Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Win XP 64 Pro -Problem restoring Windows services / connectivity


  • Please log in to reply
57 replies to this topic

#1 myDP

myDP

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Colorado, USA
  • Local time:10:14 AM

Posted 15 October 2012 - 12:20 PM

Hello,
I have a Dell Precision 380, running Win XP Pro 64 bit, SP2. All the critical Windows updates were installed. I use AVG Free Antivirus. I run maintenance about every two weeks, which includes:
Easy Cleaner
Spybot
CCleaner
Malwarebytes
Disk Cleanup
Defraggler (Piriform)

The pc developed issues around the time AVG Free sent its 2013 update. I’m not certain the new AVG caused the issues, but AVG has caused problems on this system before, so I’m suspicious. Also, I was/am in the process of moving to a new pc, so I can’t say exactly when the issues started.

I could not uninstall AVG using Windows, because Windows said it couldn’t find the uninstaller. I didn’t see an AVG-supplied uninstaller.

I booted into safe mode, uninstalled and reinstalled the network card. No change. I tried to restore the system using windows restore points, but received the message “System Restore cannot protect this computer.” It couldn’t even FIND the restore program, I had to run it manually. I tried to turn on services manually by running “services.msc”

I am using the guide at http://www.selectrealsecurity.com/malware-removal-guide to try to get my computer back to normal. No malware was detected, but I wasn’t able to run Malwarebytes. I got a message “Mbam can’t run due to Run-time error 372: failed to load control ‘vBalGrid.ocx’ “ I downloaded and reinstalled, but still saw the same message. The file is actually in the Mbam folder; I saw it.

I am currently at “Fix Post-Disinfection Problems”, step 1: http://www.selectrealsecurity.com/fix-internet-connection/ . I ran reset.bat. I ran Farbar Service Scanner. It reported these eight missing drivers:
…system32\drivers\ afd.sys, tcpip.sys
…system32\ dnsrslvr.dll, svchost.exe, rpcss.dll
…syswow64\drivers\ netbt.sys, ipsec.sys, services.exe

Note that four of these files were not actually missing; I saw them were they were supposed to be. I replaced them with a new copy anyway.

I ran Farbar Service Scanner again as instructed, and six of the files I restored are reported missing. I’ve stopped at this point, hoping for expert advice.

The scanner doesn’t list any services as “not running”. It reports Localhost, Google IP, Google.com, Yahoo IP, Yahoo.com all accessible, and LAN connected.
Internet Explorer won’t even open, and Task Manager still shows about half the usual number of services.

I hope I supplied all the pertinent info, and that some very kind person(s) can help me with this! Thanks!

(Originally posted in Web Browsing/Email and Other Internet Applications, but moved here)

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:14 AM

Posted 15 October 2012 - 12:26 PM

I do not want you to troubleshoot when I'm helping you

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

#3 myDP

myDP
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Colorado, USA
  • Local time:10:14 AM

Posted 15 October 2012 - 01:06 PM

Thanks for having a look. I noticed that some software I have installed is not reported: Microsoft Office and Mathcad are two I noticed. Here are the logs:

MiniToolBox by Farbar Version: 23-07-2012
Ran by Administrator (administrator) on 15-10-2012 at 11:47:00
Microsoft Windows XP Service Pack 2 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================
Windows IP ConfigurationSuccessfully flushed the DNS Resolver Cache.
========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



127.0.0.1 localhost

========================= IP Configuration: ================================



# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "{072E6970-E68E-41CD-BA1D-40DC0FD1EDBD}"

set address name="{072E6970-E68E-41CD-BA1D-40DC0FD1EDBD}" source=dhcp
set dns name="{072E6970-E68E-41CD-BA1D-40DC0FD1EDBD}" source=dhcp register=PRIMARY
set wins name="{072E6970-E68E-41CD-BA1D-40DC0FD1EDBD}" source=dhcp


popd
# End of interface IP configuration


Windows IP Configuration Host Name . . . . . . . . . . . . : DHLSXBB1-B Primary Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Unknown IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : NoEthernet adapter {072E6970-E68E-41CD-BA1D-40DC0FD1EDBD}: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Broadcom NetXtreme 57xx Gigabit Controller Physical Address. . . . . . . . . : 00-13-72-23-9E-8C DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes IP Address. . . . . . . . . . . . : 10.0.0.2 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 10.0.0.1 DHCP Server . . . . . . . . . . . : 10.0.0.1 DNS Servers . . . . . . . . . . . : 10.0.0.1 Lease Obtained. . . . . . . . . . : Monday, October 15, 2012 5:42:45 AM Lease Expires . . . . . . . . . . : Tuesday, October 16, 2012 5:42:45 AMServer: UnKnown
Address: 10.0.0.1

Name: google.com
Addresses: 74.125.224.102, 74.125.224.103, 74.125.224.104, 74.125.224.105
74.125.224.110, 74.125.224.96, 74.125.224.97, 74.125.224.98, 74.125.224.99
74.125.224.100, 74.125.224.101

Pinging google.com [74.125.224.104] with 32 bytes of data:Reply from 74.125.224.104: bytes=32 time=96ms TTL=52Reply from 74.125.224.104: bytes=32 time=96ms TTL=52Ping statistics for 74.125.224.104: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 96ms, Maximum = 96ms, Average = 96msServer: UnKnown
Address: 10.0.0.1

Name: yahoo.com
Addresses: 98.138.253.109, 98.139.183.24, 72.30.38.140

Pinging yahoo.com [72.30.38.140] with 32 bytes of data:Reply from 72.30.38.140: bytes=32 time=763ms TTL=51Reply from 72.30.38.140: bytes=32 time=723ms TTL=51Ping statistics for 72.30.38.140: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 723ms, Maximum = 763ms, Average = 743msServer: UnKnown
Address: 10.0.0.1

Name: bleepingcomputer.com
Address: 208.43.87.2

Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:Reply from 208.43.87.2: Destination host unreachable.Reply from 208.43.87.2: Destination host unreachable.Ping statistics for 208.43.87.2: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0msPinging 127.0.0.1 with 32 bytes of data:Reply from 127.0.0.1: bytes=32 time<1ms TTL=128Reply from 127.0.0.1: bytes=32 time<1ms TTL=128Ping statistics for 127.0.0.1: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms
IPv4 Route Table
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x10003 ...00 13 72 23 9e 8c ...... Broadcom NetXtreme 57xx Gigabit Controller
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.0.0.1 10.0.0.2 10
10.0.0.0 255.255.255.0 10.0.0.2 10.0.0.2 10
10.0.0.2 255.255.255.255 127.0.0.1 127.0.0.1 10
10.255.255.255 255.255.255.255 10.0.0.2 10.0.0.2 10
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
224.0.0.0 240.0.0.0 10.0.0.2 10.0.0.2 10
255.255.255.255 255.255.255.255 10.0.0.2 10.0.0.2 1
Default Gateway: 10.0.0.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\mswsock.dll [233472] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\winrnr.dll [17408] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\mswsock.dll [233472] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [233472] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [233472] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [233472] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [233472] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [233472] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\mswsock.dll [File Not found] ()
x64-Catalog5 02 C:\Windows\System32\winrnr.dll [File Not found] ()
x64-Catalog5 03 C:\Windows\System32\mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

x64-Catalog9 01 C:\Windows\System32\mswsock.dll [File Not found] ()
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [File Not found] ()
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [File Not found] ()
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [File Not found] ()
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [File Not found] ()

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/14/2012 05:45:01 PM) (Source: .NET Runtime 2.0 Error Reporting) (User: )
Description: EventType clr20r3, P1 smessaging.exe, P2 5.2.5.93, P3 4feb0147, P4 system.windows.forms, P5 2.0.0.0, P6 4f681deb, P7 6107, P8 1b, P9 clr20r30, P10 clr20r31.

Error: (10/14/2012 04:21:17 PM) (Source: .NET Runtime 2.0 Error Reporting) (User: )
Description: EventType clr20r3, P1 smessaging.exe, P2 5.2.5.93, P3 4feb0147, P4 system.windows.forms, P5 2.0.0.0, P6 4f681deb, P7 6107, P8 1b, P9 clr20r30, P10 clr20r31.

Error: (10/14/2012 04:04:18 PM) (Source: .NET Runtime 2.0 Error Reporting) (User: )
Description: EventType clr20r3, P1 smessaging.exe, P2 5.2.5.93, P3 4feb0147, P4 system.windows.forms, P5 2.0.0.0, P6 4f681deb, P7 6107, P8 1b, P9 clr20r30, P10 clr20r31.

Error: (10/12/2012 09:11:00 PM) (Source: .NET Runtime 2.0 Error Reporting) (User: )
Description: EventType clr20r3, P1 smessaging.exe, P2 5.2.5.93, P3 4feb0147, P4 system.windows.forms, P5 2.0.0.0, P6 4f681deb, P7 6107, P8 1b, P9 clr20r30, P10 clr20r31.

Error: (10/12/2012 08:39:35 PM) (Source: .NET Runtime 2.0 Error Reporting) (User: )
Description: EventType clr20r3, P1 smessaging.exe, P2 5.2.5.93, P3 4feb0147, P4 system.windows.forms, P5 2.0.0.0, P6 4f681deb, P7 6107, P8 1b, P9 clr20r30, P10 clr20r31.

Error: (10/04/2012 06:16:02 PM) (Source: .NET Runtime 2.0 Error Reporting) (User: )
Description: EventType clr20r3, P1 smessaging.exe, P2 5.2.5.93, P3 4feb0147, P4 system.windows.forms, P5 2.0.0.0, P6 4f681deb, P7 6107, P8 1b, P9 clr20r30, P10 clr20r31.

Error: (10/04/2012 05:57:18 PM) (Source: .NET Runtime 2.0 Error Reporting) (User: )
Description: EventType clr20r3, P1 smessaging.exe, P2 5.2.5.93, P3 4feb0147, P4 system.windows.forms, P5 2.0.0.0, P6 4f681deb, P7 6107, P8 1b, P9 clr20r30, P10 clr20r31.

Error: (10/03/2012 07:23:02 PM) (Source: .NET Runtime 2.0 Error Reporting) (User: )
Description: EventType clr20r3, P1 smessaging.exe, P2 5.2.5.93, P3 4feb0147, P4 system.windows.forms, P5 2.0.0.0, P6 4f681deb, P7 6107, P8 1b, P9 clr20r30, P10 clr20r31.

Error: (10/03/2012 07:05:26 PM) (Source: MsiInstaller) (User: DHLSXBB1-B)DHLSXBB1-B
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2013 -- Error 1719. SA_Error1719: StandardAction(0xC00706B7): The Windows Installer Service could not be accessed. This can occur if you are running Windows in safe mode, or if the Windows Installer is not correctly installed. Contact your support personnel for assistance.

Error: (10/03/2012 07:02:19 PM) (Source: MsiInstaller) (User: DHLSXBB1-B)DHLSXBB1-B
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2013 -- Error 1719. SA_Error1719: StandardAction(0xC00706B7): The Windows Installer Service could not be accessed. This can occur if you are running Windows in safe mode, or if the Windows Installer is not correctly installed. Contact your support personnel for assistance.


System errors:
=============
Error: (10/01/2012 01:56:07 PM) (Source: BROWSER) (User: )
Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{DF941B0A-D79D-4C29-8D10-1323B92FE9A4}.
The backup browser is stopping.

Error: (10/01/2012 11:16:45 AM) (Source: Print) (User: DHLSXBB1-B)
Description: The document http://www.brooksrunning.com/Adrenaline-GTX/1201181B968.050,def owned by Administrator failed to print on printer Canon MX420 series Printer. Data type: NT EMF 1.008. Size of the spool file in bytes: 1114112. Number of bytes printed: 806952. Total number of pages in the document: 2. Number of pages printed: 0. Client machine: \\DHLSXBB1-B. Win32 error code returned by the print processor: http://www.brooksrunning.com/Adrenaline-GTX/1201181B968.050,def0. http://www.brooksrunning.com/Adrenaline-GTX/1201181B968.050,def1

Error: (10/01/2012 11:15:09 AM) (Source: Print) (User: DHLSXBB1-B)
Description: The document http://www.brooksrunning.com/Adrenaline-GTX/1200961B307.050,def owned by Administrator failed to print on printer Canon MX420 series Printer. Data type: NT EMF 1.008. Size of the spool file in bytes: 1245184. Number of bytes printed: 739416. Total number of pages in the document: 4. Number of pages printed: 0. Client machine: \\DHLSXBB1-B. Win32 error code returned by the print processor: http://www.brooksrunning.com/Adrenaline-GTX/1200961B307.050,def0. http://www.brooksrunning.com/Adrenaline-GTX/1200961B307.050,def1

Error: (09/19/2012 07:00:19 AM) (Source: 0) (User: )
Description: 0xC0000001HarddiskVolume2

Error: (09/11/2012 05:30:21 AM) (Source: 0) (User: )
Description: 0xC0000001HarddiskVolume2

Error: (09/02/2012 04:21:21 PM) (Source: Dhcp) (User: )
Description: The IP address lease 192.168.1.2 for the Network Card with network address 001372239E8C has been
denied by the DHCP server 10.0.0.1 (The DHCP Server sent a DHCPNACK message).

Error: (09/02/2012 04:21:01 PM) (Source: Dhcp) (User: )
Description: The IP address lease 192.168.4.2 for the Network Card with network address 001372239E8C has been
denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).

Error: (09/02/2012 04:04:37 PM) (Source: Service Control Manager) (User: )
Description: The BVRPMPR5a64 NDIS Protocol Driver service failed to start due to the following error:
%%2

Error: (09/02/2012 00:47:58 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID
{555F3418-D99E-4E51-800A-6E89CFD8B1D7}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19). This security permission can be modified using the Component Services administrative tool.

Error: (09/02/2012 00:47:58 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID
{555F3418-D99E-4E51-800A-6E89CFD8B1D7}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19). This security permission can be modified using the Component Services administrative tool.


Microsoft Office Sessions:
=========================
Error: (10/14/2012 05:45:01 PM) (Source: .NET Runtime 2.0 Error Reporting)(User: )
Description: clr20r3smessaging.exe5.2.5.934feb0147system.windows.forms2.0.0.04f681deb61071bpszqoadhx1u5zahbhohghldgiy4qixhxNIL

Error: (10/14/2012 04:21:17 PM) (Source: .NET Runtime 2.0 Error Reporting)(User: )
Description: clr20r3smessaging.exe5.2.5.934feb0147system.windows.forms2.0.0.04f681deb61071bpszqoadhx1u5zahbhohghldgiy4qixhxNIL

Error: (10/14/2012 04:04:18 PM) (Source: .NET Runtime 2.0 Error Reporting)(User: )
Description: clr20r3smessaging.exe5.2.5.934feb0147system.windows.forms2.0.0.04f681deb61071bpszqoadhx1u5zahbhohghldgiy4qixhxNIL

Error: (10/12/2012 09:11:00 PM) (Source: .NET Runtime 2.0 Error Reporting)(User: )
Description: clr20r3smessaging.exe5.2.5.934feb0147system.windows.forms2.0.0.04f681deb61071bpszqoadhx1u5zahbhohghldgiy4qixhxNIL

Error: (10/12/2012 08:39:35 PM) (Source: .NET Runtime 2.0 Error Reporting)(User: )
Description: clr20r3smessaging.exe5.2.5.934feb0147system.windows.forms2.0.0.04f681deb61071bpszqoadhx1u5zahbhohghldgiy4qixhxNIL

Error: (10/04/2012 06:16:02 PM) (Source: .NET Runtime 2.0 Error Reporting)(User: )
Description: clr20r3smessaging.exe5.2.5.934feb0147system.windows.forms2.0.0.04f681deb61071bpszqoadhx1u5zahbhohghldgiy4qixhxNIL

Error: (10/04/2012 05:57:18 PM) (Source: .NET Runtime 2.0 Error Reporting)(User: )
Description: clr20r3smessaging.exe5.2.5.934feb0147system.windows.forms2.0.0.04f681deb61071bpszqoadhx1u5zahbhohghldgiy4qixhxNIL

Error: (10/03/2012 07:23:02 PM) (Source: .NET Runtime 2.0 Error Reporting)(User: )
Description: clr20r3smessaging.exe5.2.5.934feb0147system.windows.forms2.0.0.04f681deb61071bpszqoadhx1u5zahbhohghldgiy4qixhxNIL

Error: (10/03/2012 07:05:26 PM) (Source: MsiInstaller)(User: DHLSXBB1-B)DHLSXBB1-B
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2013 -- Error 1719. SA_Error1719: StandardAction(0xC00706B7): The Windows Installer Service could not be accessed. This can occur if you are running Windows in safe mode, or if the Windows Installer is not correctly installed. Contact your support personnel for assistance.(NULL)(NULL)(NULL)(NULL)

Error: (10/03/2012 07:02:19 PM) (Source: MsiInstaller)(User: DHLSXBB1-B)DHLSXBB1-B
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2013 -- Error 1719. SA_Error1719: StandardAction(0xC00706B7): The Windows Installer Service could not be accessed. This can occur if you are running Windows in safe mode, or if the Windows Installer is not correctly installed. Contact your support personnel for assistance.(NULL)(NULL)(NULL)(NULL)


=========================== Installed Programs ============================

3Dconnexion 3DxWare (x64) (Version: 6.15.0002)
3Dconnexion Add-In for AutoCAD 2007 - 2010 (Version: 4.5.1)
3Dconnexion Add-In for Inventor 11 - 2012 (Version: 1.10.0)
3Dconnexion Add-In for SolidWorks 2005 - 2012 (x64) (Version: 2.21.0)
7-Zip 4.65 (x64 edition) (Version: 4.65.00.0)
ATI Control Panel (Version: 4.00.000)
ATI Display Driver (Version: 8.12-050317m-022115C-Dell)
AutoCAD Mechanical 2010 (Version: 14.0.48.300)
AutoCAD Mechanical 2010 (Version: 14.2.0.4)
AutoCAD Mechanical 2010 Language Pack - English (Version: 14.0.48.300)
AutoCAD Mechanical 2010 Version 3 (Version: 1)
Autodesk Inventor 2010 (Version: 14.4.0000.28400)
Autodesk Inventor 2010 English (English) (Version: 14.4.0000.28400)
Autodesk Inventor 2010 English Language Pack (Version: 14.0.0000.22302)
Autodesk Inventor 2010 SP1 (Version: 14.4.0000.28400)
Autodesk Inventor 2010 SP2 (Version: 14.4.0000.28400)
Autodesk Inventor 2010 SP3 (Version: 14.4.0000.28400)
Autodesk Inventor 2010 SP4 (Version: 14.4.0000.28400)
Autodesk Inventor Content Center Libraries 2010 (Desktop Content) (Version: 14.0.0000.22302)
AVG 2013 (Version: 13.0.2591)
AVG 2013 (Version: 13.0.2677)
AVG 2013 (Version: 2013.0.2677)
Broadcom Advanced Control Suite (Version: 8.20.01)
Canon MP830
Canon MX420 series MP Drivers
CCleaner (Version: 3.23)
Critical Update for Windows Media Player 11 (KB959772)
CutePDF Writer 2.8
Defraggler (Version: 2.10)
DWG TrueView 2010 (Version: 18.0.55.0)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Compression Client Pack 1.0 for Windows x64 (Version: 1)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
MSXML 6 Service Pack 2 (KB2721693) (Version: 6.20.2012.0)
Roxio DLA (Version: 5.2.0)
Update for Windows Internet Explorer 7 (KB976749) (Version: 1)
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
Update for Windows Internet Explorer 8 (KB978506) (Version: 1)
Update for Windows Internet Explorer 8 (KB980182) (Version: 1)
Update for Windows Internet Explorer 8 (KB982632) (Version: 1)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676) (Version: 1)
Update for Windows XP (KB2641690-v2) (Version: 2)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB925876) (Version: 2)
Update for Windows XP (KB927891) (Version: 5)
Update for Windows XP (KB931836) (Version: 1)
Update for Windows XP (KB932596) (Version: 1)
Update for Windows XP (KB933360) (Version: 1)
Update for Windows XP (KB936357) (Version: 1)
Update for Windows XP (KB942763) (Version: 1)
Update for Windows XP (KB951072-v2) (Version: 2)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
Update for Windows XP (KB977165) (Version: 1)
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1)
Windows Imaging Component (Version: 3.0.0.0)
Windows Internet Explorer 7 (Version: 20061107.210147)
Windows Internet Explorer 8 (Version: 20090308.140744)
Windows Media Format 11 runtime
Windows Media Format 9.5 Runtime x64 Edition
Windows XP Service Pack 2 (Version: 20070217.000042)

========================= Memory info: ===================================

Percentage of memory in use: 21%
Total physical RAM: 4029.86 MB
Available physical RAM: 3163 MB
Total Pagefile: 5822.21 MB
Available Pagefile: 5367.05 MB
Total Virtual: 4095.88 MB
Available Virtual: 4011.91 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:74.44 GB) (Free:11.02 GB) NTFS
4 Drive f: () (Removable) (Total:14.9 GB) (Free:13.74 GB) FAT32

========================= Users: ========================================

User accounts for \\

Administrator Guest HelpAssistant
SUPPORT_388945a0




**************** End of log ********************************************************
************************************************************************************





Farbar Service Scanner Version: 07-10-2012
Ran by Administrator (administrator) on 15-10-2012 at 11:55:43
Running from "F:\"
Microsoft Windows XP Service Pack 2 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
sharedaccess Service is not running. Checking service configuration:
The start type of sharedaccess service is OK.
The ImagePath of sharedaccess service is OK.
The ServiceDll of sharedaccess service is OK.

netman Service is not running. Checking service configuration:
The start type of netman service is OK.
The ImagePath of netman service is OK.
The ServiceDll of netman service is OK.

winmgmt Service is not running. Checking service configuration:
The start type of winmgmt service is OK.
The ImagePath of winmgmt service is OK.
The ServiceDll of winmgmt service is OK.


Firewall Disabled Policy:
==================


System Restore:
============
Srservice Service is not running. Checking service configuration:
The start type of Srservice service is OK.
The ImagePath of Srservice service is OK.
The ServiceDll of Srservice: "C:\WINDOWS\system32\srsvc.dll".


System Restore Disabled Policy:
========================


Security Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.

winmgmt Service is not running. Checking service configuration:
The start type of winmgmt service is OK.
The ImagePath of winmgmt service is OK.
The ServiceDll of winmgmt service is OK.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv: "C:\WINDOWS\system32\wuauserv.dll".

BITS Service is not running. Checking service configuration:
The start type of BITS service is set to Demand. The default start type is Auto.
The ImagePath of BITS service is OK.
The ServiceDll of BITS: "C:\WINDOWS\system32\qmgr.dll".

EventSystem Service is not running. Checking service configuration:
The start type of EventSystem service is set to Auto. The default start type is 3.
The ImagePath of EventSystem: "C:\WINDOWS\system32\svchost.exe -k netsvcs".
The ServiceDll of EventSystem: "C:\WINDOWS\system32\es.dll".

cryptsvc Service is not running. Checking service configuration:
The start type of cryptsvc service is OK.
The ImagePath of cryptsvc service is OK.
The ServiceDll of cryptsvc service is OK.


Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\SysWOW64\dhcpcsvc.dll
[2005-04-01 20:37] - [2007-02-18 11:05] - 0117248 ____A (Microsoft Corporation) 1201DF9A11FBB0F69EBD22E503D3BC87


ATTENTION!=====> C:\Windows\System32\drivers\afd.sys FILE IS MISSING AND SHOULD BE RESTORED.

C:\WINDOWS\SysWOW64\Drivers\netbt.sys
[2012-10-14 17:37] - [2007-02-17 00:40] - 0347136 ____A (Microsoft Corporation) FEDAAFB6CD700B9E0787C94D81C07DB5


ATTENTION!=====> C:\Windows\System32\Drivers\tcpip.sys FILE IS MISSING AND SHOULD BE RESTORED.

C:\WINDOWS\SysWOW64\Drivers\ipsec.sys
[2012-10-14 17:38] - [2007-02-17 00:31] - 0156672 ____A (Microsoft Corporation) DB841EC6F027C780002EF47AABFDDF86


ATTENTION!=====> C:\Windows\System32\dnsrslvr.dll FILE IS MISSING AND SHOULD BE RESTORED.

C:\WINDOWS\SysWOW64\ipnathlp.dll
[2005-04-01 20:37] - [2007-02-18 11:05] - 0343552 ____A (Microsoft Corporation) 27C6B8C2AFED21C10429A56DB95735F6

C:\WINDOWS\SysWOW64\netman.dll
[2005-04-01 20:37] - [2007-02-18 11:05] - 0263680 ____A (Microsoft Corporation) 12BCFB57162AD17CEA545E362CD886A8


ATTENTION!=====> C:\WINDOWS\SysWOW64\wbem\WMIsvc.dll FILE IS MISSING AND SHOULD BE RESTORED.


ATTENTION!=====> C:\WINDOWS\SysWOW64\srsvc.dll FILE IS MISSING AND SHOULD BE RESTORED.


ATTENTION!=====> C:\WINDOWS\SysWOW64\Drivers\sr.sys FILE IS MISSING AND SHOULD BE RESTORED.


ATTENTION!=====> C:\Windows\System32\wscsvc.dll FILE IS MISSING AND SHOULD BE RESTORED.


ATTENTION!=====> C:\Windows\System32\wbem\WMIsvc.dll FILE IS MISSING AND SHOULD BE RESTORED.


ATTENTION!=====> C:\WINDOWS\SysWOW64\wuauserv.dll FILE IS MISSING AND SHOULD BE RESTORED.


ATTENTION!=====> C:\Windows\System32\qmgr.dll FILE IS MISSING AND SHOULD BE RESTORED.


ATTENTION!=====> C:\Windows\System32\es.dll FILE IS MISSING AND SHOULD BE RESTORED.


ATTENTION!=====> C:\Windows\System32\cryptsvc.dll FILE IS MISSING AND SHOULD BE RESTORED.


ATTENTION!=====> C:\Windows\System32\svchost.exe FILE IS MISSING AND SHOULD BE RESTORED.


ATTENTION!=====> C:\Windows\System32\rpcss.dll FILE IS MISSING AND SHOULD BE RESTORED.


ATTENTION!=====> C:\WINDOWS\SysWOW64\services.exe FILE IS MISSING AND SHOULD BE RESTORED.


Extra List:
=======
Avgtdia(9) Gpc(6) IPSec(4) NetBT(5) PSched(7) Tcpip(3)
0x09000000040000000100000002000000030000000800000009000000050000000600000007000000
IpSec Tag value is correct.

**** End of log ****

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:14 AM

Posted 15 October 2012 - 01:11 PM

what is are issues you face now?

Ignore the missing files shown in farbar service scanner.

#5 myDP

myDP
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Colorado, USA
  • Local time:10:14 AM

Posted 15 October 2012 - 01:17 PM

Task Manager shows about half the usual services/processes.
Windows is not fully functional. For example, I can browse using Windows Explorer, but not move or paste files. (Had to use DOS to do that.) Can't move items on the desktop, although they are not aligned to grid or auto arranged.
Can't open Internet Explorer. Can't connect to internet.

#6 myDP

myDP
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Colorado, USA
  • Local time:10:14 AM

Posted 15 October 2012 - 01:19 PM

I meant to add- I'd like to uninstall the AVG software, but don't have a way to do that.

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:14 AM

Posted 15 October 2012 - 01:21 PM

Download AVG remover from here

http://www.avg.com/ww-en/utilities

Uninstall it.Restart the PC and let me know if you can connect now.

If you still have issues connecting to internet,try safemode with networking and see if that worked.

#8 myDP

myDP
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Colorado, USA
  • Local time:10:14 AM

Posted 15 October 2012 - 01:55 PM

I removed AVG, and restarted. No change.

I booted into safe mode with networking. I still can't open Internet Explorer, however, Firefox does open, and will go to the internet. I hadn't tested Firefox before now, because I don't usually use it, so I don't know if that is a "change".

Windows still doesn't allow me to move or paste files.

Firefox also works after normal boot.

I opened MS Outlook and issued a send/receive. Got the message "An OLE registration error occurred. The program is not correctly installed. Run setup again for the program."

Edited by myDP, 15 October 2012 - 02:10 PM.


#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:14 AM

Posted 15 October 2012 - 02:12 PM

Now the issue is with Internet explorer

Press Windows+R key and type

appwiz.cpl and click ok

Right click on Windows Internet Explorer 8 >>Uninstall it

Restart the PC.Can you launch internet explorer now?

Edited by narenxp, 15 October 2012 - 02:12 PM.


#10 myDP

myDP
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Colorado, USA
  • Local time:10:14 AM

Posted 15 October 2012 - 02:30 PM

Uninstalled IE8. IE starts and quickly ends, not open long enough to display anything except a flash of the window. It shows in Task Manager for a second, then vanishes.

Edited by myDP, 15 October 2012 - 02:31 PM.


#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:14 AM

Posted 15 October 2012 - 02:33 PM

Did you restart the PC? this should rollback your IE to IE 7.

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#12 myDP

myDP
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Colorado, USA
  • Local time:10:14 AM

Posted 15 October 2012 - 03:30 PM

I did restart the pc.

I've completed the TDSSkiller and the aswMBR. The ESET scan is 70% complete...will post the logs when it finishes. I don't want to interupt the ESET scan by ejecting the thumb drive.

#13 myDP

myDP
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Colorado, USA
  • Local time:10:14 AM

Posted 15 October 2012 - 04:43 PM

Here are the scan results:

TDSSKiller

13:42:04.0375 1260 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
13:42:06.0093 1260 ============================================================
13:42:06.0093 1260 Current date / time: 2012/10/15 13:42:06.0093
13:42:06.0093 1260 SystemInfo:
13:42:06.0093 1260
13:42:06.0093 1260 OS Version: 5.2.3790 ServicePack: 2.0
13:42:06.0093 1260 Product type: Workstation
13:42:06.0093 1260 ComputerName: DHLSXBB1-B
13:42:06.0093 1260 UserName: Administrator
13:42:06.0093 1260 Windows directory: C:\WINDOWS
13:42:06.0093 1260 System windows directory: C:\WINDOWS
13:42:06.0093 1260 Running under WOW64
13:42:06.0093 1260 Processor architecture: Intel x64
13:42:06.0093 1260 Number of processors: 2
13:42:06.0093 1260 Page size: 0x1000
13:42:06.0093 1260 Boot type: Normal boot
13:42:06.0093 1260 ============================================================
13:42:06.0671 1260 Drive \Device\Harddisk0\DR0 - Size: 0x12A05F2000 (74.51 Gb), SectorSize: 0x200, Cylinders: 0x25FE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:42:06.0687 1260 Drive \Device\Harddisk1\DR3 - Size: 0x3BA300000 (14.91 Gb), SectorSize: 0x200, Cylinders: 0x79A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
13:42:06.0687 1260 ============================================================
13:42:06.0687 1260 \Device\Harddisk0\DR0:
13:42:06.0687 1260 MBR partitions:
13:42:06.0687 1260 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1B747, BlocksNum 0x94E3276
13:42:06.0687 1260 \Device\Harddisk1\DR3:
13:42:06.0687 1260 MBR partitions:
13:42:06.0687 1260 \Device\Harddisk1\DR3\Partition1: MBR, Type 0xC, StartLBA 0x20, BlocksNum 0x1DD17E0
13:42:06.0687 1260 ============================================================
13:42:06.0734 1260 C: <-> \Device\Harddisk0\DR0\Partition1
13:42:06.0734 1260 ============================================================
13:42:06.0734 1260 Initialize success
13:42:06.0734 1260 ============================================================
13:43:10.0421 1404 ============================================================
13:43:10.0421 1404 Scan started
13:43:10.0421 1404 Mode: Manual; TDLFS;
13:43:10.0421 1404 ============================================================
13:43:10.0515 1404 ================ Scan system memory ========================
13:43:10.0515 1404 System memory - ok
13:43:10.0515 1404 ================ Scan services =============================
13:43:10.0671 1404 Abiosdsk - ok
13:43:10.0812 1404 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
13:43:10.0812 1404 ACDaemon - ok
13:43:10.0890 1404 [ 0CC42D1FB637112DE6F6196DDAF83DEC ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
13:43:10.0890 1404 ACPI - ok
13:43:10.0953 1404 [ A4D4F508BC6613442B0C32CDE443E382 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
13:43:10.0953 1404 ACPIEC - ok
13:43:11.0156 1404 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:43:11.0171 1404 AdobeFlashPlayerUpdateSvc - ok
13:43:11.0203 1404 [ 9573848DB551092F1B2C35BFDCC89B74 ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys
13:43:11.0203 1404 adpu160m - ok
13:43:11.0265 1404 [ 11FC948F6807A5CF36AF1D3CE05A5867 ] adpu320 C:\WINDOWS\system32\DRIVERS\adpu320.sys
13:43:11.0265 1404 adpu320 - ok
13:43:11.0328 1404 [ 92500BC3A6E241BBC357F532DD500A75 ] aec C:\WINDOWS\system32\drivers\aec.sys
13:43:11.0328 1404 aec - ok
13:43:11.0406 1404 [ AC7010DDE9111A1C65D7391ADA5C7257 ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll
13:43:11.0406 1404 AeLookupSvc - ok
13:43:11.0468 1404 [ E01A5EFA2ADA5F3ACFE877DCA449D34D ] AFD C:\WINDOWS\System32\drivers\afd.sys
13:43:11.0468 1404 AFD - ok
13:43:11.0515 1404 [ 3373905E7DED6168676707F318C612FA ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
13:43:11.0515 1404 agp440 - ok
13:43:11.0531 1404 [ BE8CF97DCA9B4906E3F325B6F0A0C7E1 ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys
13:43:11.0531 1404 aic78u2 - ok
13:43:11.0546 1404 [ 5CCFF568F3C1892B43733B182887258B ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys
13:43:11.0546 1404 aic78xx - ok
13:43:11.0578 1404 [ AFA2CF7CB731CA177CCCFFFFE5D88776 ] Alerter C:\WINDOWS\system32\alrsvc.dll
13:43:11.0578 1404 Alerter - ok
13:43:11.0593 1404 [ 2D21FF6D4CD30E679F1A294D5BA3D97B ] ALG C:\WINDOWS\System32\alg.exe
13:43:11.0609 1404 ALG - ok
13:43:11.0625 1404 [ DEC1AB343E20088A9CDE6F6661EC0A98 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys
13:43:11.0625 1404 AliIde - ok
13:43:11.0671 1404 [ E21EDF0AD0B24C379E197A46D61F84A6 ] AmdIde C:\WINDOWS\system32\DRIVERS\amdide.sys
13:43:11.0671 1404 AmdIde - ok
13:43:11.0718 1404 [ 4F6B2DE8BC199C542F174844BB64485A ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
13:43:11.0718 1404 AppMgmt - ok
13:43:11.0765 1404 [ CBDE05FE8F7162ADF1ED6F8F14A18F9E ] arc C:\WINDOWS\system32\DRIVERS\arc.sys
13:43:11.0765 1404 arc - ok
13:43:11.0796 1404 [ FDA73C1ECD1EC4F366FF0AB85ABF816D ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
13:43:11.0796 1404 Arp1394 - ok
13:43:11.0968 1404 [ F9F0F095586009E5DA0C32E648AA99FA ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework64\v2.0.50727\aspnet_state.exe
13:43:11.0968 1404 aspnet_state - ok
13:43:12.0031 1404 [ 7380ACDD2D8E6621392E56D9A0467FE4 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
13:43:12.0031 1404 AsyncMac - ok
13:43:12.0109 1404 [ 7A1814D0D112F50F828E25557A1ED29F ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
13:43:12.0109 1404 atapi - ok
13:43:12.0109 1404 Atdisk - ok
13:43:12.0187 1404 [ 23CF301A44D573F7FA01D5AD605B7C85 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
13:43:12.0203 1404 Ati HotKey Poller - ok
13:43:12.0312 1404 [ DBAA928C528312A98ADC51E603696A23 ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
13:43:12.0375 1404 ati2mtag - ok
13:43:12.0421 1404 [ 62D65FCE5695B53A2DDF92E83111EA06 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
13:43:12.0421 1404 Atmarpc - ok
13:43:12.0468 1404 [ 0DA015AB1EE54988572CFC4B7644556A ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
13:43:12.0468 1404 AudioSrv - ok
13:43:12.0531 1404 [ 1437089F59DBA75FEE4ED959077A938E ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
13:43:12.0531 1404 audstub - ok
13:43:12.0562 1404 AVG Security Toolbar Service - ok
13:43:12.0562 1404 AVGIDSDriver - ok
13:43:12.0609 1404 [ B967982A633462C06FDC613D8477FAE0 ] b57nd C:\WINDOWS\system32\DRIVERS\b57amd64.sys
13:43:12.0609 1404 b57nd - ok
13:43:12.0656 1404 [ 8BA2E5CDFDE406DC4646AFB894804844 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
13:43:12.0656 1404 Beep - ok
13:43:12.0750 1404 [ 749C15323919984A6E08BAD427D89936 ] BITS C:\WINDOWS\system32\qmgr.dll
13:43:12.0828 1404 BITS - ok
13:43:12.0890 1404 [ 3F12A27C914C83CACA78B6DBF4C39FA2 ] Browser C:\WINDOWS\System32\browser.dll
13:43:12.0890 1404 Browser - ok
13:43:12.0953 1404 [ 9887CA12F407D7FBC7F48F3678F5F0B6 ] BVRPMPR5a64 C:\WINDOWS\system32\drivers\BVRPMPR5a64.SYS
13:43:12.0953 1404 BVRPMPR5a64 - ok
13:43:12.0953 1404 C-DillaCdaC11BA - ok
13:43:13.0000 1404 [ 2367A4DDA10960624FE696BCEDFC995A ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
13:43:13.0000 1404 CCDECODE - ok
13:43:13.0031 1404 [ 982563CF02CD6D4E5D8E0F4B5CBB9B6A ] CdaC15BA C:\WINDOWS\system32\DRIVERS\CdaC15BA.sys
13:43:13.0031 1404 CdaC15BA - ok
13:43:13.0031 1404 [ 9067D96899D98CA4535A76E8C8B2E3A5 ] CdaD10BA C:\WINDOWS\system32\DRIVERS\CdaD10BA.sys
13:43:13.0031 1404 CdaD10BA - ok
13:43:13.0093 1404 [ 4D99E36322FB51A8D1B2B6D6B69D9889 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
13:43:13.0093 1404 Cdfs - ok
13:43:13.0109 1404 [ 11663FE50E499FFEE77979542B285F38 ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
13:43:13.0109 1404 Cdrom - ok
13:43:13.0109 1404 Changer - ok
13:43:13.0171 1404 [ 46C54F209031AFA0F100D0703FC346DA ] CiSvc C:\WINDOWS\system32\cisvc.exe
13:43:13.0171 1404 CiSvc - ok
13:43:13.0203 1404 [ 74F11D0323666D9F615A2D3692590122 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
13:43:13.0203 1404 ClipSrv - ok
13:43:13.0296 1404 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:43:13.0296 1404 clr_optimization_v2.0.50727_32 - ok
13:43:13.0343 1404 [ FA58B51ED71C9133E141164EAA7C54EB ] clr_optimization_v2.0.50727_64 c:\WINDOWS\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:43:13.0343 1404 clr_optimization_v2.0.50727_64 - ok
13:43:13.0375 1404 [ A663464027956BDECA29A652E7FAD96E ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys
13:43:13.0375 1404 CmdIde - ok
13:43:13.0375 1404 COMSysApp - ok
13:43:13.0390 1404 [ 423F7A6E3AF4C2A73C8C8AD945F72CBA ] crcdisk C:\WINDOWS\system32\DRIVERS\crcdisk.sys
13:43:13.0390 1404 crcdisk - ok
13:43:13.0437 1404 [ 8B0B3744C60936ACAE31012799DB3982 ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
13:43:13.0437 1404 CryptSvc - ok
13:43:13.0531 1404 [ A6130365606F3D6332B014FC3DA931AA ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
13:43:13.0562 1404 DcomLaunch - ok
13:43:13.0625 1404 [ DE4C841DDA8D5800515A5CA908580A36 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
13:43:13.0640 1404 Dhcp - ok
13:43:13.0703 1404 [ 417D7B9C6F36685A417E54690F8BD7B2 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
13:43:13.0703 1404 Disk - ok
13:43:13.0812 1404 [ B79944A4D5E232A795032B066EAE4F20 ] DLABOIOE C:\WINDOWS\system32\DLA\DLABOIOE.SYS
13:43:13.0812 1404 DLABOIOE - ok
13:43:13.0875 1404 [ 83294A0F8F5D8325184B7896731C5ECA ] DLACDBHE C:\WINDOWS\system32\Drivers\DLACDBHE.SYS
13:43:13.0875 1404 DLACDBHE - ok
13:43:13.0921 1404 [ D6A0296D4EBDACA6A1898025E5C58768 ] DLADiagE C:\WINDOWS\system32\Drivers\DLADiagE.SYS
13:43:13.0921 1404 DLADiagE - ok
13:43:13.0984 1404 [ 61BA13AA82D4C7791BC8745B232FAB8E ] DLADResE C:\WINDOWS\system32\DLA\DLADResE.SYS
13:43:13.0984 1404 DLADResE - ok
13:43:14.0000 1404 [ 7A1AF34526485D394FA3844132861AAD ] DLAIFS_E C:\WINDOWS\system32\DLA\DLAIFS_E.SYS
13:43:14.0000 1404 DLAIFS_E - ok
13:43:14.0015 1404 [ A410409C09F11ABD4CA7BDD2F8E58FE8 ] DLAOPIOE C:\WINDOWS\system32\DLA\DLAOPIOE.SYS
13:43:14.0015 1404 DLAOPIOE - ok
13:43:14.0078 1404 [ 3AE347F16122021D8360E07CC627754A ] DLAPMonE C:\WINDOWS\system32\Drivers\DLAPMonE.SYS
13:43:14.0078 1404 DLAPMonE - ok
13:43:14.0093 1404 [ 6F756AFD7E0A6CEA5684BCF943A1D504 ] DLAPoolE C:\WINDOWS\system32\DLA\DLAPoolE.SYS
13:43:14.0093 1404 DLAPoolE - ok
13:43:14.0109 1404 [ C70C09BED1958198C2AF83DC0C07DA0E ] DLARTL_E C:\WINDOWS\system32\Drivers\DLARTL_E.SYS
13:43:14.0109 1404 DLARTL_E - ok
13:43:14.0109 1404 [ 8B6FF975BE7D542124EC22BB0FBEFE52 ] DLAUDFAE C:\WINDOWS\system32\DLA\DLAUDFAE.SYS
13:43:14.0125 1404 DLAUDFAE - ok
13:43:14.0140 1404 [ FED7D036C4E5A75025705C6AAEA7C8D4 ] DLAUDF_E C:\WINDOWS\system32\DLA\DLAUDF_E.SYS
13:43:14.0156 1404 DLAUDF_E - ok
13:43:14.0156 1404 dmadmin - ok
13:43:14.0203 1404 [ 19D704C92C2E2BD4DC99DB18A3523918 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
13:43:14.0218 1404 dmboot - ok
13:43:14.0281 1404 [ B293CE1C9243219F6B9E5DBCAA75B962 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
13:43:14.0296 1404 dmio - ok
13:43:14.0328 1404 [ C294E31D6CB7407A43C96EC1FEC1F8A4 ] dmload C:\WINDOWS\system32\drivers\dmload.sys
13:43:14.0328 1404 dmload - ok
13:43:14.0359 1404 [ 76F7E7922F428BE040F800920BB8FF3B ] dmserver C:\WINDOWS\System32\dmserver.dll
13:43:14.0359 1404 dmserver - ok
13:43:14.0421 1404 [ 19C1612C4F5D828935D2270C7AF13E6E ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
13:43:14.0437 1404 Dnscache - ok
13:43:14.0468 1404 [ 3B11B51956C3D5C39BABF064FA30FF26 ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys
13:43:14.0468 1404 dpti2o - ok
13:43:14.0468 1404 [ D3D5A5D0C15599E39D2BEFCFC78F5DB8 ] DRVECDB C:\WINDOWS\system32\Drivers\DRVECDB.SYS
13:43:14.0468 1404 DRVECDB - ok
13:43:14.0468 1404 [ F725803BE7BC1F10310DDC9B3A180B71 ] DRVEDDM C:\WINDOWS\system32\Drivers\DRVEDDM.SYS
13:43:14.0468 1404 DRVEDDM - ok
13:43:14.0500 1404 [ B063A36E4E027A9DBE2B019EBBBEAE86 ] ERSvc C:\WINDOWS\System32\ersvc.dll
13:43:14.0500 1404 ERSvc - ok
13:43:14.0562 1404 [ 1E07EE3F50DFF2FE9B0A9D196E82698F ] Eventlog C:\WINDOWS\system32\services.exe
13:43:14.0562 1404 Eventlog - ok
13:43:14.0625 1404 [ CDEF30A1DCFFCAF6A4E8B7812AE79C95 ] EventSystem C:\WINDOWS\system32\es.dll
13:43:14.0640 1404 EventSystem - ok
13:43:14.0703 1404 [ 7C713B9F6F968F135D3D819492882CDD ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
13:43:14.0718 1404 Fastfat - ok
13:43:14.0796 1404 [ EE07F2A9423199FF95BFDD33BACF066C ] Fax C:\WINDOWS\system32\fxssvc.exe
13:43:14.0812 1404 Fax - ok
13:43:14.0843 1404 [ 7E35D423FF10AB5B8AF1D3DE86236690 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
13:43:14.0843 1404 Fdc - ok
13:43:14.0875 1404 [ 73EA9000F8FB2E060954EB7C3377A3C7 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
13:43:14.0875 1404 Fips - ok
13:43:14.0968 1404 [ F76D04F7413B07DAA029F6520B64B4E8 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
13:43:14.0984 1404 FLEXnet Licensing Service - ok
13:43:15.0015 1404 [ 8AC77974378EAC3548330951A5DEEEBF ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
13:43:15.0015 1404 Flpydisk - ok
13:43:15.0062 1404 [ 087DB260F98056AC40261ACAE4240882 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
13:43:15.0062 1404 FltMgr - ok
13:43:15.0203 1404 [ 8A4DCD28D2BE12946F6D5D308B0942A6 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
13:43:15.0203 1404 FontCache3.0.0.0 - ok
13:43:15.0218 1404 [ 70DF80567A55A97894B4E8952EC5E7FC ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
13:43:15.0218 1404 Fs_Rec - ok
13:43:15.0234 1404 [ E90AA7C073519DD8571670818CB85CCB ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
13:43:15.0234 1404 Ftdisk - ok
13:43:15.0296 1404 [ FD7E9ABA274DF75E08320420B8E9A1D5 ] getPlusHelper C:\Program Files (x86)\NOS\bin\getPlus_Helper.dll
13:43:15.0296 1404 getPlusHelper - ok
13:43:15.0296 1404 [ 865D4D0B4E3730EF8040000CFB846D9F ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
13:43:15.0296 1404 Gpc - ok
13:43:15.0421 1404 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:43:15.0421 1404 gupdate - ok
13:43:15.0421 1404 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:43:15.0421 1404 gupdatem - ok
13:43:15.0500 1404 [ D36E47728CDBC8D17A77D36A6CBC29BB ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
13:43:15.0500 1404 HDAudBus - ok
13:43:15.0625 1404 [ 40E274B64843813A81C42687592339D7 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
13:43:15.0625 1404 helpsvc - ok
13:43:15.0625 1404 HidServ - ok
13:43:15.0687 1404 [ F32BEC5614A61BBB2BEDE070D279F88B ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
13:43:15.0687 1404 HidUsb - ok
13:43:15.0765 1404 [ B54738DF11D0E06072BF9C332DB1D254 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
13:43:15.0796 1404 HTTP - ok
13:43:15.0828 1404 [ 1A782D5CA033F553F0BE54546EBF3B4F ] HTTPFilter C:\WINDOWS\System32\lsass.exe
13:43:15.0828 1404 HTTPFilter - ok
13:43:15.0843 1404 i2omgmt - ok
13:43:15.0875 1404 [ 50FD608643D9B56C4C75C0784513F77E ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
13:43:15.0890 1404 i8042prt - ok
13:43:16.0000 1404 [ 5400C14134E7D6A0069C46FEBCB2DDDF ] IAANTMon C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaantmon.exe
13:43:16.0000 1404 IAANTMon - ok
13:43:16.0000 1404 IASJet - ok
13:43:16.0078 1404 [ 61258AB922B659AC4DF47936EE63C8DE ] iastor C:\WINDOWS\system32\drivers\iastor.sys
13:43:16.0093 1404 iastor - ok
13:43:16.0234 1404 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
13:43:16.0234 1404 IDriverT - ok
13:43:16.0312 1404 [ 501CF65702D7F64C38DB360F7EB07ADC ] idsvc c:\WINDOWS\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:43:16.0328 1404 idsvc - ok
13:43:16.0375 1404 [ 766E9360FDC47AF63804EEB99541EF32 ] iirsp C:\WINDOWS\system32\DRIVERS\iirsp.sys
13:43:16.0375 1404 iirsp - ok
13:43:16.0437 1404 [ D2E541613B72FF9FCEDF37B166930706 ] imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
13:43:16.0437 1404 imapi - ok
13:43:16.0515 1404 [ 9014C144CD95EEE1F5884664A4BFB4D8 ] ImapiService C:\WINDOWS\system32\imapi.exe
13:43:16.0515 1404 ImapiService - ok
13:43:16.0562 1404 [ 06B7ACD0E67BDA504DFD0340663F9B78 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
13:43:16.0562 1404 IntelIde - ok
13:43:16.0609 1404 [ F8DEF5F83DEF3D1EE89BC851BFB6A886 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
13:43:16.0609 1404 intelppm - ok
13:43:16.0640 1404 [ 6601A43EE389D0ADB11AAEDE9A98036B ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
13:43:16.0640 1404 Ip6Fw - ok
13:43:16.0656 1404 [ 1B1B4654A5492A42D2E1BF5B2B22D32B ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
13:43:16.0656 1404 IpFilterDriver - ok
13:43:16.0656 1404 IpInIp - ok
13:43:16.0703 1404 [ 088ECB04137DF1F52EC10C29D57A8CCA ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
13:43:16.0718 1404 IpNat - ok
13:43:16.0765 1404 [ DB841EC6F027C780002EF47AABFDDF86 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
13:43:16.0781 1404 IPSec - ok
13:43:16.0828 1404 [ 8B7015EA0171242CCA03C2FB48CCC771 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
13:43:16.0828 1404 IRENUM - ok
13:43:16.0843 1404 [ D994162E4D8E931FC16A892A87852BBB ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
13:43:16.0843 1404 isapnp - ok
13:43:16.0968 1404 [ 0A5709543986843D37A92290B7838340 ] JavaQuickStarterService C:\Program Files (x86)\Java\jre6\bin\jqs.exe
13:43:16.0968 1404 JavaQuickStarterService - ok
13:43:16.0968 1404 [ E85095372008A9194C7ED6206CB782DA ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
13:43:16.0968 1404 Kbdclass - ok
13:43:16.0984 1404 [ F96D8CEC38EFD64AAF41976D214FC54E ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
13:43:16.0984 1404 kbdhid - ok
13:43:17.0046 1404 [ 1B280B3B4C10CC2E3EC3AEC17EB6B658 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
13:43:17.0046 1404 kmixer - ok
13:43:17.0078 1404 [ EDCDC587073AC4BE72C5A66FE30ACA00 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
13:43:17.0093 1404 KSecDD - ok
13:43:17.0125 1404 [ 5CB302B6CAACE41AF70C34B56EB3DB23 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
13:43:17.0125 1404 ksthunk - ok
13:43:17.0203 1404 [ 4D8E9A805ADD244B5C511147A5D9BB8C ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
13:43:17.0203 1404 lanmanserver - ok
13:43:17.0265 1404 [ BF4105D3EB357652A4EA73F170715ACD ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
13:43:17.0281 1404 lanmanworkstation - ok
13:43:17.0343 1404 [ 80DB42573F8EF6CBB6A7A0FF6966A352 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
13:43:17.0343 1404 LmHosts - ok
13:43:17.0343 1404 lmimirr - ok
13:43:17.0343 1404 LMIRfsClientNP - ok
13:43:17.0390 1404 [ B9FC4CCE5758B816F27DD4D1EED11841 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
13:43:17.0390 1404 MBAMProtector - ok
13:43:17.0484 1404 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
13:43:17.0500 1404 MBAMScheduler - ok
13:43:17.0562 1404 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
13:43:17.0593 1404 MBAMService - ok
13:43:17.0718 1404 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
13:43:17.0734 1404 MDM - ok
13:43:17.0781 1404 [ 34EF8CBEA95EF5108A1349FC22D87513 ] Messenger C:\WINDOWS\System32\msgsvc.dll
13:43:17.0781 1404 Messenger - ok
13:43:17.0828 1404 [ AD6BC1EFA0C1B53409947F06DE87FC89 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
13:43:17.0828 1404 mnmdd - ok
13:43:17.0828 1404 mnmsrvc - ok
13:43:17.0875 1404 [ 9A67A96A0CBC2BC658ABF8C9B5EE065A ] Modem C:\WINDOWS\system32\drivers\Modem.sys
13:43:17.0890 1404 Modem - ok
13:43:17.0937 1404 [ 12ACF32EDF03E46805347817ACB9F64C ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
13:43:17.0937 1404 Mouclass - ok
13:43:18.0000 1404 [ A0C4E4A79C5D6F418315C33177F2B5BC ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
13:43:18.0000 1404 mouhid - ok
13:43:18.0000 1404 [ 7E9CC7E4282A8E7A480560A6F817C177 ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
13:43:18.0015 1404 MountMgr - ok
13:43:18.0031 1404 [ E2539EFC597E2BEA7037BB42A67EB717 ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys
13:43:18.0031 1404 mraid35x - ok
13:43:18.0093 1404 [ 3D33208E5A7414D8633D34D24F119173 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
13:43:18.0109 1404 MRxDAV - ok
13:43:18.0187 1404 [ 9385E695B33068B90CF419186ECAA3DE ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
13:43:18.0234 1404 MRxSmb - ok
13:43:18.0312 1404 [ D42976785BA169C2361F97CC6A20681F ] MSDTC C:\WINDOWS\system32\msdtc.exe
13:43:18.0312 1404 MSDTC - ok
13:43:18.0328 1404 [ 983F4AB7A50D56CD33E2061EE733BD55 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
13:43:18.0328 1404 Msfs - ok
13:43:18.0328 1404 MSIServer - ok
13:43:18.0359 1404 [ 308EC6FBEF38871CB2C4CACE9C8F4808 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
13:43:18.0359 1404 MSKSSRV - ok
13:43:18.0390 1404 [ 8D3226738479719AAB3B6D2617D7A55C ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
13:43:18.0390 1404 MSPCLOCK - ok
13:43:18.0421 1404 [ 058D63E8D000AE678D4549BFA8EB0DEB ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
13:43:18.0421 1404 MSPQM - ok
13:43:18.0421 1404 [ 5992D1F9ED64017A76AFEE2B79F5CFB9 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
13:43:18.0437 1404 mssmbios - ok
13:43:18.0500 1404 [ 6C679FAB17592620DE60DC7700A039EA ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
13:43:18.0500 1404 MSTEE - ok
13:43:18.0546 1404 [ 5902C8E565FE346076786F43103EF02E ] Mup C:\WINDOWS\system32\drivers\Mup.sys
13:43:18.0546 1404 Mup - ok
13:43:18.0578 1404 [ 933012D216D0022A500CC6C0DFA16428 ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
13:43:18.0578 1404 NABTSFEC - ok
13:43:18.0625 1404 [ 6FE83D05AEBEF7930D7CE91568DC99DF ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
13:43:18.0625 1404 NDIS - ok
13:43:18.0656 1404 [ FEBEB8BF62B229CE9DA98C32BF3D26A3 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
13:43:18.0671 1404 NdisIP - ok
13:43:18.0703 1404 [ 389CFAB53AA9807EA4536CB0B03609C3 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
13:43:18.0718 1404 NdisTapi - ok
13:43:18.0718 1404 [ 49C1207C1AE8C6958F1C1747132814C2 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
13:43:18.0734 1404 Ndisuio - ok
13:43:18.0750 1404 [ 6157A7AEAE6D2B948FF2E872FFAC765B ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
13:43:18.0750 1404 NdisWan - ok
13:43:18.0812 1404 [ 01B8ACF7C9AFA9005DB6378077137BCE ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
13:43:18.0812 1404 NDProxy - ok
13:43:18.0828 1404 [ B1CEE06471A069149B11FADA23FF00FD ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
13:43:18.0828 1404 NetBIOS - ok
13:43:18.0843 1404 [ FEDAAFB6CD700B9E0787C94D81C07DB5 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
13:43:18.0843 1404 NetBT - ok
13:43:18.0906 1404 [ FB13279D8C89ADD5B0F7497C45BCF1C3 ] NetDDE C:\WINDOWS\system32\netdde.exe
13:43:18.0906 1404 NetDDE - ok
13:43:18.0921 1404 [ FB13279D8C89ADD5B0F7497C45BCF1C3 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
13:43:18.0921 1404 NetDDEdsdm - ok
13:43:18.0968 1404 [ 1A782D5CA033F553F0BE54546EBF3B4F ] Netlogon C:\WINDOWS\system32\lsass.exe
13:43:18.0968 1404 Netlogon - ok
13:43:18.0984 1404 [ F28FD9DBA68A85D6EE4225A83F127D2B ] Netman C:\WINDOWS\System32\netman.dll
13:43:19.0031 1404 Netman - ok
13:43:19.0078 1404 [ 8BC776595238AB62072AA6BEB17DDF59 ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:43:19.0078 1404 NetTcpPortSharing - ok
13:43:19.0109 1404 [ DAFC30299E872CD7ED3795EA0FA08F67 ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
13:43:19.0109 1404 NIC1394 - ok
13:43:19.0187 1404 [ BA13C3C32A69DC37653C9543E065950E ] Nla C:\WINDOWS\System32\mswsock.dll
13:43:19.0218 1404 Nla - ok
13:43:19.0296 1404 [ B6E56578E167AD7D146F1B316490AC03 ] nlsX86cc C:\WINDOWS\SysWOW64\NLSSRV32.EXE
13:43:19.0328 1404 nlsX86cc - ok
13:43:19.0328 1404 [ 81819038621A2C524781EC503D400287 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
13:43:19.0328 1404 Npfs - ok
13:43:19.0406 1404 [ C8904B5F90AB2236692E83D491C4D426 ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
13:43:19.0453 1404 Ntfs - ok
13:43:19.0453 1404 [ 1A782D5CA033F553F0BE54546EBF3B4F ] NtLmSsp C:\WINDOWS\system32\lsass.exe
13:43:19.0453 1404 NtLmSsp - ok
13:43:19.0515 1404 [ A398462077F68A41B4DFF9FB7E8FC7B8 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
13:43:19.0546 1404 NtmsSvc - ok
13:43:19.0593 1404 [ 501039187C444FA7AB9D97B6A6C667B3 ] Null C:\WINDOWS\system32\drivers\Null.sys
13:43:19.0593 1404 Null - ok
13:43:19.0640 1404 [ C3E47D8E74F05C9691B4A0BC37EFC663 ] nv_agp C:\WINDOWS\system32\DRIVERS\nv_agp.sys
13:43:19.0656 1404 nv_agp - ok
13:43:19.0656 1404 [ F8160AC8AE516A33221427C2353A7D12 ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
13:43:19.0656 1404 ohci1394 - ok
13:43:19.0687 1404 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:43:19.0687 1404 ose - ok
13:43:19.0703 1404 [ 7DDAA09186DA9F1D304E819B5A6BBC5A ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
13:43:19.0718 1404 Parport - ok
13:43:19.0718 1404 [ 5F9A703240468A0C35A629D17FFCA847 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
13:43:19.0718 1404 PartMgr - ok
13:43:19.0718 1404 [ 5B2C8D6971D8DF4937C2FA013CD4C00D ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
13:43:19.0718 1404 PCI - ok
13:43:19.0765 1404 [ F1978C7849A0047306DB3B8BB94F0764 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
13:43:19.0765 1404 PCIIde - ok
13:43:19.0796 1404 [ 037F3A19F49A4C6A320C4154EBD6EE9D ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
13:43:19.0796 1404 Pcmcia - ok
13:43:19.0812 1404 PDCOMP - ok
13:43:19.0812 1404 PDFRAME - ok
13:43:19.0812 1404 PDRELI - ok
13:43:19.0812 1404 PDRFRAME - ok
13:43:19.0859 1404 [ 1E07EE3F50DFF2FE9B0A9D196E82698F ] PlugPlay C:\WINDOWS\system32\services.exe
13:43:19.0859 1404 PlugPlay - ok
13:43:19.0875 1404 [ 1A782D5CA033F553F0BE54546EBF3B4F ] PolicyAgent C:\WINDOWS\system32\lsass.exe
13:43:19.0875 1404 PolicyAgent - ok
13:43:19.0890 1404 [ E176F640EE6BF550F61FAA9CE9A683F4 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
13:43:19.0890 1404 PptpMiniport - ok
13:43:19.0890 1404 [ 1A782D5CA033F553F0BE54546EBF3B4F ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
13:43:19.0890 1404 ProtectedStorage - ok
13:43:19.0906 1404 [ 01AAE06E543C0956AC247546A8F2DAFE ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
13:43:19.0906 1404 PSched - ok
13:43:19.0968 1404 [ 35E39A969D227C2A56C1DC98361D8E35 ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
13:43:19.0984 1404 Ptilink - ok
13:43:20.0000 1404 [ E25E73B8FBAF6FD6C31CDF38A61B8751 ] PxHlpa64 C:\WINDOWS\system32\Drivers\PxHlpa64.sys
13:43:20.0000 1404 PxHlpa64 - ok
13:43:20.0015 1404 [ D646A315E6386DAC1D96C8CE8A4BFEE7 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
13:43:20.0015 1404 RasAcd - ok
13:43:20.0031 1404 [ 3F573D0C001B982C3180860366783BC0 ] RasAuto C:\WINDOWS\System32\rasauto.dll
13:43:20.0031 1404 RasAuto - ok
13:43:20.0078 1404 [ D81FDC53EE9C0F68D709E504342D1D74 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
13:43:20.0078 1404 Rasl2tp - ok
13:43:20.0156 1404 [ 47F7838F77A42F85C763899AB1B77D14 ] RasMan C:\WINDOWS\System32\rasmans.dll
13:43:20.0156 1404 RasMan - ok
13:43:20.0171 1404 [ 31FA5AB662C58CC5CF92396224F6B29A ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
13:43:20.0171 1404 RasPppoe - ok
13:43:20.0187 1404 [ 701493F9A6EDE759AF8D3FA7C08BAB3B ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
13:43:20.0187 1404 Raspti - ok
13:43:20.0250 1404 [ F1C8347F0E437E145B2E30A6F29E45BD ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
13:43:20.0265 1404 Rdbss - ok
13:43:20.0265 1404 [ C013379D04060318C3B2E4967D82739A ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
13:43:20.0265 1404 RDPCDD - ok
13:43:20.0281 1404 [ 0482A9BE0BE2098A12A61464306BF24B ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
13:43:20.0296 1404 rdpdr - ok
13:43:20.0343 1404 [ 7B586DB3E86E407F6A43E83586AF4F32 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
13:43:20.0343 1404 RDPWD - ok
13:43:20.0375 1404 [ A72BE0B07655141AB4EABECF0D66528A ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
13:43:20.0375 1404 RDSessMgr - ok
13:43:20.0390 1404 [ 1D793394201000D2D56E848C18FE9A62 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
13:43:20.0390 1404 redbook - ok
13:43:20.0421 1404 [ 60C8A5D4954CCE7D280369DFF5068019 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
13:43:20.0421 1404 RemoteAccess - ok
13:43:20.0453 1404 [ B2D55CE8C7C946C625B687F75040AD3F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
13:43:20.0453 1404 RemoteRegistry - ok
13:43:20.0484 1404 [ 809785CF7BE1B857F3B52D9B1AF10817 ] RpcLocator C:\WINDOWS\system32\locator.exe
13:43:20.0500 1404 RpcLocator - ok
13:43:20.0578 1404 [ A6130365606F3D6332B014FC3DA931AA ] RpcSs C:\WINDOWS\system32\rpcss.dll
13:43:20.0578 1404 RpcSs - ok
13:43:20.0593 1404 [ 1A782D5CA033F553F0BE54546EBF3B4F ] SamSs C:\WINDOWS\system32\lsass.exe
13:43:20.0593 1404 SamSs - ok
13:43:20.0625 1404 [ A2069FFA2A6FEBB3818F180373C84A89 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
13:43:20.0625 1404 SCardSvr - ok
13:43:20.0687 1404 [ 71CD398385835C08613C65E5BF91E7FA ] Schedule C:\WINDOWS\system32\schedsvc.dll
13:43:20.0687 1404 Schedule - ok
13:43:20.0765 1404 [ 3EA8A16169C26AFBEB544E0E48421186 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
13:43:20.0765 1404 Secdrv - ok
13:43:20.0781 1404 [ B4E054549321372D995E4DB9A5304E77 ] seclogon C:\WINDOWS\System32\seclogon.dll
13:43:20.0781 1404 seclogon - ok
13:43:20.0843 1404 [ 222C0A6C354D6A90700956C60574A09A ] SENS C:\WINDOWS\system32\sens.dll
13:43:20.0843 1404 SENS - ok
13:43:20.0921 1404 [ 111B29F3FCF9FB61C903A01E3706F7DC ] Serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
13:43:20.0921 1404 Serenum - ok
13:43:20.0937 1404 [ C0DC97399576FCCFF5FE877EC2D8DACC ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
13:43:20.0937 1404 Serial - ok
13:43:20.0937 1404 [ C6EACC8920A31B8D5842D1F7A28E2113 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
13:43:20.0937 1404 Sfloppy - ok
13:43:21.0015 1404 [ D71A8153D3CF0ED527F6BA1F087FAA22 ] SharedAccess C:\WINDOWS\system32\ipnathlp.dll
13:43:21.0046 1404 SharedAccess - ok
13:43:21.0109 1404 [ 15DE8EAE99A0F4E313E83ABA5B849FAA ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
13:43:21.0125 1404 ShellHWDetection - ok
13:43:21.0125 1404 Simbad - ok
13:43:21.0203 1404 [ EA396139541706B4B433641D62EA53CE ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
13:43:21.0203 1404 SkypeUpdate - ok
13:43:21.0265 1404 [ 6763442AF574D3D42CBFB8008B7A140F ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
13:43:21.0265 1404 SLIP - ok
13:43:21.0296 1404 [ 17EC29105989101DB536C49E1279A0EB ] splitter C:\WINDOWS\system32\drivers\splitter.sys
13:43:21.0296 1404 splitter - ok
13:43:21.0359 1404 [ 206FD327B4AAD3AEAA8E0D7D03F2044A ] Spooler C:\WINDOWS\system32\spoolsv.exe
13:43:21.0359 1404 Spooler - ok
13:43:21.0375 1404 [ DAE1D5553D42A06034001D6EF4F5CB36 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
13:43:21.0375 1404 sr - ok
13:43:21.0453 1404 [ 7B6DA719973755BD091131E53AD6EC23 ] srservice C:\WINDOWS\system32\srsvc.dll
13:43:21.0453 1404 srservice - ok
13:43:21.0531 1404 [ 2A08328562D0BA596B699EEB90B511D1 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
13:43:21.0546 1404 Srv - ok
13:43:21.0609 1404 [ 94AD81C8EE2385EDDB08C7E34FEDB7A8 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
13:43:21.0609 1404 SSDPSRV - ok
13:43:21.0703 1404 [ 931825630736BCC82740B2531A93FC07 ] STHDA C:\WINDOWS\system32\drivers\sthda64.sys
13:43:21.0734 1404 STHDA - ok
13:43:21.0796 1404 [ F6D4F452DB507820F726525A1425F0CC ] stisvc C:\WINDOWS\system32\wiaservc.dll
13:43:21.0828 1404 stisvc - ok
13:43:21.0875 1404 [ 90C7874FF6BABF98A801C7AEBE3AD5A6 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
13:43:21.0875 1404 streamip - ok
13:43:21.0921 1404 [ B6536185FEEB8F0C86AD3BF2FBAB4F2F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
13:43:21.0921 1404 swenum - ok
13:43:21.0984 1404 [ 8E9E35B36A27AD154A5F92397CDE343C ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
13:43:21.0984 1404 swmidi - ok
13:43:22.0062 1404 [ 2E54746998139CB708B83974F1AC09F3 ] swprv C:\WINDOWS\System32\swprv.dll
13:43:22.0093 1404 swprv - ok
13:43:22.0140 1404 [ 02363A8690BA2DB405B9EC6A598A8D89 ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys
13:43:22.0140 1404 symc8xx - ok
13:43:22.0171 1404 [ D3B52787F40DDB43ACAFA01583B079FE ] symmpi C:\WINDOWS\system32\DRIVERS\symmpi.sys
13:43:22.0171 1404 symmpi - ok
13:43:22.0187 1404 [ 1F8245798DE985A00EA7E2D40FA9876E ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys
13:43:22.0187 1404 sym_hi - ok
13:43:22.0203 1404 [ 954C7C1C9A1400AE68DF10D730A6A31D ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys
13:43:22.0203 1404 sym_u3 - ok
13:43:22.0234 1404 [ 2E843F129DAF4C789DF7ACD40E26208F ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
13:43:22.0250 1404 sysaudio - ok
13:43:22.0281 1404 [ D3FFFEA8C94BA3C1CEAC9694AC390472 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
13:43:22.0281 1404 SysmonLog - ok
13:43:22.0328 1404 [ FAFEFC85FC929B81571BFF315C93E299 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
13:43:22.0343 1404 TapiSrv - ok
13:43:22.0453 1404 [ CE9A7AC526636585A126FACE243F4574 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
13:43:22.0484 1404 Tcpip - ok
13:43:22.0546 1404 [ DA1E9CD22238FA4DB565EF41C7312E1B ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
13:43:22.0546 1404 TDPIPE - ok
13:43:22.0562 1404 [ 47D24EBB1C442DCC18D89B8B89BAFB49 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
13:43:22.0562 1404 TDTCP - ok
13:43:22.0593 1404 [ 8AB9AD44907D4C57AD10E175C8720ECF ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
13:43:22.0593 1404 TermDD - ok
13:43:22.0625 1404 [ F4849A4962779132B02CA4BBF696F434 ] TermService C:\WINDOWS\System32\termsrv.dll
13:43:22.0625 1404 TermService - ok
13:43:22.0703 1404 [ 15DE8EAE99A0F4E313E83ABA5B849FAA ] Themes C:\WINDOWS\System32\shsvcs.dll
13:43:22.0703 1404 Themes - ok
13:43:22.0750 1404 [ 0FDF294D30CA53391485132854151B26 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
13:43:22.0765 1404 TlntSvr - ok
13:43:22.0781 1404 [ E732F06DA26A6ED57AC63A68DE246F6B ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys
13:43:22.0781 1404 TosIde - ok
13:43:22.0828 1404 [ 483FFCD8E5080198D87EEED44246E6A9 ] TrkWks C:\WINDOWS\system32\trkwks.dll
13:43:22.0828 1404 TrkWks - ok
13:43:22.0875 1404 [ A6DD2DFCC44EC61D18AA645620CD8F63 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
13:43:22.0875 1404 Udfs - ok
13:43:22.0906 1404 [ DE3C294E44468BE08A27C089F4B9B5AA ] uliagpkx C:\WINDOWS\system32\DRIVERS\uliagpkx.sys
13:43:22.0906 1404 uliagpkx - ok
13:43:22.0937 1404 [ 3C1D799058E89CFF843B10E2A0929C38 ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys
13:43:22.0937 1404 ultra - ok
13:43:23.0000 1404 [ 1446762923434D2A9C315325CF4770C8 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
13:43:23.0000 1404 Update - ok
13:43:23.0078 1404 [ 78C605CB6E0CE966D3347FF7CAF3F8AC ] upnphost C:\WINDOWS\System32\upnphost.dll
13:43:23.0078 1404 upnphost - ok
13:43:23.0125 1404 [ 3EC1501AA03CECD66ED093428FBC8B0E ] UPS C:\WINDOWS\System32\ups.exe
13:43:23.0125 1404 UPS - ok
13:43:23.0171 1404 [ 88354BA123549C6B0016592866063837 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
13:43:23.0171 1404 usbaudio - ok
13:43:23.0218 1404 [ 3421B0691A0E365A020836369A296F0C ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
13:43:23.0218 1404 usbccgp - ok
13:43:23.0234 1404 [ AE6521A1C79FC955FF26BE9CA5521B51 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
13:43:23.0234 1404 usbehci - ok
13:43:23.0250 1404 [ D63CB1B59D54F9C2BB8A4107584A664F ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
13:43:23.0250 1404 usbhub - ok
13:43:23.0265 1404 [ 040F6F425A6CC4FB156470502CAFB31B ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
13:43:23.0265 1404 usbprint - ok
13:43:23.0265 1404 [ 280894F834F5B9910DADFF7568F37B31 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
13:43:23.0265 1404 usbscan - ok
13:43:23.0312 1404 [ EDCE8A162E8023FD1751E08E23E41948 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
13:43:23.0312 1404 USBSTOR - ok
13:43:23.0328 1404 [ 4B7B4A2CC997C482A0AA7CA663AF62A0 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
13:43:23.0328 1404 usbuhci - ok
13:43:23.0406 1404 [ 64FF08340D138E99F8E3796853AF7EF4 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
13:43:23.0406 1404 usbvideo - ok
13:43:23.0468 1404 [ B1E327AEA4ECF42DDF7C579B0FB0DE4C ] vds C:\WINDOWS\System32\vds.exe
13:43:23.0515 1404 vds - ok
13:43:23.0562 1404 [ 78EBFE6F11F10DB8237B910E9158CA91 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
13:43:23.0562 1404 VgaSave - ok
13:43:23.0578 1404 [ AF90283616C8138CF610214983772A7A ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
13:43:23.0578 1404 ViaIde - ok
13:43:23.0625 1404 [ FD6D28D1BBF31C719D9C5EC2D20FB5C2 ] VolSnap C:\WINDOWS\system32\DRIVERS\volsnap.sys
13:43:23.0640 1404 VolSnap - ok
13:43:23.0781 1404 [ 0A05DE966B412D6289632AC05FC6ADA2 ] VSS C:\WINDOWS\System32\vssvc.exe
13:43:23.0843 1404 VSS - ok
13:43:23.0921 1404 [ 6FE371026674BAF189F7A81746A67C87 ] W32Time C:\WINDOWS\system32\w32time.dll
13:43:23.0937 1404 W32Time - ok
13:43:24.0000 1404 [ D2A01D73FE4A455C1D741B48C56763B2 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
13:43:24.0000 1404 Wanarp - ok
13:43:24.0000 1404 WDICA - ok
13:43:24.0078 1404 [ DAFF7E89C84079022B9606F83E1BD29A ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
13:43:24.0078 1404 wdmaud - ok
13:43:24.0140 1404 [ FE8590FA0367A29BC7ED7BFC4962AD1C ] WebClient C:\WINDOWS\System32\webclnt.dll
13:43:24.0140 1404 WebClient - ok
13:43:24.0140 1404 WinHttpAutoProxySvc - ok
13:43:24.0265 1404 [ 881271D649E778690A365D73B8958509 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
13:43:24.0281 1404 winmgmt - ok
13:43:24.0390 1404 [ 4D32F7BDBF325792AE28D5380DDF6BCF ] WmdmPmSN C:\WINDOWS\SysWOW64\mspmsnsv.dll
13:43:24.0390 1404 WmdmPmSN - ok
13:43:24.0484 1404 [ B51966DB20D5C700228DFE222FDF9E67 ] Wmi C:\WINDOWS\System32\advapi32.dll
13:43:24.0515 1404 Wmi - ok
13:43:24.0562 1404 [ 56980BE8B5A6861B5D9175EABA8AC7DC ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
13:43:24.0562 1404 WmiApSrv - ok
13:43:24.0687 1404 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files (x86)\Windows Media Player\WMPNetwk.exe
13:43:24.0718 1404 WMPNetworkSvc - ok
13:43:24.0781 1404 [ 82960CE97C1898C28D7AE62BA6721D27 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
13:43:24.0781 1404 wscsvc - ok
13:43:24.0812 1404 [ 478A0C5CC7DC817269654804E495B81A ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
13:43:24.0812 1404 WSTCODEC - ok
13:43:24.0859 1404 [ EF7576AF44B484F7A3E6072D633BAB34 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
13:43:24.0890 1404 wuauserv - ok
13:43:24.0921 1404 [ 3F98A4E57933963CF2A941BB48F9D47A ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
13:43:24.0921 1404 WudfPf - ok
13:43:24.0937 1404 [ 881C0C35CDD09077B0E95EC2269CB44C ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
13:43:24.0953 1404 WudfRd - ok
13:43:24.0968 1404 [ 9DCF6C499773B709DE8F70CD5013CB38 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
13:43:24.0968 1404 WudfSvc - ok
13:43:25.0046 1404 [ F4EC5C736BBA9A27F9C36412C930B386 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
13:43:25.0062 1404 WZCSVC - ok
13:43:25.0109 1404 [ A1ABA5A0B4F1FF9B83C50F92F8C080A2 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
13:43:25.0125 1404 xmlprov - ok
13:43:25.0140 1404 ================ Scan global ===============================
13:43:25.0187 1404 [ 2AE60E46216266CDC9E20886E4CE3281 ] C:\WINDOWS\system32\basesrv.dll
13:43:25.0265 1404 [ 7233204EBC55628D6A160F9829304E2A ] C:\WINDOWS\system32\winsrv.dll
13:43:25.0359 1404 [ 7233204EBC55628D6A160F9829304E2A ] C:\WINDOWS\system32\winsrv.dll
13:43:25.0421 1404 [ 1E07EE3F50DFF2FE9B0A9D196E82698F ] C:\WINDOWS\system32\services.exe
13:43:25.0421 1404 [Global] - ok
13:43:25.0421 1404 ================ Scan MBR ==================================
13:43:25.0453 1404 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
13:43:25.0765 1404 \Device\Harddisk0\DR0 - ok
13:43:25.0765 1404 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR3
13:43:25.0906 1404 \Device\Harddisk1\DR3 - ok
13:43:25.0906 1404 ================ Scan VBR ==================================
13:43:25.0906 1404 [ B98DBF7BC114E68FC292BBED85AB98BC ] \Device\Harddisk0\DR0\Partition1
13:43:25.0906 1404 \Device\Harddisk0\DR0\Partition1 - ok
13:43:25.0906 1404 [ 2D29DA13DAC9A0E8B7AEA4E0ECA60F03 ] \Device\Harddisk1\DR3\Partition1
13:43:25.0921 1404 \Device\Harddisk1\DR3\Partition1 - ok
13:43:25.0921 1404 ============================================================
13:43:25.0921 1404 Scan finished
13:43:25.0921 1404 ============================================================
13:43:25.0921 1388 Detected object count: 0
13:43:25.0921 1388 Actual detected object count: 0






aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-15 13:46:11
-----------------------------
13:46:11.828 OS Version: Windows x64 5.2.3790 Service Pack 2
13:46:11.828 Number of processors: 2 586 0x602
13:46:11.828 ComputerName: DHLSXBB1-B UserName:
13:46:12.234 Initialize success
13:49:01.656 AVAST engine defs: 12101500
13:49:18.046 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
13:49:18.046 Disk 0 Vendor: WDC_WD80 10.0 Size: 76293MB BusType: 3
13:49:18.062 Disk 0 MBR read successfully
13:49:18.062 Disk 0 MBR scan
13:49:18.140 Disk 0 Windows XP default MBR code
13:49:18.140 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 54 MB offset 63
13:49:18.171 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 76230 MB offset 112455
13:49:18.250 Disk 0 scanning C:\WINDOWS\system32\drivers
13:49:28.500 Service scanning
13:49:50.453 Modules scanning
13:49:50.453 Disk 0 trace - called modules:
13:49:50.468 ntoskrnl.exe CLASSPNP.SYS disk.sys iastor.sys hal.dll
13:49:50.468 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffadf9d8e5060]
13:49:50.468 3 CLASSPNP.SYS[fffffadf922e48c9] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0xfffffadf9da33050]
13:49:51.343 AVAST engine scan C:\WINDOWS
13:49:58.640 AVAST engine scan C:\WINDOWS\system32
13:52:52.578 AVAST engine scan C:\WINDOWS\system32\drivers
13:53:08.218 AVAST engine scan C:\Documents and Settings\Administrator
14:04:40.859 AVAST engine scan C:\Documents and Settings\All Users
14:09:27.484 Scan finished successfully
14:10:51.625 Disk 0 MBR has been saved successfully to "F:\MBR.dat"
14:10:51.640 The log file has been saved successfully to "F:\aswMBR.txt"


For ESET, I don't see how to print a log. However, it found no threats.

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:14 AM

Posted 15 October 2012 - 09:42 PM

Install IE 8

http://download.microsoft.com/download/C/C/0/CC0BD555-33DD-411E-936B-73AC6F95AE11/IE8-WindowsXP-x86-ENU.exe

Restart the PC

Can you launch IE 8 now?

What happens when you try to COPY/PASTE?

#15 myDP

myDP
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Colorado, USA
  • Local time:10:14 AM

Posted 16 October 2012 - 06:51 AM

The link in your post was for 32 bit OS; it said it was not compatible with my OS, and it would not install.

I downloaded the 64 bit OS version from MS. A minute or two into the install, I got the message:

"Internet Explorer installation did not complete
Setup could not verify the integrity of the file Update.inf. Make sure the Cryptographic service is running on this computer."

Still no paste functionality.

Edited by myDP, 16 October 2012 - 07:24 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users