0981 1356 [ 0EA73E498F53B96D83DBFCA074AD4CF8 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
09:25:09.0981 1356 MSKSSRV - ok
09:25:09.0997 1356 [ 52E59B7E992A58E740AA63F57EDBAE8B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
09:25:09.0997 1356 MSPCLOCK - ok
09:25:10.0012 1356 [ 49084A75BAE043AE02D5B44D02991BB2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
09:25:10.0012 1356 MSPQM - ok
09:25:10.0044 1356 [ DC6CCF440CDEDE4293DB41C37A5060A5 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
09:25:10.0059 1356 MsRPC - ok
09:25:10.0075 1356 [ 855796E59DF77EA93AF46F20155BF55B ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
09:25:10.0075 1356 mssmbios - ok
09:25:10.0090 1356 [ 86D632D75D05D5B7C7C043FA3564AE86 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
09:25:10.0090 1356 MSTEE - ok
09:25:10.0106 1356 [ 0CC49F78D8ACA0877D885F149084E543 ] Mup C:\Windows\system32\Drivers\mup.sys
09:25:10.0106 1356 Mup - ok
09:25:10.0137 1356 MyWebSearchService - ok
09:25:10.0168 1356 [ A5B10C845E7538C60C0F5D87A57CB3F5 ] napagent C:\Windows\system32\qagentRT.dll
09:25:10.0184 1356 napagent - ok
09:25:10.0215 1356 [ 2007B826C4ACD94AE32232B41F0842B9 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
09:25:10.0231 1356 NativeWifiP - ok
09:25:10.0262 1356 [ 65950E07329FCEE8E6516B17C8D0ABB6 ] NDIS C:\Windows\system32\drivers\ndis.sys
09:25:10.0293 1356 NDIS - ok
09:25:10.0309 1356 [ 64DF698A425478E321981431AC171334 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
09:25:10.0309 1356 NdisTapi - ok
09:25:10.0324 1356 [ 8BAA43196D7B5BB972C9A6B2BBF61A19 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
09:25:10.0324 1356 Ndisuio - ok
09:25:10.0356 1356 [ F8158771905260982CE724076419EF19 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
09:25:10.0356 1356 NdisWan - ok
09:25:10.0371 1356 [ 9CB77ED7CB72850253E973A2D6AFDF49 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
09:25:10.0371 1356 NDProxy - ok
09:25:10.0402 1356 [ A499294F5029A7862ADC115BDA7371CE ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
09:25:10.0402 1356 NetBIOS - ok
09:25:10.0434 1356 [ FC2C792EBDDC8E28DF939D6A92C83D61 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
09:25:10.0434 1356 netbt - ok
09:25:10.0465 1356 [ 40348DCEC0712ED42231C5F90A69A690 ] Netlogon C:\Windows\system32\lsass.exe
09:25:10.0465 1356 Netlogon - ok
09:25:10.0496 1356 [ 9B63B29DEFC0F3115A559D2597BF5D75 ] Netman C:\Windows\System32\netman.dll
09:25:10.0496 1356 Netman - ok
09:25:10.0527 1356 [ 7846D0136CC2B264926A73047BA7688A ] netprofm C:\Windows\System32\netprofm.dll
09:25:10.0527 1356 netprofm - ok
09:25:10.0558 1356 [ 74751DDA198165947FD7454D83F49825 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:25:10.0558 1356 NetTcpPortSharing - ok
09:25:10.0574 1356 [ 4AC08BD6AF2DF42E0C3196D826C8AEA7 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
09:25:10.0574 1356 nfrd960 - ok
09:25:10.0605 1356 [ F145BF4C4668E7E312069F81EF847CFC ] NlaSvc C:\Windows\System32\nlasvc.dll
09:25:10.0605 1356 NlaSvc - ok
09:25:10.0636 1356 [ B298874F8E0EA93F06EC40AA8D146478 ] Npfs C:\Windows\system32\drivers\Npfs.sys
09:25:10.0636 1356 Npfs - ok
09:25:10.0668 1356 [ ACB62BAA1C319B17752553DF3026EEEB ] nsi C:\Windows\system32\nsisvc.dll
09:25:10.0668 1356 nsi - ok
09:25:10.0668 1356 [ 1523AF19EE8B030BA682F7A53537EAEB ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
09:25:10.0668 1356 nsiproxy - ok
09:25:10.0730 1356 [ BAC869DFB98E499BA4D9BB1FB43270E1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
09:25:10.0761 1356 Ntfs - ok
09:25:10.0917 1356 [ D4012918D3A3847B44B888D56BC095D6 ] NuidFltr C:\Windows\system32\DRIVERS\NuidFltr.sys
09:25:10.0917 1356 NuidFltr - ok
09:25:10.0933 1356 [ DD5D684975352B85B52E3FD5347C20CB ] Null C:\Windows\system32\drivers\Null.sys
09:25:10.0933 1356 Null - ok
09:25:10.0980 1356 [ 2C040B7ADA5B06F6FACADAC8514AA034 ] nvraid C:\Windows\system32\drivers\nvraid.sys
09:25:10.0980 1356 nvraid - ok
09:25:11.0136 1356 [ F7EA0FE82842D05EDA3EFDD376DBFDBA ] nvstor C:\Windows\system32\drivers\nvstor.sys
09:25:11.0136 1356 nvstor - ok
09:25:11.0182 1356 [ 19067CA93075EF4823E3938A686F532F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
09:25:11.0182 1356 nv_agp - ok
09:25:11.0198 1356 NwlnkFlt - ok
09:25:11.0214 1356 NwlnkFwd - ok
09:25:11.0292 1356 [ 706F5504AF9F28C8641DAB5EDDFDE03B ] OA009Ufd C:\Windows\system32\DRIVERS\OA009Ufd.sys
09:25:11.0292 1356 OA009Ufd - ok
09:25:11.0307 1356 [ 4BB946D5A9BC62B45D58108D29AE2E7D ] OA009Vid C:\Windows\system32\DRIVERS\OA009Vid.sys
09:25:11.0307 1356 OA009Vid - ok
09:25:11.0385 1356 [ 7B58953E2F263421FDBB09A192712A85 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
09:25:11.0385 1356 ohci1394 - ok
09:25:11.0448 1356 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2pimsvc C:\Windows\system32\p2psvc.dll
09:25:11.0479 1356 p2pimsvc - ok
09:25:11.0494 1356 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2psvc C:\Windows\system32\p2psvc.dll
09:25:11.0494 1356 p2psvc - ok
09:25:11.0541 1356 [ AECD57F94C887F58919F307C35498EA0 ] Parport C:\Windows\system32\drivers\parport.sys
09:25:11.0541 1356 Parport - ok
09:25:11.0604 1356 [ F9B5EDA4C17A2BE7663F064DBF0FE254 ] partmgr C:\Windows\system32\drivers\partmgr.sys
09:25:11.0604 1356 partmgr - ok
09:25:11.0635 1356 [ 9AB157B374192FF276C1628FBDBA2B0E ] PcaSvc C:\Windows\System32\pcasvc.dll
09:25:11.0635 1356 PcaSvc - ok
09:25:11.0822 1356 [ 58C1CD52347C4835DC3606CD4723F426 ] PCD5SRVC{048DBD20-445E8C82-05040104} C:\PROGRA~2\DELLSU~1\HWDiag\bin\PCD5SRVC_x64.pkms
09:25:11.0900 1356 PCD5SRVC{048DBD20-445E8C82-05040104} - ok
09:25:11.0947 1356 [ 47AB1E0FC9D0E12BB53BA246E3A0906D ] pci C:\Windows\system32\drivers\pci.sys
09:25:11.0947 1356 pci - ok
09:25:11.0978 1356 [ 8D618C829034479985A9ED56106CC732 ] pciide C:\Windows\system32\drivers\pciide.sys
09:25:11.0994 1356 pciide - ok
09:25:12.0009 1356 [ 037661F3D7C507C9993B7010CEEE6288 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
09:25:12.0009 1356 pcmcia - ok
09:25:12.0040 1356 [ 58865916F53592A61549B04941BFD80D ] PEAUTH C:\Windows\system32\drivers\peauth.sys
09:25:12.0072 1356 PEAUTH - ok
09:25:12.0212 1356 [ 0ED8727EA0172860F47258456C06CAEA ] PerfHost C:\Windows\SysWow64\perfhost.exe
09:25:12.0274 1356 PerfHost - ok
09:25:12.0368 1356 [ E9E68C1A0F25CF4A7AC966EEA74EE89E ] pla C:\Windows\system32\pla.dll
09:25:12.0399 1356 pla - ok
09:25:12.0430 1356 [ FE6B0F59215C9FD9F9D26539C58C8B82 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
09:25:12.0446 1356 PlugPlay - ok
09:25:12.0540 1356 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
09:25:12.0555 1356 PNRPAutoReg - ok
09:25:12.0586 1356 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPsvc C:\Windows\system32\p2psvc.dll
09:25:12.0586 1356 PNRPsvc - ok
09:25:12.0633 1356 [ 89A5560671C2D8B4A4B51F3E1AA069D8 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
09:25:12.0633 1356 PolicyAgent - ok
09:25:12.0696 1356 [ 23386E9952025F5F21C368971E2E7301 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
09:25:12.0696 1356 PptpMiniport - ok
09:25:12.0727 1356 [ 5080E59ECEE0BC923F14018803AA7A01 ] Processor C:\Windows\system32\drivers\processr.sys
09:25:12.0727 1356 Processor - ok
09:25:12.0789 1356 [ E058CE4FC2449D8BFA14739C83B7FF2A ] ProfSvc C:\Windows\system32\profsvc.dll
09:25:12.0789 1356 ProfSvc - ok
09:25:12.0852 1356 [ 40348DCEC0712ED42231C5F90A69A690 ] ProtectedStorage C:\Windows\system32\lsass.exe
09:25:12.0852 1356 ProtectedStorage - ok
09:25:12.0898 1356 [ C5AB7F0809392D0DA027F4A2A81BFA31 ] PSched C:\Windows\system32\DRIVERS\pacer.sys
09:25:12.0898 1356 PSched - ok
09:25:12.0945 1356 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
09:25:12.0945 1356 PxHlpa64 - ok
09:25:12.0992 1356 [ 0B83F4E681062F3839BE2EC1D98FD94A ] ql2300 C:\Windows\system32\drivers\ql2300.sys
09:25:13.0023 1356 ql2300 - ok
09:25:13.0070 1356 [ E1C80F8D4D1E39EF9595809C1369BF2A ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
09:25:13.0070 1356 ql40xx - ok
09:25:13.0117 1356 [ 90574842C3DA781E279061A3EFF91F07 ] QWAVE C:\Windows\system32\qwave.dll
09:25:13.0117 1356 QWAVE - ok
09:25:13.0195 1356 [ E8D76EDAB77EC9C634C27B8EAC33ADC5 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
09:25:13.0195 1356 QWAVEdrv - ok
09:25:13.0304 1356 [ 2A09A6B271D1F50ADF5E33B37D460DE6 ] R300 C:\Windows\system32\DRIVERS\atikmdag.sys
09:25:13.0382 1356 R300 - ok
09:25:13.0429 1356 [ 1013B3B663A56D3DDD784F581C1BD005 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
09:25:13.0429 1356 RasAcd - ok
09:25:13.0476 1356 [ B2AE18F847D07F0044404DDF7CB04497 ] RasAuto C:\Windows\System32\rasauto.dll
09:25:13.0476 1356 RasAuto - ok
09:25:13.0507 1356 [ AC7BC4D42A7E558718DFDEC599BBFC2C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
09:25:13.0507 1356 Rasl2tp - ok
09:25:13.0522 1356 [ 3AD83E4046C43BE510DE681588ACB8AF ] RasMan C:\Windows\System32\rasmans.dll
09:25:13.0522 1356 RasMan - ok
09:25:13.0569 1356 [ 4517FBF8B42524AFE4EDE1DE102AAE3E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
09:25:13.0569 1356 RasPppoe - ok
09:25:13.0600 1356 [ C6A593B51F34C33E5474539544072527 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
09:25:13.0600 1356 RasSstp - ok
09:25:13.0647 1356 [ 322DB5C6B55E8D8EE8D6F358B2AAABB1 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
09:25:13.0647 1356 rdbss - ok
09:25:13.0678 1356 [ 603900CC05F6BE65CCBF373800AF3716 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
09:25:13.0678 1356 RDPCDD - ok
09:25:13.0710 1356 [ C045D1FB111C28DF0D1BE8D4BDA22C06 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
09:25:13.0710 1356 rdpdr - ok
09:25:13.0725 1356 [ CAB9421DAF3D97B33D0D055858E2C3AB ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
09:25:13.0725 1356 RDPENCDD - ok
09:25:13.0756 1356 [ B1D741C87CEA8D7282146366CC9C3F81 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
09:25:13.0756 1356 RDPWD - ok
09:25:13.0819 1356 [ C612B9557DA73F70D41F8A6FBC8E5344 ] RemoteAccess C:\Windows\System32\mprdim.dll
09:25:13.0819 1356 RemoteAccess - ok
09:25:13.0850 1356 [ 44B9D8EC2F3EF3A0EFB00857AF70D861 ] RemoteRegistry C:\Windows\system32\regsvc.dll
09:25:13.0866 1356 RemoteRegistry - ok
09:25:13.0897 1356 [ 5790BCA445CC40DF8B38C2C48608AAC2 ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys
09:25:13.0897 1356 RimUsb - ok
09:25:13.0928 1356 [ F46C457840D4B7A4DAAFEE739CE04102 ] RpcLocator C:\Windows\system32\locator.exe
09:25:13.0928 1356 RpcLocator - ok
09:25:13.0959 1356 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] RpcSs C:\Windows\system32\rpcss.dll
09:25:13.0975 1356 RpcSs - ok
09:25:13.0990 1356 [ 22A9CB08B1A6707C1550C6BF099AAE73 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
09:25:13.0990 1356 rspndr - ok
09:25:14.0006 1356 [ BA9306C027A92A7ED685F7C6E2D2B00B ] RTSTOR C:\Windows\system32\drivers\RTSTOR64.SYS
09:25:14.0006 1356 RTSTOR - ok
09:25:14.0022 1356 [ 40348DCEC0712ED42231C5F90A69A690 ] SamSs C:\Windows\system32\lsass.exe
09:25:14.0022 1356 SamSs - ok
09:25:14.0053 1356 [ CD9C693589C60AD59BBBCFB0E524E01B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
09:25:14.0053 1356 sbp2port - ok
09:25:14.0084 1356 [ FD1CDCF108D5EF3366F00D18B70FB89B ] SCardSvr C:\Windows\System32\SCardSvr.dll
09:25:14.0100 1356 SCardSvr - ok
09:25:14.0146 1356 [ 0F838C811AD295D2A4489B9993096C63 ] Schedule C:\Windows\system32\schedsvc.dll
09:25:14.0178 1356 Schedule - ok
09:25:14.0240 1356 [ 5A268127633C7EE2A7FB87F39D748D56 ] SCPolicySvc C:\Windows\System32\certprop.dll
09:25:14.0240 1356 SCPolicySvc - ok
09:25:14.0271 1356 [ 4FF71B076A7760FE75EA5AE2D0EE0018 ] SDRSVC C:\Windows\System32\SDRSVC.dll
09:25:14.0271 1356 SDRSVC - ok
09:25:14.0287 1356 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
09:25:14.0287 1356 secdrv - ok
09:25:14.0302 1356 [ 5ACDCBC67FCF894A1815B9F96D704490 ] seclogon C:\Windows\system32\seclogon.dll
09:25:14.0302 1356 seclogon - ok
09:25:14.0318 1356 [ 90973A64B96CD647FF81C79443618EED ] SENS C:\Windows\System32\sens.dll
09:25:14.0318 1356 SENS - ok
09:25:14.0334 1356 [ F71BFE7AC6C52273B7C82CBF1BB2A222 ] Serenum C:\Windows\system32\drivers\serenum.sys
09:25:14.0334 1356 Serenum - ok
09:25:14.0365 1356 [ E62FAC91EE288DB29A9696A9D279929C ] Serial C:\Windows\system32\drivers\serial.sys
09:25:14.0365 1356 Serial - ok
09:25:14.0380 1356 [ A842F04833684BCEEA7336211BE478DF ] sermouse C:\Windows\system32\drivers\sermouse.sys
09:25:14.0380 1356 sermouse - ok
09:25:14.0412 1356 [ A8E4A4407A09F35DCCC3771AF590B0C4 ] SessionEnv C:\Windows\system32\sessenv.dll
09:25:14.0427 1356 SessionEnv - ok
09:25:14.0443 1356 [ 14D4B4465193A87C127933978E8C4106 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
09:25:14.0443 1356 sffdisk - ok
09:25:14.0443 1356 [ 7073AEE3F82F3D598E3825962AA98AB2 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
09:25:14.0443 1356 sffp_mmc - ok
09:25:14.0458 1356 [ 35E59EBE4A01A0532ED67975161C7B82 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
09:25:14.0474 1356 sffp_sd - ok
09:25:14.0474 1356 [ 6B7838C94135768BD455CBDC23E39E5F ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
09:25:14.0474 1356 sfloppy - ok
09:25:14.0536 1356 [ 89C8CE6971A3E571176348E237018C0A ] SftService C:\Windows\sminst\sftservice.EXE
09:25:14.0568 1356 SftService - ok
09:25:14.0599 1356 [ 4C5AEE179DA7E1EE9A9CCB9DA289AF34 ] SharedAccess C:\Windows\System32\ipnathlp.dll
09:25:14.0599 1356 SharedAccess - ok
09:25:14.0646 1356 [ 56793271ECDEDD350C5ADD305603E963 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:25:14.0646 1356 ShellHWDetection - ok
09:25:14.0661 1356 [ 7A5DE502AEB719D4594C6471060A78B3 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
09:25:14.0677 1356 SiSRaid2 - ok
09:25:14.0692 1356 [ 3A2F769FAB9582BC720E11EA1DFB184D ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
09:25:14.0692 1356 SiSRaid4 - ok
09:25:14.0770 1356 [ A9A27A8E257B45A604FDAD4F26FE7241 ] slsvc C:\Windows\system32\SLsvc.exe
09:25:14.0833 1356 slsvc - ok
09:25:14.0864 1356 [ FD74B4B7C2088E390A30C85A896FC3AF ] SLUINotify C:\Windows\system32\SLUINotify.dll
09:25:14.0864 1356 SLUINotify - ok
09:25:14.0895 1356 [ 290B6F6A0EC4FCDFC90F5CB6D7020473 ] Smb C:\Windows\system32\DRIVERS\smb.sys
09:25:14.0895 1356 Smb - ok
09:25:14.0926 1356 [ F8F47F38909823B1AF28D60B96340CFF ] SNMPTRAP C:\Windows\System32\snmptrap.exe
09:25:14.0926 1356 SNMPTRAP - ok
09:25:14.0973 1356 [ 386C3C63F00A7040C7EC5E384217E89D ] spldr C:\Windows\system32\drivers\spldr.sys
09:25:14.0973 1356 spldr - ok
09:25:15.0004 1356 [ F66FF751E7EFC816D266977939EF5DC3 ] Spooler C:\Windows\System32\spoolsv.exe
09:25:15.0004 1356 Spooler - ok
09:25:15.0082 1356 [ D630B6F2E8379B6F10DC16E82A426552 ] sprtsvc_DellSupportCenter C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
09:25:15.0082 1356 sprtsvc_DellSupportCenter - ok
09:25:15.0114 1356 SPService - ok
09:25:15.0160 1356 [ 880A57FCCB571EBD063D4DD50E93E46D ] srv C:\Windows\system32\DRIVERS\srv.sys
09:25:15.0160 1356 srv - ok
09:25:15.0192 1356 [ A1AD14A6D7A37891FFFECA35EBBB0730 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
09:25:15.0192 1356 srv2 - ok
09:25:15.0223 1356 [ 4BED62F4FA4D8300973F1151F4C4D8A7 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
09:25:15.0223 1356 srvnet - ok
09:25:15.0254 1356 [ 192C74646EC5725AEF3F80D19FF75F6A ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
09:25:15.0254 1356 SSDPSRV - ok
09:25:15.0301 1356 [ 2EE3FA0308E6185BA64A9A7F2E74332B ] SstpSvc C:\Windows\system32\sstpsvc.dll
09:25:15.0301 1356 SstpSvc - ok
09:25:15.0379 1356 [ 2080477F89F82FBD12436BF9770E29A1 ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_cce24a4c\STacSV64.exe
09:25:15.0379 1356 STacSV - ok
09:25:15.0426 1356 [ 3281204B2E6049100D0FF04270C2AEA5 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
09:25:15.0441 1356 STHDA - ok
09:25:15.0488 1356 [ 15825C1FBFB8779992CB65087F316AF5 ] stisvc C:\Windows\System32\wiaservc.dll
09:25:15.0504 1356 stisvc - ok
09:25:15.0550 1356 [ 1D0063597C3666404FCF97698ABEB019 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
09:25:15.0550 1356 stllssvr - ok
09:25:15.0582 1356 [ 8A851CA908B8B974F89C50D2E18D4F0C ] swenum C:\Windows\system32\DRIVERS\swenum.sys
09:25:15.0582 1356 swenum - ok
09:25:15.0628 1356 [ 6DE37F4DE19D4EFD9C48C43ADDBC949A ] swprv C:\Windows\System32\swprv.dll
09:25:15.0628 1356 swprv - ok
09:25:15.0644 1356 [ 2F26A2C6FC96B29BEFF5D8ED74E6625B ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
09:25:15.0644 1356 Symc8xx - ok
09:25:15.0660 1356 SymIMMP - ok
09:25:15.0691 1356 [ A909667976D3BCCD1DF813FED517D837 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
09:25:15.0691 1356 Sym_hi - ok
09:25:15.0706 1356 [ 36887B56EC2D98B9C362F6AE4DE5B7B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
09:25:15.0706 1356 Sym_u3 - ok
09:25:15.0769 1356 [ 92D7A8B0F87B036F17D25885937897A6 ] SysMain C:\Windows\system32\sysmain.dll
09:25:15.0784 1356 SysMain - ok
09:25:15.0816 1356 [ 005CE42567F9113A3BCCB3B20073B029 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:25:15.0816 1356 TabletInputService - ok
09:25:15.0847 1356 [ CC2562B4D55E0B6A4758C65407F63B79 ] TapiSrv C:\Windows\System32\tapisrv.dll
09:25:15.0862 1356 TapiSrv - ok
09:25:15.0878 1356 [ CDBE8D7C1E201B911CDC346D06617FB5 ] TBS C:\Windows\System32\tbssvc.dll
09:25:15.0878 1356 TBS - ok
09:25:15.0925 1356 [ 973658A2EA9C06B2976884B9046DFC6C ] Tcpip C:\Windows\system32\drivers\tcpip.sys
09:25:15.0972 1356 Tcpip - ok
09:25:16.0003 1356 [ 973658A2EA9C06B2976884B9046DFC6C ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
09:25:16.0018 1356 Tcpip6 - ok
09:25:16.0050 1356 [ C7E72A4071EE0200E3C075DACFB2B334 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
09:25:16.0050 1356 tcpipreg - ok
09:25:16.0081 1356 [ 1D8BF4AAA5FB7A2761475781DC1195BC ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
09:25:16.0081 1356 TDPIPE - ok
09:25:16.0096 1356 [ 7F7E00CDF609DF657F4CDA02DD1C9BB1 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
09:25:16.0096 1356 TDTCP - ok
09:25:16.0128 1356 [ 458919C8C42E398DC4802178D5FFEE27 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
09:25:16.0128 1356 tdx - ok
09:25:16.0159 1356 [ 8C19678D22649EC002EF2282EAE92F98 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
09:25:16.0159 1356 TermDD - ok
09:25:16.0206 1356 [ 5CDD30BC217082DAC71A9878D9BFD566 ] TermService C:\Windows\System32\termsrv.dll
09:25:16.0237 1356 TermService - ok
09:25:16.0252 1356 [ 56793271ECDEDD350C5ADD305603E963 ] Themes C:\Windows\system32\shsvcs.dll
09:25:16.0252 1356 Themes - ok
09:25:16.0284 1356 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] THREADORDER C:\Windows\system32\mmcss.dll
09:25:16.0284 1356 THREADORDER - ok
09:25:16.0315 1356 [ 35513B8B4F7A93B0616BCFC606B468BB ] Tpkd C:\Windows\system32\drivers\Tpkd.sys
09:25:16.0330 1356 Tpkd - ok
09:25:16.0362 1356 [ F4689F05AF472A651A7B1B7B02D200E7 ] TrkWks C:\Windows\System32\trkwks.dll
09:25:16.0362 1356 TrkWks - ok
09:25:16.0424 1356 [ 66328B08EF5A9305D8EDE36B93930369 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:25:16.0424 1356 TrustedInstaller - ok
09:25:16.0440 1356 [ 9E5409CD17C8BEF193AAD498F3BC2CB8 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
09:25:16.0440 1356 tssecsrv - ok
09:25:16.0627 1356 [ DD296C78B0D2C3F5E42DC0D2972CD992 ] TuneUp.UtilitiesSvc C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
09:25:16.0674 1356 TuneUp.UtilitiesSvc - ok
09:25:16.0705 1356 [ 7BC3381C0713F613B31ACDE38B71CB53 ] TuneUpUtilitiesDrv C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys
09:25:16.0705 1356 TuneUpUtilitiesDrv - ok
09:25:16.0705 1356 [ 89EC74A9E602D16A75A4170511029B3C ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
09:25:16.0705 1356 tunmp - ok
09:25:16.0736 1356 [ 30A9B3F45AD081BFFC3BCAA9C812B609 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
09:25:16.0736 1356 tunnel - ok
09:25:16.0752 1356 [ FEC266EF401966311744BD0F359F7F56 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
09:25:16.0752 1356 uagp35 - ok
09:25:16.0798 1356 [ FAF2640A2A76ED03D449E443194C4C34 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
09:25:16.0798 1356 udfs - ok
09:25:16.0845 1356 [ 060507C4113391394478F6953A79EEDC ] UI0Detect C:\Windows\system32\UI0Detect.exe
09:25:16.0845 1356 UI0Detect - ok
09:25:16.0876 1356 [ 4EC9447AC3AB462647F60E547208CA00 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
09:25:16.0876 1356 uliagpkx - ok
09:25:16.0908 1356 [ 697F0446134CDC8F99E69306184FBBB4 ] uliahci C:\Windows\system32\drivers\uliahci.sys
09:25:16.0908 1356 uliahci - ok
09:25:16.0939 1356 [ 31707F09846056651EA2C37858F5DDB0 ] UlSata C:\Windows\system32\drivers\ulsata.sys
09:25:16.0939 1356 UlSata - ok
09:25:16.0954 1356 [ 85E5E43ED5B48C8376281BAB519271B7 ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
09:25:16.0954 1356 ulsata2 - ok
09:25:16.0970 1356 [ 46E9A994C4FED537DD951F60B86AD3F4 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
09:25:16.0986 1356 umbus - ok
09:25:17.0001 1356 [ 7093799FF80E9DECA0680D2E3535BE60 ] upnphost C:\Windows\System32\upnphost.dll
09:25:17.0001 1356 upnphost - ok
09:25:17.0110 1356 [ 7CE0FE34FD8FB7F52D1E503B0C1E4FA9 ] UPnPService C:\Program Files (x86)\Common Files\MAGIX Shared\UPnPService\UPnPService.exe
09:25:17.0173 1356 UPnPService - ok
09:25:17.0220 1356 [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
09:25:17.0220 1356 USBAAPL64 - ok
09:25:17.0266 1356 [ C6BA890DE6E41857FBE84175519CAE7D ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
09:25:17.0266 1356 usbaudio - ok
09:25:17.0298 1356 [ 07E3498FC60834219D2356293DA0FECC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
09:25:17.0298 1356 usbccgp - ok
09:25:17.0329 1356 [ 9247F7E0B65852C1F6631480984D6ED2 ] usbcir C:\Windows\system32\drivers\usbcir.sys
09:25:17.0329 1356 usbcir - ok
09:25:17.0360 1356 [ 827E44DE934A736EA31E91D353EB126F ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
09:25:17.0360 1356 usbehci - ok
09:25:17.0407 1356 [ BB35CD80A2ECECFADC73569B3D70C7D1 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
09:25:17.0407 1356 usbhub - ok
09:25:17.0438 1356 [ EBA14EF0C07CEC233F1529C698D0D154 ] usbohci C:\Windows\system32\drivers\usbohci.sys
09:25:17.0438 1356 usbohci - ok
09:25:17.0469 1356 [ 28B693B6D31E7B9332C1BDCEFEF228C1 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
09:25:17.0469 1356 usbprint - ok
09:25:17.0500 1356 [ B854C1558FCA0C269A38663E8B59B581 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:25:17.0500 1356 USBSTOR - ok
09:25:17.0532 1356 [ B2872CBF9F47316ABD0E0C74A1ABA507 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
09:25:17.0532 1356 usbuhci - ok
09:25:17.0578 1356 [ D76E231E4850BB3F88A3D9A78DF191E3 ] UxSms C:\Windows\System32\uxsms.dll
09:25:17.0578 1356 UxSms - ok
09:25:17.0610 1356 [ 294945381DFA7CE58CECF0A9896AF327 ] vds C:\Windows\System32\vds.exe
09:25:17.0625 1356 vds - ok
09:25:17.0641 1356 [ 916B94BCF1E09873FFF2D5FB11767BBC ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
09:25:17.0641 1356 vga - ok
09:25:17.0672 1356 [ B83AB16B51FEDA65DD81B8C59D114D63 ] VgaSave C:\Windows\System32\drivers\vga.sys
09:25:17.0672 1356 VgaSave - ok
09:25:17.0688 1356 [ 8294B6C3FDB6C33F24E150DE647ECDAA ] viaide C:\Windows\system32\drivers\viaide.sys
09:25:17.0688 1356 viaide - ok
09:25:17.0719 1356 [ 2B7E885ED951519A12C450D24535DFCA ] volmgr C:\Windows\system32\drivers\volmgr.sys
09:25:17.0719 1356 volmgr - ok
09:25:17.0750 1356 [ CEC5AC15277D75D9E5DEC2E1C6EAF877 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
09:25:17.0766 1356 volmgrx - ok
09:25:17.0812 1356 [ 5280AADA24AB36B01A84A6424C475C8D ] volsnap C:\Windows\system32\drivers\volsnap.sys
09:25:17.0812 1356 volsnap - ok
09:25:17.0844 1356 [ A68F455ED2673835209318DD61BFBB0E ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
09:25:17.0844 1356 vsmraid - ok
09:25:17.0890 1356 [ B75232DAD33BFD95BF6F0A3E6BFF51E1 ] VSS C:\Windows\system32\vssvc.exe
09:25:17.0922 1356 VSS - ok
09:25:18.0015 1356 [ 40DBA03782BCC10685A8C200C5EBDCD0 ] vToolbarUpdater12.2.6 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
09:25:18.0031 1356 vToolbarUpdater12.2.6 - ok
09:25:18.0078 1356 [ F14A7DE2EA41883E250892E1E5230A9A ] W32Time C:\Windows\system32\w32time.dll
09:25:18.0093 1356 W32Time - ok
09:25:18.0109 1356 [ FEF8FE5923FEAD2CEE4DFABFCE3393A7 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
09:25:18.0109 1356 WacomPen - ok
09:25:18.0140 1356 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
09:25:18.0140 1356 Wanarp - ok
09:25:18.0156 1356 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
09:25:18.0156 1356 Wanarpv6 - ok
09:25:18.0187 1356 [ B4E4C37D0AA6100090A53213EE2BF1C1 ] wcncsvc C:\Windows\System32\wcncsvc.dll
09:25:18.0202 1356 wcncsvc - ok
09:25:18.0234 1356 [ EA4B369560E986F19D93F45A881484AC ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:25:18.0234 1356 WcsPlugInService - ok
09:25:18.0265 1356 [ 0C17A0816F65B89E362E682AD5E7266E ] Wd C:\Windows\system32\drivers\wd.sys
09:25:18.0280 1356 Wd - ok
09:25:18.0312 1356 [ D02E7E4567DA1E7582FBF6A91144B0DF ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
09:25:18.0327 1356 Wdf01000 - ok
09:25:18.0343 1356 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiServiceHost C:\Windows\system32\wdi.dll
09:25:18.0343 1356 WdiServiceHost - ok
09:25:18.0358 1356 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiSystemHost C:\Windows\system32\wdi.dll
09:25:18.0358 1356 WdiSystemHost - ok
09:25:18.0374 1356 [ 3E6D05381CF35F75EBB055544A8ED9AC ] WebClient C:\Windows\System32\webclnt.dll
09:25:18.0390 1356 WebClient - ok
09:25:18.0421 1356 [ 8D40BC587993F876658BF9FB0F7D3462 ] Wecsvc C:\Windows\system32\wecsvc.dll
09:25:18.0421 1356 Wecsvc - ok
09:25:18.0436 1356 [ 9C980351D7E96288EA0C23AE232BD065 ] wercplsupport C:\Windows\System32\wercplsupport.dll
09:25:18.0436 1356 wercplsupport - ok
09:25:18.0452 1356 [ 66B9ECEBC46683F47EDC06333C075FEF ] WerSvc C:\Windows\System32\WerSvc.dll
09:25:18.0452 1356 WerSvc - ok
09:25:18.0483 1356 WinDefend - ok
09:25:18.0499 1356 WinHttpAutoProxySvc - ok
09:25:18.0561 1356 [ D2E7296ED1BD26D8DB2799770C077A02 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
09:25:18.0561 1356 Winmgmt - ok
09:25:18.0639 1356 [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869 ] WinRM C:\Windows\system32\WsmSvc.dll
09:25:18.0686 1356 WinRM - ok
09:25:18.0733 1356 [ EC339C8115E91BAED835957E9A677F16 ] Wlansvc C:\Windows\System32\wlansvc.dll
09:25:18.0764 1356 Wlansvc - ok
09:25:18.0764 1356 wltrysvc - ok
09:25:18.0811 1356 [ E18AEBAAA5A773FE11AA2C70F65320F5 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
09:25:18.0811 1356 WmiAcpi - ok
09:25:18.0842 1356 [ 21FA389E65A852698B6A1341F36EE02D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
09:25:18.0858 1356 wmiApSrv - ok
09:25:18.0873 1356 WMPNetworkSvc - ok
09:25:18.0904 1356 [ CBC156C913F099E6680D1DF9307DB7A8 ] WPCSvc C:\Windows\System32\wpcsvc.dll
09:25:18.0904 1356 WPCSvc - ok
09:25:18.0920 1356 [ A27C8F92D84E2DDC151978E4692C978E ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
09:25:18.0920 1356 WPDBusEnum - ok
09:25:18.0951 1356 [ 6329D1990DB931073B86AB5946D8E317 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
09:25:18.0951 1356 WpdUsb - ok
09:25:19.0076 1356 [ 991E2C2CF3BC204C2BB2EE1476149E4E ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
09:25:19.0092 1356 WPFFontCache_v0400 - ok
09:25:19.0123 1356 [ 8A900348370E359B6BFF6A550E4649E1 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
09:25:19.0123 1356 ws2ifsl - ok
09:25:19.0170 1356 [ 9EA3E6D0EF7A5C2B9181961052A4B01A ] wscsvc C:\Windows\System32\wscsvc.dll
09:25:19.0170 1356 wscsvc - ok
09:25:19.0170 1356 WSearch - ok
09:25:19.0263 1356 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
09:25:19.0357 1356 wuauserv - ok
09:25:19.0404 1356 [ 501A65252617B495C0F1832F908D54D8 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
09:25:19.0404 1356 WUDFRd - ok
09:25:19.0450 1356 [ 6CBD51FF913C851D56ED9DC7F2A27DDE ] wudfsvc C:\Windows\System32\WUDFSvc.dll
09:25:19.0450 1356 wudfsvc - ok
09:25:19.0450 1356 yksvc - ok
09:25:19.0497 1356 [ B681CADB266B151061E7BAA82B0D77B7 ] yukonx64 C:\Windows\system32\DRIVERS\yk60x64.sys
09:25:19.0513 1356 yukonx64 - ok
09:25:19.0513 1356 ================ Scan global ===============================
09:25:19.0528 1356 [ 060DC3A7A9A2626031EB23D90151428D ] C:\Windows\system32\basesrv.dll
09:25:19.0575 1356 [ E5E5E593D4850B0AA24CF58B552147F3 ] C:\Windows\system32\winsrv.dll
09:25:19.0591 1356 [ E5E5E593D4850B0AA24CF58B552147F3 ] C:\Windows\system32\winsrv.dll
09:25:19.0638 1356 [ 934E0B7D77FF78C18D9F8891221B6DE3 ] C:\Windows\system32\services.exe
09:25:19.0638 1356 [Global] - ok
09:25:19.0638 1356 ================ Scan MBR ==================================
09:25:19.0653 1356 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
09:25:19.0950 1356 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
09:25:19.0950 1356 \Device\Harddisk0\DR0 - detected TDSS File System (1)
09:25:19.0950 1356 ================ Scan VBR ==================================
09:25:19.0981 1356 [ 99BD1933896B39E163CE54E50EB80FB0 ] \Device\Harddisk0\DR0\Partition1
09:25:19.0981 1356 \Device\Harddisk0\DR0\Partition1 - ok
09:25:19.0981 1356 [ D3534D7D899B2BB512AB7E7B27780884 ] \Device\Harddisk0\DR0\Partition2
09:25:19.0981 1356 \Device\Harddisk0\DR0\Partition2 - ok
09:25:19.0981 1356 ============================================================
09:25:19.0981 1356 Scan finished
09:25:19.0981 1356 ============================================================
09:25:19.0996 1420 Detected object count: 1
09:25:19.0996 1420 Actual detected object count: 1
09:26:21.0414 1420 \Device\Harddisk0\DR0\TDLFS\cfg.ini - copied to quarantine
09:26:21.0414 1420 \Device\Harddisk0\DR0\TDLFS\mbr - copied to quarantine
09:26:21.0429 1420 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
09:26:21.0429 1420 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
09:26:21.0445 1420 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
09:26:21.0460 1420 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
09:26:21.0476 1420 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
09:26:21.0492 1420 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
09:26:21.0492 1420 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
09:26:21.0507 1420 \Device\Harddisk0\DR0\TDLFS\bckfg.tmp - copied to quarantine
09:26:21.0507 1420 \Device\Harddisk0\DR0\TDLFS\keywords - copied to quarantine
09:26:21.0507 1420 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Quarantine


And here is the LOG from aswMBR:


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-30 09:30:28
-----------------------------
09:30:28.241 OS Version: Windows x64 6.0.6002 Service Pack 2
09:30:28.241 Number of processors: 2 586 0xF0D
09:30:28.241 ComputerName: VICTORIA-PC UserName: Victoria
09:30:28.974 Initialize success
09:31:09.631 AVAST engine defs: 12093000
09:31:18.476 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
09:31:18.476 Disk 0 Vendor: WDC_WD25 11.0 Size: 238475MB BusType: 3
09:31:18.492 Disk 0 MBR read successfully
09:31:18.492 Disk 0 MBR scan
09:31:18.507 Disk 0 Windows XP default MBR code
09:31:18.507 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
09:31:18.539 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 15000 MB offset 81920
09:31:18.554 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 223434 MB offset 30801920
09:31:18.585 Disk 0 scanning C:\Windows\system32\drivers
09:31:29.115 Service scanning
09:31:52.297 Modules scanning
09:31:52.297 Disk 0 trace - called modules:
09:31:52.344 ntoskrnl.exe CLASSPNP.SYS disk.sys iastor.sys hal.dll
09:31:52.359 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004af86a0]
09:31:52.359 3 CLASSPNP.SYS[fffffa6000fcfc33] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80045b0050]
09:31:53.592 AVAST engine scan C:\Windows
09:31:57.008 AVAST engine scan C:\Windows\system32
09:35:37.480 AVAST engine scan C:\Windows\system32\drivers
09:35:50.381 AVAST engine scan C:\Users\Victoria
09:41:03.294 AVAST engine scan C:\ProgramData
09:43:39.887 Scan finished successfully
09:44:01.275 Disk 0 MBR has been saved successfully to "C:\Users\Victoria\Desktop\MBR.dat"
09:44:01.290 The log file has been saved successfully to "C:\Users\Victoria\Desktop\aswMBR.txt"


And the log from ESET:

C:\TDSSKiller_Quarantine\30.09.2012_09.24.27\tdlfs0000\tsk0003.dta Win32/Olmarik.AFK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\30.09.2012_09.24.27\tdlfs0000\tsk0004.dta Win64/Olmarik.R trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\30.09.2012_09.24.27\tdlfs0000\tsk0005.dta Win32/Olmarik.ACQ trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\30.09.2012_09.24.27\tdlfs0000\tsk0006.dta Win64/Olmarik.R trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\30.09.2012_09.24.27\tdlfs0000\tsk0007.dta probably a variant of Win32/Olmarik.AVQ trojan cleaned by deleting - quarantined


Thank you for your help. After I completed these scans I restarted the computer and the blue screen error still prevented me from logging on regularly. I am still stuck in safe mode, what do I do now?

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:00 AM

Posted 30 September 2012 - 01:18 PM

Uninstall AVG using this tool

http://download.avg.com/filedir/util/avgrem/avg_remover_stf_x64_2013_2706.exe

Perform a clean boot

http://www.askdrtech.com/solutions/post/How-to-perform-a-clean-startup-%28clean-boot%29-in-Windows-7.aspx

Reboot to normal mode and let me know if it works

#5 StuMic

StuMic
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:04:00 AM

Posted 30 September 2012 - 01:35 PM

It did not work. The blue screen error caused a shutdown of the computer again. I am back in safe mode.

#6 StuMic

StuMic
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:04:00 AM

Posted 30 September 2012 - 01:35 PM

It did not work. The blue screen error caused a shutdown of the computer again. I am back in safe mode.

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:00 AM

Posted 30 September 2012 - 01:38 PM

Did you try a clean boot?

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.


Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#8 StuMic

StuMic
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:04:00 AM

Posted 30 September 2012 - 01:50 PM

Yes I tried a clean boot.

Here is the log from mini toolbox:



MiniToolBox by Farbar Version: 23-07-2012
Ran by Victoria (administrator) on 30-09-2012 at 11:42:00
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X64)
Boot Mode: Network
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Dell Wireless 1397 WLAN Mini-Card = Wireless Network Connection (Connected)
Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Victoria-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Dell Wireless 1397 WLAN Mini-Card
Physical Address. . . . . . . . . : 00-22-5F-8E-D2-83
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::64f7:b16:b4da:e434%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.71(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : September-30-12 11:40:18 AM
Lease Expires . . . . . . . . . . : October-01-12 11:40:18 AM
Default Gateway . . . . . . . . . : 192.168.1.254
DHCP Server . . . . . . . . . . . : 192.168.1.254
DHCPv6 IAID . . . . . . . . . . . : 285221471
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-11-8C-97-77-00-23-AE-32-14-A7
DNS Servers . . . . . . . . . . . : 192.168.1.254
75.153.176.9
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller
Physical Address. . . . . . . . . : 00-23-AE-32-14-A7
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 6:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{E0F185EE-7944-4BC2-984F-FDC431CD91D8}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 6TO4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 13:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 24:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{BF21D9C7-F2CA-466F-AC2C-E78E07A9E53D}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.1.254

Name: google.com
Addresses: 2607:f8b0:400a:801::1006
173.194.33.35
173.194.33.33
173.194.33.41
173.194.33.40
173.194.33.39
173.194.33.36
173.194.33.32
173.194.33.38
173.194.33.37
173.194.33.46
173.194.33.34



Pinging google.com [173.194.33.34] with 32 bytes of data:

Reply from 173.194.33.34: bytes=32 time=13ms TTL=57

Reply from 173.194.33.34: bytes=32 time=12ms TTL=57



Ping statistics for 173.194.33.34:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 12ms, Maximum = 13ms, Average = 12ms

DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.1.254

Name: yahoo.com
Addresses: 98.139.183.24
72.30.38.140
98.138.253.109



Pinging yahoo.com [98.138.253.109] with 32 bytes of data:

Reply from 98.138.253.109: bytes=32 time=54ms TTL=52

Reply from 98.138.253.109: bytes=32 time=65ms TTL=52



Ping statistics for 98.138.253.109:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 54ms, Maximum = 65ms, Average = 59ms

DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.1.254

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:

Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
12 ...00 22 5f 8e d2 83 ...... Dell Wireless 1397 WLAN Mini-Card
11 ...00 23 ae 32 14 a7 ...... Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller
1 ........................... Software Loopback Interface 1
14 ...00 00 00 00 00 00 00 e0 isatap.{E0F185EE-7944-4BC2-984F-FDC431CD91D8}
10 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
13 ...00 00 00 00 00 00 00 e0 6TO4 Adapter
15 ...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
26 ...00 00 00 00 00 00 00 e0 isatap.{BF21D9C7-F2CA-466F-AC2C-E78E07A9E53D}
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.71 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.71 281
192.168.1.71 255.255.255.255 On-link 192.168.1.71 281
192.168.1.255 255.255.255.255 On-link 192.168.1.71 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.71 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.71 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
12 281 fe80::/64 On-link
12 281 fe80::64f7:b16:b4da:e434/128
On-link
1 306 ff00::/8 On-link
12 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 06 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\winrnr.dll [19968] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [61440] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [62976] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [78848] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [78848] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 06 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\winrnr.dll [27648] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Apple Mobile Device Support (Version: 4.0.0.97)
AVG 2013 (Version: 13.0.2591)
AVG 2013 (Version: 13.0.2677)
AVG 2013 (Version: 2013.0.2677)
Bonjour (Version: 3.0.0.10)
Dell Dock (Version: 1.0.0)
Dell Edoc Viewer (Version: 1.0.0)
Dell Touchpad (Version: 7.102.115.201)
Dell Wireless WLAN Card Utility (Version: 5.10.38.30)
Integrated Webcam Driver (1.00.02.0825)
Intel® Matrix Storage Manager
Interlok driver setup x64 (Version: 5.8.12)
iTunes (Version: 10.5.3.3)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
MobileMe Control Panel (Version: 3.1.6.0)
Quickset (Version: 9.2.17)
SPBBC 64bit (Version: 107.0.0.134)
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1)

========================= Memory info: ===================================

Percentage of memory in use: 15%
Total physical RAM: 4057.45 MB
Available physical RAM: 3419.18 MB
Total Pagefile: 4163.23 MB
Available Pagefile: 3667.07 MB
Total Virtual: 4095.88 MB
Available Virtual: 3997.96 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:218.2 GB) (Free:152.56 GB) NTFS
2 Drive e: (RECOVERY) (Fixed) (Total:14.65 GB) (Free:5.58 GB) NTFS

========================= Users: ========================================

User accounts for \\VICTORIA-PC

Administrator Guest Victoria

========================= Restore Points ==================================

13-09-2012 01:00:54 Windows Update
14-09-2012 01:52:11 Windows Update
20-09-2012 05:55:56 Windows Update
27-09-2012 02:46:20 Windows Update
28-09-2012 16:27:05 Windows Update
29-09-2012 04:37:34 Windows Update
29-09-2012 05:30:47 Installed AVG 2013
29-09-2012 05:31:53 Installed AVG 2013
29-09-2012 05:39:10 Removed Sophos Virus Removal Tool.
29-09-2012 06:01:28 Installed AVG PC TuneUp
29-09-2012 22:27:00 Windows Update

**** End of log ****


Here are the results from RKill:


Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 09/30/2012 11:45:13 AM in x64 mode.
Windows Version: Windows Vista ™ Home Premium Service Pack 2

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

* COM+ Event System (EventSystem) is not Running.
Startup Type set to: Automatic

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Automatic

* Security Center (wscsvc) is not Running.
Startup Type set to: Automatic (Delayed Start)

* Windows Update (wuauserv) is not Running.
Startup Type set to: Automatic (Delayed Start)

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost

Program finished at: 09/30/2012 11:45:27 AM
Execution time: 0 hours(s), 0 minute(s), and 14 seconds(s)


Here are the results from Autoruns:

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Apoint" "Alps Pointing-device Driver" "Alps Electric Co., Ltd." "c:\program files\delltpad\apoint.exe"
+ "Broadcom Wireless Manager UI" "Dell Wireless WLAN Card Wireless Network Tray Applet" "Dell Inc." "c:\windows\system32\wltray.exe"
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "IAAnotif" "Event Monitor User Notification Tool" "Intel Corporation" "c:\program files (x86)\intel\intel matrix storage manager\iaanotif.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe"
+ "Persistence" "persistence Module" "Intel Corporation" "c:\windows\system32\igfxpers.exe"
+ "QuickSet" "QuickSet" "Dell Inc." "c:\program files\dell\quickset\quickset.exe"
+ "SysTrayApp" "IDT PC Audio" "IDT, Inc." "c:\program files\idt\wdm\sttray64.exe"
+ "Windows Defender" "Windows Defender User Interface" "Microsoft Corporation" "c:\program files\windows defender\msascui.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe"
+ "AVG_UI" "" "" "File not found: C:\Program Files (x86)\AVG\AVG2013\avgui.exe"
+ "MyWebSearch Plugin" "" "" "File not found: C:\PROGRA~2\MYWEBS~1\bar\1.bin\M3PLUGIN.DLL"
+ "ROC_ROC_NT" "" "" "File not found: C:\Program Files (x86)\AVG Secure Search\ROC_ROC_NT.exe"
+ "vProt" "" "" "File not found: C:\Program Files (x86)\AVG Secure Search\vprot.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce" "" "" ""
+ "Malwarebytes Anti-Malware" "" "" "File not found: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "Exif Launcher S.lnk" "Exif Launcher 2" "FUJIFILM Corporation" "c:\program files\finepixviewers\quickdcf2.exe"
"C:\Users\Victoria\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "Dell Dock.lnk" "Dell Dock" "Stardock Corporation" "c:\program files\dell\delldock\delldock.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows Mail 7" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows Mail 7" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Sidebar" "Windows Sidebar" "Microsoft Corporation" "c:\program files\windows sidebar\sidebar.exe"
+ "SightSpeed" "Dell Video Chat by SightSpeed" "Dell Inc. and SightSpeed Inc." "c:\program files (x86)\dell video chat\dellvideochat.exe"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "AVG Shell Extension" "" "" "File not found: C:\Program Files (x86)\AVG\AVG2013\avgsea.dll"
+ "AVG Shredder Shell Extension" "AVG Shredder Shell Extension" "AVG" "c:\program files (x86)\avg\avg pc tuneup\sdshelex-x64.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "AVG Shell Extension" "" "" "File not found: C:\Program Files (x86)\AVG\AVG2013\avgse.dll"
+ "AVG Shredder Shell Extension" "AVG Shredder Shell Extension" "AVG" "c:\program files (x86)\avg\avg pc tuneup\sdshelex-win32.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "" "" "File not found: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "AVG Disk Space Explorer Shell Extension" "AVG Disk Space Explorer Shell Extension" "AVG" "c:\program files (x86)\avg\avg pc tuneup\dseshext-x64.dll"
+ "AVG Shredder Shell Extension" "AVG Shredder Shell Extension" "AVG" "c:\program files (x86)\avg\avg pc tuneup\sdshelex-x64.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "AVG Disk Space Explorer Shell Extension" "AVG Disk Space Explorer Shell Extension" "AVG" "c:\program files (x86)\avg\avg pc tuneup\dseshext-x86.dll"
+ "AVG Shredder Shell Extension" "AVG Shredder Shell Extension" "AVG" "c:\program files (x86)\avg\avg pc tuneup\sdshelex-win32.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "AVG Shell Extension" "" "" "File not found: C:\Program Files (x86)\AVG\AVG2013\avgsea.dll"
+ "MBAMShlExt" "" "" "File not found: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "AVG Shell Extension" "" "" "File not found: C:\Program Files (x86)\AVG\AVG2013\avgse.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Google Toolbar Notifier BHO" "GoogleToolbarNotifier" "Google Inc." "c:\program files\google\googletoolbarnotifier\5.2.4204.1700\swg64.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "AVG Security Toolbar" "" "" "File not found: C:\Program Files (x86)\AVG Secure Search\12.2.5.34\AVG Secure Search_toolbar.dll"
+ "Google Toolbar Notifier BHO" "GoogleToolbarNotifier" "Google Inc." "c:\program files (x86)\google\googletoolbarnotifier\5.2.4204.1700\swg.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files (x86)\java\jre6\bin\jp2ssv.dll"
+ "mwsBar BHO" "" "" "File not found: C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSBAR.DLL"
+ "MyWebSearch Search Assistant BHO" "" "" "File not found: C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSSRCAS.DLL"
+ "Windows Live Sign-in Helper" "WindowsLiveLogin.dll" "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "AVG Security Toolbar" "" "" "File not found: C:\Program Files (x86)\AVG Secure Search\12.2.5.34\AVG Secure Search_toolbar.dll"
+ "My Web Search" "" "" "File not found: C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSBAR.DLL"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "&Blog This in Windows Live Writer" "Windows Live Writer Blog This Extension" "Microsoft Corporation" "c:\program files (x86)\windows live\writer\writerbrowserextension.dll"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AESTFilters" "Andrea filters APO access service (64-bit)" "Andrea Electronics Corporation" "c:\windows\system32\driverstore\filerepository\stwrt64.inf_cce24a4c\aestsr64.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "Automatic LiveUpdate Scheduler" "Manages the scheduling of Automatic LiveUpdate sessions" "Symantec Corporation" "c:\program files (x86)\symantec\liveupdate\aluschedulersvc.exe"
+ "AVGIDSAgent" "Provides Identity Protection Against Cyber Crime." "" "File not found: C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe"
+ "avgwd" "AVG Watchdog Service" "" "File not found: C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "DockLoginService" "Dock Login Service" "Stardock Corporation" "c:\program files\dell\delldock\docklogin.exe"
+ "Fabs" "Watches filechanges, does automatic backups and configuration stuff." "MAGIX AG" "c:\program files (x86)\common files\magix services\database\bin\fabs.exe"
+ "FirebirdServerMAGIXInstance" "Firebird SQL Server - MAGIX Edition" "MAGIX®" "c:\program files (x86)\magix\common\database\bin\fbserver.exe"
+ "gupdate1c9ff903df66060" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gusvc" "Google Updater keeps your Google software up to date. If Google Updater Service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work." "Google" "c:\program files (x86)\google\common\google updater\googleupdaterservice.exe"
+ "IAANTMON" "RAID Monitor" "Intel Corporation" "c:\program files (x86)\intel\intel matrix storage manager\iaantmon.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "LiveUpdate" "LiveUpdate Core Engine" "Symantec Corporation" "c:\program files (x86)\symantec\liveupdate\lucomserver_3_4.exe"
+ "MBAMScheduler" "Malwarebytes Anti-Malware scheduler" "" "File not found: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe"
+ "MBAMService" "Malwarebytes Anti-Malware service" "" "File not found: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe"
+ "McComponentHostService" "McAfee Security Scan Component Host Service" "" "File not found: C:\Program Files (x86)\McAfee Security Scan\3.0.287\McCHSvc.exe"
+ "MyWebSearchService" "" "" "File not found: C:\PROGRA~2\MYWEBS~1\bar\1.bin\mwssvc.exe"
+ "SftService" "SoftThinks Agent Service" "SoftThinks" "c:\windows\sminst\sftservice.exe"
+ "sprtsvc_DellSupportCenter" "SupportSoft Sprocket Service (DellSupportCenter)" "SupportSoft, Inc." "c:\program files (x86)\dell support center\bin\sprtsvc.exe"
+ "SPService" "" "" "File not found: c:\programdata\2aca5cc3-0f83-453d-a079-1076fe1a8b65\sp.dll"
+ "STacSV" "Manages audio jack configurations." "IDT, Inc." "c:\windows\system32\driverstore\filerepository\stwrt64.inf_cce24a4c\stacsv64.exe"
+ "stllssvr" "SureThing Labelflash Disc Printer Service Module" "MicroVision Development, Inc." "c:\program files (x86)\common files\surething shared\stllssvr.exe"
+ "TuneUp.UtilitiesSvc" "This service analyzes the usage of your computer in the background, enabling automatic usage-dependent optimizations. All of its functions can be set in AVG PC TuneUp. If you stop or disable this service, parts of AVG PC TuneUp will not work anymore." "AVG" "c:\program files (x86)\avg\avg pc tuneup\tuneuputilitiesservice64.exe"
+ "UPnPService" "UPnPService Module" "Magix AG" "c:\program files (x86)\common files\magix shared\upnpservice\upnpservice.exe"
+ "vToolbarUpdater12.2.6" "" "" "File not found: C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe"
+ "WinDefend" "Scan your computer for unwanted software, schedule scans, and get the latest unwanted software definitions." "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "wltrysvc" "Provides automatic configuration for the 802.11 adapter using the Broadcom supplicant." "" "c:\windows\system32\wltrysvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
+ "yksvc" "Service for Marvell® Yukon® Network Adapters" "Marvell" "c:\windows\system32\ykx64coinst.dll"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "acedrv09" "" "" "c:\windows\system32\drivers\acedrv09.sys"
+ "ApfiltrService" "Alps Touch Pad Driver" "Alps Electric Co., Ltd." "c:\windows\system32\drivers\apfiltr.sys"
+ "AVGIDSDriver" "AVG Technologies IDS Application Activity Monitor Driver" "" "File not found: system32\DRIVERS\avgidsdrivera.sys"
+ "AVGIDSHA" "AVG Technologies IDS Application Activity Monitor Helper Driver" "" "File not found: system32\DRIVERS\avgidsha.sys"
+ "Avgldx64" "" "" "File not found: system32\DRIVERS\avgldx64.sys"
+ "Avgloga" "" "" "File not found: system32\DRIVERS\avgloga.sys"
+ "Avgmfx64" "" "" "File not found: system32\DRIVERS\avgmfx64.sys"
+ "Avgrkx64" "" "" "File not found: system32\DRIVERS\avgrkx64.sys"
+ "Avgtdia" "" "" "File not found: system32\DRIVERS\avgtdia.sys"
+ "avgtp" "" "" "File not found: C:\Windows\system32\drivers\avgtpx64.sys"
+ "BCM42RLY" "Broadcom iLine10™ PCI Network Adapter Proxy Protocol Driver" "Broadcom Corporation" "c:\windows\system32\drivers\bcm42rly.sys"
+ "BCM43XX" "Broadcom 802.11 Network Adapter wireless driver" "Broadcom Corporation" "c:\windows\system32\drivers\bcmwl664.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "e1express" "Intel® PRO/1000 Adapter NDIS 6 deserialized driver" "Intel Corporation" "c:\windows\system32\drivers\e1e6032e.sys"
+ "E1G60" "Intel® PRO/1000 Adapter NDIS 6 deserialized driver" "Intel Corporation" "c:\windows\system32\drivers\e1g6032e.sys"
+ "eeCtrl" "Symantec Eraser Control Driver" "Symantec Corporation" "c:\program files (x86)\common files\symantec shared\eengine\eectrl64.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "iaStor" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd64.sys"
+ "IpInIp" "IP in IP Tunnel Driver" "" "File not found: system32\DRIVERS\ipinip.sys"
+ "MAUSBPRODUCER" "" "" "File not found: system32\DRIVERS\MAudioProducer.sys"
+ "MBAMProtector" "" "" "File not found: C:\Windows\system32\drivers\mbam.sys"
+ "NwlnkFlt" "IPX Traffic Filter Driver" "" "File not found: system32\DRIVERS\nwlnkflt.sys"
+ "NwlnkFwd" "IPX Traffic Forwarder Driver" "" "File not found: system32\DRIVERS\nwlnkfwd.sys"
+ "OA009Ufd" "Provides a software interface to control effects of Integrated Webcam." "Creative Technology Ltd." "c:\windows\system32\drivers\oa009ufd.sys"
+ "OA009Vid" "Provides a software interface to control Integrated Webcam." "Creative Technology Ltd." "c:\windows\system32\drivers\oa009vid.sys"
+ "PCD5SRVC{048DBD20-445E8C82-05040104}" "Kernel Driver" "PC-Doctor, Inc." "c:\program files (x86)\dell support center\hwdiag\bin\pcd5srvc_x64.pkms"
+ "PxHlpa64" "Px Engine Device Driver for 64-bit Windows" "Sonic Solutions" "c:\windows\system32\drivers\pxhlpa64.sys"
+ "R300" "ATI Radeon Kernel Mode Driver" "ATI Technologies Inc." "c:\windows\system32\drivers\atikmdag.sys"
+ "RimUsb" "BlackBerry Device Driver" "Research In Motion Limited" "c:\windows\system32\drivers\rimusb_amd64.sys"
+ "RTSTOR" "Realtek USB Mass Storage Driver for Vista x64" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtstor64.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "STHDA" "IDT PC Audio" "IDT, Inc." "c:\windows\system32\drivers\stwrt64.sys"
+ "SymIMMP" "" "" "File not found: system32\DRIVERS\SymIM.sys"
+ "Tpkd" "64bit Tpkd Device Driver" "PACE Anti-Piracy, Inc." "c:\windows\system32\drivers\tpkd.sys"
+ "TuneUpUtilitiesDrv" "TuneUp Utilities Driver" "TuneUp Software" "c:\program files (x86)\avg\avg pc tuneup\tuneuputilitiesdriver64.sys"
+ "USBAAPL64" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl64.sys"
+ "yukonx64" "Miniport Driver for Marvell Yukon Ethernet Controller." "Marvell" "c:\windows\system32\drivers\yk60x64.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "9x8Resize" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Allocator Fix" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Bitmap" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Capture ASF Writer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "DivX Decoder Filter" "DivX Decoder Filter" "DivX, Inc." "c:\program files\divx\divx codec\divxdec.ax"
+ "Frame Eater" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Multiple File Output" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Proxy Sink" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Proxy Source" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Record Queue" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "ShotDetect" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Stetch" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WM VIH2 Fix" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Audio Analyzer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Black Frame Generator" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DV Extract Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT FormatConversion" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Import Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Interlacer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Log Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT MuxDeMux Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Sample Info Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Switch Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Renderer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Source" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Volume" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "Audio Destination" "WAVDest Filter (Sample)" "Microsoft Corporation" "c:\program files (x86)\google\google earth\client\wavdest.ax"
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "CyberLink Audio Decoder" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\claud.ax"
+ "CyberLink Audio Effect" "CyberLink Audio Effect Filter" "CyberLink Corporation" "c:\program files\cyberlink\powerdvd dx\kernel\movie\claudfx.ax"
+ "CyberLink Audio Spectrum Analyzer" "CLAudSpa.ax" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\claudspa.ax"
+ "CyberLink Audio Wizard" "CyberLink Audio Wizard Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\claudwizard.ax"
+ "CyberLink AudioCD Filter" "CyberLink AudioCD Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\claudiocd.ax"
+ "CyberLink Demultiplexer" "MPEG-2 Dempltiplexer" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\cldemuxer.ax"
+ "CyberLink DVD Navigator" "CyberLink DVD Navigation Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\clnavx.ax"
+ "CyberLink Line21 Decoder Filter" "CyberLink Line21 Decoder Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\clline21.ax"
+ "Cyberlink SubTitle Importor" "CLSubTitle.ax" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\clsubtitle.ax"
+ "CyberLink TimeStretch Filter" "CLAuTS.ax" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\clauts.ax"
+ "CyberLink Video Effect" "CLVidFx" "CyberLink" "c:\program files\cyberlink\powerdvd dx\kernel\movie\clvidfx.ax"
+ "CyberLink Video/SP Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\clvsd.ax"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
"HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute" "" "" ""
+ "avgrmbr.nt /mbr C:\Windows\System32\avgrmbr.bin" "" "" "File not found: avgrmbr.nt"
+ "C:\PROGRA~2\AVG\AVG2013\avgrsa.exe /sync /restart" "" "" "File not found: C:\PROGRA~2\AVG\AVG2013\avgrsa.exe /sync /restart"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files (x86)\bonjour\mdnsnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order" "" "" ""
+ "BCMLogon" "Dell Wireless WLAN Card Logon Provider" "Dell Inc." "c:\windows\system32\bcmlogon.dll"


Thanks. What now?

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:00 AM

Posted 30 September 2012 - 01:53 PM

Go to

C:\windows\minidump folder

Zip up the latest dump files and Upload them here

Edited by narenxp, 30 September 2012 - 01:54 PM.


#10 StuMic

StuMic
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:04:00 AM

Posted 30 September 2012 - 02:00 PM

That folder is empty....

#11 StuMic

StuMic
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:04:00 AM

Posted 30 September 2012 - 02:26 PM

Any suggestions?

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:00 AM

Posted 30 September 2012 - 09:55 PM

click on startmenu and type

cmd

Right click on it and select run as administrator and run this command

chkdsk /r

Press Y to schedule it on reboot

Reboot the PC and let me know if chkdsk was successful

#13 StuMic

StuMic
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:04:00 AM

Posted 30 September 2012 - 10:34 PM

I ran the chkdsk command but nothing seemed to happen once I restarted.

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:00 AM

Posted 30 September 2012 - 10:39 PM

At what stage do you receive blue screens?

What changes do you make other than malware scans?

Create a new user account and try to boot into normal mode and let me know if it worked.

#15 StuMic

StuMic
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:04:00 AM

Posted 30 September 2012 - 10:47 PM

The blue screen appears after the windows logo appears. Then for a split second it goes to the log on screen and the blue screen appears. I do not have time to log on as another user because the blue screen appears.

The only changes I made were the scans. The first time I saw it was during a Microsoft Safety Scanner scan. The computer crashed but I was still able to reboot and log back on. Then I downloaded and ran malwarebytes twice and each time I ran it the blue screen appeared again. After the second malwarebytes scan I was unable from logging back on to the normal mode because the blue screen started appearing before I could log on.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users