Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

BSOD in Normal Mode after Virus


  • Please log in to reply
24 replies to this topic

#1 Marc AB

Marc AB

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:01:38 PM

Posted 01 September 2012 - 10:27 AM

I had a virus on the computer recently (possibly remnants of it still) and I'm not able to enter safe mode with networking pretty reliably but get a blue screen when Windows tries to load in normal mode.

I was able to get the computer back after running Malware Bytes Anti-Malware even while the virus was going (pop-ups, fake scanning). The next time I got back into windows, I had the security icon at the bottom right and enabled the windows firewall which killed the virus processes I believe. I then ran the program again and it cleaned more out, but then I couldn't get to the internet. Shortly after, whenever I reboot, I get the blue screen and the computer restarts unless I press F8 and disable the restart. There's no text description of the issue on the blue screen, just the codes.

I've now run RogueKiller, Eset online scanner, MBAM, and unhide.exe, and I moved my shortcuts from a temp folder back to their standard location so the Windows menu is back in Safe Mode. I don't show any threats found using the above programs and could use assistance getting the computer up and running in Normal Mode. Thanks in advance.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:38 PM

Posted 01 September 2012 - 10:28 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 Marc AB

Marc AB
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:01:38 PM

Posted 01 September 2012 - 11:24 AM

Thanks for the quick reply.

TDSS and Eset came back with no threats found. Here is the log for aswMBR:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-01 09:32:50
-----------------------------
09:32:50.156 OS Version: Windows 5.1.2600 Service Pack 3
09:32:50.156 Number of processors: 4 586 0x403
09:32:50.156 ComputerName: ACER-AD993BA82B UserName: Administrator
09:32:50.640 Initialize success
09:33:41.703 AVAST engine defs: 12090100
09:33:54.250 Disk 0 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4
09:33:54.265 Disk 0 Vendor: Maxtor_6L100M0 BANC1G10 Size: 95611MB BusType: 3
09:33:54.265 Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T1L0-c
09:33:54.281 Disk 1 Vendor: Hitachi_HDS721616PLA380 P22OABEA Size: 152627MB BusType: 3
09:33:54.296 Disk 1 MBR read successfully
09:33:54.312 Disk 1 MBR scan
09:33:54.312 Disk 1 unknown MBR code
09:33:54.328 Disk 1 Partition 1 00 12 Compaq diag MSWIN4.1 5992 MB offset 63
09:33:54.343 Disk 1 Partition 2 80 (A) 07 HPFS/NTFS NTFS 73069 MB offset 12273660
09:33:54.375 Disk 1 Partition 3 00 0C FAT32 LBA MSWIN4.1 73563 MB offset 161919135
09:33:54.390 Disk 1 scanning sectors +312576705
09:33:54.484 Disk 1 scanning C:\WINDOWS\system32\drivers
09:34:02.359 Service scanning
09:34:32.890 Modules scanning
09:34:37.765 Disk 1 trace - called modules:
09:34:37.906 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys amdide.sys PCIIDEX.SYS
09:34:38.046 1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0x8b3c7ab8]
09:34:38.187 3 CLASSPNP.SYS[f7637fd7] -> nt!IofCallDriver -> \Device\00000081[0x8b44d570]
09:34:38.343 5 ACPI.sys[f75ae620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T1L0-c[0x8b3c8d98]
09:34:38.828 AVAST engine scan C:\WINDOWS
09:34:55.359 AVAST engine scan C:\WINDOWS\system32
09:36:56.859 AVAST engine scan C:\WINDOWS\system32\drivers
09:37:06.812 AVAST engine scan C:\Documents and Settings\Administrator
09:37:26.734 AVAST engine scan C:\Documents and Settings\All Users
09:38:37.890 Scan finished successfully
09:39:39.328 Disk 1 MBR has been saved successfully to "C:\Documents and Settings\Administrator\Desktop\MBR.dat"
09:39:39.343 The log file has been saved successfully to "C:\Documents and Settings\Administrator\Desktop\aswMBR.txt"

In cast it's needed, here's the full report from TDSS:

11:10:19.0984 1772 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
11:10:20.0406 1772 ============================================================
11:10:20.0406 1772 Current date / time: 2012/09/01 11:10:20.0406
11:10:20.0406 1772 SystemInfo:
11:10:20.0406 1772
11:10:20.0406 1772 OS Version: 5.1.2600 ServicePack: 3.0
11:10:20.0406 1772 Product type: Workstation
11:10:20.0406 1772 ComputerName: ACER-AD993BA82B
11:10:20.0406 1772 UserName: Administrator
11:10:20.0406 1772 Windows directory: C:\WINDOWS
11:10:20.0406 1772 System windows directory: C:\WINDOWS
11:10:20.0406 1772 Processor architecture: Intel x86
11:10:20.0406 1772 Number of processors: 4
11:10:20.0406 1772 Page size: 0x1000
11:10:20.0406 1772 Boot type: Safe boot with network
11:10:20.0406 1772 ============================================================
11:10:21.0703 1772 Drive \Device\Harddisk0\DR0 - Size: 0x1757BDA000 (93.37 Gb), SectorSize: 0x200, Cylinders: 0x2F9C, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
11:10:21.0734 1772 Drive \Device\Harddisk1\DR1 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
11:10:21.0734 1772 ============================================================
11:10:21.0734 1772 \Device\Harddisk0\DR0:
11:10:21.0734 1772 MBR partitions:
11:10:21.0734 1772 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xBABAC5D
11:10:21.0734 1772 \Device\Harddisk1\DR1:
11:10:21.0734 1772 MBR partitions:
11:10:21.0734 1772 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0xBB47FC, BlocksNum 0x8EB68A3
11:10:21.0734 1772 \Device\Harddisk1\DR1\Partition2: MBR, Type 0xC, StartLBA 0x9A6B09F, BlocksNum 0x8FADA22
11:10:21.0734 1772 ============================================================
11:10:21.0796 1772 C: <-> \Device\Harddisk1\DR1\Partition1
11:10:21.0812 1772 D: <-> \Device\Harddisk1\DR1\Partition2
11:10:21.0812 1772 F: <-> \Device\Harddisk0\DR0\Partition1
11:10:21.0812 1772 ============================================================
11:10:21.0812 1772 Initialize success
11:10:21.0812 1772 ============================================================
11:10:29.0687 0960 ============================================================
11:10:29.0687 0960 Scan started
11:10:29.0687 0960 Mode: Manual;
11:10:29.0687 0960 ============================================================
11:10:31.0015 0960 ================ Scan system memory ========================
11:10:31.0015 0960 System memory - ok
11:10:31.0015 0960 ================ Scan services =============================
11:10:31.0187 0960 Abiosdsk - ok
11:10:31.0187 0960 abp480n5 - ok
11:10:31.0265 0960 [ B8C591C0320114E79178A8F861892BB1 ] Acer ODDSpeedControl C:\Acer\Empowering Technology\eAcoustics\ODDSpeedCtl\speedcontrol.exe
11:10:31.0265 0960 Acer ODDSpeedControl - ok
11:10:31.0296 0960 [ F84D9E48327CB401799F913379F6E9AA ] AcerMemUsageCheckService C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
11:10:31.0296 0960 AcerMemUsageCheckService - ok
11:10:31.0328 0960 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
11:10:31.0328 0960 ACPI - ok
11:10:31.0343 0960 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
11:10:31.0343 0960 ACPIEC - ok
11:10:31.0359 0960 adpu160m - ok
11:10:31.0375 0960 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
11:10:31.0375 0960 aec - ok
11:10:31.0406 0960 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
11:10:31.0421 0960 AFD - ok
11:10:31.0437 0960 [ 0EBB674888CBDEFD5773341C16DD6A07 ] AFS2K C:\WINDOWS\system32\drivers\AFS2K.sys
11:10:31.0437 0960 AFS2K - ok
11:10:31.0437 0960 Aha154x - ok
11:10:31.0437 0960 aic78u2 - ok
11:10:31.0437 0960 aic78xx - ok
11:10:31.0468 0960 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
11:10:31.0468 0960 Alerter - ok
11:10:31.0484 0960 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
11:10:31.0484 0960 ALG - ok
11:10:31.0484 0960 AliIde - ok
11:10:31.0484 0960 ALSysIO - ok
11:10:31.0546 0960 [ F6AF59D6EEE5E1C304F7F73706AD11D8 ] Ambfilt C:\WINDOWS\system32\drivers\Ambfilt.sys
11:10:31.0546 0960 Ambfilt - ok
11:10:31.0578 0960 [ 6E58654CB25730B2579E45E1FD116A47 ] amdide C:\WINDOWS\system32\DRIVERS\amdide.sys
11:10:31.0578 0960 amdide - ok
11:10:31.0609 0960 [ 033448D435E65C4BD72E70521FD05C76 ] AmdPPM C:\WINDOWS\system32\DRIVERS\AmdPPM.sys
11:10:31.0609 0960 AmdPPM - ok
11:10:31.0609 0960 amsint - ok
11:10:31.0781 0960 [ 3DEBBECF665DCDDE3A95D9B902010817 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:10:31.0781 0960 Apple Mobile Device - ok
11:10:31.0812 0960 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
11:10:31.0812 0960 AppMgmt - ok
11:10:31.0812 0960 asc - ok
11:10:31.0828 0960 asc3350p - ok
11:10:31.0828 0960 asc3550 - ok
11:10:31.0953 0960 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
11:10:31.0953 0960 aspnet_state - ok
11:10:31.0984 0960 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
11:10:31.0984 0960 AsyncMac - ok
11:10:32.0000 0960 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
11:10:32.0000 0960 atapi - ok
11:10:32.0000 0960 Atdisk - ok
11:10:32.0046 0960 [ 6885F98FB32212F7DC268B085A90F8BA ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
11:10:32.0046 0960 Ati HotKey Poller - ok
11:10:32.0187 0960 [ CD5C874245435C9CE7E347E28CF3C6B5 ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
11:10:32.0187 0960 ati2mtag - ok
11:10:32.0250 0960 [ 9F7B431C11BDCB79FC1BBE9DE4F43B20 ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdXP3.sys
11:10:32.0265 0960 AtiHDAudioService - ok
11:10:32.0312 0960 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
11:10:32.0312 0960 Atmarpc - ok
11:10:32.0390 0960 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
11:10:32.0390 0960 AudioSrv - ok
11:10:32.0421 0960 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
11:10:32.0421 0960 audstub - ok
11:10:32.0484 0960 [ 6163664C7E9CD110AF70180C126C3FDC ] BcmSqlStartupSvc C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
11:10:32.0484 0960 BcmSqlStartupSvc - ok
11:10:32.0531 0960 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
11:10:32.0531 0960 Beep - ok
11:10:32.0796 0960 [ E685BA3267C5A4EC4CE9E2B4A1481725 ] BHDrvx86 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\BASHDefs\20111201.001\BHDrvx86.sys
11:10:32.0796 0960 BHDrvx86 - ok
11:10:32.0843 0960 [ BE5D50529799B9BAB6BE879EC768B6CF ] BIOS C:\WINDOWS\system32\drivers\BIOS.sys
11:10:32.0843 0960 BIOS - ok
11:10:32.0906 0960 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
11:10:32.0921 0960 BITS - ok
11:10:33.0015 0960 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
11:10:33.0015 0960 Bonjour Service - ok
11:10:33.0093 0960 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
11:10:33.0093 0960 Browser - ok
11:10:33.0156 0960 [ ABEFFD18E7DB6B988B25A42BCD7D400F ] BS_I2cIo C:\WINDOWS\system32\drivers\BS_I2cIo.sys
11:10:33.0156 0960 BS_I2cIo - ok
11:10:33.0218 0960 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
11:10:33.0218 0960 cbidf2k - ok
11:10:33.0281 0960 [ 599E7F6259A127C174C49938D2AA6A60 ] ccSet_N360 C:\WINDOWS\system32\drivers\N360\0600000.091\ccSetx86.sys
11:10:33.0281 0960 ccSet_N360 - ok
11:10:33.0296 0960 cd20xrnt - ok
11:10:33.0312 0960 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
11:10:33.0312 0960 Cdaudio - ok
11:10:33.0343 0960 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
11:10:33.0343 0960 Cdfs - ok
11:10:33.0375 0960 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
11:10:33.0375 0960 Cdrom - ok
11:10:33.0390 0960 Changer - ok
11:10:33.0406 0960 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
11:10:33.0406 0960 CiSvc - ok
11:10:33.0421 0960 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
11:10:33.0421 0960 ClipSrv - ok
11:10:33.0453 0960 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:10:33.0453 0960 clr_optimization_v2.0.50727_32 - ok
11:10:33.0468 0960 CmdIde - ok
11:10:33.0484 0960 COMSysApp - ok
11:10:33.0500 0960 Cpqarray - ok
11:10:33.0531 0960 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
11:10:33.0531 0960 CryptSvc - ok
11:10:33.0562 0960 [ B5ECADF7708960F1818C7FA015F4C239 ] CVirtA C:\WINDOWS\system32\DRIVERS\CVirtA.sys
11:10:33.0562 0960 CVirtA - ok
11:10:33.0640 0960 [ 8B8B082010775093081DEBE9621BEDF0 ] CVPND C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
11:10:33.0656 0960 CVPND - ok
11:10:33.0718 0960 [ 720482888C3778F26EEB83D286A6CDC3 ] CVPNDRVA C:\WINDOWS\system32\Drivers\CVPNDRVA.sys
11:10:33.0718 0960 CVPNDRVA - ok
11:10:33.0718 0960 dac2w2k - ok
11:10:33.0734 0960 dac960nt - ok
11:10:33.0859 0960 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
11:10:33.0859 0960 DcomLaunch - ok
11:10:33.0906 0960 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
11:10:33.0906 0960 Dhcp - ok
11:10:33.0921 0960 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
11:10:33.0921 0960 Disk - ok
11:10:33.0937 0960 dmadmin - ok
11:10:33.0968 0960 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
11:10:33.0984 0960 dmboot - ok
11:10:33.0984 0960 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
11:10:33.0984 0960 dmio - ok
11:10:34.0015 0960 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
11:10:34.0015 0960 dmload - ok
11:10:34.0031 0960 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
11:10:34.0031 0960 dmserver - ok
11:10:34.0062 0960 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
11:10:34.0062 0960 DMusic - ok
11:10:34.0093 0960 [ 86D52C32A308F84BBC626BFF7C1FB710 ] DNE C:\WINDOWS\system32\DRIVERS\dne2000.sys
11:10:34.0093 0960 DNE - ok
11:10:34.0109 0960 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
11:10:34.0109 0960 Dnscache - ok
11:10:34.0140 0960 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
11:10:34.0140 0960 Dot3svc - ok
11:10:34.0140 0960 dpti2o - ok
11:10:34.0171 0960 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
11:10:34.0171 0960 drmkaud - ok
11:10:34.0203 0960 DUMeterDrv - ok
11:10:34.0218 0960 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
11:10:34.0218 0960 EapHost - ok
11:10:34.0250 0960 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
11:10:34.0250 0960 ERSvc - ok
11:10:34.0265 0960 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
11:10:34.0265 0960 Eventlog - ok
11:10:34.0296 0960 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
11:10:34.0296 0960 EventSystem - ok
11:10:34.0312 0960 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
11:10:34.0312 0960 Fastfat - ok
11:10:34.0359 0960 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
11:10:34.0359 0960 FastUserSwitchingCompatibility - ok
11:10:34.0390 0960 [ E97D6A8684466DF94FF3BC24FB787A07 ] Fax C:\WINDOWS\system32\fxssvc.exe
11:10:34.0390 0960 Fax - ok
11:10:34.0406 0960 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
11:10:34.0406 0960 Fdc - ok
11:10:34.0421 0960 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
11:10:34.0421 0960 Fips - ok
11:10:34.0437 0960 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
11:10:34.0437 0960 Flpydisk - ok
11:10:34.0453 0960 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
11:10:34.0453 0960 FltMgr - ok
11:10:34.0515 0960 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
11:10:34.0515 0960 FontCache3.0.0.0 - ok
11:10:34.0546 0960 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
11:10:34.0546 0960 Fs_Rec - ok
11:10:34.0562 0960 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
11:10:34.0562 0960 Ftdisk - ok
11:10:34.0625 0960 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
11:10:34.0625 0960 GEARAspiWDM - ok
11:10:34.0640 0960 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
11:10:34.0640 0960 Gpc - ok
11:10:34.0656 0960 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
11:10:34.0656 0960 HDAudBus - ok
11:10:34.0718 0960 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
11:10:34.0718 0960 helpsvc - ok
11:10:34.0796 0960 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
11:10:34.0796 0960 HidServ - ok
11:10:34.0812 0960 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
11:10:34.0812 0960 hidusb - ok
11:10:34.0828 0960 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
11:10:34.0828 0960 hkmsvc - ok
11:10:34.0828 0960 hpn - ok
11:10:34.0859 0960 [ 863CC3A82C63C9F60ACF2E85D5310620 ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
11:10:34.0859 0960 HPZid412 - ok
11:10:34.0875 0960 [ 08CB72E95DD75B61F2966B311D0E4366 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
11:10:34.0875 0960 HPZipr12 - ok
11:10:34.0890 0960 [ CA990306ED4EF732AF9695BFF24FC96F ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
11:10:34.0890 0960 HPZius12 - ok
11:10:34.0921 0960 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
11:10:34.0937 0960 HTTP - ok
11:10:34.0937 0960 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
11:10:34.0937 0960 HTTPFilter - ok
11:10:34.0937 0960 i2omgmt - ok
11:10:34.0937 0960 i2omp - ok
11:10:35.0015 0960 [ 5502B58EEF7486EE6F93F3F164DCB808 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
11:10:35.0015 0960 i8042prt - ok
11:10:35.0046 0960 [ DAF66902F08796F9C694901660E5A64A ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
11:10:35.0046 0960 IDriverT - ok
11:10:35.0109 0960 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:10:35.0109 0960 idsvc - ok
11:10:35.0234 0960 [ CFBC1CE72E5353D428704659199147B1 ] IDSxpx86 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\IPSDefs\20111130.012\IDSxpx86.sys
11:10:35.0234 0960 IDSxpx86 - ok
11:10:35.0250 0960 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
11:10:35.0250 0960 Imapi - ok
11:10:35.0281 0960 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
11:10:35.0281 0960 ImapiService - ok
11:10:35.0281 0960 ini910u - ok
11:10:35.0359 0960 [ 4D8D5B1C895EA0F2A721B98A7CE198F1 ] int15 C:\WINDOWS\system32\drivers\int15.sys
11:10:35.0359 0960 int15 - ok
11:10:35.0500 0960 [ 0CE2EAB2FFB33B8B0EF2B8E0D8B3F026 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
11:10:35.0515 0960 IntcAzAudAddService - ok
11:10:35.0531 0960 IntelIde - ok
11:10:35.0546 0960 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
11:10:35.0546 0960 Ip6Fw - ok
11:10:35.0562 0960 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
11:10:35.0562 0960 IpFilterDriver - ok
11:10:35.0578 0960 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
11:10:35.0578 0960 IpInIp - ok
11:10:35.0593 0960 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
11:10:35.0593 0960 IpNat - ok
11:10:35.0640 0960 [ 178FE38B7740F598391EB2F51AE4CCAC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
11:10:35.0656 0960 iPod Service - ok
11:10:35.0687 0960 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
11:10:35.0687 0960 IPSec - ok
11:10:35.0703 0960 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
11:10:35.0703 0960 IRENUM - ok
11:10:35.0734 0960 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
11:10:35.0734 0960 isapnp - ok
11:10:35.0843 0960 [ 5E06A9D23727DAF96FAA796F1135FDCD ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
11:10:35.0843 0960 JavaQuickStarterService - ok
11:10:35.0843 0960 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
11:10:35.0843 0960 Kbdclass - ok
11:10:35.0859 0960 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
11:10:35.0859 0960 kbdhid - ok
11:10:35.0890 0960 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
11:10:35.0890 0960 kmixer - ok
11:10:35.0906 0960 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
11:10:35.0906 0960 KSecDD - ok
11:10:35.0921 0960 [ D1968DEA7BAFF4A917858C384339CEC8 ] L8042Kbd C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys
11:10:35.0921 0960 L8042Kbd - ok
11:10:35.0937 0960 [ D6FC755FF505D99E6CC73E83492310DF ] L8042mou C:\WINDOWS\system32\DRIVERS\L8042mou.Sys
11:10:35.0937 0960 L8042mou - ok
11:10:35.0953 0960 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
11:10:35.0953 0960 lanmanserver - ok
11:10:36.0000 0960 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
11:10:36.0000 0960 lanmanworkstation - ok
11:10:36.0000 0960 lbrtfdc - ok
11:10:36.0093 0960 [ A0F7DC0080E4F97DC97DE08B699E231B ] LBTServ C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
11:10:36.0093 0960 LBTServ - ok
11:10:36.0109 0960 [ 24E0DDB99AECCF86BB37702611761459 ] LHidFilt C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
11:10:36.0109 0960 LHidFilt - ok
11:10:36.0203 0960 [ 559C9B7800FAC92FC515CD0003D7C631 ] LightScribeService c:\Program Files\Common Files\LightScribe\LSSrvc.exe
11:10:36.0203 0960 LightScribeService - ok
11:10:36.0218 0960 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
11:10:36.0218 0960 LmHosts - ok
11:10:36.0281 0960 [ D58B330D318361A66A9FE60D7C9B4951 ] LMouFilt C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
11:10:36.0281 0960 LMouFilt - ok
11:10:36.0296 0960 [ C149BDAD13194DF16EA33F9F601ED7BF ] LMouKE C:\WINDOWS\system32\DRIVERS\LMouKE.Sys
11:10:36.0296 0960 LMouKE - ok
11:10:36.0312 0960 [ 144011D14BD35F4E36136AE057B1AADD ] LUsbFilt C:\WINDOWS\system32\Drivers\LUsbFilt.Sys
11:10:36.0312 0960 LUsbFilt - ok
11:10:36.0343 0960 [ 6DFE7F2E8E8A337263AA5C92A215F161 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
11:10:36.0343 0960 MBAMProtector - ok
11:10:36.0390 0960 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
11:10:36.0390 0960 MBAMService - ok
11:10:36.0390 0960 MCSTRM - ok
11:10:36.0468 0960 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
11:10:36.0468 0960 Messenger - ok
11:10:36.0562 0960 Microsoft SharePoint Workspace Audit Service - ok
11:10:36.0578 0960 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
11:10:36.0578 0960 mnmdd - ok
11:10:36.0609 0960 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
11:10:36.0609 0960 mnmsrvc - ok
11:10:36.0609 0960 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
11:10:36.0609 0960 Modem - ok
11:10:36.0656 0960 [ 9FA7207D1B1ADEAD88AE8EED9CDBBAA5 ] Monfilt C:\WINDOWS\system32\drivers\Monfilt.sys
11:10:36.0656 0960 Monfilt - ok
11:10:36.0687 0960 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
11:10:36.0687 0960 Mouclass - ok
11:10:36.0703 0960 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
11:10:36.0703 0960 mouhid - ok
11:10:36.0734 0960 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
11:10:36.0734 0960 MountMgr - ok
11:10:36.0781 0960 [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
11:10:36.0781 0960 MozillaMaintenance - ok
11:10:36.0781 0960 mraid35x - ok
11:10:36.0843 0960 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
11:10:36.0843 0960 MRxDAV - ok
11:10:36.0890 0960 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
11:10:36.0890 0960 MRxSmb - ok
11:10:36.0921 0960 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
11:10:36.0921 0960 MSDTC - ok
11:10:36.0937 0960 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
11:10:36.0937 0960 Msfs - ok
11:10:36.0937 0960 MSIServer - ok
11:10:36.0953 0960 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
11:10:36.0953 0960 MSKSSRV - ok
11:10:36.0968 0960 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
11:10:36.0968 0960 MSPCLOCK - ok
11:10:36.0968 0960 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
11:10:36.0968 0960 MSPQM - ok
11:10:36.0984 0960 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
11:10:36.0984 0960 mssmbios - ok
11:10:37.0046 0960 MSSQL$MSSMLBIZ - ok
11:10:37.0078 0960 [ ADAF062116B4E6D96E44D26486A87AF6 ] MSSQLServerADHelper C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
11:10:37.0078 0960 MSSQLServerADHelper - ok
11:10:37.0093 0960 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
11:10:37.0109 0960 Mup - ok
11:10:37.0218 0960 [ 9D0F43B1D0434B44183D4795E89F6C14 ] N360 C:\Program Files\Norton Security Suite\Engine\6.0.0.145\ccSvcHst.exe
11:10:37.0218 0960 N360 - ok
11:10:37.0250 0960 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
11:10:37.0250 0960 napagent - ok
11:10:37.0265 0960 NAVENG - ok
11:10:37.0265 0960 NAVEX15 - ok
11:10:37.0281 0960 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
11:10:37.0281 0960 NDIS - ok
11:10:37.0312 0960 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
11:10:37.0312 0960 NdisTapi - ok
11:10:37.0328 0960 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
11:10:37.0328 0960 Ndisuio - ok
11:10:37.0343 0960 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
11:10:37.0343 0960 NdisWan - ok
11:10:37.0359 0960 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
11:10:37.0359 0960 NDProxy - ok
11:10:37.0375 0960 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
11:10:37.0375 0960 NetBIOS - ok
11:10:37.0375 0960 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
11:10:37.0375 0960 NetBT - ok
11:10:37.0390 0960 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
11:10:37.0390 0960 NetDDE - ok
11:10:37.0406 0960 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
11:10:37.0406 0960 NetDDEdsdm - ok
11:10:37.0406 0960 netlimiter - ok
11:10:37.0421 0960 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
11:10:37.0421 0960 Netlogon - ok
11:10:37.0453 0960 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
11:10:37.0453 0960 Netman - ok
11:10:37.0484 0960 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:10:37.0484 0960 NetTcpPortSharing - ok
11:10:37.0515 0960 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
11:10:37.0515 0960 Nla - ok
11:10:37.0531 0960 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
11:10:37.0531 0960 Npfs - ok
11:10:37.0578 0960 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
11:10:37.0578 0960 Ntfs - ok
11:10:37.0609 0960 [ 7F1C1F78D709C4A54CBB46EDE7E0B48D ] NTIDrvr C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys
11:10:37.0609 0960 NTIDrvr - ok
11:10:37.0625 0960 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
11:10:37.0625 0960 NtLmSsp - ok
11:10:37.0640 0960 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
11:10:37.0656 0960 NtmsSvc - ok
11:10:37.0656 0960 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
11:10:37.0656 0960 Null - ok
11:10:37.0875 0960 [ ED9816DBAF6689542EA7D022631906A1 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
11:10:37.0906 0960 nv - ok
11:10:38.0015 0960 [ E00696D78AF663C523D3483410C66F21 ] NVIDIA Performance Driver Service C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe
11:10:38.0031 0960 NVIDIA Performance Driver Service - ok
11:10:38.0062 0960 [ A2322C6207EBB0761A6C8CC9003EBACF ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
11:10:38.0062 0960 NVSvc - ok
11:10:38.0062 0960 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
11:10:38.0062 0960 NwlnkFlt - ok
11:10:38.0078 0960 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
11:10:38.0078 0960 NwlnkFwd - ok
11:10:38.0078 0960 osaio - ok
11:10:38.0171 0960 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:10:38.0171 0960 ose - ok
11:10:38.0328 0960 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:10:38.0343 0960 osppsvc - ok
11:10:38.0359 0960 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
11:10:38.0359 0960 Parport - ok
11:10:38.0390 0960 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
11:10:38.0390 0960 PartMgr - ok
11:10:38.0421 0960 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
11:10:38.0421 0960 ParVdm - ok
11:10:38.0421 0960 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
11:10:38.0421 0960 PCI - ok
11:10:38.0421 0960 PCIDump - ok
11:10:38.0421 0960 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
11:10:38.0421 0960 PCIIde - ok
11:10:38.0437 0960 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
11:10:38.0437 0960 Pcmcia - ok
11:10:38.0437 0960 PDCOMP - ok
11:10:38.0437 0960 PDFRAME - ok
11:10:38.0437 0960 PDRELI - ok
11:10:38.0453 0960 PDRFRAME - ok
11:10:38.0453 0960 perc2 - ok
11:10:38.0453 0960 perc2hib - ok
11:10:38.0468 0960 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
11:10:38.0468 0960 PlugPlay - ok
11:10:38.0500 0960 [ FB03F341FF5380394BF2EE52F1979925 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.exe
11:10:38.0500 0960 Pml Driver HPZ12 - ok
11:10:38.0500 0960 Point32 - ok
11:10:38.0515 0960 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
11:10:38.0515 0960 PolicyAgent - ok
11:10:38.0531 0960 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
11:10:38.0531 0960 PptpMiniport - ok
11:10:38.0546 0960 [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
11:10:38.0546 0960 Processor - ok
11:10:38.0546 0960 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
11:10:38.0546 0960 ProtectedStorage - ok
11:10:38.0578 0960 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
11:10:38.0578 0960 PSched - ok
11:10:38.0578 0960 psdfilter - ok
11:10:38.0593 0960 psdvdisk - ok
11:10:38.0593 0960 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
11:10:38.0593 0960 Ptilink - ok
11:10:38.0593 0960 ql1080 - ok
11:10:38.0593 0960 Ql10wnt - ok
11:10:38.0593 0960 ql12160 - ok
11:10:38.0593 0960 ql1240 - ok
11:10:38.0609 0960 ql1280 - ok
11:10:38.0609 0960 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
11:10:38.0609 0960 RasAcd - ok
11:10:38.0640 0960 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
11:10:38.0640 0960 RasAuto - ok
11:10:38.0640 0960 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
11:10:38.0640 0960 Rasl2tp - ok
11:10:38.0671 0960 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
11:10:38.0671 0960 RasMan - ok
11:10:38.0687 0960 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
11:10:38.0687 0960 RasPppoe - ok
11:10:38.0703 0960 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
11:10:38.0703 0960 Raspti - ok
11:10:38.0734 0960 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
11:10:38.0734 0960 Rdbss - ok
11:10:38.0750 0960 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
11:10:38.0750 0960 RDPCDD - ok
11:10:38.0765 0960 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
11:10:38.0765 0960 rdpdr - ok
11:10:38.0796 0960 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
11:10:38.0796 0960 RDPWD - ok
11:10:38.0828 0960 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
11:10:38.0828 0960 RDSessMgr - ok
11:10:38.0843 0960 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
11:10:38.0843 0960 redbook - ok
11:10:38.0875 0960 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
11:10:38.0875 0960 RemoteAccess - ok
11:10:38.0890 0960 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
11:10:38.0890 0960 RemoteRegistry - ok
11:10:38.0906 0960 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
11:10:38.0906 0960 RpcLocator - ok
11:10:38.0921 0960 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll
11:10:38.0921 0960 RpcSs - ok
11:10:38.0953 0960 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
11:10:38.0953 0960 RSVP - ok
11:10:38.0968 0960 [ 79B4FE884C18DD82D5449F6B6026D092 ] RTLE8023xp C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
11:10:38.0968 0960 RTLE8023xp - ok
11:10:38.0984 0960 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
11:10:38.0984 0960 SamSs - ok
11:10:39.0015 0960 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
11:10:39.0015 0960 SCardSvr - ok
11:10:39.0031 0960 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
11:10:39.0031 0960 Schedule - ok
11:10:39.0046 0960 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
11:10:39.0046 0960 Secdrv - ok
11:10:39.0062 0960 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
11:10:39.0062 0960 seclogon - ok
11:10:39.0078 0960 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
11:10:39.0078 0960 SENS - ok
11:10:39.0093 0960 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
11:10:39.0093 0960 serenum - ok
11:10:39.0109 0960 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
11:10:39.0109 0960 Serial - ok
11:10:39.0125 0960 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
11:10:39.0125 0960 Sfloppy - ok
11:10:39.0140 0960 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
11:10:39.0140 0960 SharedAccess - ok
11:10:39.0171 0960 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
11:10:39.0171 0960 ShellHWDetection - ok
11:10:39.0171 0960 Simbad - ok
11:10:39.0218 0960 [ EA396139541706B4B433641D62EA53CE ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
11:10:39.0218 0960 SkypeUpdate - ok
11:10:39.0250 0960 [ A1ECEEAA5C5E74B2499EB51D38185B84 ] SONYPVU1 C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
11:10:39.0250 0960 SONYPVU1 - ok
11:10:39.0250 0960 Sparrow - ok
11:10:39.0281 0960 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
11:10:39.0281 0960 splitter - ok
11:10:39.0312 0960 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
11:10:39.0312 0960 Spooler - ok
11:10:39.0343 0960 [ 5673E79BBB62A4C35B10D821FF1B4ACA ] SQLBrowser C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
11:10:39.0343 0960 SQLBrowser - ok
11:10:39.0375 0960 [ D89083C4EB02DACA8F944B0E05E57F9D ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
11:10:39.0375 0960 SQLWriter - ok
11:10:39.0406 0960 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
11:10:39.0406 0960 sr - ok
11:10:39.0437 0960 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
11:10:39.0437 0960 srservice - ok
11:10:39.0500 0960 [ C16D048FAF2978D2121F9F40594A6BDC ] SRTSP C:\WINDOWS\system32\drivers\N360\0600000.091\SRTSP.SYS
11:10:39.0500 0960 SRTSP - ok
11:10:39.0515 0960 [ F0D02C2E25970C9C72A5CD278C17CDB6 ] SRTSPX C:\WINDOWS\system32\drivers\N360\0600000.091\SRTSPX.SYS
11:10:39.0515 0960 SRTSPX - ok
11:10:39.0546 0960 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
11:10:39.0562 0960 Srv - ok
11:10:39.0593 0960 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
11:10:39.0593 0960 SSDPSRV - ok
11:10:39.0625 0960 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
11:10:39.0625 0960 stisvc - ok
11:10:39.0671 0960 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
11:10:39.0671 0960 swenum - ok
11:10:39.0703 0960 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
11:10:39.0703 0960 swmidi - ok
11:10:39.0703 0960 SwPrv - ok
11:10:39.0703 0960 symc810 - ok
11:10:39.0703 0960 symc8xx - ok
11:10:39.0765 0960 [ 690FA0E61B90084C4D9A721BD4F3D779 ] SymDS C:\WINDOWS\system32\drivers\N360\0600000.091\SYMDS.SYS
11:10:39.0765 0960 SymDS - ok
11:10:39.0812 0960 [ 4E55148A2E044D02245CBCDBB266B98C ] SymEFA C:\WINDOWS\system32\drivers\N360\0600000.091\SYMEFA.SYS
11:10:39.0812 0960 SymEFA - ok
11:10:39.0843 0960 [ 74E2521E96176A4449570E50BE91954D ] SymEvent C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
11:10:39.0843 0960 SymEvent - ok
11:10:39.0859 0960 [ 2C356CCA706505CF63CBE39D532B9236 ] SymIRON C:\WINDOWS\system32\drivers\N360\0600000.091\Ironx86.SYS
11:10:39.0859 0960 SymIRON - ok
11:10:39.0906 0960 [ 508BD882040F9CB12319E3A4FC78EDB9 ] SYMTDI C:\WINDOWS\system32\drivers\N360\0600000.091\SYMTDI.SYS
11:10:39.0906 0960 SYMTDI - ok
11:10:39.0906 0960 sym_hi - ok
11:10:39.0906 0960 sym_u3 - ok
11:10:39.0921 0960 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
11:10:39.0921 0960 sysaudio - ok
11:10:39.0953 0960 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
11:10:39.0953 0960 SysmonLog - ok
11:10:39.0968 0960 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
11:10:39.0984 0960 TapiSrv - ok
11:10:40.0000 0960 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
11:10:40.0000 0960 Tcpip - ok
11:10:40.0031 0960 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
11:10:40.0031 0960 TDPIPE - ok
11:10:40.0046 0960 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
11:10:40.0046 0960 TDTCP - ok
11:10:40.0046 0960 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
11:10:40.0046 0960 TermDD - ok
11:10:40.0078 0960 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
11:10:40.0078 0960 TermService - ok
11:10:40.0093 0960 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
11:10:40.0093 0960 Themes - ok
11:10:40.0125 0960 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
11:10:40.0125 0960 TlntSvr - ok
11:10:40.0125 0960 TosIde - ok
11:10:40.0140 0960 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
11:10:40.0140 0960 TrkWks - ok
11:10:40.0156 0960 [ 97DD70FECA64FB4F63DE7BB7E66A80B1 ] tvicport C:\WINDOWS\system32\drivers\tvicport.sys
11:10:40.0171 0960 tvicport - ok
11:10:40.0187 0960 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
11:10:40.0187 0960 Udfs - ok
11:10:40.0187 0960 ultra - ok
11:10:40.0218 0960 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
11:10:40.0218 0960 Update - ok
11:10:40.0265 0960 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
11:10:40.0265 0960 upnphost - ok
11:10:40.0265 0960 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
11:10:40.0265 0960 UPS - ok
11:10:40.0281 0960 [ 83CAFCB53201BBAC04D822F32438E244 ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
11:10:40.0296 0960 USBAAPL - ok
11:10:40.0328 0960 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
11:10:40.0328 0960 usbaudio - ok
11:10:40.0343 0960 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
11:10:40.0343 0960 usbccgp - ok
11:10:40.0359 0960 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
11:10:40.0359 0960 usbehci - ok
11:10:40.0375 0960 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
11:10:40.0375 0960 usbhub - ok
11:10:40.0390 0960 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
11:10:40.0390 0960 usbohci - ok
11:10:40.0406 0960 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
11:10:40.0406 0960 usbprint - ok
11:10:40.0421 0960 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
11:10:40.0421 0960 usbscan - ok
11:10:40.0421 0960 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
11:10:40.0421 0960 USBSTOR - ok
11:10:40.0437 0960 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
11:10:40.0437 0960 VgaSave - ok
11:10:40.0437 0960 ViaIde - ok
11:10:40.0453 0960 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
11:10:40.0453 0960 VolSnap - ok
11:10:40.0484 0960 [ 0354BA3A5BA5E28CC247EB5F5DD8793C ] vsdatant C:\WINDOWS\system32\vsdatant.sys
11:10:40.0484 0960 vsdatant - ok
11:10:40.0515 0960 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
11:10:40.0515 0960 VSS - ok
11:10:40.0531 0960 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
11:10:40.0531 0960 W32Time - ok
11:10:40.0562 0960 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
11:10:40.0562 0960 Wanarp - ok
11:10:40.0593 0960 [ FD47474BD21794508AF449D9D91AF6E6 ] Wdf01000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
11:10:40.0593 0960 Wdf01000 - ok
11:10:40.0593 0960 WDICA - ok
11:10:40.0640 0960 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
11:10:40.0640 0960 wdmaud - ok
11:10:40.0671 0960 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
11:10:40.0671 0960 WebClient - ok
11:10:40.0718 0960 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
11:10:40.0718 0960 winmgmt - ok
11:10:40.0750 0960 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
11:10:40.0750 0960 WmdmPmSN - ok
11:10:40.0765 0960 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll
11:10:40.0765 0960 Wmi - ok
11:10:40.0812 0960 [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
11:10:40.0812 0960 WmiAcpi - ok
11:10:40.0828 0960 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
11:10:40.0828 0960 WmiApSrv - ok
11:10:40.0906 0960 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
11:10:40.0906 0960 WMPNetworkSvc - ok
11:10:40.0906 0960 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
11:10:40.0906 0960 WpdUsb - ok
11:10:40.0937 0960 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
11:10:40.0937 0960 WS2IFSL - ok
11:10:40.0937 0960 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
11:10:40.0937 0960 wscsvc - ok
11:10:40.0953 0960 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
11:10:40.0953 0960 wuauserv - ok
11:10:40.0984 0960 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
11:10:40.0984 0960 WudfPf - ok
11:10:41.0000 0960 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
11:10:41.0000 0960 WudfRd - ok
11:10:41.0015 0960 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
11:10:41.0015 0960 WudfSvc - ok
11:10:41.0062 0960 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
11:10:41.0062 0960 WZCSVC - ok
11:10:41.0078 0960 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
11:10:41.0078 0960 xmlprov - ok
11:10:41.0109 0960 [ 4322C32CED8C4772E039616DCBF01D3F ] yukonwxp C:\WINDOWS\system32\DRIVERS\yk51x86.sys
11:10:41.0109 0960 yukonwxp - ok
11:10:41.0125 0960 [ 40AC8590CC9006DBB99FFCB37879D4C6 ] zntport C:\WINDOWS\system32\drivers\zntport.sys
11:10:41.0125 0960 zntport - ok
11:10:41.0125 0960 ================ Scan global ===============================
11:10:41.0156 0960 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
11:10:41.0187 0960 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
11:10:41.0187 0960 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
11:10:41.0203 0960 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
11:10:41.0203 0960 [Global] - ok
11:10:41.0203 0960 ================ Scan MBR ==================================
11:10:41.0203 0960 [ 35C6B2FCDE68FACBEFE0A4A7200BAE58 ] \Device\Harddisk0\DR0
11:10:42.0906 0960 \Device\Harddisk0\DR0 - ok
11:10:42.0921 0960 [ 99852D5C3A78447C3D6D82B6155FE848 ] \Device\Harddisk1\DR1
11:10:44.0671 0960 \Device\Harddisk1\DR1 - ok
11:10:44.0671 0960 ================ Scan VBR ==================================
11:10:44.0671 0960 [ DE527269440FD454990CF3B85A1A92EE ] \Device\Harddisk0\DR0\Partition1
11:10:44.0671 0960 \Device\Harddisk0\DR0\Partition1 - ok
11:10:44.0671 0960 [ 66C9C7193999483BB1BE81E0B94F7EB1 ] \Device\Harddisk1\DR1\Partition1
11:10:44.0671 0960 \Device\Harddisk1\DR1\Partition1 - ok
11:10:44.0703 0960 [ 9ECAFA2C03CDC2371B23D4063C001ADE ] \Device\Harddisk1\DR1\Partition2
11:10:44.0703 0960 \Device\Harddisk1\DR1\Partition2 - ok
11:10:44.0703 0960 ============================================================
11:10:44.0703 0960 Scan finished
11:10:44.0703 0960 ============================================================
11:10:44.0703 1024 Detected object count: 0
11:10:44.0703 1024 Actual detected object count: 0

Edited by Marc AB, 01 September 2012 - 12:11 PM.


#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:38 PM

Posted 01 September 2012 - 01:23 PM

1. Click Start --> Run --> Type MSCONFIG --> Click OK
2. On the General tab, choose Selective Startup
3. Uncheck Process SYSTEM.INI file
4. Uncheck Process WIN.INI file
5. Uncheck Load Startup Items
6. Click on the Services tab
7. At the bottom, check Hide All Microsoft Services
8. Uncheck all boxes in the window or click the button labeled Disable All
9. Click OK
10. Click Restart

Can you boot into normal mode now>?

#5 Marc AB

Marc AB
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:01:38 PM

Posted 01 September 2012 - 02:18 PM

1. Click Start --> Run --> Type MSCONFIG --> Click OK
2. On the General tab, choose Selective Startup
3. Uncheck Process SYSTEM.INI file
4. Uncheck Process WIN.INI file
5. Uncheck Load Startup Items
6. Click on the Services tab
7. At the bottom, check Hide All Microsoft Services
8. Uncheck all boxes in the window or click the button labeled Disable All
9. Click OK
10. Click Restart

Can you boot into normal mode now>?



I get a System Configuration error: An Access Denied error was returned while attempting to change a service. You may need to log on using an Administrator account to make the specified changes.

I'm logged into Safe Mode on the administrator account but will try a reboot now.

#6 Marc AB

Marc AB
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:01:38 PM

Posted 01 September 2012 - 02:27 PM


1. Click Start --> Run --> Type MSCONFIG --> Click OK
2. On the General tab, choose Selective Startup
3. Uncheck Process SYSTEM.INI file
4. Uncheck Process WIN.INI file
5. Uncheck Load Startup Items
6. Click on the Services tab
7. At the bottom, check Hide All Microsoft Services
8. Uncheck all boxes in the window or click the button labeled Disable All
9. Click OK
10. Click Restart

Can you boot into normal mode now>?



I get a System Configuration error: An Access Denied error was returned while attempting to change a service. You may need to log on using an Administrator account to make the specified changes.

I'm logged into Safe Mode on the administrator account but will try a reboot now.


I get the same blue screen when I try to boot up in normal mode.

I also tried removing each memory chip last night and tried the BIOS memory test. Memory test came up clean and I received the same blue screen with each memory chip. Thanks for reviewing and the suggestions.

Edited by Marc AB, 01 September 2012 - 02:30 PM.


#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:38 PM

Posted 01 September 2012 - 02:48 PM

Go to

c:\windows\minidump

Attach the minidump files here

#8 Marc AB

Marc AB
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:01:38 PM

Posted 01 September 2012 - 03:05 PM

How do I attach them, please? I see options to insert links, media, etc. but nowhere to attach or upload a file. Also, do you want all of the files or just the most recent? I have one from 08/16.

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:38 PM

Posted 01 September 2012 - 03:08 PM

Most recent ones.Zip them and Upload it here

http://www.filedropper.com/

Post the link here

#10 Marc AB

Marc AB
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:01:38 PM

Posted 01 September 2012 - 03:09 PM

http://www.filedropper.com/mini081612-01

Zipped:

http://www.filedropper.com/mini081612-01_1

Edited by Marc AB, 01 September 2012 - 03:11 PM.


#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:38 PM

Posted 01 September 2012 - 03:17 PM

Single minidump file is not enough

Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the text contents here

#12 Marc AB

Marc AB
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:01:38 PM

Posted 01 September 2012 - 03:19 PM

Autoruns text:

"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
X "MSPY2002" "" "" "c:\windows\system32\ime\pintlgnt\imscinst.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
X "Address Book 6" "Outlook Express Setup Library" "Microsoft Corporation" "c:\program files\outlook express\setup50.exe"
X "Microsoft Outlook Express 6" "Outlook Express Setup Library" "Microsoft Corporation" "c:\program files\outlook express\setup50.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office14\msoxmlmf.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "ms-help" "Microsoft® Help Data Services Module" "Microsoft Corporation" "c:\program files\common files\microsoft shared\help\hxds.dll"
+ "mso-offdap11" "Microsoft Office Web Components 2003" "Microsoft Corporation" "c:\program files\common files\microsoft shared\web components\11\owc11.dll"
+ "skype-ie-addon-data" "Skype Click to Call for Internet Explorer" "Skype Technologies S.A." "c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll"
+ "skype4com" "Skype for COM API" "Skype Technologies" "c:\program files\common files\skype\skype4com.dll"
+ "vsharechrome" "" "" "c:\program files\vshare\vshare_toolbar.dll"
"HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components" "" "" ""
+ "0" "" "" "File not found: About:Home"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "Groove GFS Stub Execution Hook" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "BUContextMenu" "Backup Shell" "Symantec Corporation" "c:\program files\norton security suite\engine\6.0.0.145\bushell.dll"
+ "Symantec.Norton.Antivirus.IEContextMenu" "Symantec Shared Component Shell Extension Module" "Symantec Corporation" "c:\program files\norton security suite\engine\6.0.0.145\navshext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\*\ShellEx\PropertySheetHandlers" "" "" ""
+ "BuPropertySheet" "Backup Shell" "Symantec Corporation" "c:\program files\norton security suite\engine\6.0.0.145\bushell.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "00nView" "NVIDIA Desktop Explorer, Version 135.27 " "NVIDIA Corporation" "c:\program files\nvidia corporation\nview\nvshell.dll"
+ "NvCplDesktopContext" "NVIDIA Display Properties Extension" "NVIDIA Corporation" "c:\windows\system32\nvcpl.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "BUContextMenu" "Backup Shell" "Symantec Corporation" "c:\program files\norton security suite\engine\6.0.0.145\bushell.dll"
+ "Symantec.Norton.Antivirus.IEContextMenu" "Symantec Shared Component Shell Extension Module" "Symantec Corporation" "c:\program files\norton security suite\engine\6.0.0.145\navshext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2 (GFS Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 3 (GFS Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "OverlayExcluded" "Backup Shell" "Symantec Corporation" "c:\program files\norton security suite\engine\6.0.0.145\bushell.dll"
+ "OverlayPending" "Backup Shell" "Symantec Corporation" "c:\program files\norton security suite\engine\6.0.0.145\bushell.dll"
+ "OverlayProtected" "Backup Shell" "Symantec Corporation" "c:\program files\norton security suite\engine\6.0.0.145\bushell.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Reader Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files\common files\adobe\acrobat\activex\acroiehelper.dll"
+ "Groove GFS Browser Helper" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\jp2ssv.dll"
+ "JQSIEStartDetectorImpl Class" "Java™ Quick Starter binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll"
+ "Norton Identity Protection" "coIEPlugIn" "Symantec Corporation" "c:\program files\norton security suite\engine\6.0.0.145\coieplg.dll"
+ "Norton Vulnerability Protection" "IPS Browser Helper DLL" "Symantec Corporation" "c:\program files\norton security suite\engine\6.0.0.145\ips\ipsbho.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files\microsoft office\office14\urlredir.dll"
+ "Skype Browser Helper" "Skype Click to Call for Internet Explorer" "Skype Technologies S.A." "c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll"
+ "vShare Plugin" "" "" "c:\program files\vshare\vshare_toolbar.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Norton Toolbar" "coIEPlugIn" "Symantec Corporation" "c:\program files\norton security suite\engine\6.0.0.145\coieplg.dll"
+ "vShare Plugin" "" "" "c:\program files\vshare\vshare_toolbar.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "ICQ7.5" "ICQ" "ICQ, LLC." "f:\moved from old comp\program files\icq\icq7.5\icq.exe"
+ "Windows Messenger" "Windows Messenger" "Microsoft Corporation" "c:\program files\messenger\msmsgs.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "Acer ODDSpeedControl" "TODO: <檔案說明>" "TODO: <公司名稱>" "c:\acer\empowering technology\eacoustics\oddspeedctl\speedcontrol.exe"
+ "AcerMemUsageCheckService" "Monitor memory usage and provide the ability to release unused memory." "Acer Inc." "c:\acer\empowering technology\eperformance\memcheck.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "Ati HotKey Poller" "ATI External Event Utility EXE Module" "ATI Technologies Inc." "c:\windows\system32\ati2evxx.exe"
+ "BcmSqlStartupSvc" "Controls the start of the Business Contact Manager SQL Server instance (MSSMLBIZ)." "Microsoft Corporation" "c:\program files\microsoft small business\business contact manager\bcmsqlstartupsvc.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "CVPND" "Cisco Systems VPN Client" "Cisco Systems, Inc." "c:\program files\cisco systems\vpn client\cvpnd.exe"
+ "IDriverT" "Provides support for the Running Object Table for InstallShield Drivers" "Macrovision Corporation" "c:\program files\common files\installshield\driver\1150\intel 32\idrivert.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "JavaQuickStarterService" "Prefetches JRE files for faster startup of Java applets and applications" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\jqs.exe"
+ "LBTServ" "Logitech Bluetooth Service" "Logitech, Inc." "c:\program files\common files\logishrd\bluetooth\lbtserv.exe"
+ "LightScribeService" "Used by the LightScribe software components to support 3rd party disc labeling applications using the LightScribe COM Application Programming Interface (LSCAPI). This service needs to run for LightScribe direct disc labeling to work." "Hewlett-Packard Company" "c:\program files\common files\lightscribe\lssrvc.exe"
+ "MBAMService" "Malwarebytes Anti-Malware service" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamservice.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AFS2K" "Audio File System" "Oak Technology Inc." "c:\windows\system32\drivers\afs2k.sys"
+ "ALSysIO" "" "" "File not found: C:\WINDOWS\System32\Drivers\ALSysIO.sys"
+ "Ambfilt" "Creative WDM 3D Audio Driver" "Creative" "c:\windows\system32\drivers\ambfilt.sys"
+ "amdide" "AMD PCI SATA/IDE Bus Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdide.sys"
+ "AmdPPM" "AMD Processor Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdppm.sys"
+ "ati2mtag" "ATI Radeon WindowsNT Miniport Driver" "ATI Technologies Inc." "c:\windows\system32\drivers\ati2mtag.sys"
+ "AtiHDAudioService" "ATI High Definition Audio Function Driver" "ATI Technologies, Inc." "c:\windows\system32\drivers\atihdxp3.sys"
+ "BHDrvx86" "SONAR Engine Driver" "Symantec Corporation" "c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_6.0.0.145\definitions\bashdefs\20111201.001\bhdrvx86.sys"
+ "BIOS" "I/O Interface driver file" "BIOSTAR Group" "c:\windows\system32\drivers\bios.sys"
+ "BS_I2cIo" "I/O Interface driver file" "BIOSTAR Group" "c:\windows\system32\drivers\bs_i2cio.sys"
+ "ccSet_N360" "Common Client Settings Driver" "Symantec Corporation" "c:\windows\system32\drivers\n360\0600000.091\ccsetx86.sys"
+ "Changer" "" "" "File not found: C:\WINDOWS\System32\Drivers\Changer.sys"
+ "CVirtA" "Cisco Systems VPN Adapter" "Cisco Systems, Inc." "c:\windows\system32\drivers\cvirta.sys"
+ "CVPNDRVA" "Cisco Systems VPN Client IPSec Driver" "Cisco Systems, Inc." "c:\windows\system32\drivers\cvpndrva.sys"
+ "DNE" "Deterministic Network Enhancer" "Deterministic Networks, Inc." "c:\windows\system32\drivers\dne2000.sys"
+ "DUMeterDrv" "" "" "File not found: C:\Program Files\DU Meter\DUM_XP32.SYS"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "HDAudBus" "High Definition Audio Bus Driver v1.0a" "Windows ® Server 2003 DDK provider" "c:\windows\system32\drivers\hdaudbus.sys"
+ "HPZid412" "IEEE-1284.4-1999 Driver (Windows 2000)" "HP" "c:\windows\system32\drivers\hpzid412.sys"
+ "HPZipr12" "IEEE-1284.4-1999 Print Class Driver" "HP" "c:\windows\system32\drivers\hpzipr12.sys"
+ "HPZius12" "1284.4<->Usb Datalink Driver (Windows 2000)" "HP" "c:\windows\system32\drivers\hpzius12.sys"
+ "i2omgmt" "" "" "File not found: C:\WINDOWS\System32\Drivers\i2omgmt.sys"
+ "IDSxpx86" "Symantec Intrusion Prevention Driver" "Symantec Corporation" "c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_6.0.0.145\definitions\ipsdefs\20111130.012\idsxpx86.sys"
+ "int15" "" "" "c:\windows\system32\drivers\int15.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkhdaud.sys"
+ "L8042Kbd" "Logitech PS2 Keyboard Filter Driver." "Logitech, Inc." "c:\windows\system32\drivers\l8042kbd.sys"
+ "L8042mou" "Logitech PS/2 Mouse Filter Driver." "Logitech, Inc." "c:\windows\system32\drivers\l8042mou.sys"
+ "lbrtfdc" "" "" "File not found: C:\WINDOWS\System32\Drivers\lbrtfdc.sys"
+ "LHidFilt" "Logitech HID Filter Driver." "Logitech, Inc." "c:\windows\system32\drivers\lhidfilt.sys"
+ "LMouFilt" "Logitech Mouse Filter Driver." "Logitech, Inc." "c:\windows\system32\drivers\lmoufilt.sys"
+ "LMouKE" "Logitech Filter Driver for Mouse Class." "Logitech, Inc." "c:\windows\system32\drivers\lmouke.sys"
+ "LUsbFilt" "Logitech USB Filter Driver." "Logitech, Inc." "c:\windows\system32\drivers\lusbfilt.sys"
+ "MBAMProtector" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\windows\system32\drivers\mbam.sys"
+ "MCSTRM" "" "" "File not found: C:\WINDOWS\System32\Drivers\MCSTRM.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.iac2" "Indeo® audio software" "Intel Corporation" "c:\windows\system32\iac25_32.ax"
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "msacm.sl_anet" "Audio codec for MS ACM" "Sipro Lab Telecom Inc." "c:\windows\system32\sl_anet.acm"
+ "msacm.trspch" "DSP Group TrueSpeech™ Audio Codec for MSACM V3.50" "DSP GROUP, INC." "c:\windows\system32\tssoft32.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\system32\iccvid.dll"
+ "vidc.iv31" "" "" "c:\windows\system32\ir32_32.dll"
+ "vidc.iv32" "" "" "c:\windows\system32\ir32_32.dll"
+ "vidc.iv41" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "vidc.iv50" "Intel Indeo® video 5.10" "Intel Corporation" "c:\windows\system32\ir50_32.dll"
"HKLM\Software\Classes\Filter" "" "" ""
+ "Indeo® video 4.4 Compression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Compression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Decompression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Decompression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "9x8Resize" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "ACELP.net Audio Decoder" "ACELP.net Audio Decoder" "Sipro Lab Telecom Inc." "c:\windows\system32\acelpdec.ax"
+ "Allocator Fix" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Bitmap" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "CyberLink Audio Decoder (PDVD7)" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd\audiofilter\claud.ax"
+ "CyberLink Audio Effect (PDVD7)" "CyberLink Audio Effect Filter" "CyberLink Corporation" "c:\program files\cyberlink\powerdvd\audiofilter\claudfx.ax"
+ "CyberLink Audio Spectrum Analyzer (PDVD7)" "CLAudSpa.ax" "CyberLink Corp." "c:\program files\cyberlink\powerdvd\audiofilter\claudspa.ax"
+ "CyberLink AudioCD Filter (PDVD7)" "CyberLink AudioCD Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd\audiofilter\claudiocd.ax"
+ "CyberLink Demux (PDVD7)" "MPEG-2 Dempltiplexer" "CyberLink Corp." "c:\program files\cyberlink\powerdvd\navfilter\cldemuxer.ax"
+ "CyberLink DVD Navigator (PDVD7)" "CyberLink DVD Navigation Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd\navfilter\clnavx.ax"
+ "CyberLink Line21 Decoder (PDVD7)" "CyberLink Line21 Decoder Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd\videofilter\clline21.ax"
+ "CyberLink MPEG-4 Splitter (PDVD7)" "CyberLink MPEG-4 Splitter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd\navfilter\clm4splt.ax"
+ "Cyberlink SubTitle Importor (PDVD7)" "CLSubTitle.ax" "CyberLink Corp." "c:\program files\cyberlink\powerdvd\videofilter\clsubtitle.ax"
+ "CyberLink TimeStretch Filter (PDVD7)" "CLAuTS.ax" "CyberLink Corp." "c:\program files\cyberlink\powerdvd\audiofilter\clauts.ax"
+ "CyberLink Video/SP Decoder (PDVD7)" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd\videofilter\clvsd.ax"
+ "Frame Eater" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Indeo® audio software" "Indeo® audio software" "Intel Corporation" "c:\windows\system32\iac25_32.ax"
+ "Indeo® video 5.10 Compression Filter" "Intel Indeo® video 5.10" "Intel Corporation" "c:\windows\system32\ir50_32.dll"
+ "Indeo® video 5.10 Decompression Filter" "Intel Indeo® video 5.10" "Intel Corporation" "c:\windows\system32\ir50_32.dll"
+ "MPEG Layer-3 Decoder" "MPEG Layer-3 Audio Decoder" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codecx.ax"
+ "Record Queue" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "ShotDetect" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Stetch" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WIA Stream Snapshot Filter" "WIA Stream Snapshot Filter" "MyCompanyName" "c:\windows\system32\wiasf.ax"
+ "WM VIH2 Fix" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Audio Analyzer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Black Frame Generator" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DirectX Transform Wrapper" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DV Extract Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT FormatConversion" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Import Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Interlacer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Log Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT MuxDeMux Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Sample Info Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Screen capture Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Switch Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Renderer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Source" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Volume" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "AtiExtEvent" "ATI External Event Utility DLL Module" "ATI Technologies Inc." "c:\windows\system32\ati2evxx.dll"
+ "LBTWlgn" "Logitech Bluetooth Service" "Logitech, Inc." "c:\program files\common files\logishrd\bluetooth\lbtwlgn.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "3300 Series Port" "" "" "File not found: lxcclmpm.DLL"
+ "hpzlnt07" "" "HP" "c:\windows\system32\hpzlnt07.dll"

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:38 PM

Posted 01 September 2012 - 03:37 PM

Download

ftp://ftp.symantec.com/public/english_us_canada/removal_tools/Norton_Removal_Tool.exe

Run the tool.This should uninstall norton.Restart the PC and try to boot into normal mode

#14 Marc AB

Marc AB
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:01:38 PM

Posted 01 September 2012 - 03:46 PM

I got the same blue screen after the Norton uninstall.

#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:38 PM

Posted 01 September 2012 - 04:04 PM

Run autoruns again and post the new log




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users