Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

BLUE SCREEN OF DEATH AFTER DOWNLOAD


  • Please log in to reply
8 replies to this topic

#1 drukore

drukore

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Local time:11:48 AM

Posted 16 January 2012 - 09:33 PM

Hey,

So I messed up and clicked a dumb link and got the Blue Screen. In safe mode it's ok (like right now) but normal mode it keeps crashing into BSOD. No idea what to do!!!! I'm pretty sure I got a nasty bug or something because it was working just fine earlier. Shame on me.

Anyways, thank you in advance for your prompt response. I await instructions.

BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,660 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:09:48 AM

Posted 16 January 2012 - 09:44 PM

Download Security Check from HERE, and save it to your Desktop.

* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.

=============================================================================

Please download Farbar Service Scanner and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

====================================================================================

Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size
Click Go and post the result.

=============================================================================

Download Malwarebytes' Anti-Malware (aka MBAM): https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/ to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

=============================================================================

Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
Click the "Scan" button to start scan.
On completion of the scan click "Save log", save it to your desktop and post in your next reply.

NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#3 drukore

drukore
  • Topic Starter

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Local time:11:48 AM

Posted 16 January 2012 - 11:25 PM

Ok sir here are the logs. Attached and posted..

MINITOOL:
MiniToolBox by Farbar
Ran by Andru Brozovich (administrator) on 16-01-2012 at 19:12:19
Microsoft Windows XP Service Pack 2 (X86)

***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

"network.proxy.http", "127.0.0.1"
"network.proxy.http_port", 49455
========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection 2"

set address name="Local Area Connection 2" source=dhcp
set dns name="Local Area Connection 2" source=dhcp register=PRIMARY
set wins name="Local Area Connection 2" source=dhcp


popd
# End of interface IP configuration


Windows IP Configuration Host Name . . . . . . . . . . . . : Kore1 Primary Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Hybrid IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No Ethernet adapter Local Area Connection 2: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Intel® PRO/100 VE Network Connection Physical Address. . . . . . . . . : 00-13-72-B6-06-11 Dhcp Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes IP Address. . . . . . . . . . . . : 192.168.15.95 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.15.1 DHCP Server . . . . . . . . . . . : 192.168.15.1 DNS Servers . . . . . . . . . . . : 192.168.15.1 Lease Obtained. . . . . . . . . . : Monday, January 16, 2012 6:49:59 PM Lease Expires . . . . . . . . . . : Monday, January 16, 2012 7:49:59 PM Server: WiMaxCPE
Address: 192.168.15.1

Name: google.com
Addresses: 74.125.53.105, 74.125.53.104, 74.125.53.103, 74.125.53.106
74.125.53.147, 74.125.53.99

Pinging google.com [74.125.53.99] with 32 bytes of data: Reply from 74.125.53.99: bytes=32 time=69ms TTL=53 Reply from 74.125.53.99: bytes=32 time=88ms TTL=53 Ping statistics for 74.125.53.99: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 69ms, Maximum = 88ms, Average = 78ms Server: WiMaxCPE
Address: 192.168.15.1

Name: yahoo.com
Addresses: 209.191.122.70, 98.137.149.56, 98.139.180.149, 72.30.2.43

Pinging yahoo.com [72.30.2.43] with 32 bytes of data: Reply from 72.30.2.43: bytes=32 time=70ms TTL=55 Reply from 72.30.2.43: bytes=32 time=75ms TTL=55 Ping statistics for 72.30.2.43: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 70ms, Maximum = 75ms, Average = 72ms Pinging 127.0.0.1 with 32 bytes of data: Reply from 127.0.0.1: bytes=32 time<1ms TTL=128 Reply from 127.0.0.1: bytes=32 time<1ms TTL=128 Ping statistics for 127.0.0.1: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms ===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 13 72 b6 06 11 ...... Intel® PRO/100 VE Network Connection
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.15.1 192.168.15.95 20
23.3.105.9 255.255.255.255 192.168.15.1 192.168.15.95 20
50.16.81.34 255.255.255.255 192.168.15.1 192.168.15.95 20
50.23.104.106 255.255.255.255 192.168.15.1 192.168.15.95 20
50.23.125.62 255.255.255.255 192.168.15.1 192.168.15.95 20
50.57.162.210 255.255.255.255 192.168.15.1 192.168.15.95 20
50.97.209.196 255.255.255.255 192.168.15.1 192.168.15.95 20
64.13.115.104 255.255.255.255 192.168.15.1 192.168.15.95 20
64.13.115.112 255.255.255.255 192.168.15.1 192.168.15.95 20
64.69.13.116 255.255.255.255 192.168.15.1 192.168.15.95 20
64.94.107.40 255.255.255.255 192.168.15.1 192.168.15.95 20
64.124.194.46 255.255.255.255 192.168.15.1 192.168.15.95 20
64.124.194.51 255.255.255.255 192.168.15.1 192.168.15.95 20
64.150.182.250 255.255.255.255 192.168.15.1 192.168.15.95 20
64.210.61.143 255.255.255.255 192.168.15.1 192.168.15.95 20
64.236.79.229 255.255.255.255 192.168.15.1 192.168.15.95 20
65.242.27.32 255.255.255.255 192.168.15.1 192.168.15.95 20
66.45.56.124 255.255.255.255 192.168.15.1 192.168.15.95 20
66.94.240.25 255.255.255.255 192.168.15.1 192.168.15.95 20
66.128.12.60 255.255.255.255 192.168.15.1 192.168.15.95 20
66.228.43.236 255.255.255.255 192.168.15.1 192.168.15.95 20
67.201.31.163 255.255.255.255 192.168.15.1 192.168.15.95 20
67.205.94.139 255.255.255.255 192.168.15.1 192.168.15.95 20
69.64.248.20 255.255.255.255 192.168.15.1 192.168.15.95 20
69.164.192.90 255.255.255.255 192.168.15.1 192.168.15.95 20
72.21.91.33 255.255.255.255 192.168.15.1 192.168.15.95 20
72.52.108.162 255.255.255.255 192.168.15.1 192.168.15.95 20
74.125.45.99 255.255.255.255 192.168.15.1 192.168.15.95 20
74.125.45.100 255.255.255.255 192.168.15.1 192.168.15.95 20
74.207.249.90 255.255.255.255 192.168.15.1 192.168.15.95 20
96.17.15.107 255.255.255.255 192.168.15.1 192.168.15.95 20
98.142.98.190 255.255.255.255 192.168.15.1 192.168.15.95 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
173.192.17.190 255.255.255.255 192.168.15.1 192.168.15.95 20
173.193.0.66 255.255.255.255 192.168.15.1 192.168.15.95 20
173.194.33.13 255.255.255.255 192.168.15.1 192.168.15.95 20
173.194.33.27 255.255.255.255 192.168.15.1 192.168.15.95 20
173.230.136.166 255.255.255.255 192.168.15.1 192.168.15.95 20
173.231.140.252 255.255.255.255 192.168.15.1 192.168.15.95 20
174.35.52.132 255.255.255.255 192.168.15.1 192.168.15.95 20
184.28.155.55 255.255.255.255 192.168.15.1 192.168.15.95 20
184.73.46.94 255.255.255.255 192.168.15.1 192.168.15.95 20
192.168.15.0 255.255.255.0 192.168.15.95 192.168.15.95 20
192.168.15.95 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.15.255 255.255.255.255 192.168.15.95 192.168.15.95 20
199.38.166.150 255.255.255.255 192.168.15.1 192.168.15.95 20
199.38.166.155 255.255.255.255 192.168.15.1 192.168.15.95 20
204.93.138.187 255.255.255.255 192.168.15.1 192.168.15.95 20
208.43.6.138 255.255.255.255 192.168.15.1 192.168.15.95 20
209.190.106.126 255.255.255.255 192.168.15.1 192.168.15.95 20
216.137.35.150 255.255.255.255 192.168.15.1 192.168.15.95 20
216.223.0.209 255.255.255.255 192.168.15.1 192.168.15.95 20
224.0.0.0 240.0.0.0 192.168.15.95 192.168.15.95 20
255.255.255.255 255.255.255.255 192.168.15.95 192.168.15.95 1
Default Gateway: 192.168.15.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\rsvpsp.dll [90112] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\rsvpsp.dll [90112] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/14/2012 02:28:55 PM) (Source: Application Hang) (User: )
Description: Hanging application firefox.exe, version 9.0.1.4371, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (01/03/2012 04:17:05 PM) (Source: Application Error) (User: )
Description: Faulting application photoshop.exe, version 12.0.0.0, faulting module adobeswfl.dll, version 2.0.0.7489, fault address 0x00013db9.
Processing media-specific event for [photoshop.exe!ws!]

Error: (01/02/2012 08:33:55 PM) (Source: Application Error) (User: )
Description: Faulting application photoshop.exe, version 12.0.0.0, faulting module adobeswfl.dll, version 2.0.0.7489, fault address 0x00013db9.
Processing media-specific event for [photoshop.exe!ws!]

Error: (12/26/2011 11:45:25 PM) (Source: Application Hang) (User: )
Description: Hanging application mbam.exe, version 1.51.0.1118, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (12/26/2011 11:45:07 PM) (Source: Application Error) (User: )
Description: Faulting application mbam.exe, version 1.51.0.1118, faulting module unknown, version 0.0.0.0, fault address 0x00030004.
Processing media-specific event for [mbam.exe!ws!]

Error: (12/24/2011 07:16:30 PM) (Source: Application Hang) (User: )
Description: Hanging application firefox.exe, version 8.0.0.4325, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (12/24/2011 07:16:28 PM) (Source: Application Hang) (User: )
Description: Hanging application firefox.exe, version 8.0.0.4325, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (12/16/2011 06:26:24 PM) (Source: Application Hang) (User: )
Description: Hanging application firefox.exe, version 8.0.0.4325, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (12/09/2011 08:54:31 PM) (Source: Application Hang) (User: )
Description: Hanging application firefox.exe, version 8.0.0.4325, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (11/22/2011 11:27:57 PM) (Source: Application Hang) (User: )
Description: Hanging application QuickTimePlayer.exe, version 7.70.80.34, hang module hungapp, version 0.0.0.0, hang address 0x00000000.


System errors:
=============
Error: (01/16/2012 07:09:08 PM) (Source: DCOM) (User: Andru Brozovich)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (01/16/2012 07:03:08 PM) (Source: DCOM) (User: Andru Brozovich)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (01/16/2012 06:59:18 PM) (Source: DCOM) (User: Andru Brozovich)
Description: DCOM got error "%%1084" attempting to start the service wuauserv with arguments ""
in order to run the server:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (01/16/2012 06:49:57 PM) (Source: DCOM) (User: Andru Brozovich)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (01/16/2012 06:42:20 PM) (Source: DCOM) (User: Andru Brozovich)
Description: DCOM got error "%%1084" attempting to start the service wuauserv with arguments ""
in order to run the server:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (01/16/2012 06:21:25 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Fips
intelppm
sp_rsdrv2

Error: (01/16/2012 06:20:50 PM) (Source: DCOM) (User: SYSTEM)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (01/16/2012 06:11:19 PM) (Source: DCOM) (User: SYSTEM)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (01/16/2012 06:10:33 PM) (Source: DCOM) (User: SYSTEM)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (01/16/2012 06:07:57 PM) (Source: System Error) (User: )
Description: Error code 1000008e, parameter1 c0000005, parameter2 b9f3b59d, parameter3 b398050c, parameter4 00000000.


Microsoft Office Sessions:
=========================
Error: (01/14/2012 02:28:55 PM) (Source: Application Hang)(User: )
Description: firefox.exe9.0.1.4371hungapp0.0.0.000000000

Error: (01/03/2012 04:17:05 PM) (Source: Application Error)(User: )
Description: photoshop.exe12.0.0.0adobeswfl.dll2.0.0.748900013db9

Error: (01/02/2012 08:33:55 PM) (Source: Application Error)(User: )
Description: photoshop.exe12.0.0.0adobeswfl.dll2.0.0.748900013db9

Error: (12/26/2011 11:45:25 PM) (Source: Application Hang)(User: )
Description: mbam.exe1.51.0.1118hungapp0.0.0.000000000

Error: (12/26/2011 11:45:07 PM) (Source: Application Error)(User: )
Description: mbam.exe1.51.0.1118unknown0.0.0.000030004

Error: (12/24/2011 07:16:30 PM) (Source: Application Hang)(User: )
Description: firefox.exe8.0.0.4325hungapp0.0.0.000000000

Error: (12/24/2011 07:16:28 PM) (Source: Application Hang)(User: )
Description: firefox.exe8.0.0.4325hungapp0.0.0.000000000

Error: (12/16/2011 06:26:24 PM) (Source: Application Hang)(User: )
Description: firefox.exe8.0.0.4325hungapp0.0.0.000000000

Error: (12/09/2011 08:54:31 PM) (Source: Application Hang)(User: )
Description: firefox.exe8.0.0.4325hungapp0.0.0.000000000

Error: (11/22/2011 11:27:57 PM) (Source: Application Hang)(User: )
Description: QuickTimePlayer.exe7.70.80.34hungapp0.0.0.000000000


=========================== Installed Programs ============================

ACID Pro 7.0 (Version: 7.0.536)
Adobe Acrobat 5.0 (Version: 5.0)
Adobe AIR (Version: 2.6.0.19120)
Adobe Community Help (Version: 3.0.0)
Adobe Community Help (Version: 3.0.0.400)
Adobe Flash Player 11 ActiveX (Version: 11.0.1.152)
Adobe Flash Player 11 Plugin (Version: 11.1.102.55)
Adobe Media Player (Version: 1.8)
Adobe Photoshop CS5 (Version: 12.0)
Adobe Reader X (10.1.1) (Version: 10.1.1)
Advanced GIF Animator 3.0 (Version: 3.0)
AmpliTube LE (Version: 1.1.0)
Antares Filter VST DX v1.01
Antares Tube v1.0
Apple Application Support (Version: 1.5.2)
Apple Mobile Device Support (Version: 3.4.1.2)
Apple Software Update (Version: 2.1.3.127)
Arturia Moog Modular V2 v1.0
ASIO4ALL (Version: 2.10)
ATI Control Panel (Version: 6.14.10.5160)
ATI Display Driver (Version: 8.162-050803a2-025672C-Dell)
BBE D82 Sonic Maximizer VST RTAS v2.0
BitComet 1.27 (Version: 1.27)
Collab
Crawler Toolbar with Web Security Guard
db audioware mastering plugins 1.05c
db audioware Sidechain Compressor VST v1.1.0
db audioware Sidechain Gate VST v1.1.0
Dell CinePlayer (Version: 3.0)
Dell Digital Jukebox Driver
Dell Driver Reset Tool (Version: 1.02.0000)
Dell Support 3.1 (Version: 5.1.760)
Dell System Restore (Version: 2.00.0000)
Digital Audio System (Version: 1.0)
Digital Content Portal (Version: 1.00.0000)
DivX Setup (Version: 2.5.0.11)
DVD Region-Free 3.10
EarthLink setup files (Version: 2005.1.47.0)
Edirol HQ Orchestral VSTi v1.03
EZdrummer (Version: 1.3.1)
ffdshow v1.1.3562 [2010-09-07] (Version: 1.1.3562.0)
FL Studio 8
FormatFactory (Version: 1.65)
High Definition Audio Driver Package - KB835221 (Version: 20040219.000000)
IL Download Manager
Intel® PRO Network Connections Drivers
Intel® PROSet for Wired Connections (Version: 9.20.0000)
iTunes (Version: 10.4.1.10)
iZotope Ozone 3 (Version: 3.05)
Java 2 Runtime Environment, SE v1.4.2_03 (Version: 1.4.2_03)
Java Auto Updater (Version: 2.0.3.1)
Java™ 6 Update 24 (Version: 6.0.240)
Korg Legacy Collection VSTi v1.0.02
Line 6 Uninstaller (Version: )
Live 6.0.11
Macromedia Flash Player (Version: 7.0.19.0)
McAfee Security Scan Plus (Version: 2.0.181.2)
MCU (Version: 1.00.0000)
Memeo AutoSync
Memeo Instant Backup (Version: 4.60.0.7359)
Memeo Send
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Plus! Digital Media Edition Installer (Version: 1.1.0.3514)
Microsoft Plus! Photo Story 2 LE (Version: 1.1.0.3463)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Mozilla Firefox 9.0.1 (x86 en-US) (Version: 9.0.1)
MSXML 6 Service Pack 2 (KB973686) (Version: 6.20.2003.0)
Native Instruments Abbey Road 60s Drums Vintage
Native Instruments Abbey Road 60s Drums Vintage (Version: 1.0.0.001)
Native Instruments Absynth 4
Native Instruments Battery
Native Instruments Battery 3
Native Instruments Controller Editor
Native Instruments Controller Editor (Version: 1.4.2.848)
Native Instruments FM8 v1.0.1.002 VSTi DXi RTAS
Native Instruments Guitar Rig 4
Native Instruments Guitar Rig 4 (Version: 4.1.0.1751)
Native Instruments Guitar Rig Session IO
Native Instruments Guitar Rig Session IO (Version: 2.9.4.433)
Native Instruments Komplete Elements
Native Instruments Komplete Elements (Version: 7.0.0.001)
Native Instruments Kontakt 4
Native Instruments Kontakt 4 (Version: 4.2.4.5316)
Native Instruments Kontakt Elements Selection R2
Native Instruments Kontakt Elements Selection R2 (Version: 1.0.0.002)
Native Instruments Massive
Native Instruments Massive (Version: 1.1.5.1967)
Native Instruments Mikro Prism
Native Instruments Mikro Prism (Version: 1.0.0.001)
Native Instruments Rammfire
Native Instruments Rammfire (Version: 1.0.0.001)
Native Instruments Reaktor 5
Native Instruments Reaktor 5 (Version: 5.6.1.11150)
Native Instruments Reaktor Elements Selection
Native Instruments Reaktor Elements Selection (Version: 1.0.0.002)
Native Instruments Reaktor Spark R2
Native Instruments Reaktor Spark R2 (Version: 1.1.0.006)
Native Instruments Reflektor (Version: 1.0.0.000)
Native Instruments Rig Kontrol 3
Native Instruments Rig Kontrol 3 (Version: 2.9.4.433)
Native Instruments Service Center
Native Instruments Service Center (Version: 2.2.6.676)
Native Instruments Traktors 12
Native Instruments Traktors 12 (Version: 1.0.0.000)
Ohm Force - Ohmicide VST
Ohmforce OhmBoyz VST v1.40
Ohmforce Predatohm VST PRO v1.21
Orange Vocoder v1.1.2
PC Suite (Version: 12.08.218)
PDF Settings CS5 (Version: 10.0)
PoiZone
Qualxserve Service Agreement (Version: 1.11.0000)
QuickTime (Version: 7.70.80.34)
RealPlayer Basic
ReFX Vanguard VSTi v1.04
Replay Media Catcher
rgc:audio z3ta+ VSTi v1.4
rgcAudio z3ta Plus v1.40
Rob Papen Predator V1.01b release
Roxio DLA (Version: 5.2.0)
Seagate Dashboard (Version: 1.0.0.810)
Setup Support for ShopToWin 1.0 (Version: 1.0)
Skype Click to Call (Version: 5.6.8312)
Skype™ 5.5 (Version: 5.5.119)
Sonic Activation Module (Version: 1.0)
Sonic Update Manager (Version: 3.0.0)
Sonnox Oxford R3 Dynamics PowerCore VST v1.3.1
Sony Sound Forge 7.0 (Version: 7.0.214)
Sony Vegas Pro 8.0 (Version: 8.0.260)
SoulSeek 157 NS 13e
Spybot - Search & Destroy (Version: 1.6.0)
Spyware Terminator 2012 (Version: 3.0.0.50)
TC Native Bundle v3.1
Timeworks Millenium Pack
Toxic Biohazard
ToxicIII v1.2 Orion Edition Unlocked VSTi
Trillian
VC80CRTRedist - 8.0.50727.4053 (Version: 1.1.0)
Wave Arts Power Suite (Version: 5.40)
Waves Diamond Bundle v5.2
Waves Gold Processors 3.6
Waves Renaissance Collection 2
WebFldrs XP (Version: 9.50.7523)
Winamp (Version: 5.601 )
Windows Imaging Component (Version: 3.0.0.0)
Windows Installer 3.1 (KB893803)
Windows Media Format 11 runtime
Windows Media Player 10 (Version: 9.00.3636)
Windows Media Player 11
Windows XP Hotfix - KB873339 (Version: 20041117.092459)
Windows XP Hotfix - KB885250 (Version: 20050118.202711)
Windows XP Hotfix - KB885835 (Version: 20041027.181713)
Windows XP Hotfix - KB887472 (Version: 20041014.162858)
Windows XP Hotfix - KB888113 (Version: 20041116.131036)
Windows XP Hotfix - KB889673 (Version: 20041116.085848)
Windows XP Hotfix - KB891781 (Version: 20050110.165439)
WinRAR archiver
WordPerfect Office 12 (Version: 12.01)

========================= Memory info: ===================================

Percentage of memory in use: 57%
Total physical RAM: 2046.07 MB
Available physical RAM: 872.82 MB
Total Pagefile: 3432.7 MB
Available Pagefile: 2489.19 MB
Total Virtual: 2047.88 MB
Available Virtual: 2002.82 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:229.49 GB) (Free:93.36 GB) NTFS
2 Drive d: (Komplete Elements) (CDROM) (Total:6.14 GB) (Free:0 GB) UDF
4 Drive f: (Expansion Drive) (Fixed) (Total:931.51 GB) (Free:805.89 GB) NTFS

========================= Users: ========================================

User accounts for \\KORE1

Administrator Andru Brozovich Guest
HelpAssistant SUPPORT_388945a0


**** End of log ****
====================================================================================

FSS LOG:
Farbar Service Scanner
Ran by Andru Brozovich (administrator) on 16-01-2012 at 19:06:45
Microsoft Windows XP Service Pack 2 (X86)
Boot Mode: Nerwork
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.
Checking LEGACY_wscsvc: Attention! Unable to open LEGACY_wscsvc\0000 registry key. The key does not exist.


Windows Update:
===========
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv: "C:\WINDOWS\system32\wuauserv.dll".

BITS Service is not running. Checking service configuration:
The start type of BITS service is OK.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.

EventSystem Service is not running. Checking service configuration:
The start type of EventSystem service is OK.
The ImagePath of EventSystem: "C:\WINDOWS\system32\svchost.exe -k netsvcs".
The ServiceDll of EventSystem: "C:\WINDOWS\system32\es.dll".


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys
[2004-08-10 09:50] - [2008-08-14 01:51] - 0138368 ____A (Microsoft Corporation) 55E6E1C51B6D30E54335750955453702

C:\WINDOWS\system32\Drivers\netbt.sys
[2004-08-10 09:51] - [2004-08-04 02:00] - 0162816 ____A (Microsoft Corporation) 0C80E410CD2F47134407EE7DD19CC86B

C:\WINDOWS\system32\Drivers\tcpip.sys
[2004-08-10 09:51] - [2008-06-20 02:45] - 0360320 ____A (Microsoft Corporation) 2A5554FC5B1E04E131230E3CE035C3F9

C:\WINDOWS\system32\Drivers\ipsec.sys
[2004-08-10 09:51] - [2004-08-04 02:00] - 0074752 ____A (Microsoft Corporation) 64537AA5C003A6AFEEE1DF819062D0D1

C:\WINDOWS\system32\dnsrslvr.dll
[2004-08-10 09:50] - [2004-08-04 02:00] - 0045568 ____A (Microsoft Corporation) 7379DE06FD196E396A00AA97B990C00D

C:\WINDOWS\system32\ipnathlp.dll
[2004-08-10 09:51] - [2004-08-04 02:00] - 0331264 ____A (Microsoft Corporation) 36CC8C01B5E50163037BEF56CB96DEFF

C:\WINDOWS\system32\netman.dll
[2004-08-10 09:51] - [2004-08-04 02:00] - 0198144 ____A (Microsoft Corporation) DAB9E6C7105D2EF49876FE92C524F565

C:\WINDOWS\system32\wbem\WMIsvc.dll
[2004-08-10 10:01] - [2004-08-04 02:00] - 0144896 ____A (Microsoft Corporation) F399242A80C4066FD155EFA4CF96658E

C:\WINDOWS\system32\srsvc.dll
[2004-08-10 10:02] - [2004-08-04 02:00] - 0170496 ____A (Microsoft Corporation) 92BDF74F12D6CBEC43C94D4B7F804838

C:\WINDOWS\system32\Drivers\sr.sys
[2004-08-10 10:02] - [2004-08-04 02:00] - 0073472 ____A (Microsoft Corporation) E41B6D037D6CD08461470AF04500DC24

C:\WINDOWS\system32\wscsvc.dll
[2004-08-10 09:51] - [2004-08-04 02:00] - 0081408 ____A (Microsoft Corporation) 4D59DAA66C60858CDF4F67A900F42D4A

C:\WINDOWS\system32\wbem\WMIsvc.dll
[2004-08-10 10:01] - [2004-08-04 02:00] - 0144896 ____A (Microsoft Corporation) F399242A80C4066FD155EFA4CF96658E

C:\WINDOWS\system32\wuauserv.dll
[2004-08-10 10:02] - [2004-08-04 02:00] - 0006656 ____A (Microsoft Corporation) 13D72740963CBA12D9FF76A7F218BCD8

C:\WINDOWS\system32\qmgr.dll
[2004-08-10 10:02] - [2004-08-04 02:00] - 0382464 ____A (Microsoft Corporation) 2C69EC7E5A311334D10DD95F338FCCEA

C:\WINDOWS\system32\es.dll
[2004-08-10 09:51] - [2008-07-07 12:32] - 0253952 ____A (Microsoft Corporation) 60D1A6342238378BFB7545C81EE3606C

C:\WINDOWS\system32\cryptsvc.dll
[2004-08-10 09:50] - [2004-08-04 02:00] - 0060416 ____A (Microsoft Corporation) 10654F9DDCEA9C46CFB77554231BE73B

C:\WINDOWS\system32\svchost.exe
[2004-08-10 09:51] - [2004-08-04 02:00] - 0014336 ____A (Microsoft Corporation) 8F078AE4ED187AAABC0A305146DE6716

C:\WINDOWS\system32\rpcss.dll
[2004-08-10 09:51] - [2009-02-09 02:01] - 0401408 ____A (Microsoft Corporation) 24B5D53B9ACCC1E2EDCF0A878D6659D4

C:\WINDOWS\system32\services.exe
[2004-08-10 09:51] - [2009-02-06 02:22] - 0110592 ____A (Microsoft Corporation) 4712531AB7A01B7EE059853CA17D39BD


Extra List:
=======
Gpc(6) IPSec(4) NetBT(5) PSched(7) Tcpip(3)
0x0700000004000000010000000200000003000000050000000600000007000000
IpSec Tag value is correct.

**** End of log ****

#4 drukore

drukore
  • Topic Starter

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Local time:11:48 AM

Posted 16 January 2012 - 11:26 PM

SECURITY CHECK:
Results of screen317's Security Check version 0.99.24
Windows XP Service Pack 2 x86
Out of date service pack!!
Internet Explorer 6 Out of date!
``````````````````````````````
Antivirus/Firewall Check:

Windows Security Center service is not running! This report may not be accurate!
Windows Firewall Enabled!
McAfee Security Scan Plus
```````````````````````````````
Anti-malware/Other Utilities Check:

Spyware Terminator 2012
Spybot - Search & Destroy
Java™ 6 Update 24
Java 2 Runtime Environment, SE v1.4.2_03
Out of date Java installed!
Adobe Flash Player 11.1.102.55
Adobe Reader X (10.1.1)
Mozilla Firefox (x86 en-US..)
````````````````````````````````
Process Check:
objlist.exe by Laurent

``````````End of Log````````````


++++++++++++++++++++++++++++++++++++++++++++++++++


Malware Bytes:

Malwarebytes Anti-Malware 1.60.0.1800
www.malwarebytes.org

Database version: v2012.01.16.03

Windows XP Service Pack 2 x86 NTFS (Safe Mode/Networking)
Internet Explorer 6.0.2900.2180
Andru Brozovich :: KORE1 [administrator]

1/16/2012 7:35:42 PM
mbam-log-2012-01-16 (19-35-42).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 181276
Time elapsed: 3 minute(s), 5 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
++++++++++++++++++++++++++++++++++++++++++

MBR LOG:

aswMBR version 0.9.9.1297 Copyright© 2011 AVAST Software
Run date: 2012-01-16 19:39:09
-----------------------------
19:39:09.875 OS Version: Windows 5.1.2600 Service Pack 2
19:39:09.875 Number of processors: 2 586 0x403
19:39:09.875 ComputerName: KORE1 UserName:
19:39:11.000 Initialize success
19:58:32.156 AVAST engine defs: 12011601
20:00:52.640 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-17
20:00:52.656 Disk 0 Vendor: ST3250824AS 3.ADH Size: 238418MB BusType: 3
20:00:52.671 Device \Driver\atapi -> DriverStartIo 8a4862c6
20:00:52.718 Disk 0 MBR read successfully
20:00:52.734 Disk 0 MBR scan
20:00:52.812 Disk 0 MBR:Pihar-C [Rtk]
20:00:52.828 Disk 0 TDL4@MBR code has been found
20:00:52.843 Disk 0 MBR hidden
20:00:52.859 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 47 MB offset 63
20:00:52.890 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 234997 MB offset 96390
20:00:52.937 Disk 0 Partition 3 00 DB CP/M / CTOS Dell 8.0 3365 MB offset 481371660
20:00:52.968 Disk 0 MBR [TDL4] **ROOTKIT**
20:00:52.984 Disk 0 trace - called modules:
20:00:53.000 ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0x8a48649f]<<
20:00:53.109 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a60aab8]
20:00:53.218 3 CLASSPNP.SYS[f763805b] -> nt!IofCallDriver -> [0x8a429b08]
20:00:53.328 \Driver\atapi[0x8a4ca888] -> IRP_MJ_CREATE -> 0x8a48649f
20:00:54.843 AVAST engine scan C:\WINDOWS
20:01:02.296 AVAST engine scan C:\WINDOWS\system32
20:02:37.890 AVAST engine scan C:\WINDOWS\system32\drivers
20:02:49.546 AVAST engine scan C:\Documents and Settings\Andru Brozovich
20:18:20.046 AVAST engine scan C:\Documents and Settings\All Users
20:19:31.515 Scan finished successfully
20:22:46.015 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Andru Brozovich\Desktop\MBR.dat"
20:22:46.031 The log file has been saved successfully to "C:\Documents and Settings\Andru Brozovich\Desktop\aswMBR.txt"

#5 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,660 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:09:48 AM

Posted 17 January 2012 - 12:07 AM

Download BlueScreenView (in Zip file)
No installation required.
Unzip downloaded file and double click on BlueScreenView.exe file to run the program.
When scanning is done, go Edit>Select All.
Go File>Save Selected Items, and save the report as BSOD.txt.
Open BSOD.txt in Notepad, copy all content, and paste it into your next reply.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#6 drukore

drukore
  • Topic Starter

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Local time:11:48 AM

Posted 17 January 2012 - 12:22 AM

here you go!

==================================================
Dump File : Mini011612-03.dmp
Crash Time : 1/16/2012 6:19:36 PM
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc0000005
Parameter 2 : 0xb9f3b59d
Parameter 3 : 0xb1fb150c
Parameter 4 : 0x00000000
Caused By Driver : atapi.sys
Caused By Address : atapi.sys+a59d
File Description : IDE/ATAPI Port Driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Processor : 32-bit
Crash Address : atapi.sys+a59d
Stack Address 1 : ntoskrnl.exe+18199
Stack Address 2 : mbam.sys+aaa
Stack Address 3 : fltMgr.sys+10ebb
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini011612-03.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 94,208
==================================================

==================================================
Dump File : Mini011612-02.dmp
Crash Time : 1/16/2012 6:09:45 PM
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc0000005
Parameter 2 : 0xb9f3b59d
Parameter 3 : 0xb2ca850c
Parameter 4 : 0x00000000
Caused By Driver : atapi.sys
Caused By Address : atapi.sys+a59d
File Description : IDE/ATAPI Port Driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Processor : 32-bit
Crash Address : atapi.sys+a59d
Stack Address 1 : ntoskrnl.exe+18199
Stack Address 2 : mbam.sys+aaa
Stack Address 3 : fltMgr.sys+10ebb
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini011612-02.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 94,208
==================================================

==================================================
Dump File : Mini011612-01.dmp
Crash Time : 1/16/2012 6:05:52 PM
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc0000005
Parameter 2 : 0xb9f3b59d
Parameter 3 : 0xb398050c
Parameter 4 : 0x00000000
Caused By Driver : atapi.sys
Caused By Address : atapi.sys+a59d
File Description : IDE/ATAPI Port Driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Processor : 32-bit
Crash Address : atapi.sys+a59d
Stack Address 1 : ntoskrnl.exe+18199
Stack Address 2 : mbam.sys+aaa
Stack Address 3 : fltMgr.sys+10ebb
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini011612-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 94,208
==================================================

==================================================
Dump File : Mini110111-01.dmp
Crash Time : 11/1/2011 7:50:53 PM
Bug Check String : DRIVER_OVERRAN_STACK_BUFFER
Bug Check Code : 0x000000f7
Parameter 1 : 0x897764c8
Parameter 2 : 0x00000dff
Parameter 3 : 0xfffff200
Parameter 4 : 0x00000000
Caused By Driver : disk.sys
Caused By Address : disk.sys+2135
File Description : PnP Disk Driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Processor : 32-bit
Crash Address : ntoskrnl.exe+22f0d
Stack Address 1 : disk.sys+2135
Stack Address 2 : disk.sys+17fc
Stack Address 3 : CLASSPNP.SYS+147f
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini110111-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 94,208
==================================================

#7 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,660 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:09:48 AM

Posted 17 January 2012 - 12:31 AM

I think I'm getting blind....LOL

Download TDSSKiller and save it to your desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#8 drukore

drukore
  • Topic Starter

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Local time:11:48 AM

Posted 17 January 2012 - 01:08 AM

21:32:53.0609 3892 TDSS rootkit removing tool 2.7.2.0 Jan 14 2012 20:07:30
21:32:54.0156 3892 ============================================================
21:32:54.0156 3892 Current date / time: 2012/01/16 21:32:54.0156
21:32:54.0156 3892 SystemInfo:
21:32:54.0156 3892
21:32:54.0156 3892 OS Version: 5.1.2600 ServicePack: 2.0
21:32:54.0156 3892 Product type: Workstation
21:32:54.0156 3892 ComputerName: KORE1
21:32:54.0156 3892 UserName: Andru Brozovich
21:32:54.0156 3892 Windows directory: C:\WINDOWS
21:32:54.0156 3892 System windows directory: C:\WINDOWS
21:32:54.0156 3892 Processor architecture: Intel x86
21:32:54.0156 3892 Number of processors: 2
21:32:54.0156 3892 Page size: 0x1000
21:32:54.0156 3892 Boot type: Safe boot with network
21:32:54.0156 3892 ============================================================
21:32:57.0578 3892 Drive \Device\Harddisk0\DR0 - Size: 0x3A35294400, SectorSize: 0x200, Cylinders: 0x76BA, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K', Flags 0x00000054
21:32:57.0625 3892 Drive \Device\Harddisk1\DR4 - Size: 0xE8E0DB6000, SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
21:32:57.0812 3892 Initialize success
21:33:04.0421 3136 ============================================================
21:33:04.0421 3136 Scan started
21:33:04.0421 3136 Mode: Manual;
21:33:04.0421 3136 ============================================================
21:33:08.0781 3136 Abiosdsk - ok
21:33:09.0046 3136 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
21:33:09.0093 3136 abp480n5 - ok
21:33:09.0406 3136 ACPI (a10c7534f7223f4a73a948967d00e69b) C:\WINDOWS\system32\DRIVERS\ACPI.sys
21:33:09.0453 3136 ACPI - ok
21:33:09.0828 3136 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
21:33:09.0859 3136 ACPIEC - ok
21:33:10.0031 3136 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
21:33:10.0156 3136 adpu160m - ok
21:33:10.0375 3136 aec (841f385c6cfaf66b58fbd898722bb4f0) C:\WINDOWS\system32\drivers\aec.sys
21:33:10.0421 3136 aec - ok
21:33:10.0531 3136 AFD (55e6e1c51b6d30e54335750955453702) C:\WINDOWS\System32\drivers\afd.sys
21:33:10.0578 3136 AFD - ok
21:33:10.0640 3136 agp440 (2c428fa0c3e3a01ed93c9b2a27d8d4bb) C:\WINDOWS\system32\DRIVERS\agp440.sys
21:33:10.0640 3136 agp440 - ok
21:33:10.0671 3136 agpCPQ (67288b07d6aba6c1267b626e67bc56fd) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
21:33:10.0687 3136 agpCPQ - ok
21:33:10.0718 3136 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
21:33:10.0734 3136 Aha154x - ok
21:33:10.0890 3136 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
21:33:10.0906 3136 aic78u2 - ok
21:33:11.0078 3136 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
21:33:11.0078 3136 aic78xx - ok
21:33:11.0187 3136 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
21:33:11.0187 3136 AliIde - ok
21:33:11.0250 3136 alim1541 (f312b7cef21eff52fa23056b9d815fad) C:\WINDOWS\system32\DRIVERS\alim1541.sys
21:33:11.0250 3136 alim1541 - ok
21:33:11.0312 3136 amdagp (675c16a3c1f8482f85ee4a97fc0dde3d) C:\WINDOWS\system32\DRIVERS\amdagp.sys
21:33:11.0312 3136 amdagp - ok
21:33:11.0343 3136 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
21:33:11.0343 3136 amsint - ok
21:33:11.0437 3136 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
21:33:11.0437 3136 asc - ok
21:33:11.0500 3136 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
21:33:11.0500 3136 asc3350p - ok
21:33:11.0578 3136 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
21:33:11.0578 3136 asc3550 - ok
21:33:11.0687 3136 ASCTRM (d880831279ed91f9a4190a2db9539ea9) C:\WINDOWS\system32\drivers\ASCTRM.sys
21:33:11.0687 3136 ASCTRM - ok
21:33:11.0796 3136 AsyncMac (02000abf34af4c218c35d257024807d6) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
21:33:11.0796 3136 AsyncMac - ok
21:33:11.0843 3136 atapi (cdfe4411a69c224bd1d11b2da92dac51) C:\WINDOWS\system32\DRIVERS\atapi.sys
21:33:11.0843 3136 atapi - ok
21:33:11.0875 3136 Atdisk - ok
21:33:12.0015 3136 ati2mtag (03621f7f968ff63713943405deb777f9) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
21:33:12.0093 3136 ati2mtag - ok
21:33:12.0218 3136 Atmarpc (ec88da854ab7d7752ec8be11a741bb7f) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
21:33:12.0234 3136 Atmarpc - ok
21:33:12.0312 3136 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
21:33:12.0328 3136 audstub - ok
21:33:12.0390 3136 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
21:33:12.0406 3136 Beep - ok
21:33:12.0593 3136 catchme - ok
21:33:12.0687 3136 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
21:33:12.0687 3136 cbidf - ok
21:33:12.0703 3136 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
21:33:12.0703 3136 cbidf2k - ok
21:33:12.0734 3136 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
21:33:12.0734 3136 cd20xrnt - ok
21:33:12.0781 3136 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
21:33:12.0781 3136 Cdaudio - ok
21:33:12.0843 3136 Cdfs (cd7d5152df32b47f4e36f710b35aae02) C:\WINDOWS\system32\drivers\Cdfs.sys
21:33:12.0843 3136 Cdfs - ok
21:33:12.0890 3136 Cdrom (af9c19b3100fe010496b1a27181fbf72) C:\WINDOWS\system32\DRIVERS\cdrom.sys
21:33:12.0890 3136 Cdrom - ok
21:33:12.0921 3136 Changer - ok
21:33:13.0031 3136 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
21:33:13.0031 3136 CmdIde - ok
21:33:13.0156 3136 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
21:33:13.0156 3136 Cpqarray - ok
21:33:13.0281 3136 ctac32k (79c819e2da176e1d4d549874f64052bd) C:\WINDOWS\system32\drivers\ctac32k.sys
21:33:13.0296 3136 ctac32k - ok
21:33:13.0343 3136 ctaud2k (d44041cc1ab0e755b63f4d2bfd132f2a) C:\WINDOWS\system32\drivers\ctaud2k.sys
21:33:13.0343 3136 ctaud2k - ok
21:33:13.0375 3136 ctprxy2k (c4b2cd6fd84618ceaf5fed03793bfc94) C:\WINDOWS\system32\drivers\ctprxy2k.sys
21:33:13.0375 3136 ctprxy2k - ok
21:33:13.0421 3136 ctsfm2k (3206a3e7459fe5613dc46279c5242cec) C:\WINDOWS\system32\drivers\ctsfm2k.sys
21:33:13.0437 3136 ctsfm2k - ok
21:33:13.0453 3136 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
21:33:13.0468 3136 dac2w2k - ok
21:33:13.0531 3136 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
21:33:13.0531 3136 dac960nt - ok
21:33:13.0609 3136 Disk (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys
21:33:13.0625 3136 Disk - ok
21:33:13.0687 3136 DLABOIOM (e2d0de31442390c35e3163c87cb6a9eb) C:\WINDOWS\system32\DLA\DLABOIOM.SYS
21:33:13.0687 3136 DLABOIOM - ok
21:33:13.0703 3136 DLACDBHM (d979bebcf7edcc9c9ee1857d1a68c67b) C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
21:33:13.0703 3136 DLACDBHM - ok
21:33:13.0734 3136 DLADResN (83545593e297f50a8e2524b4c071a153) C:\WINDOWS\system32\DLA\DLADResN.SYS
21:33:13.0750 3136 DLADResN - ok
21:33:13.0765 3136 DLAIFS_M (96e01d901cdc98c7817155cc057001bf) C:\WINDOWS\system32\DLA\DLAIFS_M.SYS
21:33:13.0765 3136 DLAIFS_M - ok
21:33:13.0781 3136 DLAOPIOM (0a60a39cc5e767980a31ca5d7238dfa9) C:\WINDOWS\system32\DLA\DLAOPIOM.SYS
21:33:13.0796 3136 DLAOPIOM - ok
21:33:13.0828 3136 DLAPoolM (9fe2b72558fc808357f427fd83314375) C:\WINDOWS\system32\DLA\DLAPoolM.SYS
21:33:13.0828 3136 DLAPoolM - ok
21:33:13.0890 3136 DLARTL_N (7ee0852ae8907689df25049dcd2342e8) C:\WINDOWS\system32\Drivers\DLARTL_N.SYS
21:33:13.0906 3136 DLARTL_N - ok
21:33:13.0921 3136 DLAUDFAM (f08e1dafac457893399e03430a6a1397) C:\WINDOWS\system32\DLA\DLAUDFAM.SYS
21:33:13.0937 3136 DLAUDFAM - ok
21:33:13.0968 3136 DLAUDF_M (e7d105ed1e694449d444a9933df8e060) C:\WINDOWS\system32\DLA\DLAUDF_M.SYS
21:33:13.0968 3136 DLAUDF_M - ok
21:33:14.0046 3136 dmboot (c0fbb516e06e243f0cf31f597e7ebf7d) C:\WINDOWS\system32\drivers\dmboot.sys
21:33:14.0078 3136 dmboot - ok
21:33:14.0109 3136 dmio (f5e7b358a732d09f4bcf2824b88b9e28) C:\WINDOWS\system32\drivers\dmio.sys
21:33:14.0109 3136 dmio - ok
21:33:14.0171 3136 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
21:33:14.0171 3136 dmload - ok
21:33:14.0265 3136 DMusic (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys
21:33:14.0265 3136 DMusic - ok
21:33:14.0328 3136 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
21:33:14.0328 3136 dpti2o - ok
21:33:14.0343 3136 drmkaud (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys
21:33:14.0343 3136 drmkaud - ok
21:33:14.0437 3136 DRVMCDB (fd0f95981fef9073659d8ec58e40aa3c) C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
21:33:14.0437 3136 DRVMCDB - ok
21:33:14.0468 3136 DRVNDDM (b4869d320428cdc5ec4d7f5e808e99b5) C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
21:33:14.0468 3136 DRVNDDM - ok
21:33:14.0531 3136 E100B (95974e66d3de4951d29e28e8bc0b644c) C:\WINDOWS\system32\DRIVERS\e100b325.sys
21:33:14.0531 3136 E100B - ok
21:33:14.0609 3136 emupia (7b59ec5a09434cdd64e99f62932d54cb) C:\WINDOWS\system32\drivers\emupia2k.sys
21:33:14.0609 3136 emupia - ok
21:33:14.0703 3136 Fastfat (3117f595e9615e04f05a54fc15a03b20) C:\WINDOWS\system32\drivers\Fastfat.sys
21:33:14.0703 3136 Fastfat - ok
21:33:14.0765 3136 Fdc (ced2e8396a8838e59d8fd529c680e02c) C:\WINDOWS\system32\DRIVERS\fdc.sys
21:33:14.0765 3136 Fdc - ok
21:33:14.0812 3136 Fips (e153ab8a11de5452bcf5ac7652dbf3ed) C:\WINDOWS\system32\drivers\Fips.sys
21:33:14.0812 3136 Fips - ok
21:33:14.0843 3136 Flpydisk (0dd1de43115b93f4d85e889d7a86f548) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
21:33:14.0843 3136 Flpydisk - ok
21:33:14.0890 3136 FltMgr (157754f0df355a9e0a6f54721914f9c6) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
21:33:14.0890 3136 FltMgr - ok
21:33:14.0921 3136 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
21:33:14.0937 3136 Fs_Rec - ok
21:33:14.0953 3136 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
21:33:14.0968 3136 Ftdisk - ok
21:33:15.0062 3136 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
21:33:15.0062 3136 GEARAspiWDM - ok
21:33:15.0078 3136 Gpc (c0f1d4a21de5a415df8170616703debf) C:\WINDOWS\system32\DRIVERS\msgpc.sys
21:33:15.0093 3136 Gpc - ok
21:33:15.0234 3136 ha10kx2k (f2e372643258db228a5961485380d4d0) C:\WINDOWS\system32\drivers\ha10kx2k.sys
21:33:15.0296 3136 ha10kx2k - ok
21:33:15.0343 3136 HDAudBus (e31363d186b3e1d7c4e9117884a6aee5) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
21:33:15.0343 3136 HDAudBus - ok
21:33:15.0421 3136 HidUsb (1de6783b918f540149aa69943bdfeba8) C:\WINDOWS\system32\DRIVERS\hidusb.sys
21:33:15.0421 3136 HidUsb - ok
21:33:15.0453 3136 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
21:33:15.0453 3136 hpn - ok
21:33:15.0500 3136 HTTP (9f8b0f4276f618964fd118be4289b7cd) C:\WINDOWS\system32\Drivers\HTTP.sys
21:33:15.0500 3136 HTTP - ok
21:33:15.0640 3136 i2omgmt (8f09f91b5c91363b77bcd15599570f2c) C:\WINDOWS\system32\drivers\i2omgmt.sys
21:33:15.0640 3136 i2omgmt - ok
21:33:15.0687 3136 i2omp (ed6bf9e441fdea13292a6d30a64a24c3) C:\WINDOWS\system32\DRIVERS\i2omp.sys
21:33:15.0703 3136 i2omp - ok
21:33:15.0734 3136 i8042prt (5502b58eef7486ee6f93f3f164dcb808) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
21:33:15.0750 3136 i8042prt - ok
21:33:15.0859 3136 ialm (5a8e05f1d5c36abd58cffa111eb325ea) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
21:33:15.0890 3136 ialm - ok
21:33:15.0968 3136 Imapi (f8aa320c6a0409c0380e5d8a99d76ec6) C:\WINDOWS\system32\DRIVERS\imapi.sys
21:33:15.0968 3136 Imapi - ok
21:33:16.0046 3136 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
21:33:16.0046 3136 ini910u - ok
21:33:16.0109 3136 IntelIde (2d722b2b54ab55b2fa475eb58d7b2aad) C:\WINDOWS\system32\DRIVERS\intelide.sys
21:33:16.0109 3136 IntelIde - ok
21:33:16.0171 3136 intelppm (279fb78702454dff2bb445f238c048d2) C:\WINDOWS\system32\DRIVERS\intelppm.sys
21:33:16.0171 3136 intelppm - ok
21:33:16.0250 3136 Ip6Fw (4448006b6bc60e6c027932cfc38d6855) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
21:33:16.0250 3136 Ip6Fw - ok
21:33:16.0312 3136 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
21:33:16.0312 3136 IpFilterDriver - ok
21:33:16.0375 3136 IpInIp (e1ec7f5da720b640cd8fb8424f1b14bb) C:\WINDOWS\system32\DRIVERS\ipinip.sys
21:33:16.0375 3136 IpInIp - ok
21:33:16.0421 3136 IpNat (b5a8e215ac29d24d60b4d1250ef05ace) C:\WINDOWS\system32\DRIVERS\ipnat.sys
21:33:16.0437 3136 IpNat - ok
21:33:16.0484 3136 IPSec (64537aa5c003a6afeee1df819062d0d1) C:\WINDOWS\system32\DRIVERS\ipsec.sys
21:33:16.0484 3136 IPSec - ok
21:33:16.0515 3136 IRENUM (50708daa1b1cbb7d6ac1cf8f56a24410) C:\WINDOWS\system32\DRIVERS\irenum.sys
21:33:16.0515 3136 IRENUM - ok
21:33:16.0562 3136 isapnp (e504f706ccb699c2596e9a3da1596e87) C:\WINDOWS\system32\DRIVERS\isapnp.sys
21:33:16.0562 3136 isapnp - ok
21:33:16.0609 3136 Kbdclass (ebdee8a2ee5393890a1acee971c4c246) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
21:33:16.0609 3136 Kbdclass - ok
21:33:16.0671 3136 kbdhid (e182fa8e49e8ee41b4adc53093f3c7e6) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
21:33:16.0687 3136 kbdhid - ok
21:33:16.0750 3136 kmixer (d93cad07c5683db066b0b2d2d3790ead) C:\WINDOWS\system32\drivers\kmixer.sys
21:33:16.0750 3136 kmixer - ok
21:33:16.0796 3136 KSecDD (1be7cc2535d760ae4d481576eb789f24) C:\WINDOWS\system32\drivers\KSecDD.sys
21:33:16.0812 3136 KSecDD - ok
21:33:16.0890 3136 L6PODHD3 (363241562a1610b80fbf4d1b194d04cf) C:\WINDOWS\system32\Drivers\L6PODHD3.sys
21:33:16.0906 3136 L6PODHD3 - ok
21:33:17.0000 3136 lbrtfdc - ok
21:33:17.0156 3136 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
21:33:17.0171 3136 mnmdd - ok
21:33:17.0265 3136 MobileAdapter (83c97f6d9feb37af9d785ac099e41a42) C:\WINDOWS\system32\DRIVERS\qscnusb.sys
21:33:17.0265 3136 MobileAdapter - ok
21:33:17.0312 3136 Modem (6fc6f9d7acc36dca9b914565a3aeda05) C:\WINDOWS\system32\drivers\Modem.sys
21:33:17.0328 3136 Modem - ok
21:33:17.0375 3136 Mouclass (34e1f0031153e491910e12551400192c) C:\WINDOWS\system32\DRIVERS\mouclass.sys
21:33:17.0375 3136 Mouclass - ok
21:33:17.0437 3136 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
21:33:17.0437 3136 mouhid - ok
21:33:17.0500 3136 MountMgr (65653f3b4477f3c63e68a9659f85ee2e) C:\WINDOWS\system32\drivers\MountMgr.sys
21:33:17.0500 3136 MountMgr - ok
21:33:17.0546 3136 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
21:33:17.0546 3136 mraid35x - ok
21:33:17.0578 3136 MRxDAV (46edcc8f2db2f322c24f48785cb46366) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
21:33:17.0578 3136 MRxDAV - ok
21:33:17.0671 3136 MRxSmb (fb6c89bb3ce282b08bdb1e3c179e1c39) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
21:33:17.0687 3136 MRxSmb - ok
21:33:17.0765 3136 Msfs (561b3a4333ca2dbdba28b5b956822519) C:\WINDOWS\system32\drivers\Msfs.sys
21:33:17.0765 3136 Msfs - ok
21:33:17.0890 3136 MSKSSRV (ae431a8dd3c1d0d0610cdbac16057ad0) C:\WINDOWS\system32\drivers\MSKSSRV.sys
21:33:17.0890 3136 MSKSSRV - ok
21:33:17.0937 3136 MSPCLOCK (13e75fef9dfeb08eeded9d0246e1f448) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
21:33:17.0937 3136 MSPCLOCK - ok
21:33:18.0000 3136 MSPQM (1988a33ff19242576c3d0ef9ce785da7) C:\WINDOWS\system32\drivers\MSPQM.sys
21:33:18.0000 3136 MSPQM - ok
21:33:18.0078 3136 mssmbios (469541f8bfd2b32659d5d463a6714bce) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
21:33:18.0078 3136 mssmbios - ok
21:33:18.0109 3136 Mup (82035e0f41c2dd05ae41d27fe6cf7de1) C:\WINDOWS\system32\drivers\Mup.sys
21:33:18.0109 3136 Mup - ok
21:33:18.0171 3136 NDIS (558635d3af1c7546d26067d5d9b6959e) C:\WINDOWS\system32\drivers\NDIS.sys
21:33:18.0171 3136 NDIS - ok
21:33:18.0187 3136 NdisTapi (08d43bbdacdf23f34d79e44ed35c1b4c) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
21:33:18.0203 3136 NdisTapi - ok
21:33:18.0265 3136 Ndisuio (34d6cd56409da9a7ed573e1c90a308bf) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
21:33:18.0281 3136 Ndisuio - ok
21:33:18.0312 3136 NdisWan (0b90e255a9490166ab368cd55a529893) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:33:18.0312 3136 NdisWan - ok
21:33:18.0375 3136 NDProxy (59fc3fb44d2669bc144fd87826bb571f) C:\WINDOWS\system32\drivers\NDProxy.sys
21:33:18.0375 3136 NDProxy - ok
21:33:18.0468 3136 NetBIOS (3a2aca8fc1d7786902ca434998d7ceb4) C:\WINDOWS\system32\DRIVERS\netbios.sys
21:33:18.0468 3136 NetBIOS - ok
21:33:18.0562 3136 NetBT (0c80e410cd2f47134407ee7dd19cc86b) C:\WINDOWS\system32\DRIVERS\netbt.sys
21:33:18.0562 3136 NetBT - ok
21:33:18.0734 3136 Npfs (4f601bcb8f64ea3ac0994f98fed03f8e) C:\WINDOWS\system32\drivers\Npfs.sys
21:33:18.0734 3136 Npfs - ok
21:33:18.0781 3136 Ntfs (b78be402c3f63dd55521f73876951cdd) C:\WINDOWS\system32\drivers\Ntfs.sys
21:33:18.0796 3136 Ntfs - ok
21:33:18.0875 3136 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
21:33:18.0875 3136 Null - ok
21:33:18.0968 3136 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
21:33:19.0015 3136 nv - ok
21:33:19.0093 3136 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
21:33:19.0093 3136 NwlnkFlt - ok
21:33:19.0109 3136 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
21:33:19.0109 3136 NwlnkFwd - ok
21:33:19.0203 3136 ossrv (f9d4029ed95758cb1e17ad6eeb4cbea1) C:\WINDOWS\system32\drivers\ctoss2k.sys
21:33:19.0203 3136 ossrv - ok
21:33:19.0265 3136 Parport (29744eb4ce659dfe3b4122deb45bc478) C:\WINDOWS\system32\DRIVERS\parport.sys
21:33:19.0265 3136 Parport - ok
21:33:19.0296 3136 PartMgr (3334430c29dc338092f79c38ef7b4cd0) C:\WINDOWS\system32\drivers\PartMgr.sys
21:33:19.0312 3136 PartMgr - ok
21:33:19.0375 3136 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
21:33:19.0375 3136 ParVdm - ok
21:33:19.0453 3136 PCI (8086d9979234b603ad5bc2f5d890b234) C:\WINDOWS\system32\DRIVERS\pci.sys
21:33:19.0453 3136 PCI - ok
21:33:19.0484 3136 PCIDump - ok
21:33:19.0546 3136 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
21:33:19.0546 3136 PCIIde - ok
21:33:19.0640 3136 Pcmcia (82a087207decec8456fbe8537947d579) C:\WINDOWS\system32\drivers\Pcmcia.sys
21:33:19.0640 3136 Pcmcia - ok
21:33:19.0671 3136 PDCOMP - ok
21:33:19.0718 3136 PDFRAME - ok
21:33:19.0765 3136 PDRELI - ok
21:33:19.0796 3136 PDRFRAME - ok
21:33:19.0875 3136 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
21:33:19.0875 3136 perc2 - ok
21:33:19.0921 3136 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
21:33:19.0921 3136 perc2hib - ok
21:33:20.0062 3136 PfModNT (460cf47c7e2b8886d93b979fc5e5d0b6) C:\WINDOWS\system32\drivers\PfModNT.sys
21:33:20.0062 3136 PfModNT - ok
21:33:20.0140 3136 PptpMiniport (1c5cc65aac0783c344f16353e60b72ac) C:\WINDOWS\system32\DRIVERS\raspptp.sys
21:33:20.0156 3136 PptpMiniport - ok
21:33:20.0203 3136 PSched (48671f327553dcf1d27f6197f622a668) C:\WINDOWS\system32\DRIVERS\psched.sys
21:33:20.0203 3136 PSched - ok
21:33:20.0250 3136 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
21:33:20.0250 3136 Ptilink - ok
21:33:20.0437 3136 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
21:33:20.0453 3136 PxHelp20 - ok
21:33:20.0515 3136 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
21:33:20.0531 3136 ql1080 - ok
21:33:20.0609 3136 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
21:33:20.0609 3136 Ql10wnt - ok
21:33:20.0656 3136 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
21:33:20.0656 3136 ql12160 - ok
21:33:20.0734 3136 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
21:33:20.0734 3136 ql1240 - ok
21:33:20.0781 3136 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
21:33:20.0796 3136 ql1280 - ok
21:33:20.0859 3136 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
21:33:20.0859 3136 RasAcd - ok
21:33:20.0921 3136 Rasl2tp (98faeb4a4dcf812ba1c6fca4aa3e115c) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
21:33:20.0921 3136 Rasl2tp - ok
21:33:21.0031 3136 RasPppoe (7306eeed8895454cbed4669be9f79faa) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
21:33:21.0046 3136 RasPppoe - ok
21:33:21.0140 3136 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
21:33:21.0140 3136 Raspti - ok
21:33:21.0234 3136 Rdbss (809ca45caa9072b3176ad44579d7f688) C:\WINDOWS\system32\DRIVERS\rdbss.sys
21:33:21.0234 3136 Rdbss - ok
21:33:21.0281 3136 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
21:33:21.0296 3136 RDPCDD - ok
21:33:21.0375 3136 rdpdr (a2cae2c60bc37e0751ef9dda7ceaf4ad) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
21:33:21.0375 3136 rdpdr - ok
21:33:21.0468 3136 RDPWD (b54cd38a9ebfbf2b3561426e3fe26f62) C:\WINDOWS\system32\drivers\RDPWD.sys
21:33:21.0468 3136 RDPWD - ok
21:33:21.0531 3136 redbook (b31b4588e4086d8d84adbf9845c2402b) C:\WINDOWS\system32\DRIVERS\redbook.sys
21:33:21.0531 3136 redbook - ok
21:33:21.0718 3136 Secdrv (d26e26ea516450af9d072635c60387f4) C:\WINDOWS\system32\DRIVERS\secdrv.sys
21:33:21.0718 3136 Secdrv - ok
21:33:21.0796 3136 serenum (a2d868aeeff612e70e213c451a70cafb) C:\WINDOWS\system32\DRIVERS\serenum.sys
21:33:21.0796 3136 serenum - ok
21:33:21.0843 3136 Serial (cd9404d115a00d249f70a371b46d5a26) C:\WINDOWS\system32\DRIVERS\serial.sys
21:33:21.0843 3136 Serial - ok
21:33:21.0921 3136 Sfloppy (0d13b6df6e9e101013a7afb0ce629fe0) C:\WINDOWS\system32\drivers\Sfloppy.sys
21:33:21.0921 3136 Sfloppy - ok
21:33:21.0984 3136 Simbad - ok
21:33:22.0046 3136 sisagp (732d859b286da692119f286b21a2a114) C:\WINDOWS\system32\DRIVERS\sisagp.sys
21:33:22.0046 3136 sisagp - ok
21:33:22.0109 3136 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
21:33:22.0109 3136 Sparrow - ok
21:33:22.0218 3136 splitter (8e186b8f23295d1e42c573b82b80d548) C:\WINDOWS\system32\drivers\splitter.sys
21:33:22.0218 3136 splitter - ok
21:33:22.0265 3136 sp_rsdrv2 (7b426b8e809edf081d771ef429345528) C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
21:33:22.0281 3136 sp_rsdrv2 - ok
21:33:22.0296 3136 sr (e41b6d037d6cd08461470af04500dc24) C:\WINDOWS\system32\DRIVERS\sr.sys
21:33:22.0312 3136 sr - ok
21:33:22.0390 3136 Srv (7a4f147cc6b133f905f6e65e2f8669fb) C:\WINDOWS\system32\DRIVERS\srv.sys
21:33:22.0390 3136 Srv - ok
21:33:22.0500 3136 STHDA (2a2dc39623adef8ab3703ab9fac4b440) C:\WINDOWS\system32\drivers\sthda.sys
21:33:22.0531 3136 STHDA - ok
21:33:22.0578 3136 swenum (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS\system32\DRIVERS\swenum.sys
21:33:22.0578 3136 swenum - ok
21:33:22.0656 3136 swmidi (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys
21:33:22.0656 3136 swmidi - ok
21:33:22.0718 3136 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
21:33:22.0718 3136 symc810 - ok
21:33:22.0734 3136 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
21:33:22.0734 3136 symc8xx - ok
21:33:22.0765 3136 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
21:33:22.0765 3136 sym_hi - ok
21:33:22.0796 3136 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
21:33:22.0796 3136 sym_u3 - ok
21:33:22.0890 3136 sysaudio (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys
21:33:22.0890 3136 sysaudio - ok
21:33:22.0984 3136 Tcpip (2a5554fc5b1e04e131230e3ce035c3f9) C:\WINDOWS\system32\DRIVERS\tcpip.sys
21:33:23.0000 3136 Tcpip - ok
21:33:23.0015 3136 TDPIPE (38d437cf2d98965f239b0abcd66dcb0f) C:\WINDOWS\system32\drivers\TDPIPE.sys
21:33:23.0015 3136 TDPIPE - ok
21:33:23.0078 3136 TDTCP (ed0580af02502d00ad8c4c066b156be9) C:\WINDOWS\system32\drivers\TDTCP.sys
21:33:23.0078 3136 TDTCP - ok
21:33:23.0156 3136 TermDD (a540a99c281d933f3d69d55e48727f47) C:\WINDOWS\system32\DRIVERS\termdd.sys
21:33:23.0156 3136 TermDD - ok
21:33:23.0250 3136 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
21:33:23.0250 3136 TosIde - ok
21:33:23.0312 3136 Udfs (12f70256f140cd7d52c58c7048fde657) C:\WINDOWS\system32\drivers\Udfs.sys
21:33:23.0312 3136 Udfs - ok
21:33:23.0343 3136 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
21:33:23.0343 3136 ultra - ok
21:33:23.0437 3136 Update (aff2e5045961bbc0a602bb6f95eb1345) C:\WINDOWS\system32\DRIVERS\update.sys
21:33:23.0437 3136 Update - ok
21:33:23.0531 3136 usbaudio (45a0d14b26c35497ad93bce7e15c9941) C:\WINDOWS\system32\drivers\usbaudio.sys
21:33:23.0531 3136 usbaudio - ok
21:33:23.0656 3136 usbccgp (bffd9f120cc63bcbaa3d840f3eef9f79) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
21:33:23.0671 3136 usbccgp - ok
21:33:23.0750 3136 usbehci (708579b01fed227aadb393cb0c3b4a2c) C:\WINDOWS\system32\DRIVERS\usbehci.sys
21:33:23.0750 3136 usbehci - ok
21:33:23.0765 3136 usbhub (c72f40947f92cea56a8fb532edf025f1) C:\WINDOWS\system32\DRIVERS\usbhub.sys
21:33:23.0765 3136 usbhub - ok
21:33:23.0812 3136 usbscan (a6bc71402f4f7dd5b77fd7f4a8ddba85) C:\WINDOWS\system32\DRIVERS\usbscan.sys
21:33:23.0812 3136 usbscan - ok
21:33:23.0906 3136 USBSTOR (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
21:33:23.0906 3136 USBSTOR - ok
21:33:23.0953 3136 usbuhci (f8fd1400092e23c8f2f31406ef06167b) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
21:33:23.0953 3136 usbuhci - ok
21:33:23.0984 3136 VgaSave (8a60edd72b4ea5aea8202daf0e427925) C:\WINDOWS\System32\drivers\vga.sys
21:33:23.0984 3136 VgaSave - ok
21:33:24.0093 3136 viaagp (d92e7c8a30cfd14d8e15b5f7f032151b) C:\WINDOWS\system32\DRIVERS\viaagp.sys
21:33:24.0093 3136 viaagp - ok
21:33:24.0125 3136 ViaIde (59cb1338ad3654417bea49636457f65d) C:\WINDOWS\system32\DRIVERS\viaide.sys
21:33:24.0125 3136 ViaIde - ok
21:33:24.0187 3136 VolSnap (ee4660083deba849ff6c485d944b379b) C:\WINDOWS\system32\drivers\VolSnap.sys
21:33:24.0203 3136 VolSnap - ok
21:33:24.0281 3136 Wanarp (984ef0b9788abf89974cfed4bfbaacbc) C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:33:24.0281 3136 Wanarp - ok
21:33:24.0312 3136 wanatw - ok
21:33:24.0343 3136 WDICA - ok
21:33:24.0421 3136 wdmaud (2797f33ebf50466020c430ee4f037933) C:\WINDOWS\system32\drivers\wdmaud.sys
21:33:24.0437 3136 wdmaud - ok
21:33:24.0750 3136 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
21:33:24.0750 3136 WudfPf - ok
21:33:24.0812 3136 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
21:33:24.0812 3136 WudfRd - ok
21:33:24.0906 3136 MBR (0x1B8) (4bc21aabb8ea83c34000756722b7398b) \Device\Harddisk0\DR0
21:33:24.0921 3136 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - infected
21:33:24.0921 3136 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.b (0)
21:33:24.0937 3136 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR4
21:33:24.0953 3136 \Device\Harddisk1\DR4 - ok
21:33:25.0000 3136 Boot (0x1200) (b0f719ccd57686996716c5b77af55737) \Device\Harddisk0\DR0\Partition0
21:33:25.0000 3136 \Device\Harddisk0\DR0\Partition0 - ok
21:33:25.0015 3136 Boot (0x1200) (b636517ca5b3abddad15f96c65f8a663) \Device\Harddisk1\DR4\Partition0
21:33:25.0015 3136 \Device\Harddisk1\DR4\Partition0 - ok
21:33:25.0015 3136 ============================================================
21:33:25.0015 3136 Scan finished
21:33:25.0015 3136 ============================================================
21:33:25.0078 3232 Detected object count: 1
21:33:25.0078 3232 Actual detected object count: 1
21:33:56.0156 3232 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - will be cured on reboot
21:33:56.0156 3232 \Device\Harddisk0\DR0 - ok
21:33:56.0156 3232 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - User select action: Cure

#9 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,660 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:09:48 AM

Posted 17 January 2012 - 01:11 AM

Try to start Windows normally.

If successful post new aswMBR log.

If not post new aswMBR log from safe mode.

Bed time coming here so I won't be here for long.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users