Page 1 of 3 123 Last
  1. #1

    Dell inspiron 570 keeps restarting

    I have a problem with a dell it is running windows 7. It worked fine until someone got on it and possible downloaded a app or installed some hardware that was not compatible. but I did the windows fix scan and it stated it could not fix the issue. It suggested I unplug any recent hardware or uninstall any recent apps. The problem is the machine keeps restarting like every 2 min. it logs off then reboots. Another thing the machine never had a user name password set up at the log-on screen. Now it has one and I don't know what it is. It may be a virus but not sure. These problems continue even in safe mode.

    Does anyone have a fix for this?


    • Ad Bot

      advertising
      Beep.

        
       

  2. #2
    Will Watts's Avatar
    Join Date
    Mar 2012
    Location
    %tmp%
    Posts
    5,026
    • specs System Specs
      • Manufacturer:
        Alienware M15x
      • Model Number:
        M15x
      • CPU:
        i5 520 M @ 2.40GHz
      • Memory:
        8GB
      • Graphics:
        ATI Radeon HD 5800
      • Hard Drives:
        720GB 7200 rpm
      • Operating System:
        Windows 8 + Ubuntu

    Re: Dell inspiron 570 keeps restarting

    Hi jackel,

    Is this machine your own? If not, are you providing a paid service to repair this machine?

    You'll need to be more specific about this issue. You say the machine keeps restarting, how far into the boot process are you able to get? Are you experiencing any Blue Screen crash when the computer restarts?

    We're also unable to provide password recovery advice, ultimately we have no way of knowing whether a user is making a legitimate request for help. Any instructions posted could also be used by others for illegitimate purposes. Does someone else know the password for this machine? Are you able to log on normally using Safe Mode? If you believe the password has been added by malware, please provide some more info. Is the machine displaying a standard Windows 7 log on screen? If it looks noticeably different, or looks like it's a fake log on screen, please take a picture of the screen and upload it in your next reply.
    Last edited by Will Watts; 04-15-2013 at 12:07 PM.
    DonnaB says thanks for this.
    Has Sysnative Forums helped you? Please consider donating to help support the forum.


  3. #3

    Re: Dell inspiron 570 keeps restarting

    Hello Will Watts
    This is a family members pc. My Niece got on the pc and after that it does not function right. The password recovery is a problem I tried to fix it myself and did not do any good. I have a disk I made for password recovery I got from a website. It works on pc's without OS problems but the Dell has a problem and the disk made it clear there was a problem. I read it may be a issue with components that may cause it to over heat then shut off not sure though. The computer used to log in automatically...now there is a password issue. In safe mood it logs in automatically like it once did in normal mode. The log-in screen looks like windows with exception there is no image that you would normally see such as the chess piece or some other image windows has. It is just the square frame the image would normally sit in. It could be a virus but getting it off is a problem because it keeps restarting. It shuts down like windows normally shuts down then restarts. I just want it to stay on long enough were I can run a virus scan or try some other fix.

    Thanks


    Quote Originally Posted by Will Watts View Post
    Hi jackel,

    Is this machine your own? If not, are you providing a paid service to repair this machine?

    You'll need to be more specific about this issue. You say the machine keeps restarting, how far into the boot process are you able to get? Are you experiencing any Blue Screen crash when the computer restarts?

    We're also unable to provide password recovery advice, ultimately we have no way of knowing whether a user is making a legitimate request for help. Any instructions posted could also be used by others for illegitimate purposes. Does someone else know the password for this machine? Are you able to log on normally using Safe Mode? If you believe the password has been added by malware, please provide some more info. Is the machine displaying a standard Windows 7 log on screen? If it looks noticeably different, or looks like it's a fake log on screen, please take a picture of the screen and upload it in your next reply.

  4. #4
    Will Watts's Avatar
    Join Date
    Mar 2012
    Location
    %tmp%
    Posts
    5,026
    • specs System Specs
      • Manufacturer:
        Alienware M15x
      • Model Number:
        M15x
      • CPU:
        i5 520 M @ 2.40GHz
      • Memory:
        8GB
      • Graphics:
        ATI Radeon HD 5800
      • Hard Drives:
        720GB 7200 rpm
      • Operating System:
        Windows 8 + Ubuntu

    Re: Dell inspiron 570 keeps restarting

    Hi jackel,

    In that case, please enter the Advanced Boot Options. You can do this by pressing F8 as the system starts up, you should then see a screen with multiple options.

    Select Disable automatic restart on system failure and restart your computer. Instead of restarting, your computer will now display a BSOD error message. Please write down the error message that appears. You should see an error message on the second line of the screen (For example PAGE_FAULT_IN_NONPAGED_AREA) as well as technical information below the error message.

    ------------------

    You mentioned earlier that you believe the problem has been caused by malware. Has anything changed that makes you believe the problem has now been caused by malware?

    ------------------

    I would like to get some more information about the system, for this we can use a tool called FRST. You'll need a flash drive to transfer files to the computer.

    Please download Farbar Recovery Scan Tool and save it to a flash drive.

    Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

    Plug the flash drive into the infected PC.

    Enter System Recovery Options.

    To enter System Recovery Options from the Advanced Boot Options:
    • Restart the computer.
    • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
    • Use the arrow keys to select the Repair your computer menu item.
    • Choose your language settings, and then click Next.
    • Select the operating system you want to repair, and then click Next.
    • Select your user account an click Next.


    On the System Recovery Options menu you will get the following options:
      • Startup Repair
        System Restore
        Windows Complete PC Restore
        Windows Memory Diagnostic Tool
        Command Prompt
    • Select Command Prompt
    • In the command window type in notepad and press Enter.
    • The notepad opens. Under File menu select Open.
    • Select "Computer" and find your flash drive letter and close the notepad.
    • In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
      Note: Replace letter e with the drive letter of your flash drive.
    • The tool will start to run.
    • When the tool opens click Yes to disclaimer.
    • Press Scan button.
    • It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.
    Has Sysnative Forums helped you? Please consider donating to help support the forum.


  5. #5
    Ztruker's Avatar
    Join Date
    Oct 2012
    Location
    Space coast of Florida
    Posts
    38

    Re: Dell inspiron 570 keeps restarting

    Just a FYI: Poster has opened a malware thread here: My pc is infected keeps restarting - Geeks to Go Forums

    No response yet so if you want to handle it here I'll ask them to close the one on G2G.
    Last edited by Ztruker; 04-15-2013 at 09:12 PM.
    Rich
    The best place to find a helping hand is at the end of your arm.

  6. #6

    Re: Dell inspiron 570 keeps restarting

    It just keeps restarting even though I have disabled the restart option.

  7. #7
    Will Watts's Avatar
    Join Date
    Mar 2012
    Location
    %tmp%
    Posts
    5,026
    • specs System Specs
      • Manufacturer:
        Alienware M15x
      • Model Number:
        M15x
      • CPU:
        i5 520 M @ 2.40GHz
      • Memory:
        8GB
      • Graphics:
        ATI Radeon HD 5800
      • Hard Drives:
        720GB 7200 rpm
      • Operating System:
        Windows 8 + Ubuntu

    Re: Dell inspiron 570 keeps restarting

    Hi jackel,

    As Ztruker posted at G2G, posting at multiple forums is a waste of time for helpers, as well as yourself, and can complicate the situation. Most of us post across multiple sites, and all have predominantly the same waiting time. We appreciate that you just want to get your PC fixed quickly, but for future reference please stick to one help forum. This will ultimately save both us and you time.

    There are several questions below, please answer all of them. We can't provide much help without more information. We're ultimately very limited in what we can do unless we can get more information from the system, especially in the state its in.

    If you wish to continue, please follow the rest of my instructions outlined in Post 4.

    -----------------

    Quote Originally Posted by Will Watts View Post
    You mentioned earlier that you believe the problem has been caused by malware. Has anything changed that makes you believe the problem has now been caused by malware?
    We still need this info.

    Is any error message appearing when the computer restarts? Are you experiencing a BlueScreen crash?
    Has Sysnative Forums helped you? Please consider donating to help support the forum.


  8. #8

    Re: Dell inspiron 570 keeps restarting

    I know I posted at G2G, I did that after the delayed response from sysnative. you stated my post looked suspicious, insinuating I was up to some illegal activity.

    I think it is malware because I took option last known good configuration and at the start up screen I selected the admin log-in and it stated it had been disabled. I may be wrong it may be some hardware issue or app.

  9. #9
    Will Watts's Avatar
    Join Date
    Mar 2012
    Location
    %tmp%
    Posts
    5,026
    • specs System Specs
      • Manufacturer:
        Alienware M15x
      • Model Number:
        M15x
      • CPU:
        i5 520 M @ 2.40GHz
      • Memory:
        8GB
      • Graphics:
        ATI Radeon HD 5800
      • Hard Drives:
        720GB 7200 rpm
      • Operating System:
        Windows 8 + Ubuntu

    Re: Dell inspiron 570 keeps restarting

    Hi jackel,

    It could well be malware, or a hardware issue. It's very hard to tell at the moment until we can get a more detailed look at the system. I've posted a set of instructions above for running a tool called FRST. Are you able to run this? I've repeated the instructions below.

    ------------------

    Please download Farbar Recovery Scan Tool and save it to a flash drive.

    Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

    Plug the flash drive into the infected PC.

    Enter System Recovery Options.

    To enter System Recovery Options from the Advanced Boot Options:
    • Restart the computer.
    • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
    • Use the arrow keys to select the Repair your computer menu item.
    • Choose your language settings, and then click Next.
    • Select the operating system you want to repair, and then click Next.
    • Select your user account an click Next.


    On the System Recovery Options menu you will get the following options:
      • Startup Repair
        System Restore
        Windows Complete PC Restore
        Windows Memory Diagnostic Tool
        Command Prompt

    • Select Command Prompt
    • In the command window type in notepad and press Enter.
    • The notepad opens. Under File menu select Open.
    • Select "Computer" and find your flash drive letter and close the notepad.
    • In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
      Note: Replace letter e with the drive letter of your flash drive.
    • The tool will start to run.
    • When the tool opens click Yes to disclaimer.
    • Press Scan button.
    • It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.
    Has Sysnative Forums helped you? Please consider donating to help support the forum.


  10. #10

    Re: Dell inspiron 570 keeps restarting

    sorry, I let the repair option run and it hasn't stopped yet. I think it may be stuck

  11. #11
    Will Watts's Avatar
    Join Date
    Mar 2012
    Location
    %tmp%
    Posts
    5,026
    • specs System Specs
      • Manufacturer:
        Alienware M15x
      • Model Number:
        M15x
      • CPU:
        i5 520 M @ 2.40GHz
      • Memory:
        8GB
      • Graphics:
        ATI Radeon HD 5800
      • Hard Drives:
        720GB 7200 rpm
      • Operating System:
        Windows 8 + Ubuntu

    Re: Dell inspiron 570 keeps restarting

    That's no problem. Let it run for a bit more and see what happens, it can take quite a while on some machines so may just appear stuck.
    Has Sysnative Forums helped you? Please consider donating to help support the forum.


  12. #12

    Re: Dell inspiron 570 keeps restarting

    It hasn't stopped...I don't think it should have gone this long

  13. #13

    Re: Dell inspiron 570 keeps restarting

    it stopped finally. Now it does not ask for the log-in. It goes straight to home screen like normally but this time it gave an error BSOD that it was 0X000000A I may be wrong about the number of "0's" but it had an A at the end. It restarted again.

  14. #14
    Will Watts's Avatar
    Join Date
    Mar 2012
    Location
    %tmp%
    Posts
    5,026
    • specs System Specs
      • Manufacturer:
        Alienware M15x
      • Model Number:
        M15x
      • CPU:
        i5 520 M @ 2.40GHz
      • Memory:
        8GB
      • Graphics:
        ATI Radeon HD 5800
      • Hard Drives:
        720GB 7200 rpm
      • Operating System:
        Windows 8 + Ubuntu

    Re: Dell inspiron 570 keeps restarting

    In that case please run FRST as previously instructed.
    Has Sysnative Forums helped you? Please consider donating to help support the forum.


  15. #15

    Re: Dell inspiron 570 keeps restarting

    Here is the Frst file
    note I tried it in safe mode but the log said it would not work in safe mode, so I disconnected the Ethernet cable and somehow got it to stay on long enough to run in normal mode. I also put malwarebytes on flash drive and ran it in safe mode it found 2 Trojans. They have been deleted

    Code:
    Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-04-2013
    Ran by Home Office at 16-04-2013 14:22:45
    Running from E:\
      Service Pack 1 (X64) OS Language: English(US) 
    Attention: Could not load system hive.
    The operation completed successfully.
    ATTENTION:=====> THE TOOL IS NOT RUN FROM RECOVERY ENVIRONMENT AND WILL NOT FUNCTION PROPERLY.
    
    ==================== One Month Created Files and Folders ========
    2013-04-16 14:21 - 2013-04-16 14:21 - 00000000 ____D C:\Users\Home Office\AppData\Roaming\Roxio
    2013-04-16 14:16 - 2013-04-16 14:17 - 00274448 ____A C:\Windows\Minidump\041613-97578-01.dmp
    2013-04-16 13:13 - 2009-07-13 20:14 - 00020480 ____A (Microsoft Corporation) C:\Windows\svchost.exe
    2013-04-16 12:37 - 2013-04-16 12:37 - 00001115 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2013-04-16 12:37 - 2013-04-16 12:37 - 00000000 ____D C:\Users\Home Office\AppData\Roaming\Malwarebytes
    2013-04-16 12:37 - 2013-04-16 12:37 - 00000000 ____D C:\ProgramData\Malwarebytes
    2013-04-16 12:37 - 2013-04-16 12:37 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2013-04-16 12:30 - 2013-04-16 12:31 - 00274392 ____A C:\Windows\Minidump\041613-83320-01.dmp
    2013-04-16 12:07 - 2013-04-16 12:07 - 00075240 ____A C:\Users\Home Office\AppData\Local\GDIPFONTCACHEV1.DAT
    2013-04-16 12:07 - 2013-04-16 12:07 - 00000017 ____A C:\Users\Home Office\AppData\Local\resmon.resmoncfg
    2013-04-16 12:03 - 2013-04-16 12:04 - 00274448 ____A C:\Windows\Minidump\041613-87126-01.dmp
    2013-04-16 11:58 - 2013-04-16 11:58 - 00274448 ____A C:\Windows\Minidump\041613-99809-01.dmp
    2013-04-16 11:52 - 2013-04-16 11:52 - 00274448 ____A C:\Windows\Minidump\041613-96611-01.dmp
    2013-04-16 11:46 - 2013-04-16 11:46 - 00274392 ____A C:\Windows\Minidump\041613-94380-01.dmp
    2013-04-16 11:40 - 2013-04-16 14:23 - 00000000 ____D C:\FRST
    2013-04-16 11:37 - 2013-04-16 11:38 - 00274448 ____A C:\Windows\Minidump\041613-88904-01.dmp
    2013-04-16 11:31 - 2013-04-16 11:32 - 00274448 ____A C:\Windows\Minidump\041613-91338-01.dmp
    2013-04-16 11:26 - 2013-04-16 11:27 - 00274448 ____A C:\Windows\Minidump\041613-90090-01.dmp
    2013-04-15 22:16 - 2013-04-15 22:16 - 00000000 ____D C:\Users\Home Office\AppData\Local\SoftThinks
    2013-04-15 22:14 - 2013-04-15 22:14 - 00274448 ____A C:\Windows\Minidump\041513-99544-01.dmp
    2013-04-15 22:09 - 2013-04-15 22:09 - 00274448 ____A C:\Windows\Minidump\041513-97110-01.dmp
    2013-04-15 22:07 - 2013-04-15 22:07 - 00000000 ____D C:\Users\Home Office\AppData\Roaming\ATI
    2013-04-15 22:07 - 2013-04-15 22:07 - 00000000 ____D C:\Users\Home Office\AppData\Local\ATI
    2013-04-15 22:06 - 2013-04-15 22:06 - 00000000 ____D C:\Users\Home Office\AppData\Roaming\Dell Touch Zone
    2013-04-15 22:06 - 2013-04-15 22:06 - 00000000 ____D C:\Users\Home Office\AppData\Roaming\Dell
    2013-04-15 22:06 - 2013-04-15 22:06 - 00000000 ____D C:\Users\Home Office\AppData\Local\blekkotb
    2013-04-15 21:54 - 2013-04-15 21:54 - 00010240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
    2013-04-15 21:54 - 2013-04-15 21:54 - 00010240 ____A (Microsoft Corporation) C:\Windows\System32\dciman32.dll
    2013-04-14 22:13 - 2013-04-14 22:13 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Macromedia
    2013-04-11 19:41 - 2013-04-15 21:26 - 00000000 ____D C:\Emergency
    2013-03-22 03:21 - 2013-03-22 03:22 - 00274504 ____A C:\Windows\Minidump\032213-27970-01.dmp
    2013-03-22 03:17 - 2013-03-22 03:18 - 00274504 ____A C:\Windows\Minidump\032213-44007-01.dmp
    2013-03-22 03:10 - 2013-03-22 03:11 - 00274504 ____A C:\Windows\Minidump\032213-47673-01.dmp
    2013-03-22 03:07 - 2013-03-22 03:07 - 00274504 ____A C:\Windows\Minidump\032213-45021-01.dmp
    ==================== One Month Modified Files and Folders ========
    2013-04-16 14:23 - 2013-04-16 11:40 - 00000000 ____D C:\FRST
    2013-04-16 14:23 - 2011-08-30 22:52 - 00000000 ____D C:\Users\Default\AppData\Local\SoftThinks
    2013-04-16 14:23 - 2011-08-30 22:52 - 00000000 ____D C:\Users\Default User\AppData\Local\SoftThinks
    2013-04-16 14:23 - 2011-08-30 22:48 - 00000000 ____D C:\ProgramData\McAfee
    2013-04-16 14:21 - 2013-04-16 14:21 - 00000000 ____D C:\Users\Home Office\AppData\Roaming\Roxio
    2013-04-16 14:21 - 2011-08-30 22:43 - 00000000 ____D C:\ProgramData\Sonic
    2013-04-16 14:18 - 2011-08-30 22:24 - 00000000 ____D C:\Program Files (x86)\Dell DataSafe Local Backup
    2013-04-16 14:17 - 2013-04-16 14:16 - 00274448 ____A C:\Windows\Minidump\041613-97578-01.dmp
    2013-04-16 14:17 - 2009-07-14 00:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
    2013-04-16 14:17 - 2009-07-13 23:51 - 00051799 ____A C:\Windows\setupact.log
    2013-04-16 14:16 - 2012-04-10 22:01 - 334498099 ____A C:\Windows\MEMORY.DMP
    2013-04-16 14:16 - 2012-04-10 22:01 - 00000000 ____D C:\Windows\Minidump
    2013-04-16 12:37 - 2013-04-16 12:37 - 00001115 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2013-04-16 12:37 - 2013-04-16 12:37 - 00000000 ____D C:\Users\Home Office\AppData\Roaming\Malwarebytes
    2013-04-16 12:37 - 2013-04-16 12:37 - 00000000 ____D C:\ProgramData\Malwarebytes
    2013-04-16 12:37 - 2013-04-16 12:37 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2013-04-16 12:37 - 2009-07-13 22:20 - 00000000 ___RD C:\Program Files (x86)
    2013-04-16 12:31 - 2013-04-16 12:30 - 00274392 ____A C:\Windows\Minidump\041613-83320-01.dmp
    2013-04-16 12:07 - 2013-04-16 12:07 - 00075240 ____A C:\Users\Home Office\AppData\Local\GDIPFONTCACHEV1.DAT
    2013-04-16 12:07 - 2013-04-16 12:07 - 00000017 ____A C:\Users\Home Office\AppData\Local\resmon.resmoncfg
    2013-04-16 12:06 - 2011-08-30 22:05 - 01463515 ____A C:\Windows\WindowsUpdate.log
    2013-04-16 12:04 - 2013-04-16 12:03 - 00274448 ____A C:\Windows\Minidump\041613-87126-01.dmp
    2013-04-16 11:58 - 2013-04-16 11:58 - 00274448 ____A C:\Windows\Minidump\041613-99809-01.dmp
    2013-04-16 11:52 - 2013-04-16 11:52 - 00274448 ____A C:\Windows\Minidump\041613-96611-01.dmp
    2013-04-16 11:46 - 2013-04-16 11:46 - 00274392 ____A C:\Windows\Minidump\041613-94380-01.dmp
    2013-04-16 11:38 - 2013-04-16 11:37 - 00274448 ____A C:\Windows\Minidump\041613-88904-01.dmp
    2013-04-16 11:32 - 2013-04-16 11:31 - 00274448 ____A C:\Windows\Minidump\041613-91338-01.dmp
    2013-04-16 11:27 - 2013-04-16 11:26 - 00274448 ____A C:\Windows\Minidump\041613-90090-01.dmp
    2013-04-15 22:16 - 2013-04-15 22:16 - 00000000 ____D C:\Users\Home Office\AppData\Local\SoftThinks
    2013-04-15 22:15 - 2011-09-06 19:43 - 00000000 ____D C:\users\Home Office
    2013-04-15 22:14 - 2013-04-15 22:14 - 00274448 ____A C:\Windows\Minidump\041513-99544-01.dmp
    2013-04-15 22:09 - 2013-04-15 22:09 - 00274448 ____A C:\Windows\Minidump\041513-97110-01.dmp
    2013-04-15 22:07 - 2013-04-15 22:07 - 00000000 ____D C:\Users\Home Office\AppData\Roaming\ATI
    2013-04-15 22:07 - 2013-04-15 22:07 - 00000000 ____D C:\Users\Home Office\AppData\Local\ATI
    2013-04-15 22:06 - 2013-04-15 22:06 - 00000000 ____D C:\Users\Home Office\AppData\Roaming\Dell Touch Zone
    2013-04-15 22:06 - 2013-04-15 22:06 - 00000000 ____D C:\Users\Home Office\AppData\Roaming\Dell
    2013-04-15 22:06 - 2013-04-15 22:06 - 00000000 ____D C:\Users\Home Office\AppData\Local\blekkotb
    2013-04-15 22:06 - 2012-05-15 19:39 - 00000000 ____D C:\ProgramData\Anti-phishing Domain Advisor
    2013-04-15 21:57 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64
    2013-04-15 21:54 - 2013-04-15 21:54 - 00010240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
    2013-04-15 21:54 - 2013-04-15 21:54 - 00010240 ____A (Microsoft Corporation) C:\Windows\System32\dciman32.dll
    2013-04-15 21:49 - 2009-07-13 22:20 - 00000000 __RSD C:\Windows\Media
    2013-04-15 21:43 - 2009-07-14 00:32 - 00000000 ____D C:\Windows\twain_32
    2013-04-15 21:43 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\TAPI
    2013-04-15 21:43 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\Recovery
    2013-04-15 21:43 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\ras
    2013-04-15 21:43 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\InstallShield
    2013-04-15 21:43 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\icsxml
    2013-04-15 21:43 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\com
    2013-04-15 21:43 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\AdvancedInstallers
    2013-04-15 21:43 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\System32\Recovery
    2013-04-15 21:43 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\System32\ras
    2013-04-15 21:43 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\System32\InstallShield
    2013-04-15 21:43 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\System32\icsxml
    2013-04-15 21:43 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\System32\com
    2013-04-15 21:43 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\System32\AdvancedInstallers
    2013-04-15 21:42 - 2010-11-21 02:17 - 00000000 ____D C:\Program Files\Windows Journal
    2013-04-15 21:42 - 2010-11-21 02:16 - 00000000 ___RD C:\Users\Public\Recorded TV
    2013-04-15 21:42 - 2010-11-21 02:16 - 00000000 ____D C:\Windows\ShellNew
    2013-04-15 21:42 - 2009-07-14 00:32 - 00000000 ____D C:\Windows\Offline Web Pages
    2013-04-15 21:42 - 2009-07-14 00:32 - 00000000 ____D C:\Windows\addins
    2013-04-15 21:42 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files\Windows Sidebar
    2013-04-15 21:42 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files\Windows Portable Devices
    2013-04-15 21:42 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files\Windows Photo Viewer
    2013-04-15 21:42 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files\Windows Defender
    2013-04-15 21:42 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files\DVD Maker
    2013-04-15 21:42 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files (x86)\Windows Sidebar
    2013-04-15 21:42 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
    2013-04-15 21:42 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
    2013-04-15 21:42 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
    2013-04-15 21:42 - 2009-07-13 22:20 - 00000000 __RHD C:\Users\Public\Libraries
    2013-04-15 21:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\zh-TW
    2013-04-15 21:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK
    2013-04-15 21:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\zh-CN
    2013-04-15 21:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\uk-UA
    2013-04-15 21:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR
    2013-04-15 21:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\th-TH
    2013-04-15 21:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\sv-SE
    2013-04-15 21:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\sr-Latn-CS
    2013-04-15 21:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\sl-SI
    2013-04-15 21:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\sk-SK
    2013-04-15 21:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\ru-RU
    2013-04-15 21:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\ro-RO
    2013-04-15 21:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\pt-PT
    2013-04-15 21:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\pt-BR
    2013-04-15 21:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\pl-PL
    2013-04-15 21:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\nl-NL
    2013-04-15 21:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\nb-NO
    2013-04-15 21:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\lv-LV
    2013-04-15 21:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\lt-LT
    2013-04-15 21:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\ko-KR
    2013-04-15 21:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\ja-JP
    2013-04-15 21:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\it-IT
    2013-04-15 21:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\hu-HU
    2013-04-15 21:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\hr-HR
    2013-04-15 21:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\he-IL
    2013-04-15 21:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\fr-FR
    2013-04-15 21:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\fi-FI
    2013-04-15 21:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\et-EE
    2013-04-15 21:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\el-GR
    2013-04-15 21:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\de-DE
    2013-04-15 21:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\bg-BG
    2013-04-15 21:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\ar-SA
    2013-04-15 21:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\System32\zh-TW
    2013-04-15 21:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\System32\zh-HK
    2013-04-15 21:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\System32\zh-CN
    2013-04-15 21:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\System32\uk-UA
    2013-04-15 21:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\System32\tr-TR
    2013-04-15 21:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\System32\th-TH
    2013-04-15 21:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\System32\sv-SE
    2013-04-15 21:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\System32\sr-Latn-CS
    2013-04-15 21:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\System32\sl-SI
    2013-04-15 21:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\System32\sk-SK
    2013-04-15 21:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\System32\ru-RU
    2013-04-15 21:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\System32\ro-RO
    2013-04-15 21:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\System32\pt-PT
    2013-04-15 21:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\System32\pt-BR
    2013-04-15 21:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\System32\pl-PL
    2013-04-15 21:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\System32\nl-NL
    2013-04-15 21:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\System32\nb-NO
    2013-04-15 21:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\System32\lv-LV
    2013-04-15 21:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\System32\lt-LT
    2013-04-15 21:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\System32\ko-KR
    2013-04-15 21:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\System32\ja-JP
    2013-04-15 21:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\System32\it-IT
    2013-04-15 21:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\System32\hu-HU
    2013-04-15 21:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\System32\hr-HR
    2013-04-15 21:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\System32\he-IL
    2013-04-15 21:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\System32\fr-FR
    2013-04-15 21:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\System32\fi-FI
    2013-04-15 21:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\System32\et-EE
    2013-04-15 21:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\System32\el-GR
    2013-04-15 21:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\System32\de-DE
    2013-04-15 21:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\System32\bg-BG
    2013-04-15 21:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\System32\ar-SA
    2013-04-15 21:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
    2013-04-15 21:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\L2Schemas
    2013-04-15 21:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\IME
    2013-04-15 21:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\Cursors
    2013-04-15 21:42 - 2009-07-13 22:20 - 00000000 ____D C:\users\Public
    2013-04-15 21:42 - 2009-07-13 22:20 - 00000000 ____D C:\Program Files\Common Files\System
    2013-04-15 21:42 - 2009-07-13 22:20 - 00000000 ____D C:\Program Files\Common Files\Services
    2013-04-15 21:37 - 2011-09-06 20:01 - 00000000 ____D C:\Windows\SysWOW64\spool
    2013-04-15 21:37 - 2011-09-06 20:01 - 00000000 ____D C:\Windows\System32\spool
    2013-04-15 21:37 - 2011-08-31 00:02 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
    2013-04-15 21:37 - 2011-08-31 00:02 - 00000000 ____D C:\Windows\System32\RTCOM
    2013-04-15 21:37 - 2011-08-30 22:07 - 00000000 ____D C:\Windows\SysWOW64\Macromed
    2013-04-15 21:37 - 2011-08-30 22:07 - 00000000 ____D C:\Windows\System32\Macromed
    2013-04-15 21:37 - 2010-11-21 02:06 - 00000000 ____D C:\Windows\SysWOW64\slmgr
    2013-04-15 21:37 - 2010-11-21 02:06 - 00000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
    2013-04-15 21:37 - 2010-11-21 02:06 - 00000000 ____D C:\Windows\System32\slmgr
    2013-04-15 21:37 - 2010-11-21 02:06 - 00000000 ____D C:\Windows\System32\Printing_Admin_Scripts
    2013-04-15 21:37 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\spp
    2013-04-15 21:37 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\Speech
    2013-04-15 21:37 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\NetworkList
    2013-04-15 21:37 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\MUI
    2013-04-15 21:37 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\Msdtc
    2013-04-15 21:37 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\IME
    2013-04-15 21:37 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\DriverStore
    2013-04-15 21:37 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\System32\spp
    2013-04-15 21:37 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\System32\Speech
    2013-04-15 21:37 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\System32\NetworkList
    2013-04-15 21:37 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\System32\MUI
    2013-04-15 21:37 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\System32\Msdtc
    2013-04-15 21:37 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\System32\IME
    2013-04-15 21:37 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\System32\DriverStore
    2013-04-15 21:30 - 2011-12-26 23:10 - 00000000 ____D C:\Windows\Hewlett-Packard
    2013-04-15 21:30 - 2011-09-06 19:59 - 00000000 ____D C:\Windows\hpoj4500g510n-z
    2013-04-15 21:30 - 2009-07-14 00:32 - 00000000 ____D C:\Windows\Performance
    2013-04-15 21:30 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\Speech
    2013-04-15 21:30 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\security
    2013-04-15 21:30 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\schemas
    2013-04-15 21:30 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\Resources
    2013-04-15 21:30 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\PLA
    2013-04-15 21:30 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\Microsoft.NET
    2013-04-15 21:30 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\Help
    2013-04-15 21:30 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\Globalization
    2013-04-15 21:29 - 2012-03-18 21:28 - 00000000 ____D C:\Users\Home Office\AppData\Local\Sonic_Solutions
    2013-04-15 21:29 - 2011-12-01 10:10 - 00000000 ____D C:\Users\Home Office\AppData\Roaming\McAfee
    2013-04-15 21:29 - 2011-10-01 20:01 - 00000000 ____D C:\Users\Home Office\AppData\Roaming\Skype
    2013-04-15 21:29 - 2011-09-23 22:44 - 00000000 ____D C:\Users\Home Office\AppData\Roaming\SoftGrid Client
    2013-04-15 21:29 - 2011-09-16 16:01 - 00000000 ____D C:\Users\Home Office\AppData\Roaming\Juniper Networks
    2013-04-15 21:29 - 2011-09-06 20:27 - 00000000 ____D C:\Users\Home Office\Documents\Fax
    2013-04-15 21:29 - 2011-09-06 19:57 - 00000000 ____D C:\Users\Home Office\AppData\Roaming\Macrovision
    2013-04-15 21:29 - 2011-09-06 19:48 - 00000000 ____D C:\Users\Home Office\AppData\Roaming\Adobe
    2013-04-15 21:29 - 2011-09-06 19:46 - 00000000 ____D C:\Users\Home Office\AppData\Local\VirtualStore
    2013-04-15 21:29 - 2011-09-06 19:43 - 00000000 ___RD C:\Users\Home Office\Desktop\Play Games
    2013-04-15 21:29 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\Branding
    2013-04-15 21:29 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\AppCompat
    2013-04-15 21:27 - 2012-06-17 14:56 - 00000000 ____D C:\ProgramData\Virtualized Applications
    2013-04-15 21:27 - 2012-05-15 19:39 - 00000000 ____D C:\Program Files (x86)\querius_001
    2013-04-15 21:27 - 2012-05-13 03:02 - 00000000 ____D C:\Program Files\Microsoft Silverlight
    2013-04-15 21:27 - 2011-09-23 22:58 - 00000000 ____D C:\ProgramData\Microsoft Help
    2013-04-15 21:27 - 2011-09-23 22:44 - 00000000 ____D C:\Program Files\Microsoft Office
    2013-04-15 21:27 - 2011-09-11 15:00 - 00000000 ____D C:\ProgramData\PCDr
    2013-04-15 21:27 - 2011-09-06 20:03 - 00000000 ____D C:\ProgramData\Yahoo! Companion
    2013-04-15 21:27 - 2011-09-06 20:03 - 00000000 ____D C:\Program Files (x86)\Yahoo!
    2013-04-15 21:27 - 2011-09-06 20:02 - 00000000 ____D C:\ProgramData\HP Product Assistant
    2013-04-15 21:27 - 2011-09-06 19:57 - 00000000 ____D C:\ProgramData\HP
    2013-04-15 21:27 - 2011-09-06 19:47 - 00000000 ____D C:\Users\Home Office\AppData\Local\Dell
    2013-04-15 21:27 - 2011-09-06 19:43 - 00000000 ____D C:\Users\Home Office\AppData\Local\Dell Edoc Viewer
    2013-04-15 21:27 - 2011-08-31 00:02 - 00000000 ____D C:\Program Files\Realtek
    2013-04-15 21:27 - 2011-08-30 23:47 - 00000000 ___RD C:\Users\Default\Desktop\Play Games
    2013-04-15 21:27 - 2011-08-30 23:47 - 00000000 ___RD C:\Users\Default User\Desktop\Play Games
    2013-04-15 21:27 - 2011-08-30 23:47 - 00000000 ____D C:\Program Files\Dell Games Folder
    2013-04-15 21:27 - 2011-08-30 22:48 - 00000000 ____D C:\Program Files\mcafee
    2013-04-15 21:27 - 2011-08-30 22:48 - 00000000 ____D C:\Program Files\Common Files\mcafee
    2013-04-15 21:27 - 2011-08-30 22:44 - 00000000 ____D C:\Program Files\Roxio
    2013-04-15 21:27 - 2011-08-30 22:39 - 00000000 ____D C:\ProgramData\Adobe
    2013-04-15 21:27 - 2011-08-30 22:37 - 00000000 ____D C:\Program Files\Dell Support Center
    2013-04-15 21:27 - 2011-08-30 22:34 - 00000000 ____D C:\Program Files\Windows Live
    2013-04-15 21:27 - 2011-08-30 22:34 - 00000000 ____D C:\Program Files (x86)\Windows Live
    2013-04-15 21:27 - 2011-08-30 22:26 - 00000000 ___RD C:\Program Files (x86)\Skype
    2013-04-15 21:27 - 2011-08-30 22:26 - 00000000 ____D C:\ProgramData\Skype
    2013-04-15 21:27 - 2011-08-30 22:19 - 00000000 ____D C:\ProgramData\WildTangent
    2013-04-15 21:27 - 2011-08-30 22:07 - 00000000 ____D C:\Program Files\Dell Inc
    2013-04-15 21:27 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files\Reference Assemblies
    2013-04-15 21:27 - 2009-07-13 22:20 - 00000000 ____D C:\Program Files\Windows NT
    2013-04-15 21:27 - 2009-07-13 22:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
    2013-04-15 21:27 - 2009-07-13 22:20 - 00000000 ____D C:\Program Files (x86)\Windows NT
    2013-04-15 21:26 - 2013-04-11 19:41 - 00000000 ____D C:\Emergency
    2013-04-15 21:26 - 2012-10-21 18:59 - 00000000 ____D C:\Program Files (x86)\Ask.com
    2013-04-15 21:26 - 2011-09-23 22:49 - 00000000 __RHD C:\MSOCache
    2013-04-15 21:26 - 2011-09-23 22:44 - 00000000 ____D C:\Program Files (x86)\Microsoft Application Virtualization Client
    2013-04-15 21:26 - 2011-09-16 16:03 - 00000000 ____D C:\Program Files (x86)\Juniper Networks
    2013-04-15 21:26 - 2011-09-06 19:58 - 00000000 ____D C:\Program Files (x86)\HP
    2013-04-15 21:26 - 2011-09-06 19:49 - 00000000 ____D C:\Program Files (x86)\Dell Touch Software Suite
    2013-04-15 21:26 - 2011-09-06 19:49 - 00000000 ____D C:\FIND_EULA_PATH
    2013-04-15 21:26 - 2011-08-30 22:48 - 00000000 ____D C:\Program Files (x86)\McAfee.com
    2013-04-15 21:26 - 2011-08-30 22:48 - 00000000 ____D C:\Program Files (x86)\McAfee
    2013-04-15 21:26 - 2011-08-30 22:37 - 00000000 ____D C:\Program Files (x86)\Jagex
    2013-04-15 21:26 - 2011-08-30 22:31 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
    2013-04-15 21:26 - 2011-08-30 22:30 - 00000000 ____D C:\Program Files (x86)\Dell Digital Delivery
    2013-04-15 21:26 - 2011-08-30 22:29 - 00000000 ____D C:\Program Files (x86)\Cyberlink
    2013-04-15 21:26 - 2011-08-30 22:28 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
    2013-04-15 21:26 - 2011-08-30 22:27 - 00000000 ____D C:\Program Files (x86)\eBay
    2013-04-15 21:26 - 2011-08-30 22:18 - 00000000 ____D C:\Program Files (x86)\Citrix
    2013-04-15 21:26 - 2011-08-30 22:16 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
    2013-04-15 21:26 - 2011-02-10 09:02 - 00000000 ____D C:\Hotfix
    2013-04-15 21:26 - 2011-02-10 09:01 - 00000000 ____D C:\dell
    2013-04-15 21:25 - 2010-11-20 21:50 - 00000000 ____D C:\users\Administrator
    2013-04-15 21:20 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\registration
    2013-04-15 21:06 - 2010-11-21 02:06 - 00000000 ____D C:\Windows\SysWOW64\winrm
    2013-04-15 21:06 - 2010-11-21 02:06 - 00000000 ____D C:\Windows\SysWOW64\WCN
    2013-04-15 21:06 - 2010-11-21 02:06 - 00000000 ____D C:\Windows\System32\winrm
    2013-04-15 21:06 - 2010-11-21 02:06 - 00000000 ____D C:\Windows\System32\WCN
    2013-04-15 21:06 - 2009-07-14 00:32 - 00000000 ____D C:\Windows\SysWOW64\WindowsPowerShell
    2013-04-15 21:06 - 2009-07-14 00:32 - 00000000 ____D C:\Windows\System32\WindowsPowerShell
    2013-04-15 21:06 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\Web
    2013-04-15 21:06 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\Vss
    2013-04-15 20:36 - 2009-07-13 22:20 - 00000000 ____D C:\users\Default
    2013-04-15 20:35 - 2011-08-30 23:55 - 00000000 ____D C:\ProgramData\dell
    2013-04-15 20:35 - 2011-08-30 22:46 - 00000000 ____D C:\ProgramData\Uninstall
    2013-04-15 20:35 - 2011-08-30 22:41 - 00000000 ____D C:\ProgramData\Macrovision
    2013-04-15 20:35 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files\MSBuild
    2013-04-15 20:35 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files\Microsoft Games
    2013-04-15 20:34 - 2011-08-30 22:48 - 00000000 ____D C:\Program Files\mcafee.com
    2013-04-15 20:34 - 2011-08-30 22:16 - 00000000 ____D C:\Program Files\Java
    2013-04-15 20:34 - 2009-07-13 22:20 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
    2013-04-15 20:33 - 2011-08-30 22:41 - 00000000 ____D C:\Program Files (x86)\Roxio
    2013-04-15 20:33 - 2011-08-30 22:37 - 00000000 ____D C:\Program Files (x86)\TrustedID
    2013-04-15 20:33 - 2011-08-30 22:20 - 00000000 ____D C:\Program Files (x86)\WildTangent Games
    2013-04-15 20:33 - 2011-08-30 22:19 - 00000000 ____D C:\Program Files (x86)\WildTangent
    2013-04-15 20:33 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
    2013-04-15 20:33 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
    2013-04-15 20:32 - 2011-08-30 22:35 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
    2013-04-15 20:32 - 2011-08-30 22:29 - 00000000 ____D C:\Program Files (x86)\Dell Stage
    2013-04-15 20:32 - 2011-08-30 22:29 - 00000000 ____D C:\Program Files (x86)\Dell
    2013-04-15 20:32 - 2011-08-30 22:17 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
    2013-04-15 20:32 - 2011-08-30 22:16 - 00000000 ____D C:\Program Files (x86)\Java
    2013-04-15 20:31 - 2011-08-30 22:39 - 00000000 ____D C:\Program Files (x86)\Adobe
    2013-04-14 22:13 - 2013-04-14 22:13 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Macromedia
    2013-04-11 20:16 - 2011-02-10 09:02 - 00000000 ____D C:\Windows\panther
    2013-03-22 03:22 - 2013-03-22 03:21 - 00274504 ____A C:\Windows\Minidump\032213-27970-01.dmp
    2013-03-22 03:18 - 2013-03-22 03:17 - 00274504 ____A C:\Windows\Minidump\032213-44007-01.dmp
    2013-03-22 03:11 - 2013-03-22 03:10 - 00274504 ____A C:\Windows\Minidump\032213-47673-01.dmp
    2013-03-22 03:07 - 2013-03-22 03:07 - 00274504 ____A C:\Windows\Minidump\032213-45021-01.dmp
    ATTENTION: ========> Check for possible partition/boot infection:
    C:\Windows\svchost.exe
    ==================== Bamital & volsnap Check =================
    C:\Windows\explorer.exe
    [2011-08-30 23:57] - [2011-08-30 23:57] - 2871808 ____A (Microsoft Corporation) 332FEAB1435662FC6C672E25BEB37BE3
    C:\Windows\System32\winlogon.exe IS MISSING <==== ATTENTION!.
    C:\Windows\System32\wininit.exe => MD5 is legit
    C:\Windows\System32\svchost.exe => MD5 is legit
    C:\Windows\System32\services.exe IS MISSING <==== ATTENTION!.
    C:\Windows\System32\User32.dll
    [2010-11-20 22:24] - [2010-11-20 22:24] - 0833024 ____A (Microsoft Corporation) 5E0DB2D8B2750543CD2EBB9EA8E6CDD3
    C:\Windows\System32\userinit.exe => MD5 is legit
    C:\Windows\System32\Drivers\volsnap.sys IS MISSING <==== ATTENTION!.
    c:\Windows\system32\codeintegrity\Bootcat.cache IS MISSING <==== ATTENTION!.
    C:\Windows\System32\winsrv.dll IS MISSING <==== ATTENTION!.
    ==================== Memory info =========================== 
    Percentage of memory in use: 22%
    Total physical RAM: 5886.98 MB
    Available physical RAM: 4573.77 MB
    Total Pagefile: 11772.14 MB
    Available Pagefile: 10193.47 MB
    Total Virtual: 4095.88 MB
    Available Virtual: 3999.42 MB
    ==================== Partitions =============================
    1 Drive c: (OS) (Fixed) (Total:916.66 GB) (Free:865.22 GB) NTFS
    3 Drive e: () (Removable) (Total:1.82 GB) (Free:1.81 GB) FAT
      Disk ###  Status         Size     Free     Dyn  Gpt
      --------  -------------  -------  -------  ---  ---
      Disk 0    Online          931 GB      0 B         
      Disk 1    Online         1868 MB      0 B         
      Disk 2    No Media           0 B      0 B         
      Disk 3    No Media           0 B      0 B         
      Disk 4    No Media           0 B      0 B         
      Disk 5    No Media           0 B      0 B         
    Partitions of Disk 0:
    ===============
    Disk ID: DCE7B2C0
      Partition ###  Type              Size     Offset
      -------------  ----------------  -------  -------
      Partition 1    OEM                 39 MB    31 KB
      Partition 2    Primary             14 GB    40 MB
      Partition 3    Primary            916 GB    14 GB
    =========================================================
    Disk: 0
    Partition 1
    Type  : DE
    Hidden: Yes
    Active: No
    There is no volume associated with this partition.
    =========================================================
    Disk: 0
    Partition 2
    Type  : 07
    Hidden: No
    Active: Yes
      Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
      ----------  ---  -----------  -----  ----------  -------  ---------  --------
    * Volume 1         RECOVERY     NTFS   Partition     14 GB  Healthy    System (partition with boot components)  
    =========================================================
    Disk: 0
    Partition 3
    Type  : 07
    Hidden: No
    Active: No
      Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
      ----------  ---  -----------  -----  ----------  -------  ---------  --------
    * Volume 2     C   OS           NTFS   Partition    916 GB  Healthy    Boot    
    =========================================================
    Partitions of Disk 1:
    ===============
    Disk ID: 00000000
      Partition ###  Type              Size     Offset
      -------------  ----------------  -------  -------
      Partition 1    Primary           1866 MB    31 KB
    =========================================================
    Disk: 1
    Partition 1
    Type  : 06
    Hidden: No
    Active: Yes
      Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
      ----------  ---  -----------  -----  ----------  -------  ---------  --------
    * Volume 3     E                FAT    Removable   1866 MB  Healthy            
    =========================================================
    ============================== MBR Partition Table ==================
    ==============================
    Partitions of Disk 0:
    ===============
    Disk ID: DCE7B2C0
    Partition 1:
    =========
    Hex: 00010100DEFE3F043F00000086390100
    Active: NO
    Type: DE
    Size: 39 MB
    Partition 2:
    =========
    Hex: 8019150507FEFFFF0040010000F0D901
    Active: YES
    Type: 07 (NTFS)
    Size: 15 GB
    Partition 3:
    =========
    Hex: 00FEFFFF07FEFFFF0030DB0100309572
    Active: NO
    Type: 07 (NTFS)
    Size: 917 GB
    ==============================
    Partitions of Disk 1:
    ===============
    Disk ID: 00000000
    Partition 1:
    =========
    Hex: 80010100063CFEF23E000000B4573A00
    Active: YES
    Type: 06
    Size: 2 GB
    ==================== End Of Log ============================

  16. #16
    Will Watts's Avatar
    Join Date
    Mar 2012
    Location
    %tmp%
    Posts
    5,026
    • specs System Specs
      • Manufacturer:
        Alienware M15x
      • Model Number:
        M15x
      • CPU:
        i5 520 M @ 2.40GHz
      • Memory:
        8GB
      • Graphics:
        ATI Radeon HD 5800
      • Hard Drives:
        720GB 7200 rpm
      • Operating System:
        Windows 8 + Ubuntu

    Re: Dell inspiron 570 keeps restarting

    Hi jackel,

    FRST is not designed to be run in Safe Mode or Normal Mode, the instructions provided above required you to run the program in a very specific way. Please also do not run any tools or programs unless instructed, this only complicates the issue and makes it much harder for us to help you. Currently the system is in a very delicate state, and we want to avoid making the problem worse.

    Are you able to log on normally using Safe Mode? Does the computer restart or crash whilst in Safe Mode?
    Has Sysnative Forums helped you? Please consider donating to help support the forum.


  17. #17

    Re: Dell inspiron 570 keeps restarting

    It stays on with out the Ethernet plugged in for some reason. Ok I could not run it the way you instructed; some odd reason the language option have appeared along with the recovery tools. I'll go through the steps

  18. #18
    Will Watts's Avatar
    Join Date
    Mar 2012
    Location
    %tmp%
    Posts
    5,026
    • specs System Specs
      • Manufacturer:
        Alienware M15x
      • Model Number:
        M15x
      • CPU:
        i5 520 M @ 2.40GHz
      • Memory:
        8GB
      • Graphics:
        ATI Radeon HD 5800
      • Hard Drives:
        720GB 7200 rpm
      • Operating System:
        Windows 8 + Ubuntu

    Re: Dell inspiron 570 keeps restarting

    Hi jackel,

    Most likely a network driver has been infected by a rootkit, this is causing the system instability.

    Download and transfer the following tool to the infected computer. Please follow the instructions exactly, and DO NOT fix anything yet.

    • Download TDSSKiller.exe to your desktop
    • Execute TDSSKiller.exe by doubleclicking on it.
    • Press Start Scan
    • If Malicious objects are found, ensure Skip is selected.
      NOTE: Please do not attempt any fix yet.
    • Once complete, a log will be produced at the root drive which is typically C:\
      For example, C:\TDSSKiller.2.8.8.0_date_time_log.txt
    • Transfer the log back over to a working computer and attach that log, please.

    --------------------------------------
    Has Sysnative Forums helped you? Please consider donating to help support the forum.


  19. #19

    Re: Dell inspiron 570 keeps restarting

    Hello Will

    Here is the file

    Code:
    16:10:40.0568 1248  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
    16:10:40.0583 1248  ============================================================
    16:10:40.0583 1248  Current date / time: 2013/04/16 16:10:40.0583
    16:10:40.0583 1248  SystemInfo:
    16:10:40.0583 1248  
    16:10:40.0583 1248  OS Version: 6.1.7601 ServicePack: 1.0
    16:10:40.0583 1248  Product type: Workstation
    16:10:40.0583 1248  ComputerName: HOMEOFFICE-PC
    16:10:40.0583 1248  UserName: Home Office
    16:10:40.0583 1248  Windows directory: C:\Windows
    16:10:40.0583 1248  System windows directory: C:\Windows
    16:10:40.0583 1248  Running under WOW64
    16:10:40.0583 1248  Processor architecture: Intel x64
    16:10:40.0583 1248  Number of processors: 4
    16:10:40.0583 1248  Page size: 0x1000
    16:10:40.0583 1248  Boot type: Safe boot with network
    16:10:40.0583 1248  ============================================================
    16:10:41.0441 1248  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
    16:10:41.0457 1248  Drive \Device\Harddisk1\DR1 - Size: 0x74C00000 (1.82 Gb), SectorSize: 0x200, Cylinders: 0xEE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
    16:10:41.0472 1248  ============================================================
    16:10:41.0472 1248  \Device\Harddisk0\DR0:
    16:10:41.0472 1248  MBR partitions:
    16:10:41.0472 1248  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D9F000
    16:10:41.0472 1248  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1DB3000, BlocksNum 0x72953000
    16:10:41.0472 1248  \Device\Harddisk1\DR1:
    16:10:41.0472 1248  MBR partitions:
    16:10:41.0472 1248  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x6, StartLBA 0x3E, BlocksNum 0x3A57B4
    16:10:41.0472 1248  ============================================================
    16:10:41.0504 1248  C: <-> \Device\Harddisk0\DR0\Partition2
    16:10:41.0504 1248  ============================================================
    16:10:41.0504 1248  Initialize success
    16:10:41.0504 1248  ============================================================
    16:10:43.0859 1108  ============================================================
    16:10:43.0859 1108  Scan started
    16:10:43.0859 1108  Mode: Manual; 
    16:10:43.0859 1108  ============================================================
    16:10:44.0514 1108  ================ Scan system memory ========================
    16:10:44.0514 1108  System memory - ok
    16:10:44.0514 1108  ================ Scan services =============================
    16:10:44.0655 1108  0121311364716903mcinstcleanup - ok
    16:10:45.0045 1108  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
    16:10:45.0045 1108  1394ohci - ok
    16:10:45.0060 1108  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
    16:10:45.0060 1108  ACPI - ok
    16:10:45.0076 1108  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
    16:10:45.0076 1108  AcpiPmi - ok
    16:10:45.0201 1108  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    16:10:45.0201 1108  AdobeARMservice - ok
    16:10:45.0232 1108  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
    16:10:45.0248 1108  adp94xx - ok
    16:10:45.0279 1108  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
    16:10:45.0279 1108  adpahci - ok
    16:10:45.0279 1108  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
    16:10:45.0279 1108  adpu320 - ok
    16:10:45.0310 1108  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
    16:10:45.0326 1108  AeLookupSvc - ok
    16:10:45.0357 1108  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
    16:10:45.0357 1108  AFD - ok
    16:10:45.0388 1108  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
    16:10:45.0388 1108  agp440 - ok
    16:10:45.0435 1108  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
    16:10:45.0435 1108  ALG - ok
    16:10:45.0450 1108  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
    16:10:45.0450 1108  aliide - ok
    16:10:45.0482 1108  [ E2934A5F82E010D8783544536384B035 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
    16:10:45.0482 1108  AMD External Events Utility - ok
    16:10:45.0482 1108  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
    16:10:45.0482 1108  amdide - ok
    16:10:45.0497 1108  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
    16:10:45.0497 1108  AmdK8 - ok
    16:10:45.0544 1108  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
    16:10:45.0544 1108  AmdPPM - ok
    16:10:45.0575 1108  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
    16:10:45.0575 1108  amdsata - ok
    16:10:45.0575 1108  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
    16:10:45.0575 1108  amdsbs - ok
    16:10:45.0591 1108  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
    16:10:45.0591 1108  amdxata - ok
    16:10:45.0591 1108  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
    16:10:45.0591 1108  AppID - ok
    16:10:45.0606 1108  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
    16:10:45.0606 1108  AppIDSvc - ok
    16:10:45.0622 1108  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
    16:10:45.0622 1108  Appinfo - ok
    16:10:45.0653 1108  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
    16:10:45.0653 1108  arc - ok
    16:10:45.0669 1108  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
    16:10:45.0669 1108  arcsas - ok
    16:10:45.0934 1108  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
    16:10:45.0950 1108  aspnet_state - ok
    16:10:45.0981 1108  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
    16:10:45.0981 1108  AsyncMac - ok
    16:10:45.0981 1108  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
    16:10:45.0981 1108  atapi - ok
    16:10:45.0981 1108  [ FB7602C5C508BE281368AAE0B61B51C6 ] AtiHdmiService  C:\Windows\system32\drivers\AtiHdmi.sys
    16:10:45.0996 1108  AtiHdmiService - ok
    16:10:46.0074 1108  [ ADF81052D94BCD3FF7DB2FE59E3ED6F4 ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
    16:10:46.0121 1108  atikmdag - ok
    16:10:46.0152 1108  [ 7C5D273E29DCC5505469B299C6F29163 ] AtiPcie         C:\Windows\system32\drivers\AtiPcie.sys
    16:10:46.0152 1108  AtiPcie - ok
    16:10:46.0199 1108  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
    16:10:46.0199 1108  AudioEndpointBuilder - ok
    16:10:46.0215 1108  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
    16:10:46.0215 1108  AudioSrv - ok
    16:10:46.0246 1108  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
    16:10:46.0246 1108  AxInstSV - ok
    16:10:46.0277 1108  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
    16:10:46.0277 1108  b06bdrv - ok
    16:10:46.0293 1108  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
    16:10:46.0293 1108  b57nd60a - ok
    16:10:46.0402 1108  [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc           C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
    16:10:46.0402 1108  BBSvc - ok
    16:10:46.0418 1108  [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate        C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
    16:10:46.0418 1108  BBUpdate - ok
    16:10:46.0449 1108  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
    16:10:46.0449 1108  BDESVC - ok
    16:10:46.0480 1108  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
    16:10:46.0480 1108  Beep - ok
    16:10:46.0527 1108  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
    16:10:46.0527 1108  BFE - ok
    16:10:46.0574 1108  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
    16:10:46.0823 1108  BITS - ok
    16:10:46.0855 1108  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
    16:10:46.0855 1108  blbdrive - ok
    16:10:46.0855 1108  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
    16:10:46.0855 1108  bowser - ok
    16:10:46.0855 1108  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
    16:10:46.0855 1108  BrFiltLo - ok
    16:10:46.0886 1108  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
    16:10:46.0886 1108  BrFiltUp - ok
    16:10:46.0901 1108  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
    16:10:46.0901 1108  Browser - ok
    16:10:46.0901 1108  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
    16:10:46.0901 1108  Brserid - ok
    16:10:46.0917 1108  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
    16:10:46.0917 1108  BrSerWdm - ok
    16:10:46.0917 1108  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
    16:10:46.0917 1108  BrUsbMdm - ok
    16:10:46.0917 1108  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
    16:10:46.0917 1108  BrUsbSer - ok
    16:10:46.0948 1108  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
    16:10:46.0948 1108  BTHMODEM - ok
    16:10:46.0979 1108  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
    16:10:46.0979 1108  bthserv - ok
    16:10:46.0979 1108  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
    16:10:46.0979 1108  cdfs - ok
    16:10:47.0011 1108  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
    16:10:47.0011 1108  cdrom - ok
    16:10:47.0042 1108  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
    16:10:47.0042 1108  CertPropSvc - ok
    16:10:47.0073 1108  [ D2B3252AD4EB499C935A56467997AA3C ] cfwids          C:\Windows\system32\drivers\cfwids.sys
    16:10:47.0073 1108  cfwids - ok
    16:10:47.0104 1108  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
    16:10:47.0104 1108  circlass - ok
    16:10:47.0120 1108  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
    16:10:47.0120 1108  CLFS - ok
    16:10:47.0213 1108  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    16:10:47.0213 1108  clr_optimization_v2.0.50727_32 - ok
    16:10:47.0338 1108  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
    16:10:47.0338 1108  clr_optimization_v2.0.50727_64 - ok
    16:10:47.0557 1108  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    16:10:47.0572 1108  clr_optimization_v4.0.30319_32 - ok
    16:10:47.0603 1108  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
    16:10:47.0635 1108  clr_optimization_v4.0.30319_64 - ok
    16:10:47.0666 1108  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
    16:10:47.0666 1108  CmBatt - ok
    16:10:47.0697 1108  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
    16:10:47.0697 1108  cmdide - ok
    16:10:47.0713 1108  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
    16:10:47.0713 1108  CNG - ok
    16:10:47.0713 1108  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
    16:10:47.0713 1108  Compbatt - ok
    16:10:47.0759 1108  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
    16:10:47.0759 1108  CompositeBus - ok
    16:10:47.0759 1108  COMSysApp - ok
    16:10:47.0775 1108  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
    16:10:47.0775 1108  crcdisk - ok
    16:10:47.0806 1108  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
    16:10:47.0822 1108  CryptSvc - ok
    16:10:47.0915 1108  [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
    16:10:47.0915 1108  cvhsvc - ok
    16:10:47.0962 1108  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
    16:10:47.0993 1108  DcomLaunch - ok
    16:10:48.0009 1108  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
    16:10:48.0009 1108  defragsvc - ok
    16:10:48.0040 1108  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
    16:10:48.0040 1108  DfsC - ok
    16:10:48.0056 1108  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
    16:10:48.0056 1108  Dhcp - ok
    16:10:48.0071 1108  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
    16:10:48.0071 1108  discache - ok
    16:10:48.0071 1108  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
    16:10:48.0071 1108  Disk - ok
    16:10:48.0087 1108  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
    16:10:48.0087 1108  Dnscache - ok
    16:10:48.0103 1108  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
    16:10:48.0103 1108  dot3svc - ok
    16:10:48.0134 1108  [ B42ED0320C6E41102FDE0005154849BB ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
    16:10:48.0134 1108  Dot4 - ok
    16:10:48.0134 1108  [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
    16:10:48.0134 1108  Dot4Print - ok
    16:10:48.0149 1108  [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
    16:10:48.0149 1108  dot4usb - ok
    16:10:48.0165 1108  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
    16:10:48.0165 1108  DPS - ok
    16:10:48.0165 1108  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
    16:10:48.0165 1108  drmkaud - ok
    16:10:48.0196 1108  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
    16:10:48.0212 1108  DXGKrnl - ok
    16:10:48.0243 1108  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
    16:10:48.0243 1108  EapHost - ok
    16:10:48.0305 1108  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
    16:10:48.0352 1108  ebdrv - ok
    16:10:48.0383 1108  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
    16:10:48.0383 1108  EFS - ok
    16:10:48.0493 1108  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
    16:10:48.0508 1108  ehRecvr - ok
    16:10:48.0539 1108  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
    16:10:48.0539 1108  ehSched - ok
    16:10:48.0555 1108  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
    16:10:48.0555 1108  elxstor - ok
    16:10:48.0602 1108  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
    16:10:48.0602 1108  ErrDev - ok
    16:10:48.0633 1108  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
    16:10:48.0633 1108  EventSystem - ok
    16:10:48.0633 1108  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
    16:10:48.0633 1108  exfat - ok
    16:10:48.0649 1108  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
    16:10:48.0649 1108  fastfat - ok
    16:10:48.0695 1108  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
    16:10:48.0695 1108  Fax - ok
    16:10:48.0711 1108  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
    16:10:48.0711 1108  fdc - ok
    16:10:48.0758 1108  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
    16:10:48.0758 1108  fdPHost - ok
    16:10:48.0758 1108  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
    16:10:48.0758 1108  FDResPub - ok
    16:10:48.0758 1108  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
    16:10:48.0773 1108  FileInfo - ok
    16:10:48.0773 1108  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
    16:10:48.0773 1108  Filetrace - ok
    16:10:48.0773 1108  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
    16:10:48.0773 1108  flpydisk - ok
    16:10:48.0789 1108  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
    16:10:48.0789 1108  FltMgr - ok
    16:10:48.0836 1108  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
    16:10:48.0851 1108  FontCache - ok
    16:10:48.0883 1108  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    16:10:48.0883 1108  FontCache3.0.0.0 - ok
    16:10:48.0898 1108  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
    16:10:48.0898 1108  FsDepends - ok
    16:10:48.0898 1108  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
    16:10:48.0898 1108  Fs_Rec - ok
    16:10:48.0929 1108  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
    16:10:48.0929 1108  fvevol - ok
    16:10:48.0945 1108  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
    16:10:48.0945 1108  gagp30kx - ok
    16:10:49.0023 1108  [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
    16:10:49.0023 1108  GamesAppService - ok
    16:10:49.0101 1108  [ D3316F6E3C011435F36E3D6E49B3196C ] GoToAssist      C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
    16:10:49.0101 1108  GoToAssist - ok
    16:10:49.0117 1108  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
    16:10:49.0132 1108  gpsvc - ok
    16:10:49.0148 1108  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
    16:10:49.0148 1108  hcw85cir - ok
    16:10:49.0163 1108  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
    16:10:49.0163 1108  HDAudBus - ok
    16:10:49.0179 1108  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
    16:10:49.0179 1108  HidBatt - ok
    16:10:49.0195 1108  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
    16:10:49.0195 1108  HidBth - ok
    16:10:49.0210 1108  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
    16:10:49.0210 1108  HidIr - ok
    16:10:49.0226 1108  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
    16:10:49.0226 1108  hidserv - ok
    16:10:49.0257 1108  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
    16:10:49.0257 1108  HidUsb - ok
    16:10:49.0257 1108  [ A894FB2CAE6A29F5D9C8EDA47B074623 ] HipShieldK      C:\Windows\system32\drivers\HipShieldK.sys
    16:10:49.0273 1108  HipShieldK - ok
    16:10:49.0288 1108  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
    16:10:49.0288 1108  hkmsvc - ok
    16:10:49.0304 1108  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
    16:10:49.0304 1108  HomeGroupListener - ok
    16:10:49.0351 1108  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
    16:10:49.0351 1108  HomeGroupProvider - ok
    16:10:49.0522 1108  [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
    16:10:49.0522 1108  hpqcxs08 - ok
    16:10:49.0538 1108  [ F3F72A2A86C22610BCA5439FA789DD52 ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
    16:10:49.0538 1108  hpqddsvc - ok
    16:10:49.0538 1108  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
    16:10:49.0538 1108  HpSAMD - ok
    16:10:49.0585 1108  [ F37882F128EFACEFE353E0BAE2766909 ] HPSLPSVC        C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
    16:10:49.0585 1108  HPSLPSVC - ok
    16:10:49.0647 1108  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
    16:10:49.0647 1108  HTTP - ok
    16:10:49.0663 1108  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
    16:10:49.0678 1108  hwpolicy - ok
    16:10:49.0709 1108  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
    16:10:49.0709 1108  i8042prt - ok
    16:10:49.0741 1108  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
    16:10:49.0741 1108  iaStorV - ok
    16:10:49.0819 1108  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
    16:10:49.0819 1108  idsvc - ok
    16:10:49.0819 1108  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
    16:10:49.0819 1108  iirsp - ok
    16:10:49.0865 1108  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
    16:10:49.0865 1108  IKEEXT - ok
    16:10:49.0928 1108  [ 9526F32B8A76F8DC25A1587400E30084 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
    16:10:49.0943 1108  IntcAzAudAddService - ok
    16:10:49.0959 1108  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
    16:10:49.0959 1108  intelide - ok
    16:10:49.0959 1108  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
    16:10:49.0959 1108  intelppm - ok
    16:10:49.0975 1108  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
    16:10:49.0975 1108  IPBusEnum - ok
    16:10:49.0975 1108  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
    16:10:49.0990 1108  IpFilterDriver - ok
    16:10:50.0021 1108  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
    16:10:50.0021 1108  iphlpsvc - ok
    16:10:50.0037 1108  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
    16:10:50.0037 1108  IPMIDRV - ok
    16:10:50.0053 1108  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
    16:10:50.0053 1108  IPNAT - ok
    16:10:50.0068 1108  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
    16:10:50.0068 1108  IRENUM - ok
    16:10:50.0084 1108  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
    16:10:50.0084 1108  isapnp - ok
    16:10:50.0099 1108  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
    16:10:50.0099 1108  iScsiPrt - ok
    16:10:50.0115 1108  [ D85F3F18E44F7447B5F1BA5C85BAEB7C ] k57nd60a        C:\Windows\system32\DRIVERS\k57nd60a.sys
    16:10:50.0115 1108  k57nd60a - ok
    16:10:50.0146 1108  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
    16:10:50.0146 1108  kbdclass - ok
    16:10:50.0162 1108  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
    16:10:50.0162 1108  kbdhid - ok
    16:10:50.0162 1108  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
    16:10:50.0177 1108  KeyIso - ok
    16:10:50.0193 1108  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
    16:10:50.0193 1108  KSecDD - ok
    16:10:50.0193 1108  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
    16:10:50.0193 1108  KSecPkg - ok
    16:10:50.0209 1108  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
    16:10:50.0209 1108  ksthunk - ok
    16:10:50.0240 1108  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
    16:10:50.0240 1108  KtmRm - ok
    16:10:50.0302 1108  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
    16:10:50.0333 1108  LanmanServer - ok
    16:10:50.0349 1108  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
    16:10:50.0349 1108  LanmanWorkstation - ok
    16:10:50.0380 1108  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
    16:10:50.0380 1108  lltdio - ok
    16:10:50.0411 1108  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
    16:10:50.0411 1108  lltdsvc - ok
    16:10:50.0411 1108  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
    16:10:50.0411 1108  lmhosts - ok
    16:10:50.0443 1108  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
    16:10:50.0443 1108  LSI_FC - ok
    16:10:50.0474 1108  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
    16:10:50.0474 1108  LSI_SAS - ok
    16:10:50.0474 1108  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
    16:10:50.0474 1108  LSI_SAS2 - ok
    16:10:50.0474 1108  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
    16:10:50.0489 1108  LSI_SCSI - ok
    16:10:50.0505 1108  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
    16:10:50.0505 1108  luafv - ok
    16:10:50.0630 1108  [ F928E5E72BBA15DD0CE9A26E0413D236 ] McAfee SiteAdvisor Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    16:10:50.0630 1108  McAfee SiteAdvisor Service - ok
    16:10:50.0723 1108  [ 9504F1DDA1B67FB8D526FD4F8CC882F3 ] McAWFwk         c:\PROGRA~1\mcafee\msc\mcawfwk.exe
    16:10:50.0723 1108  McAWFwk - ok
    16:10:50.0723 1108  [ F928E5E72BBA15DD0CE9A26E0413D236 ] McMPFSvc        C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    16:10:50.0723 1108  McMPFSvc - ok
    16:10:50.0755 1108  [ F928E5E72BBA15DD0CE9A26E0413D236 ] mcmscsvc        C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    16:10:50.0755 1108  mcmscsvc - ok
    16:10:50.0755 1108  [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNaiAnn        C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    16:10:50.0755 1108  McNaiAnn - ok
    16:10:50.0755 1108  [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNASvc         C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    16:10:50.0755 1108  McNASvc - ok
    16:10:50.0833 1108  [ 1814532DB0404C5FB65AA3EB051B2BE5 ] McODS           C:\Program Files\mcafee\VirusScan\mcods.exe
    16:10:50.0848 1108  McODS - ok
    16:10:50.0848 1108  [ F928E5E72BBA15DD0CE9A26E0413D236 ] McOobeSv        C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
    16:10:50.0848 1108  McOobeSv - ok
    16:10:50.0848 1108  [ F928E5E72BBA15DD0CE9A26E0413D236 ] McProxy         C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    16:10:50.0864 1108  McProxy - ok
    16:10:50.0911 1108  [ 21F81090A00932C5E96700EDF2977582 ] McShield        C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
    16:10:50.0911 1108  McShield - ok
    16:10:50.0942 1108  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
    16:10:50.0957 1108  Mcx2Svc - ok
    16:10:50.0973 1108  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
    16:10:50.0973 1108  megasas - ok
    16:10:51.0004 1108  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
    16:10:51.0020 1108  MegaSR - ok
    16:10:51.0020 1108  [ B1720E97FABBDF7D30B36DAF19C3DEE8 ] mfeapfk         C:\Windows\system32\drivers\mfeapfk.sys
    16:10:51.0020 1108  mfeapfk - ok
    16:10:51.0035 1108  [ 113F1534B80D65DFDCA660F19967A3B7 ] mfeavfk         C:\Windows\system32\drivers\mfeavfk.sys
    16:10:51.0051 1108  mfeavfk - ok
    16:10:51.0082 1108  [ C4F521310E40327BBC8E8E71DA344F48 ] mfefire         C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
    16:10:51.0082 1108  mfefire - ok
    16:10:51.0098 1108  [ CECC9841D036EE008091825272D91331 ] mfefirek        C:\Windows\system32\drivers\mfefirek.sys
    16:10:51.0113 1108  mfefirek - ok
    16:10:51.0145 1108  [ EF0F85EDBDF6C0AB467E88E0CEE2B346 ] mfehidk         C:\Windows\system32\drivers\mfehidk.sys
    16:10:51.0145 1108  mfehidk - ok
    16:10:51.0160 1108  [ 6E3A46BF6CBB80450CC24F80FE03ED5A ] mferkdet        C:\Windows\system32\drivers\mferkdet.sys
    16:10:51.0160 1108  mferkdet - ok
    16:10:51.0176 1108  [ 341BFCAA3A55C08E8C9ECB1654ACA905 ] mfevtp          C:\Windows\system32\mfevtps.exe
    16:10:51.0176 1108  mfevtp - ok
    16:10:51.0191 1108  [ 2802D09F1B6ED502237539563F3C4992 ] mfewfpk         C:\Windows\system32\drivers\mfewfpk.sys
    16:10:51.0191 1108  mfewfpk - ok
    16:10:51.0223 1108  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
    16:10:51.0223 1108  MMCSS - ok
    16:10:51.0254 1108  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
    16:10:51.0254 1108  Modem - ok
    16:10:51.0269 1108  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
    16:10:51.0269 1108  monitor - ok
    16:10:51.0269 1108  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
    16:10:51.0269 1108  mouclass - ok
    16:10:51.0285 1108  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
    16:10:51.0285 1108  mouhid - ok
    16:10:51.0285 1108  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
    16:10:51.0285 1108  mountmgr - ok
    16:10:51.0301 1108  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
    16:10:51.0301 1108  mpio - ok
    16:10:51.0316 1108  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
    16:10:51.0316 1108  mpsdrv - ok
    16:10:51.0332 1108  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
    16:10:51.0347 1108  MpsSvc - ok
    16:10:51.0379 1108  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
    16:10:51.0379 1108  MRxDAV - ok
    16:10:51.0379 1108  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
    16:10:51.0379 1108  mrxsmb - ok
    16:10:51.0379 1108  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
    16:10:51.0394 1108  mrxsmb10 - ok
    16:10:51.0410 1108  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
    16:10:51.0410 1108  mrxsmb20 - ok
    16:10:51.0410 1108  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
    16:10:51.0410 1108  msahci - ok
    16:10:51.0410 1108  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
    16:10:51.0425 1108  msdsm - ok
    16:10:51.0441 1108  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
    16:10:51.0441 1108  MSDTC - ok
    16:10:51.0457 1108  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
    16:10:51.0457 1108  Msfs - ok
    16:10:51.0457 1108  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
    16:10:51.0457 1108  mshidkmdf - ok
    16:10:51.0457 1108  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
    16:10:51.0472 1108  msisadrv - ok
    16:10:51.0503 1108  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
    16:10:51.0503 1108  MSiSCSI - ok
    16:10:51.0503 1108  msiserver - ok
    16:10:51.0535 1108  [ F928E5E72BBA15DD0CE9A26E0413D236 ] MSK80Service    C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    16:10:51.0535 1108  MSK80Service - ok
    16:10:51.0535 1108  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
    16:10:51.0535 1108  MSKSSRV - ok
    16:10:51.0566 1108  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
    16:10:51.0566 1108  MSPCLOCK - ok
    16:10:51.0566 1108  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
    16:10:51.0566 1108  MSPQM - ok
    16:10:51.0566 1108  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
    16:10:51.0581 1108  MsRPC - ok
    16:10:51.0581 1108  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
    16:10:51.0581 1108  mssmbios - ok
    16:10:51.0581 1108  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
    16:10:51.0581 1108  MSTEE - ok
    16:10:51.0597 1108  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
    16:10:51.0597 1108  MTConfig - ok
    16:10:51.0597 1108  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
    16:10:51.0597 1108  Mup - ok
    16:10:51.0628 1108  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
    16:10:51.0628 1108  napagent - ok
    16:10:51.0659 1108  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
    16:10:51.0675 1108  NativeWifiP - ok
    16:10:51.0706 1108  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
    16:10:51.0722 1108  NDIS - ok
    16:10:51.0722 1108  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
    16:10:51.0722 1108  NdisCap - ok
    16:10:51.0722 1108  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
    16:10:51.0722 1108  NdisTapi - ok
    16:10:51.0753 1108  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
    16:10:51.0753 1108  Ndisuio - ok
    16:10:51.0753 1108  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
    16:10:51.0753 1108  NdisWan - ok
    16:10:51.0753 1108  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
    16:10:51.0769 1108  NDProxy - ok
    16:10:51.0769 1108  [ 85E3DF39B5C7F5249EFD120907C0E2D2 ] NEOFLTR_650_15991 C:\Windows\system32\Drivers\NEOFLTR_650_15991.SYS
    16:10:51.0769 1108  NEOFLTR_650_15991 - ok
    16:10:51.0800 1108  [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
    16:10:51.0815 1108  Net Driver HPZ12 - ok
    16:10:51.0815 1108  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
    16:10:51.0815 1108  NetBIOS - ok
    16:10:51.0815 1108  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
    16:10:51.0815 1108  NetBT - ok
    16:10:51.0862 1108  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
    16:10:51.0862 1108  Netlogon - ok
    16:10:51.0909 1108  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
    16:10:51.0909 1108  Netman - ok
    16:10:52.0112 1108  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    16:10:52.0112 1108  NetMsmqActivator - ok
    16:10:52.0127 1108  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    16:10:52.0127 1108  NetPipeActivator - ok
    16:10:52.0143 1108  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
    16:10:52.0143 1108  netprofm - ok
    16:10:52.0159 1108  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    16:10:52.0159 1108  NetTcpActivator - ok
    16:10:52.0159 1108  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    16:10:52.0159 1108  NetTcpPortSharing - ok
    16:10:52.0159 1108  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
    16:10:52.0159 1108  nfrd960 - ok
    16:10:52.0190 1108  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
    16:10:52.0190 1108  NlaSvc - ok
    16:10:52.0205 1108  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
    16:10:52.0205 1108  Npfs - ok
    16:10:52.0221 1108  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
    16:10:52.0221 1108  nsi - ok
    16:10:52.0237 1108  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
    16:10:52.0237 1108  nsiproxy - ok
    16:10:52.0315 1108  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
    16:10:52.0330 1108  Ntfs - ok
    16:10:52.0330 1108  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
    16:10:52.0330 1108  Null - ok
    16:10:52.0346 1108  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
    16:10:52.0346 1108  nvraid - ok
    16:10:52.0346 1108  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
    16:10:52.0346 1108  nvstor - ok
    16:10:52.0361 1108  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
    16:10:52.0361 1108  nv_agp - ok
    16:10:52.0377 1108  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
    16:10:52.0377 1108  ohci1394 - ok
    16:10:52.0424 1108  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
    16:10:52.0424 1108  ose - ok
    16:10:52.0564 1108  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    16:10:52.0642 1108  osppsvc - ok
    16:10:52.0673 1108  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
    16:10:52.0689 1108  p2pimsvc - ok
    16:10:52.0705 1108  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
    16:10:52.0720 1108  p2psvc - ok
    16:10:52.0720 1108  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys
    16:10:52.0720 1108  Parport - ok
    16:10:52.0736 1108  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
    16:10:52.0736 1108  partmgr - ok
    16:10:52.0751 1108  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
    16:10:52.0751 1108  PcaSvc - ok
    16:10:53.0032 1108  PcdrNdisuio - ok
    16:10:53.0188 1108  [ 4B5F5774FF1C577B9515FDD2B5C535C5 ] PCDSRVC{1E208CE0-FB7451FF-06020200}_0 c:\program files\dell support center\pcdsrvc_x64.pkms
    16:10:53.0266 1108  PCDSRVC{1E208CE0-FB7451FF-06020200}_0 - ok
    16:10:53.0641 1108  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
    16:10:53.0641 1108  pci - ok
    16:10:53.0641 1108  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
    16:10:53.0641 1108  pciide - ok
    16:10:53.0656 1108  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
    16:10:53.0656 1108  pcmcia - ok
    16:10:53.0656 1108  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
    16:10:53.0656 1108  pcw - ok
    16:10:53.0672 1108  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
    16:10:53.0672 1108  PEAUTH - ok
    16:10:53.0953 1108  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
    16:10:53.0999 1108  PerfHost - ok
    16:10:54.0327 1108  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
    16:10:54.0343 1108  pla - ok
    16:10:54.0405 1108  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
    16:10:54.0405 1108  PlugPlay - ok
    16:10:54.0467 1108  [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
    16:10:54.0483 1108  Pml Driver HPZ12 - ok
    16:10:54.0499 1108  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
    16:10:54.0499 1108  PNRPAutoReg - ok
    16:10:54.0514 1108  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
    16:10:54.0514 1108  PNRPsvc - ok
    16:10:54.0577 1108  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
    16:10:54.0577 1108  PolicyAgent - ok
    16:10:54.0592 1108  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
    16:10:54.0592 1108  Power - ok
    16:10:54.0717 1108  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
    16:10:54.0717 1108  PptpMiniport - ok
    16:10:54.0733 1108  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
    16:10:54.0733 1108  Processor - ok
    16:10:54.0779 1108  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
    16:10:54.0779 1108  ProfSvc - ok
    16:10:54.0795 1108  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
    16:10:54.0811 1108  ProtectedStorage - ok
    16:10:54.0842 1108  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
    16:10:54.0842 1108  Psched - ok
    16:10:54.0842 1108  [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
    16:10:54.0857 1108  PxHlpa64 - ok
    16:10:54.0889 1108  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
    16:10:54.0904 1108  ql2300 - ok
    16:10:54.0904 1108  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
    16:10:54.0904 1108  ql40xx - ok
    16:10:54.0920 1108  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
    16:10:54.0920 1108  QWAVE - ok
    16:10:54.0967 1108  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
    16:10:54.0967 1108  QWAVEdrv - ok
    16:10:54.0967 1108  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
    16:10:54.0967 1108  RasAcd - ok
    16:10:55.0013 1108  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
    16:10:55.0013 1108  RasAgileVpn - ok
    16:10:55.0029 1108  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
    16:10:55.0029 1108  RasAuto - ok
    16:10:55.0029 1108  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
    16:10:55.0029 1108  Rasl2tp - ok
    16:10:55.0045 1108  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
    16:10:55.0045 1108  RasMan - ok
    16:10:55.0076 1108  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
    16:10:55.0076 1108  RasPppoe - ok
    16:10:55.0091 1108  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
    16:10:55.0091 1108  RasSstp - ok
    16:10:55.0091 1108  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
    16:10:55.0091 1108  rdbss - ok
    16:10:55.0091 1108  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
    16:10:55.0107 1108  rdpbus - ok
    16:10:55.0123 1108  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
    16:10:55.0123 1108  RDPCDD - ok
    16:10:55.0123 1108  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
    16:10:55.0123 1108  RDPENCDD - ok
    16:10:55.0138 1108  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
    16:10:55.0138 1108  RDPREFMP - ok
    16:10:55.0138 1108  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
    16:10:55.0138 1108  RDPWD - ok
    16:10:55.0169 1108  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
    16:10:55.0169 1108  rdyboost - ok
    16:10:55.0201 1108  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
    16:10:55.0201 1108  RemoteAccess - ok
    16:10:55.0216 1108  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
    16:10:55.0216 1108  RemoteRegistry - ok
    16:10:55.0450 1108  [ 3C957189B31C34D3AD21967B12B6AED7 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
    16:10:55.0450 1108  RoxMediaDB12OEM - ok
    16:10:55.0481 1108  [ 2B73088CC2CA757A172B425C9398E5BC ] RoxWatch12      C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
    16:10:55.0481 1108  RoxWatch12 - ok
    16:10:55.0528 1108  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
    16:10:55.0528 1108  RpcEptMapper - ok
    16:10:55.0559 1108  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
    16:10:55.0559 1108  RpcLocator - ok
    16:10:55.0575 1108  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
    16:10:55.0575 1108  RpcSs - ok
    16:10:55.0606 1108  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
    16:10:55.0606 1108  rspndr - ok
    16:10:55.0637 1108  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
    16:10:55.0637 1108  SamSs - ok
    16:10:55.0669 1108  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
    16:10:55.0669 1108  sbp2port - ok
    16:10:55.0684 1108  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
    16:10:55.0684 1108  SCardSvr - ok
    16:10:55.0700 1108  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
    16:10:55.0700 1108  scfilter - ok
    16:10:55.0715 1108  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
    16:10:55.0731 1108  Schedule - ok
    16:10:55.0762 1108  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
    16:10:55.0762 1108  SCPolicySvc - ok
    16:10:55.0793 1108  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
    16:10:55.0793 1108  SDRSVC - ok
    16:10:55.0825 1108  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
    16:10:55.0825 1108  secdrv - ok
    16:10:55.0840 1108  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
    16:10:55.0840 1108  seclogon - ok
    16:10:55.0856 1108  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
    16:10:55.0871 1108  SENS - ok
    16:10:55.0918 1108  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
    16:10:55.0918 1108  SensrSvc - ok
    16:10:55.0934 1108  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\drivers\serenum.sys
    16:10:55.0934 1108  Serenum - ok
    16:10:55.0934 1108  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\drivers\serial.sys
    16:10:55.0949 1108  Serial - ok
    16:10:55.0949 1108  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
    16:10:55.0949 1108  sermouse - ok
    16:10:55.0965 1108  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
    16:10:55.0965 1108  SessionEnv - ok
    16:10:56.0012 1108  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
    16:10:56.0012 1108  sffdisk - ok
    16:10:56.0012 1108  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
    16:10:56.0012 1108  sffp_mmc - ok
    16:10:56.0012 1108  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
    16:10:56.0012 1108  sffp_sd - ok
    16:10:56.0027 1108  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
    16:10:56.0027 1108  sfloppy - ok
    16:10:56.0043 1108  [ C6CC9297BD53E5229653303E556AA539 ] Sftfs           C:\Windows\system32\DRIVERS\Sftfslh.sys
    16:10:56.0043 1108  Sftfs - ok
    16:10:56.0105 1108  [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
    16:10:56.0121 1108  sftlist - ok
    16:10:56.0121 1108  [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay         C:\Windows\system32\DRIVERS\Sftplaylh.sys
    16:10:56.0121 1108  Sftplay - ok
    16:10:56.0121 1108  [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
    16:10:56.0137 1108  Sftredir - ok
    16:10:56.0261 1108  [ 74EC60E20516AAA573BE74F31175270F ] SftService      C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
    16:10:56.0277 1108  SftService - ok
    16:10:56.0308 1108  [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
    16:10:56.0308 1108  Sftvol - ok
    16:10:56.0324 1108  [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
    16:10:56.0324 1108  sftvsa - ok
    16:10:56.0355 1108  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
    16:10:56.0355 1108  SharedAccess - ok
    16:10:56.0371 1108  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
    16:10:56.0386 1108  ShellHWDetection - ok
    16:10:56.0386 1108  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
    16:10:56.0386 1108  SiSRaid2 - ok
    16:10:56.0386 1108  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
    16:10:56.0386 1108  SiSRaid4 - ok
    16:10:56.0480 1108  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
    16:10:56.0480 1108  SkypeUpdate - ok
    16:10:56.0511 1108  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
    16:10:56.0511 1108  Smb - ok
    16:10:56.0542 1108  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
    16:10:56.0542 1108  SNMPTRAP - ok
    16:10:56.0558 1108  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
    16:10:56.0558 1108  spldr - ok
    16:10:56.0589 1108  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
    16:10:56.0605 1108  Spooler - ok
    16:10:56.0714 1108  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
    16:10:56.0761 1108  sppsvc - ok
    16:10:56.0761 1108  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
    16:10:56.0776 1108  sppuinotify - ok
    16:10:56.0792 1108  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
    16:10:56.0792 1108  srv - ok
    16:10:56.0807 1108  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
    16:10:56.0807 1108  srv2 - ok
    16:10:56.0823 1108  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
    16:10:56.0823 1108  srvnet - ok
    16:10:56.0854 1108  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
    16:10:56.0854 1108  SSDPSRV - ok
    16:10:56.0870 1108  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
    16:10:56.0870 1108  SstpSvc - ok
    16:10:56.0870 1108  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
    16:10:56.0870 1108  stexstor - ok
    16:10:56.0917 1108  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
    16:10:56.0917 1108  stisvc - ok
    16:10:56.0995 1108  [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr        C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
    16:10:56.0995 1108  stllssvr - ok
    16:10:56.0995 1108  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
    16:10:56.0995 1108  swenum - ok
    16:10:57.0026 1108  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
    16:10:57.0041 1108  swprv - ok
    16:10:57.0088 1108  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
    16:10:57.0119 1108  SysMain - ok
    16:10:57.0119 1108  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
    16:10:57.0135 1108  TabletInputService - ok
    16:10:57.0166 1108  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
    16:10:57.0166 1108  TapiSrv - ok
    16:10:57.0182 1108  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
    16:10:57.0182 1108  TBS - ok
    16:10:57.0229 1108  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
    16:10:57.0244 1108  Tcpip - ok
    16:10:57.0275 1108  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
    16:10:57.0291 1108  TCPIP6 - ok
    16:10:57.0307 1108  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
    16:10:57.0307 1108  tcpipreg - ok
    16:10:57.0322 1108  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
    16:10:57.0322 1108  TDPIPE - ok
    16:10:57.0322 1108  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
    16:10:57.0322 1108  TDTCP - ok
    16:10:57.0338 1108  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
    16:10:57.0338 1108  tdx - ok
    16:10:57.0338 1108  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
    16:10:57.0338 1108  TermDD - ok
    16:10:57.0369 1108  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
    16:10:57.0385 1108  TermService - ok
    16:10:57.0385 1108  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
    16:10:57.0385 1108  Themes - ok
    16:10:57.0416 1108  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
    16:10:57.0416 1108  THREADORDER - ok
    16:10:57.0463 1108  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
    16:10:57.0463 1108  TrkWks - ok
    16:10:57.0509 1108  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
    16:10:57.0525 1108  TrustedInstaller - ok
    16:10:57.0525 1108  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
    16:10:57.0525 1108  tssecsrv - ok
    16:10:57.0556 1108  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
    16:10:57.0556 1108  TsUsbFlt - ok
    16:10:57.0556 1108  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
    16:10:57.0556 1108  TsUsbGD - ok
    16:10:57.0587 1108  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
    16:10:57.0587 1108  tunnel - ok
    16:10:57.0603 1108  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
    16:10:57.0603 1108  uagp35 - ok
    16:10:57.0603 1108  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
    16:10:57.0603 1108  udfs - ok
    16:10:57.0650 1108  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
    16:10:57.0665 1108  UI0Detect - ok
    16:10:57.0681 1108  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
    16:10:57.0681 1108  uliagpkx - ok
    16:10:57.0697 1108  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
    16:10:57.0697 1108  umbus - ok
    16:10:57.0712 1108  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
    16:10:57.0712 1108  UmPass - ok
    16:10:57.0759 1108  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
    16:10:57.0759 1108  upnphost - ok
    16:10:57.0790 1108  [ 19AD7990C0B67E48DAC5B26F99628223 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
    16:10:57.0790 1108  usbccgp - ok
    16:10:57.0806 1108  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
    16:10:57.0821 1108  usbcir - ok
    16:10:57.0821 1108  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
    16:10:57.0821 1108  usbehci - ok
    16:10:57.0821 1108  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
    16:10:57.0821 1108  usbhub - ok
    16:10:57.0837 1108  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
    16:10:57.0837 1108  usbohci - ok
    16:10:57.0853 1108  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
    16:10:57.0853 1108  usbprint - ok
    16:10:57.0884 1108  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
    16:10:57.0899 1108  usbscan - ok
    16:10:57.0899 1108  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
    16:10:57.0899 1108  USBSTOR - ok
    16:10:57.0899 1108  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
    16:10:57.0899 1108  usbuhci - ok
    16:10:57.0931 1108  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
    16:10:57.0931 1108  UxSms - ok
    16:10:57.0946 1108  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
    16:10:57.0946 1108  VaultSvc - ok
    16:10:57.0962 1108  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
    16:10:57.0962 1108  vdrvroot - ok
    16:10:57.0993 1108  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
    16:10:58.0009 1108  vds - ok
    16:10:58.0009 1108  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
    16:10:58.0009 1108  vga - ok
    16:10:58.0009 1108  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
    16:10:58.0009 1108  VgaSave - ok
    16:10:58.0024 1108  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
    16:10:58.0024 1108  vhdmp - ok
    16:10:58.0024 1108  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
    16:10:58.0024 1108  viaide - ok
    16:10:58.0040 1108  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
    16:10:58.0040 1108  volmgr - ok
    16:10:58.0087 1108  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
    16:10:58.0087 1108  volmgrx - ok
    16:10:58.0102 1108  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
    16:10:58.0102 1108  volsnap - ok
    16:10:58.0118 1108  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
    16:10:58.0118 1108  vsmraid - ok
    16:10:58.0211 1108  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
    16:10:58.0227 1108  VSS - ok
    16:10:58.0274 1108  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
    16:10:58.0274 1108  vwifibus - ok
    16:10:58.0274 1108  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
    16:10:58.0289 1108  W32Time - ok
    16:10:58.0305 1108  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
    16:10:58.0305 1108  WacomPen - ok
    16:10:58.0321 1108  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
    16:10:58.0321 1108  WANARP - ok
    16:10:58.0321 1108  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
    16:10:58.0321 1108  Wanarpv6 - ok
    16:10:58.0383 1108  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
    16:10:58.0399 1108  WatAdminSvc - ok
    16:10:58.0445 1108  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
    16:10:58.0461 1108  wbengine - ok
    16:10:58.0461 1108  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
    16:10:58.0461 1108  WbioSrvc - ok
    16:10:58.0492 1108  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
    16:10:58.0492 1108  wcncsvc - ok
    16:10:58.0508 1108  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
    16:10:58.0508 1108  WcsPlugInService - ok
    16:10:58.0508 1108  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
    16:10:58.0508 1108  Wd - ok
    16:10:58.0523 1108  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
    16:10:58.0523 1108  Wdf01000 - ok
    16:10:58.0555 1108  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
    16:10:58.0555 1108  WdiServiceHost - ok
    16:10:58.0555 1108  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
    16:10:58.0555 1108  WdiSystemHost - ok
    16:10:58.0570 1108  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
    16:10:58.0570 1108  WebClient - ok
    16:10:58.0601 1108  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
    16:10:58.0601 1108  Wecsvc - ok
    16:10:58.0617 1108  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
    16:10:58.0617 1108  wercplsupport - ok
    16:10:58.0648 1108  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
    16:10:58.0648 1108  WerSvc - ok
    16:10:58.0664 1108  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
    16:10:58.0664 1108  WfpLwf - ok
    16:10:58.0695 1108  [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
    16:10:58.0695 1108  WimFltr - ok
    16:10:58.0695 1108  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
    16:10:58.0695 1108  WIMMount - ok
    16:10:58.0726 1108  WinDefend - ok
    16:10:58.0757 1108  WinHttpAutoProxySvc - ok
    16:10:58.0898 1108  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
    16:10:58.0898 1108  Winmgmt - ok
    16:10:58.0945 1108  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
    16:10:58.0991 1108  WinRM - ok
    16:10:59.0007 1108  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
    16:10:59.0007 1108  WinUsb - ok
    16:10:59.0054 1108  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
    16:10:59.0069 1108  Wlansvc - ok
    16:10:59.0147 1108  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
    16:10:59.0147 1108  wlcrasvc - ok
    16:10:59.0225 1108  [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    16:10:59.0257 1108  wlidsvc - ok
    16:10:59.0288 1108  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
    16:10:59.0288 1108  WmiAcpi - ok
    16:10:59.0319 1108  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
    16:10:59.0335 1108  wmiApSrv - ok
    16:10:59.0366 1108  WMPNetworkSvc - ok
    16:10:59.0381 1108  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
    16:10:59.0381 1108  WPCSvc - ok
    16:10:59.0381 1108  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
    16:10:59.0381 1108  WPDBusEnum - ok
    16:10:59.0397 1108  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
    16:10:59.0397 1108  ws2ifsl - ok
    16:10:59.0413 1108  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
    16:10:59.0413 1108  wscsvc - ok
    16:10:59.0428 1108  WSearch - ok
    16:10:59.0491 1108  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
    16:10:59.0522 1108  wuauserv - ok
    16:10:59.0553 1108  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
    16:10:59.0553 1108  WudfPf - ok
    16:10:59.0584 1108  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
    16:10:59.0584 1108  WUDFRd - ok
    16:10:59.0600 1108  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
    16:10:59.0600 1108  wudfsvc - ok
    16:10:59.0615 1108  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
    16:10:59.0615 1108  WwanSvc - ok
    16:10:59.0631 1108  ================ Scan global ===============================
    16:10:59.0662 1108  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
    16:10:59.0693 1108  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
    16:10:59.0693 1108  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
    16:10:59.0740 1108  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
    16:10:59.0771 1108  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
    16:10:59.0771 1108  [Global] - ok
    16:10:59.0771 1108  ================ Scan MBR ==================================
    16:10:59.0787 1108  [ E9F67288208D53EF770F82E186904857 ] \Device\Harddisk0\DR0
    16:10:59.0787 1108  Suspicious mbr (Forged): \Device\Harddisk0\DR0
    16:10:59.0849 1108  \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - infected
    16:10:59.0849 1108  \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.b (0)
    16:10:59.0849 1108  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
    16:10:59.0881 1108  \Device\Harddisk1\DR1 - ok
    16:10:59.0881 1108  ================ Scan VBR ==================================
    16:10:59.0881 1108  [ 48B6117C7F26157025F0FF64655D8BA2 ] \Device\Harddisk0\DR0\Partition1
    16:10:59.0881 1108  \Device\Harddisk0\DR0\Partition1 - ok
    16:10:59.0912 1108  [ 50EB1C30B265B8C26CB6601CDC1952CA ] \Device\Harddisk0\DR0\Partition2
    16:10:59.0912 1108  \Device\Harddisk0\DR0\Partition2 - ok
    16:10:59.0927 1108  [ E40940D137F0BF189E96ECC5FF9067E0 ] \Device\Harddisk1\DR1\Partition1
    16:10:59.0927 1108  \Device\Harddisk1\DR1\Partition1 - ok
    16:10:59.0927 1108  ============================================================
    16:10:59.0927 1108  Scan finished
    16:10:59.0927 1108  ============================================================
    16:10:59.0927 1264  Detected object count: 1
    16:10:59.0927 1264  Actual detected object count: 1
    16:11:57.0538 1264  \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - skipped by user
    16:11:57.0538 1264  \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - User select action: Skip

  20. #20
    Will Watts's Avatar
    Join Date
    Mar 2012
    Location
    %tmp%
    Posts
    5,026
    • specs System Specs
      • Manufacturer:
        Alienware M15x
      • Model Number:
        M15x
      • CPU:
        i5 520 M @ 2.40GHz
      • Memory:
        8GB
      • Graphics:
        ATI Radeon HD 5800
      • Hard Drives:
        720GB 7200 rpm
      • Operating System:
        Windows 8 + Ubuntu

    Re: Dell inspiron 570 keeps restarting

    Hi jackel,

    That's great. Please re-run TDSSKiller, this time select Cure. Attach the log in your next reply.

    • Execute TDSSKiller.exe by doubleclicking on it.
    • Press Start Scan
    • If Malicious objects are found, ensure Cure is selected (it should be by default) NOTE: If Cure is not an option, please select Skip.
    • Click Continue then click Reboot now.
    • Once complete, a log will be produced at the root drive which is typically C:\
      For example, C:\TDSSKiller.2.7.7.0_date_time_log.txt
    • Attach that log, please.

    --------------------------------------
    Has Sysnative Forums helped you? Please consider donating to help support the forum.


Page 1 of 3 123 Last

Similar Threads

  1. [SOLVED] Windows Explorer has stopped working....Windows Explorer is Restarting
    By Amcgrap in forum Windows 7 | Windows Vista
    Replies: 41
    Last Post: 07-15-2014, 09:14 AM
  2. Windows Explorer Stopping...Restarting even with clean boot
    By jules2266 in forum Windows 7 | Windows Vista
    Replies: 5
    Last Post: 07-15-2013, 11:41 PM
  3. Dell reportedly looking to going private
    By JMH in forum News You Can Use
    Replies: 0
    Last Post: 01-14-2013, 10:38 PM
  4. Dell Says it Can't Build Enough XPS 13 Ultrabooks
    By JMH in forum News You Can Use
    Replies: 0
    Last Post: 05-01-2012, 02:18 AM

Log in

Log in