Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Unsure if Infected


  • Please log in to reply
15 replies to this topic

#1 ladie_nite

ladie_nite

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Local time:07:18 PM

Posted 11 September 2013 - 09:08 PM

Hi! I'm not sure what's going on but my computer and internet access has suddenly become really slow. There hasn't been any error messages and have even called Verizon asking them about it. We ran through a series of tests and even shared computers and a few representatives insisted that my computer must have a virus.

 

Previously, everything was working normally and fine and this was rather sudden. Didn't download any new software so not sure if it might have happened while I was browsing through websites.

 

Can you please help and determine if it's my computer or an internet connection situation?

 

 

Thanks!



BC AdBot (Login to Remove)

 


#2 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:09:18 AM

Posted 11 September 2013 - 11:55 PM

Hello -

Download Security Check by Screen317
* Save it to your Desktop.
* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.
Note: If any security program requests permission to access the Internet, allow it to do so.

 

 

Download MiniToolBox, Save it to your desktop and run it.
Checkmark the following checkboxes:
* Flush DNS
* Report IE Proxy Settings
* Reset IE Proxy Settings
* Report FF Proxy Settings
* Reset FF Proxy Settings
* List content of Hosts
* List IP configuration
* List Winsock Entries
* List last 10 Event Viewer log
* List Installed Programs
* List Devices (Only Problems)
* List Users, Partitions and Memory size.
* List Minidump Files
* List Restore points
NOTE: When using "Reset FF Proxy Settings" option Firefox should be closed.

 

 

Please download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/
* Double-click on the Rkill desktop icon to run the tool.
* A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
* If not, delete the file, then download and use the one provided in Link 2.
* Do not reboot until instructed.
*  Do not reboot your computer after running RKill as the malware programs will start again.
* If the tool does not run from any of the links provided, please let me know.
If normal mode still doesn't work, run the tool from safe mode.
When the scan is done Notepad will open with rKill log.
Post it in your next reply.
NOTE. rKill.txt log will also be present on your desktop.

 

 

Please download Malwarebytes Anti-Malware Free (aka MBAM)
* Double-click MBAM -setup.exe and follow the prompts to install the program.
* At the end, be sure to Check for Updates to be so it is current
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Scan, then click Quick Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.
If you are not sure of any items, post the log and ask if it should be removed.

 

Be sure to reboot the computer after you post the log.

 

Thank You -



#3 ladie_nite

ladie_nite
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Local time:07:18 PM

Posted 14 September 2013 - 12:10 PM

Hi! Thanks for looking into this for me. Below are the logs:

 

 Results of screen317's Security Check version 0.99.73  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 10  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
Avira Desktop   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:`````````
 Spybot - Search & Destroy
 Malwarebytes Anti-Malware version 1.75.0.1300  
 Adobe Flash Player 11.8.800.168  
 Adobe Reader 10.1.4 Adobe Reader out of Date!  
 Mozilla Firefox (23.0.1)
 Google Chrome 29.0.1547.62  
 Google Chrome 29.0.1547.66  
````````Process Check: objlist.exe by Laurent````````  
 Spybot Teatimer.exe is disabled!
 Avira Antivir avgnt.exe
 Avira Antivir avguard.exe
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 1%
````````````````````End of Log``````````````````````
 

 

MiniToolBox by Farbar  Version: 13-07-2013
Ran by Cheung (administrator) on 14-09-2013 at 12:04:54
Running from "C:\Users\Cheung\Desktop\Bleeping Computer"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)
Dell Wireless 1502 802.11b/g/n = Wireless Network Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : Cheung-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : domain.actdsltmp

Wireless LAN adapter Wireless Network Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : myhome.westell.com
   Description . . . . . . . . . . . : Dell Wireless 1502 802.11b/g/n
   Physical Address. . . . . . . . . : E4-D5-3D-BB-01-B2
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . : domain.actdsltmp
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : D0-67-E5-1B-F1-55
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::b107:f955:5b:9b28%11(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.4(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Saturday, September 14, 2013 11:18:35 AM
   Lease Expires . . . . . . . . . . : Saturday, September 21, 2013 11:18:34 AM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 248539109
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-7B-3A-EA-D0-67-E5-1B-F1-55
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.domain.actdsltmp:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : domain.actdsltmp
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter 6TO4 Adapter:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.myhome.westell.com:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fd:1cde:1f15:b7a6:2e2c(Preferred)
   Link-local IPv6 Address . . . . . : fe80::1cde:1f15:b7a6:2e2c%15(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  
Address:  192.168.1.1

Name:    google.com
Addresses:  2607:f8b0:4006:800::1004
      173.194.43.5
      173.194.43.9
      173.194.43.1
      173.194.43.6
      173.194.43.4
      173.194.43.14
      173.194.43.3
      173.194.43.0
      173.194.43.8
      173.194.43.2
      173.194.43.7


Pinging google.com [74.125.226.195] with 32 bytes of data:
Reply from 74.125.226.195: bytes=32 time=27ms TTL=57
Reply from 74.125.226.195: bytes=32 time=27ms TTL=57

Ping statistics for 74.125.226.195:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 27ms, Maximum = 27ms, Average = 27ms
Server:  
Address:  192.168.1.1

Name:    yahoo.com
Addresses:  98.138.253.109
      98.139.183.24
      206.190.36.45


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=42ms TTL=51
Reply from 98.139.183.24: bytes=32 time=42ms TTL=53

Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 42ms, Maximum = 42ms, Average = 42ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 12...e4 d5 3d bb 01 b2 ......Dell Wireless 1502 802.11b/g/n
 11...d0 67 e5 1b f1 55 ......Realtek PCIe GBE Family Controller
  1...........................Software Loopback Interface 1
 16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 13...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
 14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
 15...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1      192.168.1.4     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link       192.168.1.4    276
      192.168.1.4  255.255.255.255         On-link       192.168.1.4    276
    192.168.1.255  255.255.255.255         On-link       192.168.1.4    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.1.4    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.1.4    276
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 15     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 15     58 2001::/32                On-link
 15    306 2001:0:5ef5:79fd:1cde:1f15:b7a6:2e2c/128
                                    On-link
 11    276 fe80::/64                On-link
 15    306 fe80::/64                On-link
 15    306 fe80::1cde:1f15:b7a6:2e2c/128
                                    On-link
 11    276 fe80::b107:f955:5b:9b28/128
                                    On-link
  1    306 ff00::/8                 On-link
 15    306 ff00::/8                 On-link
 11    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows%5


Hi! Thanks for looking into this for me. Below are the logs:

 

 Results of screen317's Security Check version 0.99.73  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 10  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
Avira Desktop   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:`````````
 Spybot - Search & Destroy
 Malwarebytes Anti-Malware version 1.75.0.1300  
 Adobe Flash Player 11.8.800.168  
 Adobe Reader 10.1.4 Adobe Reader out of Date!  
 Mozilla Firefox (23.0.1)
 Google Chrome 29.0.1547.62  
 Google Chrome 29.0.1547.66  
````````Process Check: objlist.exe by Laurent````````  
 Spybot Teatimer.exe is disabled!
 Avira Antivir avgnt.exe
 Avira Antivir avguard.exe
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 1%
````````````````````End of Log``````````````````````
 

 

MiniToolBox by Farbar  Version: 13-07-2013
Ran by Cheung (administrator) on 14-09-2013 at 12:04:54
Running from "C:\Users\Cheung\Desktop\Bleeping Computer"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)
Dell Wireless 1502 802.11b/g/n = Wireless Network Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : Cheung-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : domain.actdsltmp

Wireless LAN adapter Wireless Network Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : myhome.westell.com
   Description . . . . . . . . . . . : Dell Wireless 1502 802.11b/g/n
   Physical Address. . . . . . . . . : E4-D5-3D-BB-01-B2
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . : domain.actdsltmp
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : D0-67-E5-1B-F1-55
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::b107:f955:5b:9b28%11(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.4(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Saturday, September 14, 2013 11:18:35 AM
   Lease Expires . . . . . . . . . . : Saturday, September 21, 2013 11:18:34 AM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1



#4 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:09:18 AM

Posted 14 September 2013 - 05:00 PM

Please read the instructions again -

 

You have posted Results of screen317's Security Check twice and only Half of the MinitoolBox report,

No rKill report and no Malwarebytes Anti-Malware report ??



#5 ladie_nite

ladie_nite
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Local time:07:18 PM

Posted 14 September 2013 - 08:49 PM

Sorry, only part of it got posted (I blame this on my internet connection). I will post each log as a separate post.

 

 

 

MiniToolBox by Farbar  Version: 13-07-2013
Ran by Cheung (administrator) on 14-09-2013 at 12:04:54
Running from "C:\Users\Cheung\Desktop\Bleeping Computer"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)
Dell Wireless 1502 802.11b/g/n = Wireless Network Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : Cheung-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : domain.actdsltmp

Wireless LAN adapter Wireless Network Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : myhome.westell.com
   Description . . . . . . . . . . . : Dell Wireless 1502 802.11b/g/n
   Physical Address. . . . . . . . . : E4-D5-3D-BB-01-B2
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . : domain.actdsltmp
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : D0-67-E5-1B-F1-55
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::b107:f955:5b:9b28%11(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.4(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Saturday, September 14, 2013 11:18:35 AM
   Lease Expires . . . . . . . . . . : Saturday, September 21, 2013 11:18:34 AM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 248539109
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-7B-3A-EA-D0-67-E5-1B-F1-55
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.domain.actdsltmp:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : domain.actdsltmp
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter 6TO4 Adapter:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.myhome.westell.com:

   Media State . . .%2



#6 ladie_nite

ladie_nite
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Local time:07:18 PM

Posted 14 September 2013 - 08:51 PM

Sorry, only part of it got posted (I blame this on my internet connection). I will post each log as a separate post.

 

 

 

MiniToolBox by Farbar  Version: 13-07-2013
Ran by Cheung (administrator) on 14-09-2013 at 12:04:54
Running from "C:\Users\Cheung\Desktop\Bleeping Computer"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)
Dell Wireless 1502 802.11b/g/n = Wireless Network Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : Cheung-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : domain.actdsltmp

Wireless LAN adapter Wireless Network Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : myhome.westell.com
   Description . . . . . . . . . . . : Dell Wireless 1502 802.11b/g/n
   Physical Address. . . . . . . . . : E4-D5-3D-BB-01-B2
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . : domain.actdsltmp
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : D0-67-E5-1B-F1-55
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::b107:f955:5b:9b28%11(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.4(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Saturday, September 14, 2013 11:18:35 AM
   Lease Expires . . . . . . . . . . : Saturday, September 21, 2013 11:18:34 AM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 248539109
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-7B-3A-EA-D0-67-E5-1B-F1-55
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.domain.actdsltmp:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : domain.actdsltmp
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter 6TO4 Adapter:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.myhome.westell.com:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fd:1cde:1f15:b7a6:2e2c(Preferred)
   Link-local IPv6 Address . . . . . : fe80::1cde:1f15:b7a6:2e2c%15(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  
Address:  192.168.1.1

Name:    google.com
Addresses:  2607:f8b0:4006:800::1004
      173.194.43.5
      173.194.43.9
      173.194.43.1
      173.194.43.6
      173.194.43.4
      173.194.43.14
      173.194.43.3
      173.194.43.0
      173.194.43.8
      173.194.43.2
      173.194.43.7


Pinging google.com [74.125.226.195] with 32 bytes of data:
Reply from 74.125.226.195: bytes=32 time=27ms TTL=57
Reply from 74.125.226.195: bytes=32 time=27ms TTL=57

Ping statistics for 74.125.226.195:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 27ms, Maximum = 27ms, Average = 27ms
Server:  
Address:  192.168.1.1

Name:    yahoo.com
Addresses:  98.138.253.109
      98.139.183.24
      206.190.36.45


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=42ms TTL=51
Reply from 98.139.183.24: bytes=32 time=42ms TTL=53

Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 42ms, Maximum = 42ms, Average = 42ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 12...e4 d5 3d bb 01 b2 ......Dell Wireless 1502 802.11b/g/n
 11...d0 67 e5 1b f1 55 ......Realtek PCIe GBE Family Controller
  1...........................Software Loopback Interface 1
 16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 13...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
 14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
 15...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1      192.168.1.4     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link       192.168.1.4    276
      192.168.1.4  255.255.255.255         On-link       192.168.1.4    276
    192.168.1.255  255.255.255.255         On-link       192.168.1.4    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.1.4    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.1.4    276
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 15     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 15     58 2001::/32                On-link
 15    306 2001:0:5ef5:79fd:1cde:1f15:b7a6:2e2c/128
                                    On-link
 11    276 fe80::/64                On-link
 15    306 fe80::/64                On-link
 15    306 fe80::1cde:1f15:b7a6:2e2c/128
                                    On-link
 11    276 fe80::b107:f955:5b:9b28/128
                                    On-link
  1    306 ff00::/8                 On-link
 15    306 ff00::/8                 On-link
 11    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/14/2013 11:19:06 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/14/2013 00:17:24 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/13/2013 00:03:23 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/13/2013 08:14:43 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/13/2013 01:34:27 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/12/2013 09:44:45 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/12/2013 08:22:43 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/12/2013 01:45:51 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/11/2013 08:09:14 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/11/2013 05:00:21 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (09/11/2013 03:26:13 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (09/09/2013 05:11:56 PM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (09/08/2013 11:17:12 PM) (Source: Ntfs) (User: )
Description: The default transaction resource manager on volume H: encountered a non-retryable error and could not start.  The data contains the error code.

Error: (09/08/2013 11:17:09 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WSearch service.

Error: (09/08/2013 11:16:39 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WSearch service.

Error: (09/08/2013 11:16:12 PM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk4\DR4, has a bad block.

Error: (09/08/2013 05:14:21 PM) (Source: Ntfs) (User: )
Description: The default transaction resource manager on volume H: encountered a non-retryable error and could not start.  The data contains the error code.

Error: (09/08/2013 05:14:18 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WSearch service.

Error: (09/08/2013 05:13:48 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the LanmanServer service.

Error: (09/08/2013 05:13:21 PM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk4\DR4, has a bad block.


Microsoft Office Sessions:
=========================
Error: (09/14/2013 11:19:06 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/14/2013 00:17:24 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/13/2013 00:03:23 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/13/2013 08:14:43 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/13/2013 01:34:27 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/12/2013 09:44:45 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/12/2013 08:22:43 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/12/2013 01:45:51 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/11/2013 08:09:14 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/11/2013 05:00:21 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
  Date: 2012-05-23 23:22:18.540
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-05-23 23:22:18.531
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-05-23 23:22:18.521
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-05-23 23:22:18.512
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-05-23 23:21:03.751
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-05-23 23:21:03.742
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-05-23 23:21:03.733
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-05-23 23:21:03.725
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


=========================== Installed Programs ============================

7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Adobe Flash Player 11 ActiveX (Version: 11.8.800.174)
Adobe Flash Player 11 Plugin (Version: 11.8.800.168)
Adobe Reader X (10.1.4) (Version: 10.1.4)
Allok RM RMVB to AVI MPEG DVD Converter 1.4.4
Apple Application Support (Version: 2.3.2)
Apple Mobile Device Support (Version: 6.0.1.3)
Apple Software Update (Version: 2.1.3.127)
Avira Free Antivirus (Version: 12.1.9.2500)
Bejeweled 2 Deluxe (Version: 2.2.0.95)
Blackhawk Striker 2 (Version: 2.2.0.95)
Bonjour (Version: 3.0.0.10)
Bounce Symphony (Version: 2.2.0.95)
Build-a-lot 2 (Version: 2.2.0.95)
Bullzip PDF Printer 8.2.0.1406 (Version: 8.2.0.1406)
Cake Mania (Version: 2.2.0.95)
calibre (Version: 0.8.51)
Canon MP Navigator 3.0
Canon MP600
CCleaner (Version: 4.05)
Chuzzle Deluxe (Version: 2.2.0.95)
Conexant HD Audio (Version: 8.50.4.0)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Defraggler (Version: 2.12)
Dell DataSafe Local Backup - Support Software (Version: 9.4.61)
Dell DataSafe Local Backup (Version: 9.4.61)
Dell DataSafe Online (Version: 2.1.19634)
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell Home Systems Service Agreement (Version: 2.0.0)
Dell Marketplace Webslice IE8 (Version: 8.0)
Dell MusicStage (Version: 1.5.201.0)
Dell PhotoStage (Version: 1.5.0.65)
Dell Product Registration (Version: 1.1.3)
Dell Stage (Version: 1.5.201.0)
Dell VideoStage  (Version: 1.2.0.1712)
Diner Dash 2 Restaurant Rescue (Version: 2.2.0.95)
DirectX 9 Runtime (Version: 1.00.0000)
Dora's World Adventure (Version: 2.2.0.95)
DVD Decrypter (Remove Only)
DVD Shrink 3.2
DVDFab 8.0.6.1 (18/12/2010)
Escape Whisper Valley ™ (Version: 2.2.0.95)
Farm Frenzy (Version: 2.2.0.95)
FATE (Version: 2.2.0.95)
Final Drive Fury (Version: 2.2.0.95)
Final Drive Nitro (Version: 2.2.0.95)
Google Chrome (Version: 29.0.1547.66)
GoToAssist 8.0.0.514
HandBrake 0.9.8 (Version: 0.9.8)
Intel® Processor Graphics (Version: 8.15.10.2291)
Internet Explorer (Version: 8)
iTunes (Version: 11.0.1.12)
Java™ 6 Update 27 (64-bit) (Version: 6.0.270)
Jewel Quest (Version: 2.2.0.95)
Jewel Quest Solitaire 2 (Version: 2.2.0.95)
Junk Mail filter update (Version: 15.4.3502.0922)
K-Lite Codec Pack 8.7.0 (Basic) (Version: 8.7.0)
LockHunter 2.0 beta 2, 64 bit
Luxor (Version: 2.2.0.95)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Mozilla Firefox 23.0.1 (x86 en-US) (Version: 23.0.1)
Mozilla Maintenance Service (Version: 23.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
My Dell (Version: 3.3.6280.92)
Namco All-Stars PAC-MAN (Version: 2.2.0.95)
PDF reDirect (remove only) (Version: v2.5.2)
Penguins! (Version: 2.2.0.95)
PhotoShowExpress (Version: 2.0.063)
Plants vs. Zombies - Game of the Year (Version: 2.2.0.95)
Poker Superstars III (Version: 2.2.0.95)
Polar Bowler (Version: 2.2.0.95)
Polar Golfer (Version: 2.2.0.95)
RBVirtualFolder64Inst (Version: 1.00.0000)
Real Alternative 2.0.2 (Version: 2.0.2)
Roxio Activation Module (Version: 1.0)
Roxio BackOnTrack (Version: 1.3.3)
Roxio Burn (Version: 1.8)
Roxio Creator Starter (Version: 1.0.439)
Roxio Creator Starter (Version: 12.1.77.0)
Roxio Creator Starter (Version: 5.0.0)
Roxio Express Labeler 3 (Version: 3.2.2)
Roxio File Backup (Version: 1.3.2)
Samantha Swift (Version: 2.2.0.95)
Skype™ 5.10 (Version: 5.10.116)
Sonic CinePlayer Decoder Pack (Version: 4.3.0)
Spybot - Search & Destroy (Version: 2.1.21)
TrustedID (Version: 5.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (Version: 1)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553157) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589370) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760758) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
Update Installer for WildTangent Games App
Virtual Villagers 4 - The Tree of Life (Version: 2.2.0.95)
VLC media player 2.0.3 (Version: 2.0.3)
Wedding Dash - Ready, Aim, Love! (Version: 2.2.0.95)
WildTangent Games (Version: 1.0.2.5)
WildTangent Games App (Dell Games) (Version: 4.0.5.2)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
Zuma Deluxe (Version: 2.2.0.95)

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 20%
Total physical RAM: 8104.63 MB
Available physical RAM: 6483.47 MB
Total Pagefile: 16207.44 MB
Available Pagefile: 14428.61 MB
Total Virtual: 4095.88 MB
Available Virtual: 3969.83 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:450.91 GB) (Free:227.13 GB) NTFS
2 Drive d: (DATAPART1) (Fixed) (Total:465.76 GB) (Free:433.31 GB) NTFS

========================= Users: ========================================

User accounts for \\CHEUNG-PC

Administrator            Cheung                   Guest                    

========================= Minidump Files ==================================

No minidump file found

========================= Restore Points ==================================

10-09-2013 09:07:57 Scheduled Checkpoint
11-09-2013 07:00:17 Windows Update

**** End of log ****
 

 



#7 ladie_nite

ladie_nite
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Local time:07:18 PM

Posted 14 September 2013 - 08:52 PM

Rkill 2.6.1 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 09/14/2013 12:11:06 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * Explorer Policy Removed:  NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
 C:\Users\Cheung\Desktop\rkill\rkill-09-14-2013-12-11-08.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * Windows Defender Disabled

   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

 * Windows Defender (WinDefend) is not Running.
   Startup Type set to: Manual

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * Cannot edit the HOSTS file.
 * Permissions could not be fixed. Use Hosts-perm.bat to fix permissions: http://www.bleepingcomputer.com/download/hosts-permbat/

Program finished at: 09/14/2013 12:11:34 PM
Execution time: 0 hours(s), 0 minute(s), and 27 seconds(s)
 

 



#8 ladie_nite

ladie_nite
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Local time:07:18 PM

Posted 14 September 2013 - 08:56 PM

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.09.14.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16686
Cheung :: CHEUNG-PC [administrator]

9/14/2013 12:17:01 PM
mbam-log-2013-09-14 (12-17-01).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 229906
Time elapsed: 2 minute(s), 56 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
 

 



#9 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:09:18 AM

Posted 14 September 2013 - 10:03 PM

So far there are no specific problems showing

 

Errors like > > Description: The device, \Device\Harddisk4\DR4, has a bad block.
Usually are requesting for a diskcheck and a System File Check only -

 

Run a Disk Check on your C: drive in Windows Vista or Windws 7:
 • Click the Start button and select Computer

• Right-click on C:(or your main hard drive letter) and select Properties

• Click on the Tools tab

• Under Error-checking click the Check Now... button and click Continue at the User Account Control prompt

• Mark the 2 boxes next to Automatically fix file system errors and Scan for and attempt recovery of bad sectors

• Click on the Start button

• When the message box pops up, click the Schedule disk check button and Restart your computer

• Once your computer restarts it will check the drive, don't press any keys so that it is allowed to do so

This will take from 1 to 2 hours (on average) so please let this run.

Do not force a reboot during the scan, ax this can cause damage to files -

 

To run sfc /scannow > or System File Checker

Click the Start Orb and type in the search box CMD > Right click on the CMD that pops up and select Run as Administrator to open the Black Prompt box > Type sfc /scannow and press Enter > NOTE the space between c and / as this is important

This will take (on average) 15 minutes to check your installed system files, and can repair some of these.

 

Reset Windows7 Hosts File < Here. Click Run and follow the basic directions
 

Thank You -



#10 ladie_nite

ladie_nite
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Local time:07:18 PM

Posted 16 September 2013 - 09:43 PM

Thank you so much for taking a look at my reports. Can you tell me if Farbar Service Scanner will be able to tell me what's wrong with my internet connection?

 

http://www.bleepingcomputer.com/download/farbar-service-scanner/

 

 

Thanks again!!



#11 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:09:18 AM

Posted 16 September 2013 - 10:51 PM

Hi -

Try these 2 Malware / Virus scanners and they may find more. Then we can run 2 junk cleaners -

They will remove more infections if they still exist.

 

After you post both logs, please tell me if you have any other problems with the computer.

 

Please Download TDSSkiller
Launch it.
Click on change parameters - Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results.

 

 

I'd like you to scan your machine with ESET OnlineScan

This is best loaded with Internet Explorer, but directions are left for other browsers -
If required see > How To Temporarily Disable Your Anti-virus

1. Hold down Control Key and click HERE to open ESET OnlineScan in a new window.
2. Click the ESET Online Scanner button.

3. NOTE :.For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

 

- 1. Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
- 2. Double click on the ESET Online Scanner icon on your desktop.

 

 4. Check "YES, I accept the Terms of Use."
 5. Click the Start button.
 6. Accept any security warnings from your browser.
 7. Under scan settings, check "Scan Archives" and "Remove found threats"
8. Click Advanced settings and select the following:

 

Scan potentially unwanted applications
Scan for potentially unsafe applications
Enable Anti-Stealth technology

 

9. ESET will then download updates for itself, install itself, and begin scanning your computer.

** Please be patient as this will take some time to download the program for a first time, and then download the updated data base (2 to 3 hours is not unusual)
10. When the scan completes, click List Threats
11. Click Export, and save the file to your desktop using a unique name, such as ESETScan.
- Include the contents of this report in your next reply.
12. Click the Back button.
13. Click the Finish button[/list]

 

 

When finished: Please download Junkware Removal Tool by thisisu to your desktop
Shut down your protection software now to avoid potential conflicts. (See directions above)
To run the tool on Windows, 7, or 8; right-mouse click JRT.exe and select "Run as Administrator".
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

 

 

To clean up - Please download TFC, or Temp File Cleaner By Old Timer
Usage Instructions:
* Download TFC from the download link above and save the file on your desktop.
* Close ALL running applications as TFC will terminate them before attempting to clean up the temporary files.
* Double-click on the TFC icon.
* When the program opens, click on the Start button. 
* When done, press OK and be sure to reboot your computer to finish the cleanup.
Note: Depending on how much data is currently stored in the Temp folders, this process can take quite a while to remove all of the files, so please be patient.

 

 

Thank You -

EDITED to update link -


Edited by noknojon, 16 September 2013 - 10:56 PM.


#12 ladie_nite

ladie_nite
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Local time:07:18 PM

Posted 17 September 2013 - 10:01 PM

Sorry...reposted below because it was cut off.


Edited by ladie_nite, 17 September 2013 - 10:30 PM.


#13 ladie_nite

ladie_nite
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Local time:07:18 PM

Posted 17 September 2013 - 10:07 PM

Thanks so much for providing your help! Please see the logs below:

 

20:49:11.0580 0x16c4  TDSS rootkit removing tool 2.9.2.0 Aug 15 2013 16:44:29
20:49:12.0268 0x16c4  ============================================================
20:49:12.0268 0x16c4  Current date / time: 2013/09/17 20:49:12.0268
20:49:12.0268 0x16c4  SystemInfo:
20:49:12.0268 0x16c4  
20:49:12.0268 0x16c4  OS Version: 6.1.7601 ServicePack: 1.0
20:49:12.0268 0x16c4  Product type: Workstation
20:49:12.0268 0x16c4  ComputerName: CHEUNG-PC
20:49:12.0268 0x16c4  UserName: Cheung
20:49:12.0269 0x16c4  Windows directory: C:\Windows
20:49:12.0269 0x16c4  System windows directory: C:\Windows
20:49:12.0269 0x16c4  Running under WOW64
20:49:12.0269 0x16c4  Processor architecture: Intel x64
20:49:12.0269 0x16c4  Number of processors: 4
20:49:12.0269 0x16c4  Page size: 0x1000
20:49:12.0269 0x16c4  Boot type: Normal boot
20:49:12.0269 0x16c4  ============================================================
20:49:13.0041 0x16c4  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:49:17.0419 0x16c4  Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:49:17.0436 0x16c4  ============================================================
20:49:17.0436 0x16c4  \Device\Harddisk0\DR0:
20:49:17.0436 0x16c4  MBR partitions:
20:49:17.0436 0x16c4  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D9F000
20:49:17.0436 0x16c4  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1DB3000, BlocksNum 0x385D2800
20:49:17.0436 0x16c4  \Device\Harddisk1\DR1:
20:49:17.0436 0x16c4  MBR partitions:
20:49:17.0436 0x16c4  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A385000
20:49:17.0436 0x16c4  ============================================================
20:49:17.0461 0x16c4  C: <-> \Device\Harddisk0\DR0\Partition2
20:49:17.0487 0x16c4  D: <-> \Device\Harddisk1\DR1\Partition1
20:49:17.0487 0x16c4  ============================================================
20:49:17.0487 0x16c4  Initialize success
20:49:17.0487 0x16c4  ============================================================
20:49:37.0003 0x0d7c  ============================================================
20:49:37.0003 0x0d7c  Scan started
20:49:37.0003 0x0d7c  Mode: Manual; TDLFS;
20:49:37.0003 0x0d7c  ============================================================
20:49:37.0240 0x0d7c  ================ Scan system memory ========================
20:49:37.0240 0x0d7c  System memory - ok
20:49:37.0240 0x0d7c  ================ Scan services =============================
20:49:37.0351 0x0d7c  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
20:49:37.0363 0x0d7c  1394ohci - ok
20:49:37.0384 0x0d7c  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
20:49:37.0387 0x0d7c  ACPI - ok
20:49:37.0391 0x0d7c  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
20:49:37.0396 0x0d7c  AcpiPmi - ok
20:49:37.0473 0x0d7c  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:49:37.0481 0x0d7c  AdobeARMservice - ok
20:49:37.0574 0x0d7c  [ 7BBAF543CABE8A8D275BC7F6C66C1959 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:49:37.0576 0x0d7c  AdobeFlashPlayerUpdateSvc - ok
20:49:37.0606 0x0d7c  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
20:49:37.0624 0x0d7c  adp94xx - ok
20:49:37.0647 0x0d7c  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
20:49:37.0658 0x0d7c  adpahci - ok
20:49:37.0664 0x0d7c  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
20:49:37.0672 0x0d7c  adpu320 - ok
20:49:37.0690 0x0d7c  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
20:49:37.0694 0x0d7c  AeLookupSvc - ok
20:49:37.0729 0x0d7c  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
20:49:37.0733 0x0d7c  AFD - ok
20:49:37.0754 0x0d7c  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
20:49:37.0759 0x0d7c  agp440 - ok
20:49:37.0771 0x0d7c  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
20:49:37.0776 0x0d7c  ALG - ok
20:49:37.0798 0x0d7c  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
20:49:37.0801 0x0d7c  aliide - ok
20:49:37.0811 0x0d7c  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
20:49:37.0814 0x0d7c  amdide - ok
20:49:37.0817 0x0d7c  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
20:49:37.0821 0x0d7c  AmdK8 - ok
20:49:37.0824 0x0d7c  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
20:49:37.0829 0x0d7c  AmdPPM - ok
20:49:37.0847 0x0d7c  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
20:49:37.0853 0x0d7c  amdsata - ok
20:49:37.0861 0x0d7c  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
20:49:37.0867 0x0d7c  amdsbs - ok
20:49:37.0882 0x0d7c  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
20:49:37.0882 0x0d7c  amdxata - ok
20:49:37.0940 0x0d7c  [ 0A1CC583E8147004E4AD4625D7FBF88C ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
20:49:37.0948 0x0d7c  AntiVirSchedulerService - ok
20:49:37.0959 0x0d7c  [ C9A36EF935ACED86AEDF93E97E606911 ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
20:49:37.0969 0x0d7c  AntiVirService - ok
20:49:38.0004 0x0d7c  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
20:49:38.0010 0x0d7c  AppID - ok
20:49:38.0027 0x0d7c  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
20:49:38.0038 0x0d7c  AppIDSvc - ok
20:49:38.0064 0x0d7c  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
20:49:38.0071 0x0d7c  Appinfo - ok
20:49:38.0124 0x0d7c  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:49:38.0132 0x0d7c  Apple Mobile Device - ok
20:49:38.0147 0x0d7c  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
20:49:38.0154 0x0d7c  arc - ok
20:49:38.0159 0x0d7c  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
20:49:38.0167 0x0d7c  arcsas - ok
20:49:38.0222 0x0d7c  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
20:49:38.0246 0x0d7c  aspnet_state - ok
20:49:38.0261 0x0d7c  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
20:49:38.0266 0x0d7c  AsyncMac - ok
20:49:38.0279 0x0d7c  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
20:49:38.0279 0x0d7c  atapi - ok
20:49:38.0337 0x0d7c  [ 96ABF88241F90FF647E55C934C55C2F1 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
20:49:38.0405 0x0d7c  athr - ok
20:49:38.0436 0x0d7c  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:49:38.0450 0x0d7c  AudioEndpointBuilder - ok
20:49:38.0461 0x0d7c  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
20:49:38.0466 0x0d7c  AudioSrv - ok
20:49:38.0491 0x0d7c  [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
20:49:38.0493 0x0d7c  avgntflt - ok
20:49:38.0535 0x0d7c  [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
20:49:38.0543 0x0d7c  avipbb - ok
20:49:38.0555 0x0d7c  [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
20:49:38.0559 0x0d7c  avkmgr - ok
20:49:38.0580 0x0d7c  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
20:49:38.0592 0x0d7c  AxInstSV - ok
20:49:38.0624 0x0d7c  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
20:49:38.0634 0x0d7c  b06bdrv - ok
20:49:38.0657 0x0d7c  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
20:49:38.0667 0x0d7c  b57nd60a - ok
20:49:38.0694 0x0d7c  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
20:49:38.0704 0x0d7c  BDESVC - ok
20:49:38.0715 0x0d7c  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
20:49:38.0718 0x0d7c  Beep - ok
20:49:38.0758 0x0d7c  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
20:49:38.0783 0x0d7c  BFE - ok
20:49:38.0826 0x0d7c  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
20:49:38.0843 0x0d7c  BITS - ok
20:49:38.0868 0x0d7c  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
20:49:38.0873 0x0d7c  blbdrive - ok
20:49:38.0922 0x0d7c  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:49:38.0933 0x0d7c  Bonjour Service - ok
20:49:38.0957 0x0d7c  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
20:49:38.0958 0x0d7c  bowser - ok
20:49:38.0973 0x0d7c  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
20:49:38.0977 0x0d7c  BrFiltLo - ok
20:49:38.0981 0x0d7c  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
20:49:38.0984 0x0d7c  BrFiltUp - ok
20:49:39.0009 0x0d7c  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
20:49:39.0021 0x0d7c  Browser - ok
20:49:39.0028 0x0d7c  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
20:49:39.0040 0x0d7c  Brserid - ok
20:49:39.0044 0x0d7c  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
20:49:39.0049 0x0d7c  BrSerWdm - ok
20:49:39.0052 0x0d7c  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
20:49:39.0054 0x0d7c  BrUsbMdm - ok
20:49:39.0057 0x0d7c  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
20:49:39.0059 0x0d7c  BrUsbSer - ok
20:49:39.0062 0x0d7c  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
20:49:39.0065 0x0d7c  BTHMODEM - ok
20:49:39.0092 0x0d7c  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
20:49:39.0099 0x0d7c  bthserv - ok
20:49:39.0119 0x0d7c  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
20:49:39.0126 0x0d7c  cdfs - ok
20:49:39.0146 0x0d7c  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
20:49:39.0155 0x0d7c  cdrom - ok
20:49:39.0169 0x0d7c  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
20:49:39.0179 0x0d7c  CertPropSvc - ok
20:49:39.0193 0x0d7c  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
20:49:39.0199 0x0d7c  circlass - ok
20:49:39.0225 0x0d7c  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
20:49:39.0229 0x0d7c  CLFS - ok
20:49:39.0271 0x0d7c  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:49:39.0280 0x0d7c  clr_optimization_v2.0.50727_32 - ok
20:49:39.0308 0x0d7c  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:49:39.0315 0x0d7c  clr_optimization_v2.0.50727_64 - ok
20:49:39.0365 0x0d7c  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:49:39.0400 0x0d7c  clr_optimization_v4.0.30319_32 - ok
20:49:39.0416 0x0d7c  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:49:39.0426 0x0d7c  clr_optimization_v4.0.30319_64 - ok
20:49:39.0444 0x0d7c  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
20:49:39.0448 0x0d7c  CmBatt - ok
20:49:39.0475 0x0d7c  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
20:49:39.0480 0x0d7c  cmdide - ok
20:49:39.0513 0x0d7c  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
20:49:39.0517 0x0d7c  CNG - ok
20:49:39.0574 0x0d7c  [ 5C855932E4DF00B1B6F5F6F57E82B6C5 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
20:49:39.0595 0x0d7c  CnxtHdAudService - ok
20:49:39.0598 0x0d7c  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
20:49:39.0601 0x0d7c  Compbatt - ok
20:49:39.0626 0x0d7c  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
20:49:39.0629 0x0d7c  CompositeBus - ok
20:49:39.0640 0x0d7c  COMSysApp - ok
20:49:39.0643 0x0d7c  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
20:49:39.0647 0x0d7c  crcdisk - ok
20:49:39.0681 0x0d7c  [ 6B400F211BEE880A37A1ED0368776BF4 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
20:49:39.0691 0x0d7c  CryptSvc - ok
20:49:39.0750 0x0d7c  [ FD557A50A65E44041CD2FCEF4BEB04DB ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
20:49:39.0758 0x0d7c  cvhsvc - ok
20:49:39.0781 0x0d7c  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
20:49:39.0786 0x0d7c  DcomLaunch - ok
20:49:39.0802 0x0d7c  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
20:49:39.0805 0x0d7c  defragsvc - ok
20:49:39.0816 0x0d7c  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
20:49:39.0817 0x0d7c  DfsC - ok
20:49:39.0841 0x0d7c  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
20:49:39.0851 0x0d7c  Dhcp - ok
20:49:39.0871 0x0d7c  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
20:49:39.0872 0x0d7c  discache - ok
20:49:39.0899 0x0d7c  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
20:49:39.0900 0x0d7c  Disk - ok
20:49:39.0918 0x0d7c  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
20:49:39.0929 0x0d7c  Dnscache - ok
20:49:39.0946 0x0d7c  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
20:49:39.0965 0x0d7c  dot3svc - ok
20:49:39.0986 0x0d7c  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
20:49:39.0988 0x0d7c  DPS - ok
20:49:40.0012 0x0d7c  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
20:49:40.0015 0x0d7c  drmkaud - ok
20:49:40.0049 0x0d7c  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
20:49:40.0064 0x0d7c  DXGKrnl - ok
20:49:40.0077 0x0d7c  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
20:49:40.0082 0x0d7c  EapHost - ok
20:49:40.0149 0x0d7c  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
20:49:40.0218 0x0d7c  ebdrv - ok
20:49:40.0242 0x0d7c  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
20:49:40.0246 0x0d7c  EFS - ok
20:49:40.0304 0x0d7c  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
20:49:40.0353 0x0d7c  ehRecvr - ok
20:49:40.0357 0x0d7c  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
20:49:40.0367 0x0d7c  ehSched - ok
20:49:40.0397 0x0d7c  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
20:49:40.0408 0x0d7c  elxstor - ok
20:49:40.0413 0x0d7c  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
20:49:40.0417 0x0d7c  ErrDev - ok
20:49:40.0441 0x0d7c  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
20:49:40.0444 0x0d7c  EventSystem - ok
20:49:40.0472 0x0d7c  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
20:49:40.0480 0x0d7c  exfat - ok
20:49:40.0494 0x0d7c  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
20:49:40.0496 0x0d7c  fastfat - ok
20:49:40.0517 0x0d7c  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
20:49:40.0526 0x0d7c  Fax - ok
20:49:40.0531 0x0d7c  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
20:49:40.0536 0x0d7c  fdc - ok
20:49:40.0545 0x0d7c  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
20:49:40.0549 0x0d7c  fdPHost - ok
20:49:40.0554 0x0d7c  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
20:49:40.0560 0x0d7c  FDResPub - ok
20:49:40.0573 0x0d7c  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
20:49:40.0574 0x0d7c  FileInfo - ok
20:49:40.0587 0x0d7c  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
20:49:40.0590 0x0d7c  Filetrace - ok
20:49:40.0593 0x0d7c  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
20:49:40.0596 0x0d7c  flpydisk - ok
20:49:40.0610 0x0d7c  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
20:49:40.0612 0x0d7c  FltMgr - ok
20:49:40.0656 0x0d7c  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
20:49:40.0678 0x0d7c  FontCache - ok
20:49:40.0720 0x0d7c  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:49:40.0728 0x0d7c  FontCache3.0.0.0 - ok
20:49:40.0747 0x0d7c  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
20:49:40.0754 0x0d7c  FsDepends - ok
20:49:40.0772 0x0d7c  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
20:49:40.0777 0x0d7c  Fs_Rec - ok
20:49:40.0800 0x0d7c  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
20:49:40.0802 0x0d7c  fvevol - ok
20:49:40.0822 0x0d7c  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
20:49:40.0829 0x0d7c  gagp30kx - ok
20:49:40.0877 0x0d7c  [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
20:49:40.0892 0x0d7c  GamesAppService - ok
20:49:40.0913 0x0d7c  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:49:40.0918 0x0d7c  GEARAspiWDM - ok
20:49:40.0941 0x0d7c  [ D3316F6E3C011435F36E3D6E49B3196C ] GoToAssist      C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
20:49:40.0948 0x0d7c  GoToAssist - ok
20:49:40.0982 0x0d7c  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
20:49:40.0997 0x0d7c  gpsvc - ok
20:49:41.0015 0x0d7c  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
20:49:41.0019 0x0d7c  hcw85cir - ok
20:49:41.0040 0x0d7c  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
20:49:41.0041 0x0d7c  HDAudBus - ok
20:49:41.0045 0x0d7c  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
20:49:41.0050 0x0d7c  HidBatt - ok
20:49:41.0055 0x0d7c  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
20:49:41.0062 0x0d7c  HidBth - ok
20:49:41.0065 0x0d7c  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
20:49:41.0070 0x0d7c  HidIr - ok
20:49:41.0077 0x0d7c  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
20:49:41.0078 0x0d7c  hidserv - ok
20:49:41.0093 0x0d7c  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
20:49:41.0097 0x0d7c  HidUsb - ok
20:49:41.0110 0x0d7c  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
20:49:41.0111 0x0d7c  hkmsvc - ok
20:49:41.0133 0x0d7c  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:49:41.0150 0x0d7c  HomeGroupListener - ok
20:49:41.0169 0x0d7c  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:49:41.0177 0x0d7c  HomeGroupProvider - ok
20:49:41.0188 0x0d7c  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
20:49:41.0194 0x0d7c  HpSAMD - ok
20:49:41.0217 0x0d7c  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
20:49:41.0222 0x0d7c  HTTP - ok
20:49:41.0230 0x0d7c  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
20:49:41.0231 0x0d7c  hwpolicy - ok
20:49:41.0257 0x0d7c  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
20:49:41.0263 0x0d7c  i8042prt - ok
20:49:41.0293 0x0d7c  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
20:49:41.0305 0x0d7c  iaStorV - ok
20:49:41.0350 0x0d7c  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:49:41.0388 0x0d7c  idsvc - ok
20:49:41.0570 0x0d7c  [ EFE5A0AF39A8E179624117C521F1E012 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
20:49:41.0805 0x0d7c  igfx - ok
20:49:41.0822 0x0d7c  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
20:49:41.0825 0x0d7c  iirsp - ok
20:49:41.0859 0x0d7c  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
20:49:41.0884 0x0d7c  IKEEXT - ok
20:49:41.0919 0x0d7c  [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
20:49:41.0929 0x0d7c  IntcDAud - ok
20:49:41.0949 0x0d7c  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
20:49:41.0949 0x0d7c  intelide - ok
20:49:41.0977 0x0d7c  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
20:49:41.0978 0x0d7c  intelppm - ok
20:49:41.0987 0x0d7c  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
20:49:42.0000 0x0d7c  IPBusEnum - ok
20:49:42.0015 0x0d7c  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:49:42.0022 0x0d7c  IpFilterDriver - ok
20:49:42.0051 0x0d7c  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
20:49:42.0058 0x0d7c  iphlpsvc - ok
20:49:42.0062 0x0d7c  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
20:49:42.0070 0x0d7c  IPMIDRV - ok
20:49:42.0075 0x0d7c  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
20:49:42.0082 0x0d7c  IPNAT - ok
20:49:42.0126 0x0d7c  [ 0F261EC4F514926177C70C1832374231 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
20:49:42.0131 0x0d7c  iPod Service - ok
20:49:42.0148 0x0d7c  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
20:49:42.0151 0x0d7c  IRENUM - ok
20:49:42.0155 0x0d7c  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
20:49:42.0160 0x0d7c  isapnp - ok
20:49:42.0174 0x0d7c  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
20:49:42.0186 0x0d7c  iScsiPrt - ok
20:49:42.0212 0x0d7c  [ BD5BF20EC242E003A2F570B8754A56D1 ] ivusb           C:\Windows\system32\DRIVERS\ivusb.sys
20:49:42.0215 0x0d7c  ivusb - ok
20:49:42.0224 0x0d7c  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
20:49:42.0227 0x0d7c  kbdclass - ok
20:49:42.0250 0x0d7c  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
20:49:42.0253 0x0d7c  kbdhid - ok
20:49:42.0259 0x0d7c  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
20:49:42.0260 0x0d7c  KeyIso - ok
20:49:42.0279 0x0d7c  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
20:49:42.0280 0x0d7c  KSecDD - ok
20:49:42.0285 0x0d7c  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
20:49:42.0286 0x0d7c  KSecPkg - ok
20:49:42.0291 0x0d7c  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
20:49:42.0294 0x0d7c  ksthunk - ok
20:49:42.0315 0x0d7c  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
20:49:42.0325 0x0d7c  KtmRm - ok
20:49:42.0351 0x0d7c  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
20:49:42.0362 0x0d7c  LanmanServer - ok
20:49:42.0373 0x0d7c  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:49:42.0383 0x0d7c  LanmanWorkstation - ok
20:49:42.0409 0x0d7c  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
20:49:42.0415 0x0d7c  lltdio - ok
20:49:42.0439 0x0d7c  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
20:49:42.0459 0x0d7c  lltdsvc - ok
20:49:42.0490 0x0d7c  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
20:49:42.0496 0x0d7c  lmhosts - ok
20:49:42.0532 0x0d7c  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
20:49:42.0539 0x0d7c  LSI_FC - ok
20:49:42.0544 0x0d7c  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
20:49:42.0550 0x0d7c  LSI_SAS - ok
20:49:42.0555 0x0d7c  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
20:49:42.0561 0x0d7c  LSI_SAS2 - ok
20:49:42.0565 0x0d7c  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
20:49:42.0569 0x0d7c  LSI_SCSI - ok
20:49:42.0585 0x0d7c  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
20:49:42.0586 0x0d7c  luafv - ok
20:49:42.0613 0x0d7c  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
20:49:42.0625 0x0d7c  Mcx2Svc - ok
20:49:42.0629 0x0d7c  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
20:49:42.0635 0x0d7c  megasas - ok
20:49:42.0653 0x0d7c  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
20:49:42.0663 0x0d7c  MegaSR - ok
20:49:42.0696 0x0d7c  [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
20:49:42.0702 0x0d7c  MEIx64 - ok
20:49:42.0751 0x0d7c  Microsoft SharePoint Workspace Audit Service - ok
20:49:42.0770 0x0d7c  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
20:49:42.0772 0x0d7c  MMCSS - ok
20:49:42.0793 0x0d7c  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
20:49:42.0798 0x0d7c  Modem - ok
20:49:42.0817 0x0d7c  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
20:49:42.0818 0x0d7c  monitor - ok
20:49:42.0849 0x0d7c  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
20:49:42.0855 0x0d7c  mouclass - ok
20:49:42.0858 0x0d7c  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
20:49:42.0863 0x0d7c  mouhid - ok
20:49:42.0887 0x0d7c  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
20:49:42.0888 0x0d7c  mountmgr - ok
20:49:42.0940 0x0d7c  [ A35576A433F4AEB0D48976A004657CB6 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:49:42.0950 0x0d7c  MozillaMaintenance - ok
20:49:42.0966 0x0d7c  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
20:49:42.0976 0x0d7c  mpio - ok
20:49:42.0989 0x0d7c  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
20:49:42.0995 0x0d7c  mpsdrv - ok
20:49:43.0026 0x0d7c  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
20:49:43.0050 0x0d7c  MpsSvc - ok
20:49:43.0055 0x0d7c  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
20:49:43.0064 0x0d7c  MRxDAV - ok
20:49:43.0087 0x0d7c  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
20:49:43.0088 0x0d7c  mrxsmb - ok
20:49:43.0103 0x0d7c  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:49:43.0107 0x0d7c  mrxsmb10 - ok
20:49:43.0120 0x0d7c  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:49:43.0121 0x0d7c  mrxsmb20 - ok
20:49:43.0144 0x0d7c  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
20:49:43.0150 0x0d7c  msahci - ok
20:49:43.0163 0x0d7c  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
20:49:43.0172 0x0d7c  msdsm - ok
20:49:43.0193 0x0d7c  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
20:49:43.0203 0x0d7c  MSDTC - ok
20:49:43.0222 0x0d7c  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
20:49:43.0223 0x0d7c  Msfs - ok
20:49:43.0248 0x0d7c  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
20:49:43.0251 0x0d7c  mshidkmdf - ok
20:49:43.0264 0x0d7c  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
20:49:43.0265 0x0d7c  msisadrv - ok
20:49:43.0287 0x0d7c  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
20:49:43.0300 0x0d7c  MSiSCSI - ok
20:49:43.0303 0x0d7c  msiserver - ok
20:49:43.0322 0x0d7c  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
20:49:43.0326 0x0d7c  MSKSSRV - ok
20:49:43.0339 0x0d7c  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
20:49:43.0343 0x0d7c  MSPCLOCK - ok
20:49:43.0346 0x0d7c  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
20:49:43.0350 0x0d7c  MSPQM - ok
20:49:43.0366 0x0d7c  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
20:49:43.0371 0x0d7c  MsRPC - ok
20:49:43.0381 0x0d7c  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
20:49:43.0382 0x0d7c  mssmbios - ok
20:49:43.0385 0x0d7c  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
20:49:43.0389 0x0d7c  MSTEE - ok
20:49:43.0393 0x0d7c  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
20:49:43.0397 0x0d7c  MTConfig - ok
20:49:43.0405 0x0d7c  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
20:49:43.0406 0x0d7c  Mup - ok
20:49:43.0424 0x0d7c  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
20:49:43.0428 0x0d7c  napagent - ok
20:49:43.0454 0x0d7c  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
20:49:43.0470 0x0d7c  NativeWifiP - ok
20:49:43.0517 0x0d7c  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
20:49:43.0525 0x0d7c  NDIS - ok
20:49:43.0535 0x0d7c  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
20:49:43.0540 0x0d7c  NdisCap - ok
20:49:43.0561 0x0d7c  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
20:49:43.0565 0x0d7c  NdisTapi - ok
20:49:43.0590 0x0d7c  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
20:49:43.0596 0x0d7c  Ndisuio - ok
20:49:43.0609 0x0d7c  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
20:49:43.0618 0x0d7c  NdisWan - ok
20:49:43.0639 0x0d7c  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
20:49:43.0645 0x0d7c  NDProxy - ok
20:49:43.0649 0x0d7c  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
20:49:43.0650 0x0d7c  NetBIOS - ok
20:49:43.0664 0x0d7c  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
20:49:43.0666 0x0d7c  NetBT - ok
20:49:43.0676 0x0d7c  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
20:49:43.0677 0x0d7c  Netlogon - ok
20:49:43.0701 0x0d7c  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
20:49:43.0705 0x0d7c  Netman - ok
20:49:43.0733 0x0d7c  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:49:43.0764 0x0d7c  NetMsmqActivator - ok
20:49:43.0769 0x0d7c  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:49:43.0770 0x0d7c  NetPipeActivator - ok
20:49:43.0792 0x0d7c  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
20:49:43.0815 0x0d7c  netprofm - ok
20:49:43.0819 0x0d7c  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:49:43.0820 0x0d7c  NetTcpActivator - ok
20:49:43.0825 0x0d7c  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:49:43.0826 0x0d7c  NetTcpPortSharing - ok
20:49:43.0852 0x0d7c  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
20:49:43.0858 0x0d7c  nfrd960 - ok
20:49:43.0884 0x0d7c  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
20:49:43.0901 0x0d7c  NlaSvc - ok
20:49:43.0982 0x0d7c  [ B9B72FAAAA41D59B73B88FE3DD737ED1 ] NOBU            C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
20:49:44.0023 0x0d7c  NOBU - ok
20:49:44.0030 0x0d7c  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
20:49:44.0031 0x0d7c  Npfs - ok
20:49:44.0048 0x0d7c  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
20:49:44.0053 0x0d7c  nsi - ok
20:49:44.0063 0x0d7c  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
20:49:44.0064 0x0d7c  nsiproxy - ok
20:49:44.0107 0x0d7c  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
20:49:44.0139 0x0d7c  Ntfs - ok
20:49:44.0154 0x0d7c  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
20:49:44.0157 0x0d7c  Null - ok
20:49:44.0185 0x0d7c  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
20:49:44.0193 0x0d7c  nvraid - ok
20:49:44.0210 0x0d7c  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
20:49:44.0219 0x0d7c  nvstor - ok
20:49:44.0243 0x0d7c  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
20:49:44.0251 0x0d7c  nv_agp - ok
20:49:44.0255 0x0d7c  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
20:49:44.0262 0x0d7c  ohci1394 - ok
20:49:44.0292 0x0d7c  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:49:44.0293 0x0d7c  ose - ok
20:49:44.0398 0x0d7c  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:49:44.0454 0x0d7c  osppsvc - ok
20:49:44.0478 0x0d7c  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
20:49:44.0482 0x0d7c  p2pimsvc - ok
20:49:44.0509 0x0d7c  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
20:49:44.0535 0x0d7c  p2psvc - ok
20:49:44.0550 0x0d7c  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys
20:49:44.0557 0x0d7c  Parport - ok
20:49:44.0574 0x0d7c  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
20:49:44.0575 0x0d7c  partmgr - ok
20:49:44.0588 0x0d7c  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
20:49:44.0599 0x0d7c  PcaSvc - ok
20:49:44.0627 0x0d7c  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
20:49:44.0628 0x0d7c  pci - ok
20:49:44.0648 0x0d7c  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
20:49:44.0653 0x0d7c  pciide - ok
20:49:44.0659 0x0d7c  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
20:49:44.0669 0x0d7c  pcmcia - ok
20:49:44.0682 0x0d7c  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
20:49:44.0683 0x0d7c  pcw - ok
20:49:44.0702 0x0d7c  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
20:49:44.0735 0x0d7c  PEAUTH - ok
20:49:44.0809 0x0d7c  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
20:49:44.0816 0x0d7c  PerfHost - ok
20:49:44.0870 0x0d7c  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
20:49:44.0928 0x0d7c  pla - ok
20:49:44.0965 0x0d7c  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
20:49:44.0989 0x0d7c  PlugPlay - ok
20:49:45.0000 0x0d7c  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
20:49:45.0010 0x0d7c  PNRPAutoReg - ok
20:49:45.0028 0x0d7c  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
20:49:45.0032 0x0d7c  PNRPsvc - ok
20:49:45.0056 0x0d7c  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
20:49:45.0073 0x0d7c  PolicyAgent - ok
20:49:45.0097 0x0d7c  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
20:49:45.0100 0x0d7c  Power - ok
20:49:45.0130 0x0d7c  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
20:49:45.0138 0x0d7c  PptpMiniport - ok
20:49:45.0149 0x0d7c  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
20:49:45.0155 0x0d7c  Processor - ok
20:49:45.0182 0x0d7c  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
20:49:45.0198 0x0d7c  ProfSvc - ok
20:49:45.0209 0x0d7c  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:49:45.0211 0x0d7c  ProtectedStorage - ok
20:49:45.0223 0x0d7c  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
20:49:45.0224 0x0d7c  Psched - ok
20:49:45.0262 0x0d7c  [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
20:49:45.0263 0x0d7c  PxHlpa64 - ok
20:49:45.0306 0x0d7c  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
20:49:45.0353 0x0d7c  ql2300 - ok
20:49:45.0359 0x0d7c  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
20:49:45.0367 0x0d7c  ql40xx - ok
20:49:45.0389 0x0d7c  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
20:49:45.0413 0x0d7c  QWAVE - ok
20:49:45.0420 0x0d7c  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
20:49:45.0424 0x0d7c  QWAVEdrv - ok
20:49:45.0426 0x0d7c  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
20:49:45.0428 0x0d7c  RasAcd - ok
20:49:45.0450 0x0d7c  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
20:49:45.0454 0x0d7c  RasAgileVpn - ok
20:49:45.0471 0x0d7c  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
20:49:45.0482 0x0d7c  RasAuto - ok
20:49:45.0500 0x0d7c  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
20:49:45.0508 0x0d7c  Rasl2tp - ok
20:49:45.0528 0x0d7c  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
20:49:45.0545 0x0d7c  RasMan - ok
20:49:45.0557 0x0d7c  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
20:49:45.0564 0x0d7c  RasPppoe - ok
20:49:45.0573 0x0d7c  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
20:49:45.0579 0x0d7c  RasSstp - ok
20:49:45.0593 0x0d7c  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
20:49:45.0596 0x0d7c  rdbss - ok
20:49:45.0610 0x0d7c  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
20:49:45.0615 0x0d7c  rdpbus - ok
20:49:45.0624 0x0d7c  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
20:49:45.0624 0x0d7c  RDPCDD - ok
20:49:45.0643 0x0d7c  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
20:49:45.0644 0x0d7c  RDPENCDD - ok
20:49:45.0656 0x0d7c  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
20:49:45.0657 0x0d7c  RDPREFMP - ok
20:49:45.0679 0x0d7c  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
20:49:45.0688 0x0d7c  RDPWD - ok
20:49:45.0708 0x0d7c  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
20:49:45.0710 0x0d7c  rdyboost - ok
20:49:45.0728 0x0d7c  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
20:49:45.0738 0x0d7c  RemoteAccess - ok
20:49:45.0755 0x0d7c  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
20:49:45.0765 0x0d7c  RemoteRegistry - ok
20:49:45.0838 0x0d7c  [ 3C957189B31C34D3AD21967B12B6AED7 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
20:49:45.0881 0x0d7c  RoxMediaDB12OEM - ok
20:49:45.0907 0x0d7c  [ 2B73088CC2CA757A172B425C9398E5BC ] RoxWatch12      C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
20:49:45.0908 0x0d7c  RoxWatch12 - ok
20:49:45.0916 0x0d7c  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
20:49:45.0920 0x0d7c  RpcEptMapper - ok
20:49:45.0943 0x0d7c  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
20:49:45.0948 0x0d7c  RpcLocator - ok
20:49:45.0966 0x0d7c  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
20:49:45.0972 0x0d7c  RpcSs - ok
20:49:45.0993 0x0d7c  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
20:49:45.0999 0x0d7c  rspndr - ok
20:49:46.0037 0x0d7c  [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
20:49:46.0047 0x0d7c  RTL8167 - ok
20:49:46.0059 0x0d7c  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
20:49:46.0061 0x0d7c  SamSs - ok
20:49:46.0076 0x0d7c  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
20:49:46.0085 0x0d7c  sbp2port - ok
20:49:46.0094 0x0d7c  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
20:49:46.0106 0x0d7c  SCardSvr - ok
20:49:46.0120 0x0d7c  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
20:49:46.0124 0x0d7c  scfilter - ok
20:49:46.0147 0x0d7c  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
20:49:46.0161 0x0d7c  Schedule - ok
20:49:46.0178 0x0d7c  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
20:49:46.0178 0x0d7c  SCPolicySvc - ok
20:49:46.0187 0x0d7c  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
20:49:46.0204 0x0d7c  SDRSVC - ok
20:49:46.0277 0x0d7c  [ 95AA9E165C7DE1B64A11E8B18E91E499 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
20:49:46.0298 0x0d7c  SDScannerService - ok
20:49:46.0340 0x0d7c  [ D31398D4BB4907B517B6E784C2100C4A ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
20:49:46.0364 0x0d7c  SDUpdateService - ok
20:49:46.0375 0x0d7c  [ 6AE8E702D1027A9627DDE2B77BB9992B ] SDWSCService    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
20:49:46.0376 0x0d7c  SDWSCService - ok
20:49:46.0395 0x0d7c  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
20:49:46.0400 0x0d7c  secdrv - ok
20:49:46.0415 0x0d7c  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
20:49:46.0420 0x0d7c  seclogon - ok
20:49:46.0442 0x0d7c  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
20:49:46.0450 0x0d7c  SENS - ok
20:49:46.0467 0x0d7c  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
20:49:46.0478 0x0d7c  SensrSvc - ok
20:49:46.0497 0x0d7c  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\drivers\serenum.sys
20:49:46.0501 0x0d7c  Serenum - ok
20:49:46.0520 0x0d7c  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\drivers\serial.sys
20:49:46.0527 0x0d7c  Serial - ok
20:49:46.0531 0x0d7c  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
20:49:46.0535 0x0d7c  sermouse - ok
20:49:46.0546 0x0d7c  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
20:49:46.0549 0x0d7c  SessionEnv - ok
20:49:46.0553 0x0d7c  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
20:49:46.0555 0x0d7c  sffdisk - ok
20:49:46.0558 0x0d7c  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
20:49:46.0561 0x0d7c  sffp_mmc - ok
20:49:46.0563 0x0d7c  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
20:49:46.0566 0x0d7c  sffp_sd - ok
20:49:46.0568 0x0d7c  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
20:49:46.0571 0x0d7c  sfloppy - ok
20:49:46.0594 0x0d7c  [ 2046AA7491DE7EFA4D70E615D9BC9D09 ] Sftfs           C:\Windows\system32\DRIVERS\Sftfslh.sys
20:49:46.0602 0x0d7c  Sftfs - ok
20:49:46.0642 0x0d7c  [ 77C5A741A7452812F278EF2C18478862 ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
20:49:46.0654 0x0d7c  sftlist - ok
20:49:46.0673 0x0d7c  [ 0E0446BC4D51BE4263ACB7E33491191C ] Sftplay         C:\Windows\system32\DRIVERS\Sftplaylh.sys
20:49:46.0681 0x0d7c  Sftplay - ok
20:49:46.0699 0x0d7c  [ C5FB982CD266E604ED3142102C26D62C ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
20:49:46.0700 0x0d7c  Sftredir - ok
20:49:46.0768 0x0d7c  [ 29DDEA72C5BDF61D62F4D438DC0E497C ] SftService      C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
20:49:46.0814 0x0d7c  SftService - ok
20:49:46.0823 0x0d7c  [ 2575511AF67AA1FA068CCC4918E2C2A3 ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
20:49:46.0826 0x0d7c  Sftvol - ok
20:49:46.0837 0x0d7c  [ 39B1D0A636A400304565D4521FAD6D77 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
20:49:46.0842 0x0d7c  sftvsa - ok
20:49:46.0869 0x0d7c  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
20:49:46.0894 0x0d7c  SharedAccess - ok
20:49:46.0923 0x0d7c  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:49:46.0936 0x0d7c  ShellHWDetection - ok
20:49:46.0958 0x0d7c  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
20:49:46.0965 0x0d7c  SiSRaid2 - ok
20:49:46.0969 0x0d7c  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
20:49:46.0976 0x0d7c  SiSRaid4 - ok
20:49:47.0007 0x0d7c  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
20:49:47.0048 0x0d7c  SkypeUpdate - ok
20:49:47.0058 0x0d7c  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
20:49:47.0062 0x0d7c  Smb - ok
20:49:47.0077 0x0d7c  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
20:49:47.0080 0x0d7c  SNMPTRAP - ok
20:49:47.0090 0x0d7c  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
20:49:47.0091 0x0d7c  spldr - ok
20:49:47.0115 0x0d7c  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
20:49:47.0125 0x0d7c  Spooler - ok
20:49:47.0191 0x0d7c  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
20:49:47.0245 0x0d7c  sppsvc - ok
20:49:47.0260 0x0d7c  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
20:49:47.0267 0x0d7c  sppuinotify - ok
20:49:47.0293 0x0d7c  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
20:49:47.0295 0x0d7c  srv - ok
20:49:47.0309 0x0d7c  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
20:49:47.0313 0x0d7c  srv2 - ok
20:49:47.0326 0x0d7c  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
20:49:47.0328 0x0d7c  srvnet - ok
20:49:47.0349 0x0d7c  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
20:49:47.0366 0x0d7c  SSDPSRV - ok
20:49:47.0375 0x0d7c  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
20:49:47.0383 0x0d7c  SstpSvc - ok
20:49:47.0401 0x0d7c  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
20:49:47.0407 0x0d7c  stexstor - ok
20:49:47.0435 0x0d7c  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
20:49:47.0468 0x0d7c  stisvc - ok
20:49:47.0506 0x0d7c  [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr        C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
20:49:47.0515 0x0d7c  stllssvr - ok
20:49:47.0531 0x0d7c  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
20:49:47.0535 0x0d7c  swenum - ok
20:49:47.0555 0x0d7c  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
20:49:47.0580 0x0d7c  swprv - ok
20:49:47.0617 0x0d7c  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
20:49:47.0649 0x0d7c  SysMain - ok
20:49:47.0662 0x0d7c  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:49:47.0674 0x0d7c  TabletInputService - ok
20:49:47.0684 0x0d7c  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
20:49:47.0700 0x0d7c  TapiSrv - ok
20:49:47.0707 0x0d7c  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
20:49:47.0708 0x0d7c  TBS - ok
20:49:47.0763 0x0d7c  [ DB74544B75566C974815E79A62433F29 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
20:49:47.0797 0x0d7c  Tcpip - ok
20:49:47.0836 0x0d7c  [ DB74544B75566C974815E79A62433F29 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
20:49:47.0845 0x0d7c  TCPIP6 - ok
20:49:47.0865 0x0d7c  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
20:49:47.0869 0x0d7c  tcpipreg - ok
20:49:47.0893 0x0d7c  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
20:49:47.0895 0x0d7c  TDPIPE - ok
20:49:47.0911 0x0d7c  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
20:49:47.0915 0x0d7c  TDTCP - ok
20:49:47.0928 0x0d7c  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
20:49:47.0935 0x0d7c  tdx - ok
20:49:47.0949 0x0d7c  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
20:49:47.0955 0x0d7c  TermDD - ok
20:49:47.0982 0x0d7c  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
20:49:47.0992 0x0d7c  TermService - ok
20:49:48.0006 0x0d7c  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
20:49:48.0017 0x0d7c  Themes - ok
20:49:48.0036 0x0d7c  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
20:49:48.0038 0x0d7c  THREADORDER - ok
20:49:48.0047 0x0d7c  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
20:49:48.0056 0x0d7c  TrkWks - ok
20:49:48.0099 0x0d7c  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:49:48.0101 0x0d7c  TrustedInstaller - ok
20:49:48.0121 0x0d7c  [ 4CE278FC9671BA81A138D70823FCAA09 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
20:49:48.0126 0x0d7c  tssecsrv - ok
20:49:48.0153 0x0d7c  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
20:49:48.0160 0x0d7c  TsUsbFlt - ok
20:49:48.0180 0x0d7c  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
20:49:48.0186 0x0d7c  TsUsbGD - ok
20:49:48.0213 0x0d7c  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
20:49:48.0221 0x0d7c  tunnel - ok
20:49:48.0226 0x0d7c  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
20:49:48.0232 0x0d7c  uagp35 - ok
20:49:48.0252 0x0d7c  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
20:49:48.0264 0x0d7c  udfs - ok
20:49:48.0281 0x0d7c  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
20:49:48.0290 0x0d7c  UI0Detect - ok
20:49:48.0294 0x0d7c  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
20:49:48.0300 0x0d7c  uliagpkx - ok
20:49:48.0310 0x0d7c  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
20:49:48.0317 0x0d7c  umbus - ok
20:49:48.0340 0x0d7c  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
20:49:48.0342 0x0d7c  UmPass - ok
20:49:48.0364 0x0d7c  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
20:49:48.0388 0x0d7c  upnphost - ok
20:49:48.0412 0x0d7c  [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
20:49:48.0418 0x0d7c  USBAAPL64 - ok
20:49:48.0449 0x0d7c  [ 19AD7990C0B67E48DAC5B26F99628223 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
20:49:48.0456 0x0d7c  usbccgp - ok
20:49:48.0460 0x0d7c  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
20:49:48.0469 0x0d7c  usbcir - ok
20:49:48.0479 0x0d7c  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
20:49:48.0482 0x0d7c  usbehci - ok
20:49:48.0511 0x0d7c  [ 8B892002D7B79312821169A14317AB86 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
20:49:48.0527 0x0d7c  usbhub - ok
20:49:48.0545 0x0d7c  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
20:49:48.0550 0x0d7c  usbohci - ok
20:49:48.0569 0x0d7c  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
20:49:48.0574 0x0d7c  usbprint - ok
20:49:48.0601 0x0d7c  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
20:49:48.0606 0x0d7c  usbscan - ok
20:49:48.0614 0x0d7c  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:49:48.0622 0x0d7c  USBSTOR - ok
20:49:48.0646 0x0d7c  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
20:49:48.0651 0x0d7c  usbuhci - ok
20:49:48.0671 0x0d7c  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
20:49:48.0673 0x0d7c  UxSms - ok
20:49:48.0684 0x0d7c  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
20:49:48.0686 0x0d7c  VaultSvc - ok
20:49:48.0691 0x0d7c  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
20:49:48.0692 0x0d7c  vdrvroot - ok
20:49:48.0711 0x0d7c  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
20:49:48.0736 0x0d7c  vds - ok
20:49:48.0753 0x0d7c  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
20:49:48.0758 0x0d7c  vga - ok
20:49:48.0769 0x0d7c  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
20:49:48.0773 0x0d7c  VgaSave - ok
20:49:48.0779 0x0d7c  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
20:49:48.0791 0x0d7c  vhdmp - ok
20:49:48.0808 0x0d7c  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
20:49:48.0812 0x0d7c  viaide - ok
20:49:48.0830 0x0d7c  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
20:49:48.0831 0x0d7c  volmgr - ok
20:49:48.0847 0x0d7c  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
20:49:48.0851 0x0d7c  volmgrx - ok
20:49:48.0868 0x0d7c  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
20:49:48.0871 0x0d7c  volsnap - ok
20:49:48.0890 0x0d7c  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
20:49:48.0897 0x0d7c  vsmraid - ok
20:49:48.0948 0x0d7c  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
20:49:48.0979 0x0d7c  VSS - ok
20:49:49.0000 0x0d7c  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
20:49:49.0003 0x0d7c  vwifibus - ok
20:49:49.0019 0x0d7c  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
20:49:49.0025 0x0d7c  vwififlt - ok
20:49:49.0044 0x0d7c  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
20:49:49.0061 0x0d7c  W32Time - ok
20:49:49.0073 0x0d7c  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
20:49:49.0078 0x0d7c  WacomPen - ok
20:49:49.0097 0x0d7c  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
20:49:49.0105 0x0d7c  WANARP - ok
20:49:49.0108 0x0d7c  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
20:49:49.0110 0x0d7c  Wanarpv6 - ok
20:49:49.0160 0x0d7c  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
20:49:49.0204 0x0d7c  WatAdminSvc - ok
20:49:49.0239 0x0d7c  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
20:49:49.0280 0x0d7c  wbengine - ok
20:49:49.0313 0x0d7c  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
20:49:49.0330 0x0d7c  WbioSrvc - ok
20:49:49.0346 0x0d7c  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
20:49:49.0369 0x0d7c  wcncsvc - ok
20:49:49.0385 0x0d7c  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:49:49.0392 0x0d7c  WcsPlugInService - ok
20:49:49.0410 0x0d7c  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
20:49:49.0415 0x0d7c  Wd - ok
20:49:49.0445 0x0d7c  [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM         C:\Windows\system32\DRIVERS\wdcsam64.sys
20:49:49.0449 0x0d7c  WDC_SAM - ok
20:49:49.0472 0x0d7c  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
20:49:49.0479 0x0d7c  Wdf01000 - ok
20:49:49.0493 0x0d7c  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
20:49:49.0502 0x0d7c  WdiServiceHost - ok
20:49:49.0505 0x0d7c  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
20:49:49.0508 0x0d7c  WdiSystemHost - ok
20:49:49.0526 0x0d7c  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
20:49:49.0540 0x0d7c  WebClient - ok
20:49:49.0560 0x0d7c  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
20:49:49.0580 0x0d7c  Wecsvc - ok
20:49:49.0593 0x0d7c  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
20:49:49.0603 0x0d7c  wercplsupport - ok
20:49:49.0621 0x0d7c  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
20:49:49.0633 0x0d7c  WerSvc - ok
20:49:49.0657 0x0d7c  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
20:49:49.0660 0x0d7c  WfpLwf - ok
20:49:49.0692 0x0d7c  [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
20:49:49.0700 0x0d7c  WimFltr - ok
20:49:49.0714 0x0d7c  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
20:49:49.0720 0x0d7c  WIMMount - ok
20:49:49.0741 0x0d7c  WinDefend - ok
20:49:49.0752 0x0d7c  WinHttpAutoProxySvc - ok
20:49:49.0791 0x0d7c  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
20:49:49.0794 0x0d7c  Winmgmt - ok
20:49:49.0844 0x0d7c  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
20:49:49.0921 0x0d7c  WinRM - ok
20:49:49.0966 0x0d7c  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
20:49:49.0974 0x0d7c  WinUsb - ok
20:49:50.0008 0x0d7c  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
20:49:50.0024 0x0d7c  Wlansvc - ok
20:49:50.0089 0x0d7c  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
20:49:50.0096 0x0d7c  wlcrasvc - ok
20:49:50.0188 0x0d7c  [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:49:50.0236 0x0d7c  wlidsvc - ok
20:49:50.0256 0x0d7c  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
20:49:50.0259 0x0d7c  WmiAcpi - ok
20:49:50.0278 0x0d7c  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
20:49:50.0285 0x0d7c  wmiApSrv - ok
20:49:50.0303 0x0d7c  WMPNetworkSvc - ok
20:49:50.0315 0x0d7c  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
20:49:50.0325 0x0d7c  WPCSvc - ok
20:49:50.0336 0x0d7c  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
20:49:50.0345 0x0d7c  WPDBusEnum - ok
20:49:50.0360 0x0d7c  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
20:49:50.0364 0x0d7c  ws2ifsl - ok
20:49:50.0375 0x0d7c  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
20:49:50.0385 0x0d7c  wscsvc - ok
20:49:50.0388 0x0d7c  WSearch - ok
20:49:50.0447 0x0d7c  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
20:49:50.0482 0x0d7c  wuauserv - ok
20:49:50.0506 0x0d7c  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
20:49:50.0511 0x0d7c  WudfPf - ok
20:49:50.0528 0x0d7c  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
20:49:50.0537 0x0d7c  WUDFRd - ok
20:49:50.0547 0x0d7c  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
20:49:50.0554 0x0d7c  wudfsvc - ok
20:49:50.0580 0x0d7c  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\Windows\System32\wwansvc.dll
20:49:50.0596 0x0d7c  WwanSvc - ok
20:49:50.0602 0x0d7c  ================ Scan global ===============================
20:49:50.0618 0x0d7c  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
20:49:50.0645 0x0d7c  [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
20:49:50.0670 0x0d7c  [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
20:49:50.0687 0x0d7c  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
20:49:50.0716 0x0d7c  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
20:49:50.0720 0x0d7c  [Global] - ok
20:49:50.0721 0x0d7c  ================ Scan MBR ==================================
20:49:50.0732 0x0d7c  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
20:49:50.0993 0x0d7c  \Device\Harddisk0\DR0 - ok
20:49:50.0996 0x0d7c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
20:49:51.0063 0x0d7c  \Device\Harddisk1\DR1 - ok
20:49:51.0063 0x0d7c  ================ Scan VBR ==================================
20:49:51.0066 0x0d7c  [ E0896B8ABAF5F4AAC162E10AE0328DEA ] \Device\Harddisk0\DR0\Partition1
20:49:51.0067 0x0d7c  \Device\Harddisk0\DR0\Partition1 - ok
20:49:51.0099 0x0d7c  [ 72890414E76A6A9739E94EA88F12C766 ] \Device\Harddisk0\DR0\Partition2
20:49:51.0100 0x0d7c  \Device\Harddisk0\DR0\Partition2 - ok
20:49:51.0103 0x0d7c  [ 92235018F9FFD609B24677C55AEC9C1C ] \Device\Harddisk1\DR1\Partition1
20:49:51.0105 0x0d7c  \Device\Harddisk1\DR1\Partition1 - ok
20:49:51.0106 0x0d7c  ============================================================
20:49:51.0106 0x0d7c  Scan finished
20:49:51.0106 0x0d7c  ============================================================
20:49:51.0116 0x0898  Detected object count: 0
20:49:51.0116 0x0898  Actual detected object count: 0
20:50:35.0779 0x0d10  Deinitialize success
 

 

 

 

 

C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5\ApnIC[1].0    a variant of Win32/Bundled.Toolbar.Ask application    
C:\Program Files (x86)\Avira\AntiVir Desktop\apnic.dll    a variant of Win32/Bundled.Toolbar.Ask application    cleaned by deleting (after the next restart) - quarantined
C:\Program Files (x86)\Avira\AntiVir Desktop\apntoolbarinstaller.exe    a variant of Win32/Bundled.Toolbar.Ask application    cleaned by deleting (after the next restart) - quarantined
C:\Program Files (x86)\Dell DataSafe Local Backup\hstart.exe    a variant of Win32/HiddenStart.A application    cleaned by deleting - quarantined
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5\ApnIC[1].0    a variant of Win32/Bundled.Toolbar.Ask application    cleaned by deleting - quarantined
 

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.1 (09.15.2013:1)
OS: Windows 7 Home Premium x64
Ran by Cheung on Tue 09/17/2013 at 22:50:41.91
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasmancs



~~~ Files



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\Cheung\appdata\local\{175F9538-A2F1-4598-A7FB-C6E14DE9E133}
Successfully deleted: [Empty Folder] C:\Users\Cheung\appdata\local\{18CF2C47-6A6A-4CA9-9B7A-EDD5752111A8}
Successfully deleted: [Empty Folder] C:\Users\Cheung\appdata\local\{1EB287E9-744E-4FF6-88CB-9DDA0F04C1FE}
Successfully deleted: [Empty Folder] C:\Users\Cheung\appdata\local\{29E9B3C0-D23E-4FB1-B933-7D58DF5F0714}
Successfully deleted: [Empty Folder] C:\Users\Cheung\appdata\local\{494B0F68-C59A-453D-9C46-F452FBA0817F}
Successfully deleted: [Empty Folder] C:\Users\Cheung\appdata\local\{4B2C2D97-BF8C-482B-94C9-0754C94F0B00}
Successfully deleted: [Empty Folder] C:\Users\Cheung\appdata\local\{4D5D8323-CA80-4337-91C4-6B3A7AD8C8D0}
Successfully deleted: [Empty Folder] C:\Users\Cheung\appdata\local\{5668BB3F-2C24-41C3-A86C-DD8358BD19E7}
Successfully deleted: [Empty Folder] C:\Users\Cheung\appdata\local\{72503924-04E7-4623-B59B-CD23ABB9792D}
Successfully deleted: [Empty Folder] C:\Users\Cheung\appdata\local\{73E37F36-8733-4968-94F3-3716F897C151}
Successfully deleted: [Empty Folder] C:\Users\Cheung\appdata\local\{9899DEA9-39BD-4679-BAB5-70F8E668D6B0}
Successfully deleted: [Empty Folder] C:\Users\Cheung\appdata\local\{9B6AF088-770E-4684-B329-A6CB62F67236}
Successfully deleted: [Empty Folder] C:\Users\Cheung\appdata\local\{A3DBF4E5-6AAF-4AB2-8A84-6F5F4B0374AF}
Successfully deleted: [Empty Folder] C:\Users\Cheung\appdata\local\{BC988EE9-C9F0-4556-80AE-A0545F9DF662}
Successfully deleted: [Empty Folder] C:\Users\Cheung\appdata\local\{CFB47257-4601-44C0-9214-02EB6C8E3B97}
Successfully deleted: [Empty Folder] C:\Users\Cheung\appdata\local\{D8D5AB8D-A72D-41ED-BBAB-EE4579031E7D}
Successfully deleted: [Empty Folder] C:\Users\Cheung\appdata\local\{DA6AC314-EC11-44BE-A1CD-C65DD4AA2029}
Successfully deleted: [Empty Folder] C:\Users\Cheung\appdata\local\{FC8221B7-B1E5-4375-9F21-CC0A64DF564D}
Successfully deleted: [Empty Folder] C:\Users\Cheung\appdata\local\{FDD13DBC-9DAB-41AF-B7E6-29B00E49D6F1}



~~~ FireFox

Emptied folder: C:\Users\Cheung\AppData\Roaming\mozilla\firefox\profiles\wpg9azgm.default\minidumps [84 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 09/17/2013 at 22:54:22.23
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 

 

 

 

 



#14 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:09:18 AM

Posted 17 September 2013 - 10:22 PM

Hi -

That ESET Scan sure knocks a lot of infections, and JRT removed all backed up Minor Problem Files

 

The computer must be running a lot better now, and is Internet any better ?

 

Thanks -



#15 ladie_nite

ladie_nite
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Local time:07:18 PM

Posted 18 September 2013 - 07:18 PM

Hi! Thanks for taking a look at my logs. The internet is still really slow and think I have to switch internet providers. :(

 

Thanks so much for all your help!






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users