Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Computer Restarting during Virus scan (as stated Am I infected forum)


  • This topic is locked This topic is locked
16 replies to this topic

#1 edam72

edam72

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:05:36 AM

Posted 17 November 2012 - 09:41 PM

Original Post:
Thanks for viewing, I will attempt to list all details and what I have tried.

OS:Windows 7 Ultimate
C: drive is in a RAID 0 configuration.

The computer originally had a video problem and would not load Catalyst Control Center, used a Microsoft fix (unistalling the regular way would not work) to uninstall and reinstall the ATI program and drivers and now video is fine. I went to run a virus scan with Microsoft Security Essentials, and 1/4 to halfway through the computer reboots. I disabled MSE and tried other scanners, all of which caused the same problem, even in SAFE mode. Malwarebytes did finish one time and removed these 3 items:
Registry Keys Detected: 1
HKLM\SOFTWARE\Google\chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki (PUP.Funmoods) -> Quarantined and deleted successfully.
Files Detected: 2
C:\Users\Beansie\Downloads\frzfonts_1793.exe (PUP.BundleOffers.IIQ) -> Quarantined and deleted successfully.
C:\Users\Beansie\Google Drive\Downloads\frzfonts_1793.exe (PUP.BundleOffers.IIQ) -> Quarantined and deleted successfully.

But after that, even Malwarebytes could not finish any scans.

I checked the event viewer and from what I can see, this is the only error I get before it reboots.
Kernel Power:The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
After rebooting the PC seems to get these 3 errors each time.
1.Kernel P-N-P: The driver \Driver\WUDFRd failed to load for the device WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_GENERIC&PROD_COMPACT_FLASH&REV_0.00#00000000000006&0#.
2.Service Control Manager : A timeout was reached (30000 milliseconds) while waiting for the Roxio Hard Drive Watcher 12 service to connect.
3. Kernel Event Tracing: Session "Microsoft Security Client OOBE" stopped due to the following error: 0xC000000D

I did use SFC /scannow and it returned no errors.
I also ran a hardware check on the system and no errors were returned, and did a stress test on the video cards that went well.
That is all I can think of right now, hope that is enough information. And thanks to anyone ahead of time!

Logs Posted below as requested.

DDS (Ver_2012-11-07.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16455 BrowserJavaVersion: 10.9.2
Run by Beansie at 18:22:38 on 2012-11-17
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.12279.9887 [GMT -8:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.03\AsSysCtrlService.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe
C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\JMRAIDManager\XSrvSetup.exe
C:\Program Files (x86)\JMRAIDManager\JMRaidSetup.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files\CyberLink\Shared files\RichVideo64.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\taskhost.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Windows\system32\Dwm.exe
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\ASUS\TurboV EVO\TurboVHELP.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\System32\spool\drivers\x64\3\WrtMon.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\spool\drivers\x64\3\WrtProc.exe
C:\Users\Beansie\AppData\Roaming\Smilebox\SmileboxTray.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Users\Beansie\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Stardock\ObjectDockFree\ObjectDock.exe
C:\Program Files (x86)\ASUS\TurboV EVO\TurboV_EVO.exe
C:\Program Files (x86)\ASUS\AI Suite\QFan3\QFanHelp.exe
C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\Stardock\ObjectDockFree\Dock64.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe
c:\program files (x86)\winamp toolbar\winamptbServer.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_4_402_287_ActiveX.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uSearch Bar = hxxp://feed.snap.do/?publisher=Download2&dpid=Download2&co=US&userid=ea7e0443-e196-44f2-a93f-e917d419c844&searchtype=ds&q={searchTerms}
uSearch Page = hxxp://feed.snap.do/?publisher=Download2&dpid=Download2&co=US&userid=ea7e0443-e196-44f2-a93f-e917d419c844&searchtype=ds&q={searchTerms}
uSearchAssistant = hxxp://feed.snap.do/?publisher=Download2&dpid=Download2&co=US&userid=ea7e0443-e196-44f2-a93f-e917d419c844&searchtype=ds&q={searchTerms}
mWinlogon: Userinit = userinit.exe,
BHO: SnagIt Toolbar Loader: {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 9\SnagitBHO.dll
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Winamp Toolbar Loader: {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll
BHO: PodcastBHO Class: {65134FDF-F8A5-4B3D-91D9-CDF273CFD578} - C:\Program Files (x86)\Common Files\doubleTwist\IEPodcastPlugin.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: Winamp Toolbar: {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll
TB: Snagit: {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 9\SnagitIEAddin.dll
TB: Winamp Toolbar: {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [SmileboxTray] "C:\Users\Beansie\AppData\Roaming\Smilebox\SmileboxTray.exe"
mRun: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
mRun: [TurboV EVO] "C:\Program Files (x86)\ASUS\TurboV EVO\TurboV_EVO.exe" -b
mRun: [Cpu Level Up] "C:\Program Files (x86)\ASUS\AI Suite\CPU Level UPEx\CpuLevelUp.exe" -r
mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
mRun: [QFan Help] "C:\Program Files (x86)\ASUS\AI Suite\QFan3\QFanHelp.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
StartupFolder: C:\Users\Beansie\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Beansie\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\Beansie\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\STARDO~1.LNK - C:\Program Files (x86)\Stardock\ObjectDockFree\ObjectDock.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:28
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{D582C5BE-15FB-4C60-A646-1FB11CF6D6A7} : DHCPNameServer = 192.168.1.254
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
x64-BHO: SnagIt Toolbar Loader: {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 9\DLLx64\SnagitBHO64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-TB: <No Name>: {ae07101b-46d4-4a98-af68-0333ea26e113} - LocalServer32 - <no file>
x64-Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [Logitech Download Assistant] C:\Windows\System32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
x64-Run: [WrtMon.exe] C:\Windows\System32\spool\drivers\x64\3\WrtMon.exe
x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Run: [IntelliType Pro] "C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe"
x64-Run: [IntelliPoint] "C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe"
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2012-8-30 228768]
R0 mv91xx;mv91xx;C:\Windows\System32\drivers\mv91xx.sys [2009-12-24 297512]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2011-3-27 55856]
R0 rr232x;rr232x;C:\Windows\System32\drivers\rr232x.sys [2011-3-26 152096]
R0 Sahdad64;HDD Filter Driver;C:\Windows\System32\drivers\Sahdad64.sys [2011-3-27 27120]
R0 Saibad64;Volume Filter Driver;C:\Windows\System32\drivers\Saibad64.sys [2011-3-27 19952]
R1 SaibVdAd64;Virtual Disk Driver;C:\Windows\System32\drivers\SaibVdAd64.sys [2011-3-27 27632]
R2 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269;Roxio SAIB Service;C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe [2009-6-2 457200]
R2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [2010-9-6 169408]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-9-27 239616]
R2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.03\AsSysCtrlService.exe [2011-3-26 96896]
R2 BOT4Service;BOT4Service;C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe [2010-8-30 39408]
R2 cpuz135;cpuz135;C:\Windows\System32\drivers\cpuz135_x64.sys [2011-3-26 21992]
R2 FreeAgentGoNext Service;Seagate Service;C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe [2009-9-25 189736]
R2 iPodDrv;iPodDrv;C:\Windows\System32\drivers\iPodDrv.sys [2011-3-9 14952]
R2 JMRAIDManager;JMRAIDManager;C:\Program Files (x86)\JMRAIDManager\XSrvSetup.exe [2011-4-1 69632]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2012-3-20 128456]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS);C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2012-11-6 390672]
R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-1-18 450848]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2012-5-13 96896]
R3 e1yexpress;Intel® Gigabit Network Connections Driver;C:\Windows\System32\drivers\e1y60x64.sys [2009-6-10 281088]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-9-12 368896]
R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2010-1-22 77824]
R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2010-1-22 180224]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe [2010-7-16 354288]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
S3 CompFilter64;UVCCompositeFilter;C:\Windows\System32\drivers\lvbflt64.sys [2012-1-17 25632]
S3 ENTECH64;ENTECH64;C:\Windows\System32\drivers\Entech64.sys [2011-3-26 12744]
S3 HTCAND64;HTC Device Driver;C:\Windows\System32\drivers\ANDROIDUSB.sys [2009-11-2 33736]
S3 ivusb;Initio Driver for USB Default Controller;C:\Windows\System32\drivers\ivusb.sys [2010-7-28 29720]
S3 LGDDCDevice;LGDDCDevice;C:\Program Files (x86)\LG Soft India\forteManager\bin\I2CDriver.sys [2011-5-13 14336]
S3 LGII2CDevice;LGII2CDevice;C:\Program Files (x86)\LG Soft India\forteManager\bin\PII2CDriver.sys [2011-5-13 18432]
S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2012-1-18 351136]
S3 LVUVC64;Logitech HD Pro Webcam C910(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2012-1-18 4865568]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-11-7 19456]
S3 RoxMediaDB13;RoxMediaDB13;C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe [2010-7-16 1099248]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-11-7 57856]
S3 wacmoumonitor;Wacom Mode Helper;C:\Windows\System32\drivers\wacmoumonitor.sys [2011-4-30 18216]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-3-26 1255736]
S4 TabletServiceWacom;TabletServiceWacom;C:\Windows\System32\Wacom_Tablet.exe [2011-4-30 6245744]
.
=============== File Associations ===============
.
ShellExec: CTA10.exe: Open=C:\Program Files (x86)\Reallusion\CrazyTalk Animator\CTApp.exe "%1"
.
=============== Created Last 30 ================
.
2012-11-18 02:21:03 9291768 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{07BB7EEB-98ED-492E-8EAC-240A028044EA}\mpengine.dll
2012-11-17 19:10:18 9291768 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-11-17 19:05:44 9291768 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{310810A1-3A23-48F2-BDE4-B7E33214FDBB}\mpengine.dll
2012-11-16 17:32:55 -------- d-----w- C:\Program Files (x86)\Geeks3D
2012-11-16 05:21:33 -------- d-----w- C:\Program Files (x86)\AMD AVT
2012-11-16 05:21:32 -------- d-----w- C:\Program Files (x86)\AMD APP
2012-11-16 05:21:30 -------- d-----w- C:\Program Files\Common Files\ATI Technologies
2012-11-16 05:21:30 -------- d-----w- C:\Program Files (x86)\Common Files\ATI Technologies
2012-11-16 05:20:34 -------- d-----w- C:\Program Files (x86)\ATI Technologies
2012-11-16 05:20:26 -------- d-----w- C:\Program Files\ATI Technologies
2012-11-16 05:20:24 -------- d-----w- C:\Program Files\ATI
2012-11-16 05:09:45 -------- d-----w- C:\MATS
2012-11-16 04:46:59 -------- d-----w- C:\AMD
2012-11-15 23:51:13 -------- d-----w- C:\Users\Beansie\AppData\Roaming\Malwarebytes
2012-11-15 23:51:05 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-11-15 23:51:05 -------- d-----w- C:\ProgramData\Malwarebytes
2012-11-15 23:51:05 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-11-15 23:48:51 -------- d-----w- C:\Program Files\CCleaner
2012-11-15 23:30:13 -------- d-----w- C:\Program Files (x86)\VS Revo Group
2012-11-15 22:55:59 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
2012-11-15 22:10:56 -------- d-----w- C:\ProgramData\Geek Squad
2012-11-09 19:43:11 -------- d-----w- C:\Users\Beansie\AppData\Local\{5B764E1B-D743-4353-978E-043CC4850FA6}
2012-11-08 19:39:26 -------- d-----w- C:\Users\Beansie\AppData\Local\{DF4DAF60-2EB0-437B-B1E1-5E892EDF03A1}
2012-11-08 07:38:43 -------- d-----w- C:\Users\Beansie\AppData\Local\{E737A5DA-61F9-4C7E-AD31-2EEF6DF05822}
2012-11-08 05:45:40 -------- d-----w- C:\Users\Beansie\AppData\Roaming\Photobucket
2012-11-08 05:44:55 -------- d-----w- C:\Program Files (x86)\Photobucket Desktop
2012-11-08 01:49:52 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2012-11-08 01:49:52 458712 ----a-w- C:\Windows\System32\drivers\cng.sys
2012-11-08 01:49:52 340992 ----a-w- C:\Windows\System32\schannel.dll
2012-11-08 01:49:52 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2012-11-08 01:49:52 247808 ----a-w- C:\Windows\SysWow64\schannel.dll
2012-11-08 01:49:52 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2012-11-08 01:49:52 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2012-11-08 01:49:52 154480 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2012-11-08 01:49:52 1448448 ----a-w- C:\Windows\System32\lsasrv.dll
2012-11-06 05:07:12 -------- d-----w- C:\ProgramData\AMD
2012-11-06 02:15:27 -------- d-----w- C:\Users\Beansie\AppData\Local\{58FFC09E-8F69-4EC1-8446-6EA3E1D0B647}
2012-11-04 23:46:44 821736 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2012-11-04 23:46:41 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2012-11-03 22:30:58 -------- d-----w- C:\Program Files (x86)\Sony
2012-11-03 22:16:45 -------- d-----w- C:\Users\Beansie\AppData\Local\Sony
2012-11-03 21:13:57 -------- d-----w- C:\ProgramData\Anvsoft
2012-10-30 23:38:57 -------- d-----w- C:\Users\Beansie\AppData\Local\Toon Boom Animation
2012-10-30 23:24:02 -------- d-----w- C:\Program Files (x86)\Toon Boom Animation
2012-10-30 23:23:34 749568 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iKernel.dll
2012-10-30 23:23:34 69715 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\ctor.dll
2012-10-30 23:23:34 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\DotNetInstaller.exe
2012-10-30 23:23:34 274432 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iscript.dll
2012-10-30 23:23:34 180224 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iuser.dll
2012-10-30 23:23:26 323716 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\setup.dll
2012-10-30 23:23:26 192644 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iGdi.dll
2012-10-28 23:58:34 -------- d-----w- C:\Users\Beansie\AppData\Local\{AA9427BD-2BE6-4544-BF09-4701A832A980}
2012-10-28 20:06:24 -------- d-----w- C:\Users\Beansie\AppData\Roaming\Thinstall
2012-10-28 20:06:24 -------- d-----w- C:\Users\Beansie\AppData\Local\Thinstall
2012-10-27 22:19:28 -------- d-----w- C:\Users\Beansie\AppData\Local\ODUI
2012-10-27 22:19:27 -------- d-----w- C:\Users\Beansie\AppData\Roaming\Stardock
2012-10-27 22:19:27 -------- d-----w- C:\Users\Beansie\AppData\Local\Stardock
2012-10-27 22:19:18 -------- d-----w- C:\Program Files (x86)\Stardock
2012-10-27 22:12:17 -------- d-----w- C:\Users\Beansie\AppData\Roaming\GlarySoft
2012-10-27 22:12:16 -------- d-----w- C:\Program Files (x86)\Glary Utilities
2012-10-26 06:08:27 -------- d-----w- C:\Program Files\Microsoft Mouse and Keyboard Center
2012-10-26 06:07:46 9728 ----a-w- C:\Windows\System32\Wdfres.dll
2012-10-26 06:07:46 785512 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys
2012-10-26 06:07:46 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys
2012-10-26 06:07:46 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
2012-10-23 22:47:35 -------- d-----w- C:\Users\Beansie\AppData\Local\{AFFF3A6B-105D-4106-9E8B-A09599CEAD2A}
2012-10-20 22:50:01 -------- d-----w- C:\Users\Beansie\AppData\Local\MediaMonkey
2012-10-20 22:49:55 -------- d-----w- C:\Users\Beansie\AppData\Roaming\MediaMonkey
2012-10-20 22:49:48 -------- d-----w- C:\ProgramData\MediaMonkey
2012-10-20 22:49:45 -------- d-----w- C:\Program Files (x86)\MediaMonkey
2012-10-20 18:23:51 972192 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{5C9C522C-196D-4B61-B335-508F9DF974D3}\gapaengine.dll
.
==================== Find3M ====================
.
2012-11-15 23:36:08 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-11-15 23:36:08 697272 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-11-04 23:46:37 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-10-18 18:25:58 3149824 ----a-w- C:\Windows\System32\win32k.sys
2012-10-12 23:35:28 862664 ----a-w- C:\Windows\SysWow64\msvcr110.dll
2012-10-12 23:35:28 828872 ----a-w- C:\Windows\System32\msvcr110.dll
2012-10-12 23:35:28 661448 ----a-w- C:\Windows\System32\msvcp110.dll
2012-10-12 23:35:28 534480 ----a-w- C:\Windows\SysWow64\msvcp110.dll
2012-10-12 23:35:28 354264 ----a-w- C:\Windows\System32\vccorlib110.dll
2012-10-12 23:35:28 251864 ----a-w- C:\Windows\SysWow64\vccorlib110.dll
2012-10-12 23:35:26 50856 ----a-w- C:\Windows\System32\drivers\point64.sys
2012-10-10 03:31:14 75928 ----a-w- C:\Windows\System32\drivers\dc3d.sys
2012-10-10 03:31:14 1795952 ----a-w- C:\Windows\System32\WdfCoInstaller01011.dll
2012-10-09 18:17:13 55296 ----a-w- C:\Windows\System32\dhcpcsvc6.dll
2012-10-09 18:17:13 226816 ----a-w- C:\Windows\System32\dhcpcore6.dll
2012-10-09 17:40:31 44032 ----a-w- C:\Windows\SysWow64\dhcpcsvc6.dll
2012-10-09 17:40:31 193536 ----a-w- C:\Windows\SysWow64\dhcpcore6.dll
2012-10-08 11:31:03 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-10-08 11:23:52 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-10-08 11:22:55 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-10-08 11:18:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-10-08 11:17:35 599040 ----a-w- C:\Windows\System32\vbscript.dll
2012-10-08 11:13:33 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-10-08 07:56:24 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-10-08 07:48:03 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-10-08 07:47:44 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-10-08 07:44:05 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-10-08 07:43:21 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2012-10-08 07:40:56 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-10-03 17:56:54 1914248 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-10-03 17:44:21 70656 ----a-w- C:\Windows\System32\nlaapi.dll
2012-10-03 17:44:21 303104 ----a-w- C:\Windows\System32\nlasvc.dll
2012-10-03 17:44:17 246272 ----a-w- C:\Windows\System32\netcorehc.dll
2012-10-03 17:44:17 18944 ----a-w- C:\Windows\System32\netevent.dll
2012-10-03 17:44:16 216576 ----a-w- C:\Windows\System32\ncsi.dll
2012-10-03 17:42:16 569344 ----a-w- C:\Windows\System32\iphlpsvc.dll
2012-10-03 16:42:24 18944 ----a-w- C:\Windows\SysWow64\netevent.dll
2012-10-03 16:42:24 175104 ----a-w- C:\Windows\SysWow64\netcorehc.dll
2012-10-03 16:42:23 156672 ----a-w- C:\Windows\SysWow64\ncsi.dll
2012-10-03 16:07:26 45568 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys
2012-09-29 05:32:08 2177688 ----a-w- C:\Windows\System32\coin92.dll
2012-09-28 23:37:02 221696 ----a-w- C:\Windows\System32\clinfo.exe
2012-09-28 23:36:44 75776 ----a-w- C:\Windows\System32\OpenVideo64.dll
2012-09-28 23:36:40 65536 ----a-w- C:\Windows\SysWow64\OpenVideo.dll
2012-09-28 23:36:36 63488 ----a-w- C:\Windows\System32\OVDecode64.dll
2012-09-28 23:36:34 56320 ----a-w- C:\Windows\SysWow64\OVDecode.dll
2012-09-28 23:36:24 32635904 ----a-w- C:\Windows\System32\amdocl64.dll
2012-09-28 23:32:16 27341824 ----a-w- C:\Windows\SysWow64\amdocl.dll
2012-09-28 23:28:46 54784 ----a-w- C:\Windows\System32\OpenCL.dll
2012-09-28 23:28:42 50176 ----a-w- C:\Windows\SysWow64\OpenCL.dll
2012-09-28 02:23:00 5557928 ----a-w- C:\Windows\SysWow64\atiumdag.dll
2012-09-28 02:21:20 10697216 ----a-w- C:\Windows\System32\drivers\atikmdag.sys
2012-09-28 02:05:38 70144 ----a-w- C:\Windows\System32\coinst_9.002.dll
2012-09-28 02:03:52 163840 ----a-w- C:\Windows\System32\atiapfxx.exe
2012-09-28 02:02:30 51200 ----a-w- C:\Windows\System32\aticalrt64.dll
2012-09-28 02:02:28 46080 ----a-w- C:\Windows\SysWow64\aticalrt.dll
2012-09-28 02:02:22 44544 ----a-w- C:\Windows\System32\aticalcl64.dll
2012-09-28 02:02:20 44032 ----a-w- C:\Windows\SysWow64\aticalcl.dll
2012-09-28 02:02:08 16082432 ----a-w- C:\Windows\System32\aticaldd64.dll
2012-09-28 01:59:56 23825920 ----a-w- C:\Windows\System32\atio6axx.dll
2012-09-28 01:57:20 13703168 ----a-w- C:\Windows\SysWow64\aticaldd.dll
2012-09-28 01:43:28 935424 ----a-w- C:\Windows\SysWow64\aticfx32.dll
2012-09-28 01:41:40 1120768 ----a-w- C:\Windows\System32\aticfx64.dll
2012-09-28 01:41:14 19624960 ----a-w- C:\Windows\SysWow64\atioglxx.dll
2012-09-28 01:39:36 6536192 ----a-w- C:\Windows\SysWow64\atidxx32.dll
2012-09-28 01:39:14 442368 ----a-w- C:\Windows\System32\atidemgy.dll
2012-09-28 01:39:08 538112 ----a-w- C:\Windows\System32\atieclxx.exe
2012-09-28 01:38:16 239616 ----a-w- C:\Windows\System32\atiesrxx.exe
2012-09-28 01:36:50 120320 ----a-w- C:\Windows\System32\atitmm64.dll
2012-09-28 01:36:36 21504 ----a-w- C:\Windows\System32\atimuixx.dll
2012-09-28 01:36:30 59392 ----a-w- C:\Windows\System32\atiedu64.dll
2012-09-28 01:36:26 43520 ----a-w- C:\Windows\SysWow64\ati2edxx.dll
2012-09-28 01:31:26 3127296 ----a-w- C:\Windows\System32\atiumd6a.dll
2012-09-28 01:25:24 6704640 ----a-w- C:\Windows\System32\atiumd64.dll
2012-09-28 01:22:42 7167488 ----a-w- C:\Windows\System32\atidxx64.dll
2012-09-28 01:22:30 2691584 ----a-w- C:\Windows\SysWow64\atiumdva.dll
2012-09-28 01:13:40 595456 ----a-w- C:\Windows\System32\atiadlxx.dll
2012-09-28 01:13:30 405504 ----a-w- C:\Windows\SysWow64\atiadlxy.dll
2012-09-28 01:13:16 17920 ----a-w- C:\Windows\System32\atig6pxx.dll
2012-09-28 01:13:12 14848 ----a-w- C:\Windows\SysWow64\atiglpxx.dll
2012-09-28 01:13:12 14848 ----a-w- C:\Windows\System32\atiglpxx.dll
2012-09-28 01:13:08 41984 ----a-w- C:\Windows\System32\atig6txx.dll
2012-09-28 01:13:00 33280 ----a-w- C:\Windows\SysWow64\atigktxx.dll
2012-09-28 01:12:58 56320 ----a-w- C:\Windows\System32\atimpc64.dll
2012-09-28 01:12:58 56320 ----a-w- C:\Windows\System32\amdpcom64.dll
2012-09-28 01:12:52 460288 ----a-w- C:\Windows\System32\drivers\atikmpag.sys
2012-09-28 01:12:48 56832 ----a-w- C:\Windows\SysWow64\atimpc32.dll
2012-09-28 01:12:48 56832 ----a-w- C:\Windows\SysWow64\amdpcom32.dll
2012-09-28 01:11:22 129536 ----a-w- C:\Windows\System32\atiuxp64.dll
2012-09-28 01:11:16 109568 ----a-w- C:\Windows\SysWow64\atiuxpag.dll
2012-09-28 01:11:08 103424 ----a-w- C:\Windows\System32\atiu9p64.dll
2012-09-28 01:10:58 82944 ----a-w- C:\Windows\SysWow64\atiu9pag.dll
2012-09-28 01:09:48 53248 ----a-w- C:\Windows\System32\drivers\ati2erec.dll
2012-09-25 22:47:43 78336 ----a-w- C:\Windows\SysWow64\synceng.dll
2012-09-25 22:46:17 95744 ----a-w- C:\Windows\System32\synceng.dll
2012-09-20 23:02:06 1832760 ----a-w- C:\Windows\System32\LogiLDA.DLL
2012-09-14 19:19:29 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-09-14 18:28:53 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-09-03 23:24:38 1496576 ---h--w- C:\Windows\SysWow64\wodfamop.dll
2012-08-31 18:19:35 1659760 ----a-w- C:\Windows\System32\drivers\ntfs.sys
.
============= FINISH: 18:22:47.41 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,696 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:12:36 PM

Posted 20 November 2012 - 02:53 PM

Hello edam72,

Welcome to the forum and apologies for the delay.

Please tell me if you have still the issue. In case you have still the issue please update me if you have done more things.

#3 edam72

edam72
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:05:36 AM

Posted 20 November 2012 - 02:59 PM

Yes, I am still having the issue, I have not tried anything new, thought I should wait till someone looked at the logs, thanks!

#4 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,696 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:12:36 PM

Posted 20 November 2012 - 03:02 PM

Thanks for the feedback.

We will check for possible infection.

Please download Farbar Recovery Scan Tool and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.
To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.
On the System Recovery Options menu you will get the following options:
Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt
[*]Select Command Prompt
[*]In the command window type in notepad and press Enter.
[*]The notepad opens. Under File menu select Open.
[*]Select "Computer" and find your flash drive letter and close the notepad.
[*]In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
Note: Replace letter e with the drive letter of your flash drive.
[*]The tool will start to run.
[*]When the tool opens click Yes to disclaimer.
[*]Press Scan button.
[*]It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.[/list]

#5 edam72

edam72
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:05:36 AM

Posted 20 November 2012 - 07:06 PM

Thank you for those instructions, below is the .txt file that was created:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-11-2012
Ran by SYSTEM at 20-11-2012 15:55:15
Running from F:\
Windows 7 Ultimate (X64) OS Language: English(US)
The current controlset is ControlSet001

==================== Registry (Whitelisted) ===================

HKLM\...\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [10038304 2010-01-28] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [1832760 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [WrtMon.exe] C:\Windows\system32\spool\drivers\x64\3\WrtMon.exe [20480 2006-09-20] ()
HKLM\...\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [1289704 2012-09-12] (Microsoft Corporation)
HKLM\...\Run: [IntelliType Pro] "C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe" [1464984 2012-10-12] (Microsoft Corporation)
HKLM\...\Run: [IntelliPoint] "C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe" [2075288 2012-10-12] (Microsoft Corporation)
HKLM-x32\...\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe [36864 2007-03-19] ()
HKLM-x32\...\Run: [TurboV EVO] "C:\Program Files (x86)\ASUS\TurboV EVO\TurboV_EVO.exe" -b [9921664 2010-05-06] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [Cpu Level Up] "C:\Program Files (x86)\ASUS\AI Suite\CPU Level UPEx\CpuLevelUp.exe" -r [1177216 2009-12-28] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [QFan Help] "C:\Program Files (x86)\ASUS\AI Suite\QFan3\QFanHelp.exe" [611968 2010-01-13] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59240 2012-02-20] (Apple Inc.)
HKLM-x32\...\Run: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [106496 2010-01-22] (NEC Electronics Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [642728 2012-09-28] (Advanced Micro Devices, Inc.)
HKU\Beansie\...\Run: [SmileboxTray] "C:\Users\Beansie\AppData\Roaming\Smilebox\SmileboxTray.exe" [305000 2012-10-01] (Smilebox, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Startup: C:\Users\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\Beansie\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> (No File)
Startup: C:\Users\Beansie\Start Menu\Programs\Startup\Stardock ObjectDock.lnk
ShortcutTarget: Stardock ObjectDock.lnk -> C:\Program Files (x86)\Stardock\ObjectDockFree\ObjectDock.exe (Stardock)

==================== Services (Whitelisted) ===================

2 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269; C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe [457200 2009-06-02] ()
2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.03\AsSysCtrlService.exe [96896 2009-12-28] (ASUSTeK Computer Inc.)
2 BOT4Service; "C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe" [39408 2010-09-13] ()
2 JMRAIDManager; C:\Program Files (x86)\JMRAIDManager\XSrvSetup.exe [69632 2009-01-21] ()
2 MsMpSvc; "C:\Program Files\Microsoft Security Client\MsMpEng.exe" [22072 2012-09-12] (Microsoft Corporation)
3 NisSrv; "C:\Program Files\Microsoft Security Client\NisSrv.exe" [368896 2012-09-12] (Microsoft Corporation)
2 RichVideo64; "C:\Program Files\CyberLink\Shared files\RichVideo64.exe" [390672 2012-10-24] ()
3 RoxMediaDB13; "C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe" [1099248 2010-07-16] (Sonic Solutions)
4 TabletServiceWacom; C:\Windows\system32\Wacom_Tablet.exe [6245744 2010-03-08] (Wacom Technology, Corp.)

==================== Drivers (Whitelisted) =====================

1 AsIO; C:\Windows\SysWow64\Drivers\AsIO.sys [13440 2010-04-22] ()
1 AsUpIO; C:\Windows\SysWow64\Drivers\AsUpIO.sys [13368 2009-07-05] ()
3 ENTECH64; C:\Windows\System32\Drivers\ENTECH64.sys [12744 2008-04-22] (EnTech Taiwan)
3 LGDDCDevice; \??\C:\Program Files (x86)\LG Soft India\forteManager\bin\I2CDriver.sys [14336 2009-04-24] ()
3 LGII2CDevice; \??\C:\Program Files (x86)\LG Soft India\forteManager\bin\PII2CDriver.sys [18432 2009-04-24] ()
0 MpFilter; C:\Windows\System32\Drivers\MpFilter.sys [228768 2012-08-30] (Microsoft Corporation)
3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-15] ()
2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [128456 2012-08-30] (Microsoft Corporation)
0 rr232x; C:\Windows\System32\Drivers\rr232x.sys [152096 2011-03-26] (HighPoint Technologies, Inc.)
3 Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [x]
3 tsusbhub; C:\Windows\System32\drivers\tsusbhub.sys [x]
3 VGPU; C:\Windows\System32\drivers\rdvgkmd.sys [x]

==================== NetSvcs (Whitelisted) ====================


==================== One Month Created Files and Folders ========

2012-11-17 18:22 - 2012-11-17 18:22 - 00031611 ____A C:\Users\Beansie\Desktop\dds.txt
2012-11-17 18:22 - 2012-11-17 18:22 - 00018736 ____A C:\Users\Beansie\Desktop\attach.txt
2012-11-17 18:19 - 2012-11-17 18:19 - 00688901 ____R (Swearware) C:\Users\Beansie\Desktop\dds.com
2012-11-17 12:11 - 2012-11-17 12:13 - 00001908 ____A C:\Windows\diagwrn.xml
2012-11-17 12:11 - 2012-11-17 12:13 - 00001908 ____A C:\Windows\diagerr.xml
2012-11-16 09:32 - 2012-11-16 09:32 - 00000000 ____D C:\Program Files (x86)\Geeks3D
2012-11-16 09:31 - 2012-11-16 09:31 - 04870407 ____A (Geeks3D.com ) C:\Users\Beansie\Documents\FurMark_1.10.3_Setup.exe
2012-11-15 21:21 - 2012-11-15 21:21 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2012-11-15 21:21 - 2012-11-15 21:21 - 00000000 ____D C:\Program Files (x86)\AMD AVT
2012-11-15 21:21 - 2012-11-15 21:21 - 00000000 ____D C:\Program Files (x86)\AMD APP
2012-11-15 21:20 - 2012-11-15 21:21 - 00000000 ____D C:\Program Files\ATI Technologies
2012-11-15 21:20 - 2012-11-15 21:20 - 00000000 ____D C:\Program Files\ATI
2012-11-15 21:20 - 2012-11-15 21:20 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2012-11-15 21:09 - 2012-11-15 21:15 - 00000000 ____D C:\MATS
2012-11-15 20:46 - 2012-11-15 20:46 - 00000000 ____D C:\AMD
2012-11-15 20:43 - 2012-11-20 15:31 - 00002647 ____A C:\Windows\setupact.log
2012-11-15 20:43 - 2012-11-17 12:11 - 00000000 ____A C:\Windows\setuperr.log
2012-11-15 15:51 - 2012-11-15 15:51 - 00001109 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2012-11-15 15:51 - 2012-11-15 15:51 - 00000000 ____D C:\Users\Beansie\AppData\Roaming\Malwarebytes
2012-11-15 15:51 - 2012-11-15 15:51 - 00000000 ____D C:\Users\All Users\Malwarebytes
2012-11-15 15:51 - 2012-11-15 15:51 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-11-15 15:51 - 2012-09-29 19:54 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2012-11-15 15:50 - 2012-11-15 15:50 - 00299468 ____A C:\Users\Beansie\Documents\cc_20121115_155025.reg
2012-11-15 15:48 - 2012-11-15 15:48 - 00000822 ____A C:\Users\Public\Desktop\CCleaner.lnk
2012-11-15 15:48 - 2012-11-15 15:48 - 00000000 ____D C:\Program Files\CCleaner
2012-11-15 15:44 - 2012-11-15 15:44 - 00001264 ____A C:\Users\Beansie\Desktop\Revo Uninstaller.lnk
2012-11-15 15:40 - 2012-11-15 15:40 - 02617648 ____A (VS Revo Group Ltd.) C:\Users\Beansie\Downloads\revosetup.exe
2012-11-15 15:30 - 2012-11-15 15:44 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2012-11-15 14:57 - 2012-10-08 04:19 - 17811968 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-11-15 14:57 - 2012-10-08 03:42 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-11-15 14:57 - 2012-10-08 03:31 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-11-15 14:57 - 2012-10-08 03:24 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-11-15 14:57 - 2012-10-08 03:23 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-11-15 14:57 - 2012-10-08 03:22 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-11-15 14:57 - 2012-10-08 03:22 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-11-15 14:57 - 2012-10-08 03:20 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-11-15 14:57 - 2012-10-08 03:18 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-11-15 14:57 - 2012-10-08 03:17 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-11-15 14:57 - 2012-10-08 03:17 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2012-11-15 14:57 - 2012-10-08 03:15 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-11-15 14:57 - 2012-10-08 03:15 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2012-11-15 14:57 - 2012-10-08 03:13 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-11-15 14:57 - 2012-10-08 03:13 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-11-15 14:57 - 2012-10-08 03:09 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-11-15 14:57 - 2012-10-08 00:28 - 12320768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-11-15 14:57 - 2012-10-08 00:02 - 09738240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-11-15 14:57 - 2012-10-07 23:56 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-11-15 14:57 - 2012-10-07 23:48 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-11-15 14:57 - 2012-10-07 23:48 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-11-15 14:57 - 2012-10-07 23:47 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-11-15 14:57 - 2012-10-07 23:46 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-11-15 14:57 - 2012-10-07 23:45 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-11-15 14:57 - 2012-10-07 23:44 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-11-15 14:57 - 2012-10-07 23:43 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-11-15 14:57 - 2012-10-07 23:43 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2012-11-15 14:57 - 2012-10-07 23:42 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2012-11-15 14:57 - 2012-10-07 23:41 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-11-15 14:57 - 2012-10-07 23:41 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-11-15 14:57 - 2012-10-07 23:40 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-11-15 14:57 - 2012-10-07 23:37 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-11-15 14:55 - 2012-10-18 10:25 - 03149824 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-11-15 14:55 - 2012-10-09 10:17 - 00226816 ____A (Microsoft Corporation) C:\Windows\System32\dhcpcore6.dll
2012-11-15 14:55 - 2012-10-09 10:17 - 00055296 ____A (Microsoft Corporation) C:\Windows\System32\dhcpcsvc6.dll
2012-11-15 14:55 - 2012-10-09 09:40 - 00193536 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2012-11-15 14:55 - 2012-10-09 09:40 - 00044032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2012-11-15 14:55 - 2012-10-03 09:56 - 01914248 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2012-11-15 14:55 - 2012-10-03 09:44 - 00303104 ____A (Microsoft Corporation) C:\Windows\System32\nlasvc.dll
2012-11-15 14:55 - 2012-10-03 09:44 - 00246272 ____A (Microsoft Corporation) C:\Windows\System32\netcorehc.dll
2012-11-15 14:55 - 2012-10-03 09:44 - 00216576 ____A (Microsoft Corporation) C:\Windows\System32\ncsi.dll
2012-11-15 14:55 - 2012-10-03 09:44 - 00070656 ____A (Microsoft Corporation) C:\Windows\System32\nlaapi.dll
2012-11-15 14:55 - 2012-10-03 09:44 - 00018944 ____A (Microsoft Corporation) C:\Windows\System32\netevent.dll
2012-11-15 14:55 - 2012-10-03 09:42 - 00569344 ____A (Microsoft Corporation) C:\Windows\System32\iphlpsvc.dll
2012-11-15 14:55 - 2012-10-03 08:42 - 00175104 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll
2012-11-15 14:55 - 2012-10-03 08:42 - 00156672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2012-11-15 14:55 - 2012-10-03 08:42 - 00018944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2012-11-15 14:55 - 2012-10-03 08:07 - 00045568 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpipreg.sys
2012-11-15 14:55 - 2012-09-25 14:47 - 00078336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2012-11-15 14:55 - 2012-09-25 14:46 - 00095744 ____A (Microsoft Corporation) C:\Windows\System32\synceng.dll
2012-11-15 14:55 - 2012-07-25 19:08 - 00744448 ____A (Microsoft Corporation) C:\Windows\System32\WUDFx.dll
2012-11-15 14:55 - 2012-07-25 19:08 - 00229888 ____A (Microsoft Corporation) C:\Windows\System32\WUDFHost.exe
2012-11-15 14:55 - 2012-07-25 19:08 - 00194048 ____A (Microsoft Corporation) C:\Windows\System32\WUDFPlatform.dll
2012-11-15 14:55 - 2012-07-25 19:08 - 00084992 ____A (Microsoft Corporation) C:\Windows\System32\WUDFSvc.dll
2012-11-15 14:55 - 2012-07-25 19:08 - 00045056 ____A (Microsoft Corporation) C:\Windows\System32\WUDFCoinstaller.dll
2012-11-15 14:55 - 2012-07-25 18:26 - 00198656 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\WUDFRd.sys
2012-11-15 14:55 - 2012-07-25 18:26 - 00087040 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\WUDFPf.sys
2012-11-15 14:55 - 2012-06-02 06:57 - 00000003 ____A C:\Windows\System32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2012-11-15 14:55 - 2012-01-12 23:12 - 00052224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2012-11-15 14:50 - 2012-11-15 14:50 - 00000178 ____A C:\Windows\qawin32.INI
2012-11-15 14:10 - 2012-11-15 14:10 - 00000000 ____D C:\Users\All Users\Geek Squad
2012-11-11 14:41 - 2012-11-11 14:41 - 00233719 ____A C:\Users\Beansie\Downloads\ocrana.wal
2012-11-11 14:39 - 2012-11-11 14:39 - 00753449 ____A C:\Users\Beansie\Downloads\Pimeer_Modern_v2.wal
2012-11-11 14:37 - 2012-11-11 14:37 - 00867310 ____A C:\Users\Beansie\Downloads\Cyclop_VX1.wal
2012-11-11 14:26 - 2012-11-11 14:31 - 00000000 ____D C:\Users\Beansie\Desktop\Photoshop Brushes
2012-11-09 11:43 - 2012-11-09 11:43 - 00000000 ____D C:\Users\Beansie\AppData\Local\{5B764E1B-D743-4353-978E-043CC4850FA6}
2012-11-08 11:39 - 2012-11-08 11:39 - 00000000 ____D C:\Users\Beansie\AppData\Local\{DF4DAF60-2EB0-437B-B1E1-5E892EDF03A1}
2012-11-07 23:38 - 2012-11-07 23:39 - 00000000 ____D C:\Users\Beansie\AppData\Local\{E737A5DA-61F9-4C7E-AD31-2EEF6DF05822}
2012-11-07 21:45 - 2012-11-07 21:45 - 00000105 ____A C:\Users\All Users\Microsoft.SqlServer.Compact.400.32.bc
2012-11-07 21:45 - 2012-11-07 21:45 - 00000000 ____D C:\Users\Beansie\AppData\Roaming\Photobucket
2012-11-07 21:44 - 2012-11-07 21:44 - 05824512 ____A C:\Users\Beansie\Downloads\Photobucket.x86.msi
2012-11-07 21:19 - 2012-11-07 21:19 - 00895464 ____A (Oracle Corporation) C:\Users\Beansie\Downloads\chromeinstall-7u9 (1).exe
2012-11-07 17:50 - 2012-08-23 06:13 - 00243200 ____A (Microsoft Corporation) C:\Windows\System32\rdpudd.dll
2012-11-07 17:50 - 2012-08-23 06:10 - 00019456 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpvideominiport.sys
2012-11-07 17:50 - 2012-08-23 06:07 - 00057856 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\TsUsbFlt.sys
2012-11-07 17:50 - 2012-08-23 05:47 - 00046592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2012-11-07 17:50 - 2012-08-23 05:46 - 00016896 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2012-11-07 17:50 - 2012-08-23 05:41 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe
2012-11-07 17:50 - 2012-08-23 05:40 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll
2012-11-07 17:50 - 2012-08-23 05:24 - 00015360 ____A (Microsoft Corporation) C:\Windows\System32\RdpGroupPolicyExtension.dll
2012-11-07 17:50 - 2012-08-23 05:20 - 00054272 ____A (Microsoft Corporation) C:\Windows\System32\MsRdpWebAccess.dll
2012-11-07 17:50 - 2012-08-23 05:18 - 00037376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2012-11-07 17:50 - 2012-08-23 05:17 - 00018432 ____A (Microsoft Corporation) C:\Windows\System32\wksprtPS.dll
2012-11-07 17:50 - 2012-08-23 05:06 - 00043520 ____A (Microsoft Corporation) C:\Windows\System32\TsUsbGDCoInstaller.dll
2012-11-07 17:50 - 2012-08-23 04:52 - 00044032 ____A (Microsoft Corporation) C:\Windows\System32\tsgqec.dll
2012-11-07 17:50 - 2012-08-23 03:20 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\TSWbPrxy.exe
2012-11-07 17:50 - 2012-08-23 03:15 - 00269312 ____A (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2012-11-07 17:50 - 2012-08-23 03:14 - 00384000 ____A (Microsoft Corporation) C:\Windows\System32\wksprt.exe
2012-11-07 17:50 - 2012-08-23 03:12 - 00192000 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2012-11-07 17:50 - 2012-08-23 02:54 - 00322560 ____A (Microsoft Corporation) C:\Windows\System32\aaclient.dll
2012-11-07 17:50 - 2012-08-23 02:51 - 00228864 ____A (Microsoft Corporation) C:\Windows\System32\rdpendp_winip.dll
2012-11-07 17:50 - 2012-08-23 02:39 - 01048064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2012-11-07 17:50 - 2012-08-23 02:22 - 01123840 ____A (Microsoft Corporation) C:\Windows\System32\mstsc.exe
2012-11-07 17:50 - 2012-08-23 01:51 - 03174912 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorets.dll
2012-11-07 17:50 - 2012-08-23 00:19 - 04916224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2012-11-07 17:50 - 2012-08-23 00:13 - 05773824 ____A (Microsoft Corporation) C:\Windows\System32\mstscax.dll
2012-11-07 17:49 - 2012-08-24 10:13 - 00154480 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2012-11-07 17:49 - 2012-08-24 10:09 - 00458712 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
2012-11-07 17:49 - 2012-08-24 10:05 - 00340992 ____A (Microsoft Corporation) C:\Windows\System32\schannel.dll
2012-11-07 17:49 - 2012-08-24 10:04 - 00307200 ____A (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
2012-11-07 17:49 - 2012-08-24 10:03 - 01448448 ____A (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2012-11-07 17:49 - 2012-08-24 08:57 - 00247808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2012-11-07 17:49 - 2012-08-24 08:57 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2012-11-07 17:49 - 2012-08-24 08:57 - 00022016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2012-11-07 17:49 - 2012-08-24 08:53 - 00096768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2012-11-07 16:41 - 2012-11-07 16:41 - 04978744 ____A C:\Users\Beansie\Downloads\DVD Menue 1068.dzm
2012-11-07 16:40 - 2012-11-07 16:40 - 01927309 ____A C:\Users\Beansie\Downloads\countdown.4756.dzp
2012-11-07 16:38 - 2012-11-07 16:38 - 02006442 ____A C:\Users\Beansie\Downloads\led.4880.dzp
2012-11-07 16:27 - 2012-11-07 16:28 - 33795714 ____A C:\Users\Beansie\Downloads\Album .dzs
2012-11-06 19:53 - 2012-11-06 19:53 - 00082163 ____A C:\Users\Beansie\Downloads\Mustang.jpg.html
2012-11-06 19:51 - 2012-11-06 19:52 - 00000000 ____D C:\Program Files\CyberLink
2012-11-06 19:21 - 2012-11-06 19:23 - 00000000 ____D C:\Users\Beansie\Downloads\Cyberlink
2012-11-06 19:21 - 2012-11-06 19:21 - 00967184 ____A (CyberLink) C:\Users\Beansie\Downloads\CyberLink_PowerDirector_Downloader.exe
2012-11-05 23:26 - 2012-11-05 23:26 - 00000000 ____D C:\Users\All Users\ATI
2012-11-05 22:03 - 2012-11-05 22:04 - 01624301 ____A C:\Users\Beansie\Desktop\cottagecrazies.mov
2012-11-05 21:07 - 2012-11-15 21:21 - 00000000 ____D C:\Users\All Users\AMD
2012-11-05 21:04 - 2012-11-05 21:05 - 193293840 ____A (Advanced Micro Devices, Inc.) C:\Users\Beansie\Downloads\12-10_vista_win7_win8_64_dd_ccc_whql_net4.exe
2012-11-05 20:40 - 2012-11-05 20:40 - 51514344 ____A ( ) C:\Users\Beansie\Downloads\Power2Go_incentive_setup.exe
2012-11-05 18:15 - 2012-11-05 18:15 - 00000000 ____D C:\Users\Beansie\AppData\Local\{58FFC09E-8F69-4EC1-8446-6EA3E1D0B647}
2012-11-04 19:02 - 2012-11-04 19:02 - 00000000 ____D C:\Users\Beansie\Desktop\Photodex Proshow Producer 5.0.3206 Portable [ChingLiu]
2012-11-04 15:46 - 2012-11-04 15:46 - 00821736 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2012-11-04 15:46 - 2012-11-04 15:46 - 00095208 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2012-11-04 15:46 - 2012-11-04 15:46 - 00000000 ____D C:\Users\All Users\McAfee
2012-11-04 15:45 - 2012-11-04 15:46 - 00895464 ____A (Oracle Corporation) C:\Users\Beansie\Downloads\chromeinstall-7u9.exe
2012-11-03 14:31 - 2012-11-03 14:31 - 00000000 ____D C:\Users\All Users\Sony
2012-11-03 14:30 - 2012-11-03 14:30 - 00000000 ____D C:\Program Files (x86)\Sony
2012-11-03 14:16 - 2012-11-04 12:04 - 00000000 ____D C:\Users\Beansie\Documents\Vegas Movie Studio HD Platinum 10.0 Projects
2012-11-03 14:16 - 2012-11-03 14:20 - 00000000 ____D C:\Users\Beansie\AppData\Local\Sony
2012-11-03 14:12 - 2012-11-03 14:30 - 00000000 ____D C:\Users\Beansie\AppData\Roaming\Sony
2012-11-03 13:14 - 2012-11-03 13:14 - 29464728 ____A C:\Users\Beansie\Desktop\pdmaker.exe
2012-11-03 13:13 - 2012-11-03 13:13 - 00000000 ____D C:\Users\All Users\Anvsoft
2012-11-03 12:56 - 2012-11-03 12:56 - 00000032 ____A C:\Users\All Users\Temp.log
2012-10-30 15:38 - 2012-10-30 15:38 - 00000000 ____D C:\Users\Beansie\AppData\Local\Toon Boom Animation
2012-10-30 15:24 - 2012-10-30 15:24 - 00000000 ____D C:\Program Files (x86)\Toon Boom Animation
2012-10-30 15:14 - 2012-10-30 15:14 - 00000000 ____D C:\Users\Default\AppData\LocalGoogle
2012-10-30 15:14 - 2012-10-30 15:14 - 00000000 ____D C:\Users\Default\AppData\Local\Google
2012-10-30 15:14 - 2012-10-30 15:14 - 00000000 ____D C:\Users\Default User\AppData\LocalGoogle
2012-10-30 15:14 - 2012-10-30 15:14 - 00000000 ____D C:\Users\Default User\AppData\Local\Google
2012-10-29 17:24 - 2012-11-20 15:24 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2012-10-28 15:58 - 2012-10-28 15:59 - 00000000 ____D C:\Users\Beansie\AppData\Local\{AA9427BD-2BE6-4544-BF09-4701A832A980}
2012-10-28 14:20 - 2012-10-28 14:20 - 00000000 ____D C:\Users\Beansie\Documents\Aurora3D
2012-10-28 12:06 - 2012-10-28 12:06 - 00000000 ____D C:\Users\Beansie\AppData\Roaming\Thinstall
2012-10-28 12:06 - 2012-10-28 12:06 - 00000000 ____D C:\Users\Beansie\AppData\Local\Thinstall
2012-10-27 14:19 - 2012-10-27 14:19 - 00000000 ____D C:\Users\Beansie\Documents\Stardock
2012-10-27 14:19 - 2012-10-27 14:19 - 00000000 ____D C:\Users\Beansie\AppData\Roaming\Stardock
2012-10-27 14:19 - 2012-10-27 14:19 - 00000000 ____D C:\Users\Beansie\AppData\Local\Stardock
2012-10-27 14:19 - 2012-10-27 14:19 - 00000000 ____D C:\Users\Beansie\AppData\Local\ODUI
2012-10-27 14:19 - 2012-10-27 14:19 - 00000000 ____D C:\Program Files (x86)\Stardock
2012-10-27 14:12 - 2012-11-20 15:14 - 00000328 ____A C:\Windows\Tasks\GlaryInitialize.job
2012-10-27 14:12 - 2012-10-27 14:28 - 00000000 ____D C:\Users\Beansie\AppData\Roaming\GlarySoft
2012-10-27 14:12 - 2012-10-27 14:12 - 00000000 ____D C:\Program Files (x86)\Glary Utilities
2012-10-27 14:10 - 2012-10-27 14:10 - 08994112 ____A (Glarysoft Ltd ) C:\Users\Beansie\Downloads\gusetup.exe
2012-10-25 22:08 - 2012-10-25 22:08 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_point64_01011.Wdf
2012-10-25 22:08 - 2012-10-25 22:08 - 00000000 ____D C:\Program Files\Microsoft Mouse and Keyboard Center
2012-10-25 22:07 - 2012-10-25 22:07 - 00000000 ___AH C:\Windows\System32\Drivers\MsftWdf_Kernel_01011_Coinstaller_Critical.Wdf
2012-10-25 22:07 - 2012-10-25 22:07 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_dc3d_01011.Wdf
2012-10-25 22:07 - 2012-07-25 20:55 - 00785512 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Wdf01000.sys
2012-10-25 22:07 - 2012-07-25 20:55 - 00054376 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\WdfLdr.sys
2012-10-25 22:07 - 2012-07-25 18:36 - 00009728 ____A (Microsoft Corporation) C:\Windows\System32\Wdfres.dll
2012-10-25 22:07 - 2012-06-02 06:35 - 00000003 ____A C:\Windows\System32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2012-10-23 14:47 - 2012-10-23 14:47 - 00000000 ____D C:\Users\Beansie\AppData\Local\{AFFF3A6B-105D-4106-9E8B-A09599CEAD2A}


==================== One Month Modified Files and Folders =======

2012-11-20 15:55 - 2012-11-20 15:55 - 00000000 ____D C:\FRST
2012-11-20 15:39 - 2011-03-26 18:10 - 01455058 ____A C:\Windows\WindowsUpdate.log
2012-11-20 15:34 - 2009-07-13 21:13 - 00795874 ____A C:\Windows\System32\PerfStringBackup.INI
2012-11-20 15:32 - 2012-10-20 14:49 - 00000000 ____D C:\Users\Beansie\AppData\Roaming\MediaMonkey
2012-11-20 15:31 - 2012-11-15 20:43 - 00002647 ____A C:\Windows\setupact.log
2012-11-20 15:24 - 2012-10-29 17:24 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2012-11-20 15:22 - 2009-07-13 20:45 - 00015344 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-11-20 15:22 - 2009-07-13 20:45 - 00015344 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-11-20 15:17 - 2011-06-25 18:12 - 00000916 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-171858685-2003380297-1658215361-1000UA.job
2012-11-20 15:15 - 2012-03-30 20:58 - 00000000 ___RD C:\Users\Beansie\Dropbox
2012-11-20 15:15 - 2012-03-30 20:55 - 00000000 ____D C:\Users\Beansie\AppData\Roaming\Dropbox
2012-11-20 15:14 - 2012-10-27 14:12 - 00000328 ____A C:\Windows\Tasks\GlaryInitialize.job
2012-11-20 15:14 - 2011-06-26 15:39 - 00000896 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2012-11-20 15:14 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-11-17 20:13 - 2011-06-26 15:39 - 00000900 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2012-11-17 18:22 - 2012-11-17 18:22 - 00031611 ____A C:\Users\Beansie\Desktop\dds.txt
2012-11-17 18:22 - 2012-11-17 18:22 - 00018736 ____A C:\Users\Beansie\Desktop\attach.txt
2012-11-17 18:19 - 2012-11-17 18:19 - 00688901 ____R (Swearware) C:\Users\Beansie\Desktop\dds.com
2012-11-17 12:13 - 2012-11-17 12:11 - 00001908 ____A C:\Windows\diagwrn.xml
2012-11-17 12:13 - 2012-11-17 12:11 - 00001908 ____A C:\Windows\diagerr.xml
2012-11-17 12:11 - 2012-11-15 20:43 - 00000000 ____A C:\Windows\setuperr.log
2012-11-17 11:26 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\Registration
2012-11-16 16:17 - 2011-06-25 18:12 - 00000864 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-171858685-2003380297-1658215361-1000Core.job
2012-11-16 14:01 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache
2012-11-16 09:32 - 2012-11-16 09:32 - 00000000 ____D C:\Program Files (x86)\Geeks3D
2012-11-16 09:31 - 2012-11-16 09:31 - 04870407 ____A (Geeks3D.com ) C:\Users\Beansie\Documents\FurMark_1.10.3_Setup.exe
2012-11-15 21:21 - 2012-11-15 21:21 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2012-11-15 21:21 - 2012-11-15 21:21 - 00000000 ____D C:\Program Files (x86)\AMD AVT
2012-11-15 21:21 - 2012-11-15 21:21 - 00000000 ____D C:\Program Files (x86)\AMD APP
2012-11-15 21:21 - 2012-11-15 21:20 - 00000000 ____D C:\Program Files\ATI Technologies
2012-11-15 21:21 - 2012-11-05 21:07 - 00000000 ____D C:\Users\All Users\AMD
2012-11-15 21:20 - 2012-11-15 21:20 - 00000000 ____D C:\Program Files\ATI
2012-11-15 21:20 - 2012-11-15 21:20 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2012-11-15 21:15 - 2012-11-15 21:09 - 00000000 ____D C:\MATS
2012-11-15 20:46 - 2012-11-15 20:46 - 00000000 ____D C:\AMD
2012-11-15 20:12 - 2012-10-03 20:08 - 00000000 ____D C:\Users\Beansie\AppData\Roaming\Smilebox
2012-11-15 15:51 - 2012-11-15 15:51 - 00001109 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2012-11-15 15:51 - 2012-11-15 15:51 - 00000000 ____D C:\Users\Beansie\AppData\Roaming\Malwarebytes
2012-11-15 15:51 - 2012-11-15 15:51 - 00000000 ____D C:\Users\All Users\Malwarebytes
2012-11-15 15:51 - 2012-11-15 15:51 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-11-15 15:50 - 2012-11-15 15:50 - 00299468 ____A C:\Users\Beansie\Documents\cc_20121115_155025.reg
2012-11-15 15:49 - 2011-06-18 17:26 - 00000000 ____D C:\Users\Beansie\AppData\Roaming\Winamp
2012-11-15 15:49 - 2011-03-26 19:04 - 00000000 ____D C:\Windows\Panther
2012-11-15 15:48 - 2012-11-15 15:48 - 00000822 ____A C:\Users\Public\Desktop\CCleaner.lnk
2012-11-15 15:48 - 2012-11-15 15:48 - 00000000 ____D C:\Program Files\CCleaner
2012-11-15 15:44 - 2012-11-15 15:44 - 00001264 ____A C:\Users\Beansie\Desktop\Revo Uninstaller.lnk
2012-11-15 15:44 - 2012-11-15 15:30 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2012-11-15 15:40 - 2012-11-15 15:40 - 02617648 ____A (VS Revo Group Ltd.) C:\Users\Beansie\Downloads\revosetup.exe
2012-11-15 15:36 - 2012-04-27 12:31 - 00697272 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-11-15 15:36 - 2011-06-11 13:44 - 00073656 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2012-11-15 15:36 - 2011-03-27 23:19 - 00000000 ____D C:\Users\All Users\Adobe
2012-11-15 15:07 - 2011-03-26 18:17 - 00199720 ____A C:\Users\Beansie\AppData\Local\GDIPFONTCACHEV1.DAT
2012-11-15 15:06 - 2009-07-13 20:45 - 05186424 ____A C:\Windows\System32\FNTCACHE.DAT
2012-11-15 15:04 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2012-11-15 15:01 - 2011-05-04 10:32 - 00000000 ____D C:\Users\All Users\Microsoft Help
2012-11-15 14:56 - 2011-03-26 19:37 - 66395536 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2012-11-15 14:55 - 2009-07-13 18:34 - 00000513 ____A C:\Windows\win.ini
2012-11-15 14:50 - 2012-11-15 14:50 - 00000178 ____A C:\Windows\qawin32.INI
2012-11-15 14:10 - 2012-11-15 14:10 - 00000000 ____D C:\Users\All Users\Geek Squad
2012-11-15 13:33 - 2011-06-16 21:51 - 05777920 __ASH C:\Users\Beansie\Desktop\Thumbs.db
2012-11-15 13:30 - 2011-10-08 23:00 - 00000000 ___HD C:\Users\Beansie\Desktop\.picasaoriginals
2012-11-12 17:21 - 2012-08-27 18:26 - 00000000 ____D C:\Users\Beansie\Desktop\unsorted pics
2012-11-12 16:21 - 2011-04-01 22:39 - 00000000 ____D C:\Users\All Users\CyberLink
2012-11-11 16:20 - 2012-07-07 19:23 - 00000000 ____D C:\Users\Beansie\Documents\Wallpaper
2012-11-11 16:05 - 2012-01-10 22:35 - 00000000 ____D C:\Users\Beansie\Desktop\New folder
2012-11-11 15:28 - 2011-03-28 00:11 - 00050176 ____A C:\Users\Beansie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-11-11 15:15 - 2012-07-12 23:12 - 00000000 ____D C:\Users\Beansie\Desktop\frame these
2012-11-11 14:41 - 2012-11-11 14:41 - 00233719 ____A C:\Users\Beansie\Downloads\ocrana.wal
2012-11-11 14:39 - 2012-11-11 14:39 - 00753449 ____A C:\Users\Beansie\Downloads\Pimeer_Modern_v2.wal
2012-11-11 14:37 - 2012-11-11 14:37 - 00867310 ____A C:\Users\Beansie\Downloads\Cyclop_VX1.wal
2012-11-11 14:31 - 2012-11-11 14:26 - 00000000 ____D C:\Users\Beansie\Desktop\Photoshop Brushes
2012-11-09 11:43 - 2012-11-09 11:43 - 00000000 ____D C:\Users\Beansie\AppData\Local\{5B764E1B-D743-4353-978E-043CC4850FA6}
2012-11-09 11:43 - 2012-03-10 22:11 - 00000000 ____D C:\Users\Beansie\AppData\Local\Windows Live
2012-11-08 17:51 - 2012-08-05 15:48 - 00000000 ____D C:\Users\Beansie\AppData\Roaming\Skype
2012-11-08 11:39 - 2012-11-08 11:39 - 00000000 ____D C:\Users\Beansie\AppData\Local\{DF4DAF60-2EB0-437B-B1E1-5E892EDF03A1}
2012-11-07 23:39 - 2012-11-07 23:38 - 00000000 ____D C:\Users\Beansie\AppData\Local\{E737A5DA-61F9-4C7E-AD31-2EEF6DF05822}
2012-11-07 21:45 - 2012-11-07 21:45 - 00000105 ____A C:\Users\All Users\Microsoft.SqlServer.Compact.400.32.bc
2012-11-07 21:45 - 2012-11-07 21:45 - 00000000 ____D C:\Users\Beansie\AppData\Roaming\Photobucket
2012-11-07 21:44 - 2012-11-07 21:44 - 05824512 ____A C:\Users\Beansie\Downloads\Photobucket.x86.msi
2012-11-07 21:19 - 2012-11-07 21:19 - 00895464 ____A (Oracle Corporation) C:\Users\Beansie\Downloads\chromeinstall-7u9 (1).exe
2012-11-07 21:16 - 2012-09-10 20:30 - 00000000 ____D C:\Program Files (x86)\Opera
2012-11-07 16:41 - 2012-11-07 16:41 - 04978744 ____A C:\Users\Beansie\Downloads\DVD Menue 1068.dzm
2012-11-07 16:41 - 2011-04-01 23:01 - 00000000 ____D C:\Users\Public\CyberLink
2012-11-07 16:40 - 2012-11-07 16:40 - 01927309 ____A C:\Users\Beansie\Downloads\countdown.4756.dzp
2012-11-07 16:38 - 2012-11-07 16:38 - 02006442 ____A C:\Users\Beansie\Downloads\led.4880.dzp
2012-11-07 16:28 - 2012-11-07 16:27 - 33795714 ____A C:\Users\Beansie\Downloads\Album .dzs
2012-11-06 19:53 - 2012-11-06 19:53 - 00082163 ____A C:\Users\Beansie\Downloads\Mustang.jpg.html
2012-11-06 19:52 - 2012-11-06 19:51 - 00000000 ____D C:\Program Files\CyberLink
2012-11-06 19:51 - 2012-06-25 15:37 - 00000000 ____D C:\Users\All Users\install_clap
2012-11-06 19:51 - 2011-03-26 18:21 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2012-11-06 19:23 - 2012-11-06 19:21 - 00000000 ____D C:\Users\Beansie\Downloads\Cyberlink
2012-11-06 19:21 - 2012-11-06 19:21 - 00967184 ____A (CyberLink) C:\Users\Beansie\Downloads\CyberLink_PowerDirector_Downloader.exe
2012-11-05 23:26 - 2012-11-05 23:26 - 00000000 ____D C:\Users\All Users\ATI
2012-11-05 22:04 - 2012-11-05 22:03 - 01624301 ____A C:\Users\Beansie\Desktop\cottagecrazies.mov
2012-11-05 21:05 - 2012-11-05 21:04 - 193293840 ____A (Advanced Micro Devices, Inc.) C:\Users\Beansie\Downloads\12-10_vista_win7_win8_64_dd_ccc_whql_net4.exe
2012-11-05 20:40 - 2012-11-05 20:40 - 51514344 ____A ( ) C:\Users\Beansie\Downloads\Power2Go_incentive_setup.exe
2012-11-05 18:20 - 2011-06-11 12:26 - 00000349 ____A C:\Users\Public\Documents\PCLECHAL.INI
2012-11-05 18:15 - 2012-11-05 18:15 - 00000000 ____D C:\Users\Beansie\AppData\Local\{58FFC09E-8F69-4EC1-8446-6EA3E1D0B647}
2012-11-04 19:02 - 2012-11-04 19:02 - 00000000 ____D C:\Users\Beansie\Desktop\Photodex Proshow Producer 5.0.3206 Portable [ChingLiu]
2012-11-04 15:46 - 2012-11-04 15:46 - 00821736 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2012-11-04 15:46 - 2012-11-04 15:46 - 00095208 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2012-11-04 15:46 - 2012-11-04 15:46 - 00000000 ____D C:\Users\All Users\McAfee
2012-11-04 15:46 - 2012-11-04 15:45 - 00895464 ____A (Oracle Corporation) C:\Users\Beansie\Downloads\chromeinstall-7u9.exe
2012-11-04 15:46 - 2011-07-24 20:28 - 00746984 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2012-11-04 15:46 - 2011-07-24 20:28 - 00246760 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2012-11-04 15:46 - 2011-07-24 20:28 - 00174056 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2012-11-04 15:46 - 2011-07-24 20:28 - 00174056 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2012-11-04 15:46 - 2011-03-27 18:24 - 00000000 ____D C:\Program Files (x86)\Java
2012-11-04 14:22 - 2011-03-27 20:04 - 00000000 ____D C:\Users\All Users\SmartSound Software Inc
2012-11-04 12:04 - 2012-11-03 14:16 - 00000000 ____D C:\Users\Beansie\Documents\Vegas Movie Studio HD Platinum 10.0 Projects
2012-11-04 10:27 - 2011-04-17 12:35 - 02341988 ____A C:\Users\Beansie\AppData\Local\rx_audio.Cache
2012-11-04 10:09 - 2011-04-17 12:34 - 29221968 ____A C:\Users\Beansie\AppData\Local\rx_image32.Cache
2012-11-03 14:38 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\NDF
2012-11-03 14:31 - 2012-11-03 14:31 - 00000000 ____D C:\Users\All Users\Sony
2012-11-03 14:30 - 2012-11-03 14:30 - 00000000 ____D C:\Program Files (x86)\Sony
2012-11-03 14:30 - 2012-11-03 14:12 - 00000000 ____D C:\Users\Beansie\AppData\Roaming\Sony
2012-11-03 14:20 - 2012-11-03 14:16 - 00000000 ____D C:\Users\Beansie\AppData\Local\Sony
2012-11-03 13:40 - 2012-09-06 17:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2012-11-03 13:30 - 2011-04-01 22:52 - 00000000 ____D C:\Program Files (x86)\CyberLink
2012-11-03 13:20 - 2011-04-01 22:53 - 00000000 ____D C:\Users\Beansie\AppData\Local\Cyberlink
2012-11-03 13:14 - 2012-11-03 13:14 - 29464728 ____A C:\Users\Beansie\Desktop\pdmaker.exe
2012-11-03 13:13 - 2012-11-03 13:13 - 00000000 ____D C:\Users\All Users\Anvsoft
2012-11-03 12:59 - 2012-07-10 21:39 - 00000000 ____D C:\Users\All Users\CLSK
2012-11-03 12:58 - 2011-04-01 23:32 - 00000000 ____D C:\Users\Beansie\Documents\CyberLink
2012-11-03 12:56 - 2012-11-03 12:56 - 00000032 ____A C:\Users\All Users\Temp.log
2012-11-03 12:54 - 2012-07-28 15:53 - 00000000 ____D C:\Users\Beansie\AppData\Local\Deployment
2012-11-02 22:59 - 2012-10-03 20:08 - 00000000 ____D C:\Users\Beansie\Documents\My Smilebox Creations
2012-11-02 11:56 - 2011-03-26 18:10 - 00000000 ____D C:\Users\Beansie\AppData\Local\VirtualStore
2012-11-02 10:32 - 2009-07-13 21:08 - 00032584 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2012-10-30 15:38 - 2012-10-30 15:38 - 00000000 ____D C:\Users\Beansie\AppData\Local\Toon Boom Animation
2012-10-30 15:26 - 2011-03-28 00:00 - 00000000 ____D C:\Users\All Users\FLEXnet
2012-10-30 15:24 - 2012-10-30 15:24 - 00000000 ____D C:\Program Files (x86)\Toon Boom Animation
2012-10-30 15:14 - 2012-10-30 15:14 - 00000000 ____D C:\Users\Default\AppData\LocalGoogle
2012-10-30 15:14 - 2012-10-30 15:14 - 00000000 ____D C:\Users\Default\AppData\Local\Google
2012-10-30 15:14 - 2012-10-30 15:14 - 00000000 ____D C:\Users\Default User\AppData\LocalGoogle
2012-10-30 15:14 - 2012-10-30 15:14 - 00000000 ____D C:\Users\Default User\AppData\Local\Google
2012-10-28 18:51 - 2011-06-26 12:57 - 00000000 ____D C:\Program Files (x86)\Google
2012-10-28 17:00 - 2012-09-24 09:45 - 00000000 ____D C:\Program Files (x86)\QuickTime
2012-10-28 17:00 - 2011-06-11 12:27 - 00000000 ____D C:\Users\Public\Documents\Pinnacle
2012-10-28 17:00 - 2011-04-18 16:03 - 00000000 ____D C:\Program Files\Adobe
2012-10-28 17:00 - 2011-03-27 23:19 - 00000000 ____D C:\Program Files (x86)\Adobe
2012-10-28 15:59 - 2012-10-28 15:58 - 00000000 ____D C:\Users\Beansie\AppData\Local\{AA9427BD-2BE6-4544-BF09-4701A832A980}
2012-10-28 14:20 - 2012-10-28 14:20 - 00000000 ____D C:\Users\Beansie\Documents\Aurora3D
2012-10-28 12:06 - 2012-10-28 12:06 - 00000000 ____D C:\Users\Beansie\AppData\Roaming\Thinstall
2012-10-28 12:06 - 2012-10-28 12:06 - 00000000 ____D C:\Users\Beansie\AppData\Local\Thinstall
2012-10-27 14:28 - 2012-10-27 14:12 - 00000000 ____D C:\Users\Beansie\AppData\Roaming\GlarySoft
2012-10-27 14:19 - 2012-10-27 14:19 - 00000000 ____D C:\Users\Beansie\Documents\Stardock
2012-10-27 14:19 - 2012-10-27 14:19 - 00000000 ____D C:\Users\Beansie\AppData\Roaming\Stardock
2012-10-27 14:19 - 2012-10-27 14:19 - 00000000 ____D C:\Users\Beansie\AppData\Local\Stardock
2012-10-27 14:19 - 2012-10-27 14:19 - 00000000 ____D C:\Users\Beansie\AppData\Local\ODUI
2012-10-27 14:19 - 2012-10-27 14:19 - 00000000 ____D C:\Program Files (x86)\Stardock
2012-10-27 14:12 - 2012-10-27 14:12 - 00000000 ____D C:\Program Files (x86)\Glary Utilities
2012-10-27 14:10 - 2012-10-27 14:10 - 08994112 ____A (Glarysoft Ltd ) C:\Users\Beansie\Downloads\gusetup.exe
2012-10-25 22:08 - 2012-10-25 22:08 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_point64_01011.Wdf
2012-10-25 22:08 - 2012-10-25 22:08 - 00000000 ____D C:\Program Files\Microsoft Mouse and Keyboard Center
2012-10-25 22:07 - 2012-10-25 22:07 - 00000000 ___AH C:\Windows\System32\Drivers\MsftWdf_Kernel_01011_Coinstaller_Critical.Wdf
2012-10-25 22:07 - 2012-10-25 22:07 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_dc3d_01011.Wdf
2012-10-25 20:53 - 2012-08-06 15:20 - 00000000 ___SD C:\Users\Beansie\Google Drive
2012-10-23 14:47 - 2012-10-23 14:47 - 00000000 ____D C:\Users\Beansie\AppData\Local\{AFFF3A6B-105D-4106-9E8B-A09599CEAD2A}

==================== Known DLLs (Whitelisted) =================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points =========================

Restore point made on: 2012-11-15 14:38:11
Restore point made on: 2012-11-15 14:55:32
Restore point made on: 2012-11-20 15:25:07

==================== Memory info ===========================

Percentage of memory in use: 8%
Total physical RAM: 12279.09 MB
Available physical RAM: 11181.88 MB
Total Pagefile: 12277.24 MB
Available Pagefile: 11191 MB
Total Virtual: 8192 MB
Available Virtual: 8191.89 MB

==================== Partitions =============================

1 Drive c: () (Fixed) (Total:297.4 GB) (Free:63.74 GB) NTFS
4 Drive f: () (Removable) (Total:7.45 GB) (Free:7.45 GB) FAT32
10 Drive l: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]
11 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
12 Drive y: (Project Drive) (Fixed) (Total:119.24 GB) (Free:42.13 GB) NTFS

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 119 GB 0 B
Disk 1 Online 7633 MB 0 B
Disk 2 No Media 0 B 0 B
Disk 3 No Media 0 B 0 B
Disk 4 No Media 0 B 0 B
Disk 5 No Media 0 B 0 B
Disk 6 No Media 0 B 0 B
Disk 7 Online 297 GB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 119 GB 1024 KB

==================================================================================

Disk: 0
Partition 1
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 Y Project Dri NTFS Partition 119 GB Healthy

=========================================================

Partitions of Disk 1:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 7633 MB 16 KB

==================================================================================

Disk: 1
Partition 1
Type : 0B
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 F FAT32 Removable 7633 MB Healthy

=========================================================

Partitions of Disk 7:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 100 MB 1024 KB
Partition 2 Primary 297 GB 101 MB

==================================================================================

Disk: 7
Partition 1
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 9 L System Rese NTFS Partition 100 MB Healthy

=========================================================

Disk: 7
Partition 2
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 10 C NTFS Partition 297 GB Healthy

=========================================================

Last Boot: 2012-11-15 12:31

==================== End Of Log =============================

#6 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,696 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:12:36 PM

Posted 21 November 2012 - 06:43 AM

We see no sign of any malware. We will run another tool to make sure. In case the system rebooted in the middle of the scan you may reboot, tab F8 at startup to get to Advanced boot Options, select Safe Mode to go into Safe Mode, log to usual account and run TDSSKiller from there.

Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log have a name like: TDSSKiller.Version_Date_Time_log.txt.


#7 edam72

edam72
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:05:36 AM

Posted 22 November 2012 - 01:54 PM

Thank you, the scan did not find anything, the report is pasted below. Since no objects are being found do you think it is just a problem with some program or registry error? Thanks again for all the help!

10:50:44.0041 2204 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
10:50:44.0416 2204 ============================================================
10:50:44.0416 2204 Current date / time: 2012/11/22 10:50:44.0416
10:50:44.0416 2204 SystemInfo:
10:50:44.0416 2204
10:50:44.0416 2204 OS Version: 6.1.7601 ServicePack: 1.0
10:50:44.0416 2204 Product type: Workstation
10:50:44.0416 2204 ComputerName: BEANSIE-PC
10:50:44.0416 2204 UserName: Beansie
10:50:44.0416 2204 Windows directory: C:\Windows
10:50:44.0416 2204 System windows directory: C:\Windows
10:50:44.0416 2204 Running under WOW64
10:50:44.0416 2204 Processor architecture: Intel x64
10:50:44.0416 2204 Number of processors: 12
10:50:44.0416 2204 Page size: 0x1000
10:50:44.0416 2204 Boot type: Normal boot
10:50:44.0416 2204 ============================================================
10:50:45.0149 2204 Drive \Device\Harddisk1\DR1 - Size: 0x1DCF856000 (119.24 Gb), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000048
10:50:45.0149 2204 Drive \Device\Harddisk0\DR0 - Size: 0x4A60000000 (297.50 Gb), SectorSize: 0x200, Cylinders: 0x97B4, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000048
10:50:45.0180 2204 ============================================================
10:50:45.0180 2204 \Device\Harddisk1\DR1:
10:50:45.0180 2204 MBR partitions:
10:50:45.0180 2204 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xEE7B000
10:50:45.0180 2204 \Device\Harddisk0\DR0:
10:50:45.0180 2204 MBR partitions:
10:50:45.0180 2204 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
10:50:45.0180 2204 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x252CD000
10:50:45.0180 2204 ============================================================
10:50:45.0180 2204 C: <-> \Device\Harddisk0\DR0\Partition2
10:50:45.0180 2204 F: <-> \Device\Harddisk1\DR1\Partition1
10:50:45.0180 2204 ============================================================
10:50:45.0180 2204 Initialize success
10:50:45.0180 2204 ============================================================
10:50:54.0135 4240 ============================================================
10:50:54.0135 4240 Scan started
10:50:54.0135 4240 Mode: Manual;
10:50:54.0135 4240 ============================================================
10:50:54.0213 4240 ================ Scan system memory ========================
10:50:54.0213 4240 System memory - ok
10:50:54.0213 4240 ================ Scan services =============================
10:50:54.0275 4240 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
10:50:54.0275 4240 1394ohci - ok
10:50:54.0291 4240 [ A15069EEC83EBC54150564B2585CFDBA ] 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269 C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe
10:50:54.0291 4240 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269 - ok
10:50:54.0306 4240 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
10:50:54.0306 4240 ACDaemon - ok
10:50:54.0306 4240 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
10:50:54.0306 4240 ACPI - ok
10:50:54.0306 4240 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
10:50:54.0306 4240 AcpiPmi - ok
10:50:54.0322 4240 [ C004F38974F4D321B4C20A240E1175C0 ] AdobeActiveFileMonitor9.0 C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
10:50:54.0322 4240 AdobeActiveFileMonitor9.0 - ok
10:50:54.0322 4240 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:50:54.0322 4240 AdobeARMservice - ok
10:50:54.0337 4240 [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:50:54.0337 4240 AdobeFlashPlayerUpdateSvc - ok
10:50:54.0353 4240 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
10:50:54.0353 4240 adp94xx - ok
10:50:54.0353 4240 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
10:50:54.0353 4240 adpahci - ok
10:50:54.0369 4240 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
10:50:54.0369 4240 adpu320 - ok
10:50:54.0369 4240 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
10:50:54.0369 4240 AeLookupSvc - ok
10:50:54.0369 4240 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
10:50:54.0384 4240 AFD - ok
10:50:54.0384 4240 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
10:50:54.0384 4240 agp440 - ok
10:50:54.0384 4240 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
10:50:54.0384 4240 ALG - ok
10:50:54.0384 4240 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
10:50:54.0384 4240 aliide - ok
10:50:54.0384 4240 [ 4C1E3649C89C7D542CD18ECC5210099D ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
10:50:54.0400 4240 AMD External Events Utility - ok
10:50:54.0400 4240 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
10:50:54.0400 4240 amdide - ok
10:50:54.0400 4240 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
10:50:54.0400 4240 AmdK8 - ok
10:50:54.0462 4240 [ A3C0A15B39F979E8F3EABA901D72ECD7 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
10:50:54.0509 4240 amdkmdag - ok
10:50:54.0525 4240 [ 20F3CD38B107C1BD747C0EA37D450165 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
10:50:54.0525 4240 amdkmdap - ok
10:50:54.0525 4240 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
10:50:54.0525 4240 AmdPPM - ok
10:50:54.0525 4240 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
10:50:54.0525 4240 amdsata - ok
10:50:54.0540 4240 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
10:50:54.0540 4240 amdsbs - ok
10:50:54.0540 4240 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
10:50:54.0540 4240 amdxata - ok
10:50:54.0540 4240 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
10:50:54.0540 4240 AppID - ok
10:50:54.0540 4240 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
10:50:54.0540 4240 AppIDSvc - ok
10:50:54.0540 4240 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
10:50:54.0540 4240 Appinfo - ok
10:50:54.0556 4240 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
10:50:54.0556 4240 AppMgmt - ok
10:50:54.0556 4240 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
10:50:54.0556 4240 arc - ok
10:50:54.0556 4240 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
10:50:54.0556 4240 arcsas - ok
10:50:54.0556 4240 [ F6BDA026E4157DC4E321CA391E9D9BC6 ] AsIO C:\Windows\syswow64\drivers\AsIO.sys
10:50:54.0556 4240 AsIO - ok
10:50:54.0571 4240 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:50:54.0571 4240 aspnet_state - ok
10:50:54.0571 4240 [ 954FFBFF05B0B60EB63B52AF561436C4 ] AsSysCtrlService C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.03\AsSysCtrlService.exe
10:50:54.0571 4240 AsSysCtrlService - ok
10:50:54.0571 4240 [ 26D66E32E78D3059715B3A17BC679CD9 ] AsUpIO C:\Windows\syswow64\drivers\AsUpIO.sys
10:50:54.0571 4240 AsUpIO - ok
10:50:54.0571 4240 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
10:50:54.0587 4240 AsyncMac - ok
10:50:54.0587 4240 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
10:50:54.0587 4240 atapi - ok
10:50:54.0587 4240 [ B0790FF0E25B7A2674296052F2162C1A ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
10:50:54.0587 4240 AtiHDAudioService - ok
10:50:54.0587 4240 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:50:54.0603 4240 AudioEndpointBuilder - ok
10:50:54.0603 4240 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
10:50:54.0603 4240 AudioSrv - ok
10:50:54.0603 4240 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
10:50:54.0618 4240 AxInstSV - ok
10:50:54.0618 4240 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
10:50:54.0618 4240 b06bdrv - ok
10:50:54.0618 4240 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
10:50:54.0618 4240 b57nd60a - ok
10:50:54.0634 4240 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
10:50:54.0634 4240 BDESVC - ok
10:50:54.0634 4240 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
10:50:54.0634 4240 Beep - ok
10:50:54.0649 4240 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
10:50:54.0649 4240 BFE - ok
10:50:54.0649 4240 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
10:50:54.0665 4240 BITS - ok
10:50:54.0665 4240 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
10:50:54.0665 4240 blbdrive - ok
10:50:54.0665 4240 [ 5AB58C337AC65837FE404462AD6265AB ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
10:50:54.0665 4240 Bonjour Service - ok
10:50:54.0681 4240 [ 2309601E5D37E0304F8BCFB57190756E ] BOT4Service C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe
10:50:54.0681 4240 BOT4Service - ok
10:50:54.0681 4240 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
10:50:54.0681 4240 bowser - ok
10:50:54.0681 4240 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:50:54.0681 4240 BrFiltLo - ok
10:50:54.0681 4240 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:50:54.0681 4240 BrFiltUp - ok
10:50:54.0696 4240 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
10:50:54.0696 4240 Browser - ok
10:50:54.0696 4240 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
10:50:54.0696 4240 Brserid - ok
10:50:54.0696 4240 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
10:50:54.0696 4240 BrSerWdm - ok
10:50:54.0696 4240 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
10:50:54.0696 4240 BrUsbMdm - ok
10:50:54.0712 4240 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
10:50:54.0712 4240 BrUsbSer - ok
10:50:54.0712 4240 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
10:50:54.0712 4240 BthEnum - ok
10:50:54.0712 4240 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
10:50:54.0712 4240 BTHMODEM - ok
10:50:54.0712 4240 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
10:50:54.0712 4240 BthPan - ok
10:50:54.0727 4240 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
10:50:54.0727 4240 BTHPORT - ok
10:50:54.0727 4240 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
10:50:54.0727 4240 bthserv - ok
10:50:54.0727 4240 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
10:50:54.0727 4240 BTHUSB - ok
10:50:54.0743 4240 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
10:50:54.0743 4240 cdfs - ok
10:50:54.0743 4240 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
10:50:54.0743 4240 cdrom - ok
10:50:54.0743 4240 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
10:50:54.0743 4240 CertPropSvc - ok
10:50:54.0743 4240 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
10:50:54.0743 4240 circlass - ok
10:50:54.0759 4240 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
10:50:54.0759 4240 CLFS - ok
10:50:54.0759 4240 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:50:54.0759 4240 clr_optimization_v2.0.50727_32 - ok
10:50:54.0759 4240 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:50:54.0774 4240 clr_optimization_v2.0.50727_64 - ok
10:50:54.0774 4240 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:50:54.0774 4240 clr_optimization_v4.0.30319_32 - ok
10:50:54.0774 4240 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:50:54.0790 4240 clr_optimization_v4.0.30319_64 - ok
10:50:54.0790 4240 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
10:50:54.0790 4240 CmBatt - ok
10:50:54.0790 4240 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
10:50:54.0790 4240 cmdide - ok
10:50:54.0790 4240 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
10:50:54.0790 4240 CNG - ok
10:50:54.0805 4240 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
10:50:54.0805 4240 Compbatt - ok
10:50:54.0805 4240 [ 59D203C3F46F3CA536ECAC0E084CD887 ] CompFilter64 C:\Windows\system32\DRIVERS\lvbflt64.sys
10:50:54.0805 4240 CompFilter64 - ok
10:50:54.0805 4240 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
10:50:54.0805 4240 CompositeBus - ok
10:50:54.0805 4240 COMSysApp - ok
10:50:54.0805 4240 [ CCB09EB78E047C931708149992C2E435 ] cpuz135 C:\Windows\system32\drivers\cpuz135_x64.sys
10:50:54.0805 4240 cpuz135 - ok
10:50:54.0805 4240 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
10:50:54.0821 4240 crcdisk - ok
10:50:54.0821 4240 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
10:50:54.0821 4240 CryptSvc - ok
10:50:54.0821 4240 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
10:50:54.0821 4240 CSC - ok
10:50:54.0837 4240 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
10:50:54.0837 4240 CscService - ok
10:50:54.0837 4240 [ E6CE7188CC47AE5DAFDAF552D370C52F ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
10:50:54.0837 4240 dc3d - ok
10:50:54.0852 4240 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
10:50:54.0852 4240 DcomLaunch - ok
10:50:54.0852 4240 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
10:50:54.0868 4240 defragsvc - ok
10:50:54.0868 4240 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
10:50:54.0868 4240 DfsC - ok
10:50:54.0868 4240 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
10:50:54.0868 4240 Dhcp - ok
10:50:54.0868 4240 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
10:50:54.0868 4240 discache - ok
10:50:54.0883 4240 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
10:50:54.0883 4240 Disk - ok
10:50:54.0883 4240 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
10:50:54.0883 4240 Dnscache - ok
10:50:54.0899 4240 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
10:50:54.0899 4240 dot3svc - ok
10:50:54.0899 4240 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
10:50:54.0899 4240 Dot4 - ok
10:50:54.0899 4240 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
10:50:54.0899 4240 Dot4Print - ok
10:50:54.0899 4240 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
10:50:54.0899 4240 dot4usb - ok
10:50:54.0915 4240 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
10:50:54.0915 4240 DPS - ok
10:50:54.0915 4240 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
10:50:54.0915 4240 drmkaud - ok
10:50:54.0930 4240 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
10:50:54.0930 4240 DXGKrnl - ok
10:50:54.0930 4240 [ 50AD8FC1DC800FF36087994C8F7FDFF2 ] e1yexpress C:\Windows\system32\DRIVERS\e1y60x64.sys
10:50:54.0930 4240 e1yexpress - ok
10:50:54.0946 4240 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
10:50:54.0946 4240 EapHost - ok
10:50:54.0961 4240 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
10:50:54.0977 4240 ebdrv - ok
10:50:54.0977 4240 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
10:50:54.0977 4240 EFS - ok
10:50:54.0993 4240 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
10:50:54.0993 4240 ehRecvr - ok
10:50:54.0993 4240 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
10:50:54.0993 4240 ehSched - ok
10:50:55.0008 4240 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
10:50:55.0008 4240 elxstor - ok
10:50:55.0008 4240 [ 12C061D9F9621BE916D58191872EC281 ] ENTECH64 C:\Windows\system32\DRIVERS\ENTECH64.sys
10:50:55.0024 4240 ENTECH64 - ok
10:50:55.0024 4240 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
10:50:55.0024 4240 ErrDev - ok
10:50:55.0024 4240 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
10:50:55.0024 4240 EventSystem - ok
10:50:55.0039 4240 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
10:50:55.0039 4240 exfat - ok
10:50:55.0039 4240 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
10:50:55.0039 4240 fastfat - ok
10:50:55.0055 4240 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
10:50:55.0055 4240 Fax - ok
10:50:55.0055 4240 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
10:50:55.0055 4240 fdc - ok
10:50:55.0055 4240 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
10:50:55.0055 4240 fdPHost - ok
10:50:55.0055 4240 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
10:50:55.0055 4240 FDResPub - ok
10:50:55.0071 4240 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
10:50:55.0071 4240 FileInfo - ok
10:50:55.0071 4240 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
10:50:55.0071 4240 Filetrace - ok
10:50:55.0086 4240 [ ABEDFD48AC042C6AAAD32452E77217A1 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
10:50:55.0086 4240 FLEXnet Licensing Service - ok
10:50:55.0086 4240 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
10:50:55.0086 4240 flpydisk - ok
10:50:55.0086 4240 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
10:50:55.0086 4240 FltMgr - ok
10:50:55.0102 4240 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
10:50:55.0102 4240 FontCache - ok
10:50:55.0117 4240 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:50:55.0117 4240 FontCache3.0.0.0 - ok
10:50:55.0117 4240 [ 9513B437B7ADB1E6065B7F0D83D11ECF ] FreeAgentGoNext Service C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe
10:50:55.0117 4240 FreeAgentGoNext Service - ok
10:50:55.0117 4240 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
10:50:55.0117 4240 FsDepends - ok
10:50:55.0117 4240 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
10:50:55.0117 4240 Fs_Rec - ok
10:50:55.0133 4240 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
10:50:55.0133 4240 fvevol - ok
10:50:55.0133 4240 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
10:50:55.0133 4240 gagp30kx - ok
10:50:55.0149 4240 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
10:50:55.0149 4240 gpsvc - ok
10:50:55.0149 4240 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:50:55.0149 4240 gupdate - ok
10:50:55.0149 4240 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:50:55.0149 4240 gupdatem - ok
10:50:55.0164 4240 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
10:50:55.0164 4240 gusvc - ok
10:50:55.0164 4240 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
10:50:55.0164 4240 hcw85cir - ok
10:50:55.0164 4240 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:50:55.0164 4240 HdAudAddService - ok
10:50:55.0180 4240 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
10:50:55.0180 4240 HDAudBus - ok
10:50:55.0180 4240 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
10:50:55.0180 4240 HidBatt - ok
10:50:55.0180 4240 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
10:50:55.0180 4240 HidBth - ok
10:50:55.0180 4240 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
10:50:55.0180 4240 HidIr - ok
10:50:55.0180 4240 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
10:50:55.0180 4240 hidserv - ok
10:50:55.0195 4240 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
10:50:55.0195 4240 HidUsb - ok
10:50:55.0195 4240 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
10:50:55.0195 4240 hkmsvc - ok
10:50:55.0195 4240 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:50:55.0195 4240 HomeGroupListener - ok
10:50:55.0195 4240 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:50:55.0211 4240 HomeGroupProvider - ok
10:50:55.0211 4240 [ 97AAC45A375168C6A2297BEEB9692E31 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
10:50:55.0211 4240 hpqcxs08 - ok
10:50:55.0211 4240 [ 19A4FB67B1C97EA18EDFF44340973CD9 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
10:50:55.0211 4240 hpqddsvc - ok
10:50:55.0227 4240 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
10:50:55.0227 4240 HpSAMD - ok
10:50:55.0227 4240 [ F37882F128EFACEFE353E0BAE2766909 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
10:50:55.0242 4240 HPSLPSVC - ok
10:50:55.0242 4240 [ F47CEC45FB85791D4AB237563AD0FA8F ] HTCAND64 C:\Windows\system32\Drivers\ANDROIDUSB.sys
10:50:55.0242 4240 HTCAND64 - ok
10:50:55.0242 4240 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
10:50:55.0258 4240 HTTP - ok
10:50:55.0258 4240 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
10:50:55.0258 4240 hwpolicy - ok
10:50:55.0258 4240 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
10:50:55.0258 4240 i8042prt - ok
10:50:55.0258 4240 [ 7548066DF68A8A1A56B043359F915F37 ] IAANTMON C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
10:50:55.0273 4240 IAANTMON - ok
10:50:55.0273 4240 [ 1D004CB1DA6323B1F55CAEF7F94B61D9 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
10:50:55.0273 4240 iaStor - ok
10:50:55.0289 4240 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
10:50:55.0289 4240 iaStorV - ok
10:50:55.0289 4240 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:50:55.0305 4240 idsvc - ok
10:50:55.0305 4240 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
10:50:55.0305 4240 iirsp - ok
10:50:55.0320 4240 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
10:50:55.0320 4240 IKEEXT - ok
10:50:55.0336 4240 [ A3BCBD0F710580A07D1B929D787D36CE ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
10:50:55.0351 4240 IntcAzAudAddService - ok
10:50:55.0351 4240 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
10:50:55.0351 4240 intelide - ok
10:50:55.0351 4240 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
10:50:55.0351 4240 intelppm - ok
10:50:55.0351 4240 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
10:50:55.0351 4240 IPBusEnum - ok
10:50:55.0351 4240 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:50:55.0367 4240 IpFilterDriver - ok
10:50:55.0367 4240 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
10:50:55.0367 4240 iphlpsvc - ok
10:50:55.0367 4240 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
10:50:55.0367 4240 IPMIDRV - ok
10:50:55.0383 4240 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
10:50:55.0383 4240 IPNAT - ok
10:50:55.0383 4240 [ 02DEF37AB75E0032C50724646F708DE8 ] iPodDrv C:\Windows\system32\drivers\iPodDrv.sys
10:50:55.0383 4240 iPodDrv - ok
10:50:55.0383 4240 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
10:50:55.0383 4240 IRENUM - ok
10:50:55.0383 4240 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
10:50:55.0398 4240 isapnp - ok
10:50:55.0398 4240 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
10:50:55.0398 4240 iScsiPrt - ok
10:50:55.0398 4240 [ BD5BF20EC242E003A2F570B8754A56D1 ] ivusb C:\Windows\system32\DRIVERS\ivusb.sys
10:50:55.0398 4240 ivusb - ok
10:50:55.0398 4240 [ 13D55980A7C1561E04ECFDAF1B62FFB5 ] JMRAIDManager C:\Program Files (x86)\JMRAIDManager\XSrvSetup.exe
10:50:55.0429 4240 JMRAIDManager - ok
10:50:55.0429 4240 [ 75DDB94A2A24F9F7037D10A2DDA06D36 ] JRAID C:\Windows\system32\DRIVERS\jraid.sys
10:50:55.0445 4240 JRAID - ok
10:50:55.0445 4240 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
10:50:55.0445 4240 kbdclass - ok
10:50:55.0445 4240 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
10:50:55.0445 4240 kbdhid - ok
10:50:55.0445 4240 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
10:50:55.0445 4240 KeyIso - ok
10:50:55.0445 4240 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
10:50:55.0445 4240 KSecDD - ok
10:50:55.0461 4240 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
10:50:55.0461 4240 KSecPkg - ok
10:50:55.0461 4240 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
10:50:55.0461 4240 ksthunk - ok
10:50:55.0461 4240 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
10:50:55.0461 4240 KtmRm - ok
10:50:55.0476 4240 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
10:50:55.0476 4240 LanmanServer - ok
10:50:55.0476 4240 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:50:55.0476 4240 LanmanWorkstation - ok
10:50:55.0476 4240 [ 87D6731F70D017590E12735ECC746CDE ] LGDDCDevice C:\Program Files (x86)\LG Soft India\forteManager\bin\I2CDriver.sys
10:50:55.0492 4240 LGDDCDevice - ok
10:50:55.0492 4240 [ 089010666D9EA3BD17AFEDE301950B09 ] LGII2CDevice C:\Program Files (x86)\LG Soft India\forteManager\bin\PII2CDriver.sys
10:50:55.0492 4240 LGII2CDevice - ok
10:50:55.0507 4240 [ 4B142775DAD98274C58F3B5893376C20 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
10:50:55.0523 4240 LightScribeService - ok
10:50:55.0523 4240 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
10:50:55.0523 4240 lltdio - ok
10:50:55.0539 4240 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
10:50:55.0539 4240 lltdsvc - ok
10:50:55.0539 4240 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
10:50:55.0539 4240 lmhosts - ok
10:50:55.0539 4240 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
10:50:55.0539 4240 LSI_FC - ok
10:50:55.0554 4240 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
10:50:55.0554 4240 LSI_SAS - ok
10:50:55.0554 4240 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:50:55.0554 4240 LSI_SAS2 - ok
10:50:55.0554 4240 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:50:55.0554 4240 LSI_SCSI - ok
10:50:55.0554 4240 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
10:50:55.0554 4240 luafv - ok
10:50:55.0570 4240 [ 0C85B2B6FB74B36A251792D45E0EF860 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
10:50:55.0570 4240 LVRS64 - ok
10:50:55.0601 4240 [ FF3A488924B0032B1A9CA6948C1FA9E8 ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
10:50:55.0617 4240 LVUVC64 - ok
10:50:55.0632 4240 [ 024DA28053D57E9E32BEE52600576BBB ] MarvinBus C:\Windows\system32\DRIVERS\MarvinBus64.sys
10:50:55.0632 4240 MarvinBus - ok
10:50:55.0632 4240 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
10:50:55.0632 4240 Mcx2Svc - ok
10:50:55.0632 4240 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
10:50:55.0632 4240 megasas - ok
10:50:55.0648 4240 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
10:50:55.0648 4240 MegaSR - ok
10:50:55.0648 4240 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
10:50:55.0648 4240 MMCSS - ok
10:50:55.0648 4240 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
10:50:55.0648 4240 Modem - ok
10:50:55.0648 4240 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
10:50:55.0648 4240 monitor - ok
10:50:55.0663 4240 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
10:50:55.0663 4240 mouclass - ok
10:50:55.0663 4240 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
10:50:55.0663 4240 mouhid - ok
10:50:55.0663 4240 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
10:50:55.0663 4240 mountmgr - ok
10:50:55.0663 4240 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
10:50:55.0663 4240 MpFilter - ok
10:50:55.0679 4240 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
10:50:55.0679 4240 mpio - ok
10:50:55.0679 4240 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
10:50:55.0679 4240 mpsdrv - ok
10:50:55.0695 4240 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
10:50:55.0695 4240 MpsSvc - ok
10:50:55.0695 4240 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
10:50:55.0695 4240 MRxDAV - ok
10:50:55.0695 4240 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
10:50:55.0695 4240 mrxsmb - ok
10:50:55.0710 4240 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:50:55.0710 4240 mrxsmb10 - ok
10:50:55.0710 4240 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:50:55.0710 4240 mrxsmb20 - ok
10:50:55.0710 4240 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
10:50:55.0710 4240 msahci - ok
10:50:55.0726 4240 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
10:50:55.0726 4240 msdsm - ok
10:50:55.0726 4240 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
10:50:55.0726 4240 MSDTC - ok
10:50:55.0726 4240 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
10:50:55.0726 4240 Msfs - ok
10:50:55.0726 4240 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
10:50:55.0726 4240 mshidkmdf - ok
10:50:55.0726 4240 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
10:50:55.0741 4240 msisadrv - ok
10:50:55.0741 4240 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
10:50:55.0741 4240 MSiSCSI - ok
10:50:55.0741 4240 msiserver - ok
10:50:55.0741 4240 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
10:50:55.0741 4240 MSKSSRV - ok
10:50:55.0741 4240 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
10:50:55.0741 4240 MsMpSvc - ok
10:50:55.0741 4240 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
10:50:55.0741 4240 MSPCLOCK - ok
10:50:55.0757 4240 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
10:50:55.0757 4240 MSPQM - ok
10:50:55.0757 4240 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
10:50:55.0757 4240 MsRPC - ok
10:50:55.0757 4240 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
10:50:55.0757 4240 mssmbios - ok
10:50:55.0773 4240 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
10:50:55.0773 4240 MSTEE - ok
10:50:55.0773 4240 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
10:50:55.0773 4240 MTConfig - ok
10:50:55.0773 4240 [ 19B006B181E3875FD254F7B67ACF1E7C ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
10:50:55.0773 4240 MTsensor - ok
10:50:55.0773 4240 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
10:50:55.0773 4240 Mup - ok
10:50:55.0773 4240 [ 8DB5861A8DB19ABAF430FCD001EF5E93 ] mv91xx C:\Windows\system32\DRIVERS\mv91xx.sys
10:50:55.0773 4240 mv91xx - ok
10:50:55.0788 4240 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
10:50:55.0788 4240 napagent - ok
10:50:55.0788 4240 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
10:50:55.0788 4240 NativeWifiP - ok
10:50:55.0804 4240 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
10:50:55.0819 4240 NDIS - ok
10:50:55.0819 4240 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
10:50:55.0819 4240 NdisCap - ok
10:50:55.0819 4240 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
10:50:55.0819 4240 NdisTapi - ok
10:50:55.0819 4240 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
10:50:55.0819 4240 Ndisuio - ok
10:50:55.0819 4240 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
10:50:55.0819 4240 NdisWan - ok
10:50:55.0835 4240 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
10:50:55.0835 4240 NDProxy - ok
10:50:55.0835 4240 [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
10:50:55.0835 4240 Net Driver HPZ12 - ok
10:50:55.0835 4240 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
10:50:55.0835 4240 NetBIOS - ok
10:50:55.0835 4240 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
10:50:55.0835 4240 NetBT - ok
10:50:55.0851 4240 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
10:50:55.0851 4240 Netlogon - ok
10:50:55.0851 4240 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
10:50:55.0851 4240 Netman - ok
10:50:55.0851 4240 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:50:55.0851 4240 NetMsmqActivator - ok
10:50:55.0866 4240 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:50:55.0866 4240 NetPipeActivator - ok
10:50:55.0866 4240 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
10:50:55.0866 4240 netprofm - ok
10:50:55.0866 4240 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:50:55.0866 4240 NetTcpActivator - ok
10:50:55.0882 4240 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:50:55.0882 4240 NetTcpPortSharing - ok
10:50:55.0882 4240 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
10:50:55.0882 4240 nfrd960 - ok
10:50:55.0882 4240 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
10:50:55.0882 4240 NisDrv - ok
10:50:55.0882 4240 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
10:50:55.0882 4240 NisSrv - ok
10:50:55.0897 4240 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
10:50:55.0897 4240 NlaSvc - ok
10:50:55.0897 4240 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
10:50:55.0897 4240 Npfs - ok
10:50:55.0897 4240 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
10:50:55.0897 4240 nsi - ok
10:50:55.0897 4240 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
10:50:55.0897 4240 nsiproxy - ok
10:50:55.0929 4240 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
10:50:55.0929 4240 Ntfs - ok
10:50:55.0929 4240 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
10:50:55.0929 4240 Null - ok
10:50:55.0929 4240 [ 8EBCB9165EE7F1571842F4D9D624A74C ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
10:50:55.0929 4240 nusb3hub - ok
10:50:55.0944 4240 [ 5D54DBB12BBFE07CC283FD39F2CD6D63 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
10:50:55.0944 4240 nusb3xhc - ok
10:50:55.0944 4240 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
10:50:55.0944 4240 nvraid - ok
10:50:55.0944 4240 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
10:50:55.0944 4240 nvstor - ok
10:50:55.0960 4240 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
10:50:55.0960 4240 nv_agp - ok
10:50:55.0960 4240 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
10:50:55.0960 4240 ohci1394 - ok
10:50:55.0960 4240 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:50:55.0960 4240 ose - ok
10:50:56.0007 4240 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
10:50:56.0022 4240 osppsvc - ok
10:50:56.0022 4240 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
10:50:56.0038 4240 p2pimsvc - ok
10:50:56.0038 4240 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
10:50:56.0038 4240 p2psvc - ok
10:50:56.0038 4240 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
10:50:56.0038 4240 Parport - ok
10:50:56.0053 4240 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
10:50:56.0053 4240 partmgr - ok
10:50:56.0053 4240 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
10:50:56.0053 4240 PcaSvc - ok
10:50:56.0053 4240 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
10:50:56.0053 4240 pci - ok
10:50:56.0053 4240 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
10:50:56.0053 4240 pciide - ok
10:50:56.0069 4240 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
10:50:56.0069 4240 pcmcia - ok
10:50:56.0069 4240 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
10:50:56.0069 4240 pcw - ok
10:50:56.0069 4240 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
10:50:56.0085 4240 PEAUTH - ok
10:50:56.0085 4240 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
10:50:56.0100 4240 PeerDistSvc - ok
10:50:56.0116 4240 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
10:50:56.0116 4240 PerfHost - ok
10:50:56.0131 4240 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
10:50:56.0131 4240 pla - ok
10:50:56.0147 4240 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
10:50:56.0147 4240 PlugPlay - ok
10:50:56.0147 4240 [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
10:50:56.0147 4240 Pml Driver HPZ12 - ok
10:50:56.0147 4240 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
10:50:56.0163 4240 PNRPAutoReg - ok
10:50:56.0163 4240 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
10:50:56.0163 4240 PNRPsvc - ok
10:50:56.0163 4240 [ 5BC4D480DD527EB0CF33A67A090A130E ] Point64 C:\Windows\system32\DRIVERS\point64.sys
10:50:56.0163 4240 Point64 - ok
10:50:56.0178 4240 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
10:50:56.0178 4240 PolicyAgent - ok
10:50:56.0178 4240 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
10:50:56.0178 4240 Power - ok
10:50:56.0178 4240 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
10:50:56.0178 4240 PptpMiniport - ok
10:50:56.0178 4240 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
10:50:56.0194 4240 Processor - ok
10:50:56.0194 4240 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
10:50:56.0194 4240 ProfSvc - ok
10:50:56.0194 4240 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
10:50:56.0194 4240 ProtectedStorage - ok
10:50:56.0194 4240 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
10:50:56.0194 4240 Psched - ok
10:50:56.0194 4240 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
10:50:56.0194 4240 PxHlpa64 - ok
10:50:56.0225 4240 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
10:50:56.0225 4240 ql2300 - ok
10:50:56.0225 4240 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
10:50:56.0225 4240 ql40xx - ok
10:50:56.0241 4240 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
10:50:56.0241 4240 QWAVE - ok
10:50:56.0241 4240 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
10:50:56.0241 4240 QWAVEdrv - ok
10:50:56.0241 4240 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
10:50:56.0241 4240 RasAcd - ok
10:50:56.0241 4240 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
10:50:56.0241 4240 RasAgileVpn - ok
10:50:56.0241 4240 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
10:50:56.0256 4240 RasAuto - ok
10:50:56.0256 4240 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
10:50:56.0256 4240 Rasl2tp - ok
10:50:56.0256 4240 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
10:50:56.0256 4240 RasMan - ok
10:50:56.0272 4240 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
10:50:56.0272 4240 RasPppoe - ok
10:50:56.0272 4240 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
10:50:56.0272 4240 RasSstp - ok
10:50:56.0272 4240 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
10:50:56.0272 4240 rdbss - ok
10:50:56.0272 4240 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
10:50:56.0272 4240 rdpbus - ok
10:50:56.0287 4240 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
10:50:56.0287 4240 RDPCDD - ok
10:50:56.0287 4240 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
10:50:56.0287 4240 RDPDR - ok
10:50:56.0287 4240 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
10:50:56.0287 4240 RDPENCDD - ok
10:50:56.0287 4240 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
10:50:56.0287 4240 RDPREFMP - ok
10:50:56.0303 4240 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
10:50:56.0303 4240 RdpVideoMiniport - ok
10:50:56.0303 4240 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
10:50:56.0303 4240 RDPWD - ok
10:50:56.0303 4240 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
10:50:56.0303 4240 rdyboost - ok
10:50:56.0319 4240 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
10:50:56.0319 4240 RemoteAccess - ok
10:50:56.0319 4240 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
10:50:56.0319 4240 RemoteRegistry - ok
10:50:56.0319 4240 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
10:50:56.0319 4240 RFCOMM - ok
10:50:56.0334 4240 [ C70F30AD0A519A53544129BD723CC5FB ] RichVideo64 C:\Program Files\CyberLink\Shared files\RichVideo64.exe
10:50:56.0334 4240 RichVideo64 - ok
10:50:56.0350 4240 [ 053A0D66B1982D93A20062E4DA40B29B ] RoxMediaDB13 C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe
10:50:56.0350 4240 RoxMediaDB13 - ok
10:50:56.0365 4240 [ 495C85B15470374A9499451893742EE6 ] RoxWatch12 C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe
10:50:56.0365 4240 RoxWatch12 - ok
10:50:56.0365 4240 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
10:50:56.0365 4240 RpcEptMapper - ok
10:50:56.0365 4240 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
10:50:56.0365 4240 RpcLocator - ok
10:50:56.0381 4240 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
10:50:56.0381 4240 RpcSs - ok
10:50:56.0381 4240 [ C6972C4A30A8EB089A0DD74B440DBE8E ] rr232x C:\Windows\system32\DRIVERS\rr232x.sys
10:50:56.0381 4240 rr232x - ok
10:50:56.0381 4240 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
10:50:56.0381 4240 rspndr - ok
10:50:56.0381 4240 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
10:50:56.0381 4240 s3cap - ok
10:50:56.0381 4240 [ 27DB9153D259D632D15483DEEAB799ED ] Sahdad64 C:\Windows\system32\Drivers\Sahdad64.sys
10:50:56.0381 4240 Sahdad64 - ok
10:50:56.0397 4240 [ F77849D909B90BCACFCF7295AECF299B ] Saibad64 C:\Windows\system32\Drivers\Saibad64.sys
10:50:56.0397 4240 Saibad64 - ok
10:50:56.0397 4240 [ 704D415290A568F68DE20942DAC23F7E ] SaibVdAd64 C:\Windows\system32\Drivers\SaibVdAd64.sys
10:50:56.0397 4240 SaibVdAd64 - ok
10:50:56.0397 4240 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
10:50:56.0397 4240 SamSs - ok
10:50:56.0397 4240 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
10:50:56.0397 4240 sbp2port - ok
10:50:56.0397 4240 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
10:50:56.0412 4240 SCardSvr - ok
10:50:56.0412 4240 [ B00BCE3D99FE7CE29C6E873AC62F450E ] SCDEmu C:\Windows\system32\drivers\SCDEmu.sys
10:50:56.0412 4240 SCDEmu - ok
10:50:56.0412 4240 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
10:50:56.0412 4240 scfilter - ok
10:50:56.0428 4240 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
10:50:56.0443 4240 Schedule - ok
10:50:56.0443 4240 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
10:50:56.0443 4240 SCPolicySvc - ok
10:50:56.0443 4240 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
10:50:56.0443 4240 SDRSVC - ok
10:50:56.0443 4240 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
10:50:56.0443 4240 secdrv - ok
10:50:56.0443 4240 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
10:50:56.0443 4240 seclogon - ok
10:50:56.0459 4240 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
10:50:56.0459 4240 SENS - ok
10:50:56.0459 4240 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
10:50:56.0459 4240 SensrSvc - ok
10:50:56.0459 4240 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
10:50:56.0459 4240 Serenum - ok
10:50:56.0459 4240 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
10:50:56.0459 4240 Serial - ok
10:50:56.0459 4240 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
10:50:56.0475 4240 sermouse - ok
10:50:56.0475 4240 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
10:50:56.0475 4240 SessionEnv - ok
10:50:56.0475 4240 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
10:50:56.0475 4240 sffdisk - ok
10:50:56.0475 4240 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
10:50:56.0475 4240 sffp_mmc - ok
10:50:56.0475 4240 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
10:50:56.0475 4240 sffp_sd - ok
10:50:56.0490 4240 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
10:50:56.0490 4240 sfloppy - ok
10:50:56.0490 4240 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
10:50:56.0490 4240 SharedAccess - ok
10:50:56.0490 4240 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:50:56.0506 4240 ShellHWDetection - ok
10:50:56.0506 4240 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
10:50:56.0506 4240 SiSRaid2 - ok
10:50:56.0506 4240 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
10:50:56.0506 4240 SiSRaid4 - ok
10:50:56.0506 4240 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
10:50:56.0506 4240 SkypeUpdate - ok
10:50:56.0506 4240 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
10:50:56.0521 4240 Smb - ok
10:50:56.0521 4240 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
10:50:56.0521 4240 SNMPTRAP - ok
10:50:56.0521 4240 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
10:50:56.0521 4240 spldr - ok
10:50:56.0521 4240 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
10:50:56.0537 4240 Spooler - ok
10:50:56.0568 4240 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
10:50:56.0584 4240 sppsvc - ok
10:50:56.0584 4240 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
10:50:56.0584 4240 sppuinotify - ok
10:50:56.0584 4240 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
10:50:56.0584 4240 srv - ok
10:50:56.0599 4240 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
10:50:56.0599 4240 srv2 - ok
10:50:56.0599 4240 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
10:50:56.0599 4240 srvnet - ok
10:50:56.0599 4240 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
10:50:56.0615 4240 SSDPSRV - ok
10:50:56.0615 4240 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
10:50:56.0615 4240 SstpSvc - ok
10:50:56.0615 4240 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
10:50:56.0615 4240 stexstor - ok
10:50:56.0631 4240 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
10:50:56.0631 4240 stisvc - ok
10:50:56.0631 4240 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
10:50:56.0631 4240 storflt - ok
10:50:56.0631 4240 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
10:50:56.0631 4240 storvsc - ok
10:50:56.0631 4240 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
10:50:56.0631 4240 swenum - ok
10:50:56.0646 4240 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
10:50:56.0646 4240 swprv - ok
10:50:56.0646 4240 Synth3dVsc - ok
10:50:56.0662 4240 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
10:50:56.0677 4240 SysMain - ok
10:50:56.0677 4240 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:50:56.0677 4240 TabletInputService - ok
10:50:56.0740 4240 [ C0255D8E3ABE790694927624603F8F10 ] TabletServiceWacom C:\Windows\system32\Wacom_Tablet.exe
10:50:56.0911 4240 TabletServiceWacom - ok
10:50:56.0911 4240 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
10:50:56.0911 4240 TapiSrv - ok
10:50:56.0911 4240 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
10:50:56.0911 4240 TBS - ok
10:50:56.0927 4240 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
10:50:56.0943 4240 Tcpip - ok
10:50:56.0958 4240 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
10:50:56.0958 4240 TCPIP6 - ok
10:50:56.0974 4240 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
10:50:56.0974 4240 tcpipreg - ok
10:50:56.0974 4240 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
10:50:56.0974 4240 TDPIPE - ok
10:50:56.0974 4240 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
10:50:56.0974 4240 TDTCP - ok
10:50:56.0974 4240 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
10:50:56.0974 4240 tdx - ok
10:50:56.0974 4240 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
10:50:56.0989 4240 TermDD - ok
10:50:56.0989 4240 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
10:50:56.0989 4240 TermService - ok
10:50:56.0989 4240 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
10:50:57.0005 4240 Themes - ok
10:50:57.0005 4240 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
10:50:57.0005 4240 THREADORDER - ok
10:50:57.0005 4240 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
10:50:57.0005 4240 TrkWks - ok
10:50:57.0005 4240 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:50:57.0005 4240 TrustedInstaller - ok
10:50:57.0021 4240 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
10:50:57.0021 4240 tssecsrv - ok
10:50:57.0021 4240 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
10:50:57.0021 4240 TsUsbFlt - ok
10:50:57.0021 4240 tsusbhub - ok
10:50:57.0021 4240 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
10:50:57.0021 4240 tunnel - ok
10:50:57.0021 4240 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
10:50:57.0021 4240 uagp35 - ok
10:50:57.0036 4240 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
10:50:57.0036 4240 udfs - ok
10:50:57.0036 4240 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
10:50:57.0036 4240 UI0Detect - ok
10:50:57.0036 4240 [ F13DA74969897359A88F2A739F54A250 ] UleadBurningHelper C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
10:50:57.0223 4240 UleadBurningHelper - ok
10:50:57.0239 4240 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
10:50:57.0239 4240 uliagpkx - ok
10:50:57.0239 4240 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
10:50:57.0239 4240 umbus - ok
10:50:57.0239 4240 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
10:50:57.0239 4240 UmPass - ok
10:50:57.0239 4240 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
10:50:57.0239 4240 UmRdpService - ok
10:50:57.0255 4240 [ 67A95B9D129ED5399E7965CD09CF30E7 ] UMVPFSrv C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
10:50:57.0255 4240 UMVPFSrv - ok
10:50:57.0255 4240 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
10:50:57.0255 4240 upnphost - ok
10:50:57.0270 4240 [ 1E1786E15F91183BE26732E89ADC1817 ] USB28xxBGA C:\Windows\system32\DRIVERS\emBDA64.sys
10:50:57.0270 4240 USB28xxBGA - ok
10:50:57.0286 4240 [ E97F0E00ADBC1BCEF691C71DBEE77041 ] USB28xxOEM C:\Windows\system32\DRIVERS\emOEM64.sys
10:50:57.0286 4240 USB28xxOEM - ok
10:50:57.0286 4240 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
10:50:57.0286 4240 usbaudio - ok
10:50:57.0286 4240 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
10:50:57.0286 4240 usbccgp - ok
10:50:57.0301 4240 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
10:50:57.0301 4240 usbcir - ok
10:50:57.0301 4240 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
10:50:57.0301 4240 usbehci - ok
10:50:57.0301 4240 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
10:50:57.0301 4240 usbhub - ok
10:50:57.0301 4240 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
10:50:57.0301 4240 usbohci - ok
10:50:57.0317 4240 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
10:50:57.0317 4240 usbprint - ok
10:50:57.0317 4240 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
10:50:57.0317 4240 usbscan - ok
10:50:57.0317 4240 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:50:57.0317 4240 USBSTOR - ok
10:50:57.0333 4240 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
10:50:57.0333 4240 usbuhci - ok
10:50:57.0333 4240 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
10:50:57.0333 4240 UxSms - ok
10:50:57.0333 4240 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
10:50:57.0333 4240 VaultSvc - ok
10:50:57.0333 4240 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
10:50:57.0333 4240 vdrvroot - ok
10:50:57.0348 4240 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
10:50:57.0348 4240 vds - ok
10:50:57.0348 4240 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
10:50:57.0348 4240 vga - ok
10:50:57.0348 4240 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
10:50:57.0348 4240 VgaSave - ok
10:50:57.0348 4240 VGPU - ok
10:50:57.0364 4240 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
10:50:57.0364 4240 vhdmp - ok
10:50:57.0364 4240 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
10:50:57.0364 4240 viaide - ok
10:50:57.0364 4240 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
10:50:57.0364 4240 vmbus - ok
10:50:57.0364 4240 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
10:50:57.0364 4240 VMBusHID - ok
10:50:57.0364 4240 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
10:50:57.0379 4240 volmgr - ok
10:50:57.0379 4240 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
10:50:57.0379 4240 volmgrx - ok
10:50:57.0379 4240 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
10:50:57.0395 4240 volsnap - ok
10:50:57.0395 4240 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
10:50:57.0395 4240 vsmraid - ok
10:50:57.0411 4240 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
10:50:57.0426 4240 VSS - ok
10:50:57.0426 4240 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
10:50:57.0426 4240 vwifibus - ok
10:50:57.0426 4240 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
10:50:57.0426 4240 W32Time - ok
10:50:57.0442 4240 [ 37E4600E2CDAD3C1A3613A25B97D457C ] wacmoumonitor C:\Windows\system32\DRIVERS\wacmoumonitor.sys
10:50:57.0442 4240 wacmoumonitor - ok
10:50:57.0442 4240 [ E04D43C7D1641E95D35CAE6086C7E350 ] wacommousefilter C:\Windows\system32\DRIVERS\wacommousefilter.sys
10:50:57.0442 4240 wacommousefilter - ok
10:50:57.0442 4240 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
10:50:57.0442 4240 WacomPen - ok
10:50:57.0442 4240 [ EC1CEB237E365330C1FCFC4876AA0AC0 ] wacomvhid C:\Windows\system32\DRIVERS\wacomvhid.sys
10:50:57.0442 4240 wacomvhid - ok
10:50:57.0442 4240 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
10:50:57.0442 4240 WANARP - ok
10:50:57.0442 4240 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
10:50:57.0442 4240 Wanarpv6 - ok
10:50:57.0457 4240 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
10:50:57.0473 4240 WatAdminSvc - ok
10:50:57.0489 4240 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
10:50:57.0489 4240 wbengine - ok
10:50:57.0504 4240 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
10:50:57.0504 4240 WbioSrvc - ok
10:50:57.0504 4240 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
10:50:57.0504 4240 wcncsvc - ok
10:50:57.0504 4240 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:50:57.0520 4240 WcsPlugInService - ok
10:50:57.0520 4240 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
10:50:57.0520 4240 Wd - ok
10:50:57.0520 4240 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
10:50:57.0535 4240 Wdf01000 - ok
10:50:57.0535 4240 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
10:50:57.0535 4240 WdiServiceHost - ok
10:50:57.0535 4240 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
10:50:57.0535 4240 WdiSystemHost - ok
10:50:57.0535 4240 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
10:50:57.0551 4240 WebClient - ok
10:50:57.0551 4240 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
10:50:57.0551 4240 Wecsvc - ok
10:50:57.0551 4240 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
10:50:57.0551 4240 wercplsupport - ok
10:50:57.0551 4240 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
10:50:57.0551 4240 WerSvc - ok
10:50:57.0567 4240 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
10:50:57.0567 4240 WfpLwf - ok
10:50:57.0567 4240 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
10:50:57.0567 4240 WIMMount - ok
10:50:57.0567 4240 WinDefend - ok
10:50:57.0567 4240 WinHttpAutoProxySvc - ok
10:50:57.0582 4240 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
10:50:57.0582 4240 Winmgmt - ok
10:50:57.0598 4240 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
10:50:57.0613 4240 WinRM - ok
10:50:57.0613 4240 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
10:50:57.0613 4240 WinUsb - ok
10:50:57.0629 4240 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
10:50:57.0629 4240 Wlansvc - ok
10:50:57.0645 4240 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:50:57.0660 4240 wlidsvc - ok
10:50:57.0660 4240 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
10:50:57.0660 4240 WmiAcpi - ok
10:50:57.0660 4240 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
10:50:57.0676 4240 wmiApSrv - ok
10:50:57.0676 4240 WMPNetworkSvc - ok
10:50:57.0676 4240 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
10:50:57.0676 4240 WPCSvc - ok
10:50:57.0676 4240 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
10:50:57.0676 4240 WPDBusEnum - ok
10:50:57.0676 4240 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
10:50:57.0676 4240 ws2ifsl - ok
10:50:57.0691 4240 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
10:50:57.0691 4240 wscsvc - ok
10:50:57.0691 4240 WSearch - ok
10:50:57.0707 4240 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
10:50:57.0723 4240 wuauserv - ok
10:50:57.0723 4240 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
10:50:57.0723 4240 WudfPf - ok
10:50:57.0738 4240 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
10:50:57.0738 4240 WUDFRd - ok
10:50:57.0738 4240 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
10:50:57.0738 4240 wudfsvc - ok
10:50:57.0738 4240 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
10:50:57.0738 4240 WwanSvc - ok
10:50:57.0754 4240 ================ Scan global ===============================
10:50:57.0754 4240 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
10:50:57.0754 4240 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
10:50:57.0754 4240 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
10:50:57.0754 4240 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
10:50:57.0769 4240 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
10:50:57.0769 4240 [Global] - ok
10:50:57.0769 4240 ================ Scan MBR ==================================
10:50:57.0769 4240 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
10:50:57.0785 4240 \Device\Harddisk1\DR1 - ok
10:50:57.0785 4240 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:50:57.0816 4240 \Device\Harddisk0\DR0 - ok
10:50:57.0816 4240 ================ Scan VBR ==================================
10:50:57.0832 4240 [ FEF2ABE59767ADFF48BF618193DC0015 ] \Device\Harddisk1\DR1\Partition1
10:50:57.0832 4240 \Device\Harddisk1\DR1\Partition1 - ok
10:50:57.0832 4240 [ C68967DC362A2B33F67655DA1EF83607 ] \Device\Harddisk0\DR0\Partition1
10:50:57.0832 4240 \Device\Harddisk0\DR0\Partition1 - ok
10:50:57.0832 4240 [ BE60BAD82922AD876B6CB450B02F8559 ] \Device\Harddisk0\DR0\Partition2
10:50:57.0832 4240 \Device\Harddisk0\DR0\Partition2 - ok
10:50:57.0832 4240 ============================================================
10:50:57.0832 4240 Scan finished
10:50:57.0832 4240 ============================================================
10:50:57.0832 6036 Detected object count: 0
10:50:57.0832 6036 Actual detected object count: 0

#8 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,696 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:12:36 PM

Posted 22 November 2012 - 02:48 PM

I see you could run the scan from normal mode. Indeed the log shows no malware, as we expected. As you mention the problem should be a corrupted program.

Let's see what programs have a scheduled task.

Download and run the attached file: Attached File  find.bat   69bytes   1 downloads
Right-click it and select "Run as Administrator". Double-click the file to run it. A log file opens. Please post it contents.

#9 edam72

edam72
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:05:36 AM

Posted 22 November 2012 - 03:14 PM

Thank you, below are the log file contents. I also turned off automatic restarts to see the blue screen error I get during a scan which is 0x000000F4 Critical_Object_termination. I was able to run a full windows defender scan, tried to do a full malware bytes scan again and all of the icons on the desktop disappear then it blue screened with that message.

c:\windows\tasks\Adobe Flash Player Updater.job
c:\windows\tasks\GlaryInitialize.job
c:\windows\tasks\GoogleUpdateTaskMachineCore.job
c:\windows\tasks\GoogleUpdateTaskMachineUA.job
c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-171858685-2003380297-1658215361-1000Core.job
c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-171858685-2003380297-1658215361-1000UA.job
c:\windows\tasks\SA.DAT
c:\windows\tasks\SCHEDLGU.TXT

#10 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,696 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:12:36 PM

Posted 22 November 2012 - 03:29 PM

We need the system to make mini dump files. Also we remove all the scheduled tasks.

You may perform the second step in normal mode. No need to go to recovery mode.

  • Please check and if needed set Windows to create mini crash dumps:
    • Go to Start => Right-click Computer and select Properties.
    • On the left pane select "Advanced system settings".
    • Under "startup and Recovery" press "Settings...".
    • Under "system failure":

      • "Write an event to the system log" should be selected.
      • "Automatically restart" should be unselected.
      • Under "Write debugging information" it should be set to "Small memory dump(256 KB)"
    • click "OK".
  • Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy. Right-click in the open notepad and select Paste). Save it on the flashdrive as fixlist.txt

    start
    c:\windows\tasks\Adobe Flash Player Updater.job
    c:\windows\tasks\GlaryInitialize.job
    c:\windows\tasks\GoogleUpdateTaskMachineCore.job
    c:\windows\tasks\GoogleUpdateTaskMachineUA.job
    c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-171858685-2003380297-1658215361-1000Core.job
    c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-171858685-2003380297-1658215361-1000UA.job
    end
    

    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

    Run FRST64 and press the Fix button just once and wait.
    The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.
  • Now run a MSE or Malwarebytes scan to produce a BSOD. Then restart.
  • Please download MiniToolBox and save it to your desktop and run it.

    Checkmark following checkboxes:
    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List installed programs.
    • List Devices (only check the box and let the default radio button as it is).
    • List Users, Partitions and Memory size.
    • List Minidump Files.
    • List Restore Points.
    Click Go and post the result (Result.txt) that pops up. A copy of result.txt will be saved in the same directory the tool is run.
  • Please download Farbar Service Scanner and run it on the computer with the issue.
    • Check all the boxes.
    • Press "Scan".
    • It will create a log (FSS.txt) in the same directory the tool is run.
    • Please copy and paste the log to your reply.


#11 edam72

edam72
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:05:36 AM

Posted 22 November 2012 - 03:59 PM

Thank you, below are the logs.

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 18-11-2012
Ran by Beansie at 2012-11-22 12:38:46 Run:1
Running from G:\

ATTENTION: THE TOOL IS NOT RUN FROM RECOVERY ENVIRONMENT AND WILL NOT FUNCTION PROPERLY.

==============================================

c:\windows\tasks\Adobe Flash Player Updater.job moved successfully.
c:\windows\tasks\GlaryInitialize.job moved successfully.
c:\windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
c:\windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-171858685-2003380297-1658215361-1000Core.job moved successfully.
c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-171858685-2003380297-1658215361-1000UA.job moved successfully.

==== End of Fixlog ====


MiniToolBox by Farbar Version: 10-11-2012 02
Ran by Beansie (administrator) on 22-11-2012 at 12:53:43
Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Intel® 82567V-2 Gigabit Network Connection = Local Area Connection (Connected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Hardware not present)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Beansie-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : gateway.2wire.net

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : gateway.2wire.net
Description . . . . . . . . . . . : Intel® 82567V-2 Gigabit Network Connection
Physical Address. . . . . . . . . : 20-CF-30-7F-52-DB
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::f8de:6000:59c2:d3cf%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.87(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Thursday, November 22, 2012 12:47:13 PM
Lease Expires . . . . . . . . . . : Friday, November 23, 2012 12:47:13 PM
Default Gateway . . . . . . . . . : 192.168.1.254
DHCP Server . . . . . . . . . . . : 192.168.1.254
DHCPv6 IAID . . . . . . . . . . . : 237031216
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-20-54-16-20-CF-30-7F-52-DB
DNS Servers . . . . . . . . . . . : 192.168.1.254
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.gateway.2wire.net:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : gateway.2wire.net
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:280e:27d6:9ccb:9f57(Preferred)
Link-local IPv6 Address . . . . . : fe80::280e:27d6:9ccb:9f57%12(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: homeportal
Address: 192.168.1.254

Name: google.com
Addresses: 2001:4860:4007:801::1000
74.125.224.174
74.125.224.160
74.125.224.161
74.125.224.162
74.125.224.163
74.125.224.164
74.125.224.165
74.125.224.166
74.125.224.167
74.125.224.168
74.125.224.169


Pinging google.com [74.125.224.165] with 32 bytes of data:
Reply from 74.125.224.165: bytes=32 time=38ms TTL=50
Reply from 74.125.224.165: bytes=32 time=38ms TTL=50

Ping statistics for 74.125.224.165:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 38ms, Maximum = 38ms, Average = 38ms
Server: homeportal
Address: 192.168.1.254

Name: yahoo.com
Addresses: 98.138.253.109
98.139.183.24
72.30.38.140


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=52ms TTL=47
Reply from 72.30.38.140: bytes=32 time=52ms TTL=47

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 52ms, Maximum = 52ms, Average = 52ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
10...20 cf 30 7f 52 db ......Intel® 82567V-2 Gigabit Network Connection
1...........................Software Loopback Interface 1
11...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.87 10
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.87 266
192.168.1.87 255.255.255.255 On-link 192.168.1.87 266
192.168.1.255 255.255.255.255 On-link 192.168.1.87 266
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.87 266
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.87 266
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
12 58 ::/0 On-link
1 306 ::1/128 On-link
12 58 2001::/32 On-link
12 306 2001:0:9d38:953c:280e:27d6:9ccb:9f57/128
On-link
10 266 fe80::/64 On-link
12 306 fe80::/64 On-link
12 306 fe80::280e:27d6:9ccb:9f57/128
On-link
10 266 fe80::f8de:6000:59c2:d3cf/128
On-link
1 306 ff00::/8 On-link
12 306 ff00::/8 On-link
10 266 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 10 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [193824] (Apple Inc.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 10 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/22/2012 10:54:09 AM) (Source: Windows Backup) (User: )
Description: The backup did not complete because of an error writing to the backup location S:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).

Error: (11/20/2012 04:21:25 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "OnlineServices,version="11.0.0.0"1".
Dependent Assembly OnlineServices,version="11.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (11/20/2012 03:24:36 PM) (Source: Windows Backup) (User: )
Description: The backup did not complete because of an error writing to the backup location S:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).

Error: (11/17/2012 01:20:45 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "OnlineServices,version="11.0.0.0"1".
Dependent Assembly OnlineServices,version="11.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (11/17/2012 11:24:11 AM) (Source: TabletServiceWacom) (User: )
Description: TabletService Error:
Could not init tablet driver

Error: (11/17/2012 10:35:19 AM) (Source: TabletServiceWacom) (User: )
Description: TabletService Error:
Could not init tablet driver

Error: (11/17/2012 10:32:07 AM) (Source: Windows Backup) (User: )
Description: The backup did not complete because of an error writing to the backup location S:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).

Error: (11/16/2012 04:23:20 PM) (Source: TabletServiceWacom) (User: )
Description: TabletService Error:
Could not init tablet driver

Error: (11/16/2012 03:26:15 PM) (Source: TabletServiceWacom) (User: )
Description: TabletService Error:
Could not init tablet driver

Error: (11/16/2012 01:33:17 PM) (Source: TabletServiceWacom) (User: )
Description: TabletService Error:
Could not init tablet driver


System errors:
=============
Error: (11/22/2012 00:47:43 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Roxio Hard Drive Watcher 12 service to connect.

Error: (11/22/2012 00:47:13 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 12:43:39 PM on ?11/?22/?2012 was unexpected.

Error: (11/22/2012 00:36:15 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Roxio Hard Drive Watcher 12 service to connect.

Error: (11/22/2012 00:26:46 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Roxio Hard Drive Watcher 12 service to connect.

Error: (11/22/2012 00:05:08 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Roxio Hard Drive Watcher 12 service to connect.

Error: (11/22/2012 00:04:37 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 11:52:10 AM on ?11/?22/?2012 was unexpected.

Error: (11/22/2012 11:26:39 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk6\DR6.

Error: (11/22/2012 11:25:46 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Roxio Hard Drive Watcher 12 service to connect.

Error: (11/22/2012 11:21:18 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Roxio Hard Drive Watcher 12 service to connect.

Error: (11/22/2012 11:01:18 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Roxio Hard Drive Watcher 12 service to connect.


Microsoft Office Sessions:
=========================
Error: (11/22/2012 10:54:09 AM) (Source: Windows Backup)(User: )
Description: S:\The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006)

Error: (11/20/2012 04:21:25 PM) (Source: SideBySide)(User: )
Description: OnlineServices,version="11.0.0.0"c:\program files (x86)\Nero\KM\NMDllHost.exe.Manifest

Error: (11/20/2012 03:24:36 PM) (Source: Windows Backup)(User: )
Description: S:\The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006)

Error: (11/17/2012 01:20:45 PM) (Source: SideBySide)(User: )
Description: OnlineServices,version="11.0.0.0"c:\program files (x86)\Nero\KM\NMDllHost.exe.Manifest

Error: (11/17/2012 11:24:11 AM) (Source: TabletServiceWacom)(User: )
Description: Could not init tablet driver

Error: (11/17/2012 10:35:19 AM) (Source: TabletServiceWacom)(User: )
Description: Could not init tablet driver

Error: (11/17/2012 10:32:07 AM) (Source: Windows Backup)(User: )
Description: S:\The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006)

Error: (11/16/2012 04:23:20 PM) (Source: TabletServiceWacom)(User: )
Description: Could not init tablet driver

Error: (11/16/2012 03:26:15 PM) (Source: TabletServiceWacom)(User: )
Description: Could not init tablet driver

Error: (11/16/2012 01:33:17 PM) (Source: TabletServiceWacom)(User: )
Description: Could not init tablet driver


=========================== Installed Programs ============================

3D Flash Animator 4.9.8.7
64 Bit HP CIO Components Installer (Version: 7.2.8)
6500_E709_eDocs (Version: 1.00.0000)
6500_E709_Help (Version: 1.00.0000)
6500_E709n (Version: 140.0.000.000)
Adobe AIR (Version: 3.0.0.4080)
Adobe Community Help (Version: 3.5.23)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.287)
Adobe Flash Player 11 Plugin (Version: 11.5.502.110)
Adobe Media Player (Version: 1.8)
Adobe Photoshop Elements 9 (Version: 9.0)
Adobe Photoshop Lightroom 2.7 64-bit (Version: 2.7)
Adobe Photoshop.com Inspiration Browser (Version: 3.07)
Adobe Premiere Elements 8.0 (Version: 8.0)
Adobe Premiere Elements 8.0 (Version: 8.0.1)
Adobe Premiere Elements 8.0 Templates (Version: 8.0)
Adobe Reader X (10.1.4) (Version: 10.1.4)
AI Suite (Version: 1.06.14)
Amazon MP3 Downloader 1.0.12 (Version: 1.0.12)
AMD Accelerated Video Transcoding (Version: 12.5.100.20928)
AMD APP SDK Runtime (Version: 10.0.1016.4)
AMD Catalyst Install Manager (Version: 8.0.891.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Media Foundation Decoders (Version: 1.0.70928.1539)
Anime Studio Debut 8.1 (Version: 8.1)
Apple Application Support (Version: 2.1.7)
Apple Software Update (Version: 2.1.3.127)
ArcSoft Panorama Maker 5 Lite (Version: 5.0.7.64)
Audacity 1.2.6
Auslogics Duplicate File Finder (Version: version 2.0)
Avery Wizard 4.0 (Version: 4.0.4)
BIAS SoundSoap SE 2.4 (Version: 2.4.0)
Bonjour (Version: 2.0.2.0)
bpd_scan (Version: 3.00.0000)
BPDSoftware (Version: 140.0.000.000)
BPDSoftware_Ini (Version: 1.00.0000)
BufferChm (Version: 140.0.213.000)
C310 (Version: 140.0.304.000)
CameraHelperMsi (Version: 13.31.1038.0)
Canon DIGITAL CAMERA Solution Disk Software Guide (Version: 1.3.0.1)
CANON iMAGE GATEWAY MyCamera Download Plugin (Version: 3.1.0.1)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (Version: 1.8.0.1)
Canon Internet Library for ZoomBrowser EX (Version: 1.7.0.1)
Canon MOV Decoder (Version: 1.7.0.6)
Canon MOV Encoder (Version: 1.5.0.3)
Canon MovieEdit Task for ZoomBrowser EX (Version: 3.6.0.5)
Canon Personal Printing Guide (Version: 1.1.1.3)
Canon PowerShot G12 Camera User Guide (Version: 1.0.0.1)
Canon Utilities CameraWindow DC 8 (Version: 8.3.0.6)
Canon Utilities CameraWindow Launcher (Version: 7.5.0.2)
Canon Utilities Digital Photo Professional 3.9 (Version: 3.9.1.0)
Canon Utilities Movie Uploader for YouTube (Version: 1.1.0.4)
Canon Utilities MyCamera (Version: 7.4.0.2)
Canon Utilities PhotoStitch (Version: 3.1.22.46)
Canon Utilities ZoomBrowser EX (Version: 6.6.0.23)
Canon ZoomBrowser EX Memory Card Utility (Version: 1.4.0.4)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center (Version: 2012.0928.1532.26058)
Catalyst Control Center Graphics Previews Common (Version: 2012.0928.1532.26058)
Catalyst Control Center InstallProxy (Version: 2012.0928.1532.26058)
Catalyst Control Center Localization All (Version: 2012.0928.1532.26058)
ccc-utility64 (Version: 2012.0928.1532.26058)
CCC Help Chinese Standard (Version: 2012.0928.1531.26058)
CCC Help Chinese Traditional (Version: 2012.0928.1531.26058)
CCC Help Czech (Version: 2012.0928.1531.26058)
CCC Help Danish (Version: 2012.0928.1531.26058)
CCC Help Dutch (Version: 2012.0928.1531.26058)
CCC Help English (Version: 2012.0928.1531.26058)
CCC Help Finnish (Version: 2012.0928.1531.26058)
CCC Help French (Version: 2012.0928.1531.26058)
CCC Help German (Version: 2012.0928.1531.26058)
CCC Help Greek (Version: 2012.0928.1531.26058)
CCC Help Hungarian (Version: 2012.0928.1531.26058)
CCC Help Italian (Version: 2012.0928.1531.26058)
CCC Help Japanese (Version: 2012.0928.1531.26058)
CCC Help Korean (Version: 2012.0928.1531.26058)
CCC Help Norwegian (Version: 2012.0928.1531.26058)
CCC Help Polish (Version: 2012.0928.1531.26058)
CCC Help Portuguese (Version: 2012.0928.1531.26058)
CCC Help Russian (Version: 2012.0928.1531.26058)
CCC Help Spanish (Version: 2012.0928.1531.26058)
CCC Help Swedish (Version: 2012.0928.1531.26058)
CCC Help Thai (Version: 2012.0928.1531.26058)
CCC Help Turkish (Version: 2012.0928.1531.26058)
CCleaner (Version: 3.24)
ClassicPro© v1.15 (Version: 1.15)
CPUID ROG CPU-Z 1.57.1 (Version: 1.57.1)
CrazyTalk Animator PRO (Version: 1.2.2010.1)
CyberLink PowerDirector 11 (Version: 11.0.0.2215)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Destinations (Version: 130.0.0.0)
DeviceDiscovery (Version: 140.0.213.000)
DirectX 9 Runtime (Version: 1.00.0000)
DocMgr (Version: 140.0.65.000)
DocProc (Version: 140.0.100.000)
doubleTwist (Version: 3.2.0.11764)
Download Updater (AOL Inc.)
Dropbox (Version: 1.4.21)
Duplicate Finder (Version: 4.2.1.0)
DVD Menu Template Package 1.2 (Version: 1.2)
DVDStyler v1.8.2
Easy GIF Animator 5.21 (Version: Easy GIF Animator 5.0)
Elements 9 Organizer (Version: 9.0)
Elements STI Installer (Version: 1.0)
erLT (Version: 1.20.138.34)
Family Tree Maker 2011 (Version: 20.0.379)
Fax (Version: 140.0.213.000)
ffdshow [rev 2527] [2008-12-19] (Version: 1.0)
Flip Boom All-Star 1.0 (Version: 1.0)
forteManager (Version: 3.18)
FotoMorph version 13.4.4 (Version: 13.4.4)
Free YouTube Downloader 3.5.126
FreeRIP v3.66 (Version: 3.66)
Geeks3D.com FurMark 1.10.3
Glary Utilities 2.50.0.1632 (Version: 2.50.0.1632)
Google Chrome (Version: 23.0.1271.64)
Google Drive (Version: 1.5.3654.684)
Google Earth (Version: 6.2.2.6613)
Google Update Helper (Version: 1.3.21.123)
GPBaseService2 (Version: 140.0.212.000)
HD Tune 2.55
HijackThis 2.0.2 (Version: 2.0.2)
HP Document Manager 2.0 (Version: 2.0)
HP Imaging Device Functions 14.0 (Version: 14.0)
HP Officejet 6500 E709 Series (Version: 14.0)
HP Photo Creations (Version: 1.0.0.2024)
HP Photosmart Essential 3.5 (Version: 3.5)
HP Photosmart Prem C310 All-In-One Driver Software 14.0 Rel. 7 (Version: 14.0)
HP Smart Web Printing 4.60 (Version: 4.60)
HP Solution Center 14.0 (Version: 14.0)
HP Update (Version: 5.003.001.001)
HPAppStudio (Version: 140.0.95.000)
HPDiagnosticAlert (Version: 1.00.0000)
HPPhotoGadget (Version: 140.0.524.000)
HPPhotoSmartDiscLabelContent1 (Version: 2.04.0000)
HPPhotosmartEssential (Version: 2.04.0000)
HPProductAssistant (Version: 140.0.213.000)
Intel® IPP Run-Time Installer 5.2 for Windows* on IA-32 (Version: 5.2.0.2)
Intel® Matrix Storage Manager
Java 7 Update 9 (Version: 7.0.90)
Java Auto Updater (Version: 2.1.9.0)
Java™ 6 Update 30 (Version: 6.0.300)
JMicron HW RAID Manager (Version: 0.09.43)
JMicron JMB36X Driver (Version: 1.00.0000)
LightScribe System Software (Version: 1.18.23.1)
Logitech Webcam Software (Version: 2.31)
LWS Facebook (Version: 13.31.1038.0)
LWS Gallery (Version: 13.31.1038.0)
LWS Help_main (Version: 13.31.1044.0)
LWS Launcher (Version: 13.31.1038.0)
LWS Motion Detection (Version: 13.30.1395.0)
LWS Pictures And Video (Version: 13.31.1038.0)
LWS Twitter (Version: 13.30.1346.0)
LWS Video Mask Maker (Version: 13.30.1379.0)
LWS VideoEffects (Version: 13.30.1379.0)
LWS Webcam Software (Version: 13.31.1038.0)
LWS WLM Plugin (Version: 1.30.1201.0)
LWS YouTube Plugin (Version: 13.31.1038.0)
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
marvell 91xx driver (Version: 1.0.0.1034)
MediaMonkey 4.0 (Version: 4.0)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Mouse and Keyboard Center (Version: 2.0.161.0)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Home and Business 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Primary Interoperability Assemblies 2005 (Version: 8.0.50727.42)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft VC9 runtime libraries (Version: 2.0.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
NEC Electronics USB 3.0 Host Controller Driver (Version: 1.0.19.0)
Nero 11 Creative Collections Pack
Nero 11 Mini Repack
Network64 (Version: 140.0.215.000)
Network64 (Version: 140.0.221.000)
Newblue Art Effects for PowerDirector (Version: 2.0)
ObjectDock Free (Version: 2.00)
OCR Software by I.R.I.S. 14.0 (Version: 14.0)
Opera 12.10 (Version: 12.10.1652)
OpticFilm 7600i (Version: 4.0.1)
Photo DVD Maker Professional 8.51 (Version: 8.51)
Photobucket Desktop (Version: 1.0.3.1552)
PhotoStage Slideshow Producer
Picasa 3 (Version: 3.8)
Pinnacle Studio 15 (Version: 15.0.0.7593)
Pinnacle Video Driver (Version: 12.1.0.030)
Poster Forge 1.02
PowerISO
Preset Viewer Breeze (Version: 1.0)
Preset Viewer Breeze (Version: v1.0)
Presto! ImageFolio 4 (Version: 4.50.03)
Presto! PageManager 7.10 (Version: 7.10.03)
ProductContext (Version: 140.0.000.000)
PS_AIO_07_C310_SW_Min (Version: 140.0.304.000)
QuickTime (Version: 7.72.80.56)
QuickTransfer (Version: 140.0.98.000)
RBVirtualFolder64Inst (Version: 1.00.0000)
Realtek High Definition Audio Driver (Version: 6.0.1.6037)
Revo Uninstaller 1.94 (Version: 1.94)
Roxio BackOnTrack (Version: 4.0)
Roxio BackOnTrackPE (Version: 4.0)
Roxio Burn - Secure (Version: 1.6)
Roxio CinePlayer (Version: 5.6)
Roxio CinePlayer Decoder Pack (Version: 4.3.0)
Roxio Creator 2011 Content (Version: 13.0.098)
Roxio Creator 2011 Pro (Version: 1.3.166)
Roxio Creator 2011 Pro (Version: 13.0)
Roxio Creator 2011 Pro (Version: 6.0.0)
Roxio PhotoShow (Version: 6.0)
Roxio Video Capture USB (Version: 1.22.0000)
Samsung_MonSetup (Version: 1.00.0000)
Scan (Version: 140.0.167.000)
Seagate File Recovery for Windows 2.0 (Version: 2.0.7631)
Seagate Manager Installer (Version: 2.01.0600)
Serif AlbumPlus SE PRO (Version: 4.5.1.008)
SilverFast UScan 6.6.1r5
Skype™ 5.10 (Version: 5.10.116)
SmartSound Common Data (Version: 1.1.0)
SmartSound Quicktracks 5 (Version: 5.1.7)
SmartSound Quicktracks for Premiere Elements 8.0 (Version: 3.11.3090)
SmartSound Sonicfire Pro 5 (Version: 5.5.2)
SmartWebPrinting (Version: 140.0.213.000)
Smilebox (Version: 1.1.1.1)
Snagit 9.1 (Version: 9.1.0.206)
SolutionCenter (Version: 140.0.214.000)
Status (Version: 140.0.256.000)
The Logo Creator v5.2
Toolbox (Version: 140.0.428.000)
TrayApp (Version: 140.0.213.000)
TurboV EVO (Version: 1.02.25)
Ulead VideoStudio SE DVD (Version: 10.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
VD64Inst (Version: 1.00.0000)
Vegas Movie Studio HD Platinum 10.0 (Version: 10.0.179)
VisiPics V1.30
vReveal
Wacom Tablet
WebReg (Version: 140.0.213.017)
WebTablet IE Plugin (Version: 1.1.0.4)
WebTablet Netscape Plugin (Version: 1.1.0.3)
Winamp (Version: 5.63 )
Winamp Detector Plug-in (Version: 1.0.0.1)
Winamp Essentials Pack (Version: v5.63a)
Winamp Toolbar
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3538.0513)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Media Encoder 9 Series
Windows Media Encoder 9 Series (Version: 9.00.2980)
WinRAR 4.00 (64-bit) (Version: 4.00.0)
Wondershare DVD Slideshow Builder Deluxe(Build 6.0.0.22) (Version: 6.0.0.22)
Wondershare Flash Gallery Factory Deluxe 5.0.2
XviD Video Codec 1.1.2-01022007 (Version: 1.1.2-01022007)

========================= Devices: ================================

Name: Officejet 6500 E709n
Description: Officejet 6500 E709n
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: High Definition Audio Controller
Description: High Definition Audio Controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: HDAudBus
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Bluetooth Device (Personal Area Network)
Description: Bluetooth Device (Personal Area Network)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BthPan
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Officejet 6500 E709n
Description: Officejet 6500 E709n
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


========================= Memory info: ===================================

Percentage of memory in use: 16%
Total physical RAM: 12279.09 MB
Available physical RAM: 10206.25 MB
Total Pagefile: 24556.38 MB
Available Pagefile: 22267.05 MB
Total Virtual: 4095.88 MB
Available Virtual: 3963.64 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:297.4 GB) (Free:63.12 GB) NTFS
4 Drive f: (Project Drive) (Fixed) (Total:119.24 GB) (Free:42.13 GB) NTFS
5 Drive g: () (Removable) (Total:7.45 GB) (Free:7.45 GB) FAT32

========================= Users: ========================================

User accounts for \\BEANSIE-PC

Administrator Beansie Guest

========================= Minidump Files ==================================

No minidump file found

========================= Restore Points ==================================

15-11-2012 22:38:06 Scheduled Checkpoint
15-11-2012 22:55:30 Windows Update
20-11-2012 23:25:04 Windows Update

**** End of log ****


Farbar Service Scanner Version: 09-11-2012
Ran by Beansie (administrator) on 22-11-2012 at 12:57:15
Running from "C:\Users\Beansie\Desktop"
Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2012-11-15 14:55] - [2012-10-03 09:56] - 1914248 ____A (Microsoft Corporation) 37608401DFDB388CAF66917F6B2D6FB0

C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#12 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,696 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:12:36 PM

Posted 22 November 2012 - 06:09 PM

Looks there is no minidump file is made.

The only noticeable error is the following:

Error: (11/22/2012 11:26:39 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk6\DR6.


You can better run the check disk on all the drives:

Please follow the instruction on How to use CHKDSK and use the graphical method to schedule a scan. Restart and let the scan to be run fully.
Repeat it on all the drives.

After that do a test and scan the system to see if it makes any difference.

#13 edam72

edam72
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:05:36 AM

Posted 22 November 2012 - 07:31 PM

That is actually a new error, I had ran chkdsk on the drives before, but reseating everything and doing it again. Drive c: is actually a bunch of ssd drives in raid 0 on a raid controller. Thanks again for all of your help!

#14 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,696 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:12:36 PM

Posted 23 November 2012 - 04:11 AM

I see from the restore points that you have already updated Windows. So we have covered the usual troubleshooting methods related to the error as described here: http://msdn.microsoft.com/en-us/library/windows/hardware/ff560372%28v=vs.85%29.aspx

We couldn't get a minidump file of the BSOD to analyze for details.

The following step is just an attempt to see if the third party software that are running on the system cause the issue:

Go to Start > Run (alternately press (Windows key+R)
  • In the run box type: msconfig to open up System Configuration Utility.
  • Click on "Startup" tab.
  • Press "Disable All".
  • Click on Services tab.
  • Important: Check Hide All Microsoft Services box.
  • Press "Disable All".
  • Press Apply and Close .
  • A Windows pops up select "Restart".


#15 edam72

edam72
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:05:36 AM

Posted 23 November 2012 - 04:59 PM

I tried turning everything off, the scan still caused a blue screen, trying hardware tests more in depth, at this point it really seems to be hardware, perhaps the RAID contoller. I really appreciate all the help you have given in this.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users