Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Laptop not booting up [Solved]


  • This topic is locked This topic is locked

#16
dvd7e

dvd7e

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts
OK I ran TDSSKiller. Here's the log:

17:21:23.0787 3328 TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16
17:21:24.0328 3328 ============================================================
17:21:24.0328 3328 Current date / time: 2012/06/11 17:21:24.0328
17:21:24.0328 3328 SystemInfo:
17:21:24.0328 3328
17:21:24.0348 3328 OS Version: 5.1.2600 ServicePack: 3.0
17:21:24.0348 3328 Product type: Workstation
17:21:24.0348 3328 ComputerName: VALERIE
17:21:24.0348 3328 UserName: Valerie Walthert
17:21:24.0348 3328 Windows directory: C:\WINDOWS
17:21:24.0348 3328 System windows directory: C:\WINDOWS
17:21:24.0348 3328 Processor architecture: Intel x86
17:21:24.0348 3328 Number of processors: 1
17:21:24.0348 3328 Page size: 0x1000
17:21:24.0348 3328 Boot type: Normal boot
17:21:24.0348 3328 ============================================================
17:21:29.0676 3328 Drive \Device\Harddisk0\DR0 - Size: 0x950A60000 (37.26 Gb), SectorSize: 0x200, Cylinders: 0x1300, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
17:21:29.0836 3328 ============================================================
17:21:29.0836 3328 \Device\Harddisk0\DR0:
17:21:29.0836 3328 MBR partitions:
17:21:29.0836 3328 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4A852C1
17:21:29.0836 3328 ============================================================
17:21:29.0886 3328 C: <-> \Device\Harddisk0\DR0\Partition0
17:21:29.0916 3328 ============================================================
17:21:29.0916 3328 Initialize success
17:21:29.0916 3328 ============================================================
17:21:48.0453 1204 ============================================================
17:21:48.0453 1204 Scan started
17:21:48.0453 1204 Mode: Manual; SigCheck; TDLFS;
17:21:48.0453 1204 ============================================================
17:21:48.0763 1204 Abiosdsk - ok
17:21:48.0783 1204 abp480n5 - ok
17:21:48.0843 1204 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
17:21:51.0717 1204 ACPI - ok
17:21:51.0767 1204 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
17:21:51.0988 1204 ACPIEC - ok
17:21:52.0058 1204 ACS (539802224d334c25ac439ff0518d36cd) C:\WINDOWS\system32\ACS.exe
17:21:52.0058 1204 ACS ( UnsignedFile.Multi.Generic ) - warning
17:21:52.0058 1204 ACS - detected UnsignedFile.Multi.Generic (1)
17:21:52.0078 1204 adpu160m - ok
17:21:52.0138 1204 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
17:21:52.0338 1204 aec - ok
17:21:52.0438 1204 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
17:21:52.0549 1204 AFD - ok
17:21:52.0669 1204 AgereSoftModem (052343cd49c8da20c48958cfe73c7d44) C:\WINDOWS\system32\DRIVERS\AGRSM.sys
17:21:52.0829 1204 AgereSoftModem - ok
17:21:52.0839 1204 Aha154x - ok
17:21:52.0849 1204 aic78u2 - ok
17:21:52.0879 1204 aic78xx - ok
17:21:52.0929 1204 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
17:21:53.0119 1204 Alerter - ok
17:21:53.0200 1204 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
17:21:53.0280 1204 ALG - ok
17:21:53.0290 1204 AliIde - ok
17:21:53.0310 1204 amsint - ok
17:21:53.0600 1204 AOL ACS (8fa646f0e639d9a8c8b98e217d471dc0) C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
17:21:53.0720 1204 AOL ACS - ok
17:21:53.0770 1204 ApfiltrService (4560a7079a53db71b1da013b8d18baf0) C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
17:21:53.0830 1204 ApfiltrService - ok
17:21:53.0951 1204 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:21:53.0971 1204 Apple Mobile Device - ok
17:21:53.0981 1204 AppMgmt - ok
17:21:54.0071 1204 AR5211 (37e1a3630872b3ccaa45e2468f437df0) C:\WINDOWS\system32\DRIVERS\ar5211.sys
17:21:54.0191 1204 AR5211 - ok
17:21:54.0261 1204 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
17:21:54.0451 1204 Arp1394 - ok
17:21:54.0471 1204 asc - ok
17:21:54.0491 1204 asc3350p - ok
17:21:54.0501 1204 asc3550 - ok
17:21:54.0602 1204 ASCTRM (d880831279ed91f9a4190a2db9539ea9) C:\WINDOWS\system32\drivers\ASCTRM.sys
17:21:54.0652 1204 ASCTRM ( UnsignedFile.Multi.Generic ) - warning
17:21:54.0652 1204 ASCTRM - detected UnsignedFile.Multi.Generic (1)
17:21:54.0792 1204 aspnet_state (e1a1206a4fb19b675e947b29ccd25fba) C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
17:21:54.0812 1204 aspnet_state ( UnsignedFile.Multi.Generic ) - warning
17:21:54.0812 1204 aspnet_state - detected UnsignedFile.Multi.Generic (1)
17:21:54.0842 1204 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
17:21:55.0012 1204 AsyncMac - ok
17:21:55.0062 1204 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
17:21:55.0252 1204 atapi - ok
17:21:55.0262 1204 Atdisk - ok
17:21:55.0303 1204 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
17:21:55.0493 1204 Atmarpc - ok
17:21:55.0543 1204 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
17:21:55.0713 1204 AudioSrv - ok
17:21:55.0813 1204 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
17:21:55.0994 1204 audstub - ok
17:21:56.0054 1204 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
17:21:56.0224 1204 Beep - ok
17:21:56.0334 1204 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
17:21:56.0624 1204 BITS - ok
17:21:56.0815 1204 Bonjour Service (f2060a34c8a75bc24a9222eb4f8c07bd) C:\Program Files\Bonjour\mDNSResponder.exe
17:21:56.0865 1204 Bonjour Service - ok
17:21:56.0915 1204 BridgeMP (f934d1b230f84e1d19dd00ac5a7a83ed) C:\WINDOWS\system32\DRIVERS\bridge.sys
17:21:57.0005 1204 BridgeMP - ok
17:21:57.0055 1204 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
17:21:57.0235 1204 Browser - ok
17:21:57.0426 1204 catchme - ok
17:21:57.0486 1204 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
17:21:57.0726 1204 cbidf2k - ok
17:21:57.0786 1204 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
17:21:57.0966 1204 CCDECODE - ok
17:21:58.0087 1204 ccEvtMgr (ff7daa264887e850abfdb8167a8685c9) C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
17:21:58.0097 1204 ccEvtMgr - ok
17:21:58.0187 1204 ccProxy (d53f90aa611a4fb98ec3cefe7cc8dd6b) C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
17:21:58.0207 1204 ccProxy - ok
17:21:58.0267 1204 ccSetMgr (92c27887787e637185fec2ee43da390f) C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
17:21:58.0287 1204 ccSetMgr - ok
17:21:58.0297 1204 cd20xrnt - ok
17:21:58.0357 1204 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
17:21:58.0557 1204 Cdaudio - ok
17:21:58.0587 1204 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
17:21:58.0778 1204 Cdfs - ok
17:21:59.0108 1204 Cdr4_xp (814acb9b8a55804d9878248b3c79f862) C:\WINDOWS\system32\drivers\Cdr4_xp.sys
17:21:59.0148 1204 Cdr4_xp ( UnsignedFile.Multi.Generic ) - warning
17:21:59.0148 1204 Cdr4_xp - detected UnsignedFile.Multi.Generic (1)
17:21:59.0198 1204 Cdralw2k (bce7213f8aa1bc9d5c08f81cb05e10a7) C:\WINDOWS\system32\drivers\Cdralw2k.sys
17:21:59.0238 1204 Cdralw2k ( UnsignedFile.Multi.Generic ) - warning
17:21:59.0238 1204 Cdralw2k - detected UnsignedFile.Multi.Generic (1)
17:21:59.0378 1204 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
17:21:59.0589 1204 Cdrom - ok
17:21:59.0849 1204 CFSvcs (527235c8109bf5d4dbda7d1948648c46) C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
17:21:59.0869 1204 CFSvcs ( UnsignedFile.Multi.Generic ) - warning
17:21:59.0869 1204 CFSvcs - detected UnsignedFile.Multi.Generic (1)
17:21:59.0879 1204 Changer - ok
17:21:59.0939 1204 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
17:22:00.0190 1204 CiSvc - ok
17:22:00.0260 1204 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
17:22:00.0470 1204 ClipSrv - ok
17:22:00.0610 1204 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
17:22:00.0800 1204 CmBatt - ok
17:22:00.0810 1204 CmdIde - ok
17:22:00.0881 1204 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
17:22:01.0051 1204 Compbatt - ok
17:22:01.0061 1204 COMSysApp - ok
17:22:01.0081 1204 Cpqarray - ok
17:22:01.0121 1204 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
17:22:01.0291 1204 CryptSvc - ok
17:22:01.0301 1204 dac2w2k - ok
17:22:01.0311 1204 dac960nt - ok
17:22:01.0431 1204 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
17:22:01.0592 1204 DcomLaunch - ok
17:22:01.0692 1204 DefWatch (929f2c62ea350785e3a2f40e97e78863) C:\Program Files\Symantec Client Security\Symantec AntiVirus\DefWatch.exe
17:22:01.0702 1204 DefWatch - ok
17:22:01.0772 1204 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
17:22:01.0942 1204 Dhcp - ok
17:22:01.0962 1204 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
17:22:02.0152 1204 Disk - ok
17:22:02.0162 1204 dmadmin - ok
17:22:02.0243 1204 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
17:22:02.0513 1204 dmboot - ok
17:22:02.0553 1204 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
17:22:02.0753 1204 dmio - ok
17:22:02.0803 1204 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
17:22:02.0974 1204 dmload - ok
17:22:03.0044 1204 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
17:22:03.0214 1204 dmserver - ok
17:22:03.0284 1204 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
17:22:03.0454 1204 DMusic - ok
17:22:03.0564 1204 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
17:22:03.0665 1204 Dnscache - ok
17:22:03.0755 1204 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
17:22:03.0935 1204 Dot3svc - ok
17:22:03.0945 1204 dpti2o - ok
17:22:04.0005 1204 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
17:22:04.0326 1204 drmkaud - ok
17:22:04.0376 1204 drvmcdb (ae4f1425f8da291136c788fb17d34f4d) C:\WINDOWS\system32\drivers\drvmcdb.sys
17:22:04.0386 1204 drvmcdb ( UnsignedFile.Multi.Generic ) - warning
17:22:04.0386 1204 drvmcdb - detected UnsignedFile.Multi.Generic (1)
17:22:04.0426 1204 drvnddm (b295700e684ed1984db1d6be40354421) C:\WINDOWS\system32\drivers\drvnddm.sys
17:22:04.0426 1204 drvnddm ( UnsignedFile.Multi.Generic ) - warning
17:22:04.0426 1204 drvnddm - detected UnsignedFile.Multi.Generic (1)
17:22:04.0516 1204 E100B (4b884f18e70ac6621b2f10503d85cbcf) C:\WINDOWS\system32\DRIVERS\e100b325.sys
17:22:04.0586 1204 E100B - ok
17:22:04.0626 1204 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
17:22:04.0806 1204 EapHost - ok
17:22:04.0976 1204 eeCtrl (8f7dbc4be48f5388a6fe1f285e7948ef) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
17:22:05.0347 1204 eeCtrl - ok
17:22:05.0377 1204 EraserUtilRebootDrv (3ee14d400e0fdd0d214275a4a20b7022) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
17:22:05.0397 1204 EraserUtilRebootDrv - ok
17:22:05.0437 1204 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
17:22:05.0637 1204 ERSvc - ok
17:22:05.0718 1204 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
17:22:05.0758 1204 Eventlog - ok
17:22:05.0818 1204 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
17:22:05.0908 1204 EventSystem - ok
17:22:05.0938 1204 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
17:22:06.0118 1204 Fastfat - ok
17:22:06.0168 1204 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
17:22:06.0208 1204 FastUserSwitchingCompatibility - ok
17:22:06.0238 1204 Fax (e97d6a8684466df94ff3bc24fb787a07) C:\WINDOWS\system32\fxssvc.exe
17:22:06.0408 1204 Fax - ok
17:22:06.0449 1204 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
17:22:06.0639 1204 Fdc - ok
17:22:06.0659 1204 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
17:22:06.0819 1204 Fips - ok
17:22:06.0879 1204 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
17:22:07.0059 1204 Flpydisk - ok
17:22:07.0190 1204 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
17:22:07.0330 1204 FltMgr - ok
17:22:07.0390 1204 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:22:07.0530 1204 Fs_Rec - ok
17:22:07.0740 1204 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
17:22:07.0911 1204 Ftdisk - ok
17:22:08.0001 1204 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
17:22:08.0021 1204 GEARAspiWDM - ok
17:22:08.0051 1204 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
17:22:08.0271 1204 Gpc - ok
17:22:08.0361 1204 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
17:22:08.0532 1204 helpsvc - ok
17:22:08.0612 1204 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll
17:22:08.0782 1204 HidServ - ok
17:22:08.0882 1204 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
17:22:09.0062 1204 HidUsb - ok
17:22:09.0213 1204 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
17:22:09.0423 1204 hkmsvc - ok
17:22:09.0433 1204 hpn - ok
17:22:09.0503 1204 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
17:22:09.0563 1204 HTTP - ok
17:22:09.0623 1204 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
17:22:09.0763 1204 HTTPFilter - ok
17:22:09.0773 1204 i2omgmt - ok
17:22:09.0793 1204 i2omp - ok
17:22:09.0863 1204 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
17:22:10.0024 1204 i8042prt - ok
17:22:10.0194 1204 ialm (537efe2f9adcd01073f59e9d3d24164e) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
17:22:10.0474 1204 ialm - ok
17:22:10.0544 1204 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
17:22:10.0705 1204 Imapi - ok
17:22:10.0805 1204 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
17:22:10.0955 1204 ImapiService - ok
17:22:10.0975 1204 ini910u - ok
17:22:11.0085 1204 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
17:22:11.0286 1204 IntelIde - ok
17:22:11.0386 1204 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
17:22:11.0546 1204 intelppm - ok
17:22:11.0576 1204 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
17:22:11.0746 1204 Ip6Fw - ok
17:22:11.0816 1204 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:22:11.0987 1204 IpFilterDriver - ok
17:22:12.0007 1204 iphlpsvc - ok
17:22:12.0167 1204 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
17:22:12.0337 1204 IpInIp - ok
17:22:12.0377 1204 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
17:22:12.0567 1204 IpNat - ok
17:22:12.0728 1204 iPod Service (b84a28b3984185eda8867541af14cddb) C:\Program Files\iPod\bin\iPodService.exe
17:22:12.0798 1204 iPod Service - ok
17:22:12.0838 1204 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
17:22:12.0998 1204 IPSec - ok
17:22:13.0088 1204 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
17:22:13.0188 1204 IRENUM - ok
17:22:13.0218 1204 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
17:22:13.0429 1204 isapnp - ok
17:22:13.0569 1204 ISSVC (72f25308b13a237113080ab1e016c7f2) C:\Program Files\Symantec Client Security\Symantec Client Firewall\ISSVC.exe
17:22:13.0579 1204 ISSVC - ok
17:22:13.0619 1204 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
17:22:13.0759 1204 Kbdclass - ok
17:22:13.0799 1204 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
17:22:13.0949 1204 kbdhid - ok
17:22:13.0989 1204 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
17:22:14.0150 1204 kmixer - ok
17:22:14.0210 1204 KR10N (00c1ea8decf810b8eccb5c5a8186a96e) C:\WINDOWS\system32\drivers\KR10N.sys
17:22:14.0310 1204 KR10N - ok
17:22:14.0350 1204 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
17:22:14.0420 1204 KSecDD - ok
17:22:14.0470 1204 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
17:22:14.0570 1204 lanmanserver - ok
17:22:14.0590 1204 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
17:22:14.0640 1204 lanmanworkstation - ok
17:22:14.0650 1204 lbrtfdc - ok
17:22:14.0881 1204 LiveUpdate (89bffb6a09652da7d019a387354d0d19) C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
17:22:15.0001 1204 LiveUpdate - ok
17:22:15.0221 1204 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
17:22:15.0391 1204 LmHosts - ok
17:22:15.0522 1204 lusbaudio (081caf42d5db1fcf8794fd77befd1b11) C:\WINDOWS\system32\drivers\OVSound2.sys
17:22:15.0732 1204 lusbaudio - ok
17:22:15.0802 1204 LxrJD31d (3f6f7993ae46aded2db2886ed3080c80) C:\WINDOWS\system32\Drivers\LxrJD31d.sys
17:22:15.0822 1204 LxrJD31d ( UnsignedFile.Multi.Generic ) - warning
17:22:15.0822 1204 LxrJD31d - detected UnsignedFile.Multi.Generic (1)
17:22:15.0832 1204 LxrJD31s - ok
17:22:15.0902 1204 MDC8021X (8fee53c104223973ed9919936d9cd156) C:\WINDOWS\system32\DRIVERS\mdc8021x.sys
17:22:15.0922 1204 MDC8021X ( UnsignedFile.Multi.Generic ) - warning
17:22:15.0922 1204 MDC8021X - detected UnsignedFile.Multi.Generic (1)
17:22:15.0982 1204 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
17:22:16.0142 1204 mnmdd - ok
17:22:16.0173 1204 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
17:22:16.0343 1204 mnmsrvc - ok
17:22:16.0403 1204 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
17:22:16.0543 1204 Modem - ok
17:22:16.0573 1204 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
17:22:16.0713 1204 Mouclass - ok
17:22:16.0773 1204 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
17:22:16.0934 1204 mouhid - ok
17:22:16.0964 1204 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
17:22:17.0104 1204 MountMgr - ok
17:22:17.0124 1204 mraid35x - ok
17:22:17.0174 1204 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
17:22:17.0324 1204 MRxDAV - ok
17:22:17.0394 1204 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:22:17.0484 1204 MRxSmb - ok
17:22:17.0575 1204 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
17:22:17.0735 1204 MSDTC - ok
17:22:17.0765 1204 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
17:22:17.0925 1204 Msfs - ok
17:22:17.0935 1204 MSIServer - ok
17:22:17.0965 1204 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:22:18.0105 1204 MSKSSRV - ok
17:22:18.0145 1204 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:22:18.0286 1204 MSPCLOCK - ok
17:22:18.0326 1204 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
17:22:18.0496 1204 MSPQM - ok
17:22:18.0566 1204 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
17:22:18.0736 1204 mssmbios - ok
17:22:18.0796 1204 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
17:22:18.0957 1204 MSTEE - ok
17:22:19.0097 1204 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
17:22:19.0157 1204 Mup - ok
17:22:19.0187 1204 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
17:22:19.0357 1204 NABTSFEC - ok
17:22:19.0547 1204 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
17:22:19.0738 1204 napagent - ok
17:22:19.0918 1204 NAVENG (862f55824ac81295837b0ab63f91071f) C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20110823.002\naveng.sys
17:22:19.0938 1204 NAVENG - ok
17:22:20.0248 1204 NAVEX15 (529d571b551cb9da44237389b936f1ae) C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20110823.002\navex15.sys
17:22:20.0339 1204 NAVEX15 - ok
17:22:20.0529 1204 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
17:22:20.0719 1204 NDIS - ok
17:22:20.0759 1204 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
17:22:20.0909 1204 NdisIP - ok
17:22:20.0959 1204 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:22:21.0090 1204 NdisTapi - ok
17:22:21.0110 1204 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:22:21.0270 1204 Ndisuio - ok
17:22:21.0350 1204 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:22:21.0490 1204 NdisWan - ok
17:22:21.0570 1204 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
17:22:21.0620 1204 NDProxy - ok
17:22:21.0640 1204 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
17:22:21.0801 1204 NetBIOS - ok
17:22:21.0831 1204 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
17:22:21.0981 1204 NetBT - ok
17:22:22.0121 1204 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
17:22:22.0281 1204 NetDDE - ok
17:22:22.0291 1204 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
17:22:22.0442 1204 NetDDEdsdm - ok
17:22:22.0492 1204 Netdevio (1265eb253ed4ebe4acb3bd5f548ff796) C:\WINDOWS\system32\DRIVERS\netdevio.sys
17:22:22.0522 1204 Netdevio ( UnsignedFile.Multi.Generic ) - warning
17:22:22.0522 1204 Netdevio - detected UnsignedFile.Multi.Generic (1)
17:22:22.0572 1204 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
17:22:22.0762 1204 Netlogon - ok
17:22:23.0353 1204 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
17:22:23.0533 1204 Netman - ok
17:22:23.0593 1204 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
17:22:23.0743 1204 NIC1394 - ok
17:22:23.0814 1204 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
17:22:23.0844 1204 Nla - ok
17:22:23.0864 1204 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
17:22:24.0024 1204 Npfs - ok
17:22:24.0104 1204 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
17:22:24.0324 1204 Ntfs - ok
17:22:24.0344 1204 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
17:22:24.0484 1204 NtLmSsp - ok
17:22:24.0615 1204 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
17:22:24.0815 1204 NtmsSvc - ok
17:22:24.0875 1204 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
17:22:25.0015 1204 Null - ok
17:22:25.0095 1204 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
17:22:25.0246 1204 NwlnkFlt - ok
17:22:25.0286 1204 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
17:22:25.0436 1204 NwlnkFwd - ok
17:22:25.0466 1204 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
17:22:25.0626 1204 ohci1394 - ok
17:22:25.0706 1204 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:22:25.0736 1204 ose - ok
17:22:25.0977 1204 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
17:22:26.0157 1204 Parport - ok
17:22:26.0237 1204 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
17:22:26.0387 1204 PartMgr - ok
17:22:26.0427 1204 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
17:22:26.0598 1204 ParVdm - ok
17:22:26.0628 1204 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
17:22:26.0778 1204 PCI - ok
17:22:26.0788 1204 PCIDump - ok
17:22:26.0838 1204 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
17:22:26.0978 1204 PCIIde - ok
17:22:26.0998 1204 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
17:22:27.0158 1204 Pcmcia - ok
17:22:27.0168 1204 PDCOMP - ok
17:22:27.0178 1204 PDFRAME - ok
17:22:27.0198 1204 PDRELI - ok
17:22:27.0208 1204 PDRFRAME - ok
17:22:27.0218 1204 perc2 - ok
17:22:27.0238 1204 perc2hib - ok
17:22:27.0349 1204 pfc (6c1618a07b49e3873582b6449e744088) C:\WINDOWS\system32\drivers\pfc.sys
17:22:27.0349 1204 pfc ( UnsignedFile.Multi.Generic ) - warning
17:22:27.0349 1204 pfc - detected UnsignedFile.Multi.Generic (1)
17:22:27.0409 1204 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
17:22:27.0429 1204 PlugPlay - ok
17:22:27.0449 1204 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
17:22:27.0599 1204 PolicyAgent - ok
17:22:27.0639 1204 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
17:22:27.0779 1204 PptpMiniport - ok
17:22:27.0789 1204 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
17:22:27.0959 1204 ProtectedStorage - ok
17:22:28.0050 1204 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
17:22:28.0190 1204 PSched - ok
17:22:28.0240 1204 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
17:22:28.0390 1204 Ptilink - ok
17:22:28.0460 1204 PxHelp20 (d90730239f13a4b05e6d685db5699288) C:\WINDOWS\system32\Drivers\PxHelp20.sys
17:22:28.0460 1204 PxHelp20 ( UnsignedFile.Multi.Generic ) - warning
17:22:28.0460 1204 PxHelp20 - detected UnsignedFile.Multi.Generic (1)
17:22:28.0560 1204 QCEmerald (90849934d37133e069f31f3e9a66c9bc) C:\WINDOWS\system32\DRIVERS\OVCE.sys
17:22:28.0711 1204 QCEmerald - ok
17:22:28.0721 1204 ql1080 - ok
17:22:28.0741 1204 Ql10wnt - ok
17:22:28.0751 1204 ql12160 - ok
17:22:28.0771 1204 ql1240 - ok
17:22:28.0781 1204 ql1280 - ok
17:22:28.0841 1204 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:22:29.0001 1204 RasAcd - ok
17:22:29.0071 1204 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
17:22:29.0231 1204 RasAuto - ok
17:22:29.0301 1204 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
17:22:29.0442 1204 Rasl2tp - ok
17:22:29.0512 1204 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
17:22:29.0662 1204 RasMan - ok
17:22:29.0682 1204 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:22:29.0822 1204 RasPppoe - ok
17:22:29.0862 1204 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
17:22:30.0002 1204 Raspti - ok
17:22:30.0042 1204 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:22:30.0213 1204 Rdbss - ok
17:22:30.0263 1204 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
17:22:30.0423 1204 RDPCDD - ok
17:22:30.0503 1204 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
17:22:30.0613 1204 RDPWD - ok
17:22:30.0663 1204 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
17:22:31.0084 1204 RDSessMgr - ok
17:22:31.0134 1204 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
17:22:31.0284 1204 redbook - ok
17:22:31.0334 1204 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
17:22:31.0505 1204 RemoteAccess - ok
17:22:31.0535 1204 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
17:22:31.0735 1204 RpcLocator - ok
17:22:31.0825 1204 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
17:22:31.0855 1204 RpcSs - ok
17:22:31.0905 1204 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
17:22:32.0075 1204 RSVP - ok
17:22:32.0125 1204 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
17:22:32.0266 1204 SamSs - ok
17:22:32.0446 1204 SavRoam (d18d2282f58f15d2bd8a91f800d13124) C:\Program Files\Symantec Client Security\Symantec AntiVirus\SavRoam.exe
17:22:32.0466 1204 SavRoam - ok
17:22:32.0536 1204 SAVRT (cdb565c093b0105086cc630b32f9e6e6) C:\Program Files\Symantec Client Security\Symantec AntiVirus\savrt.sys
17:22:32.0566 1204 SAVRT - ok
17:22:32.0616 1204 SAVRTPEL (1042cb5a003f9aed8d6cec56a0fc6c49) C:\Program Files\Symantec Client Security\Symantec AntiVirus\Savrtpel.sys
17:22:32.0646 1204 SAVRTPEL - ok
17:22:32.0736 1204 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
17:22:32.0887 1204 SCardSvr - ok
17:22:32.0947 1204 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
17:22:33.0097 1204 Schedule - ok
17:22:33.0197 1204 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
17:22:33.0277 1204 Secdrv - ok
17:22:33.0297 1204 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
17:22:33.0457 1204 seclogon - ok
17:22:33.0527 1204 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
17:22:33.0718 1204 SENS - ok
17:22:33.0778 1204 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
17:22:33.0968 1204 Serial - ok
17:22:33.0998 1204 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
17:22:34.0138 1204 Sfloppy - ok
17:22:34.0198 1204 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
17:22:34.0399 1204 SharedAccess - ok
17:22:34.0449 1204 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
17:22:34.0479 1204 ShellHWDetection - ok
17:22:34.0499 1204 Simbad - ok
17:22:34.0539 1204 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
17:22:34.0729 1204 SLIP - ok
17:22:34.0940 1204 SNDSrvc (c5f415bb02ee89cde1b6cee3538f424b) C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
17:22:34.0950 1204 SNDSrvc - ok
17:22:35.0000 1204 Sparrow - ok
17:22:35.0300 1204 SPBBCDrv (677b10906838d3bfb1c07ac9087e4bf7) C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys
17:22:35.0360 1204 SPBBCDrv - ok
17:22:35.0510 1204 SPBBCSvc (c830007369e18a54aed23b5bb3afa2ba) C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
17:22:35.0590 1204 SPBBCSvc - ok
17:22:35.0771 1204 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
17:22:35.0921 1204 splitter - ok
17:22:35.0981 1204 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
17:22:36.0011 1204 Spooler - ok
17:22:36.0091 1204 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
17:22:36.0181 1204 sr - ok
17:22:36.0271 1204 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
17:22:36.0352 1204 srservice - ok
17:22:36.0422 1204 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
17:22:36.0602 1204 Srv - ok
17:22:36.0662 1204 sscdbhk5 (d7968049be0adbb6a57cee3960320911) C:\WINDOWS\system32\drivers\sscdbhk5.sys
17:22:36.0662 1204 sscdbhk5 ( UnsignedFile.Multi.Generic ) - warning
17:22:36.0662 1204 sscdbhk5 - detected UnsignedFile.Multi.Generic (1)
17:22:36.0692 1204 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
17:22:36.0752 1204 SSDPSRV - ok
17:22:36.0782 1204 ssrtln (c3ffd65abfb6441e7606cf74f1155273) C:\WINDOWS\system32\drivers\ssrtln.sys
17:22:36.0782 1204 ssrtln ( UnsignedFile.Multi.Generic ) - warning
17:22:36.0782 1204 ssrtln - detected UnsignedFile.Multi.Generic (1)
17:22:36.0852 1204 STAC97 (a48dc73c8a26dc53d9480a108c3342b5) C:\WINDOWS\system32\drivers\stac97.sys
17:22:36.0902 1204 STAC97 - ok
17:22:36.0982 1204 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
17:22:37.0193 1204 stisvc - ok
17:22:37.0253 1204 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
17:22:37.0403 1204 streamip - ok
17:22:37.0433 1204 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
17:22:37.0573 1204 swenum - ok
17:22:37.0613 1204 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
17:22:37.0804 1204 swmidi - ok
17:22:37.0814 1204 SwPrv - ok
17:22:37.0904 1204 Swupdtmr (74e8543a4647a53a26788d5ed3c2172f) c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
17:22:37.0964 1204 Swupdtmr ( UnsignedFile.Multi.Generic ) - warning
17:22:37.0964 1204 Swupdtmr - detected UnsignedFile.Multi.Generic (1)
17:22:38.0455 1204 Symantec AntiVirus (1b0bf2b60e6ed4d22285a1528134b0f2) C:\Program Files\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe
17:22:38.0605 1204 Symantec AntiVirus - ok
17:22:38.0755 1204 symc810 - ok
17:22:38.0775 1204 symc8xx - ok
17:22:38.0845 1204 SYMDNS (82235a78777a8f0a5d6cc66a5c118b59) C:\WINDOWS\System32\Drivers\SYMDNS.SYS
17:22:38.0855 1204 SYMDNS - ok
17:22:38.0995 1204 SymEvent (3c6790d26d03fe5163e2bec490e51a7e) C:\Program Files\Symantec\SYMEVENT.SYS
17:22:39.0015 1204 SymEvent - ok
17:22:39.0075 1204 SYMFW (fe7d95fb4c45855dccdd7be530b96982) C:\WINDOWS\System32\Drivers\SYMFW.SYS
17:22:39.0095 1204 SYMFW - ok
17:22:39.0136 1204 SYMIDS (fa3dbbcc7a26a4a2636dfcca06689689) C:\WINDOWS\System32\Drivers\SYMIDS.SYS
17:22:39.0146 1204 SYMIDS - ok
17:22:39.0346 1204 SYMIDSCO (2133d1f879b280121b0e6a7d34b24a02) C:\PROGRA~1\COMMON~1\SYMANT~1\SymcData\SCFIDS~1\20111103.002\symidsco.sys
17:22:39.0366 1204 SYMIDSCO - ok
17:22:39.0396 1204 SYMNDIS (6497b01f6acee837ec2469bb2b5ee910) C:\WINDOWS\System32\Drivers\SYMNDIS.SYS
17:22:39.0426 1204 SYMNDIS - ok
17:22:39.0466 1204 SYMREDRV (5314e345dfc068504cfb2676d3b2ca39) C:\WINDOWS\System32\Drivers\SYMREDRV.SYS
17:22:39.0476 1204 SYMREDRV - ok
17:22:39.0616 1204 SymSecurePort (4b6c6949cd70bbbaa3a10cb6ab5e1423) C:\Program Files\Symantec Client Security\Symantec Client Firewall\SymSPort.exe
17:22:39.0636 1204 SymSecurePort - ok
17:22:39.0696 1204 SYMTDI (8cd0a1478256240249b8ee88e6f25e94) C:\WINDOWS\System32\Drivers\SYMTDI.SYS
17:22:39.0726 1204 SYMTDI - ok
17:22:39.0726 1204 sym_hi - ok
17:22:39.0736 1204 sym_u3 - ok
17:22:39.0827 1204 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
17:22:39.0977 1204 sysaudio - ok
17:22:40.0037 1204 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
17:22:40.0217 1204 SysmonLog - ok
17:22:40.0367 1204 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
17:22:40.0528 1204 TapiSrv - ok
17:22:40.0698 1204 TBiosDrv (eeca2b57545e7b7be949b5e70e31444f) C:\WINDOWS\system32\drivers\TBiosDrv.sys
17:22:40.0718 1204 TBiosDrv ( UnsignedFile.Multi.Generic ) - warning
17:22:40.0718 1204 TBiosDrv - detected UnsignedFile.Multi.Generic (1)
17:22:40.0798 1204 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:22:40.0868 1204 Tcpip - ok
17:22:40.0938 1204 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
17:22:41.0088 1204 TDPIPE - ok
17:22:41.0128 1204 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
17:22:41.0329 1204 TDTCP - ok
17:22:41.0349 1204 tdx - ok
17:22:41.0369 1204 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
17:22:41.0509 1204 TermDD - ok
17:22:41.0629 1204 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
17:22:41.0799 1204 TermService - ok
17:22:41.0859 1204 tfsnboio (12534d6993893ece8ccb6e141eca167b) C:\WINDOWS\system32\dla\tfsnboio.sys
17:22:41.0880 1204 tfsnboio ( UnsignedFile.Multi.Generic ) - warning
17:22:41.0880 1204 tfsnboio - detected UnsignedFile.Multi.Generic (1)
17:22:41.0910 1204 tfsncofs (2b9b9da9b1d6d29aadd6e25a22c4d07f) C:\WINDOWS\system32\dla\tfsncofs.sys
17:22:41.0930 1204 tfsncofs ( UnsignedFile.Multi.Generic ) - warning
17:22:41.0930 1204 tfsncofs - detected UnsignedFile.Multi.Generic (1)
17:22:41.0950 1204 tfsndrct (284b4f17ad218b1709831252734e0092) C:\WINDOWS\system32\dla\tfsndrct.sys
17:22:41.0970 1204 tfsndrct ( UnsignedFile.Multi.Generic ) - warning
17:22:41.0970 1204 tfsndrct - detected UnsignedFile.Multi.Generic (1)
17:22:41.0990 1204 tfsndres (474d8a43a7d4939bfa5bc24abe7499e8) C:\WINDOWS\system32\dla\tfsndres.sys
17:22:42.0010 1204 tfsndres ( UnsignedFile.Multi.Generic ) - warning
17:22:42.0010 1204 tfsndres - detected UnsignedFile.Multi.Generic (1)
17:22:42.0040 1204 tfsnifs (8965155985656f130909d9be37d6e8c2) C:\WINDOWS\system32\dla\tfsnifs.sys
17:22:42.0090 1204 tfsnifs ( UnsignedFile.Multi.Generic ) - warning
17:22:42.0090 1204 tfsnifs - detected UnsignedFile.Multi.Generic (1)
17:22:42.0100 1204 tfsnopio (7187844d442b3b983bab0f98087aa276) C:\WINDOWS\system32\dla\tfsnopio.sys
17:22:42.0150 1204 tfsnopio ( UnsignedFile.Multi.Generic ) - warning
17:22:42.0150 1204 tfsnopio - detected UnsignedFile.Multi.Generic (1)
17:22:42.0170 1204 tfsnpool (7a82f090a98d692573334f956a9826cc) C:\WINDOWS\system32\dla\tfsnpool.sys
17:22:42.0180 1204 tfsnpool ( UnsignedFile.Multi.Generic ) - warning
17:22:42.0180 1204 tfsnpool - detected UnsignedFile.Multi.Generic (1)
17:22:42.0210 1204 tfsnudf (9ba9cbc21414475e488af0dab74ed9bd) C:\WINDOWS\system32\dla\tfsnudf.sys
17:22:42.0230 1204 tfsnudf ( UnsignedFile.Multi.Generic ) - warning
17:22:42.0230 1204 tfsnudf - detected UnsignedFile.Multi.Generic (1)
17:22:42.0250 1204 tfsnudfa (21246b5aa05afe2861a0e30c018c79f6) C:\WINDOWS\system32\dla\tfsnudfa.sys
17:22:42.0250 1204 tfsnudfa ( UnsignedFile.Multi.Generic ) - warning
17:22:42.0250 1204 tfsnudfa - detected UnsignedFile.Multi.Generic (1)
17:22:42.0310 1204 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
17:22:42.0330 1204 Themes - ok
17:22:42.0350 1204 TosIde - ok
17:22:42.0400 1204 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
17:22:42.0560 1204 TrkWks - ok
17:22:42.0641 1204 TVALZ (c77f886230cded0075d628f88689681c) C:\WINDOWS\system32\DRIVERS\TVALZ.SYS
17:22:42.0661 1204 TVALZ ( UnsignedFile.Multi.Generic ) - warning
17:22:42.0661 1204 TVALZ - detected UnsignedFile.Multi.Generic (1)
17:22:42.0701 1204 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
17:22:42.0841 1204 Udfs - ok
17:22:42.0861 1204 ultra - ok
17:22:42.0911 1204 UMWdf (c81b8635dee0d3ef5f64b3dd643023a5) C:\WINDOWS\system32\wdfmgr.exe
17:22:42.0951 1204 UMWdf - ok
17:22:43.0021 1204 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
17:22:43.0231 1204 Update - ok
17:22:43.0322 1204 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
17:22:43.0402 1204 upnphost - ok
17:22:43.0462 1204 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
17:22:43.0612 1204 UPS - ok
17:22:43.0672 1204 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
17:22:43.0852 1204 usbccgp - ok
17:22:43.0882 1204 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
17:22:44.0023 1204 usbehci - ok
17:22:44.0133 1204 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
17:22:44.0363 1204 usbhub - ok
17:22:44.0403 1204 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
17:22:44.0553 1204 usbprint - ok
17:22:44.0623 1204 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
17:22:44.0784 1204 usbscan - ok
17:22:44.0824 1204 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
17:22:44.0974 1204 USBSTOR - ok
17:22:45.0004 1204 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
17:22:45.0154 1204 usbuhci - ok
17:22:45.0194 1204 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
17:22:45.0334 1204 VgaSave - ok
17:22:45.0344 1204 ViaIde - ok
17:22:45.0405 1204 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
17:22:45.0565 1204 VolSnap - ok
17:22:45.0615 1204 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
17:22:45.0685 1204 VSS - ok
17:22:45.0725 1204 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
17:22:45.0885 1204 W32Time - ok
17:22:45.0915 1204 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:22:46.0076 1204 Wanarp - ok
17:22:46.0256 1204 wanatw (0a716c08cb13c3a8f4f51e882dbf7416) C:\WINDOWS\system32\DRIVERS\wanatw4.sys
17:22:46.0436 1204 wanatw - ok
17:22:46.0446 1204 WDICA - ok
17:22:46.0666 1204 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
17:22:46.0817 1204 wdmaud - ok
17:22:46.0937 1204 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
17:22:47.0097 1204 WebClient - ok
17:22:47.0147 1204 WinDefend - ok
17:22:47.0157 1204 WinHttpAutoProxySvc - ok
17:22:47.0257 1204 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
17:22:47.0448 1204 winmgmt - ok
17:22:47.0548 1204 WmdmPmSN (a477391b7a8b0a0daabadb17cf533a4b) C:\WINDOWS\system32\MsPMSNSv.dll
17:22:47.0658 1204 WmdmPmSN - ok
17:22:47.0728 1204 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
17:22:47.0898 1204 WmiApSrv - ok
17:22:47.0958 1204 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
17:22:48.0098 1204 WS2IFSL - ok
17:22:48.0169 1204 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
17:22:48.0319 1204 wscsvc - ok
17:22:48.0419 1204 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
17:22:48.0559 1204 WSTCODEC - ok
17:22:48.0599 1204 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
17:22:48.0779 1204 wuauserv - ok
17:22:48.0870 1204 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
17:22:49.0090 1204 WZCSVC - ok
17:22:49.0130 1204 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
17:22:49.0280 1204 xmlprov - ok
17:22:49.0380 1204 {6080A529-897E-4629-A488-ABA0C29B635E} (e6c22d34baef5196e1b23a4492c275b7) C:\WINDOWS\system32\drivers\ialmsbw.sys
17:22:49.0410 1204 {6080A529-897E-4629-A488-ABA0C29B635E} - ok
17:22:49.0450 1204 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91} (6e53bd96b0ebad721cdd6320dbfc3f5f) C:\WINDOWS\system32\drivers\ialmkchw.sys
17:22:49.0480 1204 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91} - ok
17:22:49.0510 1204 {E2B953A6-195A-44F9-9BA3-3D5F4E32BB55} (1dbbc637a0b33fbd708c8dac7a78912c) C:\WINDOWS\system32\drivers\wA301a.sys
17:22:49.0541 1204 {E2B953A6-195A-44F9-9BA3-3D5F4E32BB55} - ok
17:22:49.0641 1204 MBR (0x1B8) (671b81004fdd1588fa9ed1331c9ceca9) \Device\Harddisk0\DR0
17:22:50.0201 1204 \Device\Harddisk0\DR0 - ok
17:22:50.0211 1204 Boot (0x1200) (7224ee85be4869a912ab534cfdc73bb6) \Device\Harddisk0\DR0\Partition0
17:22:50.0221 1204 \Device\Harddisk0\DR0\Partition0 - ok
17:22:50.0221 1204 ============================================================
17:22:50.0221 1204 Scan finished
17:22:50.0221 1204 ============================================================
17:22:50.0372 1852 Detected object count: 27
17:22:50.0372 1852 Actual detected object count: 27
17:23:13.0745 1852 ACS ( UnsignedFile.Multi.Generic ) - skipped by user
17:23:13.0745 1852 ACS ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:23:13.0745 1852 ASCTRM ( UnsignedFile.Multi.Generic ) - skipped by user
17:23:13.0745 1852 ASCTRM ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:23:13.0745 1852 aspnet_state ( UnsignedFile.Multi.Generic ) - skipped by user
17:23:13.0745 1852 aspnet_state ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:23:13.0745 1852 Cdr4_xp ( UnsignedFile.Multi.Generic ) - skipped by user
17:23:13.0745 1852 Cdr4_xp ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:23:13.0745 1852 Cdralw2k ( UnsignedFile.Multi.Generic ) - skipped by user
17:23:13.0745 1852 Cdralw2k ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:23:13.0745 1852 CFSvcs ( UnsignedFile.Multi.Generic ) - skipped by user
17:23:13.0745 1852 CFSvcs ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:23:13.0755 1852 drvmcdb ( UnsignedFile.Multi.Generic ) - skipped by user
17:23:13.0755 1852 drvmcdb ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:23:13.0755 1852 drvnddm ( UnsignedFile.Multi.Generic ) - skipped by user
17:23:13.0755 1852 drvnddm ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:23:13.0755 1852 LxrJD31d ( UnsignedFile.Multi.Generic ) - skipped by user
17:23:13.0755 1852 LxrJD31d ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:23:13.0755 1852 MDC8021X ( UnsignedFile.Multi.Generic ) - skipped by user
17:23:13.0755 1852 MDC8021X ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:23:13.0765 1852 Netdevio ( UnsignedFile.Multi.Generic ) - skipped by user
17:23:13.0765 1852 Netdevio ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:23:13.0765 1852 pfc ( UnsignedFile.Multi.Generic ) - skipped by user
17:23:13.0765 1852 pfc ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:23:13.0765 1852 PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user
17:23:13.0765 1852 PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:23:13.0765 1852 sscdbhk5 ( UnsignedFile.Multi.Generic ) - skipped by user
17:23:13.0765 1852 sscdbhk5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:23:13.0775 1852 ssrtln ( UnsignedFile.Multi.Generic ) - skipped by user
17:23:13.0775 1852 ssrtln ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:23:13.0775 1852 Swupdtmr ( UnsignedFile.Multi.Generic ) - skipped by user
17:23:13.0775 1852 Swupdtmr ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:23:13.0775 1852 TBiosDrv ( UnsignedFile.Multi.Generic ) - skipped by user
17:23:13.0775 1852 TBiosDrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:23:13.0775 1852 tfsnboio ( UnsignedFile.Multi.Generic ) - skipped by user
17:23:13.0775 1852 tfsnboio ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:23:13.0785 1852 tfsncofs ( UnsignedFile.Multi.Generic ) - skipped by user
17:23:13.0785 1852 tfsncofs ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:23:13.0785 1852 tfsndrct ( UnsignedFile.Multi.Generic ) - skipped by user
17:23:13.0785 1852 tfsndrct ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:23:13.0785 1852 tfsndres ( UnsignedFile.Multi.Generic ) - skipped by user
17:23:13.0785 1852 tfsndres ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:23:13.0785 1852 tfsnifs ( UnsignedFile.Multi.Generic ) - skipped by user
17:23:13.0785 1852 tfsnifs ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:23:13.0785 1852 tfsnopio ( UnsignedFile.Multi.Generic ) - skipped by user
17:23:13.0785 1852 tfsnopio ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:23:13.0785 1852 tfsnpool ( UnsignedFile.Multi.Generic ) - skipped by user
17:23:13.0785 1852 tfsnpool ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:23:13.0795 1852 tfsnudf ( UnsignedFile.Multi.Generic ) - skipped by user
17:23:13.0795 1852 tfsnudf ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:23:13.0795 1852 tfsnudfa ( UnsignedFile.Multi.Generic ) - skipped by user
17:23:13.0795 1852 tfsnudfa ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:23:13.0795 1852 TVALZ ( UnsignedFile.Multi.Generic ) - skipped by user
17:23:13.0795 1852 TVALZ ( UnsignedFile.Multi.Generic ) - User select action: Skip
  • 0

Advertisements


#17
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts
Check the version on MalwareBytes' that they have installed on this computer.

  • Double click on MalwareBytes'
  • Click the About tab
  • It should say version 1.61.0.1400
  • If it does then click the Update tab and update it.
  • Click Scanner tab, select Perform quick scan
  • Click Scan
  • Post the log in your next reply.

If it is not the latest version post back with the version number please.
  • 0

#18
dvd7e

dvd7e

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts
The MBAM version is 1.44
  • 0

#19
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts
That is very out of date please follow these instructions:

Step 1.

Click on Start and select Control Panel
Open Add/Remove Programs
Uninstall Malwarebytes' Anti-Malware
Restart your computer very important
Download and run mbam-clean.exe from here
It will ask to restart your computer, please allow it to do so very important


Step 2.

Please download Malwarebytes' Anti-Malware

Double Click mbam-setup.exe to install the application. Please do not accept the trial right now. We just want to run it on demand.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish, so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.


Extra Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.



Step 3.

Post the log from mbam.
  • 0

#20
dvd7e

dvd7e

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts
I removed the old version of MBAM, installed the latest one (and updated the database). Here's the scan log:

Is there anything here that looks like a problem? Otherwise I think the issue is resolved and the computer is working again.

Thanks for your help!


Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.06.14.10

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 7.0.5730.11
Valerie Walthert :: VALERIE [administrator]

6/14/2012 7:36:03 PM
mbam-log-2012-06-14 (19-36-03).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 191028
Time elapsed: 8 minute(s), 19 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 1
HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
  • 0

#21
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts
Step 1.

Run ESET Online Scan

Note: You can use either Internet Explorer or Mozilla FireFox for this scan.

Vista / 7 users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.

Please go here then click on: Posted Image

If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
All of the following instructions work with either Internet Explorer or Mozilla FireFox.

  • Select the option YES, I accept the Terms of Use then click on: Posted Image
  • When prompted allow Add-On/Active X to install.
  • Make sure that the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: Posted Image
  • The virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically. The scan may take several hours.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close, make sure you copy the logfile first!
  • Now click on: Posted Image
  • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic.


Step 2.

Security Check
Download Security Check by screen317 from here or here.

Save it to your Desktop.
Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt; please post the contents of that document.


Step 4.

Please post:


eset log
security check log


Please give me an update on how your computer is doing!
  • 0

#22
dvd7e

dvd7e

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts
The online scanner didn't find any issues, and as far as I can tell didn't generate a logfile. I checked in the path on the C drive too, nothing there.

Here is the logfile from the Security Check scan:


Results of screen317's Security Check version 0.99.41
Windows XP Service Pack 3 x86
Internet Explorer 7 Out of date!
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.61.0.1400
Java 2 Runtime Environment, SE v1.4.2_05
Java version out of date!
Adobe Flash Player 10 Flash Player out of date!
Adobe Reader 7 Adobe Reader out of date!
````````Process Check: objlist.exe by Laurent````````
Symantec Client Security Symantec AntiVirus DefWatch.exe
Symantec Client Security Symantec AntiVirus Rtvscan.exe
Symantec Client Security Symantec Client Firewall ISSVC.exe
Symantec Client Security Symantec Client Firewall SymSPort.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:: 2%
````````````````````End of Log``````````````````````
  • 0

#23
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts
Step 1.

Clear the Java Cache by following the instructions here


Step 2.

Update Java

Please download JavaRa to your desktop and unzip it to its own folder

Run JavaRa.exe, pick the language of your choice and click Select. Then click Remove Older Versions.
Verify you have uninstalled all Java versions by going to Start >> Control Panel >> Add/Remove Programs and uninstall any remaining versions if present.

Accept any prompts.
Open JavaRa.exe again and select Search For Updates.
Select Update Using Sun Java's Website then click Search and click on the Open Webpage button. Download and install the latest Java Runtime Environment (JRE) version for your computer.


Step 3.

Now we need to update Internet explorer to 8.0

Plase go to windows update:

Click Start >> Windows Update click Check for updates >> Check for updates

Select and install any updates a few at a time, including IE 8.0, (You may need to install IE 7.0 first) that you have that are critical, important, and recommended. Even if you do not use Internet Explorer it is an integral part for Windows and needs to be kept current for security purposes.

You may have to reboot several times but this is an important step in maintaining your security.


Once this is complete make sure you setup automatic updates using instructions found here


Step 4.

Update Adobe Reader

Recently there have been vulnerabilities detected in older versions of Adobe Reader. It is strongly suggested that you update to the current version.

Uninstall all previous versions.
Download the latest version from: http://www.adobe.com.../readstep2.html

If you already have Adobe Photoshop® Album Starter Edition installed or do not wish to have it installed UNcheck the box which says Also Download Adobe Photoshop® Album Starter Edition.


Step 5.

Update adobe flash player

We need to uninstall the existing flash player(s). Please go here
Follow steps 1. to 4.
Once flash player is uninstalled go on to the next paragraph.

You will need to download and install both the IE and non-IE versions of Adobe Flashplayer. Make sure to uncheck the install of the McAfee tool before downloading. You will need to select your operating system (Windows XP 32-bit) and then each version to download and install separately.





Then come back and give me an update on your computer
  • 0

#24
dvd7e

dvd7e

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts
I completed the updates. The computer is running great now...much faster than a few days ago, and the it boots fine now, even in Normal mode.

Thank you very much for your help.
  • 0

#25
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts

I completed the updates. The computer is running great now...much faster than a few days ago, and the it boots fine now, even in Normal mode.

Excellent :thumbsup:



Thank you very much for your help.

You are welcome!
  • 0

Advertisements


#26
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts
Subject to no further problems :)

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Your logs now appears clean :thumbsup:

The following will implement some cleanup procedures as well as reset System Restore points:

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :Commands
    [resethosts]
    [emptytemp]
    [CLEARALLRESTOREPOINTS]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done

Remove ComboFix
  • Delete the current copy of ComboFix on your desktop
  • Download a fresh copy from here to your desktop
  • Hold down the Windows key + R on your keyboard. This will display the Run dialogue box
  • In the Run box, type in ComboFix /Uninstall
    (Notice the space between the "x" and "/")
    then click OK

    Posted Image
  • Follow the prompts on the screen
  • A message should appear confirming that ComboFix was uninstalled

Run OTL and hit the cleanup button. It will remove all the programs we have used plus itself.


Now that you are clean, to help protect your computer in the future I recommend that you get the following free programs:

Posted Image Malwarebytes.

Update and run weekly to keep your system clean

Download and install FileHippo update checker and run it monthly it will show you which programs on your system need updating and give a download link

It is critical to have both a firewall and anti virus to protect your system and to keep them updated. To keep your operating system up to date visit
To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?Keep safe :wave:
  • 0

#27
dvd7e

dvd7e

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts
Great, thanks! Computer is working great now.

Slightly off-topic, but what about any registry cleanup software (e.g. CCCLeaner, ERUNT etc)? Are those worthwhile, or too risky/not enough impact to make them worth running?

Thanks
  • 0

#28
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts

Slightly off-topic, but what about any registry cleanup software (e.g. CCCLeaner, ERUNT etc)? Are those worthwhile, or too risky/not enough impact to make them worth running?

I use ERUNT for registry backup and restore. I use CCleaner to clean temp files and to manage startup items.

They both have a registry cleaner that I do not recommend using.
A registry cleaner will not increase your system's speed or performance, and has the potential to break your registry to the point that your PC is no longer bootable.
We strongly advise that people stay away from any of the registry cleaners out there.
Go HERE to get more information about why registry cleaners aren't needed.

Technet blog also discusses this issue as well as Ed Bott.
  • 0

#29
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP