Generic Host Process for Win32 Services Error

I get a Generic Host Process for Win32 Services Error when I start up. The message includes

The error appears in computers with Windows XP Service Pack 2 and security update 873333 (MS05-012) installed.

When I follow the directions, it says the correction is for an earlier version (xp2).

This error comes up every time I start my computer or restart it.

How can I stop this error message? Thank you.

There's a Microsoft Hotfix available for that problem. See: http://support.microsoft.com/kb/894391

When I follow the directions, it says the correction is for an earlier version (xp2)

Hotfix will not work for service pack 3.

Lets check the possible cause

Press Windows+R key and type

services.msc and click ok

Right click on wireless zero configuration-properties

change the startup type to manual

Restart the PC and let us know if you still receive errors.

Note:This service needs to be started to connect via wireless.

good luck

Thank you.

I did this:

Press Windows+R key and type

services.msc and click ok

Right click on wireless zero configuration-properties

change the startup type to manual

Restart the PC and let us know if you still receive errors.

I still get the same error.

Still getting the same error. Does anyone have any other suggestions or a list of things to check that you could send me a link to?

Thank you.

Take a snapshot of the error message...post it in your next post.

How To Capture And Edit A Screen Shot - http://www.bleepingcomputer.com/forums/topic43088.html/page__gopid__2493350

Also...Publish a Snapshot using Speccy - http://www.bleepingcomputer.com/forums/topic323892.html/page__p__1797792#entry1797792

Louis

http://speccy.piriform.com/results/3MuXcjNOdHCzJQ0CHsU1qQR

First...you'd probably be happier with this system if more RAM was installed...512MB just doesn't do much more than enable Windows to be installed and run properly, without any programs installed requiring system resources. You seem to have several programs installed...which I would uninstall immediately and consider reinstalling only if more RAM is installed.

I suggest that you remove this from your system, http://boinc.berkeley.edu/ .

I also suggest that you uninstall Ad-Aware,

512MB of RAM, Zone Alarm, HourGuard, Spybot (and Tea-Timer), iTunes...would be logical candidates for uninstalling, IMO. If HourGuard is installed by your DSL or other connection software...allow it to remain. If you installed it on your own...well, you are asking the system to do the unnecessary and I don't think you should do that with the components/resources you have within your system.

The graphic that you posted...does not appear to be a Windows error message, IMO. Not sure just what program that is, but it doesn't look like the errors I've seen XP spawn.

FWIW: The MS error graphic you posted...doesn't apply to you. Your system has SP3 installed and that document was created by MS for a specific instance of the quoted error message. The document was not intended to cover ever situation where a user gets a "generic host process" error.

FWIW: Generic Host Process errors...may also indicate malware of some type. If you do a search of the Web...you will see that this is not a very specific error...it can be many things. I would try to eliminate malware from consideration...by initiating a topic in the Am I Infected forum.

These errors typically involvo something a user has running in the background, under Service Host. All of the programs I referred to above...may have such processes running.

In any case, if you want to troubleshoot your svchost processes...please read How to determine what services are running under a SVCHOST.EXE process - http://www.bleepingcomputer.com/tutorials/tutorial129.html .

I'm moving your topic to AII...if that's in error, we will move it back here later .

Louis

Thank you. I will remove AdAware first. I picked that up about ten years ago when I saw an IT guy use it at work to clean some junk out of employees' pc's.

I thought I needed to keep it to keep out ad clutter. I will be glad to delete it. Sometimes when I check Windows Task Manager, it seems to be slowing down Firefox.

Firefox runs noticeably better since I dropped AdAware. Not so many frustating delays.

I am still wondering if I have malware on my system.

In addition to the Windows error msg I get, other possibly related symptoms include

• two Boinc Manager screens come up without my asking for them every time WinXP powers up. I have Boinc but before this started happening, it only came up when I clicked on the icon in the tray.
  
• And when I have Task Manager open while closing down Windows, I watch the different programs being shut down and once in a while a box appears for one which is written in what looks like Chinese script. I have no idea what that is.

Hello, lets look at a few logs..

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:

• Flush DNS
• Report IE Proxy Settings
• Reset IE Proxy Settings
• Report FF Proxy Settings
• Reset FF Proxy Settings
• List content of Hosts
• List IP configuration
• List Winsock Entries
• List last 10 Event Viewer log
• List Installed Programs
• List Users, Partitions and Memory size.

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.




Next run MBAM (MalwareBytes):

Please download Malwarebytes Anti-Malware and save it to your desktop.

• Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.

Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

• Make sure you are connected to the Internet and double-click on the renamed file to install the application.
• When the installation begins, follow the prompts and do not make any changes to default settings.
• Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
• If an update is found, the program will automatically update itself. Press the OK button and continue.
• If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues.

• Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
• Click on the Scan button.
• When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
• Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
• Make sure that everything is checked and then click Remove Selected.
• When removal is completed, a log report will open in Notepad.
• The log is automatically saved and can be viewed by clicking the Logs tab.
• Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
• Exit Malwarebytes when done.

Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

-- Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, go to Start > All Programs > Malwarebytes Anti-Malware folder > Tools > click on Malwarebytes Chameleon and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).





Please download TDSSKiller.zip and and extract it.

• Run TDSSKiller.exe.
• Click Start scan.
• When it is finished the utility outputs a list of detected objects with description.
  The utility automatically selects an action (Cure or Delete) for malicious objects.
  The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
• Let reboot if needed and tell me if the tool needed a reboot.
• Click on Report and post the contents of the text file that will open.
  
  Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log has a name like: TDSSKiller.Version_Date_Time_log.txt.

Please download aswMBR ( 511KB ) to your desktop.

• Double click the aswMBR.exe icon to run it
• Click the Scan button to start the scan
• On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

Thank you.

I don't see a way to attach a file. Here is full text.

MiniToolBox by Farbar Version: 14-01-2012
Ran by Bill (administrator) on 03-06-2012 at 12:01:04
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 www.100888290cs.com
127.0.0.1 100888290cs.com

There are 15220 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

NVIDIA nForce 10/100 Mbps Ethernet = Local Area Connection (Connected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : your-ec0540d030

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Unknown

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : Yes



Ethernet adapter Local Area Connection:



Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : NVIDIA nForce 10/100 Mbps Ethernet

Physical Address. . . . . . . . . : 00-1D-92-3B-8F-1D

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.1.64

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.1.254

DHCP Server . . . . . . . . . . . : 192.168.1.254

DNS Servers . . . . . . . . . . . : 192.168.1.254

Lease Obtained. . . . . . . . . . : Saturday, June 02, 2012 9:34:09 PM

Lease Expires . . . . . . . . . . : Sunday, June 03, 2012 9:34:09 PM

DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.1.254

Name: google.com
Addresses: 74.125.225.39, 74.125.225.40, 74.125.225.41, 74.125.225.46
74.125.225.32, 74.125.225.33, 74.125.225.34, 74.125.225.35, 74.125.225.36
74.125.225.37, 74.125.225.38



Pinging google.com [74.125.225.99] with 32 bytes of data:



Reply from 74.125.225.99: bytes=32 time=28ms TTL=55

Reply from 74.125.225.99: bytes=32 time=29ms TTL=55



Ping statistics for 74.125.225.99:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 28ms, Maximum = 29ms, Average = 28ms

DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.1.254

Name: yahoo.com
Addresses: 72.30.38.140, 98.139.183.24, 209.191.122.70



Pinging yahoo.com [72.30.38.140] with 32 bytes of data:



Reply from 72.30.38.140: bytes=32 time=146ms TTL=52

Reply from 72.30.38.140: bytes=32 time=87ms TTL=52



Ping statistics for 72.30.38.140:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 87ms, Maximum = 146ms, Average = 116ms

DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.1.254

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:



Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 1d 92 3b 8f 1d ...... NVIDIA nForce Networking Controller - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.64 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
169.254.0.0 255.255.0.0 192.168.1.64 192.168.1.64 20
192.168.1.0 255.255.255.0 192.168.1.64 192.168.1.64 20
192.168.1.64 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.1.255 255.255.255.255 192.168.1.64 192.168.1.64 20
224.0.0.0 240.0.0.0 192.168.1.64 192.168.1.64 20
255.255.255.255 255.255.255.255 192.168.1.64 192.168.1.64 1
Default Gateway: 192.168.1.254
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (06/03/2012 09:58:00 AM) (Source: Application Error) (User: )
Description: Fault bucket 24097034.
The Wep key exchange did not result in a secure connection setup after 802.1x authentication. The current setting has been marked as failed and the Wireless connection will be disconnected.

Error: (06/03/2012 09:36:11 AM) (Source: Application Error) (User: )
Description: Faulting application , version 0.0.0.0, faulting module unknown, version 0.0.0.0, fault address 0x00000000.
Processing media-specific event for [!ws!]

Error: (06/03/2012 09:36:03 AM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: The specified server cannot perform the requested operation.

Error: (06/03/2012 09:36:02 AM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: The specified server cannot perform the requested operation.

Error: (06/03/2012 09:35:58 AM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This operation returned because the timeout period expired.

Error: (06/02/2012 09:49:54 AM) (Source: Application Error) (User: )
Description: Fault bucket 24097034.
The Wep key exchange did not result in a secure connection setup after 802.1x authentication. The current setting has been marked as failed and the Wireless connection will be disconnected.

Error: (06/02/2012 08:56:32 AM) (Source: Application Error) (User: )
Description: Faulting application , version 0.0.0.0, faulting module unknown, version 0.0.0.0, fault address 0x00000000.
Processing media-specific event for [!ws!]

Error: (06/01/2012 08:39:28 AM) (Source: Application Error) (User: )
Description: Faulting application daemonu.exe, version 1.4.28.0, faulting module daemonu.exe, version 1.4.28.0, fault address 0x0005f90b.
Processing media-specific event for [daemonu.exe!ws!]

Error: (05/31/2012 01:29:54 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 106735

Error: (05/31/2012 01:29:54 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 106735


System errors:
=============
Error: (06/03/2012 09:41:42 AM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service terminated unexpectedly. It has done this 1 time(s).

Error: (06/03/2012 09:37:46 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Lbd

Error: (06/03/2012 09:37:46 AM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service hung on starting.

Error: (06/03/2012 09:36:15 AM) (Source: Service Control Manager) (User: )
Description: The ASKService service failed to start due to the following error:
%%2

Error: (06/02/2012 09:02:05 AM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service terminated unexpectedly. It has done this 1 time(s).

Error: (06/02/2012 08:58:19 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Lbd

Error: (06/02/2012 08:58:19 AM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service hung on starting.

Error: (06/02/2012 08:56:42 AM) (Source: Service Control Manager) (User: )
Description: The ASKService service failed to start due to the following error:
%%2

Error: (06/01/2012 08:43:39 AM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service terminated unexpectedly. It has done this 1 time(s).

Error: (06/01/2012 08:40:42 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Lbd


Microsoft Office Sessions:
=========================
Error: (06/03/2012 09:58:00 AM) (Source: Application Error)(User: )
Description: 24097034

Error: (06/03/2012 09:36:11 AM) (Source: Application Error)(User: )
Description: 0.0.0.0unknown0.0.0.000000000

Error: (06/03/2012 09:36:03 AM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThe specified server cannot perform the requested operation.

Error: (06/03/2012 09:36:02 AM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThe specified server cannot perform the requested operation.

Error: (06/03/2012 09:35:58 AM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis operation returned because the timeout period expired.

Error: (06/02/2012 09:49:54 AM) (Source: Application Error)(User: )
Description: 24097034

Error: (06/02/2012 08:56:32 AM) (Source: Application Error)(User: )
Description: 0.0.0.0unknown0.0.0.000000000

Error: (06/01/2012 08:39:28 AM) (Source: Application Error)(User: )
Description: daemonu.exe1.4.28.0daemonu.exe1.4.28.00005f90b

Error: (05/31/2012 01:29:54 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 106735

Error: (05/31/2012 01:29:54 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 106735


=========================== Installed Programs ============================

602Pro PC SUITE 2001
ActivePerl 5.10.1 Build 1008 (Version: 5.10.1008)
Adobe AIR (Version: 1.5.3.9130)
Adobe Download Manager (Version: 1.6.2.63)
Adobe Flash Player 10 ActiveX (Version: 10.0.22.87)
Adobe Flash Player 11 Plugin (Version: 11.2.202.235)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Adobe Shockwave Player 11.6 (Version: 11.6.4.634)
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (Version: 2.1.3.127)
Aspell English Dictionary-0.50-2
Atlantis Nova
ATT-HSI
ATT-PRT22
BOINC (Version: 7.0.25)
Bonjour (Version: 3.0.0.10)
Canon i560
CBLight 2009 (Version: 2009)
Critical Update for Windows Media Player 11 (KB959772)
Defraggler (Version: 2.00)
DVD Suite
ESET NOD32 Antivirus (Version: 5.0.94.0)
ESET Online Scanner
EULAlyzer 2.1 (Version: 2.1.0)
Foldit
Free M4a to MP3 Converter 6.1
FXCM Micro Trading Station II
GNU Aspell 0.50-3
GoGear VIBE Device Manager (Version: 01.05)
Google Chrome (Version: 19.0.1084.52)
Google Update Helper (Version: 1.3.21.111)
GoToMeeting 4.0.0.320
High Definition Audio Driver Package - KB888111 (Version: 20040219.000000)
HourGuard Time Sheet
IrfanView (remove only) (Version: 4.32)
iTunes (Version: 10.6.1.7)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 31 (Version: 6.0.310)
Learn To Speak Spanish 8.1
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
McAfee Security Scan Plus (Version: 2.0.181.2)
Media Converter for Philips (Version: 2.5.2.191)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
mIRC (Version: 6.35)
Move Media Player
Mozilla Firefox 12.0 (x86 en-US) (Version: 12.0)
Mozilla Firefox 8.0 (x86 en-US) (Version: 8.0)
Mozilla Maintenance Service (Version: 12.0)
Mozilla Thunderbird (2.0.0.24) (Version: 2.0.0.24 (en-US))
NCH Toolbox
Note Attack v1.36
NVIDIA Control Panel 280.26 (Version: 280.26)
NVIDIA Drivers (Version: 1.10.62.40)
NVIDIA Graphics Driver 280.26 (Version: 280.26)
NVIDIA Install Application (Version: 2.1000.25.170)
NVIDIA nView 135.94 (Version: 135.94)
NVIDIA nView Desktop Manager (Version: 6.14.10.13594)
NVIDIA Update 1.4.28 (Version: 1.4.28)
NVIDIA Update Components (Version: 1.4.28)
OpenOffice.org 2.4 (Version: 2.4.9310)
Pando Media Booster (Version: 2.3.3.9)
Password Recovery Engine for Outlook Express (remove only) (Version: 1.3)
Playchess (Version: 1.00.000)
PowerDVD (Version: 7.0.2414.0)
PowerProducer
Python 2.6.4 (Version: 2.6.4150)
QuickTime (Version: 7.72.80.56)
Rapport (Version: 3.5.1108.78)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer (Version: 15.0.4)
Realtek High Definition Audio Driver (Version: 5.10.0.5345)
RealUpgrade 1.1 (Version: 1.1.0)
RJO Vantage (Version: 2.0.11.83)
RuntimeLibsVC05 (Version: 1.1.0)
SourceGear DiffMerge (Version: 3.3.0.18513)
Speccy (Version: 1.16)
Spybot - Search & Destroy (Version: 1.6.2)
Spybot - Search & Destroy 1.5.2.20
Startup Delayer v2.5 (build 138)
SumatraPDF 2.1.1 (Version: 2.1.1)
Switch Off (Version: 2.3)
swMSM (Version: 12.0.0.1)
thinkorswim
Trillian
TweakNow RegCleaner (Version: 4.7.1)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Windows (KB971513)
Update for Windows Internet Explorer 8 (KB2447568) (Version: 1)
Update for Windows Internet Explorer 8 (KB2598845) (Version: 1)
Update for Windows Internet Explorer 8 (KB968220) (Version: 1)
Update for Windows Internet Explorer 8 (KB975364) (Version: 1)
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
Update for Windows Internet Explorer 8 (KB976749) (Version: 1)
Update for Windows Internet Explorer 8 (KB980182) (Version: 1)
Update for Windows Internet Explorer 8 (KB980302) (Version: 1)
Update for Windows Internet Explorer 8 (KB982632) (Version: 1)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2492386) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB951072-v2) (Version: 2)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
VC 9.0 Runtime (Version: 1.0.0)
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
WebEx
WebFldrs XP (Version: 9.50.7523)
Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0) (Version: 05/27/2006 1.3.2.0)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Installer Clean Up (Version: 3.00.00.0000)
Windows Internet Explorer 7 (Version: 20070813.185237)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Format 11 runtime
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
Windows XP Service Pack 3 (Version: 20080414.031525)
XChat 2 (remove only)
XnView 1.98 (Version: 1.98)
Yahoo! Auto Outlook Import
Yahoo! BrowserPlus 2.9.8
Yahoo! Install Manager
Yahoo! Messenger
Yahoo! Music Jukebox (Version: 2.2.2.058)
Yahoo! Toolbar
ZoneAlarm Firewall (Version: 10.1.101.000)
ZoneAlarm Free (Version: 10.1.101.000)
ZoneAlarm LTD Toolbar
ZoneAlarm Security (Version: 10.1.101.000)
ZoneAlarm Security Toolbar
ZoneAlarm Spy Blocker

========================= Memory info: ===================================

Percentage of memory in use: 73%
Total physical RAM: 479.36 MB
Available physical RAM: 127.5 MB
Total Pagefile: 1275.42 MB
Available Pagefile: 578.93 MB
Total Virtual: 2047.88 MB
Available Virtual: 1967.42 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:74.53 GB) (Free:16.42 GB) NTFS
4 Drive e: () (Fixed) (Total:2.92 GB) (Free:1.71 GB) FAT32
5 Drive f: () (Fixed) (Total:3.98 GB) (Free:0.9 GB) FAT32
6 Drive g: () (Fixed) (Total:6.83 GB) (Free:4.63 GB) FAT32
7 Drive h: () (Fixed) (Total:4.88 GB) (Free:4.19 GB) FAT32

========================= Users: ========================================

User accounts for \\YOUR-EC0540D030

Administrator Bill Guest
HelpAssistant SUPPORT_388945a0 UpdatusUser


**** End of log ****

-----------------

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.06.03.05

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Bill :: YOUR-EC0540D030 [administrator]

6/3/2012 12:31:27 PM
mbam-log-2012-06-03 (12-31-27).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 242045
Time elapsed: 49 minute(s), 19 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

----------------

no reboot needed for TDS

no reboot needed.

13:36:38.0578 3040 TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16
13:36:40.0578 3040 ============================================================
13:36:40.0578 3040 Current date / time: 2012/06/03 13:36:40.0578
13:36:40.0578 3040 SystemInfo:
13:36:40.0578 3040
13:36:40.0578 3040 OS Version: 5.1.2600 ServicePack: 3.0
13:36:40.0578 3040 Product type: Workstation
13:36:40.0578 3040 ComputerName: YOUR-EC0540D030
13:36:40.0703 3040 UserName: Bill
13:36:40.0703 3040 Windows directory: C:\WINDOWS
13:36:40.0703 3040 System windows directory: C:\WINDOWS
13:36:40.0703 3040 Processor architecture: Intel x86
13:36:40.0703 3040 Number of processors: 2
13:36:40.0703 3040 Page size: 0x1000
13:36:40.0703 3040 Boot type: Normal boot
13:36:40.0703 3040 ============================================================
13:36:57.0500 3040 Drive \Device\Harddisk0\DR0 - Size: 0x4A94F0000 (18.65 Gb), SectorSize: 0x200, Cylinders: 0x982, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
13:36:57.0546 3040 Drive \Device\Harddisk1\DR1 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
13:36:57.0781 3040 ============================================================
13:36:57.0781 3040 \Device\Harddisk0\DR0:
13:36:57.0781 3040 MBR partitions:
13:36:57.0781 3040 \Device\Harddisk0\DR0\Partition0: MBR, Type 0xB, StartLBA 0x3F, BlocksNum 0x5DA3BF
13:36:57.0781 3040 \Device\Harddisk0\DR0\Partition1: MBR, Type 0xC, StartLBA 0x5DA3FE, BlocksNum 0xDAE73D
13:36:57.0781 3040 \Device\Harddisk0\DR0\Partition2: MBR, Type 0xC, StartLBA 0x1388B3B, BlocksNum 0x9C64FE
13:36:57.0796 3040 \Device\Harddisk0\DR0\Partition3: MBR, Type 0xB, StartLBA 0x1D4F078, BlocksNum 0x7FB68A
13:36:57.0796 3040 \Device\Harddisk1\DR1:
13:36:57.0843 3040 MBR partitions:
13:36:57.0843 3040 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x950E482
13:36:57.0843 3040 ============================================================
13:36:58.0062 3040 C: <-> \Device\Harddisk1\DR1\Partition0
13:36:58.0265 3040 E: <-> \Device\Harddisk0\DR0\Partition0
13:36:58.0281 3040 F: <-> \Device\Harddisk0\DR0\Partition3
13:36:58.0312 3040 G: <-> \Device\Harddisk0\DR0\Partition1
13:36:58.0312 3040 H: <-> \Device\Harddisk0\DR0\Partition2
13:36:58.0312 3040 ============================================================
13:36:58.0312 3040 Initialize success
13:36:58.0312 3040 ============================================================
13:37:22.0828 2792 ============================================================
13:37:22.0828 2792 Scan started
13:37:22.0828 2792 Mode: Manual;
13:37:22.0828 2792 ============================================================
13:37:27.0140 2792 Abiosdsk - ok
13:37:27.0250 2792 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
13:37:27.0421 2792 abp480n5 - ok
13:37:28.0750 2792 ACDaemon (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
13:37:29.0031 2792 ACDaemon - ok
13:37:29.0515 2792 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
13:37:29.0843 2792 ACPI - ok
13:37:30.0046 2792 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
13:37:30.0359 2792 ACPIEC - ok
13:37:33.0203 2792 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
13:37:33.0468 2792 AdobeFlashPlayerUpdateSvc - ok
13:37:34.0312 2792 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
13:37:34.0437 2792 adpu160m - ok
13:37:34.0875 2792 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
13:37:34.0953 2792 aec - ok
13:37:35.0125 2792 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
13:37:35.0281 2792 AFD - ok
13:37:35.0375 2792 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
13:37:35.0468 2792 agp440 - ok
13:37:35.0593 2792 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
13:37:35.0687 2792 agpCPQ - ok
13:37:35.0828 2792 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
13:37:35.0937 2792 Aha154x - ok
13:37:36.0718 2792 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
13:37:36.0953 2792 aic78u2 - ok
13:37:37.0734 2792 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
13:37:37.0906 2792 aic78xx - ok
13:37:38.0312 2792 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
13:37:38.0359 2792 Alerter - ok
13:37:38.0906 2792 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
13:37:38.0984 2792 ALG - ok
13:37:39.0093 2792 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
13:37:39.0187 2792 AliIde - ok
13:37:39.0390 2792 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
13:37:39.0578 2792 alim1541 - ok
13:37:39.0718 2792 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
13:37:39.0718 2792 amdagp - ok
13:37:39.0828 2792 AmdK8 (efbb0956baed786e137351b5ca272aef) C:\WINDOWS\system32\DRIVERS\AmdK8.sys
13:37:39.0843 2792 AmdK8 - ok
13:37:39.0937 2792 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
13:37:39.0968 2792 amsint - ok
13:37:40.0343 2792 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:37:40.0500 2792 Apple Mobile Device - ok
13:37:40.0531 2792 AppMgmt - ok
13:37:40.0718 2792 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
13:37:40.0828 2792 asc - ok
13:37:40.0968 2792 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
13:37:41.0015 2792 asc3350p - ok
13:37:41.0109 2792 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
13:37:41.0203 2792 asc3550 - ok
13:37:41.0203 2792 ASKService - ok
13:37:41.0500 2792 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
13:37:41.0968 2792 aspnet_state - ok
13:37:42.0109 2792 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
13:37:42.0218 2792 AsyncMac - ok
13:37:42.0281 2792 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
13:37:42.0296 2792 atapi - ok
13:37:42.0312 2792 Atdisk - ok
13:37:42.0390 2792 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
13:37:42.0421 2792 Atmarpc - ok
13:37:42.0562 2792 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
13:37:42.0593 2792 AudioSrv - ok
13:37:42.0656 2792 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
13:37:42.0671 2792 audstub - ok
13:37:42.0734 2792 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
13:37:42.0750 2792 Beep - ok
13:37:42.0968 2792 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
13:37:43.0703 2792 BITS - ok
13:37:43.0953 2792 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
13:37:44.0015 2792 Bonjour Service - ok
13:37:44.0140 2792 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
13:37:44.0156 2792 Browser - ok
13:37:44.0296 2792 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
13:37:44.0406 2792 cbidf - ok
13:37:44.0406 2792 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
13:37:44.0406 2792 cbidf2k - ok
13:37:44.0453 2792 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
13:37:44.0484 2792 cd20xrnt - ok
13:37:44.0578 2792 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
13:37:44.0609 2792 Cdaudio - ok
13:37:44.0718 2792 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
13:37:44.0796 2792 Cdfs - ok
13:37:44.0843 2792 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
13:37:44.0859 2792 Cdrom - ok
13:37:44.0859 2792 Changer - ok
13:37:44.0937 2792 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
13:37:44.0953 2792 CiSvc - ok
13:37:45.0062 2792 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
13:37:45.0093 2792 ClipSrv - ok
13:37:45.0312 2792 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:37:45.0734 2792 clr_optimization_v2.0.50727_32 - ok
13:37:45.0859 2792 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
13:37:45.0859 2792 CmdIde - ok
13:37:45.0875 2792 COMSysApp - ok
13:37:45.0921 2792 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
13:37:45.0968 2792 Cpqarray - ok
13:37:46.0125 2792 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
13:37:46.0140 2792 CryptSvc - ok
13:37:46.0328 2792 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
13:37:46.0390 2792 dac2w2k - ok
13:37:46.0468 2792 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
13:37:46.0500 2792 dac960nt - ok
13:37:46.0734 2792 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
13:37:46.0812 2792 DcomLaunch - ok
13:37:46.0953 2792 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
13:37:46.0953 2792 Dhcp - ok
13:37:47.0046 2792 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
13:37:47.0125 2792 Disk - ok
13:37:47.0125 2792 dmadmin - ok
13:37:47.0375 2792 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
13:37:47.0578 2792 dmboot - ok
13:37:47.0625 2792 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
13:37:47.0640 2792 dmio - ok
13:37:47.0750 2792 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
13:37:47.0781 2792 dmload - ok
13:37:47.0890 2792 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
13:37:48.0046 2792 dmserver - ok
13:37:48.0125 2792 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
13:37:48.0140 2792 DMusic - ok
13:37:48.0234 2792 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
13:37:48.0343 2792 Dnscache - ok
13:37:48.0500 2792 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
13:37:48.0625 2792 Dot3svc - ok
13:37:48.0734 2792 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
13:37:48.0750 2792 dpti2o - ok
13:37:48.0796 2792 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
13:37:48.0812 2792 drmkaud - ok
13:37:49.0046 2792 eamon (9309c5c9831203436e64cf2ae605c5d7) C:\WINDOWS\system32\DRIVERS\eamon.sys
13:37:49.0187 2792 eamon - ok
13:37:49.0265 2792 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
13:37:49.0265 2792 EapHost - ok
13:37:49.0468 2792 ehdrv (deff87f04ab5f6dd5edf2b80853bbe10) C:\WINDOWS\system32\DRIVERS\ehdrv.sys
13:37:49.0484 2792 ehdrv - ok
13:37:50.0375 2792 ekrn (c7bb95cf9631aa401e4aded1648f6af7) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
13:37:50.0859 2792 ekrn - ok
13:37:51.0312 2792 epfwtdir (06c65ac0a703cf8eea4f284d901a1550) C:\WINDOWS\system32\DRIVERS\epfwtdir.sys
13:37:51.0406 2792 epfwtdir - ok
13:37:51.0625 2792 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
13:37:51.0640 2792 ERSvc - ok
13:37:51.0687 2792 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
13:37:51.0687 2792 Eventlog - ok
13:37:52.0031 2792 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
13:37:52.0093 2792 EventSystem - ok
13:37:52.0312 2792 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
13:37:52.0421 2792 Fastfat - ok
13:37:52.0531 2792 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
13:37:52.0546 2792 FastUserSwitchingCompatibility - ok
13:37:52.0609 2792 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
13:37:52.0625 2792 Fdc - ok
13:37:52.0703 2792 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
13:37:52.0750 2792 Fips - ok
13:37:52.0812 2792 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
13:37:52.0843 2792 Flpydisk - ok
13:37:53.0031 2792 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
13:37:53.0125 2792 FltMgr - ok
13:37:53.0531 2792 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
13:37:53.0625 2792 FontCache3.0.0.0 - ok
13:37:53.0703 2792 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
13:37:53.0734 2792 Fs_Rec - ok
13:37:53.0953 2792 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
13:37:54.0046 2792 Ftdisk - ok
13:37:54.0125 2792 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
13:37:54.0281 2792 GEARAspiWDM - ok
13:37:54.0968 2792 getPlusHelper (360fc9e29ebcd7cb75320e2663eba0f2) C:\Program Files\NOS\bin\getPlus_Helper.dll
13:37:55.0078 2792 getPlusHelper - ok
13:37:55.0078 2792 GMSIPCI - ok
13:37:55.0234 2792 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
13:37:55.0406 2792 Gpc - ok
13:37:55.0765 2792 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
13:37:56.0015 2792 gupdate - ok
13:37:56.0046 2792 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
13:37:56.0046 2792 gupdatem - ok
13:37:57.0218 2792 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
13:37:57.0375 2792 HDAudBus - ok
13:37:57.0812 2792 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
13:37:57.0843 2792 helpsvc - ok
13:37:57.0890 2792 HidServ - ok
13:37:58.0734 2792 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
13:37:58.0828 2792 hkmsvc - ok
13:37:59.0171 2792 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
13:37:59.0281 2792 hpn - ok
13:38:00.0703 2792 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
13:38:01.0000 2792 HTTP - ok
13:38:01.0187 2792 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
13:38:01.0296 2792 HTTPFilter - ok
13:38:01.0437 2792 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
13:38:01.0609 2792 i2omgmt - ok
13:38:01.0750 2792 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
13:38:01.0796 2792 i2omp - ok
13:38:02.0265 2792 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
13:38:02.0421 2792 i8042prt - ok
13:38:05.0718 2792 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
13:38:06.0500 2792 idsvc - ok
13:38:06.0656 2792 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
13:38:06.0671 2792 Imapi - ok
13:38:07.0046 2792 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
13:38:07.0171 2792 ImapiService - ok
13:38:07.0328 2792 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
13:38:07.0437 2792 ini910u - ok
13:38:59.0515 2792 IntcAzAudAddService (001aaca6ed0e6b00fc5b8faf74977e81) C:\WINDOWS\system32\drivers\RtkHDAud.sys
13:39:04.0578 2792 IntcAzAudAddService - ok
13:39:21.0218 2792 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
13:39:22.0062 2792 IntelIde - ok
13:39:23.0312 2792 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
13:39:23.0656 2792 Ip6Fw - ok
13:39:24.0781 2792 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
13:39:25.0437 2792 IpFilterDriver - ok
13:39:26.0078 2792 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
13:39:26.0500 2792 IpInIp - ok
13:39:29.0937 2792 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
13:39:30.0187 2792 IpNat - ok
13:39:49.0250 2792 iPod Service (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe
13:39:50.0859 2792 iPod Service - ok
13:39:52.0593 2792 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
13:39:53.0187 2792 IPSec - ok
13:39:53.0500 2792 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
13:39:54.0109 2792 IRENUM - ok
13:39:54.0890 2792 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
13:39:55.0234 2792 isapnp - ok
13:39:56.0500 2792 ISWKL (d068bf274c6fc880e43d7b4a7740c451) C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys
13:39:57.0484 2792 ISWKL - ok
13:40:02.0437 2792 IswSvc (02ddbb7a11f5ecc1da782790e3f57cef) C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
13:40:02.0765 2792 IswSvc - ok
13:40:03.0359 2792 JavaQuickStarterService (0a5709543986843d37a92290b7838340) C:\Program Files\Java\jre6\bin\jqs.exe
13:40:03.0578 2792 JavaQuickStarterService - ok
13:40:03.0812 2792 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
13:40:03.0937 2792 Kbdclass - ok
13:40:04.0187 2792 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
13:40:04.0281 2792 kmixer - ok
13:40:05.0000 2792 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
13:40:05.0109 2792 KSecDD - ok
13:40:06.0078 2792 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
13:40:06.0312 2792 lanmanserver - ok
13:40:07.0093 2792 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
13:40:07.0375 2792 lanmanworkstation - ok
13:40:07.0593 2792 Lavasoft Kernexplorer - ok
13:40:07.0593 2792 Lbd - ok
13:40:07.0625 2792 lbrtfdc - ok
13:40:07.0796 2792 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
13:40:07.0937 2792 LmHosts - ok
13:40:09.0515 2792 McciCMService (fb4125937b07247e236bdb49b91102bf) C:\Program Files\Common Files\Motive\McciCMService.exe
13:40:10.0062 2792 McciCMService - ok
13:40:11.0156 2792 McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
13:40:11.0625 2792 McComponentHostService - ok
13:40:11.0984 2792 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
13:40:12.0078 2792 Messenger - ok
13:40:12.0156 2792 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
13:40:12.0296 2792 mnmdd - ok
13:40:12.0546 2792 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
13:40:12.0687 2792 mnmsrvc - ok
13:40:12.0984 2792 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
13:40:13.0078 2792 Modem - ok
13:40:13.0203 2792 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
13:40:13.0296 2792 Mouclass - ok
13:40:13.0453 2792 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
13:40:13.0468 2792 MountMgr - ok
13:40:14.0484 2792 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
13:40:14.0890 2792 MozillaMaintenance - ok
13:40:15.0109 2792 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
13:40:15.0312 2792 mraid35x - ok
13:40:16.0031 2792 MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
13:40:16.0359 2792 MREMP50 - ok
13:40:16.0390 2792 MREMP50a64 - ok
13:40:16.0406 2792 MREMPR5 - ok
13:40:16.0453 2792 MRENDIS5 - ok
13:40:16.0812 2792 MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
13:40:16.0937 2792 MRESP50 - ok
13:40:16.0937 2792 MRESP50a64 - ok
13:40:18.0734 2792 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
13:40:18.0843 2792 MRxDAV - ok
13:40:20.0703 2792 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
13:40:21.0000 2792 MRxSmb - ok
13:40:21.0156 2792 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
13:40:21.0265 2792 MSDTC - ok
13:40:21.0390 2792 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
13:40:21.0406 2792 Msfs - ok
13:40:21.0406 2792 MSICPL - ok
13:40:21.0437 2792 MSIServer - ok
13:40:21.0546 2792 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
13:40:21.0609 2792 MSKSSRV - ok
13:40:21.0687 2792 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
13:40:21.0875 2792 MSPCLOCK - ok
13:40:21.0953 2792 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
13:40:21.0968 2792 MSPQM - ok
13:40:22.0140 2792 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
13:40:22.0203 2792 mssmbios - ok
13:40:23.0140 2792 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
13:40:23.0421 2792 Mup - ok
13:40:25.0859 2792 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
13:40:26.0203 2792 napagent - ok
13:40:27.0640 2792 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
13:40:27.0921 2792 NDIS - ok
13:40:28.0125 2792 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
13:40:28.0390 2792 NdisTapi - ok
13:40:28.0656 2792 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
13:40:29.0062 2792 Ndisuio - ok
13:40:30.0453 2792 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
13:40:30.0687 2792 NdisWan - ok
13:40:30.0828 2792 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
13:40:30.0875 2792 NDProxy - ok
13:40:31.0203 2792 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
13:40:31.0250 2792 NetBIOS - ok
13:40:31.0796 2792 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
13:40:31.0875 2792 NetBT - ok
13:40:32.0671 2792 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
13:40:32.0765 2792 NetDDE - ok
13:40:32.0781 2792 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
13:40:32.0781 2792 NetDDEdsdm - ok
13:40:32.0906 2792 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
13:40:32.0953 2792 Netlogon - ok
13:40:33.0453 2792 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
13:40:33.0640 2792 Netman - ok
13:40:34.0328 2792 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:40:34.0703 2792 NetTcpPortSharing - ok
13:40:35.0062 2792 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
13:40:35.0156 2792 Nla - ok
13:40:35.0312 2792 NMIndexingService - ok
13:40:35.0484 2792 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
13:40:35.0593 2792 Npfs - ok
13:40:35.0593 2792 NTACCESS - ok
13:40:36.0265 2792 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
13:40:36.0468 2792 Ntfs - ok
13:40:36.0531 2792 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
13:40:36.0531 2792 NtLmSsp - ok
13:40:37.0718 2792 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
13:40:38.0171 2792 NtmsSvc - ok
13:40:38.0312 2792 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
13:40:38.0328 2792 Null - ok
13:40:51.0515 2792 nv (6733e80a193fc36f41c24142b0c45c0e) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
13:40:57.0046 2792 nv - ok
13:40:58.0046 2792 nvata (947c4a0e7b25bcecc3b40f0f1070378b) C:\WINDOWS\system32\DRIVERS\nvata.sys
13:40:58.0093 2792 nvata - ok
13:40:58.0140 2792 NVENETFD (7d275ecda4628318912f6c945d5cf963) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
13:40:58.0140 2792 NVENETFD - ok
13:40:58.0187 2792 nvnetbus (b64aacefad2be5bff5353fe681253c67) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
13:40:58.0218 2792 nvnetbus - ok
13:40:58.0468 2792 NVSvc (2e6ed9fe65a9b3ec606603ed0f33dd7d) C:\WINDOWS\system32\nvsvc32.exe
13:40:58.0593 2792 NVSvc - ok
13:41:01.0312 2792 nvUpdatusService (3c09cc7992a8adecd1fddfd5d8e69bae) C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
13:41:02.0140 2792 nvUpdatusService - ok
13:41:02.0781 2792 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
13:41:02.0796 2792 NwlnkFlt - ok
13:41:02.0906 2792 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
13:41:02.0937 2792 NwlnkFwd - ok
13:41:03.0093 2792 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
13:41:03.0171 2792 Parport - ok
13:41:03.0187 2792 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
13:41:03.0187 2792 PartMgr - ok
13:41:03.0234 2792 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
13:41:03.0234 2792 ParVdm - ok
13:41:03.0250 2792 PCAMPR5 - ok
13:41:03.0281 2792 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
13:41:03.0328 2792 PCI - ok
13:41:03.0328 2792 PCIDump - ok
13:41:03.0390 2792 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
13:41:03.0390 2792 PCIIde - ok
13:41:03.0421 2792 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
13:41:03.0437 2792 Pcmcia - ok
13:41:03.0437 2792 PDCOMP - ok
13:41:03.0453 2792 PDFRAME - ok
13:41:03.0453 2792 PDRELI - ok
13:41:03.0468 2792 PDRFRAME - ok
13:41:03.0484 2792 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
13:41:03.0578 2792 perc2 - ok
13:41:03.0593 2792 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
13:41:03.0609 2792 perc2hib - ok
13:41:03.0656 2792 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
13:41:03.0671 2792 PlugPlay - ok
13:41:03.0671 2792 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
13:41:03.0671 2792 PolicyAgent - ok
13:41:03.0734 2792 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
13:41:03.0734 2792 PptpMiniport - ok
13:41:03.0812 2792 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
13:41:03.0812 2792 Processor - ok
13:41:03.0828 2792 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
13:41:03.0828 2792 ProtectedStorage - ok
13:41:03.0828 2792 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
13:41:03.0828 2792 PSched - ok
13:41:03.0890 2792 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
13:41:03.0921 2792 Ptilink - ok
13:41:03.0984 2792 PxHelp20 (1962166e0ceb740704f30fa55ad3d509) C:\WINDOWS\system32\Drivers\PxHelp20.sys
13:41:03.0984 2792 PxHelp20 - ok
13:41:04.0031 2792 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
13:41:04.0093 2792 ql1080 - ok
13:41:04.0140 2792 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
13:41:04.0140 2792 Ql10wnt - ok
13:41:04.0140 2792 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
13:41:04.0156 2792 ql12160 - ok
13:41:04.0250 2792 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
13:41:04.0250 2792 ql1240 - ok
13:41:04.0343 2792 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
13:41:04.0390 2792 ql1280 - ok
13:41:04.0609 2792 RapportCerberus_34302 (6b6f0a77365667912360ff1d5e984f25) C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\34302\RapportCerberus32_34302.sys
13:41:04.0671 2792 RapportCerberus_34302 - ok
13:41:04.0828 2792 RapportEI (817ab6c6577d662cadbf25a1a6e7098a) C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys
13:41:04.0828 2792 RapportEI - ok
13:41:04.0937 2792 RapportIaso (35199ec35edc7dcba71fda711dfb05c0) c:\documents and settings\all users\application data\trusteer\rapport\store\exts\rapportms\39624\rapportiaso.sys
13:41:04.0937 2792 RapportIaso - ok
13:41:05.0046 2792 RapportMgmtService (9f1dde87a28ef6992d4a0d50a863e87c) C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
13:41:05.0078 2792 RapportMgmtService - ok
13:41:05.0140 2792 RapportPG (0b1a027833a920ce8eaf9ff2c4d074b5) C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys
13:41:05.0140 2792 RapportPG - ok
13:41:05.0234 2792 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
13:41:05.0234 2792 RasAcd - ok
13:41:05.0265 2792 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
13:41:05.0281 2792 RasAuto - ok
13:41:05.0328 2792 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
13:41:05.0328 2792 Rasl2tp - ok
13:41:05.0390 2792 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
13:41:05.0406 2792 RasMan - ok
13:41:05.0453 2792 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
13:41:05.0500 2792 RasPppoe - ok
13:41:05.0546 2792 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
13:41:05.0546 2792 Raspti - ok
13:41:05.0609 2792 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
13:41:05.0609 2792 Rdbss - ok
13:41:05.0656 2792 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
13:41:05.0656 2792 RDPCDD - ok
13:41:05.0890 2792 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
13:41:05.0890 2792 rdpdr - ok
13:41:05.0968 2792 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
13:41:05.0984 2792 RDPWD - ok
13:41:06.0015 2792 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
13:41:06.0031 2792 RDSessMgr - ok
13:41:06.0078 2792 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
13:41:06.0078 2792 redbook - ok
13:41:06.0125 2792 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
13:41:06.0125 2792 RemoteAccess - ok
13:41:06.0265 2792 RichVideo (bd517c7fb119997effbe39d5e4b37b05) C:\Program Files\CyberLink\Shared Files\RichVideo.exe
13:41:06.0296 2792 RichVideo - ok
13:41:06.0328 2792 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
13:41:06.0328 2792 RpcLocator - ok
13:41:06.0375 2792 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
13:41:06.0406 2792 RpcSs - ok
13:41:06.0453 2792 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
13:41:06.0453 2792 RSVP - ok
13:41:06.0484 2792 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
13:41:06.0531 2792 rtl8139 - ok
13:41:06.0593 2792 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
13:41:06.0593 2792 SamSs - ok
13:41:06.0640 2792 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
13:41:06.0750 2792 SCardSvr - ok
13:41:06.0812 2792 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
13:41:06.0859 2792 Schedule - ok
13:41:06.0921 2792 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
13:41:06.0953 2792 Secdrv - ok
13:41:07.0000 2792 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
13:41:07.0031 2792 seclogon - ok
13:41:07.0093 2792 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
13:41:07.0093 2792 SENS - ok
13:41:07.0140 2792 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
13:41:07.0140 2792 serenum - ok
13:41:07.0203 2792 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
13:41:07.0203 2792 Serial - ok
13:41:07.0234 2792 SetupNTGLM7X - ok
13:41:07.0281 2792 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
13:41:07.0328 2792 Sfloppy - ok
13:41:07.0359 2792 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
13:41:07.0375 2792 SharedAccess - ok
13:41:07.0437 2792 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
13:41:07.0453 2792 ShellHWDetection - ok
13:41:07.0453 2792 Simbad - ok
13:41:07.0500 2792 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
13:41:07.0500 2792 sisagp - ok
13:41:07.0546 2792 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
13:41:07.0546 2792 Sparrow - ok
13:41:07.0578 2792 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
13:41:07.0578 2792 splitter - ok
13:41:07.0609 2792 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
13:41:07.0609 2792 Spooler - ok
13:41:07.0671 2792 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
13:41:07.0671 2792 sr - ok
13:41:07.0671 2792 srescan - ok
13:41:07.0734 2792 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
13:41:07.0750 2792 srservice - ok
13:41:07.0843 2792 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
13:41:07.0906 2792 Srv - ok
13:41:07.0953 2792 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
13:41:07.0968 2792 SSDPSRV - ok
13:41:08.0015 2792 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
13:41:08.0046 2792 stisvc - ok
13:41:08.0078 2792 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
13:41:08.0078 2792 swenum - ok
13:41:08.0109 2792 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
13:41:08.0140 2792 swmidi - ok
13:41:08.0156 2792 SwPrv - ok
13:41:08.0187 2792 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
13:41:08.0218 2792 symc810 - ok
13:41:08.0250 2792 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
13:41:08.0250 2792 symc8xx - ok
13:41:08.0281 2792 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
13:41:08.0312 2792 sym_hi - ok
13:41:08.0328 2792 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
13:41:08.0328 2792 sym_u3 - ok
13:41:08.0375 2792 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
13:41:08.0375 2792 sysaudio - ok
13:41:08.0484 2792 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
13:41:08.0500 2792 SysmonLog - ok
13:41:08.0562 2792 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
13:41:08.0578 2792 TapiSrv - ok
13:41:08.0640 2792 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
13:41:08.0656 2792 Tcpip - ok
13:41:08.0703 2792 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
13:41:08.0718 2792 TDPIPE - ok
13:41:08.0718 2792 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
13:41:08.0718 2792 TDTCP - ok
13:41:08.0765 2792 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
13:41:08.0765 2792 TermDD - ok
13:41:08.0828 2792 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
13:41:08.0843 2792 TermService - ok
13:41:08.0906 2792 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
13:41:08.0906 2792 Themes - ok
13:41:08.0937 2792 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
13:41:08.0968 2792 TosIde - ok
13:41:09.0000 2792 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
13:41:09.0015 2792 TrkWks - ok
13:41:09.0062 2792 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
13:41:09.0093 2792 Udfs - ok
13:41:09.0140 2792 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
13:41:09.0140 2792 ultra - ok
13:41:09.0187 2792 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
13:41:09.0203 2792 Update - ok
13:41:09.0281 2792 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
13:41:09.0296 2792 upnphost - ok
13:41:09.0312 2792 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
13:41:09.0328 2792 UPS - ok
13:41:09.0359 2792 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
13:41:09.0359 2792 usbehci - ok
13:41:09.0375 2792 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
13:41:09.0437 2792 usbhub - ok
13:41:09.0453 2792 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
13:41:09.0515 2792 usbohci - ok
13:41:09.0562 2792 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
13:41:09.0562 2792 VgaSave - ok
13:41:09.0593 2792 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
13:41:09.0671 2792 viaagp - ok
13:41:09.0687 2792 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
13:41:09.0718 2792 ViaIde - ok
13:41:09.0765 2792 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
13:41:09.0765 2792 VolSnap - ok
13:41:09.0843 2792 Vsdatant (265c7cb9611e8ce0e9115cda45f109b2) C:\WINDOWS\system32\vsdatant.sys
13:41:09.0921 2792 Vsdatant - ok
13:41:10.0031 2792 vsmon - ok
13:41:10.0578 2792 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
13:41:10.0656 2792 VSS - ok
13:41:10.0703 2792 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
13:41:10.0718 2792 W32Time - ok
13:41:10.0750 2792 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
13:41:10.0765 2792 Wanarp - ok
13:41:10.0765 2792 WDICA - ok
13:41:10.0828 2792 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
13:41:10.0843 2792 wdmaud - ok
13:41:10.0906 2792 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
13:41:10.0906 2792 WebClient - ok
13:41:11.0031 2792 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
13:41:11.0046 2792 winmgmt - ok
13:41:11.0109 2792 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
13:41:11.0109 2792 WmdmPmSN - ok
13:41:11.0140 2792 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
13:41:11.0203 2792 WmiApSrv - ok
13:41:11.0265 2792 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe
13:41:11.0328 2792 WMPNetworkSvc - ok
13:41:11.0390 2792 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
13:41:11.0406 2792 WpdUsb - ok
13:41:11.0468 2792 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
13:41:11.0484 2792 wscsvc - ok
13:41:11.0515 2792 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
13:41:11.0562 2792 wuauserv - ok
13:41:11.0593 2792 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
13:41:11.0671 2792 WudfPf - ok
13:41:11.0703 2792 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
13:41:11.0750 2792 WudfRd - ok
13:41:11.0781 2792 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
13:41:11.0781 2792 WudfSvc - ok
13:41:11.0843 2792 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
13:41:11.0875 2792 WZCSVC - ok
13:41:11.0921 2792 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
13:41:11.0921 2792 xmlprov - ok
13:41:11.0953 2792 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
13:41:12.0281 2792 \Device\Harddisk0\DR0 - ok
13:41:12.0312 2792 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
13:41:12.0609 2792 \Device\Harddisk1\DR1 - ok
13:41:12.0609 2792 Boot (0x1200) (96ee647596561472f7d48b566e0b8fbb) \Device\Harddisk0\DR0\Partition0
13:41:12.0609 2792 \Device\Harddisk0\DR0\Partition0 - ok
13:41:12.0625 2792 Boot (0x1200) (8ba1571027d8884b6272e135bc965cb3) \Device\Harddisk0\DR0\Partition1
13:41:12.0625 2792 \Device\Harddisk0\DR0\Partition1 - ok
13:41:12.0656 2792 Boot (0x1200) (4e2fa2c3d93e531c16f9b0ea28258359) \Device\Harddisk0\DR0\Partition2
13:41:12.0656 2792 \Device\Harddisk0\DR0\Partition2 - ok
13:41:12.0671 2792 Boot (0x1200) (094134d10d8160fd7154680ddbc17071) \Device\Harddisk0\DR0\Partition3
13:41:12.0671 2792 \Device\Harddisk0\DR0\Partition3 - ok
13:41:12.0671 2792 Boot (0x1200) (01d8f241c4314c1cff1b6682a6cb2c72) \Device\Harddisk1\DR1\Partition0
13:41:12.0671 2792 \Device\Harddisk1\DR1\Partition0 - ok
13:41:12.0671 2792 ============================================================
13:41:12.0671 2792 Scan finished
13:41:12.0671 2792 ============================================================
13:41:12.0734 2752 Detected object count: 0
13:41:12.0734 2752 Actual detected object count: 0

---------------

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-06-03 14:01:13
-----------------------------
14:01:13.812 OS Version: Windows 5.1.2600 Service Pack 3
14:01:13.812 Number of processors: 2 586 0x4B02
14:01:13.812 ComputerName: YOUR-EC0540D030 UserName: Bill
14:02:17.062 Initialize success
14:04:01.218 Disk 0 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
14:04:01.234 Disk 0 Vendor: WDC_WD200BB-00DEA0 05.03E05 Size: 19092MB BusType: 3
14:04:01.234 Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\00000066
14:04:01.234 Disk 1 Vendor: WDC_WD800JD-00MSA1 10.01E01 Size: 76319MB BusType: 3
14:04:01.328 Disk 1 MBR read successfully
14:04:01.328 Disk 1 MBR scan
14:04:01.328 Disk 1 Windows XP default MBR code
14:04:01.406 Disk 1 Partition 1 80 (A) 07 HPFS/NTFS NTFS 76316 MB offset 63
14:04:01.468 Disk 1 scanning sectors +156296385
14:04:02.109 Disk 1 scanning C:\WINDOWS\system32\drivers
14:04:46.718 Service scanning
14:05:00.671 Service GMSIPCI D:\INSTALL\GMSIPCI.SYS **LOCKED** 21
14:05:24.734 Service MSICPL D:\install4\MSICPL.sys **LOCKED** 21
14:05:32.828 Service NTACCESS D:\NTACCESS.sys **LOCKED** 21
14:05:44.140 Service SetupNTGLM7X D:\NTGLM7X.sys **LOCKED** 21
14:05:52.125 Modules scanning
14:06:25.796 Disk 1 trace - called modules:
14:06:25.828 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll nvata.sys
14:06:25.828 1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0x858abab8]
14:06:25.859 3 CLASSPNP.SYS[f74c7fd7] -> nt!IofCallDriver -> \Device\00000068[0x858ae508]
14:06:25.859 5 ACPI.sys[f735e620] -> nt!IofCallDriver -> \Device\00000066[0x8588f030]
14:06:25.875 Scan finished successfully
14:11:32.562 Disk 1 MBR has been saved successfully to "C:\Documents and Settings\Bill\Desktop\MBR.dat"
14:11:32.625 The log file has been saved successfully to "C:\Documents and Settings\Bill\Desktop\aswMBR.txt"

The Services Error still exists?

On answMBR I clicked no for download Avast definitions. Should I rerun and click yes?