Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Blue Screen Problem 0x0000007E


  • Please log in to reply
16 replies to this topic

#1 skylark1218

skylark1218

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:10:59 AM

Posted 03 October 2012 - 10:30 PM

Hi, I'm having this blue screen problem with my PC for awhile now.
But I don't know what is the problem and don't know how to fix it.

Sometimes the blue screen appears when I started my PC as this image below:
http://s1222.photobucket.com/albums/dd500/skylark8018/?action=view&current=DSCF6590.jpg

And I restarted the PC and it works again but still appears sometimes.
And also it takes so long to reload when start the computer and get stuck a lot.

Can you help me resolve this problem please? Thank you!

BC AdBot (Login to Remove)

 


#2 Allan

Allan

  • BC Advisor
  • 8,602 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Jersey
  • Local time:11:59 AM

Posted 04 October 2012 - 07:02 AM

Download BlueScreenView:
http://www.nirsoft.net/utils/blue_screen_view.html
unzip downloaded file and double click on BlueScreenView.exe to run the program.
when scanning is done, go to EDIT - Select All
Go to FILE - SAVE Selected Items, and save the report as BSOD.txt
Open BSOD.txt in Notepad, copy all of the content, and paste it into your next reply

#3 skylark1218

skylark1218
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:10:59 AM

Posted 04 October 2012 - 09:18 PM

Thanks for your time!

I run the program but the problem is that it didn't scan anything.
I'd set the windows to create minidump files and restart the computer and it still doesn't work.
Have no idea what's wrong.

#4 AustrAlien

AustrAlien

    Inquisitor


  • Members
  • 6,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cowra NSW Australia
  • Local time:01:59 AM

Posted 04 October 2012 - 10:12 PM

From your pic: *** STOP: 0x0000007E (C0000005, , , )

STOP 0x0000007E: SYSTEM_THREAD_EXCEPTION_NOT_HANDLED
  • 0xC0000005: STATUS_ACCESS_VIOLATION indicates a memory access violation occurred.
Is there any sign of malware on the system, or have you had to deal with malware on the system recently?

Let's check the system settings for saving a crash dump ...

To check your system's "Recoveros" (Recovery) and Page File settings via Windows Management Instrumentation (WMI), please download and then run the following:

AustrAlien
Google is my friend. Make Google your friend too.

Posted Image

#5 skylark1218

skylark1218
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:10:59 AM

Posted 05 October 2012 - 12:02 AM

I don't see any sign of malware but the way it's getting frozen when starting up could possibly be, I'm not quite sure.
Thanks for your help! Here is the output:


AutoReboot=FALSE
Caption=
DebugFilePath=%SystemRoot%\MEMORY.DMP
DebugInfoType=3
Description=
ExpandedDebugFilePath=C:\WINDOWS\MEMORY.DMP
ExpandedMiniDumpDirectory=C:\WINDOWS\Minidump
KernelDumpOnly=FALSE
MiniDumpDirectory=%SystemRoot%\Minidump
Name=Microsoft Windows XP Professional|C:\WINDOWS|\Device\Harddisk0\Partition1
OverwriteExistingDebugFile=TRUE
SendAdminAlert=FALSE
SettingID=
WriteDebugInfo=TRUE
WriteToSystemLog=FALSE




AllocatedBaseSize=2046
Caption=C:\pagefile.sys
CurrentUsage=93
Description=C:\pagefile.sys
InstallDate=20090220040915.890625+780
Name=C:\pagefile.sys
PeakUsage=93
Status=
TempPageFile=





Caption=C:\ 'pagefile.sys'
Description='pagefile.sys' @ C:\
InitialSize=2046
MaximumSize=4092
Name=C:\pagefile.sys
SettingID=pagefile.sys @ C:

#6 AustrAlien

AustrAlien

    Inquisitor


  • Members
  • 6,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cowra NSW Australia
  • Local time:01:59 AM

Posted 05 October 2012 - 12:16 AM

Let's have a look at a couple of other things and see where it might lead us.

:step1: Please Publish a Snapshot using Speccy, and post a link to it in this thread.

This is a convenient and accurate way of providing us with details of your computer specifications.

:step2: Please download MiniToolBox, save it to your desktop and run it.
  • Checkmark the following checkboxes:
    • List Installed Programs
  • Click Go.
    When the scan is finished, a text file will open in a Notepad window.
  • Copy the entire contents of the Notepad window, and paste in your reply.
    (Result.txt will be saved in the same directory the tool is run.)

AustrAlien
Google is my friend. Make Google your friend too.

Posted Image

#7 skylark1218

skylark1218
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:10:59 AM

Posted 05 October 2012 - 12:41 AM

Here is the Snapshot:
http://speccy.piriform.com/results/giu5x0beFN1ghfVyjd7qYsd




And result log:


MiniToolBox by Farbar Version: 23-07-2012
Ran by como (administrator) on 05-10-2012 at 18:39:17
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

=========================== Installed Programs ============================

1400 (Version: 47.0.1.000)
1400_Help (Version: 47.1.14.000)
1400Trb (Version: 47.1.14.000)
32 Bit HP CIO Components Installer (Version: 2.1.4)
ACDSee Pro 2 (Version: 2.0.219)
Adobe Flash Player 11 Plugin (Version: 11.4.402.278)
Adobe Reader X (10.1.4) (Version: 10.1.4)
AIMP2
AiO_Scan (Version: 47.0.1.000)
AiOSoftware (Version: 47.0.1.000)
Any Video Converter 2.7.2
Avira Antivirus Premium 2012 (Version: 12.0.0.1183)
Bamboo
BufferChm (Version: 110.0.180.000)
Camera RAW Plug-In for EPSON Creativity Suite (Version: 2.1.0.0)
Cards_Calendar_OrderGift_DoMorePlugout (Version: 2.03.0000)
Choice Guard (Version: 1.2.87.0)
Copy (Version: 110.0.180.000)
Critical Update for Windows Media Player 11 (KB959772)
CX4300_5500_DX4400 manual
Destination Component (Version: 110.0.0.0)
DeviceDiscovery (Version: 110.0.180.000)
DJ_AIO_04_F735_ProductContext (Version: 110.0.197.000)
DJ_AIO_04_F735_Software (Version: 110.0.197.000)
DJ_AIO_04_F735_Software_Min (Version: 110.0.197.000)
DJ_SF_03_D1500_Software (Version: 100.0.206.000)
DJ_SF_03_D1500_Software_Min (Version: 100.0.239.000)
EnglishToThai
EPSON Easy Photo Print (Version: 1.4.4.0)
EPSON Printer Software
EPSON Scan
F735 (Version: 110.0.197.000)
F735_Help (Version: 110.0.197.000)
F735_NCL_Help (Version: 110.0.197.000)
Fax (Version: 47.0.1.000)
Generic SoftK56 Data Fax Modem
GOM Player (Version: 2.1.27.5031)
Google Earth Plug-in (Version: 5.2.1.1588)
Google Update Helper (Version: 1.3.21.123)
GPBaseService (Version: 110.0.180.000)
High Definition Audio Driver Package - KB888111 (Version: 20040219.000000)
Home Sweet Home 2 Kitchens And Baths
Hotel Dash: Suite Success
HP Customer Participation Program 11.0 (Version: 11.0)
HP Deskjet D1500 Printer Driver Software 10.0 Rel .3 (Version: 10.0)
HP Deskjet F735 All-In-One Driver Software 11.0 Rel .4 (Version: 11.0)
HP Image Zone 4.7 (Version: 4.7)
HP Image Zone Express (Version: 1.1.3.40)
HP Imaging Device Functions 11.0 (Version: 11.0)
HP Photosmart Essential 2.5 (Version: 1.03.0000)
HP Photosmart Essential 3.0 (Version: 3.0)
HP PSC & OfficeJet 4.7
HP Smart Web Printing (Version: 4.0)
HP Software Update (Version: 3.0.2.991)
HP Solution Center 11.0 (Version: 11.0)
HP Update (Version: 4.000.009.002)
HPProductAssistant (Version: 110.0.180.000)
HPSSupply (Version: 110.0.180.000)
HPSystemDiagnostics (Version: 1.6.0.0)
IconX
Intel® Graphics Media Accelerator Driver
International Karting th (Version: th)
Java™ 6 Update 4 (Version: 1.6.0.40)
Junk Mail filter update (Version: 14.0.8064.206)
K-Lite Mega Codec Pack 2.01 (Version: 2.01)
Kasparov Chessmate
Kel's CPL All-in-One Bonus Pack (Version: 7)
LClock
Lock Folder XP 3.6 (Version: 3.6)
MarketResearch (Version: 110.0.180.000)
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 1.1 SP1 (Version: 1.1.4322)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft National Language Support Downlevel APIs
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Professional Edition 2003 (Version: 11.0.8173.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Mozilla Firefox 15.0 (x86 en-US) (Version: 15.0)
Mozilla Maintenance Service (Version: 15.0)
MSVC80_x86 (Version: 1.0.1.0)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 6 Service Pack 2 (KB954459) (Version: 6.20.1099.0)
Nero 7 Ultra Edition (Version: 7.02.8637)
neroxml (Version: 1.0.0)
NirSoft BlueScreenView
Nokia Connectivity Cable Driver (Version: 6.86.11.0)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
PaperPort Image Printer (Version: 1.00.0000)
PC Connectivity Solution (Version: 8.13.1.0)
Platform (Version: 1.27)
PowerDVD (Version: 7.2.2414.0)
ProductContext (Version: 47.1.14.000)
PSSWCORE (Version: 2.03.0000)
QFolder (Version: 1.00.0000)
Readme (Version: 47.0.1.000)
REALTEK GbE & FE Ethernet PCI-E NIC Driver (Version: 1.17.0000)
Realtek High Definition Audio Driver
Scan (Version: 11.0.0.0)
ScannerCopy (Version: 4.5.0.0)
ScanSoft PaperPort 11 (Version: 11.1.0000)
Segoe UI (Version: 14.0.4327.805)
Shop for HP Supplies (Version: 11.0)
SmartWebPrinting (Version: 110.0.182.000)
Soft Data Fax Modem with SmartCP
Software Update for Web Folders (Version: 9.60.6715.0)
SolutionCenter (Version: 110.0.180.000)
Speccy (Version: 1.18)
Status (Version: 110.0.180.000)
Thai Translator Tool
ThaiSoftware Dictionary V4.0
Toolbox (Version: 110.0.180.000)
TrayApp (Version: 110.0.180.000)
Unload (Version: 4.5.0)
UnloadSupport (Version: 11.0.0)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB960763) (Version: 1)
Update for Windows XP (KB961503) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
VIA Platform Device Manager (Version: 1.27)
VideoToolkit01 (Version: 110.0.171.000)
VirtuaGirl
Vista Drive Indicator! (Version: 2.2)
WebReg (Version: 110.0.180.000)
WebTablet IE Plugin (Version: 1.1.0.4)
WebTablet Netscape Plugin (Version: 1.1.0.3)
Winamp (Version: 5.52 )
Windows Driver Package - Nokia Modem (03/05/2008 3.7) (Version: 03/05/2008 3.7)
Windows Driver Package - Nokia pccsmcfd (10/12/2007 6.85.4.0) (Version: 10/12/2007 6.85.4.0)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.9.0040.0)
Windows Imaging Component (Version: 3.0.0.0)
Windows Internet Explorer 7 (Version: 20070813.185237)
Windows Live Communications Platform (Version: 14.0.8064.206)
Windows Live Essentials (Version: 14.0.8064.0206)
Windows Live Essentials (Version: 14.0.8064.206)
Windows Live Messenger (Version: 14.0.8064.0206)
Windows Live Photo Gallery (Version: 14.0.8064.206)
Windows Live Sync (Version: 14.0.8064.206)
Windows Live Toolbar (Version: 14.0.8064.206)
Windows Live Writer (Version: 14.0.8064.0206)
Windows XP Service Pack 3 (Version: 20080414.031525)
WinRAR archiver
เครื่องมืออัปโหลดของ Windows Live (Version: 14.0.8014.1029)
จดหมาย Windows Live (Version: 14.0.8064.0206)
ตัวช่วยในการลงชื่อเข้าใช้ Windows Live (Version: 5.000.818.5)

**** End of log ****

#8 AustrAlien

AustrAlien

    Inquisitor


  • Members
  • 6,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cowra NSW Australia
  • Local time:01:59 AM

Posted 05 October 2012 - 02:19 AM

Thanks. I can't see any problem there, and the system should be saving minidumps with those settings.

How long since you've scanned the system for malware, either with your antivirus (Avira) or any other utility?
  • It might be a good idea to do so.
Based on the only BSOD error message that I have, along with your description of how the system is behaving, I am thinking it might be best to get the system checked for malware before looking elsewhere for some other problem. A *** STOP: 0x0000007E (C0000005, , , ) is often an indicator of malware (a rootkit).
  • Would you be agreeable to that? Please let me know.
  • If so, I will ask a Moderator to move this topic to the Am I infected? What do I do? forum and ask one of the helpers to assist you with running some scans to check the system.

AustrAlien
Google is my friend. Make Google your friend too.

Posted Image

#9 skylark1218

skylark1218
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:10:59 AM

Posted 05 October 2012 - 02:35 AM

I've scanned for malware with Avira just few days ago, and it was fine(I also update it regularly as well).

I absolutely agree to that! And please do so.
Thank you very much for your time!

#10 AustrAlien

AustrAlien

    Inquisitor


  • Members
  • 6,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cowra NSW Australia
  • Local time:01:59 AM

Posted 05 October 2012 - 02:46 AM

I have taken care of that, and I will watch your progress. A helper should respond to your topic soon. Let me know if you have a problem, or if the system is cleared of malware but your computer issue persists.

Good luck!

Edited by AustrAlien, 05 October 2012 - 02:48 AM.

AustrAlien
Google is my friend. Make Google your friend too.

Posted Image

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:59 AM

Posted 05 October 2012 - 05:01 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#12 skylark1218

skylark1218
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:10:59 AM

Posted 05 October 2012 - 04:27 PM

Thanks for your time!

Here is TDSSKiller log:


09:49:20.0968 3920 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
09:49:21.0625 3920 ============================================================
09:49:21.0625 3920 Current date / time: 2012/10/06 09:49:21.0625
09:49:21.0625 3920 SystemInfo:
09:49:21.0625 3920
09:49:21.0625 3920 OS Version: 5.1.2600 ServicePack: 3.0
09:49:21.0625 3920 Product type: Workstation
09:49:21.0625 3920 ComputerName: TRUEFASTER
09:49:21.0625 3920 UserName: como
09:49:21.0625 3920 Windows directory: C:\WINDOWS
09:49:21.0625 3920 System windows directory: C:\WINDOWS
09:49:21.0625 3920 Processor architecture: Intel x86
09:49:21.0625 3920 Number of processors: 2
09:49:21.0625 3920 Page size: 0x1000
09:49:21.0625 3920 Boot type: Normal boot
09:49:21.0625 3920 ============================================================
09:49:37.0000 3920 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
09:49:37.0015 3920 ============================================================
09:49:37.0015 3920 \Device\Harddisk0\DR0:
09:49:37.0015 3920 MBR partitions:
09:49:37.0015 3920 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x61C306E
09:49:37.0015 3920 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x61C30EC, BlocksNum 0xB800A2B
09:49:37.0031 3920 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x119C3B56, BlocksNum 0xB800A2B
09:49:37.0031 3920 ============================================================
09:49:37.0062 3920 C: <-> \Device\Harddisk0\DR0\Partition1
09:49:37.0093 3920 D: <-> \Device\Harddisk0\DR0\Partition2
09:49:37.0125 3920 E: <-> \Device\Harddisk0\DR0\Partition3
09:49:37.0125 3920 ============================================================
09:49:37.0125 3920 Initialize success
09:49:37.0125 3920 ============================================================
09:50:33.0859 3160 ============================================================
09:50:33.0859 3160 Scan started
09:50:33.0859 3160 Mode: Manual; TDLFS;
09:50:33.0859 3160 ============================================================
09:50:36.0296 3160 ================ Scan system memory ========================
09:50:36.0296 3160 System memory - ok
09:50:36.0296 3160 ================ Scan services =============================
09:50:36.0375 3160 Abiosdsk - ok
09:50:36.0390 3160 abp480n5 - ok
09:50:36.0453 3160 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
09:50:36.0453 3160 ACPI - ok
09:50:36.0484 3160 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
09:50:36.0484 3160 ACPIEC - ok
09:50:36.0562 3160 [ E12CFCF1DDBFC50948A75E6E38793225 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
09:50:36.0578 3160 AdobeFlashPlayerUpdateSvc - ok
09:50:36.0578 3160 adpu160m - ok
09:50:36.0625 3160 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
09:50:36.0625 3160 aec - ok
09:50:36.0671 3160 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
09:50:36.0671 3160 AFD - ok
09:50:36.0687 3160 Aha154x - ok
09:50:36.0687 3160 aic78u2 - ok
09:50:36.0703 3160 aic78xx - ok
09:50:36.0718 3160 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
09:50:36.0718 3160 Alerter - ok
09:50:36.0734 3160 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
09:50:36.0734 3160 ALG - ok
09:50:36.0750 3160 AliIde - ok
09:50:36.0750 3160 amsint - ok
09:50:36.0953 3160 [ 312EBA7B8FBDB2570C8D0C911C35EF2C ] AntiVirMailService C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
09:50:36.0953 3160 AntiVirMailService - ok
09:50:36.0984 3160 [ 697010BAA012BF4FC8EC64B35E446B1C ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
09:50:37.0000 3160 AntiVirSchedulerService - ok
09:50:37.0015 3160 [ 82101C790E8E488A4C0B2A6465942B6F ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
09:50:37.0031 3160 AntiVirService - ok
09:50:37.0046 3160 [ 211659CC0826C43CADE17754D51D7C6A ] AntiVirWebService C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
09:50:37.0062 3160 AntiVirWebService - ok
09:50:37.0093 3160 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
09:50:37.0125 3160 AppMgmt - ok
09:50:37.0140 3160 asc - ok
09:50:37.0140 3160 asc3350p - ok
09:50:37.0156 3160 asc3550 - ok
09:50:37.0531 3160 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
09:50:37.0625 3160 aspnet_state - ok
09:50:37.0656 3160 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
09:50:37.0671 3160 AsyncMac - ok
09:50:37.0718 3160 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
09:50:37.0718 3160 atapi - ok
09:50:37.0750 3160 Atdisk - ok
09:50:37.0765 3160 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
09:50:37.0781 3160 Atmarpc - ok
09:50:37.0843 3160 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
09:50:37.0859 3160 AudioSrv - ok
09:50:37.0906 3160 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
09:50:37.0921 3160 audstub - ok
09:50:37.0953 3160 [ D5541F0AFB767E85FC412FC609D96A74 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
09:50:37.0953 3160 avgntflt - ok
09:50:38.0000 3160 [ 7D967A682D4694DF7FA57D63A2DB01FE ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
09:50:38.0000 3160 avipbb - ok
09:50:38.0031 3160 [ 53E56450DA16A1A7F0D002F511113F67 ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
09:50:38.0031 3160 avkmgr - ok
09:50:38.0062 3160 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
09:50:38.0078 3160 Beep - ok
09:50:38.0171 3160 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
09:50:38.0484 3160 BITS - ok
09:50:38.0640 3160 [ 8E408E60EB5991F566B4817C797001CB ] Boonty Games C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
09:50:38.0687 3160 Boonty Games - ok
09:50:38.0718 3160 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
09:50:38.0734 3160 Browser - ok
09:50:38.0765 3160 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
09:50:38.0796 3160 cbidf2k - ok
09:50:38.0796 3160 cd20xrnt - ok
09:50:38.0812 3160 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
09:50:38.0828 3160 Cdaudio - ok
09:50:38.0890 3160 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
09:50:38.0906 3160 Cdfs - ok
09:50:38.0921 3160 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
09:50:38.0937 3160 Cdrom - ok
09:50:38.0953 3160 Changer - ok
09:50:38.0984 3160 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
09:50:39.0000 3160 CiSvc - ok
09:50:39.0015 3160 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
09:50:39.0062 3160 ClipSrv - ok
09:50:39.0093 3160 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:50:39.0203 3160 clr_optimization_v2.0.50727_32 - ok
09:50:39.0218 3160 CmdIde - ok
09:50:39.0218 3160 COMSysApp - ok
09:50:39.0234 3160 Cpqarray - ok
09:50:39.0265 3160 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
09:50:39.0296 3160 CryptSvc - ok
09:50:39.0296 3160 dac2w2k - ok
09:50:39.0312 3160 dac960nt - ok
09:50:39.0375 3160 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
09:50:39.0390 3160 DcomLaunch - ok
09:50:39.0437 3160 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
09:50:39.0453 3160 Dhcp - ok
09:50:39.0468 3160 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
09:50:39.0500 3160 Disk - ok
09:50:39.0515 3160 dmadmin - ok
09:50:39.0609 3160 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
09:50:39.0750 3160 dmboot - ok
09:50:39.0765 3160 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
09:50:39.0812 3160 dmio - ok
09:50:39.0843 3160 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
09:50:39.0859 3160 dmload - ok
09:50:39.0906 3160 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
09:50:39.0921 3160 dmserver - ok
09:50:39.0937 3160 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
09:50:39.0937 3160 DMusic - ok
09:50:39.0984 3160 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
09:50:40.0000 3160 Dnscache - ok
09:50:40.0031 3160 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
09:50:40.0062 3160 Dot3svc - ok
09:50:40.0062 3160 dpti2o - ok
09:50:40.0093 3160 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
09:50:40.0093 3160 drmkaud - ok
09:50:40.0125 3160 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
09:50:40.0156 3160 EapHost - ok
09:50:40.0187 3160 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
09:50:40.0218 3160 ERSvc - ok
09:50:40.0265 3160 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
09:50:40.0281 3160 Eventlog - ok
09:50:40.0343 3160 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
09:50:40.0343 3160 EventSystem - ok
09:50:40.0390 3160 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
09:50:40.0437 3160 Fastfat - ok
09:50:40.0468 3160 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
09:50:40.0515 3160 FastUserSwitchingCompatibility - ok
09:50:40.0531 3160 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
09:50:40.0546 3160 Fdc - ok
09:50:40.0625 3160 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
09:50:40.0625 3160 Fips - ok
09:50:40.0640 3160 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
09:50:40.0640 3160 Flpydisk - ok
09:50:40.0671 3160 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
09:50:40.0687 3160 FltMgr - ok
09:50:40.0734 3160 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
09:50:40.0734 3160 FontCache3.0.0.0 - ok
09:50:40.0750 3160 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
09:50:40.0765 3160 Fs_Rec - ok
09:50:40.0781 3160 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
09:50:40.0781 3160 Ftdisk - ok
09:50:40.0812 3160 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
09:50:40.0828 3160 Gpc - ok
09:50:40.0953 3160 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
09:50:40.0953 3160 gupdate - ok
09:50:40.0968 3160 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
09:50:40.0968 3160 gupdatem - ok
09:50:40.0984 3160 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
09:50:40.0984 3160 HDAudBus - ok
09:50:41.0031 3160 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
09:50:41.0031 3160 helpsvc - ok
09:50:41.0046 3160 HidServ - ok
09:50:41.0062 3160 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
09:50:41.0062 3160 HidUsb - ok
09:50:41.0093 3160 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
09:50:41.0109 3160 hkmsvc - ok
09:50:41.0109 3160 hpn - ok
09:50:41.0187 3160 [ ED377B3C83FDEA8D906109A085D219BA ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
09:50:41.0187 3160 hpqcxs08 - ok
09:50:41.0234 3160 [ EE4C7A4CF2316701FFDE90F404520265 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
09:50:41.0250 3160 hpqddsvc - ok
09:50:41.0265 3160 [ D03D10F7DED688FECF50F8FBF1EA9B8A ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
09:50:41.0265 3160 HPZid412 - ok
09:50:41.0296 3160 [ 89F41658929393487B6B7D13C8528CE3 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
09:50:41.0296 3160 HPZipr12 - ok
09:50:41.0343 3160 [ ABCB05CCDBF03000354B9553820E39F8 ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
09:50:41.0343 3160 HPZius12 - ok
09:50:41.0375 3160 [ 3E0B68288E468190A5BF4C2EF5998A18 ] HSFHWBS2 C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
09:50:41.0390 3160 HSFHWBS2 - ok
09:50:41.0421 3160 [ BD2ABF12938A2FCCC340873412C2B2AB ] HSF_DPV C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
09:50:41.0484 3160 HSF_DPV - ok
09:50:41.0515 3160 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
09:50:41.0531 3160 HTTP - ok
09:50:41.0562 3160 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
09:50:41.0578 3160 HTTPFilter - ok
09:50:41.0578 3160 i2omgmt - ok
09:50:41.0578 3160 i2omp - ok
09:50:41.0625 3160 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
09:50:41.0625 3160 i8042prt - ok
09:50:41.0750 3160 [ BFFA387180121DF1E4646C4CED3E16CA ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
09:50:41.0906 3160 ialm - ok
09:50:41.0953 3160 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
09:50:41.0968 3160 IDriverT - ok
09:50:42.0031 3160 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
09:50:42.0109 3160 idsvc - ok
09:50:42.0125 3160 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
09:50:42.0125 3160 Imapi - ok
09:50:42.0156 3160 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
09:50:42.0171 3160 ImapiService - ok
09:50:42.0171 3160 ini910u - ok
09:50:42.0328 3160 [ C464CF7A58C011A70188602B55C64E99 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
09:50:42.0453 3160 IntcAzAudAddService - ok
09:50:42.0468 3160 IntelIde - ok
09:50:42.0484 3160 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
09:50:42.0484 3160 intelppm - ok
09:50:42.0515 3160 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
09:50:42.0515 3160 Ip6Fw - ok
09:50:42.0546 3160 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
09:50:42.0546 3160 IpFilterDriver - ok
09:50:42.0546 3160 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
09:50:42.0562 3160 IpInIp - ok
09:50:42.0593 3160 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
09:50:42.0593 3160 IpNat - ok
09:50:42.0625 3160 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
09:50:42.0640 3160 IPSec - ok
09:50:42.0656 3160 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
09:50:42.0656 3160 IRENUM - ok
09:50:42.0671 3160 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
09:50:42.0687 3160 isapnp - ok
09:50:42.0687 3160 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
09:50:42.0703 3160 Kbdclass - ok
09:50:42.0718 3160 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
09:50:42.0718 3160 kmixer - ok
09:50:42.0734 3160 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
09:50:42.0734 3160 KSecDD - ok
09:50:42.0765 3160 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
09:50:42.0796 3160 lanmanserver - ok
09:50:42.0812 3160 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
09:50:42.0843 3160 lanmanworkstation - ok
09:50:42.0859 3160 lbrtfdc - ok
09:50:42.0921 3160 [ 10E0D92E5B21C045E0A53BEFB71DC09D ] LF30FS C:\Program Files\Everstrike Software\Lock Folder XP 3.6\LF30XP.sys
09:50:42.0921 3160 LF30FS - ok
09:50:42.0968 3160 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
09:50:42.0968 3160 LmHosts - ok
09:50:42.0984 3160 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
09:50:43.0000 3160 MDM - ok
09:50:43.0031 3160 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
09:50:43.0031 3160 mdmxsdk - ok
09:50:43.0062 3160 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
09:50:43.0062 3160 Messenger - ok
09:50:43.0093 3160 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
09:50:43.0093 3160 mnmdd - ok
09:50:43.0125 3160 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
09:50:43.0140 3160 mnmsrvc - ok
09:50:43.0156 3160 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
09:50:43.0156 3160 Modem - ok
09:50:43.0171 3160 [ 1992E0D143B09653AB0F9C5E04B0FD65 ] MODEMCSA C:\WINDOWS\system32\drivers\MODEMCSA.sys
09:50:43.0171 3160 MODEMCSA - ok
09:50:43.0218 3160 [ 9FA7207D1B1ADEAD88AE8EED9CDBBAA5 ] monfilt C:\WINDOWS\system32\drivers\monfilt.sys
09:50:43.0265 3160 monfilt - ok
09:50:43.0312 3160 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
09:50:43.0312 3160 Mouclass - ok
09:50:43.0343 3160 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
09:50:43.0343 3160 mouhid - ok
09:50:43.0359 3160 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
09:50:43.0359 3160 MountMgr - ok
09:50:43.0390 3160 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
09:50:43.0406 3160 MozillaMaintenance - ok
09:50:43.0406 3160 mraid35x - ok
09:50:43.0421 3160 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
09:50:43.0437 3160 MRxDAV - ok
09:50:43.0468 3160 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
09:50:43.0515 3160 MRxSmb - ok
09:50:43.0531 3160 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
09:50:43.0546 3160 MSDTC - ok
09:50:43.0546 3160 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
09:50:43.0562 3160 Msfs - ok
09:50:43.0562 3160 MSIServer - ok
09:50:43.0578 3160 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
09:50:43.0578 3160 MSKSSRV - ok
09:50:43.0609 3160 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
09:50:43.0609 3160 MSPCLOCK - ok
09:50:43.0625 3160 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
09:50:43.0625 3160 MSPQM - ok
09:50:43.0640 3160 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
09:50:43.0640 3160 mssmbios - ok
09:50:43.0671 3160 [ D48659BB24C48345D926ECB45C1EBDF5 ] MTsensor C:\WINDOWS\system32\DRIVERS\ASACPI.sys
09:50:43.0671 3160 MTsensor - ok
09:50:43.0703 3160 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
09:50:43.0718 3160 Mup - ok
09:50:43.0750 3160 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
09:50:43.0781 3160 napagent - ok
09:50:43.0859 3160 [ 6D8FCDD5BB3B676EF58FA234073492C6 ] NBService C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
09:50:43.0906 3160 NBService - ok
09:50:43.0921 3160 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
09:50:43.0937 3160 NDIS - ok
09:50:43.0953 3160 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
09:50:43.0968 3160 NdisTapi - ok
09:50:44.0000 3160 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
09:50:44.0000 3160 Ndisuio - ok
09:50:44.0000 3160 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
09:50:44.0015 3160 NdisWan - ok
09:50:44.0046 3160 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
09:50:44.0046 3160 NDProxy - ok
09:50:44.0078 3160 [ 949941E4DE88DF1FAF49A4B3CFFB756F ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll
09:50:44.0093 3160 Net Driver HPZ12 - ok
09:50:44.0093 3160 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
09:50:44.0093 3160 NetBIOS - ok
09:50:44.0109 3160 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
09:50:44.0125 3160 NetBT - ok
09:50:44.0140 3160 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
09:50:44.0171 3160 NetDDE - ok
09:50:44.0171 3160 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
09:50:44.0187 3160 NetDDEdsdm - ok
09:50:44.0203 3160 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
09:50:44.0218 3160 Netlogon - ok
09:50:44.0234 3160 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
09:50:44.0250 3160 Netman - ok
09:50:44.0281 3160 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:50:44.0296 3160 NetTcpPortSharing - ok
09:50:44.0328 3160 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
09:50:44.0328 3160 Nla - ok
09:50:44.0390 3160 [ E32686B4E27D11F83E3F2844E104C66C ] NMIndexingService C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
09:50:44.0390 3160 NMIndexingService - ok
09:50:44.0406 3160 [ 65AC8BAA2F916EE9203EE48D7FCEE605 ] nmwcd C:\WINDOWS\system32\drivers\ccdcmb.sys
09:50:44.0421 3160 nmwcd - ok
09:50:44.0437 3160 [ 29AF182734A247240D89A0FE63DBEF03 ] nmwcdc C:\WINDOWS\system32\drivers\ccdcmbo.sys
09:50:44.0437 3160 nmwcdc - ok
09:50:44.0453 3160 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
09:50:44.0468 3160 Npfs - ok
09:50:44.0484 3160 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
09:50:44.0500 3160 Ntfs - ok
09:50:44.0515 3160 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
09:50:44.0515 3160 NtLmSsp - ok
09:50:44.0546 3160 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
09:50:44.0578 3160 NtmsSvc - ok
09:50:44.0625 3160 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
09:50:44.0625 3160 Null - ok
09:50:44.0640 3160 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
09:50:44.0640 3160 NwlnkFlt - ok
09:50:44.0656 3160 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
09:50:44.0656 3160 NwlnkFwd - ok
09:50:44.0671 3160 [ 8B8B1BE2DBA4025DA6786C645F77F123 ] NwlnkIpx C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
09:50:44.0687 3160 NwlnkIpx - ok
09:50:44.0687 3160 [ 56D34A67C05E94E16377C60609741FF8 ] NwlnkNb C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
09:50:44.0687 3160 NwlnkNb - ok
09:50:44.0703 3160 [ C0BB7D1615E1ACBDC99757F6CEAF8CF0 ] NwlnkSpx C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
09:50:44.0703 3160 NwlnkSpx - ok
09:50:44.0734 3160 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:50:44.0750 3160 ose - ok
09:50:44.0781 3160 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
09:50:44.0781 3160 Parport - ok
09:50:44.0796 3160 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
09:50:44.0812 3160 PartMgr - ok
09:50:44.0828 3160 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
09:50:44.0828 3160 ParVdm - ok
09:50:44.0859 3160 [ 175CC28DCF819F78CAA3FBD44AD9E52A ] pccsmcfd C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
09:50:44.0859 3160 pccsmcfd - ok
09:50:44.0859 3160 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
09:50:44.0875 3160 PCI - ok
09:50:44.0875 3160 PCIDump - ok
09:50:44.0890 3160 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
09:50:44.0890 3160 PCIIde - ok
09:50:44.0921 3160 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
09:50:44.0921 3160 Pcmcia - ok
09:50:44.0937 3160 PDCOMP - ok
09:50:44.0937 3160 PDFRAME - ok
09:50:44.0937 3160 PDRELI - ok
09:50:44.0953 3160 PDRFRAME - ok
09:50:44.0953 3160 perc2 - ok
09:50:44.0968 3160 perc2hib - ok
09:50:44.0984 3160 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
09:50:44.0984 3160 PlugPlay - ok
09:50:45.0015 3160 [ 2F4CA141A609CAF5C98F6E4760EF1B9B ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll
09:50:45.0031 3160 Pml Driver HPZ12 - ok
09:50:45.0046 3160 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
09:50:45.0046 3160 PolicyAgent - ok
09:50:45.0078 3160 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
09:50:45.0109 3160 PptpMiniport - ok
09:50:45.0109 3160 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
09:50:45.0125 3160 ProtectedStorage - ok
09:50:45.0140 3160 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
09:50:45.0140 3160 Ptilink - ok
09:50:45.0171 3160 [ D86B4A68565E444D76457F14172C875A ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
09:50:45.0171 3160 PxHelp20 - ok
09:50:45.0187 3160 ql1080 - ok
09:50:45.0187 3160 Ql10wnt - ok
09:50:45.0187 3160 ql12160 - ok
09:50:45.0203 3160 ql1240 - ok
09:50:45.0203 3160 ql1280 - ok
09:50:45.0218 3160 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
09:50:45.0218 3160 RasAcd - ok
09:50:45.0250 3160 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
09:50:45.0281 3160 RasAuto - ok
09:50:45.0296 3160 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
09:50:45.0296 3160 Rasl2tp - ok
09:50:45.0328 3160 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
09:50:45.0343 3160 RasMan - ok
09:50:45.0343 3160 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
09:50:45.0359 3160 RasPppoe - ok
09:50:45.0375 3160 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
09:50:45.0375 3160 Raspti - ok
09:50:45.0390 3160 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
09:50:45.0406 3160 Rdbss - ok
09:50:45.0421 3160 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
09:50:45.0421 3160 RDPCDD - ok
09:50:45.0437 3160 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
09:50:45.0468 3160 rdpdr - ok
09:50:45.0515 3160 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
09:50:45.0531 3160 RDPWD - ok
09:50:45.0546 3160 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
09:50:45.0562 3160 RDSessMgr - ok
09:50:45.0593 3160 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
09:50:45.0593 3160 redbook - ok
09:50:45.0609 3160 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
09:50:45.0625 3160 RemoteAccess - ok
09:50:45.0640 3160 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
09:50:45.0656 3160 RemoteRegistry - ok
09:50:45.0718 3160 [ BD517C7FB119997EFFBE39D5E4B37B05 ] RichVideo C:\Program Files\CyberLink\Shared Files\RichVideo.exe
09:50:45.0718 3160 RichVideo - ok
09:50:45.0734 3160 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
09:50:45.0750 3160 RpcLocator - ok
09:50:45.0765 3160 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll
09:50:45.0781 3160 RpcSs - ok
09:50:45.0812 3160 [ 0E11B35E972796042044BC27CE13B065 ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys
09:50:45.0812 3160 rspndr - ok
09:50:45.0843 3160 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
09:50:45.0859 3160 RSVP - ok
09:50:45.0890 3160 [ F0A21C62B9B835E1C96268EAAE31D239 ] RTLE8023xp C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
09:50:45.0906 3160 RTLE8023xp - ok
09:50:45.0921 3160 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
09:50:45.0921 3160 SamSs - ok
09:50:45.0953 3160 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
09:50:45.0968 3160 SCardSvr - ok
09:50:45.0984 3160 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
09:50:46.0031 3160 Schedule - ok
09:50:46.0046 3160 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
09:50:46.0046 3160 Secdrv - ok
09:50:46.0062 3160 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
09:50:46.0093 3160 seclogon - ok
09:50:46.0109 3160 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
09:50:46.0109 3160 SENS - ok
09:50:46.0125 3160 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
09:50:46.0125 3160 serenum - ok
09:50:46.0140 3160 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
09:50:46.0140 3160 Serial - ok
09:50:46.0203 3160 [ 4AB23FF2A856DCC19A79FEC2C980C256 ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
09:50:46.0218 3160 ServiceLayer - ok
09:50:46.0234 3160 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
09:50:46.0234 3160 Sfloppy - ok
09:50:46.0281 3160 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
09:50:46.0296 3160 SharedAccess - ok
09:50:46.0312 3160 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
09:50:46.0312 3160 ShellHWDetection - ok
09:50:46.0312 3160 Simbad - ok
09:50:46.0328 3160 Sparrow - ok
09:50:46.0343 3160 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
09:50:46.0343 3160 splitter - ok
09:50:46.0359 3160 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
09:50:46.0375 3160 Spooler - ok
09:50:46.0406 3160 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
09:50:46.0406 3160 sr - ok
09:50:46.0437 3160 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
09:50:46.0468 3160 srservice - ok
09:50:46.0484 3160 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
09:50:46.0515 3160 Srv - ok
09:50:46.0531 3160 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
09:50:46.0531 3160 SSDPSRV - ok
09:50:46.0562 3160 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
09:50:46.0562 3160 ssmdrv - ok
09:50:46.0593 3160 [ A9573045BAA16EAB9B1085205B82F1ED ] StillCam C:\WINDOWS\system32\DRIVERS\serscan.sys
09:50:46.0609 3160 StillCam - ok
09:50:46.0640 3160 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
09:50:46.0656 3160 stisvc - ok
09:50:46.0703 3160 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
09:50:46.0703 3160 swenum - ok
09:50:46.0718 3160 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
09:50:46.0718 3160 swmidi - ok
09:50:46.0734 3160 SwPrv - ok
09:50:46.0734 3160 symc810 - ok
09:50:46.0750 3160 symc8xx - ok
09:50:46.0750 3160 sym_hi - ok
09:50:46.0750 3160 sym_u3 - ok
09:50:46.0765 3160 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
09:50:46.0781 3160 sysaudio - ok
09:50:46.0796 3160 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
09:50:46.0812 3160 SysmonLog - ok
09:50:46.0906 3160 [ 099AEE120CAC4A43CE307A828998392F ] TabletServicePen C:\WINDOWS\system32\Pen_Tablet.exe
09:50:46.0937 3160 TabletServicePen - ok
09:50:46.0968 3160 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
09:50:46.0984 3160 TapiSrv - ok
09:50:47.0015 3160 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
09:50:47.0062 3160 Tcpip - ok
09:50:47.0078 3160 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
09:50:47.0078 3160 TDPIPE - ok
09:50:47.0093 3160 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
09:50:47.0093 3160 TDTCP - ok
09:50:47.0125 3160 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
09:50:47.0125 3160 TermDD - ok
09:50:47.0156 3160 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
09:50:47.0187 3160 TermService - ok
09:50:47.0203 3160 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
09:50:47.0218 3160 Themes - ok
09:50:47.0250 3160 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
09:50:47.0281 3160 TlntSvr - ok
09:50:47.0296 3160 TosIde - ok
09:50:47.0296 3160 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
09:50:47.0312 3160 TrkWks - ok
09:50:47.0328 3160 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
09:50:47.0343 3160 Udfs - ok
09:50:47.0343 3160 ultra - ok
09:50:47.0375 3160 [ B2AF2BA8A3205A8458B61F638FB431DD ] UnlockerDriver5 C:\Program Files\Unlocker\UnlockerDriver5.sys
09:50:47.0390 3160 UnlockerDriver5 - ok
09:50:47.0421 3160 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
09:50:47.0453 3160 Update - ok
09:50:47.0484 3160 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
09:50:47.0515 3160 upnphost - ok
09:50:47.0546 3160 [ 2522747BA661514E3770E508CCE45B64 ] upperdev C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
09:50:47.0546 3160 upperdev - ok
09:50:47.0562 3160 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
09:50:47.0578 3160 UPS - ok
09:50:47.0593 3160 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
09:50:47.0625 3160 usbccgp - ok
09:50:47.0656 3160 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
09:50:47.0656 3160 usbehci - ok
09:50:47.0671 3160 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
09:50:47.0687 3160 usbhub - ok
09:50:47.0703 3160 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
09:50:47.0703 3160 usbprint - ok
09:50:47.0718 3160 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
09:50:47.0718 3160 usbscan - ok
09:50:47.0734 3160 [ 1C888B000C2F9492F4B15B5B6B84873E ] usbser C:\WINDOWS\system32\DRIVERS\usbser.sys
09:50:47.0734 3160 usbser - ok
09:50:47.0750 3160 [ 8AA5F86A6C3B3234BEED9556D145BFAC ] UsbserFilt C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
09:50:47.0750 3160 UsbserFilt - ok
09:50:47.0781 3160 [ A32426D9B14A089EAA1D922E0C5801A9 ] usbstor C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
09:50:47.0781 3160 usbstor - ok
09:50:47.0796 3160 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
09:50:47.0796 3160 usbuhci - ok
09:50:47.0828 3160 [ BEE793D4A059CAEA55D6AC20E19B3A8F ] USB_RNDIS C:\WINDOWS\system32\DRIVERS\usb8023.sys
09:50:47.0828 3160 USB_RNDIS - ok
09:50:47.0843 3160 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
09:50:47.0843 3160 VgaSave - ok
09:50:47.0890 3160 [ 51B24990850076F659D1D1DAEFBED6F1 ] VIAHdAudAddService C:\WINDOWS\system32\drivers\viahduaa.sys
09:50:47.0890 3160 VIAHdAudAddService - ok
09:50:47.0906 3160 ViaIde - ok
09:50:47.0906 3160 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
09:50:47.0921 3160 VolSnap - ok
09:50:47.0953 3160 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
09:50:47.0968 3160 VSS - ok
09:50:47.0984 3160 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
09:50:48.0015 3160 W32Time - ok
09:50:48.0046 3160 [ 427A8BC96F16C40DF81C2D2F4EDD32DD ] wacommousefilter C:\WINDOWS\system32\DRIVERS\wacommousefilter.sys
09:50:48.0046 3160 wacommousefilter - ok
09:50:48.0062 3160 [ 51D580F30D1A1F2EA4965AF6ABC2BCB2 ] wacomvhid C:\WINDOWS\system32\DRIVERS\wacomvhid.sys
09:50:48.0062 3160 wacomvhid - ok
09:50:48.0093 3160 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
09:50:48.0109 3160 Wanarp - ok
09:50:48.0140 3160 [ FD47474BD21794508AF449D9D91AF6E6 ] Wdf01000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
09:50:48.0171 3160 Wdf01000 - ok
09:50:48.0187 3160 WDICA - ok
09:50:48.0218 3160 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
09:50:48.0218 3160 wdmaud - ok
09:50:48.0250 3160 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
09:50:48.0265 3160 WebClient - ok
09:50:48.0312 3160 [ EA2AB3C94B1AEE6AA22D543F1F0C62AA ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
09:50:48.0343 3160 winachsf - ok
09:50:48.0406 3160 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
09:50:48.0421 3160 winmgmt - ok
09:50:48.0453 3160 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll
09:50:48.0468 3160 WmdmPmSN - ok
09:50:48.0484 3160 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll
09:50:48.0500 3160 Wmi - ok
09:50:48.0515 3160 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
09:50:48.0531 3160 WmiApSrv - ok
09:50:48.0546 3160 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
09:50:48.0546 3160 WS2IFSL - ok
09:50:48.0578 3160 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
09:50:48.0593 3160 wscsvc - ok
09:50:48.0640 3160 [ 77A3988CF9B5848BCBC9FB6A79508A56 ] WTouchService C:\Program Files\WTouch\WTouchService.exe
09:50:48.0640 3160 WTouchService - ok
09:50:48.0687 3160 [ D29AD7484B98279ED21877DE051A180F ] wuauserv C:\WINDOWS\system32\wuauserv.dll
09:50:48.0703 3160 wuauserv - ok
09:50:48.0703 3160 WudfPf - ok
09:50:48.0718 3160 WudfRd - ok
09:50:48.0765 3160 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
09:50:48.0781 3160 WZCSVC - ok
09:50:48.0796 3160 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
09:50:48.0828 3160 xmlprov - ok
09:50:48.0843 3160 [ 8098180B3F6C430A4E60333BC036F936 ] {95808DC4-FA4A-4c74-92FE-5B863F82066B} C:\Program Files\CyberLink\PowerDVD\000.fcl
09:50:48.0859 3160 {95808DC4-FA4A-4c74-92FE-5B863F82066B} - ok
09:50:48.0859 3160 ================ Scan global ===============================
09:50:48.0890 3160 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
09:50:48.0921 3160 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
09:50:48.0968 3160 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
09:50:48.0984 3160 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
09:50:49.0000 3160 [Global] - ok
09:50:49.0000 3160 ================ Scan MBR ==================================
09:50:49.0015 3160 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
09:50:49.0375 3160 \Device\Harddisk0\DR0 - ok
09:50:49.0375 3160 ================ Scan VBR ==================================
09:50:49.0406 3160 [ 6EF751D7B672B5ED98CBE07BD8FA8569 ] \Device\Harddisk0\DR0\Partition1
09:50:49.0406 3160 \Device\Harddisk0\DR0\Partition1 - ok
09:50:49.0406 3160 [ 4E551C7D7D5E73898A5E36E3610ED275 ] \Device\Harddisk0\DR0\Partition2
09:50:49.0406 3160 \Device\Harddisk0\DR0\Partition2 - ok
09:50:49.0437 3160 [ E648BDCCEC9A000C9A859F5A6E6FAD11 ] \Device\Harddisk0\DR0\Partition3
09:50:49.0437 3160 \Device\Harddisk0\DR0\Partition3 - ok
09:50:49.0437 3160 ============================================================
09:50:49.0437 3160 Scan finished
09:50:49.0437 3160 ============================================================
09:50:49.0453 4016 Detected object count: 0
09:50:49.0453 4016 Actual detected object count: 0




aswMBR log:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-06 09:51:16
-----------------------------
09:51:16.546 OS Version: Windows 5.1.2600 Service Pack 3
09:51:16.546 Number of processors: 2 586 0x1706
09:51:16.546 ComputerName: TRUEFASTER UserName: como
09:51:17.234 Initialize success
09:52:28.531 AVAST engine defs: 12100501
09:52:40.281 The log file has been saved successfully to "C:\aswMBR.txt"



ESET online scanning done and no treats found.

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:59 AM

Posted 05 October 2012 - 04:29 PM

ASWMBR log is incomplete.Run it again and post the new log

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here


Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here

#14 skylark1218

skylark1218
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:10:59 AM

Posted 05 October 2012 - 11:15 PM

Oh I see, I tried it again.

ASWMBR log:


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-06 15:58:39
-----------------------------
15:58:39.703 OS Version: Windows 5.1.2600 Service Pack 3
15:58:39.703 Number of processors: 2 586 0x1706
15:58:39.703 ComputerName: TRUEFASTER UserName: como
15:58:40.359 Initialize success
15:58:51.781 AVAST engine defs: 12100501
15:59:09.406 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-6
15:59:09.406 Disk 0 Vendor: ST3250310AS 4.AAA Size: 238475MB BusType: 3
15:59:09.421 Disk 0 MBR read successfully
15:59:09.437 Disk 0 MBR scan
15:59:09.468 Disk 0 Windows XP default MBR code
15:59:09.468 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 50054 MB offset 63
15:59:09.484 Disk 0 Partition - 00 0F Extended LBA 188418 MB offset 102510765
15:59:09.500 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 94209 MB offset 102510828
15:59:09.515 Disk 0 Partition - 00 05 Extended 94209 MB offset 295451415
15:59:09.531 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 94209 MB offset 295451478
15:59:09.562 Disk 0 scanning sectors +488392065
15:59:09.671 Disk 0 scanning C:\WINDOWS\system32\drivers
15:59:21.515 Service scanning
15:59:37.546 Modules scanning
15:59:42.078 Disk 0 trace - called modules:
15:59:42.078 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
15:59:42.093 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a866ab8]
15:59:42.093 3 CLASSPNP.SYS[ba0e8fd7] -> nt!IofCallDriver -> \Device\0000006d[0x8a82c930]
15:59:42.093 5 ACPI.sys[b9f7f620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-6[0x8a8a1030]
15:59:42.406 AVAST engine scan C:\WINDOWS
15:59:49.484 AVAST engine scan C:\WINDOWS\system32
16:03:24.093 AVAST engine scan C:\WINDOWS\system32\drivers
16:03:43.187 AVAST engine scan C:\Documents and Settings\como
16:08:35.015 AVAST engine scan C:\Documents and Settings\All Users
16:09:30.359 Scan finished successfully
16:24:51.875 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\como\Desktop\MBR.dat"
16:24:51.890 The log file has been saved successfully to "C:\Documents and Settings\como\Desktop\aswMBR.txt"


Mbam log:

Malwarebytes Anti-Malware (Trial) 1.65.0.1400
www.malwarebytes.org

Database version: v2012.10.05.12

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 7.0.5730.13
como :: TRUEFASTER [administrator]

Protection: Disabled

6/10/2012 4:02:50 p.m.
mbam-log-2012-10-06 (16-02-50).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 246037
Time elapsed: 47 minute(s), 2 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\System Volume Information\_restore{30AB7C24-C3B9-41C7-B68B-D1F027CDBFD0}\RP145\A0156713.exe (Trojan.FakeMS) -> Quarantined and deleted successfully.

(end)


mini tool box log:


MiniToolBox by Farbar Version: 23-07-2012
Ran by como (administrator) on 06-10-2012 at 16:59:12
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================
Windows IP ConfigurationSuccessfully flushed the DNS Resolver Cache.
========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.http", "127.0.0.1"
"network.proxy.http_port", 23012
"network.proxy.no_proxies_on", "localhost,127.0.0.1"
"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


127.0.0.1 localhost

========================= IP Configuration: ================================

Realtek RTL8102E Family PCI-E Fast Ethernet NIC = Local Area Connection 2 (Connected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection 2"

set address name="Local Area Connection 2" source=dhcp
set dns name="Local Area Connection 2" source=dhcp register=PRIMARY
set wins name="Local Area Connection 2" source=dhcp


popd
# End of interface IP configuration


Windows IP Configuration Host Name . . . . . . . . . . . . : truefaster Primary Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Unknown IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No DNS Suffix Search List. . . . . . : HomeEthernet adapter Local Area Connection 2: Connection-specific DNS Suffix . : Home Description . . . . . . . . . . . : Realtek RTL8102E Family PCI-E Fast Ethernet NIC Physical Address. . . . . . . . . : 00-24-8C-1D-5B-C0 Dhcp Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes IP Address. . . . . . . . . . . . : 192.168.1.3 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.1.1 DHCP Server . . . . . . . . . . . : 192.168.1.1 DNS Servers . . . . . . . . . . . : 192.168.1.1 Lease Obtained. . . . . . . . . . : Saturday, 6 October 2012 3:49:58 p.m. Lease Expires . . . . . . . . . . : Sunday, 7 October 2012 3:49:58 p.m.Server: NB304N.Home
Address: 192.168.1.1

Name: google.com
Addresses: 203.97.30.166, 203.97.30.168, 203.97.30.172, 203.97.30.174
203.97.30.177, 203.97.30.179, 203.97.30.183, 203.97.30.185, 203.97.30.144
203.97.30.146, 203.97.30.150, 203.97.30.152, 203.97.30.155, 203.97.30.157
203.97.30.161, 203.97.30.163

Pinging google.com [203.97.30.166] with 32 bytes of data:Reply from 203.97.30.166: bytes=32 time=28ms TTL=61Reply from 203.97.30.166: bytes=32 time=29ms TTL=61Ping statistics for 203.97.30.166: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 28ms, Maximum = 29ms, Average = 28msServer: NB304N.Home
Address: 192.168.1.1

Name: yahoo.com
Addresses: 98.139.183.24, 72.30.38.140, 98.138.253.109

Pinging yahoo.com [98.139.183.24] with 32 bytes of data:Reply from 98.139.183.24: bytes=32 time=246ms TTL=43Reply from 98.139.183.24: bytes=32 time=259ms TTL=43Ping statistics for 98.139.183.24: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 246ms, Maximum = 259ms, Average = 252msServer: NB304N.Home
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2

Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:Reply from 208.43.87.2: Destination host unreachable.Reply from 208.43.87.2: Destination host unreachable.Ping statistics for 208.43.87.2: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0msPinging 127.0.0.1 with 32 bytes of data:Reply from 127.0.0.1: bytes=32 time<1ms TTL=64Reply from 127.0.0.1: bytes=32 time<1ms TTL=64Ping statistics for 127.0.0.1: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x10003 ...00 24 8c 1d 5b c0 ...... Realtek RTL8102E Family PCI-E Fast Ethernet NIC
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.3 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.1.0 255.255.255.0 192.168.1.3 192.168.1.3 20
192.168.1.3 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.1.255 255.255.255.255 192.168.1.3 192.168.1.3 20
224.0.0.0 240.0.0.0 192.168.1.3 192.168.1.3 20
255.255.255.255 255.255.255.255 192.168.1.3 192.168.1.3 1
Default Gateway: 192.168.1.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Windows\System32\nwprovau.dll [142336] (Microsoft Corporation)
Catalog9 01 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [261840] (Avira Operations GmbH & Co. KG)
Catalog9 02 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [261840] (Avira Operations GmbH & Co. KG)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 29 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [261840] (Avira Operations GmbH & Co. KG)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/06/2012 09:49:36 AM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This operation returned because the timeout period expired.

Error: (09/13/2012 01:19:29 AM) (Source: Application Error) (User: )
Description: Faulting application acdseeqvpro2.exe, version 1.1.190.0, faulting module unknown, version 0.0.0.0, fault address 0xffffffff.
Processing media-specific event for [acdseeqvpro2.exe!ws!]

Error: (09/12/2012 01:51:05 PM) (Source: Application Error) (User: )
Description: Faulting application acdseeqvpro2.exe, version 1.1.190.0, faulting module unknown, version 0.0.0.0, fault address 0xffffffff.
Processing media-specific event for [acdseeqvpro2.exe!ws!]

Error: (09/08/2012 04:57:39 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Shadow Copy writer RemovableStorageManager called routine OpenNtmsSessionW which failed with status 0x80070015 (converted to 0x800423f3).

Error: (08/30/2012 01:28:07 PM) (Source: Application Error) (User: )
Description: Faulting application acdseeqvpro2.exe, version 1.1.190.0, faulting module unknown, version 0.0.0.0, fault address 0x01f9b051.
Processing media-specific event for [acdseeqvpro2.exe!ws!]

Error: (08/25/2012 05:48:43 PM) (Source: LoadPerf) (User: )
Description: Unable to read the performance counter strings of the 01e language ID.
The Win32 status returned by the call is the first DWORD in Data section.

Error: (08/24/2012 01:53:48 PM) (Source: Application Error) (User: )
Description: Faulting application acdseeqvpro2.exe, version 1.1.190.0, faulting module unknown, version 0.0.0.0, fault address 0x01c1b051.
Processing media-specific event for [acdseeqvpro2.exe!ws!]

Error: (07/31/2012 09:40:02 PM) (Source: Avira Antivirus) (User: NT AUTHORITY)NT AUTHORITY
Description: Unable to load file AVGDLL_Init(avgntflt).
Returned error code: 0xffffffff

Error: (07/31/2012 09:39:48 PM) (Source: Avira Antivirus) (User: NT AUTHORITY)NT AUTHORITY
Description: Unable to load file AVGDLL_Init(avgntflt).
Returned error code: 0xffffffff

Error: (07/31/2012 09:39:17 PM) (Source: Avira Antivirus) (User: NT AUTHORITY)NT AUTHORITY
Description: Unable to load file AVGDLL_Init(avgntflt).
Returned error code: 0xffffffff


System errors:
=============
Error: (10/06/2012 03:51:49 PM) (Source: Service Control Manager) (User: )
Description: The HP CUE DeviceDiscovery Service service hung on starting.

Error: (10/06/2012 10:40:00 AM) (Source: Service Control Manager) (User: )
Description: The HP CUE DeviceDiscovery Service service hung on starting.

Error: (10/06/2012 09:42:19 AM) (Source: Service Control Manager) (User: )
Description: The HP CUE DeviceDiscovery Service service hung on starting.

Error: (10/06/2012 09:36:35 AM) (Source: Service Control Manager) (User: )
Description: The HP CUE DeviceDiscovery Service service hung on starting.

Error: (10/06/2012 09:34:42 AM) (Source: Dhcp) (User: )
Description: The IP address lease 192.168.1.5 for the Network Card with network address 00248C1D5BC0 has been
denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).

Error: (10/06/2012 09:32:12 AM) (Source: Dhcp) (User: )
Description: The IP address lease 192.168.1.5 for the Network Card with network address 00248C1D5BC0 has been
denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).

Error: (10/05/2012 10:02:29 PM) (Source: Service Control Manager) (User: )
Description: The HP CUE DeviceDiscovery Service service hung on starting.

Error: (10/05/2012 10:00:54 PM) (Source: 0) (User: )
Description: 0xC0000001HarddiskVolume1

Error: (10/05/2012 05:56:03 PM) (Source: Service Control Manager) (User: )
Description: The HP CUE DeviceDiscovery Service service hung on starting.

Error: (10/05/2012 05:54:26 PM) (Source: Service Control Manager) (User: )
Description: The SSHNAS service terminated with the following error:
%%126


Microsoft Office Sessions:
=========================
Error: (10/06/2012 09:49:36 AM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis operation returned because the timeout period expired.

Error: (09/13/2012 01:19:29 AM) (Source: Application Error)(User: )
Description: acdseeqvpro2.exe1.1.190.0unknown0.0.0.0ffffffff

Error: (09/12/2012 01:51:05 PM) (Source: Application Error)(User: )
Description: acdseeqvpro2.exe1.1.190.0unknown0.0.0.0ffffffff

Error: (09/08/2012 04:57:39 PM) (Source: VSS)(User: )
Description: 0x800700150x800423f3RemovableStorageManagerOpenNtmsSessionW

Error: (08/30/2012 01:28:07 PM) (Source: Application Error)(User: )
Description: acdseeqvpro2.exe1.1.190.0unknown0.0.0.001f9b051

Error: (08/25/2012 05:48:43 PM) (Source: LoadPerf)(User: )
Description: 01e

Error: (08/24/2012 01:53:48 PM) (Source: Application Error)(User: )
Description: acdseeqvpro2.exe1.1.190.0unknown0.0.0.001c1b051

Error: (07/31/2012 09:40:02 PM) (Source: Avira Antivirus)(User: NT AUTHORITY)NT AUTHORITY
Description: AVGDLL_Init(avgntflt)0xffffffff

Error: (07/31/2012 09:39:48 PM) (Source: Avira Antivirus)(User: NT AUTHORITY)NT AUTHORITY
Description: AVGDLL_Init(avgntflt)0xffffffff

Error: (07/31/2012 09:39:17 PM) (Source: Avira Antivirus)(User: NT AUTHORITY)NT AUTHORITY
Description: AVGDLL_Init(avgntflt)0xffffffff


=========================== Installed Programs ============================

1400 (Version: 47.0.1.000)
1400_Help (Version: 47.1.14.000)
1400Trb (Version: 47.1.14.000)
32 Bit HP CIO Components Installer (Version: 2.1.4)
ACDSee Pro 2 (Version: 2.0.219)
Adobe Flash Player 11 Plugin (Version: 11.4.402.278)
Adobe Reader X (10.1.4) (Version: 10.1.4)
AIMP2
AiO_Scan (Version: 47.0.1.000)
AiOSoftware (Version: 47.0.1.000)
Any Video Converter 2.7.2
Avira Antivirus Premium 2012 (Version: 12.0.0.1183)
Bamboo
BufferChm (Version: 110.0.180.000)
Camera RAW Plug-In for EPSON Creativity Suite (Version: 2.1.0.0)
Cards_Calendar_OrderGift_DoMorePlugout (Version: 2.03.0000)
CCleaner (Version: 3.23)
Choice Guard (Version: 1.2.87.0)
Copy (Version: 110.0.180.000)
Critical Update for Windows Media Player 11 (KB959772)
CX4300_5500_DX4400 manual
Destination Component (Version: 110.0.0.0)
DeviceDiscovery (Version: 110.0.180.000)
DJ_AIO_04_F735_ProductContext (Version: 110.0.197.000)
DJ_AIO_04_F735_Software (Version: 110.0.197.000)
DJ_AIO_04_F735_Software_Min (Version: 110.0.197.000)
DJ_SF_03_D1500_Software (Version: 100.0.206.000)
DJ_SF_03_D1500_Software_Min (Version: 100.0.239.000)
EnglishToThai
EPSON Easy Photo Print (Version: 1.4.4.0)
EPSON Printer Software
EPSON Scan
F735 (Version: 110.0.197.000)
F735_Help (Version: 110.0.197.000)
F735_NCL_Help (Version: 110.0.197.000)
Fax (Version: 47.0.1.000)
Generic SoftK56 Data Fax Modem
GOM Player (Version: 2.1.27.5031)
Google Earth Plug-in (Version: 5.2.1.1588)
Google Update Helper (Version: 1.3.21.123)
GPBaseService (Version: 110.0.180.000)
High Definition Audio Driver Package - KB888111 (Version: 20040219.000000)
Home Sweet Home 2 Kitchens And Baths
HP Customer Participation Program 11.0 (Version: 11.0)
HP Deskjet D1500 Printer Driver Software 10.0 Rel .3 (Version: 10.0)
HP Deskjet F735 All-In-One Driver Software 11.0 Rel .4 (Version: 11.0)
HP Image Zone 4.7 (Version: 4.7)
HP Image Zone Express (Version: 1.1.3.40)
HP Imaging Device Functions 11.0 (Version: 11.0)
HP Photosmart Essential 2.5 (Version: 1.03.0000)
HP Photosmart Essential 3.0 (Version: 3.0)
HP PSC & OfficeJet 4.7
HP Smart Web Printing (Version: 4.0)
HP Software Update (Version: 3.0.2.991)
HP Solution Center 11.0 (Version: 11.0)
HP Update (Version: 4.000.009.002)
HPProductAssistant (Version: 110.0.180.000)
HPSSupply (Version: 110.0.180.000)
HPSystemDiagnostics (Version: 1.6.0.0)
IconX
Intel® Graphics Media Accelerator Driver
International Karting th (Version: th)
Java™ 6 Update 4 (Version: 1.6.0.40)
Junk Mail filter update (Version: 14.0.8064.206)
K-Lite Mega Codec Pack 2.01 (Version: 2.01)
Kasparov Chessmate
Kel's CPL All-in-One Bonus Pack (Version: 7)
LClock
Lock Folder XP 3.6 (Version: 3.6)
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
MarketResearch (Version: 110.0.180.000)
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 1.1 SP1 (Version: 1.1.4322)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft National Language Support Downlevel APIs
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Professional Edition 2003 (Version: 11.0.8173.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Mozilla Firefox 15.0 (x86 en-US) (Version: 15.0)
Mozilla Maintenance Service (Version: 15.0)
MSVC80_x86 (Version: 1.0.1.0)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 6 Service Pack 2 (KB954459) (Version: 6.20.1099.0)
Nero 7 Ultra Edition (Version: 7.02.8637)
neroxml (Version: 1.0.0)
NirSoft BlueScreenView
Nokia Connectivity Cable Driver (Version: 6.86.11.0)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
PaperPort Image Printer (Version: 1.00.0000)
PC Connectivity Solution (Version: 8.13.1.0)
Platform (Version: 1.27)
PowerDVD (Version: 7.2.2414.0)
ProductContext (Version: 47.1.14.000)
PSSWCORE (Version: 2.03.0000)
QFolder (Version: 1.00.0000)
Readme (Version: 47.0.1.000)
REALTEK GbE & FE Ethernet PCI-E NIC Driver (Version: 1.17.0000)
Realtek High Definition Audio Driver
Scan (Version: 11.0.0.0)
ScannerCopy (Version: 4.5.0.0)
ScanSoft PaperPort 11 (Version: 11.1.0000)
Segoe UI (Version: 14.0.4327.805)
Shop for HP Supplies (Version: 11.0)
SmartWebPrinting (Version: 110.0.182.000)
Soft Data Fax Modem with SmartCP
Software Update for Web Folders (Version: 9.60.6715.0)
SolutionCenter (Version: 110.0.180.000)
Speccy (Version: 1.18)
Status (Version: 110.0.180.000)
Thai Translator Tool
ThaiSoftware Dictionary V4.0
Toolbox (Version: 110.0.180.000)
TrayApp (Version: 110.0.180.000)
Unload (Version: 4.5.0)
UnloadSupport (Version: 11.0.0)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB960763) (Version: 1)
Update for Windows XP (KB961503) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
VIA Platform Device Manager (Version: 1.27)
VideoToolkit01 (Version: 110.0.171.000)
VirtuaGirl
Vista Drive Indicator! (Version: 2.2)
WebReg (Version: 110.0.180.000)
WebTablet IE Plugin (Version: 1.1.0.4)
WebTablet Netscape Plugin (Version: 1.1.0.3)
Winamp (Version: 5.52 )
Windows Driver Package - Nokia Modem (03/05/2008 3.7) (Version: 03/05/2008 3.7)
Windows Driver Package - Nokia pccsmcfd (10/12/2007 6.85.4.0) (Version: 10/12/2007 6.85.4.0)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.9.0040.0)
Windows Imaging Component (Version: 3.0.0.0)
Windows Internet Explorer 7 (Version: 20070813.185237)
Windows Live Communications Platform (Version: 14.0.8064.206)
Windows Live Essentials (Version: 14.0.8064.0206)
Windows Live Essentials (Version: 14.0.8064.206)
Windows Live Messenger (Version: 14.0.8064.0206)
Windows Live Photo Gallery (Version: 14.0.8064.206)
Windows Live Sync (Version: 14.0.8064.206)
Windows Live Toolbar (Version: 14.0.8064.206)
Windows Live Writer (Version: 14.0.8064.0206)
Windows XP Service Pack 3 (Version: 20080414.031525)
WinRAR archiver
เครื่องมืออัปโหลดของ Windows Live (Version: 14.0.8014.1029)
จดหมาย Windows Live (Version: 14.0.8064.0206)
ตัวช่วยในการลงชื่อเข้าใช้ Windows Live (Version: 5.000.818.5)

========================= Memory info: ===================================

Percentage of memory in use: 30%
Total physical RAM: 2038.11 MB
Available physical RAM: 1419.4 MB
Total Pagefile: 3931.14 MB
Available Pagefile: 3446.57 MB
Total Virtual: 2047.88 MB
Available Virtual: 1968.23 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:48.88 GB) (Free:29.72 GB) NTFS
2 Drive d: () (Fixed) (Total:92 GB) (Free:86.5 GB) NTFS
3 Drive e: () (Fixed) (Total:92 GB) (Free:91.76 GB) NTFS

========================= Users: ========================================

User accounts for \\TRUEFASTER

Administrator ASPNET como
Guest HelpAssistant SUPPORT_388945a0

========================= Restore Points ==================================

13-07-2012 03:34:50 System Checkpoint
13-07-2012 04:05:44 Software Distribution Service 3.0
20-07-2012 05:43:40 System Checkpoint
22-07-2012 02:32:56 System Checkpoint
08-08-2012 01:51:20 System Checkpoint
11-08-2012 01:14:05 System Checkpoint
13-08-2012 01:46:16 System Checkpoint
15-08-2012 00:00:36 System Checkpoint
15-08-2012 02:38:49 Software Distribution Service 3.0
10-09-2012 02:43:22 System Checkpoint
12-09-2012 13:48:33 Software Distribution Service 3.0
24-09-2012 03:48:56 System Checkpoint
24-09-2012 05:10:00 Software Distribution Service 3.0
28-09-2012 01:24:56 System Checkpoint
05-10-2012 21:23:21 System Checkpoint

**** End of log ****



AdwCleaner log:


# AdwCleaner v2.003 - Logfile created 10/06/2012 at 17:00:51
# Updated 23/09/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : como - TRUEFASTER
# Boot Mode : Normal
# Running from : C:\Documents and Settings\como\My Documents\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Documents and Settings\All Users\Application Data\Trymedia
Folder Deleted : C:\Documents and Settings\como\Application Data\vghd
Folder Deleted : C:\Program Files\vghd

***** [Registry] *****

Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@funwebproducts.com/Plugin

***** [Internet Browsers] *****

-\\ Internet Explorer v7.0.5730.13

Restored : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

-\\ Mozilla Firefox v15.0 (en-US)

Profile name : default
File : C:\Documents and Settings\como\Application Data\Mozilla\Firefox\Profiles\y6zczidb.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Documents and Settings\como\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [1604 octets] - [06/10/2012 17:00:51]

########## EOF - C:\AdwCleaner[S1].txt - [1664 octets] ##########





RKILL log:


Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/06/2012 05:05:52 PM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 3

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* Advanced Explorer Setting Removed: HideIcons [HKCU]

Backup Registry file created at:
C:\Documents and Settings\como\Desktop\rkill\rkill-10-06-2012-05-05-58.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* Cannot edit the HOSTS file.
* Permissions could not be fixed. Use Hosts-perm.bat to fix permissions: http://www.bleepingcomputer.com/download/hosts-permbat/

* HOSTS file entries found:

127.0.0.1 localhost

Program finished at: 10/06/2012 05:06:23 PM
Execution time: 0 hours(s), 0 minute(s), and 31 seconds(s)

#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:59 AM

Posted 06 October 2012 - 05:07 AM

No signs of malware.

Uninstall Avira antivirus and let us know if you still have BSOD.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users