Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

black screen on normal login after win32.weelsof.b removal


  • Please log in to reply
18 replies to this topic

#1 bdazzler

bdazzler

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:04:17 PM

Posted 02 October 2012 - 04:30 PM

avast detected win32.weelsof.b and removed via eset online scanner.

since removal i get a nvidia settings error and a black screen with cursor. unistalling nvidia had no effect as the built in video card would also go to black screen. when internet connected i get rundll32 error, but without internet there is not rundll32 error.

running explorer.exe from task manager removes black screen.

Also boot time is noticeable longer.

tried system restore but it fails with catastophic error. have tried restore from safe mode and recovery cd.

BC AdBot (Login to Remove)

 


#2 bdazzler

bdazzler
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:04:17 PM

Posted 03 October 2012 - 02:14 AM

TDDSKILLER RESULTS

23:05:11.0817 2456 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
23:05:11.0942 2456 ============================================================
23:05:11.0942 2456 Current date / time: 2012/10/02 23:05:11.0942
23:05:11.0942 2456 SystemInfo:
23:05:11.0942 2456
23:05:11.0942 2456 OS Version: 6.0.6002 ServicePack: 2.0
23:05:11.0942 2456 Product type: Workstation
23:05:11.0942 2456 ComputerName: ROBCASEY-PC
23:05:11.0942 2456 UserName: robcasey
23:05:11.0942 2456 Windows directory: C:\Windows
23:05:11.0942 2456 System windows directory: C:\Windows
23:05:11.0942 2456 Processor architecture: Intel x86
23:05:11.0942 2456 Number of processors: 2
23:05:11.0942 2456 Page size: 0x1000
23:05:11.0942 2456 Boot type: Normal boot
23:05:11.0942 2456 ============================================================
23:05:12.0722 2456 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
23:05:12.0768 2456 ============================================================
23:05:12.0768 2456 \Device\Harddisk0\DR0:
23:05:12.0768 2456 MBR partitions:
23:05:12.0768 2456 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A385000
23:05:12.0768 2456 ============================================================
23:05:12.0815 2456 C: <-> \Device\Harddisk0\DR0\Partition1
23:05:12.0815 2456 ============================================================
23:05:12.0815 2456 Initialize success
23:05:12.0815 2456 ============================================================
23:05:38.0368 0012 ============================================================
23:05:38.0368 0012 Scan started
23:05:38.0368 0012 Mode: Manual; TDLFS;
23:05:38.0368 0012 ============================================================
23:05:39.0210 0012 ================ Scan system memory ========================
23:05:39.0210 0012 System memory - ok
23:05:39.0210 0012 ================ Scan services =============================
23:05:39.0382 0012 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
23:05:39.0382 0012 ACPI - ok
23:05:39.0476 0012 [ 459AC130C6AB892B1CD5D7544626EFC5 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
23:05:39.0476 0012 AdobeFlashPlayerUpdateSvc - ok
23:05:39.0522 0012 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
23:05:39.0522 0012 adp94xx - ok
23:05:39.0554 0012 [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci C:\Windows\system32\drivers\adpahci.sys
23:05:39.0554 0012 adpahci - ok
23:05:39.0585 0012 [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
23:05:39.0585 0012 adpu160m - ok
23:05:39.0600 0012 [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320 C:\Windows\system32\drivers\adpu320.sys
23:05:39.0600 0012 adpu320 - ok
23:05:39.0647 0012 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
23:05:39.0647 0012 AeLookupSvc - ok
23:05:39.0694 0012 [ 330A1E4DF07C2E29949ED8631CD8828E ] AERTFilters C:\Windows\system32\AERTSrv.exe
23:05:39.0694 0012 AERTFilters - ok
23:05:39.0756 0012 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
23:05:39.0772 0012 AFD - ok
23:05:39.0788 0012 [ EF23439CDD587F64C2C1B8825CEAD7D8 ] agp440 C:\Windows\system32\drivers\agp440.sys
23:05:39.0788 0012 agp440 - ok
23:05:39.0834 0012 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
23:05:39.0850 0012 aic78xx - ok
23:05:39.0881 0012 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
23:05:39.0881 0012 ALG - ok
23:05:39.0881 0012 [ 90395B64600EBB4552E26E178C94B2E4 ] aliide C:\Windows\system32\drivers\aliide.sys
23:05:39.0881 0012 aliide - ok
23:05:39.0912 0012 [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
23:05:39.0912 0012 amdagp - ok
23:05:39.0944 0012 [ 0577DF1D323FE75A739C787893D300EA ] amdide C:\Windows\system32\drivers\amdide.sys
23:05:39.0944 0012 amdide - ok
23:05:39.0959 0012 [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
23:05:39.0959 0012 AmdK7 - ok
23:05:39.0975 0012 [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
23:05:39.0975 0012 AmdK8 - ok
23:05:40.0037 0012 [ DFAE18C675D71FD06D57DC69D2913975 ] AppHostSvc C:\Windows\system32\inetsrv\apphostsvc.dll
23:05:40.0053 0012 AppHostSvc - ok
23:05:40.0053 0012 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
23:05:40.0053 0012 Appinfo - ok
23:05:40.0131 0012 [ 2E3E53A6AEF23E24F402C7855B9B1542 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
23:05:40.0131 0012 Apple Mobile Device - ok
23:05:40.0146 0012 [ 0FE769CAE5855B53C90E23F85E7E89FF ] AppMgmt C:\Windows\System32\appmgmts.dll
23:05:40.0146 0012 AppMgmt - ok
23:05:40.0162 0012 [ 5F673180268BB1FDB69C99B6619FE379 ] arc C:\Windows\system32\drivers\arc.sys
23:05:40.0162 0012 arc - ok
23:05:40.0178 0012 [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas C:\Windows\system32\drivers\arcsas.sys
23:05:40.0178 0012 arcsas - ok
23:05:40.0256 0012 [ 40C145F12FF461A0220303BDA134F598 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
23:05:40.0271 0012 aspnet_state - ok
23:05:40.0349 0012 [ F5DC168BF77572D51BE28BA261B30CB4 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
23:05:40.0349 0012 aswFsBlk - ok
23:05:40.0380 0012 [ F76E51561562AC4105DBBE53FC99BC10 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
23:05:40.0380 0012 aswMonFlt - ok
23:05:40.0396 0012 [ B7D5E4486BA658ED08624D8084ABB830 ] aswRdr C:\Windows\system32\drivers\aswRdr.sys
23:05:40.0396 0012 aswRdr - ok
23:05:40.0474 0012 [ 30E45AF8B4D83176CA850FC9699E860B ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
23:05:40.0474 0012 aswSnx - ok
23:05:40.0536 0012 [ F04BDBCB965C05C51F4A7DE7B62063D6 ] aswSP C:\Windows\system32\drivers\aswSP.sys
23:05:40.0536 0012 aswSP - ok
23:05:40.0583 0012 [ DFE9152ABFA89BB8CFDC057409B2D4DA ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
23:05:40.0583 0012 aswTdi - ok
23:05:40.0630 0012 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
23:05:40.0630 0012 AsyncMac - ok
23:05:40.0661 0012 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
23:05:40.0661 0012 atapi - ok
23:05:40.0692 0012 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:05:40.0692 0012 AudioEndpointBuilder - ok
23:05:40.0708 0012 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
23:05:40.0708 0012 Audiosrv - ok
23:05:40.0770 0012 [ 04AC21E821F259845BD7367CEE057290 ] avast! Antivirus C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
23:05:40.0770 0012 avast! Antivirus - ok
23:05:40.0802 0012 [ CF6A67C90951E3E763D2135DEDE44B85 ] BCM43XV C:\Windows\system32\DRIVERS\bcmwl6.sys
23:05:40.0802 0012 BCM43XV - ok
23:05:40.0864 0012 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
23:05:40.0864 0012 Beep - ok
23:05:40.0911 0012 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
23:05:40.0926 0012 BFE - ok
23:05:41.0004 0012 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\system32\qmgr.dll
23:05:41.0004 0012 BITS - ok
23:05:41.0020 0012 blbdrive - ok
23:05:41.0082 0012 [ 5AB58C337AC65837FE404462AD6265AB ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
23:05:41.0098 0012 Bonjour Service - ok
23:05:41.0145 0012 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
23:05:41.0145 0012 bowser - ok
23:05:41.0176 0012 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
23:05:41.0176 0012 BrFiltLo - ok
23:05:41.0207 0012 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
23:05:41.0207 0012 BrFiltUp - ok
23:05:41.0254 0012 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
23:05:41.0254 0012 Browser - ok
23:05:41.0270 0012 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
23:05:41.0270 0012 Brserid - ok
23:05:41.0301 0012 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
23:05:41.0301 0012 BrSerWdm - ok
23:05:41.0332 0012 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
23:05:41.0332 0012 BrUsbMdm - ok
23:05:41.0348 0012 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
23:05:41.0348 0012 BrUsbSer - ok
23:05:41.0363 0012 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
23:05:41.0363 0012 BTHMODEM - ok
23:05:41.0441 0012 catchme - ok
23:05:41.0457 0012 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
23:05:41.0457 0012 cdfs - ok
23:05:41.0488 0012 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
23:05:41.0488 0012 cdrom - ok
23:05:41.0535 0012 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
23:05:41.0550 0012 CertPropSvc - ok
23:05:41.0566 0012 [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass C:\Windows\system32\drivers\circlass.sys
23:05:41.0566 0012 circlass - ok
23:05:41.0628 0012 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
23:05:41.0628 0012 CLFS - ok
23:05:41.0691 0012 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:05:41.0753 0012 clr_optimization_v2.0.50727_32 - ok
23:05:41.0831 0012 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:05:41.0847 0012 clr_optimization_v4.0.30319_32 - ok
23:05:41.0894 0012 [ 45201046C776FFDAF3FC8A0029C581C8 ] cmdide C:\Windows\system32\drivers\cmdide.sys
23:05:41.0894 0012 cmdide - ok
23:05:41.0909 0012 [ 82B8C91D327CFECF76CB58716F7D4997 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
23:05:41.0909 0012 Compbatt - ok
23:05:41.0909 0012 COMSysApp - ok
23:05:41.0940 0012 [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
23:05:41.0940 0012 crcdisk - ok
23:05:41.0956 0012 [ 22A7F883508176489F559EE745B5BF5D ] Crusoe C:\Windows\system32\drivers\crusoe.sys
23:05:41.0956 0012 Crusoe - ok
23:05:42.0003 0012 [ 75C6A297E364014840B48ECCD7525E30 ] CryptSvc C:\Windows\system32\cryptsvc.dll
23:05:42.0003 0012 CryptSvc - ok
23:05:42.0003 0012 [ 9BDB2E89BE8D0EF37B1F25C3D3FC192C ] CSC C:\Windows\system32\drivers\csc.sys
23:05:42.0018 0012 CSC - ok
23:05:42.0050 0012 [ 0A2095F92F6AE4FE6484D911B0C21E95 ] CscService C:\Windows\System32\cscsvc.dll
23:05:42.0065 0012 CscService - ok
23:05:42.0081 0012 [ B5ECADF7708960F1818C7FA015F4C239 ] CVirtA C:\Windows\system32\DRIVERS\CVirtA.sys
23:05:42.0081 0012 CVirtA - ok
23:05:42.0128 0012 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
23:05:42.0143 0012 DcomLaunch - ok
23:05:42.0206 0012 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
23:05:42.0221 0012 DfsC - ok
23:05:42.0299 0012 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
23:05:42.0315 0012 DFSR - ok
23:05:42.0377 0012 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
23:05:42.0377 0012 Dhcp - ok
23:05:42.0408 0012 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
23:05:42.0424 0012 disk - ok
23:05:42.0471 0012 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
23:05:42.0471 0012 Dnscache - ok
23:05:42.0502 0012 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
23:05:42.0502 0012 dot3svc - ok
23:05:42.0533 0012 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
23:05:42.0533 0012 DPS - ok
23:05:42.0549 0012 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
23:05:42.0549 0012 drmkaud - ok
23:05:42.0580 0012 [ FB38473835476A6FB272215A1D972AF9 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
23:05:42.0580 0012 dtsoftbus01 - ok
23:05:42.0658 0012 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
23:05:42.0658 0012 DXGKrnl - ok
23:05:42.0689 0012 [ 04944F4FC4F0477185F5D26AE0DDB90E ] e1express C:\Windows\system32\DRIVERS\e1e6032.sys
23:05:42.0705 0012 e1express - ok
23:05:42.0736 0012 [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
23:05:42.0736 0012 E1G60 - ok
23:05:42.0767 0012 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
23:05:42.0767 0012 EapHost - ok
23:05:42.0783 0012 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
23:05:42.0783 0012 Ecache - ok
23:05:42.0845 0012 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
23:05:42.0845 0012 ehRecvr - ok
23:05:42.0876 0012 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
23:05:42.0876 0012 ehSched - ok
23:05:42.0892 0012 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
23:05:42.0892 0012 ehstart - ok
23:05:42.0923 0012 [ E8F3F21A71720C84BCF423B80028359F ] elxstor C:\Windows\system32\drivers\elxstor.sys
23:05:42.0923 0012 elxstor - ok
23:05:42.0970 0012 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
23:05:42.0986 0012 EMDMgmt - ok
23:05:43.0048 0012 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
23:05:43.0048 0012 EventSystem - ok
23:05:43.0079 0012 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
23:05:43.0079 0012 exfat - ok
23:05:43.0126 0012 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
23:05:43.0142 0012 fastfat - ok
23:05:43.0173 0012 [ DFBA0F60FA301E5B1BFB1403A93EE23E ] Fax C:\Windows\system32\fxssvc.exe
23:05:43.0173 0012 Fax - ok
23:05:43.0204 0012 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
23:05:43.0204 0012 fdc - ok
23:05:43.0204 0012 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
23:05:43.0204 0012 fdPHost - ok
23:05:43.0235 0012 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
23:05:43.0235 0012 FDResPub - ok
23:05:43.0251 0012 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
23:05:43.0251 0012 FileInfo - ok
23:05:43.0266 0012 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
23:05:43.0266 0012 Filetrace - ok
23:05:43.0282 0012 [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
23:05:43.0282 0012 flpydisk - ok
23:05:43.0298 0012 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
23:05:43.0298 0012 FltMgr - ok
23:05:43.0360 0012 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
23:05:43.0360 0012 FontCache - ok
23:05:43.0422 0012 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
23:05:43.0422 0012 FontCache3.0.0.0 - ok
23:05:43.0454 0012 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
23:05:43.0454 0012 Fs_Rec - ok
23:05:43.0454 0012 [ FECF4C2E42440A8D132BF94EEE3C3FC9 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
23:05:43.0469 0012 fvevol - ok
23:05:43.0500 0012 [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
23:05:43.0500 0012 gagp30kx - ok
23:05:43.0532 0012 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
23:05:43.0532 0012 GEARAspiWDM - ok
23:05:43.0594 0012 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
23:05:43.0594 0012 gpsvc - ok
23:05:43.0625 0012 [ 3F90E001369A07243763BD5A523D8722 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:05:43.0625 0012 HdAudAddService - ok
23:05:43.0672 0012 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
23:05:43.0672 0012 HDAudBus - ok
23:05:43.0703 0012 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
23:05:43.0703 0012 HidBth - ok
23:05:43.0734 0012 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
23:05:43.0734 0012 HidIr - ok
23:05:43.0766 0012 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\System32\hidserv.dll
23:05:43.0766 0012 hidserv - ok
23:05:43.0797 0012 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
23:05:43.0797 0012 HidUsb - ok
23:05:43.0828 0012 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
23:05:43.0828 0012 hkmsvc - ok
23:05:43.0844 0012 [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
23:05:43.0859 0012 HpCISSs - ok
23:05:43.0890 0012 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
23:05:43.0906 0012 HTTP - ok
23:05:43.0922 0012 [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp C:\Windows\system32\drivers\i2omp.sys
23:05:43.0922 0012 i2omp - ok
23:05:43.0953 0012 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
23:05:43.0953 0012 i8042prt - ok
23:05:44.0000 0012 [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
23:05:44.0015 0012 iaStorV - ok
23:05:44.0078 0012 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
23:05:44.0093 0012 idsvc - ok
23:05:44.0109 0012 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
23:05:44.0109 0012 iirsp - ok
23:05:44.0156 0012 [ DAE181C2FDB0D02159C56185A469E10B ] IISADMIN C:\Windows\system32\inetsrv\inetinfo.exe
23:05:44.0156 0012 IISADMIN - ok
23:05:44.0171 0012 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
23:05:44.0187 0012 IKEEXT - ok
23:05:44.0280 0012 [ 0EAC4E375910CA701B46CC48EB4868F6 ] InstallShield Licensing Service C:\Program Files\Common Files\InstallShield Shared\Service\InstallShield Licensing Service.exe
23:05:44.0296 0012 InstallShield Licensing Service - ok
23:05:44.0358 0012 [ F8F53C5449F15B23D4C61D51D2701DA8 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
23:05:44.0374 0012 IntcAzAudAddService - ok
23:05:44.0374 0012 [ 97469037714070E45194ED318D636401 ] intelide C:\Windows\system32\drivers\intelide.sys
23:05:44.0374 0012 intelide - ok
23:05:44.0390 0012 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
23:05:44.0390 0012 intelppm - ok
23:05:44.0405 0012 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
23:05:44.0405 0012 IPBusEnum - ok
23:05:44.0452 0012 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:05:44.0452 0012 IpFilterDriver - ok
23:05:44.0483 0012 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
23:05:44.0483 0012 iphlpsvc - ok
23:05:44.0499 0012 IpInIp - ok
23:05:44.0514 0012 [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
23:05:44.0514 0012 IPMIDRV - ok
23:05:44.0546 0012 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
23:05:44.0546 0012 IPNAT - ok
23:05:44.0592 0012 [ 8F610078437A459948480407F4DB91EA ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
23:05:44.0592 0012 iPod Service - ok
23:05:44.0608 0012 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
23:05:44.0608 0012 IRENUM - ok
23:05:44.0655 0012 [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp C:\Windows\system32\drivers\isapnp.sys
23:05:44.0655 0012 isapnp - ok
23:05:44.0686 0012 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
23:05:44.0686 0012 iScsiPrt - ok
23:05:44.0702 0012 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
23:05:44.0717 0012 iteatapi - ok
23:05:44.0717 0012 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
23:05:44.0717 0012 iteraid - ok
23:05:44.0748 0012 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
23:05:44.0748 0012 kbdclass - ok
23:05:44.0780 0012 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
23:05:44.0780 0012 kbdhid - ok
23:05:44.0795 0012 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
23:05:44.0795 0012 KeyIso - ok
23:05:44.0826 0012 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
23:05:44.0826 0012 KSecDD - ok
23:05:44.0873 0012 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
23:05:44.0873 0012 KtmRm - ok
23:05:44.0920 0012 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\System32\srvsvc.dll
23:05:44.0936 0012 LanmanServer - ok
23:05:44.0998 0012 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:05:44.0998 0012 LanmanWorkstation - ok
23:05:45.0014 0012 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
23:05:45.0014 0012 lltdio - ok
23:05:45.0029 0012 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
23:05:45.0029 0012 lltdsvc - ok
23:05:45.0092 0012 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
23:05:45.0092 0012 lmhosts - ok
23:05:45.0123 0012 [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
23:05:45.0123 0012 LSI_FC - ok
23:05:45.0154 0012 [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
23:05:45.0154 0012 LSI_SAS - ok
23:05:45.0170 0012 [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
23:05:45.0170 0012 LSI_SCSI - ok
23:05:45.0201 0012 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
23:05:45.0201 0012 luafv - ok
23:05:45.0232 0012 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
23:05:45.0232 0012 Mcx2Svc - ok
23:05:45.0263 0012 [ D153B14FC6598EAE8422A2037553ADCE ] megasas C:\Windows\system32\drivers\megasas.sys
23:05:45.0263 0012 megasas - ok
23:05:45.0279 0012 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
23:05:45.0279 0012 MMCSS - ok
23:05:45.0294 0012 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
23:05:45.0294 0012 Modem - ok
23:05:45.0341 0012 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
23:05:45.0341 0012 monitor - ok
23:05:45.0357 0012 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
23:05:45.0357 0012 mouclass - ok
23:05:45.0372 0012 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
23:05:45.0372 0012 mouhid - ok
23:05:45.0388 0012 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
23:05:45.0388 0012 MountMgr - ok
23:05:45.0404 0012 [ 583A41F26278D9E0EA548163D6139397 ] mpio C:\Windows\system32\drivers\mpio.sys
23:05:45.0404 0012 mpio - ok
23:05:45.0419 0012 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
23:05:45.0419 0012 mpsdrv - ok
23:05:45.0450 0012 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
23:05:45.0466 0012 MpsSvc - ok
23:05:45.0513 0012 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
23:05:45.0513 0012 Mraid35x - ok
23:05:45.0513 0012 MREMP50 - ok
23:05:45.0513 0012 MREMPR5 - ok
23:05:45.0513 0012 MRENDIS5 - ok
23:05:45.0544 0012 MRESP50 - ok
23:05:45.0575 0012 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
23:05:45.0575 0012 MRxDAV - ok
23:05:45.0622 0012 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
23:05:45.0638 0012 mrxsmb - ok
23:05:45.0653 0012 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:05:45.0653 0012 mrxsmb10 - ok
23:05:45.0669 0012 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:05:45.0669 0012 mrxsmb20 - ok
23:05:45.0700 0012 [ 742AED7939E734C36B7E8D6228CE26B7 ] msahci C:\Windows\system32\drivers\msahci.sys
23:05:45.0700 0012 msahci - ok
23:05:45.0716 0012 [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm C:\Windows\system32\drivers\msdsm.sys
23:05:45.0716 0012 msdsm - ok
23:05:45.0747 0012 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
23:05:45.0762 0012 MSDTC - ok
23:05:45.0794 0012 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
23:05:45.0794 0012 Msfs - ok
23:05:45.0809 0012 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
23:05:45.0809 0012 msisadrv - ok
23:05:45.0840 0012 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
23:05:45.0840 0012 MSiSCSI - ok
23:05:45.0840 0012 msiserver - ok
23:05:45.0903 0012 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
23:05:45.0903 0012 MSKSSRV - ok
23:05:45.0950 0012 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
23:05:45.0950 0012 MSPCLOCK - ok
23:05:45.0981 0012 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
23:05:45.0981 0012 MSPQM - ok
23:05:46.0012 0012 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
23:05:46.0012 0012 MsRPC - ok
23:05:46.0028 0012 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
23:05:46.0028 0012 mssmbios - ok
23:05:46.0074 0012 MSSQL$SQLEXPRESS - ok
23:05:46.0121 0012 [ 1D89EB4E2A99CABD4E81225F4F4C4B25 ] MSSQLServerADHelper c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
23:05:46.0121 0012 MSSQLServerADHelper - ok
23:05:46.0152 0012 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
23:05:46.0152 0012 MSTEE - ok
23:05:46.0324 0012 [ 211FC58C9DBD1F3A824E34023D16BABC ] msvsmon80 C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe
23:05:46.0355 0012 msvsmon80 - ok
23:05:46.0511 0012 [ 5BB9B12A0C4685A13E81B44C7FE38B94 ] msvsmon90 C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x86\msvsmon.exe
23:05:46.0542 0012 msvsmon90 - ok
23:05:46.0574 0012 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
23:05:46.0574 0012 Mup - ok
23:05:46.0605 0012 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
23:05:46.0605 0012 napagent - ok
23:05:46.0636 0012 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
23:05:46.0636 0012 NativeWifiP - ok
23:05:46.0698 0012 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
23:05:46.0698 0012 NDIS - ok
23:05:46.0730 0012 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
23:05:46.0730 0012 NdisTapi - ok
23:05:46.0745 0012 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
23:05:46.0745 0012 Ndisuio - ok
23:05:46.0776 0012 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
23:05:46.0776 0012 NdisWan - ok
23:05:46.0776 0012 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
23:05:46.0776 0012 NDProxy - ok
23:05:46.0792 0012 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
23:05:46.0792 0012 NetBIOS - ok
23:05:46.0839 0012 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
23:05:46.0839 0012 netbt - ok
23:05:46.0886 0012 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
23:05:46.0886 0012 Netlogon - ok
23:05:46.0901 0012 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
23:05:46.0917 0012 Netman - ok
23:05:46.0932 0012 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
23:05:46.0932 0012 netprofm - ok
23:05:46.0964 0012 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:05:46.0964 0012 NetTcpPortSharing - ok
23:05:46.0979 0012 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
23:05:46.0979 0012 nfrd960 - ok
23:05:47.0010 0012 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
23:05:47.0010 0012 NlaSvc - ok
23:05:47.0042 0012 [ 6623E51595C0076755C29C00846C4EB2 ] npf C:\Windows\system32\drivers\npf.sys
23:05:47.0042 0012 npf - ok
23:05:47.0057 0012 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
23:05:47.0057 0012 Npfs - ok
23:05:47.0073 0012 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
23:05:47.0073 0012 nsi - ok
23:05:47.0073 0012 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
23:05:47.0073 0012 nsiproxy - ok
23:05:47.0120 0012 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
23:05:47.0135 0012 Ntfs - ok
23:05:47.0166 0012 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
23:05:47.0166 0012 ntrigdigi - ok
23:05:47.0182 0012 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
23:05:47.0198 0012 Null - ok
23:05:47.0260 0012 [ 0E616537F3E12D4C9FB71181C2F21BD5 ] NVHDA C:\Windows\system32\drivers\nvhda32v.sys
23:05:47.0260 0012 NVHDA - ok
23:05:47.0541 0012 [ 4152708C0C24E30DAE7FA87D5AFE1D7B ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
23:05:47.0588 0012 nvlddmkm - ok
23:05:47.0650 0012 [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid C:\Windows\system32\drivers\nvraid.sys
23:05:47.0650 0012 nvraid - ok
23:05:47.0666 0012 [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor C:\Windows\system32\drivers\nvstor.sys
23:05:47.0681 0012 nvstor - ok
23:05:47.0744 0012 [ 26DB28B32E8D2F57CB5065A4A053801A ] nvsvc C:\Windows\system32\nvvsvc.exe
23:05:47.0759 0012 nvsvc - ok
23:05:47.0931 0012 [ A19BBE1E3E3FEF50B94CA07DCC0FB776 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
23:05:47.0931 0012 nvUpdatusService - ok
23:05:47.0962 0012 [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
23:05:47.0962 0012 nv_agp - ok
23:05:47.0962 0012 NwlnkFlt - ok
23:05:47.0978 0012 NwlnkFwd - ok
23:05:48.0056 0012 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
23:05:48.0071 0012 odserv - ok
23:05:48.0087 0012 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
23:05:48.0087 0012 ohci1394 - ok
23:05:48.0118 0012 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:05:48.0118 0012 ose - ok
23:05:48.0165 0012 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
23:05:48.0165 0012 p2pimsvc - ok
23:05:48.0180 0012 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
23:05:48.0180 0012 p2psvc - ok
23:05:48.0196 0012 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
23:05:48.0196 0012 Parport - ok
23:05:48.0227 0012 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
23:05:48.0227 0012 partmgr - ok
23:05:48.0243 0012 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
23:05:48.0243 0012 Parvdm - ok
23:05:48.0290 0012 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
23:05:48.0290 0012 PcaSvc - ok
23:05:48.0321 0012 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
23:05:48.0321 0012 pci - ok
23:05:48.0321 0012 [ 1636D43F10416AEB483BC6001097B26C ] pciide C:\Windows\system32\drivers\pciide.sys
23:05:48.0336 0012 pciide - ok
23:05:48.0352 0012 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
23:05:48.0352 0012 pcmcia - ok
23:05:48.0368 0012 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
23:05:48.0383 0012 PEAUTH - ok
23:05:48.0446 0012 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
23:05:48.0461 0012 pla - ok
23:05:48.0492 0012 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
23:05:48.0508 0012 PlugPlay - ok
23:05:48.0508 0012 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
23:05:48.0524 0012 PNRPAutoReg - ok
23:05:48.0524 0012 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
23:05:48.0539 0012 PNRPsvc - ok
23:05:48.0539 0012 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
23:05:48.0555 0012 PolicyAgent - ok
23:05:48.0570 0012 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
23:05:48.0570 0012 PptpMiniport - ok
23:05:48.0570 0012 [ 0E3CEF5D28B40CF273281D620C50700A ] Processor C:\Windows\system32\drivers\processr.sys
23:05:48.0586 0012 Processor - ok
23:05:48.0602 0012 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
23:05:48.0602 0012 ProfSvc - ok
23:05:48.0617 0012 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
23:05:48.0617 0012 ProtectedStorage - ok
23:05:48.0648 0012 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
23:05:48.0648 0012 PSched - ok
23:05:48.0664 0012 [ 03E0FE281823BA64B3782F5B38950E73 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
23:05:48.0680 0012 PxHelp20 - ok
23:05:48.0726 0012 [ CCDAC889326317792480C0A67156A1EC ] ql2300 C:\Windows\system32\drivers\ql2300.sys
23:05:48.0726 0012 ql2300 - ok
23:05:48.0758 0012 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
23:05:48.0758 0012 ql40xx - ok
23:05:48.0789 0012 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
23:05:48.0789 0012 QWAVE - ok
23:05:48.0804 0012 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
23:05:48.0804 0012 QWAVEdrv - ok
23:05:48.0804 0012 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
23:05:48.0804 0012 RasAcd - ok
23:05:48.0820 0012 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
23:05:48.0836 0012 RasAuto - ok
23:05:48.0836 0012 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
23:05:48.0851 0012 Rasl2tp - ok
23:05:48.0867 0012 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
23:05:48.0882 0012 RasMan - ok
23:05:48.0898 0012 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
23:05:48.0914 0012 RasPppoe - ok
23:05:48.0929 0012 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
23:05:48.0929 0012 RasSstp - ok
23:05:49.0007 0012 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
23:05:49.0007 0012 rdbss - ok
23:05:49.0023 0012 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
23:05:49.0023 0012 RDPCDD - ok
23:05:49.0054 0012 [ 943B18305EAE3935598A9B4A3D560B4C ] rdpdr C:\Windows\system32\DRIVERS\rdpdr.sys
23:05:49.0054 0012 rdpdr - ok
23:05:49.0054 0012 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
23:05:49.0054 0012 RDPENCDD - ok
23:05:49.0101 0012 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
23:05:49.0101 0012 RDPWD - ok
23:05:49.0132 0012 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
23:05:49.0132 0012 RemoteAccess - ok
23:05:49.0163 0012 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
23:05:49.0163 0012 RemoteRegistry - ok
23:05:49.0194 0012 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
23:05:49.0194 0012 RpcLocator - ok
23:05:49.0210 0012 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
23:05:49.0226 0012 RpcSs - ok
23:05:49.0241 0012 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
23:05:49.0241 0012 rspndr - ok
23:05:49.0257 0012 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
23:05:49.0257 0012 SamSs - ok
23:05:49.0288 0012 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
23:05:49.0304 0012 sbp2port - ok
23:05:49.0319 0012 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
23:05:49.0319 0012 SCardSvr - ok
23:05:49.0366 0012 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
23:05:49.0382 0012 Schedule - ok
23:05:49.0397 0012 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
23:05:49.0397 0012 SCPolicySvc - ok
23:05:49.0413 0012 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
23:05:49.0413 0012 SDRSVC - ok
23:05:49.0428 0012 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
23:05:49.0428 0012 secdrv - ok
23:05:49.0444 0012 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
23:05:49.0444 0012 seclogon - ok
23:05:49.0444 0012 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\system32\sens.dll
23:05:49.0460 0012 SENS - ok
23:05:49.0475 0012 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
23:05:49.0475 0012 Serenum - ok
23:05:49.0491 0012 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
23:05:49.0506 0012 Serial - ok
23:05:49.0538 0012 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
23:05:49.0538 0012 sermouse - ok
23:05:49.0553 0012 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
23:05:49.0553 0012 SessionEnv - ok
23:05:49.0569 0012 [ 103B79418DA647736EE95645F305F68A ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
23:05:49.0569 0012 sffdisk - ok
23:05:49.0584 0012 [ 8FD08A310645FE872EEEC6E08C6BF3EE ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
23:05:49.0584 0012 sffp_mmc - ok
23:05:49.0600 0012 [ 9CFA05FCFCB7124E69CFC812B72F9614 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
23:05:49.0600 0012 sffp_sd - ok
23:05:49.0616 0012 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
23:05:49.0616 0012 sfloppy - ok
23:05:49.0678 0012 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
23:05:49.0678 0012 SharedAccess - ok
23:05:49.0756 0012 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:05:49.0756 0012 ShellHWDetection - ok
23:05:49.0772 0012 [ D2A595D6EEBEEAF4334F8E50EFBC9931 ] sisagp C:\Windows\system32\drivers\sisagp.sys
23:05:49.0772 0012 sisagp - ok
23:05:49.0787 0012 [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
23:05:49.0787 0012 SiSRaid2 - ok
23:05:49.0803 0012 [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
23:05:49.0803 0012 SiSRaid4 - ok
23:05:49.0881 0012 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
23:05:49.0881 0012 SkypeUpdate - ok
23:05:49.0959 0012 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
23:05:49.0990 0012 slsvc - ok
23:05:50.0021 0012 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
23:05:50.0021 0012 SLUINotify - ok
23:05:50.0037 0012 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
23:05:50.0052 0012 Smb - ok
23:05:50.0099 0012 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
23:05:50.0099 0012 SNMPTRAP - ok
23:05:50.0130 0012 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
23:05:50.0130 0012 spldr - ok
23:05:50.0162 0012 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
23:05:50.0162 0012 Spooler - ok
23:05:50.0224 0012 [ 86EBD8B1F23E743AAD21F4D5B4D40985 ] SQLBrowser c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
23:05:50.0240 0012 SQLBrowser - ok
23:05:50.0271 0012 [ D89083C4EB02DACA8F944B0E05E57F9D ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
23:05:50.0271 0012 SQLWriter - ok
23:05:50.0302 0012 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
23:05:50.0318 0012 srv - ok
23:05:50.0349 0012 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
23:05:50.0349 0012 srv2 - ok
23:05:50.0349 0012 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
23:05:50.0364 0012 srvnet - ok
23:05:50.0380 0012 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
23:05:50.0380 0012 SSDPSRV - ok
23:05:50.0396 0012 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
23:05:50.0396 0012 SstpSvc - ok
23:05:50.0458 0012 [ 9BF7E58D9113CE15CF4F1E1B18CEFF83 ] Stereo Service C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
23:05:50.0458 0012 Stereo Service - ok
23:05:50.0520 0012 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
23:05:50.0536 0012 stisvc - ok
23:05:50.0614 0012 [ 7489520E98A119B5A9A00857F4F87D16 ] stllssvr C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
23:05:50.0614 0012 stllssvr - ok
23:05:50.0645 0012 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
23:05:50.0645 0012 swenum - ok
23:05:50.0676 0012 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
23:05:50.0692 0012 swprv - ok
23:05:50.0723 0012 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
23:05:50.0723 0012 Symc8xx - ok
23:05:50.0739 0012 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
23:05:50.0739 0012 Sym_hi - ok
23:05:50.0770 0012 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
23:05:50.0770 0012 Sym_u3 - ok
23:05:50.0801 0012 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
23:05:50.0817 0012 SysMain - ok
23:05:50.0848 0012 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:05:50.0848 0012 TabletInputService - ok
23:05:50.0910 0012 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
23:05:50.0926 0012 TapiSrv - ok
23:05:50.0942 0012 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
23:05:50.0942 0012 TBS - ok
23:05:50.0988 0012 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
23:05:50.0988 0012 Tcpip - ok
23:05:51.0004 0012 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
23:05:51.0020 0012 Tcpip6 - ok
23:05:51.0098 0012 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
23:05:51.0098 0012 tcpipreg - ok
23:05:51.0113 0012 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
23:05:51.0113 0012 TDPIPE - ok
23:05:51.0129 0012 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
23:05:51.0129 0012 TDTCP - ok
23:05:51.0144 0012 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
23:05:51.0144 0012 tdx - ok
23:05:51.0144 0012 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
23:05:51.0144 0012 TermDD - ok
23:05:51.0176 0012 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
23:05:51.0191 0012 TermService - ok
23:05:51.0238 0012 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
23:05:51.0238 0012 Themes - ok
23:05:51.0254 0012 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
23:05:51.0254 0012 THREADORDER - ok
23:05:51.0300 0012 [ F32E7CD2339C66760AA5178924B21E6B ] TomTomHOMEService C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
23:05:51.0300 0012 TomTomHOMEService - ok
23:05:51.0332 0012 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
23:05:51.0332 0012 TrkWks - ok
23:05:51.0363 0012 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:05:51.0363 0012 TrustedInstaller - ok
23:05:51.0394 0012 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
23:05:51.0394 0012 tssecsrv - ok
23:05:51.0425 0012 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
23:05:51.0425 0012 tunmp - ok
23:05:51.0441 0012 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
23:05:51.0441 0012 tunnel - ok
23:05:51.0472 0012 [ C3ADE15414120033A36C0F293D4A4121 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
23:05:51.0472 0012 uagp35 - ok
23:05:51.0534 0012 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
23:05:51.0550 0012 udfs - ok
23:05:51.0581 0012 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
23:05:51.0581 0012 UI0Detect - ok
23:05:51.0597 0012 [ 75E6890EBFCE0841D3291B02E7A8BDB0 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
23:05:51.0597 0012 uliagpkx - ok
23:05:51.0612 0012 [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci C:\Windows\system32\drivers\uliahci.sys
23:05:51.0628 0012 uliahci - ok
23:05:51.0644 0012 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
23:05:51.0644 0012 UlSata - ok
23:05:51.0659 0012 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
23:05:51.0659 0012 ulsata2 - ok
23:05:51.0706 0012 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
23:05:51.0706 0012 umbus - ok
23:05:51.0722 0012 [ 8A66360F38F81E960E2367B428CBD5D9 ] UmRdpService C:\Windows\System32\umrdp.dll
23:05:51.0722 0012 UmRdpService - ok
23:05:51.0784 0012 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
23:05:51.0800 0012 upnphost - ok
23:05:51.0831 0012 [ 4B8A9C16B6D9258ED99C512AECB8C555 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
23:05:51.0831 0012 USBAAPL - ok
23:05:51.0878 0012 [ 32DB9517628FF0D070682AAB61E688F0 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
23:05:51.0878 0012 usbaudio - ok
23:05:51.0924 0012 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
23:05:51.0940 0012 usbccgp - ok
23:05:51.0956 0012 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
23:05:51.0956 0012 usbcir - ok
23:05:51.0987 0012 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
23:05:51.0987 0012 usbehci - ok
23:05:52.0002 0012 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
23:05:52.0002 0012 usbhub - ok
23:05:52.0018 0012 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
23:05:52.0018 0012 usbohci - ok
23:05:52.0034 0012 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
23:05:52.0034 0012 usbprint - ok
23:05:52.0065 0012 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
23:05:52.0065 0012 usbscan - ok
23:05:52.0080 0012 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:05:52.0080 0012 USBSTOR - ok
23:05:52.0112 0012 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
23:05:52.0112 0012 usbuhci - ok
23:05:52.0143 0012 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
23:05:52.0143 0012 usbvideo - ok
23:05:52.0143 0012 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
23:05:52.0143 0012 UxSms - ok
23:05:52.0221 0012 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
23:05:52.0221 0012 vds - ok
23:05:52.0252 0012 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
23:05:52.0252 0012 vga - ok
23:05:52.0283 0012 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
23:05:52.0283 0012 VgaSave - ok
23:05:52.0299 0012 [ 045D9961E591CF0674A920B6BA3BA5CB ] viaagp C:\Windows\system32\drivers\viaagp.sys
23:05:52.0299 0012 viaagp - ok
23:05:52.0314 0012 [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
23:05:52.0314 0012 ViaC7 - ok
23:05:52.0346 0012 [ FD2E3175FCADA350C7AB4521DCA187EC ] viaide C:\Windows\system32\drivers\viaide.sys
23:05:52.0346 0012 viaide - ok
23:05:52.0377 0012 [ E41FEF9E3056FE88C71E411F705BE41E ] vmm C:\Windows\system32\Drivers\vmm.sys
23:05:52.0377 0012 vmm - ok
23:05:52.0392 0012 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
23:05:52.0392 0012 volmgr - ok
23:05:52.0439 0012 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
23:05:52.0439 0012 volmgrx - ok
23:05:52.0455 0012 [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys
23:05:52.0470 0012 volsnap - ok
23:05:52.0517 0012 [ F96A678DEBDCCB0B4BB7F38CB2580589 ] VPCNetS2 C:\Windows\system32\DRIVERS\VMNetSrv.sys
23:05:52.0517 0012 VPCNetS2 - ok
23:05:52.0533 0012 [ D984439746D42B30FC65A4C3546C6829 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
23:05:52.0533 0012 vsmraid - ok
23:05:52.0595 0012 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
23:05:52.0611 0012 VSS - ok
23:05:52.0642 0012 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
23:05:52.0642 0012 W32Time - ok
23:05:52.0704 0012 [ 9CA92191C8F18E8B491A5B28E63C07B7 ] W3SVC C:\Windows\system32\inetsrv\iisw3adm.dll
23:05:52.0704 0012 W3SVC - ok
23:05:52.0751 0012 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
23:05:52.0751 0012 WacomPen - ok
23:05:52.0782 0012 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
23:05:52.0782 0012 Wanarp - ok
23:05:52.0782 0012 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
23:05:52.0782 0012 Wanarpv6 - ok
23:05:52.0798 0012 [ 9CA92191C8F18E8B491A5B28E63C07B7 ] WAS C:\Windows\system32\inetsrv\iisw3adm.dll
23:05:52.0798 0012 WAS - ok
23:05:52.0829 0012 [ 20B23332885DFB93FE0185362EE811E9 ] wbengine C:\Windows\system32\wbengine.exe
23:05:52.0845 0012 wbengine - ok
23:05:52.0876 0012 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
23:05:52.0876 0012 wcncsvc - ok
23:05:52.0923 0012 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:05:52.0923 0012 WcsPlugInService - ok
23:05:52.0985 0012 [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd C:\Windows\system32\drivers\wd.sys
23:05:52.0985 0012 Wd - ok
23:05:53.0063 0012 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
23:05:53.0063 0012 Wdf01000 - ok
23:05:53.0110 0012 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
23:05:53.0126 0012 WdiServiceHost - ok
23:05:53.0126 0012 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
23:05:53.0126 0012 WdiSystemHost - ok
23:05:53.0157 0012 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
23:05:53.0172 0012 WebClient - ok
23:05:53.0188 0012 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
23:05:53.0204 0012 Wecsvc - ok
23:05:53.0219 0012 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
23:05:53.0219 0012 wercplsupport - ok
23:05:53.0250 0012 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
23:05:53.0250 0012 WerSvc - ok
23:05:53.0313 0012 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
23:05:53.0313 0012 WinDefend - ok
23:05:53.0313 0012 WinHttpAutoProxySvc - ok
23:05:53.0391 0012 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
23:05:53.0391 0012 Winmgmt - ok
23:05:53.0438 0012 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
23:05:53.0453 0012 WinRM - ok
23:05:53.0516 0012 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
23:05:53.0531 0012 Wlansvc - ok
23:05:53.0562 0012 [ 701A9F884A294327E9141D73746EE279 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
23:05:53.0562 0012 WmiAcpi - ok
23:05:53.0594 0012 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
23:05:53.0594 0012 wmiApSrv - ok
23:05:53.0625 0012 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
23:05:53.0640 0012 WMPNetworkSvc - ok
23:05:53.0656 0012 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
23:05:53.0656 0012 WPCSvc - ok
23:05:53.0687 0012 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
23:05:53.0687 0012 WPDBusEnum - ok
23:05:53.0781 0012 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
23:05:53.0781 0012 WPFFontCache_v0400 - ok
23:05:53.0796 0012 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
23:05:53.0796 0012 ws2ifsl - ok
23:05:53.0828 0012 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\system32\wscsvc.dll
23:05:53.0843 0012 wscsvc - ok
23:05:53.0843 0012 WSearch - ok
23:05:53.0906 0012 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
23:05:53.0937 0012 wuauserv - ok
23:05:53.0952 0012 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
23:05:53.0952 0012 WUDFRd - ok
23:05:53.0968 0012 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll
23:05:53.0968 0012 wudfsvc - ok
23:05:53.0984 0012 ================ Scan global ===============================
23:05:54.0062 0012 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
23:05:54.0093 0012 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
23:05:54.0108 0012 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
23:05:54.0140 0012 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
23:05:54.0140 0012 [Global] - ok
23:05:54.0140 0012 ================ Scan MBR ==================================
23:05:54.0155 0012 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
23:05:54.0592 0012 \Device\Harddisk0\DR0 - ok
23:05:54.0592 0012 ================ Scan VBR ==================================
23:05:54.0623 0012 [ 03D2C3400E57419BC060C5E7B4DEA03C ] \Device\Harddisk0\DR0\Partition1
23:05:54.0623 0012 \Device\Harddisk0\DR0\Partition1 - ok
23:05:54.0623 0012 ============================================================
23:05:54.0623 0012 Scan finished
23:05:54.0623 0012 ============================================================
23:05:54.0639 1520 Detected object count: 0
23:05:54.0639 1520 Actual detected object count: 0




ASWMBR RESULTS

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-02 23:09:32
-----------------------------
23:09:32.820 OS Version: Windows 6.0.6002 Service Pack 2
23:09:32.820 Number of processors: 2 586 0x1706
23:09:32.836 ComputerName: ROBCASEY-PC UserName: robcasey
23:09:34.334 Initialize success
23:09:37.859 AVAST engine defs: 12100200
23:10:04.800 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
23:10:04.800 Disk 0 Vendor: SAMSUNG_HD501LJ CR100-12 Size: 476940MB BusType: 3
23:10:04.816 Disk 0 MBR read successfully
23:10:04.816 Disk 0 MBR scan
23:10:04.832 Disk 0 Windows VISTA default MBR code
23:10:04.832 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 476938 MB offset 2048
23:10:04.832 Disk 0 scanning sectors +976771072
23:10:04.894 Disk 0 scanning C:\Windows\system32\drivers
23:10:11.462 Service scanning
23:10:29.651 Modules scanning
23:10:33.395 Disk 0 trace - called modules:
23:10:33.411 ntoskrnl.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys
23:10:33.426 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86058ac8]
23:10:33.926 3 CLASSPNP.SYS[8ac788b3] -> nt!IofCallDriver -> [0x85100f08]
23:10:33.926 5 acpi.sys[8a6476bc] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x85ecdb98]
23:10:34.908 AVAST engine scan C:\Windows
23:10:38.574 AVAST engine scan C:\Windows\system32
23:15:10.794 AVAST engine scan C:\Windows\system32\drivers
23:15:41.308 AVAST engine scan C:\Users\robcasey
00:34:58.668 AVAST engine scan C:\ProgramData
00:39:37.300 Scan finished successfully
08:11:49.584 Disk 0 MBR has been saved successfully to "C:\Users\robcasey\MBR.dat"
08:11:49.584 The log file has been saved successfully to "C:\Users\robcasey\aswMBR.txt"

ESET ONLINE SCANNER found no threats

Any help really appreciated

#3 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:17 AM

Posted 03 October 2012 - 10:03 AM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Try a clean boot

http://www.askdrtech.com/solutions/post/How-to-perform-a-clean-startup-%28clean-boot%29-in-Windows-7.aspx

Now boot into normal mode and let me know if that works

#4 bdazzler

bdazzler
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:04:17 PM

Posted 03 October 2012 - 10:22 AM

MALWAREBYTES below

Clean boot had no effect, still have black screen.

Also, google does no load until i kill a svchost exe which uses alot of memory. the svchost restarts soon after by itself, but causes a windows sysnc error to appear. The svchost is connected with the following services
Audioendpointbuildder
cscservice offline files
CmdMgnt
Netman
Pcasvc
sysmain
tabletinputservice
trkwrks
uxsms
wdisystemhost
wlansvc
wpdbusenum
wudfsvc

I have tried disabling these services at startup, but i still get the black screen so have reenabled now

Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Database version: v2012.10.03.04

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
robcasey :: ROBCASEY-PC [administrator]

03/10/2012 10:29:47
mbam-log-2012-10-03 (10-29-47).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 556313
Time elapsed: 5 hour(s), 32 minute(s), 12 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:17 AM

Posted 03 October 2012 - 10:25 AM

If you have a previous restore point,try a system restore

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Edited by narenxp, 03 October 2012 - 10:26 AM.


#6 bdazzler

bdazzler
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:04:17 PM

Posted 03 October 2012 - 11:01 AM

system restore exe took a few mins to load
tried system restore to point before problems started, computer rebooted. still have black screen. no messages about system restore after login

Minitoolbox log

MiniToolBox by Farbar Version: 23-07-2012
Ran by robcasey (administrator) on 03-10-2012 at 16:57:44
Microsoft® Windows Vista™ Ultimate Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Intel® 82562V-2 10/100 Network Connection = Local Area Connection (Connected)
Broadcom 802.11g Network Adapter = Wireless Network Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set interface interface="Local Area Connection" forwarding=disabled advertise=disabled mtu=1300 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled
set interface interface="Wireless Network Connection" forwarding=disabled advertise=disabled mtu=1300 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : robcasey-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : gateway.2wire.net

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : gateway.2wire.net
Description . . . . . . . . . . . : Broadcom 802.11g Network Adapter
Physical Address. . . . . . . . . : 00-1E-8C-C8-4E-DD
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::b52f:8bc4:7495:b018%8(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.68(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : 03 October 2012 16:50:06
Lease Expires . . . . . . . . . . : 04 October 2012 16:50:05
Default Gateway . . . . . . . . . : 192.168.1.254
DHCP Server . . . . . . . . . . . : 192.168.1.254
DHCPv6 IAID . . . . . . . . . . . : 167779980
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-0F-86-41-8C-00-1D-09-8E-7F-50
DNS Servers . . . . . . . . . . . : 192.168.1.254
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : gateway.2wire.net
Description . . . . . . . . . . . : Intel® 82562V-2 10/100 Network Connection
Physical Address. . . . . . . . . : 00-1D-09-8E-7F-50
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::c181:44f9:8b15:3de8%7(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.69(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : 03 October 2012 16:50:04
Lease Expires . . . . . . . . . . : 04 October 2012 16:50:03
Default Gateway . . . . . . . . . : 192.168.1.254
DHCP Server . . . . . . . . . . . : 192.168.1.254
DHCPv6 IAID . . . . . . . . . . . : 184556809
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-0F-86-41-8C-00-1D-09-8E-7F-50
DNS Servers . . . . . . . . . . . : 192.168.1.254
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 10:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 8:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : gateway.2wire.net
Description . . . . . . . . . . . : isatap.gateway.2wire.net
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: home
Address: 192.168.1.254

Name: google.com
Addresses: 2a00:1450:4009:806::1001
74.125.230.100
74.125.230.98
74.125.230.110
74.125.230.105
74.125.230.103
74.125.230.104
74.125.230.102
74.125.230.96
74.125.230.99
74.125.230.97
74.125.230.101



Pinging google.com [74.125.230.101] with 32 bytes of data:

Reply from 74.125.230.101: bytes=32 time=22ms TTL=56

Reply from 74.125.230.101: bytes=32 time=21ms TTL=56



Ping statistics for 74.125.230.101:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 21ms, Maximum = 22ms, Average = 21ms

Server: home
Address: 192.168.1.254

Name: yahoo.com
Addresses: 72.30.38.140
98.139.183.24
98.138.253.109



Pinging yahoo.com [98.138.253.109] with 32 bytes of data:

Reply from 98.138.253.109: bytes=32 time=156ms TTL=45

Reply from 98.138.253.109: bytes=32 time=169ms TTL=45



Ping statistics for 98.138.253.109:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 156ms, Maximum = 169ms, Average = 162ms

Server: home
Address: 192.168.1.254

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:

Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
8 ...00 1e 8c c8 4e dd ...... Broadcom 802.11g Network Adapter
7 ...00 1d 09 8e 7f 50 ...... Intel® 82562V-2 10/100 Network Connection
1 ........................... Software Loopback Interface 1
10 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
15 ...00 00 00 00 00 00 00 e0 isatap.gateway.2wire.net
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.69 20
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.68 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.69 276
192.168.1.0 255.255.255.0 On-link 192.168.1.68 281
192.168.1.68 255.255.255.255 On-link 192.168.1.68 281
192.168.1.69 255.255.255.255 On-link 192.168.1.69 276
192.168.1.255 255.255.255.255 On-link 192.168.1.69 276
192.168.1.255 255.255.255.255 On-link 192.168.1.68 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.69 276
224.0.0.0 240.0.0.0 On-link 192.168.1.68 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.69 276
255.255.255.255 255.255.255.255 On-link 192.168.1.68 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
7 276 fe80::/64 On-link
8 281 fe80::/64 On-link
8 281 fe80::b52f:8bc4:7495:b018/128
On-link
7 276 fe80::c181:44f9:8b15:3de8/128
On-link
1 306 ff00::/8 On-link
7 276 ff00::/8 On-link
8 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/03/2012 04:56:57 PM) (Source: Application Error) (User: )
Description: Faulting application wincal.exe, version 6.0.6002.18005, time stamp 0x49e01e83, faulting module ntdll.dll, version 6.0.6002.18541, time stamp 0x4ec3e3d5, exception code 0xc0000022, fault offset 0x00009f5d,
process id 0xc90, application start time 0xwincal.exe0.

Error: (10/03/2012 04:17:47 PM) (Source: Application Error) (User: )
Description: Faulting application mobsync.exe, version 6.0.6001.18000, time stamp 0x47918e41, faulting module kernel32.dll, version 6.0.6002.18449, time stamp 0x4da47967, exception code 0xc06d007e, fault offset 0x0003fc56,
process id 0xeb8, application start time 0xmobsync.exe0.

Error: (10/03/2012 04:17:42 PM) (Source: Application Error) (User: )
Description: Faulting application mobsync.exe, version 6.0.6001.18000, time stamp 0x47918e41, faulting module kernel32.dll, version 6.0.6002.18449, time stamp 0x4da47967, exception code 0xc06d007e, fault offset 0x0003fc56,
process id 0xb80, application start time 0xmobsync.exe0.

Error: (10/03/2012 04:17:37 PM) (Source: Application Error) (User: )
Description: Faulting application mobsync.exe, version 6.0.6001.18000, time stamp 0x47918e41, faulting module kernel32.dll, version 6.0.6002.18449, time stamp 0x4da47967, exception code 0xc06d007e, fault offset 0x0003fc56,
process id 0xdfc, application start time 0xmobsync.exe0.

Error: (10/03/2012 04:08:36 PM) (Source: Application Error) (User: )
Description: Faulting application mobsync.exe, version 6.0.6001.18000, time stamp 0x47918e41, faulting module kernel32.dll, version 6.0.6002.18449, time stamp 0x4da47967, exception code 0xc06d007e, fault offset 0x0003fc56,
process id 0x10ec, application start time 0xmobsync.exe0.

Error: (10/03/2012 04:08:00 PM) (Source: Application Error) (User: )
Description: Faulting application mobsync.exe, version 6.0.6001.18000, time stamp 0x47918e41, faulting module kernel32.dll, version 6.0.6002.18449, time stamp 0x4da47967, exception code 0xc06d007e, fault offset 0x0003fc56,
process id 0x964, application start time 0xmobsync.exe0.


System errors:
=============
Error: (10/03/2012 04:57:42 PM) (Source: Service Control Manager) (User: )
Description: 1Restart the serviceRemote Access Connection Manager%%1056

Error: (10/03/2012 04:57:42 PM) (Source: Service Control Manager) (User: )
Description: 1Restart the serviceWindows Management Instrumentation%%1056

Error: (10/03/2012 04:57:18 PM) (Source: Service Control Manager) (User: )
Description: 1Restart the serviceProgram Compatibility Assistant Service%%1056

Error: (10/03/2012 04:16:36 PM) (Source: Service Control Manager) (User: )
Description: 1Restart the serviceProgram Compatibility Assistant Service%%1056

Error: (10/03/2012 04:15:36 PM) (Source: Service Control Manager) (User: )
Description: Windows Driver Foundation - User-mode Driver Framework11200001Restart the service

Error: (10/03/2012 04:15:36 PM) (Source: Service Control Manager) (User: )
Description: Portable Device Enumerator Service11200001Restart the service

Error: (10/03/2012 04:15:36 PM) (Source: Service Control Manager) (User: )
Description: WLAN AutoConfig11200001Restart the service

Error: (10/03/2012 04:15:36 PM) (Source: Service Control Manager) (User: )
Description: Diagnostic System Host1

Error: (10/03/2012 04:15:36 PM) (Source: Service Control Manager) (User: )
Description: Desktop Window Manager Session Manager11200001Restart the service

Error: (10/03/2012 04:15:36 PM) (Source: Service Control Manager) (User: )
Description: Distributed Link Tracking Client11200001Restart the service


Microsoft Office Sessions:
=========================
Error: (06/28/2012 08:28:28 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 443 seconds with 0 seconds of active time. This session ended with a crash.

Error: (04/09/2012 01:47:15 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 12 seconds with 0 seconds of active time. This session ended with a crash.

Error: (10/04/2010 03:57:35 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 351 seconds with 60 seconds of active time. This session ended with a crash.

Error: (09/16/2010 07:36:33 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 10 seconds with 0 seconds of active time. This session ended with a crash.

Error: (09/16/2010 07:35:40 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 19 seconds with 0 seconds of active time. This session ended with a crash.

Error: (09/16/2010 07:35:07 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 14 seconds with 0 seconds of active time. This session ended with a crash.

Error: (09/16/2010 07:34:14 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1155 seconds with 840 seconds of active time. This session ended with a crash.

Error: (09/16/2010 07:14:45 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 170 seconds with 60 seconds of active time. This session ended with a crash.

Error: (06/06/2010 02:26:22 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 0 seconds with 0 seconds of active time. This session ended with a crash.

Error: (06/06/2010 02:26:10 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 0 seconds with 0 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
ABBYY FineReader 6.0 Sprint (Version: 6.00.1395.4512)
Adobe Flash Player 10 Plugin (Version: 10.0.22.87)
Adobe Flash Player 11 ActiveX (Version: 11.2.202.233)
Adobe Reader 8.1.4 (Version: 8.1.4)
Adobe Shockwave Player 11.5 (Version: 11.5.9.620)
Advanced Installer 9.1.1 (Version: 9.1.1)
Apple Application Support (Version: 1.4.0)
Apple Mobile Device Support (Version: 3.1.0.62)
Apple Software Update (Version: 2.1.2.120)
APPtracker 1.0 Trial (Version: )
avast! Free Antivirus (Version: 7.0.1466.0)
AxCrypt 1.7.2126.0 (Version: 1.7.2126.0)
Banner
Bonjour (Version: 2.0.2.0)
Camera RAW Plug-In for EPSON Creativity Suite (Version: 2.3.0.0)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Crystal Reports Basic for Visual Studio 2008 (Version: 10.5.0.0)
DAEMON Tools Lite (Version: 4.45.1.0236)
Dell Resource CD (Version: 1.10.0000)
EditPlus 3
eProfile
EPSON Attach To Email (Version: 1.01.0000)
EPSON Easy Photo Print (Version: 1.5.1.0)
EPSON File Manager (Version: 1.3.1.0)
EPSON Scan
EPSON Scan Assistant (Version: 1.10.00)
EPSON Stylus SX200 Series Printer Uninstall
EPSON Stylus SX200_SX400_TX200_TX400 Manual
ESET Online Scanner v3
Excelsior Installer 2.1 (Version: 2.1)
ExcelWorkbook1 (Version: 1.0.0.0)
FileZilla Client 3.3.5.1 (Version: 3.3.5.1)
Football Manager 2008 (Version: 8.0.0.0)
Freeciv 2.3.2 (GTK+ client)
GIMP 2.6.6
Google Chrome (Version: 22.0.1229.79)
Handwriting for Windows 3.0 (Version: 3.0.0.1)
HTML Help Workshop
Index.dat Analyzer v2.5 (Version: 2.5)
Inkscape 0.46 (Version: 0.46)
Inno Setup version 5.3.11 (Version: 5.3.11)
Intel® PRO Network Connections 12.1.11.0 (Version: )
Internet Explorer (Enable DEP)
ISTool 5.3.0.1 (Version: 5.3.0.1)
iTunes (Version: 9.2.0.61)
Java Auto Updater (Version: 2.0.2.1)
Java™ 6 Update 20 (Version: 6.0.200)
Java™ 6 Update 6 (Version: 1.6.0.60)
Java™ 6 Update 7 (Version: 1.6.0.70)
K-Lite Codec Pack 5.6.1 (Basic) (Version: 5.6.1)
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
Microsoft .NET Compact Framework 1.0 SP3 Developer (Version: 1.0.4292)
Microsoft .NET Compact Framework 2.0 SP2 (Version: 2.0.7045)
Microsoft .NET Compact Framework 3.5 (Version: 3.5.7283)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Device Emulator version 3.0 - ENU (Version: 9.0.21022)
Microsoft Document Explorer 2005
Microsoft Document Explorer 2005 (Version: 8.0.50727.42)
Microsoft Document Explorer 2008
Microsoft Document Explorer 2008 (Version: 9.0.21022)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Professional Plus 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)
Microsoft Office Visual Web Developer 2007 (Version: 12.0.4518.1066)
Microsoft Office Visual Web Developer MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft Silverlight 2 SDK (Version: 2.0.31005.0)
Microsoft Silverlight Tools for Visual Studio 2008 SP1 - ENU (Version: 9.0.30729.146)
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Express Edition (SQLEXPRESS) (Version: 9.4.5000.00)
Microsoft SQL Server 2008 R2 Management Objects (Version: 10.50.1600.1)
Microsoft SQL Server Management Objects Collection (Version: 9.00.1399.06)
Microsoft SQL Server Management Studio Express (Version: 9.00.2047.00)
Microsoft SQL Server Native Client (Version: 9.00.5000.00)
Microsoft SQL Server Setup Support Files (English) (Version: 9.00.5000.00)
Microsoft SQL Server VSS Writer (Version: 9.00.5000.00)
Microsoft Virtual PC 2007 (Version: 6.0.156.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual J# 2.0 Redistributable Package
Microsoft Visual J# 2.0 Redistributable Package (Version: 2.0.50727)
Microsoft Visual Studio 2005 Professional Edition - ENU (Version: 8.0.50728)
Microsoft Visual Studio 2005 Professional Edition - ENU Service Pack 1 (KB926601) (Version: 1)
Microsoft Visual Studio 2005 Tools for Office Runtime (Version: 8.0.60940.0)
Microsoft Visual Studio 2008 Professional Edition - ENU
Microsoft Visual Studio 2008 Professional Edition - ENU (Version: 9.0.30729)
Microsoft Visual Studio 2008 Professional Edition - ENU Service Pack 1 (KB945140) (Version: 1)
Microsoft Visual Studio Web Authoring Component (Version: 12.0.4518.1066)
Microsoft Windows SDK for Visual Studio 2008 .NET Framework Tools - enu (Version: 3.5.21022)
Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries (Version: 6.1.5288.17011)
Microsoft Windows SDK for Visual Studio 2008 SDK Reference Assemblies and IntelliSense (Version: 6.1.5288.17011)
Microsoft Windows SDK for Visual Studio 2008 SP1 Tools (Version: 6.1.5294.17011)
Microsoft Windows SDK for Visual Studio 2008 SP1 Win32 Tools (Version: 6.1.5294.17011)
Microsoft Works (Version: 9.7.0621)
Mozilla Firefox (3.0.13) (Version: 3.0.13 (en-GB))
MSDN Library for Visual Studio 2005 (Version: 8.0.50727.236)
MSDN Library for Visual Studio 2008 - ENU (Version: 9.0)
MSDN Library for Visual Studio 2008 - ENU (Version: 9.0.21022)
NVIDIA 3D Vision Controller Driver (Version: 280.19)
NVIDIA 3D Vision Controller Driver 280.19 (Version: 280.19)
NVIDIA 3D Vision Driver 280.26 (Version: 280.26)
NVIDIA Control Panel 280.26 (Version: 280.26)
NVIDIA Graphics Driver 280.26 (Version: 280.26)
NVIDIA HD Audio Driver 1.2.23.3 (Version: 1.2.23.3)
NVIDIA Install Application (Version: 2.1000.25.170)
NVIDIA PhysX (Version: 9.10.0514)
NVIDIA PhysX System Software 9.10.0514 (Version: 9.10.0514)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.12.8026)
NVIDIA Update 1.4.28 (Version: 1.4.28)
NVIDIA Update Components (Version: 1.4.28)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
Opera 9.64 (Version: 9.64)
PDF-XChange 3
PVSonyDll (Version: 1.00.0001)
QuickTime (Version: 7.66.73.0)
RealPlayer
Realtek High Definition Audio Driver
Roxio Creator Audio (Version: 3.7.0)
Roxio Creator Copy (Version: 3.7.0)
Roxio Creator Data (Version: 3.7.0)
Roxio Creator DE (Version: 10.1)
Roxio Creator DE (Version: 3.7.0)
Roxio Creator Tools (Version: 3.7.0)
Roxio Express Labeler 3 (Version: 3.2.1)
Roxio Update Manager (Version: 6.0.0)
Safari (Version: 5.33.19.4)
Skype™ 5.10 (Version: 5.10.116)
Sophos Virus Removal Tool (Version: 2.1)
SQL Server System CLR Types (Version: 10.0.1600.22)
System Requirements Lab
Time-Sense Manager version 1.1 (Version: 1.1)
TomTom HOME 2.7.5.2014 (Version: 2.7.5.2014)
TomTom HOME Visual Studio Merge Modules (Version: 1.0.2)
Tux Paint 0.9.21c
Ultimate Extras sounds from Microsoft® Tinker™
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687407) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Microsoft Visual Studio 2005 Professional Edition - ENU (KB932232) (Version: 1)
Update for Microsoft Visual Studio 2008 Professional Edition - ENU (KB956453) (Version: 1)
Update for Microsoft Visual Studio Web Authoring Component (KB945140)
VC Runtimes MSI (Version: 9.0.21022)
Veetle TV 0.9.18 (Version: 0.9.18)
Visual C++ 2008 IA64 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 IA64 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
Visual C++ 2008 x64 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x64 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - (v9.0.30729.4148) (Version: 9.0.30729.4148)
Visual C++ 2008 x86 Runtime - (v9.0.30729.6161) (Version: 9.0.30729.6161)
Visual C++ 2008 x86 Runtime - KB2465361 - (v9.0.30729.5570) (Version: 9.0.30729.5570)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
Visual C++ 2008 x86 Runtime - v9.0.30729.4148 (Version: 9.0.30729.4148)
Visual C++ 2008 x86 Runtime - v9.0.30729.5570 (Version: 9.0.30729.5570)
Visual C++ 2008 x86 Runtime - v9.0.30729.6161 (Version: 9.0.30729.6161)
Visual Studio 2005 Tools for Office Second Edition Runtime
Visual Studio Tools for the Office system 3.0 Runtime
Visual Studio Tools for the Office system 3.0 Runtime (Version: 9.0.30729)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (Version: 1)
Windows Mobile 5.0 SDK R2 for Pocket PC (Version: 5.00.1700.5.14343.06)
Windows Mobile 5.0 SDK R2 for Smartphone (Version: 5.00.1700.5.14343.06)
Windows Resource Kit Tools - SubInAcl.exe (Version: 5.2.3790.1164)
Windows Sound Schemes
winpcap-nmap 4.02
WinRAR archiver
WinZip Self-Extractor

========================= Memory info: ===================================

Percentage of memory in use: 31%
Total physical RAM: 2813.45 MB
Available physical RAM: 1933 MB
Total Pagefile: 5838.05 MB
Available Pagefile: 5057.55 MB
Total Virtual: 2047.88 MB
Available Virtual: 1943.95 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:465.76 GB) (Free:255.4 GB) NTFS

========================= Users: ========================================

User accounts for \\ROBCASEY-PC

Administrator Alison Guest
robcasey UpdatusUser

========================= Restore Points ==================================

31-08-2012 07:19:53 Scheduled Checkpoint
01-09-2012 18:22:56 Scheduled Checkpoint
04-09-2012 10:46:13 Scheduled Checkpoint
05-09-2012 10:17:48 Scheduled Checkpoint
06-09-2012 19:28:40 Scheduled Checkpoint
07-09-2012 07:54:20 Scheduled Checkpoint
09-09-2012 13:49:06 Scheduled Checkpoint
10-09-2012 07:42:41 Scheduled Checkpoint
11-09-2012 11:09:48 Scheduled Checkpoint
19-09-2012 12:20:27 Scheduled Checkpoint
19-09-2012 13:09:37 Windows Update
20-09-2012 16:15:27 Scheduled Checkpoint
21-09-2012 09:19:12 Scheduled Checkpoint
23-09-2012 10:39:50 Scheduled Checkpoint
23-09-2012 12:01:47 Windows Update
24-09-2012 11:39:37 Scheduled Checkpoint
25-09-2012 18:21:56 Scheduled Checkpoint
28-09-2012 10:30:03 Scheduled Checkpoint
01-10-2012 22:09:10 avast! Free Antivirus Setup
02-10-2012 11:40:06 Installed Sophos Virus Removal Tool.
02-10-2012 14:21:09 Restore Operation
02-10-2012 16:28:19 Restore Operation
02-10-2012 16:46:56 Device Driver Package Install: NVIDIA Display adapters
02-10-2012 16:50:16 Device Driver Package Install: NVIDIA Universal Serial Bus controllers
02-10-2012 16:51:45 Installed NVIDIA 3D Vision Controller Driver
02-10-2012 16:52:11 Device Driver Package Install: NVIDIA Corporation Sound, video and game controllers
03-10-2012 15:46:07 Restore Operation

**** End of log ****

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:17 AM

Posted 03 October 2012 - 11:21 AM

Uninstall Avast antivirus and try to boot into normal mode

#8 bdazzler

bdazzler
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:04:17 PM

Posted 03 October 2012 - 11:43 AM

uninstalled avast, rebooted. still have black screen.

can i reninstall avast or leave it off for now

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:17 AM

Posted 03 October 2012 - 01:50 PM

what is the nvidia error you receive?

#10 bdazzler

bdazzler
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:04:17 PM

Posted 03 October 2012 - 05:15 PM

nvidia settings stopped working module is nvtray.exe.

no nvidia error on clean boot.

if i uninstall nvidia i still get black screen

on every boot i get the following 2 warnings in the event viewer

The Windows logon process has failed to spawn a user application. Application name: . Command line parameters: atbroker.exe.
The Windows logon process has failed to spawn a user application. Application name: . Command line parameters: C:\Windows\system32\userinit.exe.

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:17 AM

Posted 03 October 2012 - 06:06 PM

Try this fix

http://support.microsoft.com/kb/970879

Restart the PC and let me know if it works

#12 bdazzler

bdazzler
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:04:17 PM

Posted 03 October 2012 - 06:25 PM

interactive and authenticated users already existed message came up.

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:17 AM

Posted 03 October 2012 - 06:41 PM

Download

System look

Launch it and copy this script

:reg
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon /s

Click on LOOK,post the generated log

#14 bdazzler

bdazzler
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:04:17 PM

Posted 04 October 2012 - 02:29 AM

THanks narenxp, I really appreciate the help on this

system look script report

SystemLook 30.07.11 by jpshortstuff
Log created at 08:27 on 04/10/2012 by robcasey
Administrator - Elevation successful

========== reg ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"ReportBootOk"="1"
"Shell"="explorer.exe"
"Userinit"="C:\Windows\system32\userinit.exe,"
"VmApplet"="rundll32 shell32,Control_RunDLL "sysdm.cpl""
"AutoRestartShell"= 0x0000000001 (1)
"LegalNoticeCaption"=""
"LegalNoticeText"=""
"PowerdownAfterShutdown"="0"
"ShutdownWithoutLogon"="0"
"cachedlogonscount"="10"
"forceunlocklogon"= 0x0000000000 (0)
"passwordexpirywarning"= 0x000000000e (14)
"Background"="0 0 0"
"DebugServerCommand"="no"
"WinStationsDisabled"="0"
"DisableCAD"= 0x0000000001 (1)
"scremoveoption"="0"
"ShutdownFlags"= 0x0000000027 (39)
"AutoAdminLogon"="0"
"System"=""
"LegalNotice Text"=""
"SFCDisable"= 0x0000000000 (0)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions]
(No values found)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{0ACDD40C-75AC-47ab-BAA0-BF6DE7E7FE63}]
@="Wireless Group Policy"
"DisplayName"="@wlgpclnt.dll,-100"
"ProcessGroupPolicyEx"="ProcessWLANPolicyEx"
"GenerateGroupPolicy"="GenerateWLANPolicy"
"DllName"="wlgpclnt.dll"
"NoUserPolicy"= 0x0000000001 (1)
"NoGPOListChanges"= 0x0000000001 (1)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{0E28E245-9368-4853-AD84-6DA3BA35BB75}]
@="Group Policy Environment"
"ProcessGroupPolicy"="ProcessGroupPolicyEnviron"
"DllName"="gpprefcl.dll"
"GenerateGroupPolicy"="GenerateGroupPolicyEnviron"
"ProcessGroupPolicyEx"="ProcessGroupPolicyExEnviron"
"EventSources"="(Group Policy Environment,Application)"
"DisplayName"="@gpprefcl.dll,-1"
"PerUserLocalSettings"= 0x0000000001 (1)
"EnableAsynchronousProcessing"= 0x0000000001 (1)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{17D89FEC-5C44-4972-B12D-241CAEF74509}]
@="Group Policy Local Users and Groups"
"ProcessGroupPolicy"="ProcessGroupPolicyLocUsAndGroups"
"DllName"="gpprefcl.dll"
"GenerateGroupPolicy"="GenerateGroupPolicyLocUsAndGroups"
"ProcessGroupPolicyEx"="ProcessGroupPolicyExLocUsAndGroups"
"EventSources"="(Group Policy Local Users and Groups,Application)"
"DisplayName"="@gpprefcl.dll,-2"
"PerUserLocalSettings"= 0x0000000001 (1)
"EnableAsynchronousProcessing"= 0x0000000001 (1)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{1A6364EB-776B-4120-ADE1-B63A406A76B5}]
@="Group Policy Device Settings"
"ProcessGroupPolicy"="ProcessGroupPolicyDevices"
"DllName"="gpprefcl.dll"
"GenerateGroupPolicy"="GenerateGroupPolicyDevices"
"ProcessGroupPolicyEx"="ProcessGroupPolicyExDevices"
"EventSources"="(Group Policy Device Settings,Application)"
"DisplayName"="@gpprefcl.dll,-3"
"PerUserLocalSettings"= 0x0000000001 (1)
"EnableAsynchronousProcessing"= 0x0000000001 (1)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{25537BA6-77A8-11D2-9B6C-0000F8080861}]
@="Folder Redirection"
"ProcessGroupPolicyEx"="ProcessGroupPolicyEx"
"DllName"="fdeploy.dll"
"NoMachinePolicy"= 0x0000000001 (1)
"NoSlowLink"= 0x0000000001 (1)
"PerUserLocalSettings"= 0x0000000001 (1)
"NoGPOListChanges"= 0x0000000000 (0)
"NoBackgroundPolicy"= 0x0000000000 (0)
"GenerateGroupPolicy"="GenerateGroupPolicy"
"EventSources"="(Folder Redirection,Application)"
"DisplayName"="@fdeploy.dll,-261"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{35378EAC-683F-11D2-A89A-00C04FBBCFA2}]
(No values found)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{3610eda5-77ef-11d2-8dc5-00c04fa31a66}]
@="Microsoft Disk Quota"
"DisplayName"="@%SystemRoot%\System32\dskquota.dll,-100"
"NoMachinePolicy"= 0x0000000000 (0)
"NoUserPolicy"= 0x0000000001 (1)
"NoSlowLink"= 0x0000000001 (1)
"NoBackgroundPolicy"= 0x0000000001 (1)
"NoGPOListChanges"= 0x0000000001 (1)
"PerUserLocalSettings"= 0x0000000000 (0)
"RequiresSuccessfulRegistry"= 0x0000000001 (1)
"EnableAsynchronousProcessing"= 0x0000000000 (0)
"DllName"="%SystemRoot%\System32\dskquota.dll"
"ProcessGroupPolicy"="ProcessGroupPolicy"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{3A0DBA37-F8B2-4356-83DE-3E90BD5C261F}]
@="Group Policy Network Options"
"ProcessGroupPolicy"="ProcessGroupPolicyNetworkOptions"
"DllName"="gpprefcl.dll"
"GenerateGroupPolicy"="GenerateGroupPolicyNetworkOptions"
"ProcessGroupPolicyEx"="ProcessGroupPolicyExNetworkOptions"
"EventSources"="(Group Policy Network Options,Application)"
"DisplayName"="@gpprefcl.dll,-4"
"PerUserLocalSettings"= 0x0000000001 (1)
"EnableAsynchronousProcessing"= 0x0000000001 (1)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{426031c0-0b47-4852-b0ca-ac3d37bfcb39}]
@="QoS Packet Scheduler"
"DisplayName"="@gptext.dll,-201"
"ProcessGroupPolicy"="ProcessPSCHEDPolicy"
"DllName"="gptext.dll"
"NoUserPolicy"= 0x0000000001 (1)
"NoGPOListChanges"= 0x0000000001 (1)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{42B5FAAE-6536-11d2-AE5A-0000F87571E3}]
@="Scripts"
"ProcessGroupPolicy"="ProcessScriptsGroupPolicy"
"DllName"="gpscript.dll"
"GenerateGroupPolicy"="GenerateScriptsGroupPolicy"
"NoSlowLink"= 0x0000000001 (1)
"ProcessGroupPolicyEx"="ProcessScriptsGroupPolicyEx"
"NoGPOListChanges"= 0x0000000001 (1)
"NotifyLinkTransition"= 0x0000000001 (1)
"DisplayName"="@gpscript.dll,-1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{4CFB60C1-FAA6-47f1-89AA-0B18730C9FD3}]
"ProcessGroupPolicy"="ProcessGroupPolicyForZoneMap"
"DllName"="C:\Windows\System32\iedkcs32.dll"
@="Internet Explorer Zonemapping"
"NoGPOListChanges"= 0x0000000001 (1)
"DisplayName"="@C:\Windows\System32\iedkcs32.dll,-3051"
"RequiresSuccessfulRegistry"= 0x0000000001 (1)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{5794DAFD-BE60-433f-88A2-1A31939AC01F}]
@="Group Policy Drive Maps"
"ProcessGroupPolicy"="ProcessGroupPolicyDrives"
"DllName"="gpprefcl.dll"
"GenerateGroupPolicy"="GenerateGroupPolicyDrives"
"ProcessGroupPolicyEx"="ProcessGroupPolicyExDrives"
"EventSources"="(Group Policy Drive Maps,Application)"
"NoMachinePolicy"= 0x0000000001 (1)
"DisplayName"="@gpprefcl.dll,-5"
"PerUserLocalSettings"= 0x0000000001 (1)
"EnableAsynchronousProcessing"= 0x0000000001 (1)
"NoBackgroundPolicy"= 0x0000000001 (1)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{6232C319-91AC-4931-9385-E70C2B099F0E}]
@="Group Policy Folders"
"ProcessGroupPolicy"="ProcessGroupPolicyFolders"
"DllName"="gpprefcl.dll"
"GenerateGroupPolicy"="GenerateGroupPolicyFolders"
"ProcessGroupPolicyEx"="ProcessGroupPolicyExFolders"
"EventSources"="(Group Policy Folders,Application)"
"DisplayName"="@gpprefcl.dll,-6"
"PerUserLocalSettings"= 0x0000000001 (1)
"EnableAsynchronousProcessing"= 0x0000000001 (1)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{6A4C88C6-C502-4f74-8F60-2CB23EDC24E2}]
@="Group Policy Network Shares"
"ProcessGroupPolicy"="ProcessGroupPolicyNetShares"
"DllName"="gpprefcl.dll"
"GenerateGroupPolicy"="GenerateGroupPolicyNetShares"
"ProcessGroupPolicyEx"="ProcessGroupPolicyExNetShares"
"EventSources"="(Group Policy Network Shares,Application)"
"NoUserPolicy"= 0x0000000001 (1)
"DisplayName"="@gpprefcl.dll,-7"
"EnableAsynchronousProcessing"= 0x0000000001 (1)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{7150F9BF-48AD-4da4-A49C-29EF4A8369BA}]
@="Group Policy Files"
"ProcessGroupPolicy"="ProcessGroupPolicyFiles"
"DllName"="gpprefcl.dll"
"GenerateGroupPolicy"="GenerateGroupPolicyFiles"
"ProcessGroupPolicyEx"="ProcessGroupPolicyExFiles"
"EventSources"="(Group Policy Files,Application)"
"DisplayName"="@gpprefcl.dll,-8"
"PerUserLocalSettings"= 0x0000000001 (1)
"EnableAsynchronousProcessing"= 0x0000000001 (1)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{728EE579-943C-4519-9EF7-AB56765798ED}]
@="Group Policy Data Sources"
"ProcessGroupPolicy"="ProcessGroupPolicyDataSources"
"DllName"="gpprefcl.dll"
"GenerateGroupPolicy"="GenerateGroupPolicyDataSources"
"ProcessGroupPolicyEx"="ProcessGroupPolicyExDataSources"
"EventSources"="(Group Policy Data Sources,Application)"
"DisplayName"="@gpprefcl.dll,-9"
"PerUserLocalSettings"= 0x0000000001 (1)
"EnableAsynchronousProcessing"= 0x0000000001 (1)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{74EE6C03-5363-4554-B161-627540339CAB}]
@="Group Policy Ini Files"
"ProcessGroupPolicy"="ProcessGroupPolicyIniFile"
"DllName"="gpprefcl.dll"
"GenerateGroupPolicy"="GenerateGroupPolicyIniFile"
"ProcessGroupPolicyEx"="ProcessGroupPolicyExIniFile"
"EventSources"="(Group Policy Ini Files,Application)"
"DisplayName"="@gpprefcl.dll,-10"
"PerUserLocalSettings"= 0x0000000001 (1)
"EnableAsynchronousProcessing"= 0x0000000001 (1)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{7933F41E-56F8-41d6-A31C-4148A711EE93}]
@="Windows Search Group Policy Extension"
"DllName"="%SystemRoot%\System32\srchadmin.dll"
"EnableAsynchronousProcessing"= 0x0000000001 (1)
"NoBackgroundPolicy"= 0x0000000000 (0)
"NoGPOListChanges"= 0x0000000001 (1)
"NoMachinePolicy"= 0x0000000000 (0)
"NoSlowLink"= 0x0000000000 (0)
"NoUserPolicy"= 0x0000000000 (0)
"PerUserLocalSettings"= 0x0000000000 (0)
"ProcessGroupPolicy"="ProcessGroupPolicy"
"RequiresSuccessfulRegistry"= 0x0000000001 (1)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{7B849a69-220F-451E-B3FE-2CB811AF94AE}]
@="Internet Explorer User Accelerators"
"ProcessGroupPolicy"="ProcessGroupPolicyForActivities"
"DllName"="C:\Windows\System32\iedkcs32.dll"
"RequiresSuccessfulRegistry"= 0x0000000001 (1)
"ProcessGroupPolicyEx"="ProcessGroupPolicyForActivitiesEx"
"NoGPOListChanges"= 0x0000000001 (1)
"DisplayName"="@C:\Windows\System32\iedkcs32.dll,-3051"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{827D319E-6EAC-11D2-A4EA-00C04F79F83A}]
@="Security"
"DisplayName"="@(runtime.system32)\scecli.dll,-7650"
"ProcessGroupPolicy"="SceProcessSecurityPolicyGPO"
"GenerateGroupPolicy"="SceGenerateGroupPolicy"
"ExtensionRsopPlanningDebugLevel"= 0x0000000001 (1)
"ProcessGroupPolicyEx"="SceProcessSecurityPolicyGPOEx"
"ExtensionDebugLevel"= 0x0000000001 (1)
"DllName"="scecli.dll"
"NoUserPolicy"= 0x0000000001 (1)
"NoGPOListChanges"= 0x0000000001 (1)
"EnableAsynchronousProcessing"= 0x0000000001 (1)
"MaxNoGPOListChangesInterval"= 0x0000000001 (1)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{8A28E2C5-8D06-49A4-A08C-632DAA493E17}]
@="Deployed Printer Connections"
"ProcessGroupPolicy"="PrinterProcessGroupPolicy"
"DllName"="%systemroot%\system32\gpprnext.dll"
"GenerateGroupPolicy"="PrinterGenerateGroupPolicy"
"RequiresSuccessfulRegistry"= 0x0000000000 (0)
"ExtensionEventSource"=""
"NoSlowLink"=01 (REG_BINARY)
"ProcessGroupPolicyEx"="PrinterProcessGroupPolicyEx"
"MaxNoGPOListChangesInterval"=00 (REG_BINARY)
"NoGPOListChanges"=00 (REG_BINARY)
"NotifyLinkTransition"=00 (REG_BINARY)
"NoUserPolicy"=00 (REG_BINARY)
"NoMachinePolicy"=00 (REG_BINARY)
"DisplayName"="@%systemroot%\system32\gpprnext.dll,-1"
"PerUserLocalSettings"=00 (REG_BINARY)
"EnableAsynchronousProcessing"=01 (REG_BINARY)
"NoBackgroundPolicy"=00 (REG_BINARY)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{91FBB303-0CD5-4055-BF42-E512A681B325}]
@="Group Policy Services"
"ProcessGroupPolicy"="ProcessGroupPolicyServices"
"DllName"="gpprefcl.dll"
"GenerateGroupPolicy"="GenerateGroupPolicyServices"
"ProcessGroupPolicyEx"="ProcessGroupPolicyExServices"
"EventSources"="(Group Policy Services,Application)"
"DisplayName"="@gpprefcl.dll,-11"
"EnableAsynchronousProcessing"= 0x0000000001 (1)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{A2E30F80-D7DE-11d2-BBDE-00C04F86AE3B}]
"ProcessGroupPolicyEx"="ProcessGroupPolicyEx"
"GenerateGroupPolicy"="GenerateGroupPolicy"
"ProcessGroupPolicy"="ProcessGroupPolicy"
"DllName"="C:\Windows\System32\iedkcs32.dll"
@="Internet Explorer Branding"
"NoSlowLink"= 0x0000000001 (1)
"NoBackgroundPolicy"= 0x0000000000 (0)
"NoGPOListChanges"= 0x0000000001 (1)
"NoMachinePolicy"= 0x0000000001 (1)
"DisplayName"="@C:\Windows\System32\iedkcs32.dll,-3014"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{A3F3E39B-5D83-4940-B954-28315B82F0A8}]
@="Group Policy Folder Options"
"ProcessGroupPolicy"="ProcessGroupPolicyFolderOptions"
"DllName"="gpprefcl.dll"
"GenerateGroupPolicy"="GenerateGroupPolicyFolderOptions"
"ProcessGroupPolicyEx"="ProcessGroupPolicyExFolderOptions"
"EventSources"="(Group Policy Folder Options,Application)"
"DisplayName"="@gpprefcl.dll,-12"
"PerUserLocalSettings"= 0x0000000001 (1)
"EnableAsynchronousProcessing"= 0x0000000001 (1)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{AADCED64-746C-4633-A97C-D61349046527}]
@="Group Policy Scheduled Tasks"
"ProcessGroupPolicy"="ProcessGroupPolicySchedTasks"
"DllName"="gpprefcl.dll"
"GenerateGroupPolicy"="GenerateGroupPolicySchedTasks"
"ProcessGroupPolicyEx"="ProcessGroupPolicyExSchedTasks"
"EventSources"="(Group Policy Scheduled Tasks,Application)"
"DisplayName"="@gpprefcl.dll,-13"
"PerUserLocalSettings"= 0x0000000001 (1)
"EnableAsynchronousProcessing"= 0x0000000001 (1)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{B087BE9D-ED37-454f-AF9C-04291E351182}]
@="Group Policy Registry"
"ProcessGroupPolicy"="ProcessGroupPolicyRegistry"
"DllName"="gpprefcl.dll"
"GenerateGroupPolicy"="GenerateGroupPolicyRegistry"
"ProcessGroupPolicyEx"="ProcessGroupPolicyExRegistry"
"EventSources"="(Group Policy Registry,Application)"
"DisplayName"="@gpprefcl.dll,-14"
"PerUserLocalSettings"= 0x0000000001 (1)
"EnableAsynchronousProcessing"= 0x0000000001 (1)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{B1BE8D72-6EAC-11D2-A4EA-00C04F79F83A}]
"ProcessGroupPolicy"="SceProcessEFSRecoveryGPO"
"DllName"="scecli.dll"
@="EFS recovery"
"DisplayName"="@(runtime.system32)\scecli.dll,-7651"
"NoUserPolicy"= 0x0000000001 (1)
"NoGPOListChanges"= 0x0000000001 (1)
"RequiresSuccessfulRegistry"= 0x0000000001 (1)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{B587E2B1-4D59-4e7e-AED9-22B9DF11D053}]
@="802.3 Group Policy"
"DisplayName"="@dot3gpclnt.dll,-100"
"ProcessGroupPolicyEx"="ProcessLANPolicyEx"
"GenerateGroupPolicy"="GenerateLANPolicy"
"DllName"="dot3gpclnt.dll"
"NoUserPolicy"= 0x0000000001 (1)
"NoGPOListChanges"= 0x0000000001 (1)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{BC75B1ED-5833-4858-9BB8-CBF0B166DF9D}]
@="Group Policy Printers"
"ProcessGroupPolicy"="ProcessGroupPolicyPrinters"
"DllName"="gpprefcl.dll"
"GenerateGroupPolicy"="GenerateGroupPolicyPrinters"
"ProcessGroupPolicyEx"="ProcessGroupPolicyExPrinters"
"EventSources"="(Group Policy Printers,Application)"
"DisplayName"="@gpprefcl.dll,-16"
"PerUserLocalSettings"= 0x0000000001 (1)
"EnableAsynchronousProcessing"= 0x0000000001 (1)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{C418DD9D-0D14-4efb-8FBF-CFE535C8FAC7}]
@="Group Policy Shortcuts"
"ProcessGroupPolicy"="ProcessGroupPolicyShortcuts"
"DllName"="gpprefcl.dll"
"GenerateGroupPolicy"="GenerateGroupPolicyShortcuts"
"ProcessGroupPolicyEx"="ProcessGroupPolicyExShortcuts"
"EventSources"="(Group Policy Shortcuts,Application)"
"DisplayName"="@gpprefcl.dll,-17"
"PerUserLocalSettings"= 0x0000000001 (1)
"EnableAsynchronousProcessing"= 0x0000000001 (1)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{C631DF4C-088F-4156-B058-4375F0853CD8}]
@="Microsoft Offline Files"
"ProcessGroupPolicy"="ProcessGroupPolicy"
"DllName"="%SystemRoot%\System32\cscobj.dll"
"RequiresSuccessfulRegistry"= 0x0000000001 (1)
"NoSlowLink"= 0x0000000000 (0)
"NoGPOListChanges"= 0x0000000000 (0)
"NoUserPolicy"= 0x0000000000 (0)
"NoMachinePolicy"= 0x0000000000 (0)
"PerUserLocalSettings"= 0x0000000000 (0)
"EnableAsynchronousProcessing"= 0x0000000001 (1)
"NoBackgroundPolicy"= 0x0000000000 (0)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{c6dc5466-785a-11d2-84d0-00c04fb169f7}]
@="Software Installation"
"RequiresSucessfulRegistry"= 0x0000000000 (0)
"DllName"="appmgmts.dll"
"GenerateGroupPolicy"="GenerateGroupPolicy"
"NoSlowLink"= 0x0000000001 (1)
"ProcessGroupPolicyEx"="ProcessGroupPolicyObjectsEx"
"EventSources"="(Application Management,Application) (MsiInstaller,Application)"
"NoUserPolicy"= 0x0000000000 (0)
"DisplayName"="@appmgmts.dll,-3252"
"PerUserLocalSettings"= 0x0000000001 (1)
"NoBackgroundPolicy"= 0x0000000000 (0)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}]
@="Internet Explorer Machine Accelerators"
"ProcessGroupPolicy"="ProcessGroupPolicyForActivities"
"DllName"="C:\Windows\System32\iedkcs32.dll"
"RequiresSuccessfulRegistry"= 0x0000000001 (1)
"ProcessGroupPolicyEx"="ProcessGroupPolicyForActivitiesEx"
"NoGPOListChanges"= 0x0000000001 (1)
"DisplayName"="@C:\Windows\System32\iedkcs32.dll,-3051"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{e437bc1c-aa7d-11d2-a382-00c04f991e27}]
@="IP Security"
"ProcessGroupPolicyEx"="ProcessIPSECPolicyEx"
"GenerateGroupPolicy"="GenerateIPSECPolicy"
"DllName"="%SystemRoot%\System32\polstore.dll"
"NoUserPolicy"= 0x0000000001 (1)
"NoGPOListChanges"= 0x0000000000 (0)
"DisplayName"="@C:\Windows\system32\polstore.dll,-5012"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{E47248BA-94CC-49c4-BBB5-9EB7F05183D0}]
@="Group Policy Internet Settings"
"ProcessGroupPolicy"="ProcessGroupPolicyInternet"
"DllName"="gpprefcl.dll"
"GenerateGroupPolicy"="GenerateGroupPolicyInternet"
"ProcessGroupPolicyEx"="ProcessGroupPolicyExInternet"
"EventSources"="(Group Policy Internet Settings,Application)"
"NoMachinePolicy"= 0x0000000001 (1)
"DisplayName"="@gpprefcl.dll,-18"
"PerUserLocalSettings"= 0x0000000001 (1)
"EnableAsynchronousProcessing"= 0x0000000001 (1)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{E4F48E54-F38D-4884-BFB9-D4D2E5729C18}]
@="Group Policy Start Menu Settings"
"ProcessGroupPolicy"="ProcessGroupPolicyStartMenu"
"DllName"="gpprefcl.dll"
"GenerateGroupPolicy"="GenerateGroupPolicyStartMenu"
"ProcessGroupPolicyEx"="ProcessGroupPolicyExStartMenu"
"EventSources"="(Group Policy Start Menu Settings,Application)"
"DisplayName"="@gpprefcl.dll,-19"
"PerUserLocalSettings"= 0x0000000001 (1)
"EnableAsynchronousProcessing"= 0x0000000001 (1)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{E5094040-C46C-4115-B030-04FB2E545B00}]
@="Group Policy Regional Options"
"ProcessGroupPolicy"="ProcessGroupPolicyRegionOptions"
"DllName"="gpprefcl.dll"
"GenerateGroupPolicy"="GenerateGroupPolicyRegionOptions"
"ProcessGroupPolicyEx"="ProcessGroupPolicyExRegionOptions"
"EventSources"="(Group Policy Regional Options,Application)"
"DisplayName"="@gpprefcl.dll,-20"
"PerUserLocalSettings"= 0x0000000001 (1)
"EnableAsynchronousProcessing"= 0x0000000001 (1)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{E62688F0-25FD-4c90-BFF5-F508B9D2E31F}]
@="Group Policy Power Options"
"ProcessGroupPolicy"="ProcessGroupPolicyPowerOptions"
"DllName"="gpprefcl.dll"
"GenerateGroupPolicy"="GenerateGroupPolicyPowerOptions"
"ProcessGroupPolicyEx"="ProcessGroupPolicyExPowerOptions"
"EventSources"="(Group Policy Power Options,Application)"
"DisplayName"="@gpprefcl.dll,-21"
"PerUserLocalSettings"= 0x0000000001 (1)
"EnableAsynchronousProcessing"= 0x0000000001 (1)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{F9C77450-3A41-477E-9310-9ACD617BD9E3}]
@="Group Policy Applications"
"ProcessGroupPolicy"="ProcessGroupPolicyApplications"
"DllName"="gpprefcl.dll"
"GenerateGroupPolicy"="GenerateGroupPolicyApplications"
"ProcessGroupPolicyEx"="ProcessGroupPolicyExApplications"
"EventSources"="(Group Policy Applications,Application)"
"NoMachinePolicy"= 0x0000000001 (1)
"DisplayName"="@gpprefcl.dll,-15"
"PerUserLocalSettings"= 0x0000000001 (1)
"EnableAsynchronousProcessing"= 0x0000000001 (1)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{FB2CA36D-0B40-4307-821B-A13B252DE56C}]
@="Enterprise QoS"
"DisplayName"="@gptext.dll,-203"
"ProcessGroupPolicy"="ProcessEQoSPolicy"
"DllName"="gptext.dll"
"RequiresSuccessfulRegistry"= 0x0000000001 (1)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify]
(No values found)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts]
(No values found)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserList]
(No values found)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\AutoLogonChecked]
(No values found)


-= EOF =-

#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:17 AM

Posted 04 October 2012 - 05:35 AM

Go to

https://www.virustotal.com/

Click on CHOOSE FILE

Browse to C:\windows\system32\userinit.exe

Upload it and click on SCAN FILE and post the results here

Download

Windows repair tool

Extract and launch the Repair_Windows.exe file

Click on Start repairs tab-click on Start

check mark following options alone

Reset registry permissions
reset file permissions
Remove Policies Set By Infections
Repair Winsock & DNS Cache


Checkmark Restart System When Finished option
click the Start button

System should restart after repair

Let me know if you're able to boot now




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users