Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

HP Blue screen on start up


  • Please log in to reply
18 replies to this topic

#1 LAB811

LAB811

  • Members
  • 161 posts
  • OFFLINE
  •  
  • Local time:04:40 AM

Posted 04 October 2012 - 05:19 PM

Hi i have been having problems the last 2 weeks. I have an HP Pavillion a1243 with windows XP Service Pack 3. I have Avira anti virus and a few times it found a TR but I can't get into it to try to find out what it found in the past. I ran a Malwarebytes full scan last night it it found nothing. I will post the log. I think that whatever virus this is is changing things if that is possible. I don't even trust my antivirus software now. I have a problem if i reboot even getting into safe mode but I'm in now and asking your help. Please let me know where to start. I am not a computer geek but I can and will follow all of your directions. Please just write it simply and explain fully. Thanks for any help. Here is the log.
Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Database version: v2012.09.28.07

Windows XP Service Pack 3 x86 NTFS (Safe Mode/Networking)
Internet Explorer 8.0.6001.18702
HP_Administrator :: YOUR-4DACD0EA75 [administrator]

10/3/2012 6:29:34 PM
mbam-log-2012-10-03 (18-29-34).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 364666
Time elapsed: 4 hour(s), 54 minute(s), 54 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

Moderator Edit: Moved topic from Windows XP Home and Professional to the more appropriate forum
By Roger

Edited by rotor123, 04 October 2012 - 05:22 PM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:40 AM

Posted 04 October 2012 - 05:30 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 LAB811

LAB811
  • Topic Starter

  • Members
  • 161 posts
  • OFFLINE
  •  
  • Local time:04:40 AM

Posted 04 October 2012 - 05:52 PM

OK ran the TDSSkiller and it did find Rootkit.Boot.Sinowallb
Physical drive:/Device/Harddisk D/DRO. It gave me an option I clicked cure is that correct??

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:40 AM

Posted 04 October 2012 - 05:54 PM

yes

#5 LAB811

LAB811
  • Topic Starter

  • Members
  • 161 posts
  • OFFLINE
  •  
  • Local time:04:40 AM

Posted 04 October 2012 - 06:42 PM

OK so I clicked on Cure and then had to restart the computer for the cure to take it said. Well apparently it didn't take because I got the same blue screen and now had to go back in safe mode. Do I go onto the next step aswMBR or do something else?

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:40 AM

Posted 04 October 2012 - 06:47 PM

Run TDSSkiller again and post the log with other logs

#7 LAB811

LAB811
  • Topic Starter

  • Members
  • 161 posts
  • OFFLINE
  •  
  • Local time:04:40 AM

Posted 04 October 2012 - 07:24 PM

Log from TDDSKIller second time

19:59:27.0406 1800 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
19:59:27.0906 1800 ============================================================
19:59:27.0906 1800 Current date / time: 2012/10/04 19:59:27.0906
19:59:27.0906 1800 SystemInfo:
19:59:27.0906 1800
19:59:27.0906 1800 OS Version: 5.1.2600 ServicePack: 3.0
19:59:27.0906 1800 Product type: Workstation
19:59:27.0906 1800 ComputerName: YOUR-4DACD0EA75
19:59:27.0906 1800 UserName: HP_Administrator
19:59:27.0906 1800 Windows directory: C:\WINDOWS
19:59:27.0906 1800 System windows directory: C:\WINDOWS
19:59:27.0906 1800 Processor architecture: Intel x86
19:59:27.0906 1800 Number of processors: 1
19:59:27.0906 1800 Page size: 0x1000
19:59:27.0906 1800 Boot type: Safe boot with network
19:59:27.0906 1800 ============================================================
19:59:35.0234 1800 BG loaded
19:59:35.0859 1800 Drive \Device\Harddisk0\DR0 - Size: 0x12A3F92000 (74.56 Gb), SectorSize: 0x200, Cylinders: 0x2605, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
19:59:35.0859 1800 ============================================================
19:59:35.0859 1800 \Device\Harddisk0\DR0:
19:59:35.0859 1800 MBR partitions:
19:59:35.0859 1800 \Device\Harddisk0\DR0\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x1105758
19:59:35.0859 1800 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1105797, BlocksNum 0x841496D
19:59:35.0859 1800 ============================================================
19:59:35.0968 1800 C: <-> \Device\Harddisk0\DR0\Partition2
19:59:35.0968 1800 D: <-> \Device\Harddisk0\DR0\Partition1
19:59:35.0984 1800 ============================================================
19:59:35.0984 1800 Initialize success
19:59:35.0984 1800 ============================================================
19:59:43.0703 1468 ============================================================
19:59:43.0703 1468 Scan started
19:59:43.0703 1468 Mode: Manual; TDLFS;
19:59:43.0703 1468 ============================================================
19:59:48.0234 1468 ================ Scan system memory ========================
19:59:48.0234 1468 System memory - ok
19:59:48.0250 1468 ================ Scan services =============================
19:59:49.0250 1468 Abiosdsk - ok
19:59:49.0281 1468 abp480n5 - ok
19:59:49.0578 1468 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
19:59:49.0765 1468 ACPI - ok
19:59:49.0812 1468 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
19:59:49.0828 1468 ACPIEC - ok
19:59:50.0171 1468 [ E12CFCF1DDBFC50948A75E6E38793225 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:59:50.0453 1468 AdobeFlashPlayerUpdateSvc - ok
19:59:50.0484 1468 adpu160m - ok
19:59:50.0703 1468 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
19:59:50.0890 1468 aec - ok
19:59:51.0093 1468 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
19:59:51.0250 1468 AFD - ok
19:59:52.0437 1468 [ B7D2103EB2ECB765B2B7106BAD089AB1 ] AgereSoftModem C:\WINDOWS\system32\DRIVERS\AGRSM.sys
19:59:53.0531 1468 AgereSoftModem - ok
19:59:53.0562 1468 Aha154x - ok
19:59:53.0593 1468 aic78u2 - ok
19:59:53.0625 1468 aic78xx - ok
19:59:57.0265 1468 [ 7F26D024355CBADB60838F53DFB171EC ] ALCXWDM C:\WINDOWS\system32\drivers\ALCXWDM.SYS
20:00:00.0812 1468 ALCXWDM - ok
20:00:00.0890 1468 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
20:00:00.0921 1468 Alerter - ok
20:00:01.0046 1468 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
20:00:01.0093 1468 ALG - ok
20:00:01.0109 1468 AliIde - ok
20:00:01.0218 1468 [ 59301936898AE62245A6F09C0ABA9475 ] AmdK8 C:\WINDOWS\system32\DRIVERS\AmdK8.sys
20:00:01.0265 1468 AmdK8 - ok
20:00:01.0281 1468 amsint - ok
20:00:01.0515 1468 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
20:00:01.0687 1468 AppMgmt - ok
20:00:01.0812 1468 [ 00523019E3579C8F8A94457FE25F0F24 ] aracpi C:\WINDOWS\system32\DRIVERS\aracpi.sys
20:00:01.0843 1468 aracpi - ok
20:00:01.0906 1468 [ 9FEDAA46EB1A572AC4D9EE6B5F123CF2 ] arhidfltr C:\WINDOWS\system32\DRIVERS\arhidfltr.sys
20:00:01.0921 1468 arhidfltr - ok
20:00:01.0968 1468 [ 82969576093CD983DD559F5A86F382B4 ] arkbcfltr C:\WINDOWS\system32\DRIVERS\arkbcfltr.sys
20:00:01.0984 1468 arkbcfltr - ok
20:00:02.0031 1468 [ 9B21791D8A78FAECE999FADBEBDA6C22 ] armoucfltr C:\WINDOWS\system32\DRIVERS\armoucfltr.sys
20:00:02.0046 1468 armoucfltr - ok
20:00:02.0187 1468 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
20:00:02.0250 1468 Arp1394 - ok
20:00:02.0312 1468 [ 7A2DA7C7B0C524EF26A79F17A5C69FDE ] ARPolicy C:\WINDOWS\system32\DRIVERS\arpolicy.sys
20:00:02.0328 1468 ARPolicy - ok
20:00:02.0453 1468 [ 9A0D9B2E263BEDE80FB79DDBAD240EC1 ] ARSVC C:\WINDOWS\arservice.exe
20:00:07.0343 1468 ARSVC - ok
20:00:07.0375 1468 asc - ok
20:00:07.0406 1468 asc3350p - ok
20:00:07.0453 1468 asc3550 - ok
20:00:07.0796 1468 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
20:00:07.0859 1468 aspnet_state - ok
20:00:07.0937 1468 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
20:00:07.0968 1468 AsyncMac - ok
20:00:08.0125 1468 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
20:00:08.0125 1468 atapi - ok
20:00:08.0171 1468 Atdisk - ok
20:00:08.0609 1468 [ D21352BCAAB174948EB9672BC203BB0F ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
20:00:09.0046 1468 Ati HotKey Poller - ok
20:00:10.0359 1468 [ 7A6CF9F411A9C5BD5C442A1CD46AF401 ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
20:00:11.0687 1468 ati2mtag - ok
20:00:11.0828 1468 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
20:00:11.0890 1468 Atmarpc - ok
20:00:12.0000 1468 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
20:00:12.0046 1468 AudioSrv - ok
20:00:12.0109 1468 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
20:00:12.0125 1468 audstub - ok
20:00:12.0593 1468 [ 0007CACB5A43339E24C38E5E20028FEE ] AviraUpgradeService C:\WINDOWS\TEMP\AVSETUP_506e07c7\avupgsvc.exe
20:00:12.0796 1468 AviraUpgradeService - ok
20:00:12.0875 1468 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
20:00:12.0875 1468 Beep - ok
20:00:13.0375 1468 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
20:00:13.0828 1468 BITS - ok
20:00:13.0984 1468 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
20:00:14.0062 1468 Browser - ok
20:00:14.0125 1468 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
20:00:14.0140 1468 cbidf2k - ok
20:00:14.0234 1468 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
20:00:14.0250 1468 CCDECODE - ok
20:00:14.0281 1468 cd20xrnt - ok
20:00:14.0343 1468 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
20:00:14.0375 1468 Cdaudio - ok
20:00:14.0500 1468 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
20:00:14.0562 1468 Cdfs - ok
20:00:14.0656 1468 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
20:00:14.0718 1468 Cdrom - ok
20:00:14.0750 1468 Changer - ok
20:00:14.0812 1468 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
20:00:14.0828 1468 CiSvc - ok
20:00:15.0015 1468 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
20:00:15.0062 1468 ClipSrv - ok
20:00:15.0203 1468 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:00:15.0328 1468 clr_optimization_v2.0.50727_32 - ok
20:00:15.0343 1468 CmdIde - ok
20:00:15.0796 1468 [ E5842CCF0953D3D46D5E26427B67E901 ] cmpci C:\WINDOWS\system32\drivers\cmaudio.sys
20:00:16.0234 1468 cmpci - ok
20:00:17.0609 1468 [ E02E0EBBED23D6EFBF1300D08D57D7AA ] cmuda3 C:\WINDOWS\system32\drivers\cmuda3.sys
20:00:19.0000 1468 cmuda3 - ok
20:00:19.0031 1468 COMSysApp - ok
20:00:19.0078 1468 Cpqarray - ok
20:00:19.0218 1468 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
20:00:19.0281 1468 CryptSvc - ok
20:00:19.0609 1468 [ AEFB8558199BD5212B268B09BFA1D71A ] CSHelper C:\WINDOWS\system32\CSHelper.exe
20:00:19.0937 1468 CSHelper - ok
20:00:19.0968 1468 dac2w2k - ok
20:00:20.0000 1468 dac960nt - ok
20:00:20.0468 1468 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
20:00:20.0875 1468 DcomLaunch - ok
20:00:21.0062 1468 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
20:00:21.0218 1468 Dhcp - ok
20:00:21.0328 1468 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
20:00:21.0375 1468 Disk - ok
20:00:21.0406 1468 dmadmin - ok
20:00:22.0250 1468 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
20:00:23.0078 1468 dmboot - ok
20:00:23.0265 1468 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
20:00:23.0421 1468 dmio - ok
20:00:23.0468 1468 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
20:00:23.0484 1468 dmload - ok
20:00:23.0578 1468 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
20:00:23.0609 1468 dmserver - ok
20:00:23.0718 1468 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
20:00:23.0765 1468 DMusic - ok
20:00:23.0906 1468 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
20:00:23.0953 1468 Dnscache - ok
20:00:24.0156 1468 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
20:00:24.0312 1468 Dot3svc - ok
20:00:24.0343 1468 dpti2o - ok
20:00:24.0421 1468 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
20:00:24.0421 1468 drmkaud - ok
20:00:24.0531 1468 [ 4823163C246868863D41A2F5EE06A21E ] dsNcAdpt C:\WINDOWS\system32\DRIVERS\dsNcAdpt.sys
20:00:24.0546 1468 dsNcAdpt - ok
20:00:25.0156 1468 [ D52266A22AC0A78FFF861698F553C95A ] dsNcService C:\Program Files\Juniper Networks\Common Files\dsNcService.exe
20:00:25.0609 1468 dsNcService - ok
20:00:25.0718 1468 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
20:00:25.0750 1468 EapHost - ok
20:00:26.0109 1468 [ 5D1347AA5AE6E2F77D7F4F8372D95AC9 ] ehRecvr C:\WINDOWS\eHome\ehRecvr.exe
20:00:26.0437 1468 ehRecvr - ok
20:00:26.0609 1468 [ A53243709439AC2A4C216B817F8D7411 ] ehSched C:\WINDOWS\eHome\ehSched.exe
20:00:26.0703 1468 ehSched - ok
20:00:26.0843 1468 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
20:00:26.0859 1468 ERSvc - ok
20:00:27.0062 1468 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
20:00:27.0171 1468 Eventlog - ok
20:00:27.0484 1468 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
20:00:27.0734 1468 EventSystem - ok
20:00:27.0937 1468 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
20:00:28.0250 1468 Fastfat - ok
20:00:28.0421 1468 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
20:00:28.0562 1468 FastUserSwitchingCompatibility - ok
20:00:28.0906 1468 [ E97D6A8684466DF94FF3BC24FB787A07 ] Fax C:\WINDOWS\system32\fxssvc.exe
20:00:29.0171 1468 Fax - ok
20:00:29.0281 1468 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
20:00:29.0296 1468 Fdc - ok
20:00:29.0437 1468 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
20:00:29.0484 1468 Fips - ok
20:00:29.0531 1468 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
20:00:29.0562 1468 Flpydisk - ok
20:00:29.0750 1468 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
20:00:29.0875 1468 FltMgr - ok
20:00:30.0046 1468 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
20:00:30.0109 1468 FontCache3.0.0.0 - ok
20:00:30.0203 1468 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:00:30.0218 1468 Fs_Rec - ok
20:00:30.0375 1468 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
20:00:30.0500 1468 Ftdisk - ok
20:00:30.0531 1468 ftsata2 - ok
20:00:30.0609 1468 [ 065639773D8B03F33577F6CDAEA21063 ] gameenum C:\WINDOWS\system32\DRIVERS\gameenum.sys
20:00:30.0625 1468 gameenum - ok
20:00:30.0734 1468 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
20:00:30.0781 1468 Gpc - ok
20:00:31.0031 1468 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
20:00:31.0187 1468 gusvc - ok
20:00:31.0421 1468 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
20:00:31.0453 1468 helpsvc - ok
20:00:31.0484 1468 HidServ - ok
20:00:31.0562 1468 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
20:00:31.0578 1468 HidUsb - ok
20:00:31.0703 1468 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
20:00:31.0765 1468 hkmsvc - ok
20:00:31.0796 1468 hpn - ok
20:00:32.0281 1468 [ B14328CFEEB6B736BE44C2C9DB3B162C ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
20:00:32.0609 1468 hpqcxs08 - ok
20:00:32.0812 1468 [ DF446BA625CC441617843E87798CE048 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
20:00:32.0984 1468 hpqddsvc - ok
20:00:33.0109 1468 [ D03D10F7DED688FECF50F8FBF1EA9B8A ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
20:00:33.0156 1468 HPZid412 - ok
20:00:33.0250 1468 [ 89F41658929393487B6B7D13C8528CE3 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
20:00:33.0265 1468 HPZipr12 - ok
20:00:33.0343 1468 [ ABCB05CCDBF03000354B9553820E39F8 ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
20:00:33.0375 1468 HPZius12 - ok
20:00:33.0703 1468 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
20:00:33.0984 1468 HTTP - ok
20:00:34.0078 1468 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
20:00:34.0093 1468 HTTPFilter - ok
20:00:34.0125 1468 i2omgmt - ok
20:00:34.0156 1468 i2omp - ok
20:00:34.0281 1468 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
20:00:34.0343 1468 i8042prt - ok
20:00:35.0265 1468 [ 9A65E42664D1534B68512CAAD0EFE963 ] iaStor C:\WINDOWS\system32\DRIVERS\iaStor.sys
20:00:36.0125 1468 iaStor - ok
20:00:36.0359 1468 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
20:00:36.0453 1468 IDriverT - ok
20:00:37.0406 1468 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:00:38.0328 1468 idsvc - ok
20:00:38.0421 1468 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
20:00:38.0468 1468 Imapi - ok
20:00:38.0656 1468 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
20:00:38.0812 1468 ImapiService - ok
20:00:38.0859 1468 ini910u - ok
20:00:38.0953 1468 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
20:00:38.0968 1468 IntelIde - ok
20:00:39.0046 1468 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
20:00:39.0093 1468 intelppm - ok
20:00:39.0171 1468 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
20:00:39.0218 1468 Ip6Fw - ok
20:00:39.0296 1468 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:00:39.0343 1468 IpFilterDriver - ok
20:00:39.0406 1468 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
20:00:39.0421 1468 IpInIp - ok
20:00:39.0625 1468 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
20:00:39.0781 1468 IpNat - ok
20:00:39.0906 1468 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
20:00:39.0984 1468 IPSec - ok
20:00:40.0046 1468 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
20:00:40.0062 1468 IRENUM - ok
20:00:40.0171 1468 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
20:00:40.0203 1468 isapnp - ok
20:00:40.0562 1468 [ 80F08F50D248EEEEB9256F6522891D40 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
20:00:40.0750 1468 JavaQuickStarterService - ok
20:00:40.0843 1468 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
20:00:40.0875 1468 Kbdclass - ok
20:00:40.0921 1468 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
20:00:40.0937 1468 kbdhid - ok
20:00:41.0187 1468 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
20:00:41.0421 1468 kmixer - ok
20:00:41.0593 1468 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
20:00:41.0687 1468 KSecDD - ok
20:00:41.0875 1468 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
20:00:41.0968 1468 lanmanserver - ok
20:00:42.0187 1468 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
20:00:42.0328 1468 lanmanworkstation - ok
20:00:42.0359 1468 lbrtfdc - ok
20:00:42.0500 1468 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
20:00:42.0515 1468 LmHosts - ok
20:00:42.0593 1468 [ 8BE71D7EDB8C7494913722059F760DD0 ] LVPr2Mon C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys
20:00:42.0625 1468 LVPr2Mon - ok
20:00:43.0000 1468 [ 7521C0C58EE91BE90B6CC33E792D10C7 ] LVRS C:\WINDOWS\system32\DRIVERS\lvrs.sys
20:00:43.0343 1468 LVRS - ok
20:00:47.0890 1468 [ 37E57C48AF530DF01CDD4E8A2AD77B51 ] LVUVC C:\WINDOWS\system32\DRIVERS\lvuvc.sys
20:00:52.0250 1468 LVUVC - ok
20:00:52.0328 1468 [ 98312C9EAB656053BE1ACA3A8A5912B3 ] MASPINT C:\WINDOWS\system32\drivers\MASPINT.sys
20:00:52.0343 1468 MASPINT - ok
20:00:52.0500 1468 [ DF0A511F38F16016BF658FCA0090CB87 ] McrdSvc C:\WINDOWS\ehome\mcrdsvc.exe
20:00:52.0625 1468 McrdSvc - ok
20:00:53.0156 1468 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
20:00:53.0484 1468 MDM - ok
20:00:53.0609 1468 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
20:00:53.0640 1468 Messenger - ok
20:00:53.0843 1468 [ B7521F69C0A9B29D356157229376FB21 ] MHN C:\WINDOWS\System32\mhn.dll
20:00:53.0921 1468 MHN - ok
20:00:53.0984 1468 [ 7F2F1D2815A6449D346FCCCBC569FBD6 ] MHNDRV C:\WINDOWS\system32\DRIVERS\mhndrv.sys
20:00:54.0000 1468 MHNDRV - ok
20:00:54.0093 1468 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
20:00:54.0093 1468 mnmdd - ok
20:00:54.0187 1468 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
20:00:54.0218 1468 mnmsrvc - ok
20:00:54.0296 1468 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
20:00:54.0328 1468 Modem - ok
20:00:54.0390 1468 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
20:00:54.0421 1468 Mouclass - ok
20:00:54.0484 1468 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
20:00:54.0500 1468 mouhid - ok
20:00:54.0578 1468 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
20:00:54.0625 1468 MountMgr - ok
20:00:54.0906 1468 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
20:00:55.0046 1468 MozillaMaintenance - ok
20:00:55.0078 1468 mraid35x - ok
20:00:55.0203 1468 [ 9BD4DCB5412921864A7AACDEDFBD1923 ] MREMP50 C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
20:00:55.0281 1468 MREMP50 - ok
20:00:55.0312 1468 MREMP50a64 - ok
20:00:55.0343 1468 MREMPR5 - ok
20:00:55.0375 1468 MRENDIS5 - ok
20:00:55.0437 1468 [ 07C02C892E8E1A72D6BF35004F0E9C5E ] MRESP50 C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
20:00:55.0468 1468 MRESP50 - ok
20:00:55.0484 1468 MRESP50a64 - ok
20:00:55.0718 1468 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
20:00:56.0000 1468 MRxDAV - ok
20:00:56.0109 1468 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
20:00:56.0109 1468 MSDTC - ok
20:00:56.0218 1468 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
20:00:56.0234 1468 Msfs - ok
20:00:56.0250 1468 MSIServer - ok
20:00:56.0312 1468 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:00:56.0312 1468 MSKSSRV - ok
20:00:56.0375 1468 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:00:56.0375 1468 MSPCLOCK - ok
20:00:56.0421 1468 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
20:00:56.0437 1468 MSPQM - ok
20:00:56.0531 1468 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
20:00:56.0546 1468 mssmbios - ok
20:00:56.0656 1468 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
20:00:56.0656 1468 MSTEE - ok
20:00:56.0859 1468 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
20:00:57.0062 1468 Mup - ok
20:00:57.0187 1468 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
20:00:57.0265 1468 NABTSFEC - ok
20:00:57.0625 1468 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
20:00:57.0921 1468 napagent - ok
20:00:58.0250 1468 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
20:00:58.0453 1468 NDIS - ok
20:00:58.0515 1468 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
20:00:58.0531 1468 NdisIP - ok
20:00:58.0593 1468 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:00:58.0609 1468 NdisTapi - ok
20:00:58.0703 1468 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:00:58.0718 1468 Ndisuio - ok
20:00:58.0828 1468 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:00:58.0921 1468 NdisWan - ok
20:00:59.0031 1468 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
20:00:59.0078 1468 NDProxy - ok
20:00:59.0203 1468 [ A081CB6FB9A12668F233EB5414BE3A0E ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll
20:00:59.0250 1468 Net Driver HPZ12 - ok
20:00:59.0359 1468 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
20:00:59.0390 1468 NetBIOS - ok
20:00:59.0609 1468 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
20:00:59.0781 1468 NetBT - ok
20:00:59.0968 1468 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
20:01:00.0093 1468 NetDDE - ok
20:01:00.0234 1468 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
20:01:00.0234 1468 NetDDEdsdm - ok
20:01:00.0296 1468 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
20:01:00.0296 1468 Netlogon - ok
20:01:00.0578 1468 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
20:01:00.0796 1468 Netman - ok
20:01:01.0046 1468 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:01:01.0203 1468 NetTcpPortSharing - ok
20:01:01.0328 1468 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
20:01:01.0390 1468 NIC1394 - ok
20:01:01.0734 1468 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
20:01:01.0968 1468 Nla - ok
20:01:02.0046 1468 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
20:01:02.0078 1468 Npfs - ok
20:01:02.0656 1468 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
20:01:03.0234 1468 Ntfs - ok
20:01:03.0281 1468 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
20:01:03.0281 1468 NtLmSsp - ok
20:01:03.0765 1468 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
20:01:04.0203 1468 NtmsSvc - ok
20:01:04.0281 1468 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
20:01:04.0281 1468 Null - ok
20:01:04.0343 1468 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
20:01:04.0359 1468 NwlnkFlt - ok
20:01:04.0437 1468 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
20:01:04.0468 1468 NwlnkFwd - ok
20:01:04.0593 1468 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
20:01:04.0656 1468 ohci1394 - ok
20:01:04.0812 1468 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:01:04.0906 1468 ose - ok
20:01:05.0296 1468 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
20:01:05.0390 1468 Parport - ok
20:01:05.0484 1468 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
20:01:05.0500 1468 PartMgr - ok
20:01:05.0562 1468 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
20:01:05.0578 1468 ParVdm - ok
20:01:05.0687 1468 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
20:01:05.0750 1468 PCI - ok
20:01:05.0812 1468 PCIDump - ok
20:01:05.0859 1468 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
20:01:05.0875 1468 PCIIde - ok
20:01:06.0062 1468 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
20:01:06.0187 1468 Pcmcia - ok
20:01:06.0328 1468 [ CC174F32CC9C18EA3109C4B0FC2CA8DF ] PCTAppEvent C:\WINDOWS\system32\drivers\PCTAppEvent.sys
20:01:06.0406 1468 PCTAppEvent - ok
20:01:06.0562 1468 [ 4A7EF973FCD9C6CAD6040EBB61262A5C ] PCTFW-PacketFilter C:\WINDOWS\system32\drivers\pctNdis-PacketFilter.sys
20:01:06.0625 1468 PCTFW-PacketFilter - ok
20:01:06.0968 1468 [ 39E8623F9F29DBC9E053A696D85F8AC6 ] pctgntdi C:\WINDOWS\system32\drivers\pctgntdi.sys
20:01:07.0187 1468 pctgntdi - ok
20:01:07.0312 1468 [ 8BBE917BC4DA64B0BA8DB33D4C0E0B7D ] pctNDIS C:\WINDOWS\system32\DRIVERS\pctNdis.sys
20:01:07.0375 1468 pctNDIS - ok
20:01:08.0265 1468 [ C45ED958D60B95E98BACB45F4F2F1649 ] PCToolsFirewallPlus C:\Program Files\PC Tools Firewall Plus\FWService.exe
20:01:09.0078 1468 PCToolsFirewallPlus - ok
20:01:09.0281 1468 [ 6D74DF36716A458619A62DD764FC4F8B ] pctplfw C:\WINDOWS\system32\drivers\pctplfw.sys
20:01:09.0390 1468 pctplfw - ok
20:01:09.0421 1468 PDCOMP - ok
20:01:09.0453 1468 PDFRAME - ok
20:01:09.0500 1468 PDRELI - ok
20:01:09.0531 1468 PDRFRAME - ok
20:01:09.0562 1468 perc2 - ok
20:01:09.0593 1468 perc2hib - ok
20:01:09.0796 1468 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
20:01:09.0796 1468 PlugPlay - ok
20:01:09.0921 1468 [ 65BC271F337637731D3C71455AE1F476 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll
20:01:09.0984 1468 Pml Driver HPZ12 - ok
20:01:10.0031 1468 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
20:01:10.0031 1468 PolicyAgent - ok
20:01:10.0125 1468 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
20:01:10.0171 1468 PptpMiniport - ok
20:01:10.0296 1468 [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
20:01:10.0328 1468 Processor - ok
20:01:10.0359 1468 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
20:01:10.0359 1468 ProtectedStorage - ok
20:01:10.0453 1468 [ 390C204CED3785609AB24E9C52054A84 ] Ps2 C:\WINDOWS\system32\DRIVERS\PS2.sys
20:01:10.0484 1468 Ps2 - ok
20:01:10.0562 1468 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
20:01:10.0640 1468 PSched - ok
20:01:10.0734 1468 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
20:01:10.0750 1468 Ptilink - ok
20:01:10.0843 1468 [ 86724469CD077901706854974CD13C3E ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
20:01:10.0875 1468 PxHelp20 - ok
20:01:10.0906 1468 ql1080 - ok
20:01:10.0937 1468 Ql10wnt - ok
20:01:10.0968 1468 ql12160 - ok
20:01:11.0031 1468 ql1240 - ok
20:01:11.0062 1468 ql1280 - ok
20:01:11.0140 1468 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:01:11.0140 1468 RasAcd - ok
20:01:11.0328 1468 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
20:01:11.0421 1468 RasAuto - ok
20:01:11.0546 1468 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:01:11.0593 1468 Rasl2tp - ok
20:01:11.0843 1468 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
20:01:12.0062 1468 RasMan - ok
20:01:12.0156 1468 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:01:12.0203 1468 RasPppoe - ok
20:01:12.0281 1468 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
20:01:12.0312 1468 Raspti - ok
20:01:12.0546 1468 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:01:12.0750 1468 Rdbss - ok
20:01:12.0781 1468 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
20:01:12.0796 1468 RDPCDD - ok
20:01:13.0062 1468 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
20:01:13.0250 1468 rdpdr - ok
20:01:13.0500 1468 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
20:01:13.0656 1468 RDPWD - ok
20:01:13.0859 1468 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
20:01:14.0000 1468 RDSessMgr - ok
20:01:14.0125 1468 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
20:01:14.0171 1468 redbook - ok
20:01:14.0328 1468 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
20:01:14.0375 1468 RemoteAccess - ok
20:01:14.0484 1468 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
20:01:14.0546 1468 RemoteRegistry - ok
20:01:14.0687 1468 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
20:01:14.0765 1468 RpcLocator - ok
20:01:15.0171 1468 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\System32\rpcss.dll
20:01:15.0187 1468 RpcSs - ok
20:01:15.0421 1468 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
20:01:15.0562 1468 RSVP - ok
20:01:15.0750 1468 [ CF84B1F0E8B14D4120AAF9CF35CBB265 ] RTL8023xp C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
20:01:15.0875 1468 RTL8023xp - ok
20:01:15.0968 1468 [ D507C1400284176573224903819FFDA3 ] rtl8139 C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
20:01:16.0000 1468 rtl8139 - ok
20:01:16.0062 1468 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
20:01:16.0062 1468 SamSs - ok
20:01:16.0187 1468 [ A3281AEC37E0720A2BC28034C2DF2A56 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
20:01:16.0218 1468 SASDIFSV - ok
20:01:16.0328 1468 [ 61DB0D0756A99506207FD724E3692B25 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
20:01:16.0390 1468 SASKUTIL - ok
20:01:16.0546 1468 [ E121185ABCC7F6F2875843ED3236D245 ] SBRE C:\WINDOWS\system32\drivers\SBREdrv.sys
20:01:16.0640 1468 SBRE - ok
20:01:16.0781 1468 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
20:01:16.0875 1468 SCardSvr - ok
20:01:17.0171 1468 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
20:01:17.0390 1468 Schedule - ok
20:01:17.0484 1468 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
20:01:17.0500 1468 Secdrv - ok
20:01:17.0578 1468 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
20:01:17.0593 1468 seclogon - ok
20:01:17.0687 1468 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
20:01:17.0718 1468 SENS - ok
20:01:17.0828 1468 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
20:01:17.0890 1468 Serial - ok
20:01:18.0031 1468 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
20:01:18.0046 1468 Sfloppy - ok
20:01:18.0437 1468 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
20:01:18.0781 1468 SharedAccess - ok
20:01:18.0953 1468 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
20:01:18.0953 1468 ShellHWDetection - ok
20:01:18.0984 1468 Simbad - ok
20:01:19.0250 1468 [ A37740568718F245E818D0C5575B9AA9 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
20:01:19.0453 1468 SkypeUpdate - ok
20:01:19.0546 1468 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
20:01:19.0562 1468 SLIP - ok
20:01:19.0593 1468 Sparrow - ok
20:01:19.0671 1468 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
20:01:19.0671 1468 splitter - ok
20:01:19.0796 1468 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
20:01:19.0859 1468 Spooler - ok
20:01:19.0953 1468 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
20:01:20.0031 1468 sr - ok
20:01:20.0265 1468 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
20:01:20.0437 1468 srservice - ok
20:01:20.0843 1468 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
20:01:21.0203 1468 Srv - ok
20:01:21.0312 1468 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
20:01:21.0390 1468 SSDPSRV - ok
20:01:21.0781 1468 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
20:01:22.0156 1468 stisvc - ok
20:01:22.0218 1468 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
20:01:22.0234 1468 streamip - ok
20:01:22.0281 1468 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
20:01:22.0296 1468 swenum - ok
20:01:22.0421 1468 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
20:01:22.0484 1468 swmidi - ok
20:01:22.0515 1468 SwPrv - ok
20:01:22.0562 1468 symc810 - ok
20:01:22.0593 1468 symc8xx - ok
20:01:22.0625 1468 sym_hi - ok
20:01:22.0656 1468 sym_u3 - ok
20:01:22.0750 1468 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
20:01:22.0812 1468 sysaudio - ok
20:01:22.0968 1468 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
20:01:23.0078 1468 SysmonLog - ok
20:01:23.0375 1468 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
20:01:23.0656 1468 TapiSrv - ok
20:01:24.0093 1468 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:01:24.0453 1468 Tcpip - ok
20:01:24.0562 1468 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
20:01:24.0765 1468 TDPIPE - ok
20:01:24.0843 1468 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
20:01:24.0875 1468 TDTCP - ok
20:01:24.0968 1468 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
20:01:25.0015 1468 TermDD - ok
20:01:25.0375 1468 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
20:01:25.0671 1468 TermService - ok
20:01:25.0843 1468 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
20:01:25.0843 1468 Themes - ok
20:01:25.0984 1468 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
20:01:26.0062 1468 TlntSvr - ok
20:01:26.0093 1468 TosIde - ok
20:01:26.0250 1468 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
20:01:26.0343 1468 TrkWks - ok
20:01:26.0500 1468 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
20:01:26.0593 1468 Udfs - ok
20:01:26.0671 1468 ultra - ok
20:01:27.0265 1468 [ 927754ABF077AEB5504BE4E0F2C60C1B ] UMVPFSrv C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
20:01:27.0750 1468 UMVPFSrv - ok
20:01:27.0859 1468 [ 9651E5D850B6F6BD7C77C70AA06F02BF ] UMWdf C:\WINDOWS\system32\wdfmgr.exe
20:01:27.0906 1468 UMWdf - ok
20:01:28.0343 1468 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
20:01:28.0750 1468 Update - ok
20:01:28.0984 1468 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
20:01:29.0187 1468 upnphost - ok
20:01:29.0265 1468 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
20:01:29.0296 1468 UPS - ok
20:01:29.0421 1468 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
20:01:29.0500 1468 usbaudio - ok
20:01:29.0593 1468 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
20:01:29.0625 1468 usbccgp - ok
20:01:29.0750 1468 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
20:01:29.0781 1468 usbehci - ok
20:01:29.0890 1468 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
20:01:29.0953 1468 usbhub - ok
20:01:30.0031 1468 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
20:01:30.0046 1468 usbohci - ok
20:01:30.0109 1468 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
20:01:30.0140 1468 usbprint - ok
20:01:30.0234 1468 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
20:01:30.0250 1468 usbscan - ok
20:01:30.0312 1468 [ A32426D9B14A089EAA1D922E0C5801A9 ] usbstor C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
20:01:30.0343 1468 usbstor - ok
20:01:30.0421 1468 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
20:01:30.0437 1468 usbuhci - ok
20:01:30.0718 1468 [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
20:01:30.0843 1468 usbvideo - ok
20:01:30.0921 1468 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
20:01:30.0937 1468 VgaSave - ok
20:01:30.0984 1468 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
20:01:31.0000 1468 ViaIde - ok
20:01:31.0109 1468 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
20:01:31.0171 1468 VolSnap - ok
20:01:31.0515 1468 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
20:01:31.0812 1468 VSS - ok
20:01:32.0062 1468 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
20:01:32.0265 1468 W32Time - ok
20:01:32.0375 1468 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:01:32.0406 1468 Wanarp - ok
20:01:32.0437 1468 WDICA - ok
20:01:32.0593 1468 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
20:01:32.0687 1468 wdmaud - ok
20:01:32.0859 1468 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
20:01:32.0937 1468 WebClient - ok
20:01:33.0250 1468 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
20:01:33.0437 1468 winmgmt - ok
20:01:33.0609 1468 [ B9715B9C18BC6C8F4B66733D208CC9F7 ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
20:01:33.0640 1468 WmdmPmSN - ok
20:01:34.0281 1468 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll
20:01:34.0906 1468 Wmi - ok
20:01:35.0140 1468 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
20:01:35.0265 1468 WmiApSrv - ok
20:01:35.0453 1468 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
20:01:35.0546 1468 wscsvc - ok
20:01:35.0593 1468 WSearch - ok
20:01:35.0703 1468 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
20:01:35.0734 1468 WSTCODEC - ok
20:01:35.0781 1468 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
20:01:35.0796 1468 wuauserv - ok
20:01:36.0359 1468 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
20:01:36.0843 1468 WZCSVC - ok
20:01:37.0031 1468 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
20:01:37.0156 1468 xmlprov - ok
20:01:37.0875 1468 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
20:01:38.0468 1468 YahooAUService - ok
20:01:38.0609 1468 [ D46403EF02C003DE80B4BE8A31549FB4 ] YPCService C:\WINDOWS\system32\YPCSER~1.EXE
20:01:38.0703 1468 YPCService - ok
20:01:38.0765 1468 ================ Scan global ===============================
20:01:38.0890 1468 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
20:01:39.0296 1468 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
20:01:39.0906 1468 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
20:01:40.0046 1468 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
20:01:40.0046 1468 [Global] - ok
20:01:40.0062 1468 ================ Scan MBR ==================================
20:01:40.0156 1468 [ 0AC6D996BCE152AED9600E6D6B797E2E ] \Device\Harddisk0\DR0
20:01:40.0937 1468 \Device\Harddisk0\DR0 - ok
20:01:40.0953 1468 ================ Scan VBR ==================================
20:01:40.0968 1468 [ 4E482B4B950F465ED0BDF950C970C290 ] \Device\Harddisk0\DR0\Partition1
20:01:40.0968 1468 \Device\Harddisk0\DR0\Partition1 - ok
20:01:41.0015 1468 [ F9D78182BD6CB6AAD30F030D2AA23771 ] \Device\Harddisk0\DR0\Partition2
20:01:41.0031 1468 \Device\Harddisk0\DR0\Partition2 - ok
20:01:41.0031 1468 ============================================================
20:01:41.0031 1468 Scan finished
20:01:41.0031 1468 ============================================================
20:01:41.0093 1052 Detected object count: 0
20:01:41.0093 1052 Actual detected object count: 0
20:12:16.0171 1284 Deinitialize success

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:40 AM

Posted 04 October 2012 - 08:30 PM

Other logs?

#9 LAB811

LAB811
  • Topic Starter

  • Members
  • 161 posts
  • OFFLINE
  •  
  • Local time:04:40 AM

Posted 04 October 2012 - 08:47 PM

this was the first TDDSKIller log with the Rootkit
18:43:05.0015 1316 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
18:43:05.0468 1316 ============================================================
18:43:05.0468 1316 Current date / time: 2012/10/04 18:43:05.0468
18:43:05.0468 1316 SystemInfo:
18:43:05.0468 1316
18:43:05.0468 1316 OS Version: 5.1.2600 ServicePack: 3.0
18:43:05.0468 1316 Product type: Workstation
18:43:05.0468 1316 ComputerName: YOUR-4DACD0EA75
18:43:05.0468 1316 UserName: HP_Administrator
18:43:05.0468 1316 Windows directory: C:\WINDOWS
18:43:05.0468 1316 System windows directory: C:\WINDOWS
18:43:05.0468 1316 Processor architecture: Intel x86
18:43:05.0468 1316 Number of processors: 1
18:43:05.0468 1316 Page size: 0x1000
18:43:05.0468 1316 Boot type: Safe boot with network
18:43:05.0468 1316 ============================================================
18:43:09.0875 1316 Drive \Device\Harddisk0\DR0 - Size: 0x12A3F92000 (74.56 Gb), SectorSize: 0x200, Cylinders: 0x2605, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
18:43:09.0890 1316 ============================================================
18:43:09.0890 1316 \Device\Harddisk0\DR0:
18:43:09.0890 1316 MBR partitions:
18:43:09.0890 1316 \Device\Harddisk0\DR0\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x1105758
18:43:09.0890 1316 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1105797, BlocksNum 0x841496D
18:43:09.0890 1316 ============================================================
18:43:10.0031 1316 C: <-> \Device\Harddisk0\DR0\Partition2
18:43:10.0062 1316 D: <-> \Device\Harddisk0\DR0\Partition1
18:43:10.0250 1316 ============================================================
18:43:10.0250 1316 Initialize success
18:43:10.0250 1316 ============================================================
18:44:06.0437 1340 ============================================================
18:44:06.0437 1340 Scan started
18:44:06.0437 1340 Mode: Manual; TDLFS;
18:44:06.0437 1340 ============================================================
18:44:12.0125 1340 ================ Scan system memory ========================
18:44:12.0125 1340 System memory - ok
18:44:12.0140 1340 ================ Scan services =============================
18:44:13.0171 1340 Abiosdsk - ok
18:44:13.0203 1340 abp480n5 - ok
18:44:13.0468 1340 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
18:44:13.0687 1340 ACPI - ok
18:44:13.0750 1340 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
18:44:13.0765 1340 ACPIEC - ok
18:44:14.0109 1340 [ E12CFCF1DDBFC50948A75E6E38793225 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
18:44:14.0390 1340 AdobeFlashPlayerUpdateSvc - ok
18:44:14.0437 1340 adpu160m - ok
18:44:14.0640 1340 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
18:44:14.0828 1340 aec - ok
18:44:15.0031 1340 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
18:44:15.0203 1340 AFD - ok
18:44:16.0375 1340 [ B7D2103EB2ECB765B2B7106BAD089AB1 ] AgereSoftModem C:\WINDOWS\system32\DRIVERS\AGRSM.sys
18:44:17.0484 1340 AgereSoftModem - ok
18:44:17.0515 1340 Aha154x - ok
18:44:17.0546 1340 aic78u2 - ok
18:44:17.0578 1340 aic78xx - ok
18:44:21.0265 1340 [ 7F26D024355CBADB60838F53DFB171EC ] ALCXWDM C:\WINDOWS\system32\drivers\ALCXWDM.SYS
18:44:24.0968 1340 ALCXWDM - ok
18:44:25.0046 1340 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
18:44:25.0078 1340 Alerter - ok
18:44:25.0156 1340 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
18:44:25.0218 1340 ALG - ok
18:44:25.0250 1340 AliIde - ok
18:44:25.0359 1340 [ 59301936898AE62245A6F09C0ABA9475 ] AmdK8 C:\WINDOWS\system32\DRIVERS\AmdK8.sys
18:44:25.0406 1340 AmdK8 - ok
18:44:25.0437 1340 amsint - ok
18:44:25.0656 1340 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
18:44:25.0875 1340 AppMgmt - ok
18:44:25.0937 1340 [ 00523019E3579C8F8A94457FE25F0F24 ] aracpi C:\WINDOWS\system32\DRIVERS\aracpi.sys
18:44:25.0968 1340 aracpi - ok
18:44:26.0031 1340 [ 9FEDAA46EB1A572AC4D9EE6B5F123CF2 ] arhidfltr C:\WINDOWS\system32\DRIVERS\arhidfltr.sys
18:44:26.0046 1340 arhidfltr - ok
18:44:26.0093 1340 [ 82969576093CD983DD559F5A86F382B4 ] arkbcfltr C:\WINDOWS\system32\DRIVERS\arkbcfltr.sys
18:44:26.0109 1340 arkbcfltr - ok
18:44:26.0171 1340 [ 9B21791D8A78FAECE999FADBEBDA6C22 ] armoucfltr C:\WINDOWS\system32\DRIVERS\armoucfltr.sys
18:44:26.0171 1340 armoucfltr - ok
18:44:26.0312 1340 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
18:44:26.0375 1340 Arp1394 - ok
18:44:26.0421 1340 [ 7A2DA7C7B0C524EF26A79F17A5C69FDE ] ARPolicy C:\WINDOWS\system32\DRIVERS\arpolicy.sys
18:44:26.0437 1340 ARPolicy - ok
18:44:26.0562 1340 [ 9A0D9B2E263BEDE80FB79DDBAD240EC1 ] ARSVC C:\WINDOWS\arservice.exe
18:44:31.0609 1340 ARSVC - ok
18:44:31.0640 1340 asc - ok
18:44:31.0671 1340 asc3350p - ok
18:44:31.0703 1340 asc3550 - ok
18:44:32.0015 1340 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
18:44:32.0093 1340 aspnet_state - ok
18:44:32.0171 1340 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
18:44:32.0187 1340 AsyncMac - ok
18:44:32.0312 1340 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
18:44:32.0312 1340 atapi - ok
18:44:32.0359 1340 Atdisk - ok
18:44:32.0812 1340 [ D21352BCAAB174948EB9672BC203BB0F ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
18:44:33.0187 1340 Ati HotKey Poller - ok
18:44:34.0546 1340 [ 7A6CF9F411A9C5BD5C442A1CD46AF401 ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
18:44:35.0953 1340 ati2mtag - ok
18:44:36.0093 1340 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
18:44:36.0171 1340 Atmarpc - ok
18:44:36.0265 1340 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
18:44:36.0312 1340 AudioSrv - ok
18:44:36.0390 1340 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
18:44:36.0406 1340 audstub - ok
18:44:36.0843 1340 [ 0007CACB5A43339E24C38E5E20028FEE ] AviraUpgradeService C:\WINDOWS\TEMP\AVSETUP_506e07c7\avupgsvc.exe
18:44:36.0921 1340 AviraUpgradeService - ok
18:44:37.0015 1340 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
18:44:37.0031 1340 Beep - ok
18:44:37.0484 1340 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
18:44:37.0906 1340 BITS - ok
18:44:38.0046 1340 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
18:44:38.0140 1340 Browser - ok
18:44:38.0218 1340 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
18:44:38.0234 1340 cbidf2k - ok
18:44:38.0312 1340 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
18:44:38.0328 1340 CCDECODE - ok
18:44:38.0375 1340 cd20xrnt - ok
18:44:38.0437 1340 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
18:44:38.0453 1340 Cdaudio - ok
18:44:38.0593 1340 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
18:44:38.0656 1340 Cdfs - ok
18:44:38.0750 1340 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
18:44:38.0812 1340 Cdrom - ok
18:44:38.0843 1340 Changer - ok
18:44:38.0921 1340 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
18:44:38.0937 1340 CiSvc - ok
18:44:39.0031 1340 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
18:44:39.0078 1340 ClipSrv - ok
18:44:39.0187 1340 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:44:39.0312 1340 clr_optimization_v2.0.50727_32 - ok
18:44:39.0359 1340 CmdIde - ok
18:44:39.0781 1340 [ E5842CCF0953D3D46D5E26427B67E901 ] cmpci C:\WINDOWS\system32\drivers\cmaudio.sys
18:44:40.0187 1340 cmpci - ok
18:44:41.0609 1340 [ E02E0EBBED23D6EFBF1300D08D57D7AA ] cmuda3 C:\WINDOWS\system32\drivers\cmuda3.sys
18:44:43.0000 1340 cmuda3 - ok
18:44:43.0031 1340 COMSysApp - ok
18:44:43.0093 1340 Cpqarray - ok
18:44:43.0234 1340 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
18:44:43.0312 1340 CryptSvc - ok
18:44:43.0656 1340 [ AEFB8558199BD5212B268B09BFA1D71A ] CSHelper C:\WINDOWS\system32\CSHelper.exe
18:44:43.0937 1340 CSHelper - ok
18:44:43.0984 1340 dac2w2k - ok
18:44:44.0015 1340 dac960nt - ok
18:44:44.0468 1340 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
18:44:44.0859 1340 DcomLaunch - ok
18:44:45.0109 1340 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
18:44:45.0234 1340 Dhcp - ok
18:44:45.0343 1340 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
18:44:45.0390 1340 Disk - ok
18:44:45.0421 1340 dmadmin - ok
18:44:46.0296 1340 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
18:44:47.0093 1340 dmboot - ok
18:44:47.0296 1340 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
18:44:47.0453 1340 dmio - ok
18:44:47.0515 1340 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
18:44:47.0531 1340 dmload - ok
18:44:47.0625 1340 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
18:44:47.0640 1340 dmserver - ok
18:44:47.0734 1340 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
18:44:47.0796 1340 DMusic - ok
18:44:47.0906 1340 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
18:44:47.0953 1340 Dnscache - ok
18:44:48.0171 1340 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
18:44:48.0328 1340 Dot3svc - ok
18:44:48.0359 1340 dpti2o - ok
18:44:48.0406 1340 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
18:44:48.0406 1340 drmkaud - ok
18:44:48.0515 1340 [ 4823163C246868863D41A2F5EE06A21E ] dsNcAdpt C:\WINDOWS\system32\DRIVERS\dsNcAdpt.sys
18:44:48.0546 1340 dsNcAdpt - ok
18:44:49.0156 1340 [ D52266A22AC0A78FFF861698F553C95A ] dsNcService C:\Program Files\Juniper Networks\Common Files\dsNcService.exe
18:44:49.0625 1340 dsNcService - ok
18:44:49.0703 1340 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
18:44:49.0750 1340 EapHost - ok
18:44:50.0125 1340 [ 5D1347AA5AE6E2F77D7F4F8372D95AC9 ] ehRecvr C:\WINDOWS\eHome\ehRecvr.exe
18:44:50.0406 1340 ehRecvr - ok
18:44:50.0578 1340 [ A53243709439AC2A4C216B817F8D7411 ] ehSched C:\WINDOWS\eHome\ehSched.exe
18:44:50.0687 1340 ehSched - ok
18:44:50.0765 1340 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
18:44:50.0796 1340 ERSvc - ok
18:44:50.0984 1340 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
18:44:51.0109 1340 Eventlog - ok
18:44:51.0437 1340 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
18:44:51.0718 1340 EventSystem - ok
18:44:51.0921 1340 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
18:44:52.0093 1340 Fastfat - ok
18:44:52.0312 1340 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
18:44:52.0453 1340 FastUserSwitchingCompatibility - ok
18:44:52.0781 1340 [ E97D6A8684466DF94FF3BC24FB787A07 ] Fax C:\WINDOWS\system32\fxssvc.exe
18:44:53.0062 1340 Fax - ok
18:44:53.0140 1340 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
18:44:53.0171 1340 Fdc - ok
18:44:53.0359 1340 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
18:44:53.0531 1340 Fips - ok
18:44:53.0593 1340 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
18:44:53.0609 1340 Flpydisk - ok
18:44:53.0812 1340 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
18:44:53.0937 1340 FltMgr - ok
18:44:54.0109 1340 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
18:44:54.0156 1340 FontCache3.0.0.0 - ok
18:44:54.0218 1340 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
18:44:54.0234 1340 Fs_Rec - ok
18:44:54.0421 1340 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
18:44:54.0546 1340 Ftdisk - ok
18:44:54.0562 1340 ftsata2 - ok
18:44:54.0640 1340 [ 065639773D8B03F33577F6CDAEA21063 ] gameenum C:\WINDOWS\system32\DRIVERS\gameenum.sys
18:44:54.0656 1340 gameenum - ok
18:44:54.0765 1340 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
18:44:54.0812 1340 Gpc - ok
18:44:55.0031 1340 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
18:44:55.0187 1340 gusvc - ok
18:44:55.0359 1340 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
18:44:55.0421 1340 helpsvc - ok
18:44:55.0453 1340 HidServ - ok
18:44:55.0515 1340 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
18:44:55.0531 1340 HidUsb - ok
18:44:55.0656 1340 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
18:44:55.0734 1340 hkmsvc - ok
18:44:55.0765 1340 hpn - ok
18:44:56.0265 1340 [ B14328CFEEB6B736BE44C2C9DB3B162C ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
18:44:56.0593 1340 hpqcxs08 - ok
18:44:56.0796 1340 [ DF446BA625CC441617843E87798CE048 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
18:44:56.0937 1340 hpqddsvc - ok
18:44:57.0062 1340 [ D03D10F7DED688FECF50F8FBF1EA9B8A ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
18:44:57.0125 1340 HPZid412 - ok
18:44:57.0187 1340 [ 89F41658929393487B6B7D13C8528CE3 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
18:44:57.0203 1340 HPZipr12 - ok
18:44:57.0265 1340 [ ABCB05CCDBF03000354B9553820E39F8 ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
18:44:57.0296 1340 HPZius12 - ok
18:44:57.0640 1340 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
18:44:57.0953 1340 HTTP - ok
18:44:58.0031 1340 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
18:44:58.0046 1340 HTTPFilter - ok
18:44:58.0078 1340 i2omgmt - ok
18:44:58.0109 1340 i2omp - ok
18:44:58.0250 1340 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
18:44:58.0312 1340 i8042prt - ok
18:44:59.0234 1340 [ 9A65E42664D1534B68512CAAD0EFE963 ] iaStor C:\WINDOWS\system32\DRIVERS\iaStor.sys
18:45:00.0140 1340 iaStor - ok
18:45:00.0343 1340 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
18:45:00.0437 1340 IDriverT - ok
18:45:01.0390 1340 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:45:02.0312 1340 idsvc - ok
18:45:02.0406 1340 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
18:45:02.0453 1340 Imapi - ok
18:45:02.0671 1340 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
18:45:02.0812 1340 ImapiService - ok
18:45:02.0875 1340 ini910u - ok
18:45:02.0968 1340 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
18:45:02.0968 1340 IntelIde - ok
18:45:03.0078 1340 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
18:45:03.0109 1340 intelppm - ok
18:45:03.0203 1340 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
18:45:03.0234 1340 Ip6Fw - ok
18:45:03.0328 1340 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
18:45:03.0359 1340 IpFilterDriver - ok
18:45:03.0437 1340 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
18:45:03.0453 1340 IpInIp - ok
18:45:03.0718 1340 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
18:45:03.0875 1340 IpNat - ok
18:45:04.0000 1340 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
18:45:04.0078 1340 IPSec - ok
18:45:04.0140 1340 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
18:45:04.0156 1340 IRENUM - ok
18:45:04.0250 1340 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
18:45:04.0296 1340 isapnp - ok
18:45:04.0625 1340 [ 80F08F50D248EEEEB9256F6522891D40 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
18:45:04.0843 1340 JavaQuickStarterService - ok
18:45:04.0953 1340 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
18:45:04.0968 1340 Kbdclass - ok
18:45:05.0031 1340 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
18:45:05.0046 1340 kbdhid - ok
18:45:05.0281 1340 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
18:45:05.0453 1340 kmixer - ok
18:45:05.0625 1340 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
18:45:05.0718 1340 KSecDD - ok
18:45:05.0890 1340 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
18:45:05.0984 1340 lanmanserver - ok
18:45:06.0187 1340 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
18:45:06.0343 1340 lanmanworkstation - ok
18:45:06.0375 1340 lbrtfdc - ok
18:45:06.0484 1340 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
18:45:06.0500 1340 LmHosts - ok
18:45:06.0578 1340 [ 8BE71D7EDB8C7494913722059F760DD0 ] LVPr2Mon C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys
18:45:06.0609 1340 LVPr2Mon - ok
18:45:06.0984 1340 [ 7521C0C58EE91BE90B6CC33E792D10C7 ] LVRS C:\WINDOWS\system32\DRIVERS\lvrs.sys
18:45:07.0328 1340 LVRS - ok
18:45:11.0671 1340 [ 37E57C48AF530DF01CDD4E8A2AD77B51 ] LVUVC C:\WINDOWS\system32\DRIVERS\lvuvc.sys
18:45:16.0171 1340 LVUVC - ok
18:45:16.0265 1340 [ 98312C9EAB656053BE1ACA3A8A5912B3 ] MASPINT C:\WINDOWS\system32\drivers\MASPINT.sys
18:45:16.0265 1340 MASPINT - ok
18:45:16.0453 1340 [ DF0A511F38F16016BF658FCA0090CB87 ] McrdSvc C:\WINDOWS\ehome\mcrdsvc.exe
18:45:16.0546 1340 McrdSvc - ok
18:45:16.0984 1340 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
18:45:17.0328 1340 MDM - ok
18:45:17.0437 1340 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
18:45:17.0484 1340 Messenger - ok
18:45:17.0640 1340 [ B7521F69C0A9B29D356157229376FB21 ] MHN C:\WINDOWS\System32\mhn.dll
18:45:17.0734 1340 MHN - ok
18:45:17.0812 1340 [ 7F2F1D2815A6449D346FCCCBC569FBD6 ] MHNDRV C:\WINDOWS\system32\DRIVERS\mhndrv.sys
18:45:17.0828 1340 MHNDRV - ok
18:45:17.0890 1340 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
18:45:17.0890 1340 mnmdd - ok
18:45:18.0000 1340 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
18:45:18.0031 1340 mnmsrvc - ok
18:45:18.0140 1340 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
18:45:18.0171 1340 Modem - ok
18:45:18.0250 1340 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
18:45:18.0281 1340 Mouclass - ok
18:45:18.0359 1340 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
18:45:18.0375 1340 mouhid - ok
18:45:18.0468 1340 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
18:45:18.0515 1340 MountMgr - ok
18:45:18.0750 1340 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
18:45:18.0890 1340 MozillaMaintenance - ok
18:45:18.0921 1340 mraid35x - ok
18:45:19.0046 1340 [ 9BD4DCB5412921864A7AACDEDFBD1923 ] MREMP50 C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
18:45:19.0156 1340 MREMP50 - ok
18:45:19.0187 1340 MREMP50a64 - ok
18:45:19.0203 1340 MREMPR5 - ok
18:45:19.0234 1340 MRENDIS5 - ok
18:45:19.0296 1340 [ 07C02C892E8E1A72D6BF35004F0E9C5E ] MRESP50 C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
18:45:19.0312 1340 MRESP50 - ok
18:45:19.0343 1340 MRESP50a64 - ok
18:45:19.0593 1340 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
18:45:19.0781 1340 MRxDAV - ok
18:45:19.0843 1340 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
18:45:19.0859 1340 MSDTC - ok
18:45:19.0937 1340 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
18:45:19.0953 1340 Msfs - ok
18:45:19.0984 1340 MSIServer - ok
18:45:20.0062 1340 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
18:45:20.0078 1340 MSKSSRV - ok
18:45:20.0125 1340 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
18:45:20.0125 1340 MSPCLOCK - ok
18:45:20.0187 1340 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
18:45:20.0203 1340 MSPQM - ok
18:45:20.0312 1340 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
18:45:20.0328 1340 mssmbios - ok
18:45:20.0406 1340 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
18:45:20.0421 1340 MSTEE - ok
18:45:20.0578 1340 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
18:45:20.0687 1340 Mup - ok
18:45:20.0828 1340 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
18:45:20.0921 1340 NABTSFEC - ok
18:45:21.0281 1340 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
18:45:21.0625 1340 napagent - ok
18:45:21.0875 1340 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
18:45:22.0062 1340 NDIS - ok
18:45:22.0140 1340 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
18:45:22.0156 1340 NdisIP - ok
18:45:22.0234 1340 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
18:45:22.0250 1340 NdisTapi - ok
18:45:22.0328 1340 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
18:45:22.0343 1340 Ndisuio - ok
18:45:22.0484 1340 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:45:22.0593 1340 NdisWan - ok
18:45:22.0703 1340 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
18:45:22.0750 1340 NDProxy - ok
18:45:22.0859 1340 [ A081CB6FB9A12668F233EB5414BE3A0E ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll
18:45:22.0906 1340 Net Driver HPZ12 - ok
18:45:22.0984 1340 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
18:45:23.0031 1340 NetBIOS - ok
18:45:23.0234 1340 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
18:45:23.0421 1340 NetBT - ok
18:45:23.0593 1340 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
18:45:23.0703 1340 NetDDE - ok
18:45:23.0859 1340 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
18:45:23.0859 1340 NetDDEdsdm - ok
18:45:23.0937 1340 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
18:45:23.0953 1340 Netlogon - ok
18:45:24.0234 1340 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
18:45:24.0437 1340 Netman - ok
18:45:24.0656 1340 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:45:24.0796 1340 NetTcpPortSharing - ok
18:45:24.0890 1340 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
18:45:24.0953 1340 NIC1394 - ok
18:45:25.0234 1340 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
18:45:25.0484 1340 Nla - ok
18:45:25.0562 1340 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
18:45:25.0593 1340 Npfs - ok
18:45:26.0187 1340 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
18:45:26.0843 1340 Ntfs - ok
18:45:26.0906 1340 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
18:45:26.0906 1340 NtLmSsp - ok
18:45:27.0375 1340 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
18:45:27.0843 1340 NtmsSvc - ok
18:45:27.0906 1340 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
18:45:27.0921 1340 Null - ok
18:45:27.0984 1340 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
18:45:28.0031 1340 NwlnkFlt - ok
18:45:28.0109 1340 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
18:45:28.0140 1340 NwlnkFwd - ok
18:45:28.0265 1340 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
18:45:28.0343 1340 ohci1394 - ok
18:45:28.0515 1340 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:45:28.0609 1340 ose - ok
18:45:28.0750 1340 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
18:45:28.0843 1340 Parport - ok
18:45:28.0921 1340 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
18:45:28.0953 1340 PartMgr - ok
18:45:29.0015 1340 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
18:45:29.0031 1340 ParVdm - ok
18:45:29.0140 1340 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
18:45:29.0218 1340 PCI - ok
18:45:29.0250 1340 PCIDump - ok
18:45:29.0296 1340 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
18:45:29.0312 1340 PCIIde - ok
18:45:29.0484 1340 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
18:45:29.0609 1340 Pcmcia - ok
18:45:29.0765 1340 [ CC174F32CC9C18EA3109C4B0FC2CA8DF ] PCTAppEvent C:\WINDOWS\system32\drivers\PCTAppEvent.sys
18:45:29.0859 1340 PCTAppEvent - ok
18:45:30.0000 1340 [ 4A7EF973FCD9C6CAD6040EBB61262A5C ] PCTFW-PacketFilter C:\WINDOWS\system32\drivers\pctNdis-PacketFilter.sys
18:45:30.0078 1340 PCTFW-PacketFilter - ok
18:45:30.0375 1340 [ 39E8623F9F29DBC9E053A696D85F8AC6 ] pctgntdi C:\WINDOWS\system32\drivers\pctgntdi.sys
18:45:30.0609 1340 pctgntdi - ok
18:45:30.0734 1340 [ 8BBE917BC4DA64B0BA8DB33D4C0E0B7D ] pctNDIS C:\WINDOWS\system32\DRIVERS\pctNdis.sys
18:45:30.0796 1340 pctNDIS - ok
18:45:31.0703 1340 [ C45ED958D60B95E98BACB45F4F2F1649 ] PCToolsFirewallPlus C:\Program Files\PC Tools Firewall Plus\FWService.exe
18:45:32.0546 1340 PCToolsFirewallPlus - ok
18:45:32.0968 1340 [ 6D74DF36716A458619A62DD764FC4F8B ] pctplfw C:\WINDOWS\system32\drivers\pctplfw.sys
18:45:33.0093 1340 pctplfw - ok
18:45:33.0109 1340 PDCOMP - ok
18:45:33.0140 1340 PDFRAME - ok
18:45:33.0187 1340 PDRELI - ok
18:45:33.0218 1340 PDRFRAME - ok
18:45:33.0250 1340 perc2 - ok
18:45:33.0281 1340 perc2hib - ok
18:45:33.0484 1340 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
18:45:33.0484 1340 PlugPlay - ok
18:45:33.0609 1340 [ 65BC271F337637731D3C71455AE1F476 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll
18:45:33.0671 1340 Pml Driver HPZ12 - ok
18:45:33.0718 1340 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
18:45:33.0718 1340 PolicyAgent - ok
18:45:33.0859 1340 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
18:45:33.0921 1340 PptpMiniport - ok
18:45:34.0031 1340 [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
18:45:34.0078 1340 Processor - ok
18:45:34.0125 1340 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
18:45:34.0125 1340 ProtectedStorage - ok
18:45:34.0218 1340 [ 390C204CED3785609AB24E9C52054A84 ] Ps2 C:\WINDOWS\system32\DRIVERS\PS2.sys
18:45:34.0234 1340 Ps2 - ok
18:45:34.0328 1340 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
18:45:34.0406 1340 PSched - ok
18:45:34.0500 1340 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
18:45:34.0515 1340 Ptilink - ok
18:45:34.0609 1340 [ 86724469CD077901706854974CD13C3E ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
18:45:34.0625 1340 PxHelp20 - ok
18:45:34.0640 1340 ql1080 - ok
18:45:34.0687 1340 Ql10wnt - ok
18:45:34.0718 1340 ql12160 - ok
18:45:34.0750 1340 ql1240 - ok
18:45:34.0781 1340 ql1280 - ok
18:45:34.0859 1340 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
18:45:34.0875 1340 RasAcd - ok
18:45:35.0015 1340 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
18:45:35.0109 1340 RasAuto - ok
18:45:35.0234 1340 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
18:45:35.0296 1340 Rasl2tp - ok
18:45:35.0546 1340 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
18:45:35.0750 1340 RasMan - ok
18:45:35.0875 1340 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
18:45:35.0921 1340 RasPppoe - ok
18:45:36.0015 1340 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
18:45:36.0046 1340 Raspti - ok
18:45:36.0265 1340 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
18:45:36.0437 1340 Rdbss - ok
18:45:36.0468 1340 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
18:45:36.0468 1340 RDPCDD - ok
18:45:36.0750 1340 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
18:45:36.0953 1340 rdpdr - ok
18:45:37.0171 1340 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
18:45:37.0328 1340 RDPWD - ok
18:45:37.0531 1340 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
18:45:37.0687 1340 RDSessMgr - ok
18:45:37.0812 1340 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
18:45:37.0875 1340 redbook - ok
18:45:38.0031 1340 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
18:45:38.0078 1340 RemoteAccess - ok
18:45:38.0203 1340 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
18:45:38.0265 1340 RemoteRegistry - ok
18:45:38.0406 1340 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
18:45:38.0484 1340 RpcLocator - ok
18:45:38.0937 1340 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\System32\rpcss.dll
18:45:38.0953 1340 RpcSs - ok
18:45:39.0140 1340 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
18:45:39.0281 1340 RSVP - ok
18:45:39.0453 1340 [ CF84B1F0E8B14D4120AAF9CF35CBB265 ] RTL8023xp C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
18:45:39.0578 1340 RTL8023xp - ok
18:45:39.0671 1340 [ D507C1400284176573224903819FFDA3 ] rtl8139 C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
18:45:39.0703 1340 rtl8139 - ok
18:45:39.0765 1340 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
18:45:39.0765 1340 SamSs - ok
18:45:39.0890 1340 [ A3281AEC37E0720A2BC28034C2DF2A56 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
18:45:39.0906 1340 SASDIFSV - ok
18:45:40.0000 1340 [ 61DB0D0756A99506207FD724E3692B25 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
18:45:40.0078 1340 SASKUTIL - ok
18:45:40.0218 1340 [ E121185ABCC7F6F2875843ED3236D245 ] SBRE C:\WINDOWS\system32\drivers\SBREdrv.sys
18:45:40.0312 1340 SBRE - ok
18:45:40.0468 1340 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
18:45:40.0562 1340 SCardSvr - ok
18:45:40.0796 1340 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
18:45:41.0031 1340 Schedule - ok
18:45:41.0109 1340 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
18:45:41.0140 1340 Secdrv - ok
18:45:41.0218 1340 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
18:45:41.0234 1340 seclogon - ok
18:45:41.0328 1340 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
18:45:41.0375 1340 SENS - ok
18:45:41.0484 1340 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
18:45:41.0562 1340 Serial - ok
18:45:41.0734 1340 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
18:45:41.0765 1340 Sfloppy - ok
18:45:42.0156 1340 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
18:45:42.0500 1340 SharedAccess - ok
18:45:42.0687 1340 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
18:45:42.0687 1340 ShellHWDetection - ok
18:45:42.0734 1340 Simbad - ok
18:45:42.0984 1340 [ A37740568718F245E818D0C5575B9AA9 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
18:45:43.0171 1340 SkypeUpdate - ok
18:45:43.0265 1340 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
18:45:43.0281 1340 SLIP - ok
18:45:43.0328 1340 Sparrow - ok
18:45:43.0406 1340 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
18:45:43.0421 1340 splitter - ok
18:45:43.0531 1340 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
18:45:43.0593 1340 Spooler - ok
18:45:43.0703 1340 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
18:45:43.0781 1340 sr - ok
18:45:44.0015 1340 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
18:45:44.0187 1340 srservice - ok
18:45:44.0593 1340 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
18:45:44.0984 1340 Srv - ok
18:45:45.0109 1340 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
18:45:45.0203 1340 SSDPSRV - ok
18:45:45.0593 1340 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
18:45:45.0921 1340 stisvc - ok
18:45:45.0984 1340 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
18:45:46.0000 1340 streamip - ok
18:45:46.0062 1340 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
18:45:46.0078 1340 swenum - ok
18:45:46.0203 1340 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
18:45:46.0265 1340 swmidi - ok
18:45:46.0296 1340 SwPrv - ok
18:45:46.0343 1340 symc810 - ok
18:45:46.0375 1340 symc8xx - ok
18:45:46.0421 1340 sym_hi - ok
18:45:46.0453 1340 sym_u3 - ok
18:45:46.0546 1340 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
18:45:46.0609 1340 sysaudio - ok
18:45:46.0781 1340 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
18:45:46.0875 1340 SysmonLog - ok
18:45:47.0171 1340 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
18:45:47.0437 1340 TapiSrv - ok
18:45:47.0859 1340 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
18:45:48.0328 1340 Tcpip - ok
18:45:48.0406 1340 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
18:45:48.0421 1340 TDPIPE - ok
18:45:48.0500 1340 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
18:45:48.0531 1340 TDTCP - ok
18:45:48.0625 1340 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
18:45:48.0671 1340 TermDD - ok
18:45:49.0046 1340 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
18:45:49.0343 1340 TermService - ok
18:45:49.0515 1340 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
18:45:49.0515 1340 Themes - ok
18:45:49.0656 1340 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
18:45:49.0734 1340 TlntSvr - ok
18:45:49.0765 1340 TosIde - ok
18:45:49.0906 1340 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
18:45:50.0000 1340 TrkWks - ok
18:45:50.0125 1340 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
18:45:50.0203 1340 Udfs - ok
18:45:50.0281 1340 ultra - ok
18:45:50.0843 1340 [ 927754ABF077AEB5504BE4E0F2C60C1B ] UMVPFSrv C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
18:45:51.0375 1340 UMVPFSrv - ok
18:45:51.0468 1340 [ 9651E5D850B6F6BD7C77C70AA06F02BF ] UMWdf C:\WINDOWS\system32\wdfmgr.exe
18:45:51.0515 1340 UMWdf - ok
18:45:51.0968 1340 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
18:45:52.0375 1340 Update - ok
18:45:52.0609 1340 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
18:45:52.0812 1340 upnphost - ok
18:45:52.0890 1340 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
18:45:52.0906 1340 UPS - ok
18:45:53.0046 1340 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
18:45:53.0109 1340 usbaudio - ok
18:45:53.0218 1340 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
18:45:53.0250 1340 usbccgp - ok
18:45:53.0343 1340 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
18:45:53.0468 1340 usbehci - ok
18:45:53.0765 1340 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
18:45:53.0828 1340 usbhub - ok
18:45:53.0921 1340 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
18:45:53.0937 1340 usbohci - ok
18:45:54.0031 1340 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
18:45:54.0046 1340 usbprint - ok
18:45:54.0125 1340 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
18:45:54.0140 1340 usbscan - ok
18:45:54.0203 1340 [ A32426D9B14A089EAA1D922E0C5801A9 ] usbstor C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
18:45:54.0250 1340 usbstor - ok
18:45:54.0328 1340 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
18:45:54.0359 1340 usbuhci - ok
18:45:54.0578 1340 [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
18:45:54.0703 1340 usbvideo - ok
18:45:54.0781 1340 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
18:45:54.0796 1340 VgaSave - ok
18:45:54.0843 1340 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
18:45:54.0843 1340 ViaIde - ok
18:45:54.0953 1340 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
18:45:55.0000 1340 VolSnap - ok
18:45:55.0359 1340 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
18:45:55.0687 1340 VSS - ok
18:45:55.0937 1340 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
18:45:56.0109 1340 W32Time - ok
18:45:56.0203 1340 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
18:45:56.0250 1340 Wanarp - ok
18:45:56.0265 1340 WDICA - ok
18:45:56.0437 1340 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
18:45:56.0531 1340 wdmaud - ok
18:45:56.0656 1340 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
18:45:56.0718 1340 WebClient - ok
18:45:57.0046 1340 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
18:45:57.0234 1340 winmgmt - ok
18:45:57.0375 1340 [ B9715B9C18BC6C8F4B66733D208CC9F7 ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
18:45:57.0406 1340 WmdmPmSN - ok
18:45:58.0062 1340 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll
18:45:58.0703 1340 Wmi - ok
18:45:58.0921 1340 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
18:45:59.0046 1340 WmiApSrv - ok
18:45:59.0218 1340 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
18:45:59.0296 1340 wscsvc - ok
18:45:59.0328 1340 WSearch - ok
18:45:59.0421 1340 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
18:45:59.0453 1340 WSTCODEC - ok
18:45:59.0531 1340 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
18:45:59.0546 1340 wuauserv - ok
18:46:00.0093 1340 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
18:46:00.0578 1340 WZCSVC - ok
18:46:00.0765 1340 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
18:46:00.0906 1340 xmlprov - ok
18:46:01.0593 1340 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
18:46:02.0234 1340 YahooAUService - ok
18:46:02.0375 1340 [ D46403EF02C003DE80B4BE8A31549FB4 ] YPCService C:\WINDOWS\system32\YPCSER~1.EXE
18:46:02.0468 1340 YPCService - ok
18:46:02.0531 1340 ================ Scan global ===============================
18:46:02.0640 1340 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
18:46:03.0031 1340 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
18:46:03.0640 1340 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
18:46:03.0781 1340 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
18:46:03.0781 1340 [Global] - ok
18:46:03.0796 1340 ================ Scan MBR ==================================
18:46:03.0859 1340 [ 0AC6D996BCE152AED9600E6D6B797E2E ] \Device\Harddisk0\DR0
18:46:03.0921 1340 \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - infected
18:46:03.0921 1340 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Sinowal.b (0)
18:46:04.0140 1340 ================ Scan VBR ==================================
18:46:04.0171 1340 [ 4E482B4B950F465ED0BDF950C970C290 ] \Device\Harddisk0\DR0\Partition1
18:46:04.0171 1340 \Device\Harddisk0\DR0\Partition1 - ok
18:46:04.0218 1340 [ F9D78182BD6CB6AAD30F030D2AA23771 ] \Device\Harddisk0\DR0\Partition2
18:46:04.0234 1340 \Device\Harddisk0\DR0\Partition2 - ok
18:46:04.0234 1340 ============================================================
18:46:04.0234 1340 Scan finished
18:46:04.0234 1340 ============================================================
18:46:04.0281 1132 Detected object count: 1
18:46:04.0281 1132 Actual detected object count: 1
19:02:16.0578 1132 \Device\Harddisk0\DR0\# - copied to quarantine
19:02:16.0578 1132 \Device\Harddisk0\DR0 - copied to quarantine
19:02:16.0609 1132 \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - will be cured on reboot
19:02:16.0765 1132 \Device\Harddisk0\DR0 - ok
19:02:16.0765 1132 \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - User select action: Cure
19:02:39.0546 0680 Deinitialize success

#10 LAB811

LAB811
  • Topic Starter

  • Members
  • 161 posts
  • OFFLINE
  •  
  • Local time:04:40 AM

Posted 04 October 2012 - 08:59 PM

There is a write error when i try to run the aswMBR : Initialize error C000010E driver not loaded. What do I do? Do i try to run the scan?

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:40 AM

Posted 04 October 2012 - 09:02 PM

Run ESET scan and post the log

#12 LAB811

LAB811
  • Topic Starter

  • Members
  • 161 posts
  • OFFLINE
  •  
  • Local time:04:40 AM

Posted 05 October 2012 - 07:32 AM

Sorry I fell asleep last night had been up since 4:30 AM but before I saw this post about eset I did get the other scan and it found infections. I clicked on fix and now I have to reboot will then run eset. Here is the log from answMBR:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-04 20:27:12
-----------------------------
20:27:12.234 OS Version: Windows 5.1.2600 Service Pack 3
20:27:12.234 Number of processors: 1 586 0x2F02
20:27:12.359 ComputerName: YOUR-4DACD0EA75 UserName:
20:27:17.390 Initialze error C000010E - driver not loaded
20:27:19.625 write error "aswCmnB.dll". The process cannot access the file because it is being used by another process.
20:28:06.906 The log file has been saved successfully to "C:\Documents and Settings\HP_Administrator\My Documents\aswMBR.txt"


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-04 20:27:12
-----------------------------
20:27:12.234 OS Version: Windows 5.1.2600 Service Pack 3
20:27:12.234 Number of processors: 1 586 0x2F02
20:27:12.359 ComputerName: YOUR-4DACD0EA75 UserName:
20:27:17.390 Initialze error C000010E - driver not loaded
20:27:19.625 write error "aswCmnB.dll". The process cannot access the file because it is being used by another process.
20:28:06.906 The log file has been saved successfully to "C:\Documents and Settings\HP_Administrator\My Documents\aswMBR.txt"
20:28:17.843 AVAST engine defs: 12100500
20:29:18.453 Service scanning
20:31:52.703 Modules scanning
20:31:52.750 Disk 0 trace - called modules:
20:31:52.765
20:31:55.328 AVAST engine scan C:\WINDOWS
20:32:47.578 AVAST engine scan C:\WINDOWS\system32
20:55:35.031 AVAST engine scan C:\WINDOWS\system32\drivers
20:56:55.437 AVAST engine scan C:\Documents and Settings\HP_Administrator
21:33:55.765 AVAST engine scan C:\Documents and Settings\All Users
21:35:14.375 Scan finished successfully
21:36:10.843 The log file has been saved successfully to "C:\Documents and Settings\HP_Administrator\My Documents\aswMBR.txt"


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-04 20:13:15
-----------------------------
20:13:15.062 OS Version: Windows 5.1.2600 Service Pack 3
20:13:15.062 Number of processors: 1 586 0x2F02
20:13:15.062 ComputerName: YOUR-4DACD0EA75 UserName:
20:13:18.000 Initialize success
20:19:48.671 AVAST engine defs: 12100500
22:29:21.125 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-12
22:29:21.140 Disk 0 Vendor: SAMSUNG_SP0802N/R TK200-04 Size: 76351MB BusType: 3
22:29:21.218 Disk 0 MBR read successfully
22:29:21.250 Disk 0 MBR scan
22:29:27.484 Disk 0 unknown MBR code
22:29:27.515 Disk 0 Partition 1 00 0C FAT32 LBA RECOVERY 8714 MB offset 63
22:29:29.437 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 67625 MB offset 17848215
22:29:31.781 Disk 0 scanning sectors +156344580
22:29:31.890 Disk 0 malicious Win32:MBRoot code @ sector 156344583 !
22:29:33.296 Disk 0 scanning C:\WINDOWS\system32\drivers
22:31:39.062 Service scanning
22:33:57.687 Modules scanning
22:34:59.546 Disk 0 trace - called modules:
22:35:00.906 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys
22:35:00.968 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x833d4ab8]
22:35:01.031 3 CLASSPNP.SYS[f86d6fd7] -> nt!IofCallDriver -> \Device\0000006b[0x83356998]
22:35:01.093 5 ACPI.sys[f85ff620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-12[0x8335cd98]
22:35:04.078 AVAST engine scan C:\WINDOWS
22:35:58.500 AVAST engine scan C:\WINDOWS\system32
22:59:29.156 AVAST engine scan C:\WINDOWS\system32\drivers
23:00:42.015 AVAST engine scan C:\Documents and Settings\HP_Administrator
23:43:33.921 AVAST engine scan C:\Documents and Settings\All Users
23:45:44.218 Scan finished successfully
08:17:46.250 Disk 0 MBR read successfully
08:17:46.359 Disk 0 scanning sectors +156344580
08:17:46.609 Disk 0 malicious Win32:MBRoot code @ sector 156344583 !
08:17:46.703 Disk 0 sector 156344583 cleaned
08:17:46.765 Verifying disinfection
08:17:57.062 Infection fixed successfully - please reboot ASAP
08:18:17.031 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\HP_Administrator\My Documents\MBR.dat"
08:18:17.093 The log file has been saved successfully to "C:\Documents and Settings\HP_Administrator\My Documents\aswMBR.txt"

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:40 AM

Posted 05 October 2012 - 07:50 AM

Let me know if you are able to boot into normal mode after ESET scan

If that doesnt work try a clean boot

http://www.askdrtech.com/solutions/post/How-to-perform-a-clean-startup-%28clean-boot%29-in-Windows-7.aspx

#14 LAB811

LAB811
  • Topic Starter

  • Members
  • 161 posts
  • OFFLINE
  •  
  • Local time:04:40 AM

Posted 05 October 2012 - 07:54 AM

Narenxp I have not run the eset scan yet when I rebooted after the last fix I posted it let me get into normal mode. The question I have is that Avira opened and asks me to choose an installation type to install the program do i go ahead and install it. I'm afraid to just go and do anything right now. Also should i be working in regular mode not safe mode? let me know I will run the eset scan

#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:40 AM

Posted 05 October 2012 - 07:57 AM

Skip avira installation for now.

Run the ESET scan in normal mode and post the log.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users