Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can only boot in Safe Mode


  • Please log in to reply
16 replies to this topic

#1 Ernie694

Ernie694

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Local time:01:32 PM

Posted 01 January 2013 - 10:38 PM

Hi, laptop was running slow all day, it locked up and when rebooted it would not load windows 7. after several attempts to reboot was finally able to get safe mode to load up. Have run a system restore and it said it completed but on the final stage windows again would not load up so i needed to reboot into safe mode. Any suggestions for what types of scans i should attempt to find the source?

Thanks

BC AdBot (Login to Remove)

 


#2 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:07:32 PM

Posted 04 January 2013 - 12:05 PM

Hi

I will be helping you with your problems. Please be patient while I assist you.

Some points for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do NOT run, install or uninstall any programs, unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.

NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

----------------------------------------------

Please do the following:

:step1:

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
  • Double-click on TDSSKiller.exe on your desktop to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click on change parameters
  • Under Objects to scan, check the boxes next to Verify file digital signatures, Detect TDLFS file system, then click OK.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not an option, Skip instead, do NOT choose Delete or Quarantine unless instructed.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the full contents of that file in your next reply. - If the log is too long, then split it into multiple posts.


:step2:

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the full contents of that document.


:step3:

Please download Farbar Service Scanner and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press Scan.
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the full contents of the log in your next reply.


:step4:

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (Only Problems)
  • List Users, Partitions and Memory size.
  • List Minidump Files
  • List Restore points
NOTE: When using "Reset FF Proxy Settings" option Firefox should be closed.

Click Go and post the full contents of the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#3 Ernie694

Ernie694
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Local time:01:32 PM

Posted 04 January 2013 - 01:48 PM

Hi Dev, Before i do any of the following i want to update you what has happened the last couple days, :) been pretty strange....

While trying a restart repair many any times. i have been able to get the laptop to boot up in windows twice. First time yesterday am. it was just sitting for about 2 hours attempting the restart repair when it worked. (this was not the first time i had let the laptop sit for an extended periosd during the restart repair) I wasnt even sitting at the laptop when it completed so i do know if any messages were popped up, i knew it had worked because from the other room i heard the windows "tune". I did run a full AVG scan nothing found, a mbam scan, 7 itmes found and a super anti spyware scan 155 items found. It seemed to be running ok. when it suddenly shut down. when i tried to restart, again the same problem. would not finish loading windows, could load into safe mode. when i tried a start up repair, and it failed, when i choose the system restore option this time it told me NO system restore points. I know there were 6 listed prior to this as i had tried to restore to the 2 most recent previously.

Today, several attempts again to reboot. and once again it reboots after about 2 hours. Currently I do have the laptop running in regualr windows mode. The one thing i noticed is there is a windows update that is wanting to install and prompting me to reboot. I am not sure how to prevent this update from installing the first time i reboot if i beging doing any of the above processes you listed.

I will await hearing back from you before i begin the steps you listed above.

I have been able back up all my documents while in safe mode. so I am not worried about losing data on this now. :)

Thank you

Laptop has shut itself down, window update attempted to install. only in safemode again. :(

Edited by Ernie694, 04 January 2013 - 02:30 PM.


#4 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:07:32 PM

Posted 04 January 2013 - 08:03 PM

Hi

Ok, I'll like some logs to see more detail about what is going on. Please follow the steps in my previous post first.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#5 Ernie694

Ernie694
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Local time:01:32 PM

Posted 04 January 2013 - 08:30 PM

Hi,

Here are the logs requested.

19:10:24.0661 0684 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
19:10:25.0067 0684 ============================================================
19:10:25.0067 0684 Current date / time: 2013/01/04 19:10:25.0067
19:10:25.0067 0684 SystemInfo:
19:10:25.0067 0684
19:10:25.0067 0684 OS Version: 6.1.7601 ServicePack: 1.0
19:10:25.0067 0684 Product type: Workstation
19:10:25.0067 0684 ComputerName: HOME-HP
19:10:25.0067 0684 UserName: home
19:10:25.0067 0684 Windows directory: C:\Windows
19:10:25.0067 0684 System windows directory: C:\Windows
19:10:25.0067 0684 Running under WOW64
19:10:25.0067 0684 Processor architecture: Intel x64
19:10:25.0067 0684 Number of processors: 2
19:10:25.0067 0684 Page size: 0x1000
19:10:25.0067 0684 Boot type: Safe boot with network
19:10:25.0067 0684 ============================================================
19:10:25.0675 0684 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:10:25.0675 0684 ============================================================
19:10:25.0675 0684 \Device\Harddisk0\DR0:
19:10:25.0675 0684 MBR partitions:
19:10:25.0675 0684 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
19:10:25.0675 0684 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x2386C800
19:10:25.0675 0684 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x238D0800, BlocksNum 0x1B2A000
19:10:25.0675 0684 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x253FA800, BlocksNum 0x33AB0
19:10:25.0675 0684 ============================================================
19:10:25.0722 0684 C: <-> \Device\Harddisk0\DR0\Partition2
19:10:25.0753 0684 D: <-> \Device\Harddisk0\DR0\Partition3
19:10:25.0769 0684 F: <-> \Device\Harddisk0\DR0\Partition4
19:10:25.0769 0684 ============================================================
19:10:25.0769 0684 Initialize success
19:10:25.0769 0684 ============================================================
19:11:47.0263 2000 ============================================================
19:11:47.0263 2000 Scan started
19:11:47.0263 2000 Mode: Manual; SigCheck; TDLFS;
19:11:47.0263 2000 ============================================================
19:11:49.0463 2000 ================ Scan system memory ========================
19:11:49.0463 2000 System memory - ok
19:11:49.0463 2000 ================ Scan services =============================
19:11:49.0572 2000 [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
19:11:49.0635 2000 !SASCORE - ok
19:11:49.0869 2000 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
19:11:49.0931 2000 1394ohci - ok
19:11:49.0993 2000 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:11:50.0009 2000 ACPI - ok
19:11:50.0071 2000 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:11:50.0165 2000 AcpiPmi - ok
19:11:50.0290 2000 [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:11:50.0305 2000 AdobeARMservice - ok
19:11:50.0477 2000 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:11:50.0493 2000 AdobeFlashPlayerUpdateSvc - ok
19:11:50.0555 2000 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
19:11:50.0571 2000 adp94xx - ok
19:11:50.0649 2000 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
19:11:50.0664 2000 adpahci - ok
19:11:50.0727 2000 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
19:11:50.0742 2000 adpu320 - ok
19:11:50.0773 2000 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:11:50.0914 2000 AeLookupSvc - ok
19:11:50.0976 2000 [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
19:11:50.0992 2000 AERTFilters - ok
19:11:51.0070 2000 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
19:11:51.0132 2000 AFD - ok
19:11:51.0195 2000 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:11:51.0210 2000 agp440 - ok
19:11:51.0257 2000 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
19:11:51.0319 2000 ALG - ok
19:11:51.0366 2000 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
19:11:51.0382 2000 aliide - ok
19:11:51.0413 2000 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
19:11:51.0429 2000 amdide - ok
19:11:51.0491 2000 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
19:11:51.0538 2000 AmdK8 - ok
19:11:51.0569 2000 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
19:11:51.0600 2000 AmdPPM - ok
19:11:51.0647 2000 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:11:51.0663 2000 amdsata - ok
19:11:51.0725 2000 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
19:11:51.0741 2000 amdsbs - ok
19:11:51.0756 2000 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:11:51.0772 2000 amdxata - ok
19:11:51.0834 2000 [ 4DE0D5D747A73797C95A97DCCE5018B5 ] androidusb C:\Windows\system32\Drivers\ssadadb.sys
19:11:51.0881 2000 androidusb - ok
19:11:51.0959 2000 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
19:11:52.0021 2000 AppID - ok
19:11:52.0037 2000 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:11:52.0099 2000 AppIDSvc - ok
19:11:52.0146 2000 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
19:11:52.0209 2000 Appinfo - ok
19:11:52.0255 2000 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
19:11:52.0271 2000 arc - ok
19:11:52.0302 2000 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
19:11:52.0318 2000 arcsas - ok
19:11:52.0349 2000 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:11:52.0411 2000 AsyncMac - ok
19:11:52.0458 2000 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
19:11:52.0474 2000 atapi - ok
19:11:52.0536 2000 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:11:52.0599 2000 AudioEndpointBuilder - ok
19:11:52.0614 2000 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
19:11:52.0645 2000 AudioSrv - ok
19:11:52.0848 2000 [ F6A528DE535396C2FB1A4E3C6F00CEC4 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
19:11:53.0035 2000 AVGIDSAgent - ok
19:11:53.0098 2000 [ 1B2E9FCDC26DC7C81D4131430E2DC936 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
19:11:53.0113 2000 AVGIDSDriver - ok
19:11:53.0129 2000 [ 0F293406F64B48D5D2F0D3A1117F3A83 ] AVGIDSFilter C:\Windows\system32\DRIVERS\avgidsfiltera.sys
19:11:53.0129 2000 AVGIDSFilter - ok
19:11:53.0191 2000 [ CFFC3A4A638F462E0561CB368B9A7A3A ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
19:11:53.0207 2000 AVGIDSHA - ok
19:11:53.0254 2000 [ 221FEBAB02D6C97C95558348CC354A85 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
19:11:53.0269 2000 Avgldx64 - ok
19:11:53.0301 2000 [ A6AEC362AAE5E2DDA7445E7690CB0F33 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
19:11:53.0301 2000 Avgmfx64 - ok
19:11:53.0347 2000 [ 645C7F0A0E39758A0024A9B1748273C0 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
19:11:53.0363 2000 Avgrkx64 - ok
19:11:53.0410 2000 [ F8C3C7ED612A41B05C66358FC9786BFD ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
19:11:53.0425 2000 Avgtdia - ok
19:11:53.0441 2000 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
19:11:53.0472 2000 avgwd - ok
19:11:53.0519 2000 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:11:53.0566 2000 AxInstSV - ok
19:11:53.0613 2000 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
19:11:53.0644 2000 b06bdrv - ok
19:11:53.0706 2000 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
19:11:53.0753 2000 b57nd60a - ok
19:11:53.0831 2000 [ 9E84A931DBEE0292E38ED672F6293A99 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
19:11:53.0893 2000 BCM43XX - ok
19:11:53.0925 2000 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
19:11:53.0987 2000 BDESVC - ok
19:11:54.0018 2000 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
19:11:54.0081 2000 Beep - ok
19:11:54.0143 2000 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
19:11:54.0190 2000 BFE - ok
19:11:54.0221 2000 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
19:11:54.0361 2000 BITS - ok
19:11:54.0408 2000 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
19:11:54.0471 2000 blbdrive - ok
19:11:54.0549 2000 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:11:54.0611 2000 bowser - ok
19:11:54.0658 2000 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
19:11:54.0705 2000 BrFiltLo - ok
19:11:54.0736 2000 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
19:11:54.0767 2000 BrFiltUp - ok
19:11:54.0814 2000 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
19:11:54.0861 2000 Browser - ok
19:11:54.0876 2000 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:11:54.0939 2000 Brserid - ok
19:11:54.0970 2000 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:11:55.0001 2000 BrSerWdm - ok
19:11:55.0032 2000 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:11:55.0079 2000 BrUsbMdm - ok
19:11:55.0126 2000 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:11:55.0157 2000 BrUsbSer - ok
19:11:55.0204 2000 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
19:11:55.0235 2000 BTHMODEM - ok
19:11:55.0297 2000 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
19:11:55.0360 2000 bthserv - ok
19:11:55.0407 2000 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:11:55.0500 2000 cdfs - ok
19:11:55.0547 2000 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:11:55.0563 2000 cdrom - ok
19:11:55.0625 2000 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
19:11:55.0687 2000 CertPropSvc - ok
19:11:55.0719 2000 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
19:11:55.0765 2000 circlass - ok
19:11:55.0797 2000 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
19:11:55.0812 2000 CLFS - ok
19:11:55.0875 2000 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:11:55.0906 2000 clr_optimization_v2.0.50727_32 - ok
19:11:55.0984 2000 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:11:55.0999 2000 clr_optimization_v2.0.50727_64 - ok
19:11:56.0062 2000 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:11:56.0171 2000 clr_optimization_v4.0.30319_32 - ok
19:11:56.0249 2000 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:11:56.0265 2000 clr_optimization_v4.0.30319_64 - ok
19:11:56.0311 2000 [ 50F92C943F18B070F166D019DFAB3D9A ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys
19:11:56.0327 2000 clwvd - ok
19:11:56.0374 2000 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
19:11:56.0405 2000 CmBatt - ok
19:11:56.0436 2000 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:11:56.0452 2000 cmdide - ok
19:11:56.0499 2000 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
19:11:56.0514 2000 CNG - ok
19:11:56.0592 2000 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
19:11:56.0592 2000 Compbatt - ok
19:11:56.0623 2000 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
19:11:56.0655 2000 CompositeBus - ok
19:11:56.0686 2000 COMSysApp - ok
19:11:56.0717 2000 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
19:11:56.0733 2000 crcdisk - ok
19:11:56.0811 2000 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:11:56.0873 2000 CryptSvc - ok
19:11:56.0998 2000 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
19:11:57.0029 2000 cvhsvc - ok
19:11:57.0076 2000 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:11:57.0138 2000 DcomLaunch - ok
19:11:57.0201 2000 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
19:11:57.0263 2000 defragsvc - ok
19:11:57.0310 2000 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:11:57.0357 2000 DfsC - ok
19:11:57.0403 2000 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
19:11:57.0466 2000 Dhcp - ok
19:11:57.0481 2000 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
19:11:57.0544 2000 discache - ok
19:11:57.0606 2000 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
19:11:57.0622 2000 Disk - ok
19:11:57.0653 2000 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:11:57.0700 2000 Dnscache - ok
19:11:57.0762 2000 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
19:11:57.0825 2000 dot3svc - ok
19:11:57.0856 2000 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
19:11:57.0918 2000 DPS - ok
19:11:57.0965 2000 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:11:57.0996 2000 drmkaud - ok
19:11:58.0059 2000 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:11:58.0090 2000 DXGKrnl - ok
19:11:58.0137 2000 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
19:11:58.0199 2000 EapHost - ok
19:11:58.0308 2000 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
19:11:58.0371 2000 ebdrv - ok
19:11:58.0386 2000 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
19:11:58.0449 2000 EFS - ok
19:11:58.0527 2000 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:11:58.0589 2000 ehRecvr - ok
19:11:58.0651 2000 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
19:11:58.0698 2000 ehSched - ok
19:11:58.0729 2000 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
19:11:58.0761 2000 elxstor - ok
19:11:58.0792 2000 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:11:58.0823 2000 ErrDev - ok
19:11:58.0885 2000 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
19:11:58.0948 2000 EventSystem - ok
19:11:58.0979 2000 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
19:11:59.0041 2000 exfat - ok
19:11:59.0073 2000 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:11:59.0135 2000 fastfat - ok
19:11:59.0182 2000 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
19:11:59.0244 2000 Fax - ok
19:11:59.0291 2000 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
19:11:59.0338 2000 fdc - ok
19:11:59.0369 2000 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
19:11:59.0431 2000 fdPHost - ok
19:11:59.0463 2000 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
19:11:59.0525 2000 FDResPub - ok
19:11:59.0541 2000 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:11:59.0556 2000 FileInfo - ok
19:11:59.0572 2000 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:11:59.0619 2000 Filetrace - ok
19:11:59.0650 2000 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
19:11:59.0697 2000 flpydisk - ok
19:11:59.0743 2000 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:11:59.0759 2000 FltMgr - ok
19:11:59.0806 2000 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
19:11:59.0884 2000 FontCache - ok
19:11:59.0931 2000 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:11:59.0946 2000 FontCache3.0.0.0 - ok
19:11:59.0962 2000 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:11:59.0977 2000 FsDepends - ok
19:11:59.0993 2000 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:12:00.0009 2000 Fs_Rec - ok
19:12:00.0055 2000 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:12:00.0071 2000 fvevol - ok
19:12:00.0133 2000 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
19:12:00.0149 2000 gagp30kx - ok
19:12:00.0243 2000 [ D154305DE6090E6E84E525F84BB08A06 ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
19:12:00.0258 2000 GameConsoleService - ok
19:12:00.0305 2000 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
19:12:00.0367 2000 gpsvc - ok
19:12:00.0461 2000 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:12:00.0477 2000 gupdate - ok
19:12:00.0539 2000 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:12:00.0555 2000 gupdatem - ok
19:12:00.0679 2000 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
19:12:00.0679 2000 gusvc - ok
19:12:00.0695 2000 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:12:00.0726 2000 hcw85cir - ok
19:12:00.0804 2000 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:12:00.0835 2000 HdAudAddService - ok
19:12:00.0867 2000 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
19:12:00.0898 2000 HDAudBus - ok
19:12:00.0929 2000 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
19:12:00.0945 2000 HidBatt - ok
19:12:00.0976 2000 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
19:12:01.0007 2000 HidBth - ok
19:12:01.0054 2000 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
19:12:01.0101 2000 HidIr - ok
19:12:01.0116 2000 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
19:12:01.0179 2000 hidserv - ok
19:12:01.0225 2000 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:12:01.0241 2000 HidUsb - ok
19:12:01.0272 2000 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:12:01.0319 2000 hkmsvc - ok
19:12:01.0350 2000 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:12:01.0413 2000 HomeGroupListener - ok
19:12:01.0444 2000 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:12:01.0475 2000 HomeGroupProvider - ok
19:12:01.0569 2000 [ BB1FC298BE53AAB1E110F6E786BD8AC5 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
19:12:01.0584 2000 HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - warning
19:12:01.0584 2000 HP Support Assistant Service - detected UnsignedFile.Multi.Generic (1)
19:12:01.0678 2000 [ C930128C8F8FF03D8F8C42B570920D56 ] HP Wireless Assistant Service C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
19:12:01.0693 2000 HP Wireless Assistant Service - ok
19:12:01.0740 2000 [ 3DC11A802353401332D49C3CBFBBE5FC ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
19:12:01.0756 2000 HPClientSvc - ok
19:12:01.0849 2000 [ 9B7EDD3FE7C211C36E921D34D18A3A0A ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
19:12:01.0881 2000 hpqwmiex - ok
19:12:01.0943 2000 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:12:01.0959 2000 HpSAMD - ok
19:12:02.0052 2000 [ 2BEC76BDCD1BC080210325E7B5094834 ] HPWMISVC C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
19:12:02.0052 2000 HPWMISVC - ok
19:12:02.0130 2000 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:12:02.0177 2000 HTTP - ok
19:12:02.0193 2000 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:12:02.0208 2000 hwpolicy - ok
19:12:02.0271 2000 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
19:12:02.0286 2000 i8042prt - ok
19:12:02.0349 2000 [ 2FDAEC4B02729C48C0FD1B0B4695995B ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
19:12:02.0364 2000 iaStor - ok
19:12:02.0505 2000 [ D41861E56E7552C13674D7F147A02464 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
19:12:02.0505 2000 IAStorDataMgrSvc - ok
19:12:02.0567 2000 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:12:02.0583 2000 iaStorV - ok
19:12:02.0723 2000 [ E4693409D06785477A49FB34AFAE1B92 ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
19:12:04.0408 2000 IconMan_R ( UnsignedFile.Multi.Generic ) - warning
19:12:04.0408 2000 IconMan_R - detected UnsignedFile.Multi.Generic (1)
19:12:04.0470 2000 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:12:04.0501 2000 idsvc - ok
19:12:04.0751 2000 [ 677AA5991026A65ADA128C4B59CF2BAD ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
19:12:05.0094 2000 igfx - ok
19:12:05.0157 2000 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
19:12:05.0172 2000 iirsp - ok
19:12:05.0219 2000 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
19:12:05.0281 2000 IKEEXT - ok
19:12:05.0375 2000 [ E395D888EF6D3777134A9E09FF7582C2 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
19:12:05.0469 2000 IntcAzAudAddService - ok
19:12:05.0500 2000 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
19:12:05.0500 2000 intelide - ok
19:12:05.0547 2000 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:12:05.0562 2000 intelppm - ok
19:12:05.0609 2000 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:12:05.0656 2000 IPBusEnum - ok
19:12:05.0671 2000 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:12:05.0734 2000 IpFilterDriver - ok
19:12:05.0781 2000 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:12:05.0812 2000 iphlpsvc - ok
19:12:05.0843 2000 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:12:05.0859 2000 IPMIDRV - ok
19:12:05.0859 2000 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:12:05.0921 2000 IPNAT - ok
19:12:05.0983 2000 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:12:06.0015 2000 IRENUM - ok
19:12:06.0030 2000 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:12:06.0046 2000 isapnp - ok
19:12:06.0061 2000 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
19:12:06.0077 2000 iScsiPrt - ok
19:12:06.0124 2000 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
19:12:06.0139 2000 kbdclass - ok
19:12:06.0202 2000 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
19:12:06.0233 2000 kbdhid - ok
19:12:06.0264 2000 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
19:12:06.0264 2000 KeyIso - ok
19:12:06.0311 2000 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:12:06.0327 2000 KSecDD - ok
19:12:06.0342 2000 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:12:06.0358 2000 KSecPkg - ok
19:12:06.0405 2000 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
19:12:06.0451 2000 ksthunk - ok
19:12:06.0498 2000 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
19:12:06.0561 2000 KtmRm - ok
19:12:06.0623 2000 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
19:12:06.0670 2000 LanmanServer - ok
19:12:06.0701 2000 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:12:06.0748 2000 LanmanWorkstation - ok
19:12:06.0810 2000 [ 61323B88EFE90F6B144A3611B3ED1D7D ] Lavasoft Ad-Aware Service C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
19:12:06.0873 2000 Lavasoft Ad-Aware Service ( UnsignedFile.Multi.Generic ) - warning
19:12:06.0873 2000 Lavasoft Ad-Aware Service - detected UnsignedFile.Multi.Generic (1)
19:12:06.0935 2000 [ 9A7FA6371F68335FD3C3D6488BC5A9F8 ] Lavasoft Kernexplorer C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys
19:12:06.0951 2000 Lavasoft Kernexplorer - ok
19:12:06.0982 2000 [ C8B3131857931AE76798A741CC52B021 ] Lbd C:\Windows\system32\DRIVERS\Lbd.sys
19:12:06.0997 2000 Lbd - ok
19:12:07.0044 2000 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:12:07.0107 2000 lltdio - ok
19:12:07.0138 2000 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:12:07.0200 2000 lltdsvc - ok
19:12:07.0247 2000 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:12:07.0294 2000 lmhosts - ok
19:12:07.0341 2000 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
19:12:07.0356 2000 LSI_FC - ok
19:12:07.0387 2000 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
19:12:07.0403 2000 LSI_SAS - ok
19:12:07.0419 2000 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
19:12:07.0434 2000 LSI_SAS2 - ok
19:12:07.0450 2000 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
19:12:07.0465 2000 LSI_SCSI - ok
19:12:07.0512 2000 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
19:12:07.0575 2000 luafv - ok
19:12:07.0621 2000 [ 0C85B2B6FB74B36A251792D45E0EF860 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
19:12:07.0637 2000 LVRS64 - ok
19:12:07.0809 2000 [ FF3A488924B0032B1A9CA6948C1FA9E8 ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
19:12:07.0965 2000 LVUVC64 - ok
19:12:08.0043 2000 [ 31C6AFFFAD7C733A65F888929548BC22 ] mbamchameleon C:\Windows\system32\drivers\mbamchameleon.sys
19:12:08.0043 2000 mbamchameleon - ok
19:12:08.0058 2000 mbamswissarmy - ok
19:12:08.0074 2000 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:12:08.0089 2000 Mcx2Svc - ok
19:12:08.0121 2000 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
19:12:08.0136 2000 megasas - ok
19:12:08.0183 2000 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
19:12:08.0199 2000 MegaSR - ok
19:12:08.0261 2000 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
19:12:08.0323 2000 MMCSS - ok
19:12:08.0355 2000 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
19:12:08.0386 2000 Modem - ok
19:12:08.0433 2000 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:12:08.0464 2000 monitor - ok
19:12:08.0495 2000 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:12:08.0511 2000 mouclass - ok
19:12:08.0557 2000 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:12:08.0589 2000 mouhid - ok
19:12:08.0635 2000 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:12:08.0651 2000 mountmgr - ok
19:12:08.0667 2000 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
19:12:08.0682 2000 mpio - ok
19:12:08.0713 2000 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:12:08.0760 2000 mpsdrv - ok
19:12:08.0823 2000 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:12:08.0885 2000 MpsSvc - ok
19:12:08.0916 2000 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:12:08.0947 2000 MRxDAV - ok
19:12:08.0994 2000 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:12:09.0041 2000 mrxsmb - ok
19:12:09.0057 2000 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:12:09.0103 2000 mrxsmb10 - ok
19:12:09.0135 2000 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:12:09.0181 2000 mrxsmb20 - ok
19:12:09.0213 2000 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
19:12:09.0228 2000 msahci - ok
19:12:09.0244 2000 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:12:09.0259 2000 msdsm - ok
19:12:09.0275 2000 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
19:12:09.0291 2000 MSDTC - ok
19:12:09.0322 2000 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:12:09.0353 2000 Msfs - ok
19:12:09.0369 2000 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:12:09.0415 2000 mshidkmdf - ok
19:12:09.0447 2000 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:12:09.0447 2000 msisadrv - ok
19:12:09.0509 2000 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:12:09.0571 2000 MSiSCSI - ok
19:12:09.0571 2000 msiserver - ok
19:12:09.0618 2000 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:12:09.0665 2000 MSKSSRV - ok
19:12:09.0696 2000 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:12:09.0759 2000 MSPCLOCK - ok
19:12:09.0759 2000 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:12:09.0805 2000 MSPQM - ok
19:12:09.0837 2000 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:12:09.0852 2000 MsRPC - ok
19:12:09.0883 2000 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
19:12:09.0899 2000 mssmbios - ok
19:12:09.0946 2000 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:12:09.0977 2000 MSTEE - ok
19:12:10.0008 2000 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
19:12:10.0039 2000 MTConfig - ok
19:12:10.0071 2000 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
19:12:10.0086 2000 Mup - ok
19:12:10.0117 2000 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
19:12:10.0180 2000 napagent - ok
19:12:10.0242 2000 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:12:10.0273 2000 NativeWifiP - ok
19:12:10.0351 2000 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:12:10.0383 2000 NDIS - ok
19:12:10.0429 2000 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:12:10.0492 2000 NdisCap - ok
19:12:10.0523 2000 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:12:10.0585 2000 NdisTapi - ok
19:12:10.0617 2000 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:12:10.0679 2000 Ndisuio - ok
19:12:10.0695 2000 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:12:10.0757 2000 NdisWan - ok
19:12:10.0773 2000 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:12:10.0819 2000 NDProxy - ok
19:12:10.0866 2000 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:12:10.0929 2000 NetBIOS - ok
19:12:10.0960 2000 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:12:11.0022 2000 NetBT - ok
19:12:11.0053 2000 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
19:12:11.0053 2000 Netlogon - ok
19:12:11.0116 2000 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
19:12:11.0178 2000 Netman - ok
19:12:11.0209 2000 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
19:12:11.0272 2000 netprofm - ok
19:12:11.0303 2000 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:12:11.0319 2000 NetTcpPortSharing - ok
19:12:11.0365 2000 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
19:12:11.0381 2000 nfrd960 - ok
19:12:11.0443 2000 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:12:11.0459 2000 NlaSvc - ok
19:12:11.0490 2000 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:12:11.0521 2000 Npfs - ok
19:12:11.0553 2000 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
19:12:11.0599 2000 nsi - ok
19:12:11.0631 2000 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:12:11.0662 2000 nsiproxy - ok
19:12:11.0724 2000 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:12:11.0771 2000 Ntfs - ok
19:12:11.0802 2000 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
19:12:11.0849 2000 Null - ok
19:12:11.0896 2000 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
19:12:11.0911 2000 NVENETFD - ok
19:12:11.0943 2000 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:12:11.0958 2000 nvraid - ok
19:12:11.0974 2000 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:12:12.0021 2000 nvstor - ok
19:12:12.0114 2000 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:12:12.0130 2000 nv_agp - ok
19:12:12.0145 2000 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:12:12.0161 2000 ohci1394 - ok
19:12:12.0223 2000 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:12:12.0239 2000 ose - ok
19:12:12.0411 2000 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:12:12.0598 2000 osppsvc - ok
19:12:12.0645 2000 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:12:12.0691 2000 p2pimsvc - ok
19:12:12.0723 2000 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
19:12:12.0754 2000 p2psvc - ok
19:12:12.0769 2000 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
19:12:12.0785 2000 Parport - ok
19:12:12.0816 2000 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:12:12.0816 2000 partmgr - ok
19:12:12.0847 2000 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
19:12:12.0894 2000 PcaSvc - ok
19:12:12.0925 2000 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
19:12:12.0941 2000 pci - ok
19:12:12.0972 2000 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
19:12:12.0972 2000 pciide - ok
19:12:13.0003 2000 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
19:12:13.0019 2000 pcmcia - ok
19:12:13.0050 2000 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
19:12:13.0066 2000 pcw - ok
19:12:13.0097 2000 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:12:13.0159 2000 PEAUTH - ok
19:12:13.0222 2000 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
19:12:13.0300 2000 PerfHost - ok
19:12:13.0378 2000 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
19:12:13.0456 2000 pla - ok
19:12:13.0518 2000 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:12:13.0581 2000 PlugPlay - ok
19:12:13.0596 2000 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:12:13.0627 2000 PNRPAutoReg - ok
19:12:13.0659 2000 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:12:13.0674 2000 PNRPsvc - ok
19:12:13.0705 2000 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:12:13.0752 2000 PolicyAgent - ok
19:12:13.0768 2000 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
19:12:13.0830 2000 Power - ok
19:12:13.0877 2000 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:12:13.0908 2000 PptpMiniport - ok
19:12:13.0924 2000 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
19:12:13.0955 2000 Processor - ok
19:12:14.0002 2000 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
19:12:14.0049 2000 ProfSvc - ok
19:12:14.0064 2000 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:12:14.0080 2000 ProtectedStorage - ok
19:12:14.0142 2000 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:12:14.0173 2000 Psched - ok
19:12:14.0236 2000 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
19:12:14.0283 2000 ql2300 - ok
19:12:14.0314 2000 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
19:12:14.0329 2000 ql40xx - ok
19:12:14.0345 2000 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
19:12:14.0376 2000 QWAVE - ok
19:12:14.0407 2000 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:12:14.0439 2000 QWAVEdrv - ok
19:12:14.0454 2000 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:12:14.0517 2000 RasAcd - ok
19:12:14.0563 2000 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:12:14.0595 2000 RasAgileVpn - ok
19:12:14.0610 2000 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
19:12:14.0657 2000 RasAuto - ok
19:12:14.0719 2000 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:12:14.0751 2000 Rasl2tp - ok
19:12:14.0782 2000 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
19:12:14.0813 2000 RasMan - ok
19:12:14.0860 2000 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:12:14.0891 2000 RasPppoe - ok
19:12:14.0922 2000 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:12:14.0969 2000 RasSstp - ok
19:12:15.0016 2000 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:12:15.0063 2000 rdbss - ok
19:12:15.0078 2000 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
19:12:15.0109 2000 rdpbus - ok
19:12:15.0141 2000 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:12:15.0187 2000 RDPCDD - ok
19:12:15.0234 2000 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:12:15.0297 2000 RDPENCDD - ok
19:12:15.0328 2000 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:12:15.0375 2000 RDPREFMP - ok
19:12:15.0421 2000 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:12:15.0468 2000 RDPWD - ok
19:12:15.0484 2000 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:12:15.0499 2000 rdyboost - ok
19:12:15.0531 2000 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:12:15.0577 2000 RemoteAccess - ok
19:12:15.0609 2000 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:12:15.0640 2000 RemoteRegistry - ok
19:12:15.0687 2000 [ 085D18C71AB2611A3D61528132B6501E ] RoxioNow Service C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
19:12:15.0702 2000 RoxioNow Service - ok
19:12:15.0765 2000 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:12:15.0827 2000 RpcEptMapper - ok
19:12:15.0858 2000 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
19:12:15.0874 2000 RpcLocator - ok
19:12:15.0905 2000 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
19:12:15.0952 2000 RpcSs - ok
19:12:15.0999 2000 [ 546D7F426776090B90EF5F195B6AE662 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
19:12:16.0014 2000 RSPCIESTOR - ok
19:12:16.0077 2000 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:12:16.0123 2000 rspndr - ok
19:12:16.0170 2000 [ 3372196F61AF48503656EF6AA3E92D1B ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
19:12:16.0186 2000 RTL8167 - ok
19:12:16.0233 2000 [ 177963A6EEBAA9EF3B56A2DBE9D5D0FC ] RTL8192Ce C:\Windows\system32\DRIVERS\rtl8192Ce.sys
19:12:16.0264 2000 RTL8192Ce - ok
19:12:16.0279 2000 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
19:12:16.0295 2000 SamSs - ok
19:12:16.0326 2000 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
19:12:16.0342 2000 SASDIFSV - ok
19:12:16.0357 2000 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
19:12:16.0373 2000 SASKUTIL - ok
19:12:16.0404 2000 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:12:16.0420 2000 sbp2port - ok
19:12:16.0451 2000 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:12:16.0513 2000 SCardSvr - ok
19:12:16.0545 2000 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:12:16.0576 2000 scfilter - ok
19:12:16.0638 2000 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
19:12:16.0685 2000 Schedule - ok
19:12:16.0701 2000 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
19:12:16.0732 2000 SCPolicySvc - ok
19:12:16.0794 2000 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
19:12:16.0841 2000 sdbus - ok
19:12:16.0872 2000 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:12:16.0919 2000 SDRSVC - ok
19:12:16.0966 2000 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:12:17.0013 2000 secdrv - ok
19:12:17.0013 2000 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
19:12:17.0075 2000 seclogon - ok
19:12:17.0122 2000 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
19:12:17.0184 2000 SENS - ok
19:12:17.0231 2000 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:12:17.0278 2000 SensrSvc - ok
19:12:17.0325 2000 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
19:12:17.0356 2000 Serenum - ok
19:12:17.0387 2000 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
19:12:17.0403 2000 Serial - ok
19:12:17.0434 2000 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
19:12:17.0465 2000 sermouse - ok
19:12:17.0512 2000 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
19:12:17.0574 2000 SessionEnv - ok
19:12:17.0605 2000 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:12:17.0637 2000 sffdisk - ok
19:12:17.0668 2000 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:12:17.0683 2000 sffp_mmc - ok
19:12:17.0715 2000 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:12:17.0730 2000 sffp_sd - ok
19:12:17.0746 2000 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
19:12:17.0761 2000 sfloppy - ok
19:12:17.0824 2000 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
19:12:17.0839 2000 Sftfs - ok
19:12:17.0902 2000 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
19:12:17.0949 2000 sftlist - ok
19:12:17.0995 2000 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
19:12:18.0011 2000 Sftplay - ok
19:12:18.0011 2000 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
19:12:18.0027 2000 Sftredir - ok
19:12:18.0058 2000 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
19:12:18.0073 2000 Sftvol - ok
19:12:18.0120 2000 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
19:12:18.0136 2000 sftvsa - ok
19:12:18.0214 2000 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:12:18.0276 2000 SharedAccess - ok
19:12:18.0323 2000 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:12:18.0385 2000 ShellHWDetection - ok
19:12:18.0417 2000 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
19:12:18.0432 2000 SiSRaid2 - ok
19:12:18.0463 2000 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
19:12:18.0479 2000 SiSRaid4 - ok
19:12:18.0526 2000 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:12:18.0588 2000 Smb - ok
19:12:18.0651 2000 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:12:18.0682 2000 SNMPTRAP - ok
19:12:18.0729 2000 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
19:12:18.0729 2000 spldr - ok
19:12:18.0791 2000 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
19:12:18.0853 2000 Spooler - ok
19:12:18.0947 2000 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
19:12:19.0072 2000 sppsvc - ok
19:12:19.0087 2000 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:12:19.0119 2000 sppuinotify - ok
19:12:19.0150 2000 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
19:12:19.0212 2000 srv - ok
19:12:19.0243 2000 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:12:19.0275 2000 srv2 - ok
19:12:19.0321 2000 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
19:12:19.0353 2000 SrvHsfHDA - ok
19:12:19.0415 2000 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
19:12:19.0462 2000 SrvHsfV92 - ok
19:12:19.0477 2000 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
19:12:19.0524 2000 SrvHsfWinac - ok
19:12:19.0571 2000 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:12:19.0602 2000 srvnet - ok
19:12:19.0665 2000 [ 8F8324ED1DE63FFC7B1A02CD2D963C72 ] ssadbus C:\Windows\system32\DRIVERS\ssadbus.sys
19:12:19.0680 2000 ssadbus - ok
19:12:19.0696 2000 [ 58221EFCB74167B73667F0024C661CE0 ] ssadmdfl C:\Windows\system32\DRIVERS\ssadmdfl.sys
19:12:19.0758 2000 ssadmdfl - ok
19:12:19.0805 2000 [ 4DA7C71BFAC5AD71255B7E4CAB980163 ] ssadmdm C:\Windows\system32\DRIVERS\ssadmdm.sys
19:12:19.0836 2000 ssadmdm - ok
19:12:19.0883 2000 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:12:19.0961 2000 SSDPSRV - ok
19:12:19.0977 2000 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:12:20.0039 2000 SstpSvc - ok
19:12:20.0070 2000 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
19:12:20.0070 2000 stexstor - ok
19:12:20.0148 2000 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
19:12:20.0195 2000 stisvc - ok
19:12:20.0226 2000 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
19:12:20.0242 2000 swenum - ok
19:12:20.0273 2000 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
19:12:20.0320 2000 swprv - ok
19:12:20.0413 2000 [ C447977ED2A4AE9346FE3A0579A34D7C ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
19:12:20.0445 2000 SynTP - ok
19:12:20.0507 2000 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
19:12:20.0569 2000 SysMain - ok
19:12:20.0616 2000 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:12:20.0632 2000 TabletInputService - ok
19:12:20.0663 2000 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
19:12:20.0725 2000 TapiSrv - ok
19:12:20.0757 2000 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
19:12:20.0819 2000 TBS - ok
19:12:20.0897 2000 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:12:20.0959 2000 Tcpip - ok
19:12:21.0037 2000 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:12:21.0084 2000 TCPIP6 - ok
19:12:21.0131 2000 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:12:21.0147 2000 tcpipreg - ok
19:12:21.0162 2000 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:12:21.0225 2000 TDPIPE - ok
19:12:21.0271 2000 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:12:21.0303 2000 TDTCP - ok
19:12:21.0365 2000 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:12:21.0396 2000 tdx - ok
19:12:21.0412 2000 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
19:12:21.0427 2000 TermDD - ok
19:12:21.0459 2000 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
19:12:21.0505 2000 TermService - ok
19:12:21.0521 2000 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
19:12:21.0552 2000 Themes - ok
19:12:21.0583 2000 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
19:12:21.0630 2000 THREADORDER - ok
19:12:21.0677 2000 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
19:12:21.0724 2000 TrkWks - ok
19:12:21.0771 2000 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:12:21.0833 2000 TrustedInstaller - ok
19:12:21.0864 2000 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:12:21.0911 2000 tssecsrv - ok
19:12:21.0958 2000 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:12:21.0989 2000 TsUsbFlt - ok
19:12:22.0005 2000 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
19:12:22.0036 2000 TsUsbGD - ok
19:12:22.0083 2000 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:12:22.0114 2000 tunnel - ok
19:12:22.0145 2000 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
19:12:22.0161 2000 uagp35 - ok
19:12:22.0207 2000 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:12:22.0270 2000 udfs - ok
19:12:22.0301 2000 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:12:22.0348 2000 UI0Detect - ok
19:12:22.0379 2000 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:12:22.0395 2000 uliagpkx - ok
19:12:22.0441 2000 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
19:12:22.0473 2000 umbus - ok
19:12:22.0504 2000 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
19:12:22.0535 2000 UmPass - ok
19:12:22.0597 2000 [ 67A95B9D129ED5399E7965CD09CF30E7 ] UMVPFSrv C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
19:12:22.0613 2000 UMVPFSrv - ok
19:12:22.0644 2000 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
19:12:22.0707 2000 upnphost - ok
19:12:22.0753 2000 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
19:12:22.0769 2000 usbaudio - ok
19:12:22.0785 2000 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:12:22.0816 2000 usbccgp - ok
19:12:22.0863 2000 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:12:22.0878 2000 usbcir - ok
19:12:22.0909 2000 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
19:12:22.0941 2000 usbehci - ok
19:12:22.0987 2000 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:12:23.0034 2000 usbhub - ok
19:12:23.0081 2000 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
19:12:23.0112 2000 usbohci - ok
19:12:23.0143 2000 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:12:23.0159 2000 usbprint - ok
19:12:23.0221 2000 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
19:12:23.0237 2000 usbscan - ok
19:12:23.0268 2000 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:12:23.0331 2000 USBSTOR - ok
19:12:23.0346 2000 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
19:12:23.0346 2000 usbuhci - ok
19:12:23.0409 2000 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
19:12:23.0440 2000 usbvideo - ok
19:12:23.0471 2000 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
19:12:23.0533 2000 UxSms - ok
19:12:23.0565 2000 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
19:12:23.0580 2000 VaultSvc - ok
19:12:23.0596 2000 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:12:23.0611 2000 vdrvroot - ok
19:12:23.0658 2000 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
19:12:23.0705 2000 vds - ok
19:12:23.0767 2000 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:12:23.0783 2000 vga - ok
19:12:23.0814 2000 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
19:12:23.0861 2000 VgaSave - ok
19:12:23.0908 2000 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
19:12:23.0923 2000 vhdmp - ok
19:12:23.0955 2000 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
19:12:23.0955 2000 viaide - ok
19:12:23.0986 2000 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:12:24.0001 2000 volmgr - ok
19:12:24.0033 2000 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:12:24.0048 2000 volmgrx - ok
19:12:24.0079 2000 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:12:24.0111 2000 volsnap - ok
19:12:24.0142 2000 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
19:12:24.0157 2000 vsmraid - ok
19:12:24.0220 2000 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
19:12:24.0298 2000 VSS - ok
19:12:24.0329 2000 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
19:12:24.0360 2000 vwifibus - ok
19:12:24.0407 2000 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
19:12:24.0438 2000 vwififlt - ok
19:12:24.0485 2000 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
19:12:24.0501 2000 vwifimp - ok
19:12:24.0532 2000 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
19:12:24.0579 2000 W32Time - ok
19:12:24.0625 2000 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
19:12:24.0657 2000 WacomPen - ok
19:12:24.0703 2000 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:12:24.0735 2000 WANARP - ok
19:12:24.0735 2000 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:12:24.0781 2000 Wanarpv6 - ok
19:12:24.0828 2000 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
19:12:24.0875 2000 WatAdminSvc - ok
19:12:24.0922 2000 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
19:12:24.0969 2000 wbengine - ok
19:12:25.0000 2000 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:12:25.0031 2000 WbioSrvc - ok
19:12:25.0078 2000 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:12:25.0125 2000 wcncsvc - ok
19:12:25.0156 2000 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:12:25.0203 2000 WcsPlugInService - ok
19:12:25.0218 2000 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
19:12:25.0234 2000 Wd - ok
19:12:25.0281 2000 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:12:25.0312 2000 Wdf01000 - ok
19:12:25.0327 2000 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:12:25.0421 2000 WdiServiceHost - ok
19:12:25.0421 2000 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:12:25.0452 2000 WdiSystemHost - ok
19:12:25.0483 2000 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
19:12:25.0499 2000 WebClient - ok
19:12:25.0515 2000 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:12:25.0593 2000 Wecsvc - ok
19:12:25.0624 2000 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:12:25.0686 2000 wercplsupport - ok
19:12:25.0717 2000 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
19:12:25.0749 2000 WerSvc - ok
19:12:25.0795 2000 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:12:25.0842 2000 WfpLwf - ok
19:12:25.0842 2000 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:12:25.0858 2000 WIMMount - ok
19:12:25.0873 2000 WinDefend - ok
19:12:25.0889 2000 WinHttpAutoProxySvc - ok
19:12:25.0951 2000 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:12:25.0983 2000 Winmgmt - ok
19:12:26.0045 2000 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
19:12:26.0123 2000 WinRM - ok
19:12:26.0201 2000 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
19:12:26.0248 2000 Wlansvc - ok
19:12:26.0310 2000 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
19:12:26.0326 2000 wlcrasvc - ok
19:12:26.0435 2000 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:12:26.0482 2000 wlidsvc - ok
19:12:26.0544 2000 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
19:12:26.0575 2000 WmiAcpi - ok
19:12:26.0607 2000 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:12:26.0653 2000 wmiApSrv - ok
19:12:26.0700 2000 WMPNetworkSvc - ok
19:12:26.0716 2000 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:12:26.0747 2000 WPCSvc - ok
19:12:26.0763 2000 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:12:26.0794 2000 WPDBusEnum - ok
19:12:26.0825 2000 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:12:26.0872 2000 ws2ifsl - ok
19:12:26.0919 2000 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
19:12:26.0965 2000 wscsvc - ok
19:12:26.0965 2000 WSearch - ok
19:12:27.0059 2000 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
19:12:27.0121 2000 wuauserv - ok
19:12:27.0153 2000 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:12:27.0184 2000 WudfPf - ok
19:12:27.0246 2000 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:12:27.0262 2000 WUDFRd - ok
19:12:27.0277 2000 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:12:27.0324 2000 wudfsvc - ok
19:12:27.0355 2000 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
19:12:27.0402 2000 WwanSvc - ok
19:12:27.0480 2000 [ C6B289A70A2D36242A2CCAA2715E1747 ] X5XSEx_Pr143 C:\Program Files (x86)\Free Ride Games\X5XSEx_Pr143.Sys
19:12:27.0496 2000 X5XSEx_Pr143 - ok
19:12:27.0543 2000 ================ Scan global ===============================
19:12:27.0574 2000 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
19:12:27.0621 2000 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
19:12:27.0621 2000 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
19:12:27.0667 2000 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
19:12:27.0699 2000 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
19:12:27.0699 2000 [Global] - ok
19:12:27.0699 2000 ================ Scan MBR ==================================
19:12:27.0714 2000 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:12:27.0979 2000 \Device\Harddisk0\DR0 - ok
19:12:27.0979 2000 ================ Scan VBR ==================================
19:12:27.0979 2000 [ F971CFE94CDE7922BADA32729A2D4454 ] \Device\Harddisk0\DR0\Partition1
19:12:27.0979 2000 \Device\Harddisk0\DR0\Partition1 - ok
19:12:27.0995 2000 [ 209C31F802055ABE95109F1DB49143DC ] \Device\Harddisk0\DR0\Partition2
19:12:27.0995 2000 \Device\Harddisk0\DR0\Partition2 - ok
19:12:28.0026 2000 [ 968D38C7F5B7CBB80439C7FF791EE56C ] \Device\Harddisk0\DR0\Partition3
19:12:28.0026 2000 \Device\Harddisk0\DR0\Partition3 - ok
19:12:28.0042 2000 [ 84FFCEC1763703C64EA0DEC4E52DBF85 ] \Device\Harddisk0\DR0\Partition4
19:12:28.0042 2000 \Device\Harddisk0\DR0\Partition4 - ok
19:12:28.0042 2000 ============================================================
19:12:28.0042 2000 Scan finished
19:12:28.0042 2000 ============================================================
19:12:28.0057 1476 Detected object count: 3
19:12:28.0057 1476 Actual detected object count: 3
19:14:17.0289 1476 HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - skipped by user
19:14:17.0289 1476 HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:14:17.0289 1476 IconMan_R ( UnsignedFile.Multi.Generic ) - skipped by user
19:14:17.0289 1476 IconMan_R ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:14:17.0304 1476 Lavasoft Ad-Aware Service ( UnsignedFile.Multi.Generic ) - skipped by user
19:14:17.0304 1476 Lavasoft Ad-Aware Service ( UnsignedFile.Multi.Generic ) - User select action: Skip

Results of screen317's Security Check version 0.99.56
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Security Center service is not running! This report may not be accurate!
Windows Firewall Enabled!
Lavasoft Ad-Watch Live! Anti-Virus
AVG Anti-Virus Free Edition 2012
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Ad-Aware
Malwarebytes Anti-Malware version 1.70.0.1100
Java™ 6 Update 37
Java version out of Date!
Adobe Reader 10.1.2 Adobe Reader out of Date!
Google Chrome 21.0.1180.83
Google Chrome 21.0.1180.89
Google Chrome 22.0.1229.79
Google Chrome 22.0.1229.92
Google Chrome 22.0.1229.94
Google Chrome 23.0.1271.64
Google Chrome 23.0.1271.91
Google Chrome 23.0.1271.95
Google Chrome 23.0.1271.97
````````Process Check: objlist.exe by Laurent````````
Ad-Aware AAWService.exe
Ad-Aware AAWTray.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````


Farbar Service Scanner Version: 23-12-2012
Ran by home (administrator) on 04-01-2013 at 19:22:55
Running from "C:\Users\home\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Network
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============
SDRSVC Service is not running. Checking service configuration:
The start type of SDRSVC service is OK.
The ImagePath of SDRSVC service is OK.
The ServiceDll of SDRSVC service is OK.

VSS Service is not running. Checking service configuration:
The start type of VSS service is OK.
The ImagePath of VSS service is OK.


System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.

BITS Service is not running. Checking service configuration:
The start type of BITS service is OK.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.

EventSystem Service is not running. Checking service configuration:
The start type of EventSystem service is OK.
The ImagePath of EventSystem service is OK.
The ServiceDll of EventSystem service is OK.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

MiniToolBox by Farbar Version: 25-11-2012
Ran by home (administrator) on 04-01-2013 at 19:25:21
Running from "C:\Users\home\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Network
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek RTL8188CE 802.11b/g/n WiFi Adapter = Wireless Network Connection (Connected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : home-HP
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : hsd1.il.comcast.net.

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : D0-DF-9A-25-37-81
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : coxhn.net
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : 2C-27-D7-0C-38-64
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : hsd1.il.comcast.net.
Description . . . . . . . . . . . : Realtek RTL8188CE 802.11b/g/n WiFi Adapter
Physical Address. . . . . . . . . : D0-DF-9A-25-37-81
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::8c32:3c04:878d:ec12%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.108(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Friday, January 04, 2013 4:04:04 PM
Lease Expires . . . . . . . . . . : Saturday, January 05, 2013 4:04:04 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 248569754
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-A9-52-47-D0-DF-9A-25-37-81
DNS Servers . . . . . . . . . . . : 75.75.75.75
75.75.76.76
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter 6TO4 Adapter:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: cdns01.comcast.net
Address: 75.75.75.75

Name: google.com
Addresses: 2607:f8b0:4009:801::1003
74.125.225.72
74.125.225.65
74.125.225.71
74.125.225.64
74.125.225.73
74.125.225.67
74.125.225.66
74.125.225.69
74.125.225.78
74.125.225.70
74.125.225.68


Pinging google.com [74.125.225.66] with 32 bytes of data:
Reply from 74.125.225.66: bytes=32 time=18ms TTL=53
Reply from 74.125.225.66: bytes=32 time=16ms TTL=53

Ping statistics for 74.125.225.66:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 16ms, Maximum = 18ms, Average = 17ms
Server: cdns01.comcast.net
Address: 75.75.75.75

DNS request timed out.
timeout was 2 seconds.
Name: yahoo.com
Addresses: 98.139.183.24
72.30.38.140
98.138.253.109


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=86ms TTL=47
Reply from 98.139.183.24: bytes=32 time=125ms TTL=49

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 86ms, Maximum = 125ms, Average = 105ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
15...d0 df 9a 25 37 81 ......Microsoft Virtual WiFi Miniport Adapter
12...2c 27 d7 0c 38 64 ......Realtek PCIe FE Family Controller
11...d0 df 9a 25 37 81 ......Realtek RTL8188CE 802.11b/g/n WiFi Adapter
1...........................Software Loopback Interface 1
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
14...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.108 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.108 281
192.168.1.108 255.255.255.255 On-link 192.168.1.108 281
192.168.1.255 255.255.255.255 On-link 192.168.1.108 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.108 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.108 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
11 281 fe80::/64 On-link
11 281 fe80::8c32:3c04:878d:ec12/128
On-link
1 306 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/04/2013 04:03:43 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/04/2013 01:39:36 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/04/2013 01:22:33 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/04/2013 00:26:37 PM) (Source: CVHSVC) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

Error: (01/04/2013 00:26:37 PM) (Source: CVHSVC) (User: )
Description: Information only.
(Patch task for {90140011-0062-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

Error: (01/04/2013 00:15:14 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/04/2013 09:56:32 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/04/2013 09:46:40 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/04/2013 07:34:21 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/03/2013 06:58:39 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (01/04/2013 07:24:16 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (01/04/2013 07:24:16 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (01/04/2013 07:24:16 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (01/04/2013 07:23:34 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (01/04/2013 07:23:34 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (01/04/2013 07:23:34 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (01/04/2013 07:22:16 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (01/04/2013 07:22:16 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (01/04/2013 07:22:16 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (01/04/2013 07:18:57 PM) (Source: DCOM) (User: )
Description: 1084defragsvc{D20A3293-3341-4AE8-9AAF-8E397CB63C34}


Microsoft Office Sessions:
=========================
Error: (01/04/2013 04:03:43 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/04/2013 01:39:36 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/04/2013 01:22:33 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/04/2013 00:26:37 PM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

Error: (01/04/2013 00:26:37 PM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0062-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

Error: (01/04/2013 00:15:14 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/04/2013 09:56:32 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/04/2013 09:46:40 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/04/2013 07:34:21 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/03/2013 06:58:39 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


=========================== Installed Programs ============================

Ad-Aware (Version: 9.0.7)
Adobe AIR (Version: 3.2.0.2070)
Adobe Flash Player 11 ActiveX (Version: 11.5.502.135)
Adobe Reader X (10.1.2) MUI (Version: 10.1.2)
Adobe Shockwave Player 11.5 (Version: 11.5.8.612)
Agatha Christie - Peril at End House (Version: 2.2.0.95)
Ares 2.1.7 (Version: 2.1.7-Build#3041)
Ask Toolbar (Version: 1.14.1.0)
Ask Toolbar Updater (Version: 1.2.0.20007)
AVG 2012 (Version: 12.0.2221)
AVG 2012 (Version: 12.0.2637)
AVG 2012 (Version: 2012.0.2221)
Bejeweled 2 Deluxe (Version: 2.2.0.95)
Blackhawk Striker 2 (Version: 2.2.0.95)
Blasterball 3 (Version: 2.2.0.95)
Blio (Version: 2.2.6585)
Bounce Symphony (Version: 2.2.0.95)
Build-a-lot 2 (Version: 2.2.0.95)
Cake Mania (Version: 2.2.0.95)
Chuzzle Deluxe (Version: 2.2.0.95)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
CyberLink YouCam (Version: 3.5.1.4305)
D3DX10 (Version: 15.4.2368.0902)
Diner Dash 2 Restaurant Rescue (Version: 2.2.0.95)
Dora's World Adventure (Version: 2.2.0.95)
Energy Star Digital Logo (Version: 1.0.1)
Escape Rosecliff Island (Version: 2.2.0.95)
ESU for Microsoft Windows 7 (Version: 1.0.0)
Facebook Messenger 2.1.4651.0 (Version: 2.1.4651.0)
Farm Frenzy (Version: 2.2.0.95)
FATE (Version: 2.2.0.95)
Final Drive Nitro (Version: 2.2.0.95)
Free Ride Games Player
Google Chrome (Version: 23.0.1271.97)
Google Earth (Version: 6.2.2.6613)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3607.2246)
Google Update Helper (Version: 1.3.21.123)
Heroes of Hellas 2 - Olympia (Version: 2.2.0.95)
Hewlett-Packard ACLM.NET v1.2.1.1 (Version: 1.00.0000)
HP Auto (Version: 1.0.12935.3667)
HP Client Services (Version: 1.0.12656.3472)
HP CloudDrive
HP Customer Experience Enhancements (Version: 6.0.1.7)
HP Documentation (Version: 1.1.0.0)
HP Game Console
HP Games (Version: 1.0.1.5)
HP MovieStore (Version: 1.0.045)
HP MovieStore (Version: 2.0)
HP On Screen Display (Version: 1.0.7)
HP Power Manager (Version: 1.4.8)
HP Quick Launch (Version: 2.7.2)
HP Setup (Version: 8.6.4516.3597)
HP Setup Manager (Version: 1.1.13155.3599)
HP Software Framework (Version: 4.1.13.1)
HP Support Assistant (Version: 7.0.39.15)
HP Wireless Assistant (Version: 4.0.10.0)
InstallIQ Updater (Version: 1.4.3.0)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.2202)
Intel® Rapid Storage Technology (Version: 10.6.0.1002)
Java Auto Updater (Version: 2.0.7.2)
Java™ 6 Update 22 (64-bit) (Version: 6.0.220)
Java™ 6 Update 37 (Version: 6.0.370)
Jewel Quest Solitaire 2 (Version: 2.2.0.95)
Junk Mail filter update (Version: 15.4.3502.0922)
Magellan Communicator (Version: 1.15.020)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Home and Business 2010 - English (Version: 14.0.6123.5008)
Microsoft Office Starter 2010 - English (Version: 14.0.5131.5000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Mystery P.I. - The London Caper (Version: 2.2.0.95)
Office Suite X 3.3 (Version: 3.3.9567)
Penguins! (Version: 2.2.0.95)
Picasa 3 (Version: 3.8)
Plants vs. Zombies (Version: 2.2.0.95)
PlayReady PC Runtime x86 (Version: 1.3.0)
Poker Superstars III (Version: 2.2.0.95)
Polar Bowler (Version: 2.2.0.95)
Polar Golfer (Version: 2.2.0.95)
Realtek Ethernet Controller Driver (Version: 7.42.304.2011)
Realtek High Definition Audio Driver (Version: 6.0.1.6461)
Realtek PCIE Card Reader (Version: 6.1.7600.77)
REALTEK Wireless LAN Driver (Version: 1.00.11.0706)
Recovery Manager (Version: 1.0.22)
RoxioNow Player (Version: 1.9.5.103)
SUPERAntiSpyware (Version: 5.6.1014)
Synaptics TouchPad Driver (Version: 15.3.11.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Virtual Families (Version: 2.2.0.95)
Virtual Villagers 4 - The Tree of Life (Version: 2.2.0.95)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
Wheel of Fortune 2 (Version: 2.2.0.95)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Wizard101 (Version: 1.0.0)
Yahoo! Detect
Zuma Deluxe (Version: 2.2.0.95)

========================= Devices: ================================

Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


========================= Memory info: ===================================

Percentage of memory in use: 23%
Total physical RAM: 3001.89 MB
Available physical RAM: 2296.75 MB
Total Pagefile: 6001.97 MB
Available Pagefile: 5357.99 MB
Total Virtual: 4095.88 MB
Available Virtual: 3980.16 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:284.21 GB) (Free:230.71 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:13.58 GB) (Free:1.69 GB) NTFS
4 Drive f: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32

========================= Users: ========================================

User accounts for \\HOME-HP

Administrator Guest home

========================= Minidump Files ==================================

No minidump file found

========================= Restore Points ==================================

04-01-2013 18:31:37 Windows Update

**** End of log ****

#6 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:07:32 PM

Posted 05 January 2013 - 10:28 AM

Hi

:step1:

I do not recommend that you have more than one anti-virus product installed and running on your computer at a time. The reason for this is that if both products have their automatic (Real-Time) protection switched on, then those products which do not encrypt the virus strings within them can cause other anti-virus products to cause "false alarms". It can also lead to a clash as both products fight for access to files which are opened again this is the resident/automatic protection. In general terms, the two programs may conflict and cause:

1) False Alarms: When the anti virus software tells you that your PC has a virus when it actually doesn't.

2) System Performance Problems: Your system may lock up due to both products attempting to access the same file at the same time.

Therefore please go to Control Panel > "Add/Remove Programs" (Windows XP) / or "Programs and Features" (Windows Vista / 7), and remove either AVG or Ad-aware.


:step2:

  • Launch Malwarebytes' Anti-Malware (MBAM)
  • Click on the tab update, then click Check for Updates
  • If an update is found, it will download and install the latest version.
  • Then on the Scanner tab select Perform full scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad.
  • Post the log in your next reply.

Note: Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\<Username>\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Users\<Username>\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt


:step3:

I'd like us to scan your machine with ESET Online Scanner:

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.

Note: Vista/Windows 7 users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image
      icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • On ESET: Click the Back button, then the Finish button.
Note: Do not forget to re-enable your Anti-Virus application after running the above scan!


:step4:

Please download AdwCleaner by Xplode onto your desktop.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Search.
  • A logfile will automatically open after the scan has finished.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[R1].txt as well.


:step5:

How is the computer running now?

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#7 Ernie694

Ernie694
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Local time:01:32 PM

Posted 05 January 2013 - 02:10 PM

Hi Dev,

I tried to remove adware but was unable to, "windows installer service can not be accessed" is the message i got when i tried. Hopefully this is just a matter of being in safe mode.

I did run the 3 scans you listed, when i went to run Eset Online Scanner it prompted me to disable AVG, since I am in safe mode was not able to disable it thru the user interface. I did check in the system tray, running processes, and no AVG processes were running that i might have been able to end.

here are the logs:

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.01.05.04

Windows 7 Service Pack 1 x64 NTFS (Safe Mode/Networking)
Internet Explorer 9.0.8112.16421
home :: HOME-HP [administrator]

1/5/2013 9:35:00 AM
mbam-log-2013-01-05 (09-35-00).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 382318
Time elapsed: 54 minute(s), 38 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

ESETSmartInstaller@High as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK
# version=8
# iexplore.exe=9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)
# OnlineScanner.ocx=1.0.0.6844
# api_version=3.0.2
# EOSSerial=
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-01-05 06:27:39
# local_time=2013-01-05 12:27:39 (-0600, Central Standard Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1035 16777214 100 98 0 46127669 0 0
# compatibility_mode=5893 16776574 100 94 43984087 108953909 0 0
# scanned=197054
# found=1
# cleaned=1
# scan_time=6123
C:\Users\home\AppData\Local\Temp\jar_cache1702621209771778737.tmp a variant of Java/Exploit.Agent.NDH trojan (deleted - quarantined) D0C7C193149B258A1789783B51C59566A6EC075D C

# AdwCleaner v2.104 - Logfile created 01/05/2013 at 12:51:49
# Updated 29/12/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : home - HOME-HP
# Boot Mode : Safe mode with networking
# Running from : C:\Users\home\Desktop\AdwCleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

File Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
File Found : C:\Users\Public\Desktop\eBay.lnk
Folder Found : C:\Program Files (x86)\Ask.com
Folder Found : C:\ProgramData\Ask
Folder Found : C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Folder Found : C:\Users\home\AppData\Local\Temp\AskSearch
Folder Found : C:\Users\home\AppData\LocalLow\AskToolbar
Folder Found : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Registry] *****

Key Found : HKCU\Software\APN
Key Found : HKCU\Software\AppDataLow\Software\AskToolbar
Key Found : HKCU\Software\Ask.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : HKLM\Software\APN
Key Found : HKLM\Software\AskToolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Found : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Found : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\Freeze.com
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKU\S-1-5-21-3779559410-3828941652-17409569-1000\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Mozilla Firefox v [Unable to get version]

File : C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\f5dvzryy.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v23.0.1271.97

File : C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [4843 octets] - [05/01/2013 12:51:49]

########## EOF - C:\AdwCleaner[R1].txt - [4903 octets] ##########


Everything is the same, only able to get the computer to boot into safe mode.

Edited by Ernie694, 05 January 2013 - 02:12 PM.


#8 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:07:32 PM

Posted 05 January 2013 - 02:51 PM

IMPORTANT NOTE: One or more of the identified infections is a backdoor Trojan.

Backdoor Trojans, Botnets, and IRCBots are very dangerous because they compromise system integrity by making changes that allow it to be used by the attacker for malicious purposes.
They can disable your anti-virus and security tools to prevent detection and removal. Remote attackers use backdoors as a means of accessing and taking control of a computer that bypasses security mechanisms.
This type of exploit allows them to steal sensitive information like passwords, personal and financial data which is then sent back to the hacker.
Read Danger: Remote Access Trojans.

You should disconnect the computer from the Internet and from any networked computers until it is cleaned. If your computer was used for online banking, paying bills, has credit card information or other sensitive data on it, all passwords should be changed immediately to include those used for taxes, email, eBay, paypal and any other online activities.
You should consider them to be compromised and change passwords from a clean computer, not the infected one. If not, an attacker may get the new passwords and transaction information.
Banking and credit card institutions should be notified immediately of the possible security breach. Failure to notify your financial institution and local law enforcement can result in refusal to reimburse funds lost due to fraud or similar criminal activity.
If using a router, you need to reset it with a strong logon/password before connecting again.

Although the infection has been identified and may be removed, your machine has likely been compromised and there is no way to be sure the computer can ever be trusted again. It is dangerous and incorrect to assume the computer is secure even if the malware appears to have been removed.
In some instances an infection may have caused so much damage to your system that it cannot be successfully cleaned or repaired. The malware may leave so many remnants behind that security tools cannot find them.
Many experts in the security community believe that once infected with this type of malware, the best course of action is to wipe the drive clean, reformat and reinstall the OS. Please read:

Whenever a system has been compromised by a backdoor payload, it is impossible to know if or how much the backdoor has been used to affect your system...There are only a few ways to return a compromised system to a confident security configuration. These include:
• Reimaging the system
• Restoring the entire system using a full system backup from before the backdoor infection
• Reformatting and reinstalling the system

Backdoors and What They Mean to You

This is what Jesper M. Johansson, Security Program Manager at Microsoft TechNet has to say:

The only way to clean a compromised system is to flatten and rebuild. That’s right. If you have a system that has been completely compromised, the only thing you can do is to flatten the system (reformat the system disk) and rebuild it from scratch (reinstall Windows and your applications).

Help: I Got Hacked. Now What Do I Do?.

We will do our best to clean the computer of any infections seen on the log. However, because of the nature of this Trojan, I cannot offer a total
guarantee that there are no remnants left in the system, or that the computer will be trustworthy.

Many security experts believe that once infected with this type of Trojan, the best course of action is to reformat and reinstall the Operating System.
Making this decision is based on what the computer is used for, and what information can be accessed from it.

Knowing the above, do you wish to proceed with cleaning the malware from the computer?

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#9 Ernie694

Ernie694
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Local time:01:32 PM

Posted 05 January 2013 - 03:48 PM

Dev,

I have taken the computer offline, and since it is used for recreational purposes only, i would like to go ahead and proceed with cleaning the system. I am going to make sure i can figure out how to change the password on the router that we use.

Please let me know what steps we should take next.

Thanks

#10 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:07:32 PM

Posted 05 January 2013 - 06:39 PM

Hi

Let's try removing some of the rubbish AdwCleaner found first:

:step1:

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.


:step2:

Are you able to boot the PC into normal mode now?
- If not, please explain what happens in detail when it tries to start normally.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#11 Ernie694

Ernie694
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Local time:01:32 PM

Posted 05 January 2013 - 09:02 PM

Hi

I have deleted thru adwcleaner. Here is the log:

# AdwCleaner v2.104 - Logfile created 01/05/2013 at 19:43:19
# Updated 29/12/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : home - HOME-HP
# Boot Mode : Safe mode with networking
# Running from : C:\Users\home\Desktop\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
File Deleted : C:\Users\Public\Desktop\eBay.lnk
Folder Deleted : C:\Program Files (x86)\Ask.com
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Folder Deleted : C:\Users\home\AppData\Local\Temp\AskSearch
Folder Deleted : C:\Users\home\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Registry] *****

Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM\Software\APN
Key Deleted : HKLM\Software\AskToolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Mozilla Firefox v [Unable to get version]

File : C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\f5dvzryy.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v23.0.1271.97

File : C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [4960 octets] - [05/01/2013 12:51:49]
AdwCleaner[S1].txt - [4844 octets] - [05/01/2013 19:43:19]

########## EOF - C:\AdwCleaner[S1].txt - [4904 octets] ##########


I can not boot into reg mode still. When i attempt to I get the first windows screen with the 4 color logo for approx 30 seconds. I then get the welcome screen, which appears to be loading with the word welcome and the circle to show it is waiting for about 1 mimute. then i get a black screen. (before this last step i was not getting a black screen most of the time, i was getting hung up on that welcome screen).

#12 Ernie694

Ernie694
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Local time:01:32 PM

Posted 05 January 2013 - 09:26 PM

Hi again Dev, Update.... after about 17 minutes of the black screen the system has booted into normal mode. I have run a few programs and it seems to be running well. I have not taken the computer online as per your instructions.

I am going to let it sit, and will post again if it shuts down before you reply.

#13 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:07:32 PM

Posted 06 January 2013 - 07:34 AM

Hi

Please do the following next:

:step1:

Clear the Java cache

Clearing the Java Plug-in cache forces the browser to load the latest versions of web pages and programs.
Malicious software can frequently reside in the java cache.

To clear the Java Plug-in cache:

  • Click Start > Control Panel.
  • Double-click the Java icon in the control panel. The Java Control Panel appears.
  • Click Settings under Temporary Internet Files.The Temporary Files Settings dialog box appears.
  • Click Delete Files. The Delete Temporary Files dialog box appears.
  • Click OK on Delete Temporary Files window.
    Note: This deletes all the Downloaded Applications and Applets from the cache.
  • Click OK on Temporary Files Settings window.
  • Click OK on Java Control Panel window.
You can also view these instructions along with screenshots here.


:step2:

How is the computer running now?

Edited by dev00790, 06 January 2013 - 07:35 AM.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#14 Ernie694

Ernie694
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Local time:01:32 PM

Posted 06 January 2013 - 09:51 AM

Hi dev,

I have cleared the Java Control panal cache as you requested. Computer seemed to be running fine. I have restarted it again to see how the boot up went. Again it went from being hung up on the welcome screen to a black screen and about 20 minutes later it did boot into normal mode. Still keeping it offline.

#15 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:07:32 PM

Posted 06 January 2013 - 10:08 AM

Hi

We need a deeper look..

Please follow the instructions in ==>This Guide<== starting at Step 6. If you cannot complete a step, skip it and continue.

Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include a description of your computer issues, what you have done to resolve them, and a link to this topic.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

It would be helpful if you post a note here once you have completed the steps in the guide and have started your topic in malware removal. Good luck and be patient.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users