Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Earthlink coming back to haunt me

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: Earthlink coming back to haunt me

Unread postby askey127 » March 18th, 2012, 4:04 pm

TPA
There appears to be two registry keys missing from your Winsock2 list.

Go to
http://support.microsoft.com/kb/811259

Scroll down the page to the tag on the left where it says Fix it for me
Expand the "Fix It For Me" button and, under the Fixit symbol, click on the link titled Fix this problem
Save the download to your flash and run it on the affected machine.
Most likely it will ask you to reboot. Do so immediately.

Tell me what you see. See if typing an address like http://www.google.com into IE will produce any results.
We may have more work to do.

askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA
Advertisement
Register to Remove

Re: Earthlink coming back to haunt me

Unread postby TPA » March 18th, 2012, 6:09 pm

It asked me to reboot, as predicted. I did so, and when it restarted I received the same error message the last time I rebooted:

The instruction at "0x7d4caa9b" referenced memory at "0x00000010". The memory could not be "read". Click on OK to terminate the program, click on CANCEL to debug the program


I pressed cancel this time, since OK didn't work for me last time. After about a minute of inactivity, the same message appeared again. So I pressed OK and after about another minute of inactivity, my desktop appeared.

I opened IE and tried several websites, without success. Bummer.
TPA
Regular Member
 
Posts: 15
Joined: March 15th, 2012, 3:50 pm

Re: Earthlink coming back to haunt me

Unread postby askey127 » March 19th, 2012, 11:03 am

TPA,
From Start, Run type these commands, one at a time, and click OK after each.

ipconfig /release

ipconfig /renew

ipconfig /all >> c:\ip2.txt


--------------------------------------------
TDSSKiller - Rootkit Removal Tool
Please download the TDSSKiller.exe by Kaspersky and transfer it to your Desktop. <-Important!!!
  1. Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    If TDSSKiller does not run... rename it. Right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. ektfhtw.com).
    If you don't see file extensions, please see: How to change the file extension.
    If you try to change the filename and extension, you may get a warning message from Windows because of the change of file extension. OK the change.
  2. Click the Start Scan button. Do not use the computer during the scan!
  3. If the scan completes with nothing found, click Close to exit.
  4. If malicious objects are found, they will show in the "Scan results - Select action for found objects" and offer 3 options.
    • Ensure Cure (default) is selected... then click Continue > Reboot now to finish the cleaning process.
    • If Cure is not offered as an option, choose Skip.
  5. A log file named TDSSKiller_version_dd.mm.yyyy_hh.mm.ss_log.txt will be created and saved to the main directory of C:
    (the dd.mm.yyyy_hh.mm.ss numbers in the filename represent the time/date stamp)
  6. Copy and paste the contents of that file in your next reply.
If, for some reason,you can't locate the text file to paste into your reply, just tell me, but DO NOT run the program a second time.
askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Earthlink coming back to haunt me

Unread postby TPA » March 19th, 2012, 6:18 pm

No malicious objects detected. log file below.

18:15:36.0984 7492 TDSS rootkit removing tool 2.7.20.0 Mar 9 2012 17:10:43
18:15:36.0984 7492 ============================================================
18:15:36.0984 7492 Current date / time: 2012/03/19 18:15:36.0984
18:15:36.0984 7492 SystemInfo:
18:15:36.0984 7492
18:15:36.0984 7492 OS Version: 5.1.2600 ServicePack: 3.0
18:15:36.0984 7492 Product type: Workstation
18:15:36.0984 7492 ComputerName: PUDU
18:15:36.0984 7492 UserName: Timothy C. Parsons
18:15:36.0984 7492 Windows directory: C:\WINDOWS
18:15:36.0984 7492 System windows directory: C:\WINDOWS
18:15:36.0984 7492 Processor architecture: Intel x86
18:15:36.0984 7492 Number of processors: 2
18:15:36.0984 7492 Page size: 0x1000
18:15:36.0984 7492 Boot type: Normal boot
18:15:36.0984 7492 ============================================================
18:15:37.0828 7492 Drive \Device\Harddisk0\DR0 - Size: 0x2540BE4000 (149.01 Gb), SectorSize: 0x200, Cylinders: 0x4BFC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
18:15:37.0828 7492 Drive \Device\Harddisk1\DR6 - Size: 0x1EF80000 (0.48 Gb), SectorSize: 0x200, Cylinders: 0x3F, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:15:37.0843 7492 \Device\Harddisk0\DR0:
18:15:37.0843 7492 MBR used
18:15:37.0843 7492 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x120A8A59
18:15:37.0843 7492 \Device\Harddisk1\DR6:
18:15:37.0843 7492 MBR used
18:15:37.0843 7492 \Device\Harddisk1\DR6\Partition0: MBR, Type 0x4, StartLBA 0x20, BlocksNum 0xF7BE0
18:15:37.0968 7492 Initialize success
18:15:37.0968 7492 ============================================================
18:15:48.0125 1632 ============================================================
18:15:48.0125 1632 Scan started
18:15:48.0125 1632 Mode: Manual;
18:15:48.0125 1632 ============================================================
18:15:48.0390 1632 Abiosdsk - ok
18:15:48.0453 1632 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
18:15:48.0453 1632 abp480n5 - ok
18:15:48.0515 1632 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
18:15:48.0531 1632 ACPI - ok
18:15:48.0546 1632 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
18:15:48.0562 1632 ACPIEC - ok
18:15:48.0593 1632 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
18:15:48.0593 1632 adpu160m - ok
18:15:48.0640 1632 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
18:15:48.0640 1632 aec - ok
18:15:48.0703 1632 Afc (a7b8a3a79d35215d798a300df49ed23f) C:\WINDOWS\system32\drivers\Afc.sys
18:15:48.0703 1632 Afc - ok
18:15:48.0750 1632 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
18:15:48.0750 1632 AFD - ok
18:15:48.0796 1632 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
18:15:48.0796 1632 agp440 - ok
18:15:48.0828 1632 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
18:15:48.0843 1632 agpCPQ - ok
18:15:48.0890 1632 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
18:15:48.0890 1632 Aha154x - ok
18:15:48.0937 1632 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
18:15:48.0953 1632 aic78u2 - ok
18:15:48.0984 1632 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
18:15:48.0984 1632 aic78xx - ok
18:15:49.0062 1632 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
18:15:49.0062 1632 AliIde - ok
18:15:49.0125 1632 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
18:15:49.0125 1632 alim1541 - ok
18:15:49.0171 1632 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
18:15:49.0171 1632 amdagp - ok
18:15:49.0218 1632 AmdK8 (0a4d13b388c814560bd69c3a496ecfa8) C:\WINDOWS\system32\DRIVERS\AmdK8.sys
18:15:49.0218 1632 AmdK8 - ok
18:15:49.0281 1632 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
18:15:49.0281 1632 amsint - ok
18:15:49.0359 1632 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
18:15:49.0359 1632 asc - ok
18:15:49.0390 1632 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
18:15:49.0390 1632 asc3350p - ok
18:15:49.0453 1632 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
18:15:49.0453 1632 asc3550 - ok
18:15:49.0500 1632 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
18:15:49.0500 1632 AsyncMac - ok
18:15:49.0531 1632 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
18:15:49.0531 1632 atapi - ok
18:15:49.0546 1632 Atdisk - ok
18:15:49.0593 1632 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
18:15:49.0593 1632 Atmarpc - ok
18:15:49.0656 1632 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
18:15:49.0656 1632 audstub - ok
18:15:49.0703 1632 bcm4sbxp (78e7b52da292fa90bad2f887bbf22159) C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
18:15:49.0718 1632 bcm4sbxp - ok
18:15:49.0812 1632 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
18:15:49.0812 1632 Beep - ok
18:15:49.0859 1632 BW2NDIS5 - ok
18:15:50.0000 1632 catchme - ok
18:15:50.0078 1632 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
18:15:50.0078 1632 cbidf - ok
18:15:50.0093 1632 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
18:15:50.0093 1632 cbidf2k - ok
18:15:50.0156 1632 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
18:15:50.0156 1632 CCDECODE - ok
18:15:50.0203 1632 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
18:15:50.0203 1632 cd20xrnt - ok
18:15:50.0234 1632 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
18:15:50.0234 1632 Cdaudio - ok
18:15:50.0296 1632 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
18:15:50.0296 1632 Cdfs - ok
18:15:50.0312 1632 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
18:15:50.0312 1632 Cdrom - ok
18:15:50.0328 1632 Changer - ok
18:15:50.0375 1632 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
18:15:50.0375 1632 CmdIde - ok
18:15:50.0406 1632 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
18:15:50.0406 1632 Cpqarray - ok
18:15:50.0468 1632 CVirtA (72f820e457bc8a1c61aeb86df89dd41a) C:\WINDOWS\system32\DRIVERS\CVirtA.sys
18:15:50.0468 1632 CVirtA - ok
18:15:50.0531 1632 CVPNDRVA (25f3c293b1a10eb1e1a2cee5c3c1c62d) C:\WINDOWS\system32\Drivers\CVPNDRVA.sys
18:15:50.0531 1632 CVPNDRVA - ok
18:15:50.0562 1632 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
18:15:50.0562 1632 dac2w2k - ok
18:15:50.0609 1632 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
18:15:50.0609 1632 dac960nt - ok
18:15:50.0703 1632 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
18:15:50.0703 1632 Disk - ok
18:15:50.0781 1632 DLABOIOM (e2d0de31442390c35e3163c87cb6a9eb) C:\WINDOWS\system32\DLA\DLABOIOM.SYS
18:15:50.0781 1632 DLABOIOM - ok
18:15:50.0796 1632 DLACDBHM (d979bebcf7edcc9c9ee1857d1a68c67b) C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
18:15:50.0796 1632 DLACDBHM - ok
18:15:50.0828 1632 DLADResN (83545593e297f50a8e2524b4c071a153) C:\WINDOWS\system32\DLA\DLADResN.SYS
18:15:50.0828 1632 DLADResN - ok
18:15:50.0843 1632 DLAIFS_M (96e01d901cdc98c7817155cc057001bf) C:\WINDOWS\system32\DLA\DLAIFS_M.SYS
18:15:50.0843 1632 DLAIFS_M - ok
18:15:50.0859 1632 DLAOPIOM (0a60a39cc5e767980a31ca5d7238dfa9) C:\WINDOWS\system32\DLA\DLAOPIOM.SYS
18:15:50.0859 1632 DLAOPIOM - ok
18:15:50.0875 1632 DLAPoolM (9fe2b72558fc808357f427fd83314375) C:\WINDOWS\system32\DLA\DLAPoolM.SYS
18:15:50.0875 1632 DLAPoolM - ok
18:15:50.0953 1632 DLARTL_N (7ee0852ae8907689df25049dcd2342e8) C:\WINDOWS\system32\Drivers\DLARTL_N.SYS
18:15:50.0953 1632 DLARTL_N - ok
18:15:50.0968 1632 DLAUDFAM (f08e1dafac457893399e03430a6a1397) C:\WINDOWS\system32\DLA\DLAUDFAM.SYS
18:15:50.0984 1632 DLAUDFAM - ok
18:15:51.0000 1632 DLAUDF_M (e7d105ed1e694449d444a9933df8e060) C:\WINDOWS\system32\DLA\DLAUDF_M.SYS
18:15:51.0000 1632 DLAUDF_M - ok
18:15:51.0062 1632 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
18:15:51.0109 1632 dmboot - ok
18:15:51.0156 1632 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
18:15:51.0156 1632 dmio - ok
18:15:51.0187 1632 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
18:15:51.0187 1632 dmload - ok
18:15:51.0250 1632 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
18:15:51.0250 1632 DMusic - ok
18:15:51.0312 1632 DNE (c86fbf607445bf693450d84b775f168c) C:\WINDOWS\system32\DRIVERS\dne2000.sys
18:15:51.0312 1632 DNE - ok
18:15:51.0375 1632 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
18:15:51.0375 1632 dpti2o - ok
18:15:51.0453 1632 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
18:15:51.0453 1632 drmkaud - ok
18:15:51.0500 1632 DRVMCDB (fd0f95981fef9073659d8ec58e40aa3c) C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
18:15:51.0500 1632 DRVMCDB - ok
18:15:51.0515 1632 DRVNDDM (b4869d320428cdc5ec4d7f5e808e99b5) C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
18:15:51.0515 1632 DRVNDDM - ok
18:15:51.0640 1632 DSproct (2ac2372ffad9adc85672cc8e8ae14be9) C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys
18:15:51.0640 1632 DSproct - ok
18:15:51.0671 1632 E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys
18:15:51.0671 1632 E100B - ok
18:15:51.0765 1632 Eplpdx02 (f9472131367d39435d750f5fa3d23582) C:\WINDOWS\system32\Drivers\EPLPDX02.SYS
18:15:51.0781 1632 Eplpdx02 - ok
18:15:51.0828 1632 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
18:15:51.0828 1632 Fastfat - ok
18:15:51.0875 1632 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
18:15:51.0875 1632 Fdc - ok
18:15:51.0937 1632 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
18:15:51.0937 1632 Fips - ok
18:15:51.0968 1632 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
18:15:51.0968 1632 Flpydisk - ok
18:15:52.0046 1632 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
18:15:52.0046 1632 FltMgr - ok
18:15:52.0093 1632 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
18:15:52.0093 1632 Fs_Rec - ok
18:15:52.0140 1632 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
18:15:52.0140 1632 Ftdisk - ok
18:15:52.0187 1632 GEARAspiWDM (f2f431d1573ee632975c524418655b84) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
18:15:52.0187 1632 GEARAspiWDM - ok
18:15:52.0265 1632 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
18:15:52.0281 1632 Gpc - ok
18:15:52.0359 1632 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
18:15:52.0359 1632 HDAudBus - ok
18:15:52.0406 1632 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
18:15:52.0406 1632 HidUsb - ok
18:15:52.0437 1632 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
18:15:52.0437 1632 hpn - ok
18:15:52.0500 1632 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
18:15:52.0500 1632 HPZid412 - ok
18:15:52.0531 1632 HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
18:15:52.0531 1632 HPZipr12 - ok
18:15:52.0562 1632 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
18:15:52.0562 1632 HPZius12 - ok
18:15:52.0593 1632 HSFHWBS2 (77e4ff0b73bc0aeaaf39bf0c8104231f) C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
18:15:52.0593 1632 HSFHWBS2 - ok
18:15:52.0656 1632 HSF_DP (60e1604729a15ef4a3b05f298427b3b1) C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
18:15:52.0687 1632 HSF_DP - ok
18:15:52.0781 1632 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
18:15:52.0781 1632 HTTP - ok
18:15:52.0859 1632 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
18:15:52.0859 1632 i2omgmt - ok
18:15:52.0890 1632 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
18:15:52.0890 1632 i2omp - ok
18:15:52.0921 1632 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
18:15:52.0921 1632 i8042prt - ok
18:15:52.0937 1632 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
18:15:52.0937 1632 Imapi - ok
18:15:52.0968 1632 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
18:15:52.0984 1632 ini910u - ok
18:15:53.0046 1632 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
18:15:53.0046 1632 IntelIde - ok
18:15:53.0125 1632 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
18:15:53.0125 1632 intelppm - ok
18:15:53.0187 1632 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
18:15:53.0187 1632 Ip6Fw - ok
18:15:53.0234 1632 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
18:15:53.0234 1632 IpFilterDriver - ok
18:15:53.0265 1632 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
18:15:53.0265 1632 IpInIp - ok
18:15:53.0312 1632 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
18:15:53.0312 1632 IpNat - ok
18:15:53.0359 1632 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
18:15:53.0375 1632 IPSec - ok
18:15:53.0390 1632 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
18:15:53.0390 1632 IRENUM - ok
18:15:53.0421 1632 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
18:15:53.0421 1632 isapnp - ok
18:15:53.0453 1632 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
18:15:53.0453 1632 Kbdclass - ok
18:15:53.0500 1632 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
18:15:53.0500 1632 kbdhid - ok
18:15:53.0515 1632 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
18:15:53.0531 1632 kmixer - ok
18:15:53.0578 1632 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
18:15:53.0578 1632 KSecDD - ok
18:15:53.0593 1632 lbrtfdc - ok
18:15:53.0671 1632 mdmxsdk (eeaea6514ba7c9d273b5e87c4e1aab30) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
18:15:53.0671 1632 mdmxsdk - ok
18:15:53.0718 1632 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys
18:15:53.0718 1632 MHNDRV - ok
18:15:53.0734 1632 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
18:15:53.0734 1632 mnmdd - ok
18:15:53.0781 1632 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
18:15:53.0781 1632 Modem - ok
18:15:53.0796 1632 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys
18:15:53.0796 1632 MODEMCSA - ok
18:15:53.0890 1632 motmodem (fe80c18ba448ddd76b7bead9eb203d37) C:\WINDOWS\system32\DRIVERS\motmodem.sys
18:15:53.0890 1632 motmodem - ok
18:15:53.0921 1632 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
18:15:53.0921 1632 Mouclass - ok
18:15:53.0953 1632 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
18:15:53.0953 1632 mouhid - ok
18:15:53.0984 1632 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
18:15:53.0984 1632 MountMgr - ok
18:15:54.0015 1632 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
18:15:54.0015 1632 mraid35x - ok
18:15:54.0046 1632 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
18:15:54.0062 1632 MRxDAV - ok
18:15:54.0171 1632 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
18:15:54.0187 1632 MRxSmb - ok
18:15:54.0250 1632 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
18:15:54.0265 1632 Msfs - ok
18:15:54.0312 1632 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
18:15:54.0312 1632 MSKSSRV - ok
18:15:54.0375 1632 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
18:15:54.0390 1632 MSPCLOCK - ok
18:15:54.0468 1632 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
18:15:54.0468 1632 MSPQM - ok
18:15:54.0562 1632 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
18:15:54.0562 1632 mssmbios - ok
18:15:54.0640 1632 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
18:15:54.0640 1632 MSTEE - ok
18:15:54.0734 1632 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
18:15:54.0734 1632 Mup - ok
18:15:54.0796 1632 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
18:15:54.0796 1632 NABTSFEC - ok
18:15:54.0906 1632 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
18:15:54.0921 1632 NDIS - ok
18:15:54.0984 1632 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
18:15:54.0984 1632 NdisIP - ok
18:15:55.0062 1632 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
18:15:55.0062 1632 NdisTapi - ok
18:15:55.0109 1632 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
18:15:55.0109 1632 Ndisuio - ok
18:15:55.0125 1632 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:15:55.0125 1632 NdisWan - ok
18:15:55.0187 1632 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
18:15:55.0203 1632 NDProxy - ok
18:15:55.0234 1632 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
18:15:55.0250 1632 NetBIOS - ok
18:15:55.0265 1632 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
18:15:55.0265 1632 NetBT - ok
18:15:55.0312 1632 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
18:15:55.0312 1632 Npfs - ok
18:15:55.0343 1632 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
18:15:55.0359 1632 Ntfs - ok
18:15:55.0437 1632 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
18:15:55.0437 1632 Null - ok
18:15:55.0640 1632 nv (15a6306a0b958bf60f09688d0ee70479) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
18:15:55.0781 1632 nv - ok
18:15:55.0859 1632 nvatabus (75562456aa672bb5fe56d3c64c6d1c7d) C:\WINDOWS\system32\drivers\nvatabus.sys
18:15:55.0859 1632 nvatabus - ok
18:15:55.0937 1632 nvraid (1d4781a5957300dc81b91161b45704bb) C:\WINDOWS\system32\drivers\nvraid.sys
18:15:55.0937 1632 nvraid - ok
18:15:56.0000 1632 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
18:15:56.0000 1632 NwlnkFlt - ok
18:15:56.0062 1632 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
18:15:56.0062 1632 NwlnkFwd - ok
18:15:56.0171 1632 PalmUSBD (7238442742146a64fac40fa0f9afd491) C:\WINDOWS\system32\drivers\PalmUSBD.sys
18:15:56.0203 1632 PalmUSBD - ok
18:15:56.0296 1632 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
18:15:56.0296 1632 Parport - ok
18:15:56.0343 1632 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
18:15:56.0343 1632 PartMgr - ok
18:15:56.0375 1632 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
18:15:56.0375 1632 ParVdm - ok
18:15:56.0390 1632 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
18:15:56.0390 1632 PCI - ok
18:15:56.0390 1632 PCIDump - ok
18:15:56.0406 1632 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
18:15:56.0406 1632 PCIIde - ok
18:15:56.0437 1632 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
18:15:56.0453 1632 Pcmcia - ok
18:15:56.0453 1632 PDCOMP - ok
18:15:56.0484 1632 PDFRAME - ok
18:15:56.0484 1632 PDRELI - ok
18:15:56.0515 1632 PDRFRAME - ok
18:15:56.0562 1632 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
18:15:56.0562 1632 perc2 - ok
18:15:56.0593 1632 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
18:15:56.0593 1632 perc2hib - ok
18:15:56.0703 1632 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
18:15:56.0703 1632 PptpMiniport - ok
18:15:56.0718 1632 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
18:15:56.0718 1632 Processor - ok
18:15:56.0750 1632 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
18:15:56.0750 1632 PSched - ok
18:15:56.0812 1632 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
18:15:56.0812 1632 Ptilink - ok
18:15:56.0859 1632 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\WINDOWS\system32\Drivers\PxHelp20.sys
18:15:56.0859 1632 PxHelp20 - ok
18:15:56.0921 1632 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
18:15:56.0921 1632 ql1080 - ok
18:15:56.0953 1632 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
18:15:56.0953 1632 Ql10wnt - ok
18:15:57.0015 1632 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
18:15:57.0015 1632 ql12160 - ok
18:15:57.0046 1632 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
18:15:57.0062 1632 ql1240 - ok
18:15:57.0093 1632 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
18:15:57.0093 1632 ql1280 - ok
18:15:57.0125 1632 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
18:15:57.0125 1632 RasAcd - ok
18:15:57.0187 1632 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
18:15:57.0203 1632 Rasl2tp - ok
18:15:57.0250 1632 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
18:15:57.0250 1632 RasPppoe - ok
18:15:57.0265 1632 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
18:15:57.0265 1632 Raspti - ok
18:15:57.0328 1632 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
18:15:57.0328 1632 Rdbss - ok
18:15:57.0375 1632 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
18:15:57.0375 1632 RDPCDD - ok
18:15:57.0437 1632 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
18:15:57.0437 1632 rdpdr - ok
18:15:57.0500 1632 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
18:15:57.0515 1632 RDPWD - ok
18:15:57.0531 1632 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
18:15:57.0531 1632 redbook - ok
18:15:57.0609 1632 SDDMI2 (8edd7b9e4a4b4c16e2dab9188caa861b) C:\WINDOWS\system32\DDMI2.sys
18:15:57.0609 1632 SDDMI2 - ok
18:15:57.0656 1632 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
18:15:57.0656 1632 Secdrv - ok
18:15:57.0718 1632 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
18:15:57.0734 1632 serenum - ok
18:15:57.0812 1632 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
18:15:57.0812 1632 Serial - ok
18:15:57.0859 1632 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\DRIVERS\sfloppy.sys
18:15:57.0859 1632 Sfloppy - ok
18:15:57.0875 1632 Simbad - ok
18:15:57.0921 1632 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
18:15:57.0921 1632 sisagp - ok
18:15:57.0968 1632 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
18:15:57.0984 1632 SLIP - ok
18:15:58.0078 1632 SndTAudio (eaf1c1c87294dd60260a53e68fba5c7e) C:\WINDOWS\system32\drivers\SndTAudio.sys
18:15:58.0078 1632 SndTAudio - ok
18:15:58.0125 1632 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
18:15:58.0125 1632 Sparrow - ok
18:15:58.0187 1632 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
18:15:58.0187 1632 splitter - ok
18:15:58.0234 1632 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
18:15:58.0250 1632 sr - ok
18:15:58.0296 1632 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
18:15:58.0296 1632 Srv - ok
18:15:58.0390 1632 STHDA (8990440e4b2a7ca5a56a1833b03741fd) C:\WINDOWS\system32\drivers\sthda.sys
18:15:58.0406 1632 STHDA - ok
18:15:58.0437 1632 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
18:15:58.0453 1632 streamip - ok
18:15:58.0484 1632 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
18:15:58.0484 1632 swenum - ok
18:15:58.0515 1632 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
18:15:58.0515 1632 swmidi - ok
18:15:58.0562 1632 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
18:15:58.0562 1632 symc810 - ok
18:15:58.0578 1632 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
18:15:58.0578 1632 symc8xx - ok
18:15:58.0625 1632 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
18:15:58.0625 1632 sym_hi - ok
18:15:58.0656 1632 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
18:15:58.0656 1632 sym_u3 - ok
18:15:58.0734 1632 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
18:15:58.0734 1632 sysaudio - ok
18:15:58.0812 1632 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
18:15:58.0812 1632 Tcpip - ok
18:15:58.0890 1632 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
18:15:58.0890 1632 TDPIPE - ok
18:15:58.0937 1632 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
18:15:58.0937 1632 TDTCP - ok
18:15:58.0968 1632 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
18:15:58.0968 1632 TermDD - ok
18:15:59.0015 1632 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
18:15:59.0015 1632 TosIde - ok
18:15:59.0046 1632 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
18:15:59.0046 1632 Udfs - ok
18:15:59.0078 1632 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
18:15:59.0093 1632 ultra - ok
18:15:59.0171 1632 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
18:15:59.0187 1632 Update - ok
18:15:59.0296 1632 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys
18:15:59.0312 1632 USBAAPL - ok
18:15:59.0375 1632 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
18:15:59.0375 1632 usbaudio - ok
18:15:59.0406 1632 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
18:15:59.0406 1632 usbccgp - ok
18:15:59.0437 1632 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
18:15:59.0437 1632 usbehci - ok
18:15:59.0468 1632 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
18:15:59.0468 1632 usbhub - ok
18:15:59.0484 1632 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
18:15:59.0484 1632 usbohci - ok
18:15:59.0531 1632 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
18:15:59.0531 1632 usbprint - ok
18:15:59.0578 1632 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
18:15:59.0578 1632 usbscan - ok
18:15:59.0578 1632 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
18:15:59.0593 1632 USBSTOR - ok
18:15:59.0625 1632 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
18:15:59.0625 1632 usbuhci - ok
18:15:59.0671 1632 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
18:15:59.0671 1632 VgaSave - ok
18:15:59.0734 1632 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
18:15:59.0734 1632 viaagp - ok
18:15:59.0765 1632 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
18:15:59.0765 1632 ViaIde - ok
18:15:59.0796 1632 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
18:15:59.0796 1632 VolSnap - ok
18:15:59.0921 1632 VX1000 (f4fab0b9d43a65f79fc838c94006f643) C:\WINDOWS\system32\DRIVERS\VX1000.sys
18:15:59.0937 1632 VX1000 - ok
18:15:59.0968 1632 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
18:15:59.0968 1632 Wanarp - ok
18:15:59.0984 1632 wanatw - ok
18:16:00.0093 1632 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
18:16:00.0109 1632 Wdf01000 - ok
18:16:00.0156 1632 WDICA - ok
18:16:00.0203 1632 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
18:16:00.0218 1632 wdmaud - ok
18:16:00.0296 1632 winachsf (f59ed5a43b988a18ef582bb07b2327a7) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
18:16:00.0312 1632 winachsf - ok
18:16:00.0375 1632 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
18:16:00.0375 1632 WS2IFSL - ok
18:16:00.0453 1632 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
18:16:00.0453 1632 WSTCODEC - ok
18:16:00.0500 1632 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
18:16:00.0500 1632 WudfPf - ok
18:16:00.0546 1632 MBR (0x1B8) (5cb90281d1a59b251f6603134774eec3) \Device\Harddisk0\DR0
18:16:00.0578 1632 \Device\Harddisk0\DR0 - ok
18:16:00.0578 1632 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR6
18:16:00.0593 1632 \Device\Harddisk1\DR6 - ok
18:16:00.0609 1632 Boot (0x1200) (ce34b4bd24ce45502bf1d21c91d8dd85) \Device\Harddisk0\DR0\Partition0
18:16:00.0609 1632 \Device\Harddisk0\DR0\Partition0 - ok
18:16:00.0609 1632 Boot (0x1200) (c94197a41718e89f56025a7479f061b1) \Device\Harddisk1\DR6\Partition0
18:16:00.0625 1632 \Device\Harddisk1\DR6\Partition0 - ok
18:16:00.0625 1632 ============================================================
18:16:00.0625 1632 Scan finished
18:16:00.0625 1632 ============================================================
18:16:00.0640 7540 Detected object count: 0
18:16:00.0640 7540 Actual detected object count: 0
18:16:11.0484 7948 Deinitialize success
TPA
Regular Member
 
Posts: 15
Joined: March 15th, 2012, 3:50 pm

Re: Earthlink coming back to haunt me

Unread postby askey127 » March 19th, 2012, 7:28 pm

TPA,
The line about "cannot read from memory" in one of your previous posts is possibly a show stopper.
Since it now appears you don't have a rootkit or a bad Hard drice, the RAM Cards are next.

Whether you will be able to troubleshoot this successfully and return to an uncorrupt Windows is still unknown.

The following is not too simple, but is really the only way to get a test of your memory.
-------------------------------------------------------
The MEMTEST download page is here: http://www.memtest86.com/download.html
If your PC can boot from a CD, you will need to download this one, unzip it, and use a CD writing application to generate the CD:
Download - Memtest86 v3.4a ISO image (zip)

For windows installation, begin by downloading either the Pre-Compiled Windows package to build a boot-able floppy disk or an ISO (zip version) to create a boot-able CD-ROM. After the file is downloaded an extract must be done to uncompress the file(s). To extract right click on the downloaded file and select the "Extract All" option. The extract option will let you choose where the files will be extracted to.

To build a boot-able CD-ROM use your CD burning software to burn a CD from the un-zipped ISO image file.
In either case, set your machine BIOS to boot from the CD before the Hard Drive, and let the test run.
If it shows any errors, you should replace one RAM cards at a time and rerun the test until it runs for an hour or more without errors..

askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Earthlink coming back to haunt me

Unread postby TPA » March 22nd, 2012, 6:24 pm

I burned the CD and it's ready to go but I don't know how to set the machine BIOS to boot from the CD before the Hard Drive.
TPA
Regular Member
 
Posts: 15
Joined: March 15th, 2012, 3:50 pm

Re: Earthlink coming back to haunt me

Unread postby askey127 » March 22nd, 2012, 6:36 pm

This is a Toshiba, right?
What model computer is it?
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Earthlink coming back to haunt me

Unread postby TPA » March 22nd, 2012, 6:44 pm

My laptop is a Toshiba, my currently internetless desktop is a Dell Dimension E521
TPA
Regular Member
 
Posts: 15
Joined: March 15th, 2012, 3:50 pm

Re: Earthlink coming back to haunt me

Unread postby askey127 » March 23rd, 2012, 7:22 am

To start the BIOS screen, you have to tap either the Del key, F1, or F2 while it's booting up (rarely it's F12 or Esc).
Some Dells allow you to boot directly from a CD if it's installed in the drive, and you hit F12 when you see the Dell logo.
If you have a PS2 (wired) keyboard try tapping one of those keys while it's starting. Keep tapping.
If it comes up in windows, shut it down and boot it again.
If you have a USB keyboard it has to be plugged into the correct USB socket, or it won't be able to operate during bootup.
A forum quick discussion on the keyboard, for a different reason, is here:
http://www.geekstogo.com/forum/topic/24 ... os-screen/

Meanwhile, You should make sure you offload critical personal documents to CDs/DVDs/Flash drives or your laptop, in case the only solution to the issue is a Factory reset that puts the machine back to the "as delivered" condition.
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Earthlink coming back to haunt me

Unread postby TPA » March 23rd, 2012, 7:46 pm

Before I go any further, let me just explain a little more about my situation. The computer we're working on is pretty old but it works well for what I need it for. The hard drive is small and running out of space but that's not too hard to fix. That being said, I don't want to spend a whole bunch of money replacing cards, and although I keep backups of all my personal info, I'd rather not spend time moving things to and fro and manually redownloading every piece of software for what is essentially an obsolete computer.

This computer was working fine other than an annoying error message before we went uninstalling things, and I'm certainly not blaming you for that, I sought your help and value your time and expertise, but if this is going to get expensive and/or highly time consuming, I'd rather just restore my system to the way it was a couple weeks ago and put up with the popup error messages. Or buy a new computer.

I'm more than willing to do the reboot, but I'd just like to know that I won't pass a point of no return in terms of restoring the system to what it was if I do so. If we've already passed a point of no return, I'd like to know that too.
Thanks again, I really do appreciate your help.
TPA
Regular Member
 
Posts: 15
Joined: March 15th, 2012, 3:50 pm

Re: Earthlink coming back to haunt me

Unread postby askey127 » March 24th, 2012, 7:31 am

TPA,
I understand completely.
The total Factory reset is the only way to be absolutely sure you have a valid uncorrupted system, but it means re-installing all your programs and getting all the Updates again.
Sometimes errors are introduced into the System that cannot be found or corrected without starting over.
-------------------------------------------------
The Memtest CD is not dangerous, will not alter anything, and can be used on any computer.
All it does is test the memory hardware quite completely, using it's own tiny, single function, operating system.
If it should find memory errors, a replacement Memory card for your machine is cheap.
-------------------------------------------------
You can do a System Restore back to earlier in the month if you wish to try that.
I can't say ahead of time how satisfactory that would be.
Here's how:
Restore XP to a Previous System Configuration
  • From the Start Menu, choose Help and Support
  • In the Help and Support Center, under Pick a Task, click the link labeled "Undo Changes To Your Computer With System Restore"
  • In the Welcome screen, click the button labeled "Restore My Computer To An Earlier Time". Click Next.
  • Select the Restore point you want to use, based on the Date. Click Next.
  • On the "Confirm Restore Point Selection" page, verify the settings you have chosen, and click Next.
  • System Restore will perform the rollback and Restart the computer automatically.
If the results are not satisfactory, you can run System Restore again and choose "Undo My Last Restoration".
Then you could try a different System Restore point, possibly even earlier.
System Restore will leave your programs intact, but you will lose recent updates and e-mails.

askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Earthlink coming back to haunt me

Unread postby TPA » March 25th, 2012, 12:32 pm

OK, I booted the computer from the Memtest CD and got no errors.
TPA
Regular Member
 
Posts: 15
Joined: March 15th, 2012, 3:50 pm

Re: Earthlink coming back to haunt me

Unread postby askey127 » March 25th, 2012, 1:23 pm

TPA,
At least the gross tests are showing the hardware to be OK.

If you want to try the System Restore per the last post, to attempt putting it back to early in the month, you can.

If you finally decide to do a complete Factory Reset, you at least have a bit of assurance that it wasn't the hardware causing all this. To do a complete Factory Reset on that model, you hit Ctrl+F11 during bootup, and choose "Restore to factory Settings", then follow on-screen instructions. If you do it, you will lose everything, and have to re-install an Antivirus, all the Windows Updates, and all your programs.
You will end up with an uncorrupted system, a day or two later.

askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Earthlink coming back to haunt me

Unread postby pt521 » March 26th, 2012, 12:58 pm

Is there any reason I can't system restore now, then do a Factory Reset at a later date?
pt521
Regular Member
 
Posts: 26
Joined: July 3rd, 2010, 8:36 pm

Re: Earthlink coming back to haunt me

Unread postby askey127 » March 26th, 2012, 3:11 pm

No, you can do System Restore now, and do the factory reset later if you wish.
In either case, be sure you have any critical documents, e-mails copied elsewhere first.
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA
Advertisement
Register to Remove

PreviousNext

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 355 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware