Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

potential registry problems following removal of virus


  • Please log in to reply
65 replies to this topic

#1 Sc673yn

Sc673yn

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:09:19 AM

Posted 25 June 2013 - 09:50 PM

Hi, I am new here and in need of help.  I am not sure exactly what is wrong, but I will try to explain:

 

My computer has Windows XP

Home Edition

Version 2002

Service Pack 3

 

Yesterday I had the Internet Security Pro popup telling me my computer was infected.  I rebooted into safe mode with networking and logged in as the administrator account.

 

I ran rkill and then MBAM, which cleaned out the virus itself (I think).  Subsequent runs of MBAM after rkill show zero file problems in the full scan.

 

However, my rkill report includes:

 

Checking Windows Service Integrity:

 * wscsvc [Missing Service]

 * SharedAccess [Missing ImagePath]

 

This makes me think that something is wrong with my registry files.  I do not know enough about this to proceed.  I am able to use the internet and run Microsoft Security Essentials now, so I think the virus is removed, but I'm not sure what to do about these messages.

 

Microsoft Security Essentials full scan shows zero threats.  I tried to use my computer's restore option to go back to an earlier date, but both of my attempts led to a message that said this could not be completed.  I think the virus messed with something so that I cannot restore to an earlier point.  I do not know if I need to do this or not.

 

Please help me.  Thank you.



BC AdBot (Login to Remove)

 


#2 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:01:19 PM

Posted 28 June 2013 - 10:20 AM

Hello,

I will be helping you with your problems. Please be patient while I assist you.

Some points for you to keep in mind while I am helping you to make things go easier and faster for both of us
 

  • Please do NOT run, install or uninstall any programs,  unless instructed to do so. 
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
          
  • Please do not attach logs or use code boxes, just copy and paste the text. 
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
          
  • Please read every post completely before doing anything.     
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
          
  • Please provide feedback about your experience as we go.     
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
          

NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.
- Do NOT backup any unknown files ending in .exe, .com, .scr, .pif, and .bat since files of these types are more likely to be infected.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

----------------------------------------------

Please do the following:

:step1:

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!


  • Double-click on TDSSKiller.exe on your desktop to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click on change parameters
  • Under Objects to scan, check the boxes next to Verify file digital signatures, Detect TDLFS file system, then click OK.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not an option, Skip instead, do NOT choose Delete or Quarantine unless instructed.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the full contents of that file in your next reply. - If the log is too long, then split it into multiple posts.



:step2:

Please download AdwCleaner by Xplode onto your desktop.


  • Double click on AdwCleaner.exe to run the tool.
  • Click on Search.
  • A logfile will automatically open after the scan has finished.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[R1].txt as well.



:step3:

Please download Farbar Service Scanner and run it on the computer with the issue.


  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press Scan.
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the full contents of the log in your next reply.



:step4:

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:


  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (Only Problems)
  • List Users, Partitions and Memory size.
  • List Minidump Files
  • List Restore points

NOTE: When using "Reset FF Proxy Settings" option Firefox should be closed.

Click Go and post the full contents of the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.


Edited by dev00790, 28 June 2013 - 10:20 AM.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#3 Sc673yn

Sc673yn
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:09:19 AM

Posted 28 June 2013 - 11:17 AM

Thank you for coming to help. I have a question before these steps: should I be doing this in safe mode? Should it be under my login or the administrator account if in safe mode? Thank you.

#4 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:01:19 PM

Posted 28 June 2013 - 11:40 AM

Are you able to boot normally?


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#5 Sc673yn

Sc673yn
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:09:19 AM

Posted 28 June 2013 - 12:02 PM

Yes, I can. I cannot run or find windows service center, but I can log on to my account, get online, view my pictures, etc. I have not tried to run any other programs other than malware bytes, which worked. I am backing up files to a jump drive now.

#6 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:01:19 PM

Posted 28 June 2013 - 12:18 PM

Ok when ready please follow my instructions in normal mode in your administrator account


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#7 Sc673yn

Sc673yn
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:09:19 AM

Posted 28 June 2013 - 01:06 PM

I am ready but do not see the TDSS Rootkit Removal Tool when I click the link. Can you help me find it? Sorry.

#8 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:01:19 PM

Posted 28 June 2013 - 01:14 PM

ok the website has changed, so the previous link I gave is outdated.

Please try this one instead.


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#9 Sc673yn

Sc673yn
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:09:19 AM

Posted 28 June 2013 - 01:28 PM

I ran the TDSS tool.  I chose Skip for the results as instructed, because Cure was not an option.  Here is the log:

 

14:19:16.0906 2560  TDSS rootkit removing tool 2.8.18.0 Jun 10 2013 21:44:19
14:19:17.0453 2560  ============================================================
14:19:17.0453 2560  Current date / time: 2013/06/28 14:19:17.0453
14:19:17.0453 2560  SystemInfo:
14:19:17.0453 2560 
14:19:17.0453 2560  OS Version: 5.1.2600 ServicePack: 3.0
14:19:17.0453 2560  Product type: Workstation
14:19:17.0453 2560  ComputerName: BERNADETTE
14:19:17.0453 2560  UserName: Mrs. White
14:19:17.0453 2560  Windows directory: C:\WINDOWS
14:19:17.0453 2560  System windows directory: C:\WINDOWS
14:19:17.0453 2560  Processor architecture: Intel x86
14:19:17.0453 2560  Number of processors: 2
14:19:17.0453 2560  Page size: 0x1000
14:19:17.0453 2560  Boot type: Normal boot
14:19:17.0453 2560  ============================================================
14:19:24.0468 2560  Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
14:19:25.0250 2560  ============================================================
14:19:25.0250 2560  \Device\Harddisk0\DR0:
14:19:25.0265 2560  MBR partitions:
14:19:25.0265 2560  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xCFD387E
14:19:25.0296 2560  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xCFD38FC, BlocksNum 0x3CC3F04
14:19:25.0296 2560  ============================================================
14:19:25.0343 2560  C: <-> \Device\Harddisk0\DR0\Partition1
14:19:25.0375 2560  D: <-> \Device\Harddisk0\DR0\Partition2
14:19:25.0375 2560  ============================================================
14:19:25.0375 2560  Initialize success
14:19:25.0375 2560  ============================================================
14:20:44.0359 0700  ============================================================
14:20:44.0359 0700  Scan started
14:20:44.0359 0700  Mode: Manual; SigCheck; TDLFS;
14:20:44.0359 0700  ============================================================
14:20:44.0484 0700  ================ Scan system memory ========================
14:20:44.0484 0700  System memory - ok
14:20:44.0484 0700  ================ Scan services =============================
14:20:44.0718 0700  Abiosdsk - ok
14:20:44.0718 0700  abp480n5 - ok
14:20:44.0781 0700  [ 8FD99680A539792A30E97944FDAECF17 ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
14:20:46.0265 0700  ACPI - ok
14:20:46.0312 0700  [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC          C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
14:20:46.0625 0700  ACPIEC - ok
14:20:46.0703 0700  [ 5508E9F55799C6551D54DFBC4A068B68 ] ACPIVPC         C:\WINDOWS\system32\DRIVERS\AcpiVpc.sys
14:20:47.0046 0700  ACPIVPC - ok
14:20:47.0171 0700  [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
14:20:47.0281 0700  AdobeFlashPlayerUpdateSvc - ok
14:20:47.0296 0700  adpu160m - ok
14:20:47.0343 0700  [ 8BED39E3C35D6A489438B8141717A557 ] aec             C:\WINDOWS\system32\drivers\aec.sys
14:20:47.0718 0700  aec - ok
14:20:47.0765 0700  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
14:20:47.0937 0700  AFD - ok
14:20:47.0953 0700  Aha154x - ok
14:20:47.0968 0700  aic78u2 - ok
14:20:47.0968 0700  aic78xx - ok
14:20:48.0015 0700  [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
14:20:48.0343 0700  Alerter - ok
14:20:48.0421 0700  [ 8C515081584A38AA007909CD02020B3D ] ALG             C:\WINDOWS\System32\alg.exe
14:20:48.0734 0700  ALG - ok
14:20:48.0750 0700  AliIde - ok
14:20:48.0921 0700  [ F6AF59D6EEE5E1C304F7F73706AD11D8 ] Ambfilt         C:\WINDOWS\system32\drivers\Ambfilt.sys
14:20:49.0421 0700  Ambfilt - ok
14:20:49.0437 0700  amsint - ok
14:20:49.0578 0700  [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:20:49.0843 0700  Apple Mobile Device - ok
14:20:49.0843 0700  AppMgmt - ok
14:20:49.0921 0700  [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394         C:\WINDOWS\system32\DRIVERS\arp1394.sys
14:20:50.0250 0700  Arp1394 - ok
14:20:50.0265 0700  asc - ok
14:20:50.0265 0700  asc3350p - ok
14:20:50.0281 0700  asc3550 - ok
14:20:50.0406 0700  [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
14:20:50.0843 0700  aspnet_state - ok
14:20:50.0890 0700  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
14:20:51.0234 0700  AsyncMac - ok
14:20:51.0328 0700  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
14:20:51.0640 0700  atapi - ok
14:20:51.0640 0700  Atdisk - ok
14:20:51.0703 0700  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
14:20:52.0046 0700  Atmarpc - ok
14:20:52.0093 0700  [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
14:20:52.0453 0700  AudioSrv - ok
14:20:52.0531 0700  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
14:20:52.0875 0700  audstub - ok
14:20:52.0968 0700  [ CC03987EE5D0F956706B40D2F91F9E4F ] BCM43XX         C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
14:20:53.0218 0700  BCM43XX - ok
14:20:53.0312 0700  [ 6163664C7E9CD110AF70180C126C3FDC ] BcmSqlStartupSvc C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
14:20:53.0625 0700  BcmSqlStartupSvc - ok
14:20:53.0671 0700  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
14:20:54.0015 0700  Beep - ok
14:20:54.0062 0700  [ 574738F61FCA2935F5265DC4E5691314 ] BITS            C:\WINDOWS\system32\qmgr.dll
14:20:54.0500 0700  BITS - ok
14:20:54.0578 0700  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:20:54.0890 0700  Bonjour Service - ok
14:20:54.0937 0700  [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser         C:\WINDOWS\System32\browser.dll
14:20:55.0156 0700  Browser - ok
14:20:55.0265 0700  [ FB25D143FBBDCA2FC2A89AF63F56EA8E ] Cam5607         C:\WINDOWS\system32\Drivers\BisonC07.sys
14:20:55.0937 0700  Cam5607 - ok
14:20:55.0968 0700  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
14:20:56.0328 0700  cbidf2k - ok
14:20:56.0406 0700  [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE        C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
14:20:56.0750 0700  CCDECODE - ok
14:20:56.0750 0700  cd20xrnt - ok
14:20:56.0828 0700  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
14:20:57.0203 0700  Cdaudio - ok
14:20:57.0265 0700  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
14:20:57.0718 0700  Cdfs - ok
14:20:57.0812 0700  [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
14:20:58.0156 0700  Cdrom - ok
14:20:58.0156 0700  Changer - ok
14:20:58.0234 0700  [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc           C:\WINDOWS\system32\cisvc.exe
14:20:58.0546 0700  CiSvc - ok
14:20:58.0593 0700  [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
14:20:58.0937 0700  ClipSrv - ok
14:20:58.0968 0700  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:20:59.0218 0700  clr_optimization_v2.0.50727_32 - ok
14:20:59.0265 0700  [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt          C:\WINDOWS\system32\DRIVERS\CmBatt.sys
14:20:59.0609 0700  CmBatt - ok
14:20:59.0625 0700  CmdIde - ok
14:20:59.0656 0700  [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt        C:\WINDOWS\system32\DRIVERS\compbatt.sys
14:20:59.0968 0700  Compbatt - ok
14:20:59.0984 0700  COMSysApp - ok
14:21:00.0000 0700  Cpqarray - ok
14:21:00.0062 0700  [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
14:21:00.0406 0700  CryptSvc - ok
14:21:00.0406 0700  dac2w2k - ok
14:21:00.0421 0700  dac960nt - ok
14:21:00.0515 0700  [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
14:21:00.0718 0700  DcomLaunch - ok
14:21:00.0828 0700  [ 696C496DDAB0A608D02894E9D4F62980 ] DDNIMSGService  C:\Program Files\DDNI\Lenovo Idea Notes\DDNIMSGService.exe
14:21:01.0718 0700  DDNIMSGService ( UnsignedFile.Multi.Generic ) - warning
14:21:01.0718 0700  DDNIMSGService - detected UnsignedFile.Multi.Generic (1)
14:21:01.0812 0700  [ A767A85632556477021D43259397B21A ] DDNIService     C:\Program Files\DDNI\DIBS\DDNIService.exe
14:21:01.0890 0700  DDNIService ( UnsignedFile.Multi.Generic ) - warning
14:21:01.0890 0700  DDNIService - detected UnsignedFile.Multi.Generic (1)
14:21:01.0937 0700  [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
14:21:02.0328 0700  Dhcp - ok
14:21:02.0406 0700  [ 044452051F3E02E7963599FC8F4F3E25 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
14:21:02.0718 0700  Disk - ok
14:21:02.0734 0700  dmadmin - ok
14:21:02.0828 0700  [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
14:21:03.0328 0700  dmboot - ok
14:21:03.0406 0700  [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
14:21:03.0750 0700  dmio - ok
14:21:03.0843 0700  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
14:21:04.0187 0700  dmload - ok
14:21:04.0218 0700  [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver        C:\WINDOWS\System32\dmserver.dll
14:21:04.0531 0700  dmserver - ok
14:21:04.0578 0700  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
14:21:04.0890 0700  DMusic - ok
14:21:04.0984 0700  [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
14:21:05.0171 0700  Dnscache - ok
14:21:05.0218 0700  [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
14:21:05.0546 0700  Dot3svc - ok
14:21:05.0562 0700  dpti2o - ok
14:21:05.0640 0700  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
14:21:05.0953 0700  drmkaud - ok
14:21:06.0062 0700  [ EB9438402DCD2C11F8268B5B2DA4E639 ] DvmMDES         C:\QSTART.SYS\config\DVMExportService.exe
14:21:06.0125 0700  DvmMDES ( UnsignedFile.Multi.Generic ) - warning
14:21:06.0125 0700  DvmMDES - detected UnsignedFile.Multi.Generic (1)
14:21:06.0171 0700  [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost         C:\WINDOWS\System32\eapsvc.dll
14:21:06.0515 0700  EapHost - ok
14:21:06.0578 0700  [ BC93B4A066477954555966D77FEC9ECB ] ERSvc           C:\WINDOWS\System32\ersvc.dll
14:21:06.0921 0700  ERSvc - ok
14:21:06.0968 0700  [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog        C:\WINDOWS\system32\services.exe
14:21:07.0078 0700  Eventlog - ok
14:21:07.0109 0700  [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem     C:\WINDOWS\system32\es.dll
14:21:07.0281 0700  EventSystem - ok
14:21:07.0328 0700  [ 38D332A6D56AF32635675F132548343E ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
14:21:07.0687 0700  Fastfat - ok
14:21:07.0750 0700  [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
14:21:07.0937 0700  FastUserSwitchingCompatibility - ok
14:21:07.0953 0700  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc             C:\WINDOWS\system32\drivers\Fdc.sys
14:21:08.0265 0700  Fdc - ok
14:21:08.0328 0700  [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
14:21:08.0640 0700  Fips - ok
14:21:08.0656 0700  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys
14:21:08.0968 0700  Flpydisk - ok
14:21:09.0031 0700  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
14:21:09.0359 0700  FltMgr - ok
14:21:09.0500 0700  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
14:21:09.0640 0700  FontCache3.0.0.0 - ok
14:21:09.0656 0700  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
14:21:09.0984 0700  Fs_Rec - ok
14:21:10.0000 0700  [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
14:21:10.0328 0700  Ftdisk - ok
14:21:10.0390 0700  [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
14:21:10.0656 0700  GEARAspiWDM - ok
14:21:10.0703 0700  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
14:21:11.0031 0700  Gpc - ok
14:21:11.0093 0700  [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
14:21:11.0390 0700  HDAudBus - ok
14:21:11.0515 0700  [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
14:21:11.0812 0700  helpsvc - ok
14:21:11.0828 0700  HidServ - ok
14:21:11.0875 0700  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
14:21:12.0218 0700  HidUsb - ok
14:21:12.0281 0700  [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
14:21:12.0609 0700  hkmsvc - ok
14:21:12.0625 0700  hpn - ok
14:21:12.0734 0700  [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
14:21:12.0921 0700  HTTP - ok
14:21:13.0000 0700  [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
14:21:13.0343 0700  HTTPFilter - ok
14:21:13.0359 0700  i2omgmt - ok
14:21:13.0375 0700  i2omp - ok
14:21:13.0453 0700  [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
14:21:13.0765 0700  i8042prt - ok
14:21:14.0000 0700  [ 48846B31BE5A4FA662CCFDE7A1BA86B9 ] ialm            C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
14:21:14.0750 0700  ialm - ok
14:21:14.0812 0700  [ BAABB0301949774A66B955C65319635A ] iaStor          C:\WINDOWS\system32\drivers\iaStor.sys
14:21:14.0921 0700  iaStor - ok
14:21:15.0000 0700  [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc           C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:21:15.0468 0700  idsvc - ok
14:21:15.0515 0700  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
14:21:15.0828 0700  Imapi - ok
14:21:15.0906 0700  [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService    C:\WINDOWS\system32\imapi.exe
14:21:16.0281 0700  ImapiService - ok
14:21:16.0296 0700  ini910u - ok
14:21:16.0531 0700  [ E304748137D6CD6E1CF98BDDEA20BFA2 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
14:21:17.0218 0700  IntcAzAudAddService - ok
14:21:17.0234 0700  IntelIde - ok
14:21:17.0281 0700  [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
14:21:17.0578 0700  intelppm - ok
14:21:17.0687 0700  [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys
14:21:18.0000 0700  Ip6Fw - ok
14:21:18.0031 0700  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
14:21:18.0343 0700  IpFilterDriver - ok
14:21:18.0421 0700  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
14:21:18.0750 0700  IpInIp - ok
14:21:18.0828 0700  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
14:21:19.0203 0700  IpNat - ok
14:21:19.0312 0700  [ E6BE7A41A28D8F2DB174957454D32448 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
14:21:19.0500 0700  iPod Service - ok
14:21:19.0531 0700  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
14:21:19.0859 0700  IPSec - ok
14:21:19.0921 0700  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
14:21:20.0250 0700  IRENUM - ok
14:21:20.0343 0700  [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
14:21:20.0671 0700  isapnp - ok
14:21:20.0750 0700  [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
14:21:21.0062 0700  Kbdclass - ok
14:21:21.0140 0700  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
14:21:21.0468 0700  kmixer - ok
14:21:21.0500 0700  [ B467646C54CC746128904E1654C750C1 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
14:21:21.0718 0700  KSecDD - ok
14:21:21.0765 0700  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
14:21:21.0921 0700  lanmanserver - ok
14:21:21.0984 0700  [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
14:21:22.0171 0700  lanmanworkstation - ok
14:21:22.0171 0700  lbrtfdc - ok
14:21:22.0250 0700  [ A7DB739AE99A796D91580147E919CC59 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
14:21:22.0546 0700  LmHosts - ok
14:21:22.0593 0700  [ 4470E3C1E0C3378E4CAB137893C12C3A ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys
14:21:23.0015 0700  MBAMProtector - ok
14:21:23.0093 0700  [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler   C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
14:21:23.0421 0700  MBAMScheduler - ok
14:21:23.0468 0700  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService     C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
14:21:23.0812 0700  MBAMService - ok
14:21:23.0875 0700  [ D470FE9EC92746E1E63F21E7B1D7663A ] McAfee SiteAdvisor Enterprise Service C:\Program Files\McAfee\SiteAdvisor Enterprise\McSACore.exe
14:21:23.0921 0700  McAfee SiteAdvisor Enterprise Service ( UnsignedFile.Multi.Generic ) - warning
14:21:23.0921 0700  McAfee SiteAdvisor Enterprise Service - detected UnsignedFile.Multi.Generic (1)
14:21:23.0984 0700  [ 4C24C5DE1BFDDDEADCA326BE4F0AA93A ] McAfeeEngineService C:\Program Files\McAfee\VirusScan Enterprise\engineserver.exe
14:21:24.0250 0700  McAfeeEngineService - ok
14:21:24.0250 0700  [ C341D64C9F3B39CB56F9712335C33717 ] McAfeeFramework C:\Program Files\McAfee\Common Framework\FrameworkService.exe
14:21:24.0343 0700  McAfeeFramework - ok
14:21:24.0390 0700  [ 3B26EC4190C52DEA7489302DA526B0C7 ] McShield        C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe
14:21:24.0656 0700  McShield - ok
14:21:24.0687 0700  [ EA6278098DA1F905AAEC3DD614357F6E ] McTaskManager   C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe
14:21:24.0968 0700  McTaskManager - ok
14:21:25.0031 0700  [ 7CF1B716372B89568AE4C0FE769F5869 ] MDM             C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
14:21:25.0109 0700  MDM ( UnsignedFile.Multi.Generic ) - warning
14:21:25.0109 0700  MDM - detected UnsignedFile.Multi.Generic (1)
14:21:25.0156 0700  [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
14:21:25.0484 0700  Messenger - ok
14:21:25.0593 0700  [ 4D81C0E4ED846E9A70B881891A5598AB ] mfeapfk         C:\WINDOWS\system32\drivers\mfeapfk.sys
14:21:25.0875 0700  mfeapfk - ok
14:21:25.0906 0700  [ FF75F47EC2A9EA3E780A9D08DABA1276 ] mfeavfk         C:\WINDOWS\system32\drivers\mfeavfk.sys
14:21:26.0203 0700  mfeavfk - ok
14:21:26.0234 0700  [ 5A3B000FDCCF826FFB74E76B0474C856 ] mfebopk         C:\WINDOWS\system32\drivers\mfebopk.sys
14:21:26.0531 0700  mfebopk - ok
14:21:26.0593 0700  [ 8E6B4E55D3A33B92693F7081EC018C39 ] mfehidk         C:\WINDOWS\system32\drivers\mfehidk.sys
14:21:26.0921 0700  mfehidk - ok
14:21:26.0953 0700  [ FA097D72A439C3A387FE38A654DF44C5 ] mferkdet        C:\WINDOWS\system32\drivers\mferkdet.sys
14:21:27.0203 0700  mferkdet - ok
14:21:27.0234 0700  [ A45D0C099A478DE5CBD0D6E8466BECD5 ] mfetdik         C:\WINDOWS\system32\drivers\mfetdik.sys
14:21:27.0500 0700  mfetdik - ok
14:21:27.0531 0700  [ A64018CFFCB51F0D926F63ABEA14E8EE ] mfevtp          C:\WINDOWS\system32\mfevtps.exe
14:21:27.0781 0700  mfevtp - ok
14:21:27.0796 0700  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
14:21:28.0109 0700  mnmdd - ok
14:21:28.0156 0700  [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
14:21:28.0484 0700  mnmsrvc - ok
14:21:28.0593 0700  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
14:21:28.0921 0700  Modem - ok
14:21:28.0984 0700  [ 9FA7207D1B1ADEAD88AE8EED9CDBBAA5 ] Monfilt         C:\WINDOWS\system32\drivers\Monfilt.sys
14:21:29.0390 0700  Monfilt - ok
14:21:29.0437 0700  [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
14:21:29.0750 0700  Mouclass - ok
14:21:29.0796 0700  [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
14:21:30.0171 0700  mouhid - ok
14:21:30.0265 0700  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
14:21:30.0593 0700  MountMgr - ok
14:21:30.0625 0700  [ CF105EE42E3F71E648CEBB3F666E1CF0 ] MpFilter        C:\WINDOWS\system32\DRIVERS\MpFilter.sys
14:21:30.0921 0700  MpFilter - ok
14:21:31.0093 0700  [ A69630D039C38018689190234F866D77 ] MpKsl739d1f58   c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{79D94497-3F6C-46AE-B27E-AD94DA36592D}\MpKsl739d1f58.sys
14:21:31.0187 0700  MpKsl739d1f58 - ok
14:21:31.0187 0700  mraid35x - ok
14:21:31.0218 0700  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
14:21:31.0562 0700  MRxDAV - ok
14:21:31.0703 0700  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
14:21:31.0921 0700  MRxSmb - ok
14:21:32.0000 0700  [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
14:21:32.0312 0700  MSDTC - ok
14:21:32.0359 0700  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
14:21:32.0718 0700  Msfs - ok
14:21:32.0734 0700  MSIServer - ok
14:21:32.0796 0700  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
14:21:33.0109 0700  MSKSSRV - ok
14:21:33.0187 0700  [ C1F19D2BACBEE9AB64D9AE69E9859AC0 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
14:21:33.0453 0700  MsMpSvc - ok
14:21:33.0500 0700  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
14:21:33.0828 0700  MSPCLOCK - ok
14:21:33.0843 0700  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
14:21:34.0187 0700  MSPQM - ok
14:21:34.0296 0700  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
14:21:34.0593 0700  mssmbios - ok
14:21:34.0671 0700  MSSQL$MSSMLBIZ - ok
14:21:34.0750 0700  [ 1D89EB4E2A99CABD4E81225F4F4C4B25 ] MSSQLServerADHelper c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
14:21:35.0062 0700  MSSQLServerADHelper - ok
14:21:35.0093 0700  [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
14:21:35.0421 0700  MSTEE - ok
14:21:35.0531 0700  [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
14:21:35.0734 0700  Mup - ok
14:21:35.0765 0700  [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC        C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
14:21:36.0078 0700  NABTSFEC - ok
14:21:36.0125 0700  [ 0102140028FAD045756796E1C685D695 ] napagent        C:\WINDOWS\System32\qagentrt.dll
14:21:36.0468 0700  napagent - ok
14:21:36.0515 0700  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
14:21:36.0843 0700  NDIS - ok
14:21:36.0890 0700  [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP          C:\WINDOWS\system32\DRIVERS\NdisIP.sys
14:21:37.0218 0700  NdisIP - ok
14:21:37.0312 0700  [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
14:21:37.0468 0700  NdisTapi - ok
14:21:37.0531 0700  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
14:21:37.0859 0700  Ndisuio - ok
14:21:37.0921 0700  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
14:21:38.0265 0700  NdisWan - ok
14:21:38.0312 0700  [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
14:21:38.0484 0700  NDProxy - ok
14:21:38.0546 0700  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
14:21:38.0843 0700  NetBIOS - ok
14:21:38.0921 0700  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
14:21:39.0265 0700  NetBT - ok
14:21:39.0343 0700  [ B857BA82860D7FF85AE29B095645563B ] NetDDE          C:\WINDOWS\system32\netdde.exe
14:21:39.0640 0700  NetDDE - ok
14:21:39.0656 0700  [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
14:21:39.0953 0700  NetDDEdsdm - ok
14:21:40.0031 0700  [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon        C:\WINDOWS\system32\lsass.exe
14:21:40.0312 0700  Netlogon - ok
14:21:40.0421 0700  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman          C:\WINDOWS\System32\netman.dll
14:21:40.0750 0700  Netman - ok
14:21:40.0828 0700  [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:21:41.0000 0700  NetTcpPortSharing - ok
14:21:41.0046 0700  [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394         C:\WINDOWS\system32\DRIVERS\nic1394.sys
14:21:41.0375 0700  NIC1394 - ok
14:21:41.0484 0700  [ 943337D786A56729263071623BBB9DE5 ] Nla             C:\WINDOWS\System32\mswsock.dll
14:21:41.0593 0700  Nla - ok
14:21:41.0640 0700  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
14:21:41.0953 0700  Npfs - ok
14:21:42.0000 0700  [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
14:21:42.0343 0700  Ntfs - ok
14:21:42.0390 0700  [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
14:21:42.0687 0700  NtLmSsp - ok
14:21:42.0765 0700  [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
14:21:43.0109 0700  NtmsSvc - ok
14:21:43.0140 0700  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
14:21:43.0484 0700  Null - ok
14:21:43.0562 0700  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
14:21:43.0859 0700  NwlnkFlt - ok
14:21:43.0906 0700  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
14:21:44.0281 0700  NwlnkFwd - ok
14:21:44.0468 0700  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:21:44.0781 0700  odserv - ok
14:21:44.0828 0700  [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394        C:\WINDOWS\system32\DRIVERS\ohci1394.sys
14:21:45.0140 0700  ohci1394 - ok
14:21:45.0203 0700  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:21:45.0546 0700  ose - ok
14:21:45.0578 0700  [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport         C:\WINDOWS\system32\drivers\Parport.sys
14:21:45.0921 0700  Parport - ok
14:21:45.0937 0700  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
14:21:46.0234 0700  PartMgr - ok
14:21:46.0281 0700  [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
14:21:46.0593 0700  ParVdm - ok
14:21:46.0703 0700  [ A219903CCF74233761D92BEF471A07B1 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
14:21:47.0000 0700  PCI - ok
14:21:47.0015 0700  PCIDump - ok
14:21:47.0031 0700  [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
14:21:47.0390 0700  PCIIde - ok
14:21:47.0406 0700  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia          C:\WINDOWS\system32\DRIVERS\pcmcia.sys
14:21:47.0765 0700  Pcmcia - ok
14:21:47.0781 0700  PDCOMP - ok
14:21:47.0781 0700  PDFRAME - ok
14:21:47.0796 0700  PDRELI - ok
14:21:47.0812 0700  PDRFRAME - ok
14:21:47.0828 0700  perc2 - ok
14:21:47.0843 0700  perc2hib - ok
14:21:47.0921 0700  [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay        C:\WINDOWS\system32\services.exe
14:21:48.0078 0700  PlugPlay - ok
14:21:48.0093 0700  [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
14:21:48.0390 0700  PolicyAgent - ok
14:21:48.0484 0700  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
14:21:48.0796 0700  PptpMiniport - ok
14:21:48.0812 0700  [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
14:21:49.0093 0700  ProtectedStorage - ok
14:21:49.0109 0700  [ 09298EC810B07E5D582CB3A3F9255424 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
14:21:49.0453 0700  PSched - ok
14:21:49.0515 0700  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
14:21:49.0828 0700  Ptilink - ok
14:21:49.0843 0700  ql1080 - ok
14:21:49.0859 0700  Ql10wnt - ok
14:21:49.0875 0700  ql12160 - ok
14:21:49.0890 0700  ql1240 - ok
14:21:49.0906 0700  ql1280 - ok
14:21:49.0953 0700  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
14:21:50.0312 0700  RasAcd - ok
14:21:50.0390 0700  [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
14:21:50.0734 0700  RasAuto - ok
14:21:50.0781 0700  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
14:21:51.0078 0700  Rasl2tp - ok
14:21:51.0187 0700  [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan          C:\WINDOWS\System32\rasmans.dll
14:21:51.0515 0700  RasMan - ok
14:21:51.0531 0700  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
14:21:51.0828 0700  RasPppoe - ok
14:21:51.0843 0700  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
14:21:52.0187 0700  Raspti - ok
14:21:52.0265 0700  [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
14:21:52.0593 0700  Rdbss - ok
14:21:52.0640 0700  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
14:21:52.0953 0700  RDPCDD - ok
14:21:53.0046 0700  [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
14:21:53.0281 0700  RDPWD - ok
14:21:53.0312 0700  [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
14:21:53.0625 0700  RDSessMgr - ok
14:21:53.0718 0700  [ F828DD7E1419B6653894A8F97A0094C5 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
14:21:54.0046 0700  redbook - ok
14:21:54.0093 0700  [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
14:21:54.0437 0700  RemoteAccess - ok
14:21:54.0468 0700  [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator      C:\WINDOWS\system32\locator.exe
14:21:54.0781 0700  RpcLocator - ok
14:21:54.0828 0700  [ 6B27A5C03DFB94B4245739065431322C ] RpcSs           C:\WINDOWS\system32\rpcss.dll
14:21:54.0937 0700  RpcSs - ok
14:21:55.0000 0700  [ 4BE76679D800F95C26A23EF0D15A31B2 ] RSUSBSTOR       C:\WINDOWS\system32\Drivers\RtsUStor.sys
14:21:55.0484 0700  RSUSBSTOR - ok
14:21:55.0546 0700  [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP            C:\WINDOWS\system32\rsvp.exe
14:21:55.0890 0700  RSVP - ok
14:21:55.0953 0700  [ D507C1400284176573224903819FFDA3 ] rtl8139         C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
14:21:56.0265 0700  rtl8139 - ok
14:21:56.0328 0700  [ 832F27E6962A14EBF3B09AF0E65FD7B4 ] RTLE8023xp      C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
14:21:56.0703 0700  RTLE8023xp - ok
14:21:56.0703 0700  RtsUIR - ok
14:21:56.0750 0700  [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs           C:\WINDOWS\system32\lsass.exe
14:21:57.0031 0700  SamSs - ok
14:21:57.0078 0700  [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
14:21:57.0421 0700  SCardSvr - ok
14:21:57.0531 0700  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule        C:\WINDOWS\system32\schedsvc.dll
14:21:57.0859 0700  Schedule - ok
14:21:57.0984 0700  [ 8D04819A3CE51B9EB47E5689B44D43C4 ] sdbus           C:\WINDOWS\system32\DRIVERS\sdbus.sys
14:21:58.0312 0700  sdbus - ok
14:21:58.0390 0700  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
14:21:58.0703 0700  Secdrv - ok
14:21:58.0796 0700  [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon        C:\WINDOWS\System32\seclogon.dll
14:21:59.0109 0700  seclogon - ok
14:21:59.0187 0700  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS            C:\WINDOWS\system32\sens.dll
14:21:59.0515 0700  SENS - ok
14:21:59.0546 0700  [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial          C:\WINDOWS\system32\drivers\Serial.sys
14:21:59.0859 0700  Serial - ok
14:21:59.0968 0700  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy         C:\WINDOWS\system32\DRIVERS\sfloppy.sys
14:22:00.0281 0700  Sfloppy - ok
14:22:00.0343 0700  [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
14:22:00.0437 0700  ShellHWDetection - ok
14:22:00.0453 0700  Simbad - ok
14:22:00.0500 0700  [ 2F5AF9D91D51E832773D4A9EAF65CB33 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
14:22:09.0015 0700  SkypeUpdate - ok
14:22:09.0046 0700  [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP            C:\WINDOWS\system32\DRIVERS\SLIP.sys
14:22:09.0375 0700  SLIP - ok
14:22:09.0406 0700  Sparrow - ok
14:22:09.0500 0700  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
14:22:09.0828 0700  splitter - ok
14:22:09.0906 0700  [ 60784F891563FB1B767F70117FC2428F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
14:22:10.0125 0700  Spooler - ok
14:22:10.0218 0700  [ C3716EC0D36AD924B6888D794563E647 ] sprtsvc_ddoctorv2 C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
14:22:10.0343 0700  sprtsvc_ddoctorv2 - ok
14:22:10.0375 0700  [ 86EBD8B1F23E743AAD21F4D5B4D40985 ] SQLBrowser      c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
14:22:10.0640 0700  SQLBrowser - ok
14:22:10.0703 0700  [ D89083C4EB02DACA8F944B0E05E57F9D ] SQLWriter       c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
14:22:10.0937 0700  SQLWriter - ok
14:22:11.0015 0700  [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
14:22:11.0359 0700  sr - ok
14:22:11.0421 0700  [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice       C:\WINDOWS\system32\srsvc.dll
14:22:11.0734 0700  srservice - ok
14:22:11.0843 0700  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
14:22:12.0062 0700  Srv - ok
14:22:12.0093 0700  [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
14:22:12.0437 0700  SSDPSRV - ok
14:22:12.0562 0700  [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
14:22:12.0921 0700  stisvc - ok
14:22:12.0953 0700  [ 77813007BA6265C4B6098187E6ED79D2 ] streamip        C:\WINDOWS\system32\DRIVERS\StreamIP.sys
14:22:13.0250 0700  streamip - ok
14:22:13.0296 0700  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
14:22:13.0625 0700  swenum - ok
14:22:13.0718 0700  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
14:22:14.0031 0700  swmidi - ok
14:22:14.0046 0700  SwPrv - ok
14:22:14.0062 0700  symc810 - ok
14:22:14.0078 0700  symc8xx - ok
14:22:14.0093 0700  sym_hi - ok
14:22:14.0109 0700  sym_u3 - ok
14:22:14.0156 0700  [ 8E25A1DBB8527B2074AF9B682F818768 ] SynTP           C:\WINDOWS\system32\DRIVERS\SynTP.sys
14:22:14.0437 0700  SynTP - ok
14:22:14.0484 0700  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
14:22:14.0796 0700  sysaudio - ok
14:22:14.0859 0700  [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
14:22:15.0156 0700  SysmonLog - ok
14:22:15.0265 0700  [ A1B6D369D6919304463565D77EA0F84E ] System_Repair_UpdateMonitor C:\Program Files\Lenovo\OneKey App\System Repair\UpdateMonitor.exe
14:22:15.0312 0700  System_Repair_UpdateMonitor ( UnsignedFile.Multi.Generic ) - warning
14:22:15.0312 0700  System_Repair_UpdateMonitor - detected UnsignedFile.Multi.Generic (1)
14:22:15.0359 0700  [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
14:22:15.0687 0700  TapiSrv - ok
14:22:15.0750 0700  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
14:22:15.0906 0700  Tcpip - ok
14:22:15.0968 0700  [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
14:22:16.0281 0700  TDPIPE - ok
14:22:16.0375 0700  [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
14:22:16.0703 0700  TDTCP - ok
14:22:16.0812 0700  [ 88155247177638048422893737429D9E ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
14:22:17.0109 0700  TermDD - ok
14:22:17.0140 0700  [ FF3477C03BE7201C294C35F684B3479F ] TermService     C:\WINDOWS\System32\termsrv.dll
14:22:17.0484 0700  TermService - ok
14:22:17.0531 0700  [ 99BC0B50F511924348BE19C7C7313BBF ] Themes          C:\WINDOWS\System32\shsvcs.dll
14:22:17.0625 0700  Themes - ok
14:22:17.0640 0700  TosIde - ok
14:22:17.0671 0700  [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks          C:\WINDOWS\system32\trkwks.dll
14:22:17.0984 0700  TrkWks - ok
14:22:18.0062 0700  [ 3385D48304443D0EE42AF5DBF89634B6 ] tvtumon         C:\WINDOWS\system32\DRIVERS\tvtumon.sys
14:22:18.0468 0700  tvtumon - ok
14:22:18.0500 0700  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
14:22:18.0828 0700  Udfs - ok
14:22:18.0843 0700  ultra - ok
14:22:18.0953 0700  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
14:22:19.0281 0700  Update - ok
14:22:19.0312 0700  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost        C:\WINDOWS\System32\upnphost.dll
14:22:19.0640 0700  upnphost - ok
14:22:19.0687 0700  [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS             C:\WINDOWS\System32\ups.exe
14:22:20.0000 0700  UPS - ok
14:22:20.0078 0700  [ EAFE1E00739AFE6C51487A050E772E17 ] USBAAPL         C:\WINDOWS\system32\Drivers\usbaapl.sys
14:22:20.0250 0700  USBAAPL - ok
14:22:20.0296 0700  [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
14:22:20.0609 0700  usbccgp - ok
14:22:20.0625 0700  USBCCID - ok
14:22:20.0671 0700  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
14:22:20.0984 0700  usbehci - ok
14:22:21.0046 0700  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
14:22:21.0375 0700  usbhub - ok
14:22:21.0437 0700  [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
14:22:21.0906 0700  usbscan - ok
14:22:21.0968 0700  [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
14:22:22.0359 0700  USBSTOR - ok
14:22:22.0437 0700  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
14:22:22.0812 0700  usbuhci - ok
14:22:22.0906 0700  [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo        C:\WINDOWS\system32\Drivers\usbvideo.sys
14:22:23.0343 0700  usbvideo - ok
14:22:23.0390 0700  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
14:22:23.0718 0700  VgaSave - ok
14:22:23.0734 0700  ViaIde - ok
14:22:23.0812 0700  [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
14:22:24.0140 0700  VolSnap - ok
14:22:24.0234 0700  [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS             C:\WINDOWS\System32\vssvc.exe
14:22:24.0562 0700  VSS - ok
14:22:24.0609 0700  [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time         C:\WINDOWS\system32\w32time.dll
14:22:24.0921 0700  W32Time - ok
14:22:25.0000 0700  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
14:22:25.0312 0700  Wanarp - ok
14:22:25.0406 0700  [ BBCFEAB7E871CDDAC2D397EE7FA91FDC ] Wdf01000        C:\WINDOWS\system32\Drivers\wdf01000.sys
14:22:25.0937 0700  Wdf01000 - ok
14:22:25.0953 0700  WDICA - ok
14:22:26.0000 0700  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
14:22:26.0296 0700  wdmaud - ok
14:22:26.0390 0700  [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient       C:\WINDOWS\System32\webclnt.dll
14:22:26.0687 0700  WebClient - ok
14:22:26.0703 0700  [ F9AD3A5E3FD7E0BDB18B8202B0FDD4E4 ] WimFltr         C:\WINDOWS\system32\DRIVERS\wimfltr.sys
14:22:26.0828 0700  WimFltr - ok
14:22:26.0937 0700  [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
14:22:27.0250 0700  winmgmt - ok
14:22:27.0359 0700  [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
14:22:27.0531 0700  WmdmPmSN - ok
14:22:27.0578 0700  [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi         C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
14:22:27.0875 0700  WmiAcpi - ok
14:22:27.0921 0700  [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
14:22:28.0234 0700  WmiApSrv - ok
14:22:28.0312 0700  [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc   C:\Program Files\Windows Media Player\WMPNetwk.exe
14:22:28.0593 0700  WMPNetworkSvc - ok
14:22:28.0656 0700  [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb          C:\WINDOWS\system32\DRIVERS\wpdusb.sys
14:22:28.0765 0700  WpdUsb - ok
14:22:28.0812 0700  [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC        C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
14:22:29.0140 0700  WSTCODEC - ok
14:22:29.0234 0700  [ 5D0A08EBF9660E07865907FB1AB022B5 ] WSVD            C:\WINDOWS\system32\drivers\WSVD.sys
14:22:29.0640 0700  WSVD - ok
14:22:29.0703 0700  [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
14:22:30.0015 0700  wuauserv - ok
14:22:30.0062 0700  [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
14:22:30.0203 0700  WudfPf - ok
14:22:30.0265 0700  [ 28B524262BCE6DE1F7EF9F510BA3985B ] WUDFRd          C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
14:22:30.0390 0700  WUDFRd - ok
14:22:30.0421 0700  [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
14:22:30.0546 0700  WudfSvc - ok
14:22:30.0609 0700  [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
14:22:30.0968 0700  WZCSVC - ok
14:22:31.0000 0700  [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
14:22:31.0312 0700  xmlprov - ok
14:22:31.0375 0700  ================ Scan global ===============================
14:22:31.0437 0700  [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
14:22:31.0500 0700  [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
14:22:31.0515 0700  [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
14:22:31.0546 0700  [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
14:22:31.0546 0700  [Global] - ok
14:22:31.0546 0700  ================ Scan MBR ==================================
14:22:31.0578 0700  [ CFEC0BC28E237AB24B54AEBEB03049FB ] \Device\Harddisk0\DR0
14:22:32.0500 0700  \Device\Harddisk0\DR0 - ok
14:22:32.0500 0700  ================ Scan VBR ==================================
14:22:32.0500 0700  [ D4A662C666DB1527ACE2BC3F016241ED ] \Device\Harddisk0\DR0\Partition1
14:22:32.0500 0700  \Device\Harddisk0\DR0\Partition1 - ok
14:22:32.0500 0700  [ 268170D12BABFD044731AFF3B91D06ED ] \Device\Harddisk0\DR0\Partition2
14:22:32.0515 0700  \Device\Harddisk0\DR0\Partition2 - ok
14:22:32.0515 0700  ============================================================
14:22:32.0515 0700  Scan finished
14:22:32.0515 0700  ============================================================
14:22:32.0640 3988  Detected object count: 6
14:22:32.0640 3988  Actual detected object count: 6
14:23:29.0234 3988  DDNIMSGService ( UnsignedFile.Multi.Generic ) - skipped by user
14:23:29.0234 3988  DDNIMSGService ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:23:29.0234 3988  DDNIService ( UnsignedFile.Multi.Generic ) - skipped by user
14:23:29.0234 3988  DDNIService ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:23:29.0234 3988  DvmMDES ( UnsignedFile.Multi.Generic ) - skipped by user
14:23:29.0234 3988  DvmMDES ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:23:29.0234 3988  McAfee SiteAdvisor Enterprise Service ( UnsignedFile.Multi.Generic ) - skipped by user
14:23:29.0234 3988  McAfee SiteAdvisor Enterprise Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:23:29.0234 3988  MDM ( UnsignedFile.Multi.Generic ) - skipped by user
14:23:29.0234 3988  MDM ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:23:29.0250 3988  System_Repair_UpdateMonitor ( UnsignedFile.Multi.Generic ) - skipped by user
14:23:29.0250 3988  System_Repair_UpdateMonitor ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:23:42.0734 0516  Deinitialize success
 

Please let me know if I should be proceeding to step 2 or waiting for further instruction with this.



#10 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:01:19 PM

Posted 28 June 2013 - 01:36 PM

please do all the other steps also


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#11 Sc673yn

Sc673yn
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:09:19 AM

Posted 28 June 2013 - 02:03 PM

Adwcleaner results:

 

# AdwCleaner v2.303 - Logfile created 06/28/2013 at 14:54:30
# Updated 08/06/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Mrs. White - BERNADETTE
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Mrs. White\Desktop\AdwCleaner.exe
# Option [Search]

***** [Services] *****

Found : DvmMDES

***** [Files / Folders] *****

***** [Registry] *****

Key Found : HKCU\Software\YahooPartnerToolbar
Key Found : HKLM\Software\DeviceVM
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

*************************

AdwCleaner[R1].txt - [774 octets] - [28/06/2013 14:54:30]

########## EOF - C:\AdwCleaner[R1].txt - [833 octets] ##########



#12 Sc673yn

Sc673yn
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:09:19 AM

Posted 28 June 2013 - 02:09 PM

FSS:

 

Farbar Service Scanner Version: 27-06-2013
Ran by Mrs. White (administrator) on 28-06-2013 at 15:07:47
Running from "C:\Documents and Settings\Mrs. White\Desktop"
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.

Windows Firewall:
=============
sharedaccess Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of sharedaccess. The value does not exist.
Checking ImagePath: ATTENTION!=====> Unable to retrieve ImagePath of sharedaccess. The value does not exist.
Unable to retrieve ServiceDll of sharedaccess. The value does not exist.
Checking LEGACY_sharedaccess: ATTENTION!=====> Unable to open LEGACY_sharedaccess\0000 registry key. The key does not exist.

Firewall Disabled Policy:
==================

System Restore:
============

System Restore Disabled Policy:
========================

Security Center:
============

wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking LEGACY_wscsvc: ATTENTION!=====> Unable to open LEGACY_wscsvc\0000 registry key. The key does not exist.

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================

File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
Gpc(6) IPSec(4) mfetdik(8) NetBT(5) PSched(7) Tcpip(3)
0x080000000400000001000000020000000300000008000000050000000600000007000000
IpSec Tag value is correct.

**** End of log ****



#13 Sc673yn

Sc673yn
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:09:19 AM

Posted 28 June 2013 - 02:18 PM

Minitoolbox

 

MiniToolBox by Farbar  Version: 16-06-2013
Ran by Mrs. White (administrator) on 28-06-2013 at 15:14:33
Running from "C:\Documents and Settings\Mrs. White\Desktop"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

 

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

127.0.0.1       localhost

========================= IP Configuration: ================================

Broadcom 802.11g Network Adapter = Wireless Network Connection (Connected)
Realtek RTL8102/8103/8136 Family PCI-E FE NIC = Local Area Connection (Media disconnected)

# ----------------------------------
# Interface IP Configuration        
# ----------------------------------
pushd interface ip

# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp

# Interface IP Configuration for "Wireless Network Connection"

set address name="Wireless Network Connection" source=dhcp
set dns name="Wireless Network Connection" source=dhcp register=PRIMARY
set wins name="Wireless Network Connection" source=dhcp

popd
# End of interface IP configuration

 

Windows IP Configuration

 

        Host Name . . . . . . . . . . . . : Bernadette

        Primary Dns Suffix  . . . . . . . :

        Node Type . . . . . . . . . . . . : Unknown

        IP Routing Enabled. . . . . . . . : No

        WINS Proxy Enabled. . . . . . . . : No

 

Ethernet adapter Local Area Connection:

 

        Media State . . . . . . . . . . . : Media disconnected

        Description . . . . . . . . . . . : Realtek RTL8102/8103/8136 Family PCI-E FE NIC

        Physical Address. . . . . . . . . : 00-23-5A-CD-45-BB

 

Ethernet adapter Wireless Network Connection:

 

        Connection-specific DNS Suffix  . :

        Description . . . . . . . . . . . : Broadcom 802.11g Network Adapter

        Physical Address. . . . . . . . . : 00-21-00-ED-84-47

        Dhcp Enabled. . . . . . . . . . . : Yes

        Autoconfiguration Enabled . . . . : Yes

        IP Address. . . . . . . . . . . . : 192.168.1.4

        Subnet Mask . . . . . . . . . . . : 255.255.255.0

        Default Gateway . . . . . . . . . : 192.168.1.1

        DHCP Server . . . . . . . . . . . : 192.168.1.1

        DNS Servers . . . . . . . . . . . : 192.168.1.1

        Lease Obtained. . . . . . . . . . : Friday, June 28, 2013 1:49:07 PM

        Lease Expires . . . . . . . . . . : Saturday, June 29, 2013 1:49:07 PM

Server:  UnKnown
Address:  192.168.1.1

Name:    google.com
Addresses:  74.125.137.101, 74.125.137.102, 74.125.137.113, 74.125.137.138
   74.125.137.139, 74.125.137.100

 

Pinging google.com [173.194.37.32] with 32 bytes of data:

 

Reply from 173.194.37.32: bytes=32 time=28ms TTL=55

Reply from 173.194.37.32: bytes=32 time=28ms TTL=55

 

Ping statistics for 173.194.37.32:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 28ms, Maximum = 28ms, Average = 28ms

Server:  UnKnown
Address:  192.168.1.1

Name:    yahoo.com
Addresses:  98.139.183.24, 206.190.36.45, 98.138.253.109

 

Pinging yahoo.com [98.139.183.24] with 32 bytes of data:

 

Reply from 98.139.183.24: bytes=32 time=47ms TTL=49

Reply from 98.139.183.24: bytes=32 time=37ms TTL=49

 

Ping statistics for 98.139.183.24:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 37ms, Maximum = 47ms, Average = 42ms

 

Pinging 127.0.0.1 with 32 bytes of data:

 

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

 

Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 23 5a cd 45 bb ...... Realtek RTL8102/8103/8136 Family PCI-E FE NIC - Packet Scheduler Miniport
0x3 ...00 21 00 ed 84 47 ...... Broadcom 802.11g Network Adapter - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1     192.168.1.4   25
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1   1
      169.254.0.0      255.255.0.0      192.168.1.4     192.168.1.4   20
      192.168.1.0    255.255.255.0      192.168.1.4     192.168.1.4   25
      192.168.1.4  255.255.255.255        127.0.0.1       127.0.0.1   25
    192.168.1.255  255.255.255.255      192.168.1.4     192.168.1.4   25
        224.0.0.0        240.0.0.0      192.168.1.4     192.168.1.4   25
  255.255.255.255  255.255.255.255      192.168.1.4               2   1
  255.255.255.255  255.255.255.255      192.168.1.4     192.168.1.4   1
Default Gateway:       192.168.1.1
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 02 C:\WINDOWS\system32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 mswsock.dll [File Not found] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 mswsock.dll [File not found] (Microsoft Corporation)
Catalog9 02 mswsock.dll [File not found] (Microsoft Corporation)
Catalog9 03 mswsock.dll [File not found] (Microsoft Corporation)
Catalog9 04 mswsock.dll [File not found] (Microsoft Corporation)
Catalog9 05 mswsock.dll [File not found] (Microsoft Corporation)
Catalog9 06 mswsock.dll [File not found] (Microsoft Corporation)
Catalog9 07 mswsock.dll [File not found] (Microsoft Corporation)
Catalog9 08 mswsock.dll [File not found] (Microsoft Corporation)
Catalog9 09 mswsock.dll [File not found] (Microsoft Corporation)
Catalog9 10 mswsock.dll [File not found] (Microsoft Corporation)
Catalog9 11 mswsock.dll [File not found] (Microsoft Corporation)
Catalog9 12 mswsock.dll [File not found] (Microsoft Corporation)
Catalog9 13 mswsock.dll [File not found] (Microsoft Corporation)
Catalog9 14 mswsock.dll [File not found] (Microsoft Corporation)
Catalog9 15 mswsock.dll [File not found] (Microsoft Corporation)
Catalog9 16 mswsock.dll [File not found] (Microsoft Corporation)
Catalog9 17 mswsock.dll [File not found] (Microsoft Corporation)
Catalog9 18 mswsock.dll [File not found] (Microsoft Corporation)
Catalog9 19 mswsock.dll [File not found] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (06/26/2013 10:14:17 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 35526156

Error: (06/26/2013 10:14:17 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 35526156

Error: (06/26/2013 10:14:17 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/26/2013 01:52:45 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5433609

Error: (06/26/2013 01:52:45 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5433609

Error: (06/26/2013 01:52:45 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/26/2013 01:52:29 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5416750

Error: (06/26/2013 01:52:29 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5416750

Error: (06/26/2013 01:52:28 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/25/2013 00:11:39 PM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

System errors:
=============
Error: (06/28/2013 01:50:36 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (06/28/2013 00:55:33 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

 New Signature Version:

 Previous Signature Version: 1.153.586.0

 Update Source: %NT AUTHORITY59

 Update Stage: 4.2.0223.00

 Source Path: 4.2.0223.01

 Signature Type: %NT AUTHORITY602

 Update Type: %NT AUTHORITY604

 User: NT AUTHORITY\SYSTEM

 Current Engine Version: %NT AUTHORITY605

 Previous Engine Version: %NT AUTHORITY606

 Error code: %NT AUTHORITY607

 Error description: %NT AUTHORITY608

Error: (06/28/2013 00:46:35 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (06/28/2013 00:46:35 PM) (Source: Windows Update Agent) (User: )
Description: Unable to Connect: Windows is unable to connect to the automatic updates service and therefore cannot download and install updates according to the set schedule. Windows will continue to try to establish a connection.

Error: (06/25/2013 10:05:37 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (06/25/2013 10:02:25 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (06/25/2013 10:01:40 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (06/25/2013 11:28:45 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (06/25/2013 11:17:41 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (06/25/2013 11:15:16 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Microsoft Office Sessions:
=========================
Error: (05/21/2012 08:29:22 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 50 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (05/19/2012 03:16:21 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 15 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (05/19/2012 03:15:00 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 50 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (05/19/2012 03:13:19 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 31 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (05/19/2012 03:12:30 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 193 seconds with 180 seconds of active time.  This session ended with a crash.

Error: (12/15/2011 11:53:02 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 91631 seconds with 1500 seconds of active time.  This session ended with a crash.

=========================== Installed Programs ============================

2007 Microsoft Office system (Version: 12.0.6612.1000)
Acrobat.com (Version: 1.1.377)
Activation Assistant for the 2007 Microsoft Office suites
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0)
Adobe AIR (Version: 1.5.0.7220)
Adobe Flash Player 11 ActiveX (Version: 11.7.700.224)
Adobe Reader XI (11.0.03) (Version: 11.0.03)
Apple Application Support (Version: 2.3.2)
Apple Mobile Device Support (Version: 5.2.0.6)
Apple Software Update (Version: 2.1.3.127)
Bonjour (Version: 3.0.0.10)
Broadcom WLAN (Version: 5.10.38.14 Round2)
Business Contact Manager for Outlook 2007 SP2 (Version: 3.0.8619.1)
Comcast Desktop Software (v1.2.0.9) (Version: 23)
Critical Update for Windows Media Player 11 (KB959772)
Desktop Doctor (Version: 2.5.5)
DIBS (Version: 1.7.0)
Energy Management (Version: 3.0.2.5)
FredV2Step2 (Version: 1.00.0000)
ID Vault (Version: 5.1.619.0)
Intel® Graphics Media Accelerator Driver
iTunes (Version: 10.6.3.25)
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
Lenovo EasyCamera (Version: 6.32.1018.06)
Lenovo First Boot (Version: 1.7.0.0)
Lenovo Idea Central (Version: 1.7.0.0)
Lenovo Idea Notes (Version: 1.1.3)
Lenovo OneKey Recovery (Version: 6.0.2215)
Lenovo Quick Start (Version: 1.1.8.4)
Lenovo System Repair - Windows Update Monitor (Version: 1.3.0.2127)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
McAfee Agent (Version: 4.0.0.1345)
McAfee AntiSpyware Enterprise Module (Version: 8.7.0.129)
McAfee SiteAdvisor Enterprise (Version: 1.6.0.120)
McAfee VirusScan Enterprise (Version: 8.7.0)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft National Language Support Downlevel APIs
Microsoft Office 2003 Web Components (Version: 11.0.8173.0)
Microsoft Office 2007 Primary Interop Assemblies (Version: 12.0.4518.1014)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Professional Hybrid 2007 (Version: 12.0.6612.1000)
Microsoft Office Professional Plus 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Small Business Connectivity Components (Version: 2.0.7024.0)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Security Client (Version: 4.2.0223.1)
Microsoft Security Essentials (Version: 4.2.223.1)
Microsoft Software Update for Web Folders  (English) 12 (Version: 12.0.6612.1000)
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) (Version: 9.4.5000.00)
Microsoft SQL Server Native Client (Version: 9.00.5000.00)
Microsoft SQL Server Setup Support Files (English) (Version: 9.00.5000.00)
Microsoft SQL Server VSS Writer (Version: 9.00.5000.00)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 6.0 Parser (Version: 6.10.1129.0)
QuickTime (Version: 7.72.80.56)
REALTEK GbE & FE Ethernet PCI-E NIC Driver (Version: 1.23.0000)
Realtek High Definition Audio Driver (Version: 5.10.0.5817)
Skype™ 6.3 (Version: 6.3.105)
Synaptics Pointing Device Driver (Version: 13.0.1.0)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817327) 32-Bit Edition
Update for Windows Internet Explorer 8 (KB973874) (Version: 1)
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
Update for Windows Internet Explorer 8 (KB976749) (Version: 1)
Update for Windows Internet Explorer 8 (KB980182) (Version: 1)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676-v2) (Version: 2)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB898461) (Version: 1)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
USB2.0 Card Reader Software (Version: 6.0.6000.86)
VeriFace III
VoiceOver Kit (Version: 1.42.128.0)
WebFldrs XP (Version: 9.50.7523)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Internet Explorer 7 (Version: 20070813.185237)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Live Toolbar (Version: 03.01.0130)
Windows Media Format 11 runtime
Windows Presentation Foundation (Version: 3.0.6920.0)
Windows XP Service Pack 3 (Version: 20080414.031525)
XML Paper Specification Shared Components Pack 1.0

========================= Devices: ================================

========================= Memory info: ===================================

Percentage of memory in use: 54%
Total physical RAM: 1013.88 MB
Available physical RAM: 458.6 MB
Total Pagefile: 2443.75 MB
Available Pagefile: 1894.77 MB
Total Virtual: 2047.88 MB
Available Virtual: 1970.97 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:103.91 GB) (Free:69.42 GB) NTFS
2 Drive d: (Lenovo) (Fixed) (Total:30.38 GB) (Free:24.57 GB) NTFS

========================= Users: ========================================

User accounts for \\BERNADETTE

Administrator            Guest                    HelpAssistant           
Michael                  Mrs. White               SUPPORT_388945a0        

========================= Minidump Files ==================================

C:\WINDOWS\Minidump\Mini021310-01.dmp
C:\WINDOWS\Minidump\Mini091509-01.dmp
========================= Restore Points ==================================

29-03-2013 00:15:20 System Checkpoint
29-03-2013 06:45:07 Software Distribution Service 3.0
30-03-2013 07:31:00 System Checkpoint
30-03-2013 15:58:23 Software Distribution Service 3.0
31-03-2013 07:33:00 Software Distribution Service 3.0
31-03-2013 15:50:26 Software Distribution Service 3.0
01-04-2013 15:47:49 Software Distribution Service 3.0
02-04-2013 15:53:16 Software Distribution Service 3.0
03-04-2013 15:38:14 Software Distribution Service 3.0
04-04-2013 16:18:32 System Checkpoint
05-04-2013 07:14:31 Software Distribution Service 3.0
06-04-2013 15:24:49 Software Distribution Service 3.0
06-04-2013 17:11:32 Removed Bing Bar
06-04-2013 17:17:23 Removed Microsoft Default Manager
07-04-2013 07:33:15 Software Distribution Service 3.0
07-04-2013 15:19:56 Software Distribution Service 3.0
08-04-2013 15:16:10 Software Distribution Service 3.0
09-04-2013 15:40:47 System Checkpoint
09-04-2013 19:23:38 Software Distribution Service 3.0
10-04-2013 08:01:12 Software Distribution Service 3.0
10-04-2013 23:03:37 Software Distribution Service 3.0
11-04-2013 23:23:36 System Checkpoint
12-04-2013 21:59:59 Software Distribution Service 3.0
13-04-2013 21:57:30 Software Distribution Service 3.0
14-04-2013 07:18:34 Software Distribution Service 3.0
15-04-2013 21:55:46 Software Distribution Service 3.0
16-04-2013 21:48:36 Software Distribution Service 3.0
17-04-2013 21:50:12 Software Distribution Service 3.0
18-04-2013 23:40:47 Software Distribution Service 3.0
20-04-2013 00:39:17 System Checkpoint
20-04-2013 07:37:52 Software Distribution Service 3.0
21-04-2013 07:14:48 Software Distribution Service 3.0
22-04-2013 22:36:57 Software Distribution Service 3.0
23-04-2013 23:26:00 System Checkpoint
24-04-2013 22:59:53 Software Distribution Service 3.0
25-04-2013 23:31:19 System Checkpoint
26-04-2013 05:12:50 Software Distribution Service 3.0
27-04-2013 05:56:51 System Checkpoint
27-04-2013 08:54:14 Software Distribution Service 3.0
28-04-2013 07:15:53 Software Distribution Service 3.0
29-04-2013 07:48:54 System Checkpoint
29-04-2013 10:11:17 Software Distribution Service 3.0
30-04-2013 10:07:09 Software Distribution Service 3.0
01-05-2013 10:29:24 System Checkpoint
01-05-2013 12:38:59 Software Distribution Service 3.0
02-05-2013 12:29:14 Software Distribution Service 3.0
03-05-2013 12:54:12 Software Distribution Service 3.0
04-05-2013 12:39:26 Software Distribution Service 3.0
06-05-2013 04:55:31 Software Distribution Service 3.0
08-05-2013 02:54:32 Software Distribution Service 3.0
09-05-2013 15:09:39 System Checkpoint
09-05-2013 18:39:35 Software Distribution Service 3.0
10-05-2013 19:08:41 System Checkpoint
10-05-2013 19:22:10 Software Distribution Service 3.0
13-05-2013 03:03:32 Software Distribution Service 3.0
14-05-2013 17:33:22 Software Distribution Service 3.0
15-05-2013 17:35:02 Software Distribution Service 3.0
16-05-2013 08:04:50 Software Distribution Service 3.0
16-05-2013 17:47:22 Software Distribution Service 3.0
17-05-2013 17:51:09 System Checkpoint
18-05-2013 15:45:48 Software Distribution Service 3.0
19-05-2013 07:10:03 Software Distribution Service 3.0
19-05-2013 15:41:24 Software Distribution Service 3.0
20-05-2013 15:40:57 Software Distribution Service 3.0
21-05-2013 15:40:14 Software Distribution Service 3.0
22-05-2013 15:37:46 Software Distribution Service 3.0
23-05-2013 15:55:50 System Checkpoint
23-05-2013 17:16:18 Software Distribution Service 3.0
24-05-2013 17:03:57 Software Distribution Service 3.0
25-05-2013 18:50:45 Software Distribution Service 3.0
26-05-2013 07:10:19 Software Distribution Service 3.0
28-05-2013 03:58:37 Software Distribution Service 3.0
29-05-2013 05:10:33 Software Distribution Service 3.0
30-05-2013 05:09:24 Software Distribution Service 3.0
31-05-2013 05:03:51 Software Distribution Service 3.0
01-06-2013 05:00:30 Software Distribution Service 3.0
02-06-2013 05:05:22 Software Distribution Service 3.0
02-06-2013 07:10:17 Software Distribution Service 3.0
03-06-2013 07:45:23 System Checkpoint
03-06-2013 08:09:24 Software Distribution Service 3.0
04-06-2013 08:38:00 System Checkpoint
04-06-2013 14:09:38 Software Distribution Service 3.0
05-06-2013 13:59:56 Software Distribution Service 3.0
06-06-2013 15:49:14 System Checkpoint
06-06-2013 15:54:34 Software Distribution Service 3.0
07-06-2013 16:43:17 System Checkpoint
07-06-2013 19:56:09 Software Distribution Service 3.0
10-06-2013 05:23:13 Software Distribution Service 3.0
13-06-2013 14:57:26 System Checkpoint
14-06-2013 19:15:14 Software Distribution Service 3.0
14-06-2013 20:04:31 Software Distribution Service 3.0
15-06-2013 22:09:41 Software Distribution Service 3.0
16-06-2013 21:37:07 Software Distribution Service 3.0
17-06-2013 22:25:40 System Checkpoint
18-06-2013 13:30:38 Software Distribution Service 3.0
19-06-2013 14:10:56 System Checkpoint
20-06-2013 11:04:05 Software Distribution Service 3.0
21-06-2013 11:34:48 System Checkpoint
22-06-2013 05:18:57 Software Distribution Service 3.0
23-06-2013 19:13:33 Software Distribution Service 3.0
25-06-2013 06:09:06 System Checkpoint
25-06-2013 15:28:50 Restore Operation
25-06-2013 15:40:10 Installed Java 7 Update 25
25-06-2013 15:44:20 Software Distribution Service 3.0
26-06-2013 02:05:31 Restore Operation
28-06-2013 18:13:35 Software Distribution Service 3.0

**** End of log ****



#14 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:01:19 PM

Posted 28 June 2013 - 02:52 PM

Hi

Please do the following next:

:step1:

Backup Your Registry with ERUNT

  • Please use the following link and scroll down to ERUNT and download it.
  • http://aumha.org/freeware/freeware.php
  • For version with the Installer:
    Use the setup program to install ERUNT on your computer
  • For the zipped version:
    Unzip all the files into a folder of your choice.
  • Open Erunt.exe (use the shortcut on your desktop if you used the installer).
  • If you get a message box with the title "Welcome", click on "OK"
  • Follow the subsequent prompts, leaving the values at default, and click on "OK"
  • If you get asked whether to create a folder please click "Yes".

 

:step2:

Please download sharedaccess.reg, wscsvc.reg, LEGACY_SHAREDACCESS.reg, and LEGACY_WSCSVC.reg to your desktop
Double click on sharedaccess.reg, and allow it to be merged into the registry.
Repeat for the three other files.


:step3:

Please rerun Farbar Service Scanner (FSS) on the computer with the issue.

  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press Scan.
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#15 Sc673yn

Sc673yn
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:09:19 AM

Posted 28 June 2013 - 03:09 PM

Double click on sharedaccess.reg, and allow it to be merged into the registry.

Does this mean just click Run?

And should I have backed up the registry on the c drive like it suggested or do I need to also put it on a flash drive or something?

Edited by Sc673yn, 28 June 2013 - 03:25 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users