Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Autocad lt 2007 stopped launching

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Autocad lt 2007 stopped launching

Unread postby frerom » April 27th, 2012, 1:37 am

Last time I used it was April 8th. When I tried launching by opening a drawing it says it can't find the file.

Did disk maintenance and there seems to be file errors that can't be fixed but I'm not sure.
Tried running both versions of DDS, no success. DDS.com seemed to run forever very slowly.
Tried to install Hijack this but it wanted to fix problems right away so I used the program that I had previously.

Hijack this and uninstall files follow:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:16:22 AM, on 27/04/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Tall Emu\Online Armor\OAcat.exe
C:\Program Files\Tall Emu\Online Armor\oasrv.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Secunia\PSI\PSIA.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Tall Emu\Online Armor\oaui.exe
C:\WINDOWS\stsystra.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Tall Emu\Online Armor\OAhlp.exe
C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Adobe\Acrobat 7.0\Acrobat\Acrobat_sl.exe
C:\Program Files\Secunia\PSI\psi_tray.exe
C:\Program Files\Trend Micro\HijackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://support.dell.com/support/index.a ... l=en&s=dhs
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: (no name) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - (no file)
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [@OnlineArmor GUI] "C:\Program Files\Tall Emu\Online Armor\oaui.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe" AcPro7_1_0 -reboot 1
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: AutoCAD LT Startup Accelerator.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart17.exe
O4 - Global Startup: Secunia PSI Tray.lnk = ?
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 0460342453
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 7243105250
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - http://h20270.www2.hp.com/ediags/gmn2/i ... ction2.cab
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDow ... rtScan.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {8569D715-FF88-44BA-8D1D-AD3E59543DDE} (ActiveReports Viewer2) - https://acaeronet.aircanada.ca/http://y ... rview2.cab
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} (DellSystemLite.Scanner) - http://support.dell.com/systemprofiler/ ... emLite.CAB
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MaxBackServiceInt - Unknown owner - C:\Program Files\Maxtor\Maxtor Backup\MaxBackServiceInt.exe (file missing)
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
O23 - Service: Online Armor Helper Service (OAcat) - Unknown owner - C:\Program Files\Tall Emu\Online Armor\OAcat.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files\Secunia\PSI\PSIA.exe
O23 - Service: Secunia Update Agent - Secunia - C:\Program Files\Secunia\PSI\sua.exe
O23 - Service: Online Armor (SvcOnlineArmor) - Unknown owner - C:\Program Files\Tall Emu\Online Armor\oasrv.exe

--
End of file - 7614 bytes

Uninstall list

Adobe Acrobat - Reader 6.0.2 Update
Adobe Acrobat 7.1.0 Professional
Adobe Flash Player 10 ActiveX
Adobe Reader 6.0.1
ATI Catalyst Control Center
ATI Display Driver
AutoCAD LT 2007 - English
Autodesk DWF Viewer
Avanquest update
Broadcom 440x 10/100 Integrated Controller
Broadcom 440x 10/100 Integrated Controller
Conexant HDA D110 MDC V.92 Modem
CorelDRAW Design Collection - 2
CorelDRAW Graphics Suite X3
CorelDRAW Graphics Suite X3
Cortona_ActiveX
Critical Update for Windows Media Player 11 (KB959772)
Dell Driver Reset Tool
Dell Media Experience
Dell ResourceCD
DellSupport
Digital Line Detect
EN
FontNav
Genie Backup Assistant
High Definition Audio Driver Package - KB835221
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
HP Image Zone 4.7
HP Scanjet 4070
HP Update
Image Expert
InstallActiveX
Internet Explorer Default Page
Isoview 5.0.011 (Airbus License)
Java 2 Runtime Environment, SE v1.4.2_03
Java(TM) 6 Update 13
JD Secure 3.1
LaCie Backup Software v1.5.2215
Learn2 Player (Uninstall Only)
MCU
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Easy Assist v2
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Links 2001
Microsoft National Language Support Downlevel APIs
Microsoft Office Basic Edition 2003
Microsoft Office Live Meeting 2007
Microsoft Office PowerPoint Viewer 2003
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Modem Helper
Mozilla Firefox (3.5.6)
MSN
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MyWay Search Assistant
Nero Suite
NetWaiting
Norton Confidence Online
OGA Notifier 2.0.0048.0
PowerDVD 5.7
QuickSet
QuickTime
RealPlayer Basic
SeaTools for Windows
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB976325)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 9 (KB917734)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
SmartFTP Client
SmartFTP Client 3.0 Setup Files (remove only)
Sonic DLA
Sonic MyDVD LE
Sonic RecordNow Audio
Sonic RecordNow Copy
Sonic RecordNow Data
Sonic Update Manager
Sony Ericsson PC Suite 4.010.00
Synaptics Pointing Device Driver
Time Zone Data Update Tool for Microsoft Office Outlook
U3Launcher
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB975364)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update Manager
VBA
Viewpoint Media Player
WebCyberCoach 3.2 Dell
Windows Driver Package - Intel (w29n51) net (09/12/2005 9.0.3.9)
Windows Driver Package - Intel (w39n51) net (12/04/2005 10.1.0.13)
Windows Driver Package - Ricoh Company (rimsptsk) hdc (11/14/2006 6.00.01.04)
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows XP Service Pack 3
frerom
Regular Member
 
Posts: 141
Joined: December 23rd, 2009, 3:18 pm
Location: Ontario, Canada
Advertisement
Register to Remove

Re: Autocad lt 2007 stopped launching

Unread postby maxi » April 27th, 2012, 7:45 am

Hello frerom,

Welcome to the forum!

My name is maxi and I'll be helping you with any malware problems.

Currently I am working under the guidance of the MRU teachers and everything I post to you, must first be approved by them.
This additional review process can add some extra time to my responses, but I will post back with instructions for you as soon as possible.


Before we begin, please read and follow these important guidelines, so things will proceed smoothly.
  1. The instructions being given are for YOUR computer and system only!
    Using these instructions on a different computer can cause damage to that computer and possibly render it inoperable!
  2. You must have Administrator rights, permissions for this computer.
  3. DO NOT run any other fix or removal tools unless instructed to do so!
  4. DO NOT install any other software (or hardware) during the cleaning process. This adds more items to be researched.
  5. Only post your problem at (1) one help site. Applying fixes from multiple help sites can cause problems.
  6. Print each set of instructions if possible - your Internet connection will not be available during some fix processes.
  7. Only reply to this thread, do not start another one. Please, continue responding, until I give you the "All Clean!"
    Absence of symptoms does not mean that everything is clear.

I am currently reviewing your log and will return, as soon as possible, with additional instructions. In the meantime...
Please take time to read the Malware Removal Forum Guidelines and Rules where the conditions for receiving help at this forum are explained.

Please read all instructions carefully before executing and perform the steps, in the order given.
lf, you have any questions or problems, executing these instructions, <<STOP>> do not proceed, post back with the question or problem.



Regards maxi :)
User avatar
maxi
Retired Graduate
 
Posts: 1262
Joined: September 25th, 2009, 10:17 am
Location: Cork, Ireland.

Re: Autocad lt 2007 stopped launching

Unread postby maxi » April 28th, 2012, 8:26 am

Hi frerom ,

Step 1
Back Up registry with ERUNT

  • Please download ERUNT and save it to your desktop.
  • Alternate Download
  • Double-click on erunt_setup.exe to install the program
  • Untick the NTREGOPT desktop shortcut option
  • Click No when you get the option to run Erunt at Windows startup.
  • During the installation, tick Launch Erunt.
  • Accept the default options for running a backup.
  • Erunt will then backup your registry.
  • Click OK to finish.
  • If you are unable to back up your Registry with ERUNT ....
    • Let me know.
    • Do not follow any further instructions until I tell you to.

Step 2
Add/Remove programs
  • Click on start
  • Then Run
  • In the open text entry box please copy/paste appwiz.cpl Then click enter.
  • Press the "Remove" or "Change/Remove"...button to uninstall the following if present.
Java 2 Runtime Environment, SE v1.4.2_03
Java(TM) 6 Update 13
MyWay Search Assistant
Viewpoint Media Player
Adobe Acrobat - Reader 6.0.2 Update
Adobe Reader 6.0.1


Step 3
Please download aswMBR and save it to your Desktop.
  • Double click aswMBR.exe to run it.
  • Click Yes to the prompt to download Avast! virus definitions.
    (Please be patient whilst the virus definitions download)
  • With the AVscan set to Quick Scan, click the Scan button.
    (Please be patient whilst your computer is scanned.)
  • After a while when the scan reports "Scan finished successfully", click Save log & save the log to your desktop.
  • Click OK > Exit.
  • Note: Do not attempt to fix anything at this stage!
  • Two files will be created, aswMBR.txt & a file named MBR.dat.
  • MBR.dat is a backup of the MBR(master boot record), do not delete it..
  • I strongly suggest you keep a copy of this backup stored on an external device.
  • Copy & Paste the contents of aswMBR.txt into your next reply.

Step 4
Please download OTL by Old Timer and save it to your Desktop.
  • Double click on OTL.exe to run it.
  • Under Output, ensure that Standard Output is selected.
  • Under Extra Registry section, select Use SafeList.
  • Click the Scan All Users checkbox.
  • Click on Run Scan at the top left hand corner.
  • When done, two Notepad files will open.
    • OTL.txt <-- Will be opened
    • Extra.txt <-- Will be minimized
  • Please post the contents of these 2 Notepad files in your next reply.

In your next reply please include:
The log from aswMBR.
Both logs from OTL.
Any problems you had with my instructions.

Regards maxi :)
User avatar
maxi
Retired Graduate
 
Posts: 1262
Joined: September 25th, 2009, 10:17 am
Location: Cork, Ireland.

Re: Autocad lt 2007 stopped launching

Unread postby frerom » April 28th, 2012, 12:10 pm

Hi Maxi,
I'm happy you are helping me.
Step 1
Minor Comment. should add a step after tick Launch Erunt
"Double-click Erunt on desktop after installation is complete."
Registry backed up okay.
Step 2
- Only -Viewpoint Media Player- was present.

Step 3
Note: I saved a copy of the log before the scan was completed. But I did post the log which was saved after the scan was successfull. If you want me to provide another log, let me know.

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-04-28 10:20:50
-----------------------------
10:20:50.109 OS Version: Windows 5.1.2600 Service Pack 3
10:20:50.109 Number of processors: 2 586 0xE08
10:20:50.109 ComputerName: DELL UserName: FAR
10:21:09.921 Initialize success
10:21:48.125 AVAST engine defs: 12042800
10:23:53.578 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
10:23:53.578 Disk 0 Vendor: ST98823AS 8.03 Size: 74881MB BusType: 3
10:23:54.875 Disk 0 MBR read successfully
10:23:54.875 Disk 0 MBR scan
10:23:54.875 Disk 0 unknown MBR code
10:23:54.875 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 47 MB offset 63
10:23:54.890 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 71751 MB offset 96390
10:23:54.921 Disk 0 Partition 3 00 DB CP/M / CTOS Dell 8.0 3074 MB offset 147042945
10:23:54.953 Disk 0 scanning sectors +153340425
10:23:54.984 Disk 0 malicious Win32:MBRoot code @ sector 153340428 !
10:23:54.984 Disk 0 PE file @ sector 153340450 !
10:23:55.046 Disk 0 scanning C:\WINDOWS\system32\drivers
10:24:08.546 Service scanning
10:24:24.906 Modules scanning
10:24:54.703 Disk 0 trace - called modules:
10:24:54.781 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
10:24:54.781 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x87175ab8]
10:24:54.781 3 CLASSPNP.SYS[f75d1fd7] -> nt!IofCallDriver -> \Device\00000075[0x87178510]
10:24:54.781 5 ACPI.sys[f7468620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x871d3940]
10:24:55.328 AVAST engine scan C:\WINDOWS
10:25:03.968 AVAST engine scan C:\WINDOWS\system32
10:38:15.671 AVAST engine scan C:\WINDOWS\system32\drivers
10:38:34.937 AVAST engine scan C:\Documents and Settings\FAR
10:40:53.937 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\FAR\Desktop\MBR.dat"
10:40:53.937 The log file has been saved successfully to "C:\Documents and Settings\FAR\Desktop\aswMBR.txt"
10:42:37.171 File: C:\Documents and Settings\FAR\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll **HIDDEN**
10:42:37.468 File: C:\Documents and Settings\FAR\Application Data\Microsoft\Installer\{457791C5-D702-4143-A7B2-2744BE9573F2}\NewShortcut1_5B69D3033CA54B39B5ECE7D051297E77.exe **HIDDEN**
10:42:37.656 File: C:\Documents and Settings\FAR\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe **HIDDEN**
10:42:54.671 File: C:\Documents and Settings\FAR\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-72568e8b-n\decora-d3d.dll **HIDDEN**
10:42:54.921 File: C:\Documents and Settings\FAR\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-72568e8b-n\decora-sse.dll **HIDDEN**
10:42:58.156 File: C:\Documents and Settings\FAR\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-189832fc-n\jmc.dll **HIDDEN**
10:42:58.421 File: C:\Documents and Settings\FAR\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-189832fc-n\msvcp71.dll **HIDDEN**
10:42:58.750 File: C:\Documents and Settings\FAR\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-189832fc-n\msvcr71.dll **HIDDEN**
10:42:59.406 File: C:\Documents and Settings\FAR\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-3fe765a8-n\decora-d3d.dll **HIDDEN**
10:42:59.578 File: C:\Documents and Settings\FAR\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-3fe765a8-n\decora-sse.dll **HIDDEN**
10:43:00.781 File: C:\Documents and Settings\FAR\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-231517a0-n\jmc.dll **HIDDEN**
10:43:01.109 File: C:\Documents and Settings\FAR\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-231517a0-n\msvcp71.dll **HIDDEN**
10:43:01.281 File: C:\Documents and Settings\FAR\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-231517a0-n\msvcr71.dll **HIDDEN**
10:43:02.734 File: C:\Documents and Settings\FAR\Application Data\Sun\Java\jre1.6.0_22\gtapi.dll **HIDDEN**
10:43:03.062 File: C:\Documents and Settings\FAR\Application Data\Sun\Java\jre1.6.0_22\lzma.dll **HIDDEN**
10:43:05.812 File: C:\Documents and Settings\FAR\Desktop\aswMBR.exe **HIDDEN**
10:43:06.171 File: C:\Documents and Settings\FAR\Desktop\ccsetup317.exe **HIDDEN**
10:43:06.359 File: C:\Documents and Settings\FAR\Desktop\CIT207355-HPCOM-PATCH-v8.exe **HIDDEN**
10:43:06.500 File: C:\Documents and Settings\FAR\Desktop\cnet2_MyDefrag-v4_3_1_exe.exe **HIDDEN**
10:43:06.671 File: C:\Documents and Settings\FAR\Desktop\COL9278.exe **HIDDEN**
10:43:06.812 File: C:\Documents and Settings\FAR\Desktop\dds.com **HIDDEN**
10:43:06.984 File: C:\Documents and Settings\FAR\Desktop\dds.scr **HIDDEN**
10:43:07.218 File: C:\Documents and Settings\FAR\Desktop\Dial-a-fix-v0.60.0.24\Dial-a-fix-v0.60.0.24\Dial-a-fix.exe **HIDDEN**
10:43:07.359 File: C:\Documents and Settings\FAR\Desktop\Dial-a-fix-v0.60.0.24\Dial-a-fix-v0.60.0.24\secedit.exe **HIDDEN**
10:43:07.531 File: C:\Documents and Settings\FAR\Desktop\erunt\AUTOBACK.EXE **HIDDEN**
10:43:07.640 File: C:\Documents and Settings\FAR\Desktop\erunt\ERDNT.E_E **HIDDEN**
10:43:07.828 File: C:\Documents and Settings\FAR\Desktop\erunt\ERUNT.EXE **HIDDEN**
10:43:08.078 File: C:\Documents and Settings\FAR\Desktop\erunt\NTREGOPT.EXE **HIDDEN**
10:43:08.359 File: C:\Documents and Settings\FAR\Desktop\erunt-setup.exe **HIDDEN**
10:43:09.000 File: C:\Documents and Settings\FAR\Desktop\jre-6u31-windows-i586.exe **HIDDEN**
10:43:09.031 File: C:\Documents and Settings\FAR\Desktop\mbam-setup-1.46.exe **HIDDEN**
10:43:09.156 File: C:\Documents and Settings\FAR\Desktop\OnlineArmor_Setup_Free.exe **HIDDEN**
10:43:09.375 File: C:\Documents and Settings\FAR\Desktop\PSISetup.exe **HIDDEN**
10:43:09.421 File: C:\Documents and Settings\FAR\Desktop\QuickTimeInstaller.exe **HIDDEN**
10:43:09.531 File: C:\Documents and Settings\FAR\Desktop\RSIT.exe **HIDDEN**
10:43:09.687 File: C:\Documents and Settings\FAR\Desktop\TFC.exe **HIDDEN**
10:43:09.765 File: C:\Documents and Settings\FAR\Desktop\WindowsXP-KB936929-SP3-x86-ENU.exe **HIDDEN**
10:43:10.031 File: C:\Documents and Settings\FAR\Desktop\WindowsXP-KB942288-v3-x86.exe **HIDDEN**
10:43:10.234 File: C:\Documents and Settings\FAR\Desktop\wlsetup-web.exe **HIDDEN**
10:43:10.421 File: C:\Documents and Settings\FAR\Desktop\wpsetup.exe **HIDDEN**
10:43:44.312 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\ar-EG\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:44.750 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\cs\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:45.156 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\da\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:45.578 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\de\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:45.906 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\Dell.eSupport.DownloadManager.Core.dll **HIDDEN**
10:43:46.281 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\Dell.eSupport.DownloadManager.ISOImage.dll **HIDDEN**
10:43:46.656 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\Dell.eSupport.DownloadManager.Localization.dll **HIDDEN**
10:43:47.046 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\DellDriverDownloadManager.exe **HIDDEN**
10:43:47.718 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\el\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:48.187 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\en-US\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:48.640 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\es\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:49.046 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\fi\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:49.437 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\fr\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:49.906 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\fr-CA\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:50.312 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\he\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:50.703 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\hu\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:51.203 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\Interop.IWshRuntimeLibrary.dll **HIDDEN**
10:43:51.609 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\it\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:52.015 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\ja\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:52.468 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\ko\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:52.828 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\nl\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:53.171 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\no\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:53.515 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\pl\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:53.906 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\pt-BR\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:54.359 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\ro\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:54.781 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\ru\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:55.171 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\stdole.dll **HIDDEN**
10:43:55.625 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\sv\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:56.046 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\tr\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:56.421 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\Xceed.Compression.dll **HIDDEN**
10:43:56.890 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\zh-CN\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:57.343 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\zh-TW\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:57.968 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..ager_c8a6012355de1b2d_0004.0050_none_ec66d2575893ec7f\DellDriverDownloadManager.exe **HIDDEN**
10:43:58.171 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..core_c8a6012355de1b2d_0004.0050_none_b1600ccfe933d7dc\Dell.eSupport.DownloadManager.Core.dll **HIDDEN**
10:43:58.359 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..mage_c8a6012355de1b2d_0004.0050_none_2820c010b7539cc3\Dell.eSupport.DownloadManager.ISOImage.dll **HIDDEN**
10:43:58.562 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..rces_c8a6012355de1b2d_0004.0050_ar-eg_a1dd90878fa074ee\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:58.765 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..rces_c8a6012355de1b2d_0004.0050_cs_d170cc65a7eedb5a\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:58.968 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..rces_c8a6012355de1b2d_0004.0050_da_d2a4f22ba713e8ef\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:59.187 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..rces_c8a6012355de1b2d_0004.0050_de_d279b27ba73458b3\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:59.390 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..rces_c8a6012355de1b2d_0004.0050_el_d29f8a35a72420d1\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:59.593 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..rces_c8a6012355de1b2d_0004.0050_en-us_33d2ca03565a4a72\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:59.796 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..rces_c8a6012355de1b2d_0004.0050_es_d253dac1a75ce468\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:44:00.000 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..rces_c8a6012355de1b2d_0004.0050_fi_d3318127a6c2d185\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:44:00.203 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..rces_c8a6012355de1b2d_0004.0050_fr-ca_cecbe7304e2bb89f\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:44:00.406 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..rces_c8a6012355de1b2d_0004.0050_fr_d2d031dba70bccfe\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:44:00.625 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..rces_c8a6012355de1b2d_0004.0050_he_d43fcf33a6106acf\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:44:00.828 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..rces_c8a6012355de1b2d_0004.0050_hu_d392d073a69229df\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:44:01.031 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..rces_c8a6012355de1b2d_0004.0050_it_d40f278da6411275\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:44:01.218 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..rces_c8a6012355de1b2d_0004.0050_ja_d54e1d3fa55e0419\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:44:01.421 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..rces_c8a6012355de1b2d_0004.0050_ko_d5284585a5868fce\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:44:01.640 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..rces_c8a6012355de1b2d_0004.0050_nl_d69d4ad3a4934990\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:44:01.843 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..rces_c8a6012355de1b2d_0004.0050_no_d67cdb0fa4ab9d63\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:44:02.046 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..rces_c8a6012355de1b2d_0004.0050_pl_d780592fa401529e\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:44:02.250 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..rces_c8a6012355de1b2d_0004.0050_pt-br_356f0087c30e4811\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:44:02.453 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..rces_c8a6012355de1b2d_0004.0050_ro_d842f7c7a387af7f\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:44:02.671 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..rces_c8a6012355de1b2d_0004.0050_ru_d802183fa3b85725\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:44:02.875 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..rces_c8a6012355de1b2d_0004.0050_sv_d868cf81a377779d\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:44:03.078 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..rces_c8a6012355de1b2d_0004.0050_tr_d905965fa30e0c60\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:44:03.265 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..rces_c8a6012355de1b2d_0004.0050_zh-cn_935934713d7c2484\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:44:03.484 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..rces_c8a6012355de1b2d_0004.0050_zh-tw_975571c73aed00f4\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:44:03.687 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..tion_c8a6012355de1b2d_0004.0050_none_892ef5fe67b2933f\Dell.eSupport.DownloadManager.Localization.dll **HIDDEN**
10:44:03.890 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\inte..rary_c8a6012355de1b2d_0001.0000_none_9f2fc1421dc4509c\Interop.IWshRuntimeLibrary.dll **HIDDEN**
10:44:09.062 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\stdole_b03f5f7f11d50a3a_0007.0000_none_333059d4a751806f\stdole.dll **HIDDEN**
10:44:09.296 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\xcee..sion_ba83ff368b7563c6_0003.0007_none_9c2cb3433c0f3426\Xceed.Compression.dll **HIDDEN**
10:44:10.546 File: C:\Documents and Settings\FAR\Local Settings\Temp\Adobelm_Cleanup.0001 **HIDDEN**
10:44:14.171 File: C:\Documents and Settings\FAR\Local Settings\Temp\is-3PVLS.tmp\is-H8GG1.tmp **HIDDEN**
10:44:14.468 File: C:\Documents and Settings\FAR\Local Settings\Temp\is-TB9UQ.tmp\UNZIP32.EXE **HIDDEN**
10:44:14.734 File: C:\Documents and Settings\FAR\Local Settings\Temp\is-TB9UQ.tmp\_shfoldr.dll **HIDDEN**
10:44:15.718 File: C:\Documents and Settings\FAR\Local Settings\Temp\nsu8.tmp\MBR.DAT **HIDDEN**
10:44:16.171 File: C:\Documents and Settings\FAR\Local Settings\Temp\nsu8.tmp\PEV.DAT **HIDDEN**
10:44:16.500 File: C:\Documents and Settings\FAR\Local Settings\Temp\nsu8.tmp\SED.DAT **HIDDEN**
10:44:16.843 File: C:\Documents and Settings\FAR\Local Settings\Temp\nsu8.tmp\SWREG.DAT **HIDDEN**
10:44:17.109 File: C:\Documents and Settings\FAR\Local Settings\Temp\nsu8.tmp\System.dll **HIDDEN**
10:44:17.250 File: C:\Documents and Settings\FAR\Local Settings\Temp\nsu8.tmp\UserInfo.dll **HIDDEN**
10:44:17.703 File: C:\Documents and Settings\FAR\Local Settings\Temp\vmpremov.exe **HIDDEN**
10:47:05.093 File: C:\Documents and Settings\FAR\Local Settings\Temporary Internet Files\Content.IE5\NJOOI0TV\dds[1].scr **HIDDEN**
10:47:43.343 File: C:\Documents and Settings\FAR\My Documents\Downloads\esetsmartinstaller_enu.exe **HIDDEN**
10:47:43.703 File: C:\Documents and Settings\FAR\My Documents\Downloads\RealPlayerSPGold(2).exe **HIDDEN**
10:47:44.046 File: C:\Documents and Settings\FAR\My Documents\Downloads\RealPlayerSPGold.exe **HIDDEN**
10:47:53.562 AVAST engine scan C:\Documents and Settings\All Users
10:50:42.953 Scan finished successfully
10:56:27.375 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\FAR\Desktop\MBR.dat"
10:56:27.375 The log file has been saved successfully to "C:\Documents and Settings\FAR\Desktop\aswMBR.txt"

Step 4
Oldtimer did not appear to complete properly. It began scanning but appeared to close all of a sudden with no logs. I tried with Avast shields off and the computer ended up not responding. I was able to move the mouse but couldn't select anything.


Regards
frerom
frerom
Regular Member
 
Posts: 141
Joined: December 23rd, 2009, 3:18 pm
Location: Ontario, Canada

Re: Autocad lt 2007 stopped launching

Unread postby maxi » April 29th, 2012, 10:26 am

Hi frerom,

Rootkit

Your computer has multiple infections, including a Rootkit. A rootkit is a set of software tools intended for concealing running processes, files or system data from the operating system.

You are strongly advised to do the following:

  • Disconnect the computer from the Internet and from any networked computers until it is cleaned.
  • Back up all your important data except programs. The programs can be reinstalled back from the original disc or from the Net.
  • Call all your banks, financial institutions, credit card companies and inform them that you may be a victim of identity theft and put a watch on your accounts. If you don't mind the hassle, change all your account numbers.
  • From a clean computer, change all your passwords (ISP login password, your email address(es) passwords, financial accounts, PayPal, eBay, Amazon, online groups and forums and any other online activities you carry out which require a username and password).

DO NOT change your passwords from this computer as the attacker will be able to get all the new passwords and transaction records.

Due to its rootkit functionality, your computer is very likely to have been compromised and there is no way that it can be trusted again. Many experts in the security community believe that once infected with this type of Trojan, the best course of action would be to do a reformat and reinstallation of the operating system (OS). However, if you do not have the resources to reinstall your OS and would like me to attempt to clean your machine, I will be happy to do so.

To help you understand more, please take some time to read the following articles:

What are rootkits from Wikipedia
How do I respond to a possible identity theft and how do I prevent it
When should do a reformat and reinstallation of my OS
How to backup your files in Windows XP
How to backup your files in Windows Vista/Windows 7

Should you have any questions please feel free to ask.

Please let us know what you have decided to do in your next post.

Regards maxi
User avatar
maxi
Retired Graduate
 
Posts: 1262
Joined: September 25th, 2009, 10:17 am
Location: Cork, Ireland.

Re: Autocad lt 2007 stopped launching

Unread postby frerom » April 29th, 2012, 1:22 pm

Hi Maxi,
I did have a rootkit infection in 2010 and I believe I was able to fix it with one of your colleagues. I remember it was difficult since it's a Dell computer. It may be interesting to see if the same infection is involved.

I have a question re my network which consists of the Dell laptop infected and 2 IBM desktops. Can I do a similiar check as we just did to see if they are clean and then use one of them for changing passwords etc. I also have 3 USB sticks.

I was thinking of replacing the hard drive on the infected computer since it's about 6 years old. But I was hoping to do a copy of the old drive with something like driveimage XML.

I probably will like to try and clean that computer if you are available.
frerom
Regular Member
 
Posts: 141
Joined: December 23rd, 2009, 3:18 pm
Location: Ontario, Canada

Re: Autocad lt 2007 stopped launching

Unread postby maxi » April 29th, 2012, 4:28 pm

Hi frerom,

I think it would be best to disconnect this computer from the network until the fix is complete or you can leave this one connected and disconnect the other ones. Also be careful to scan the usb sticks before you open any files on them. When we are done with this computer you can open a new topic for the other computers, one at a time.

Below is a post I use to warn users of the danger of fixing MBR Rootkits.

Risk Advice - OEM MBR

Unfortunately you have an infected Master Boot Record (MBR)

Some OEM (Original Equipment Manufacturers) computers have a non-standard customised MBR that allows you to press a key on startup and restore your computer to it's factory delivered condition. If your computer had that option it may no longer available to you due to the infection.

Any attempted fix of this infection might result in the PC receiving a default Windows XP MBR. Whilst this will fix the infection, it will not restore the ability to restore your computer to it's factory delivered condition.

It may be possible to restore the original OEM MBR either before or after fixing the infection, but I would recommend that you contact the manufacturer themselves for support with this.

If you would like to proceed with attempting to fix this infection I need you to recognise this does not come without risk. The MBR is a critical component of your PC - as the name suggests it is critical to booting the PC. If anything was to go wrong with the fix it could result in your computer no longer being able to boot up. Whilst an unbootable computer may be fixable, it can be lengthy and complicated procedure.


If you understand the possible risk involved and would like to attempt to fix this infection, I would urge you first to ensure you have backed up any important data before attempting any fix . If you have any questions - Please ask .

Please let me know what you have decided to do in your next post.
User avatar
maxi
Retired Graduate
 
Posts: 1262
Joined: September 25th, 2009, 10:17 am
Location: Cork, Ireland.

Re: Autocad lt 2007 stopped launching

Unread postby frerom » April 30th, 2012, 12:05 pm

Hi Maxi,
I have checked the Dell web site for info on restoring the OS. That should not be a problem even if the PC restore is unavailable. I have the Dell CD's.

Just for your info, I tried to use the online PC diagnostics from Dell but the web page kept closing.

Yesterday there was an instance of Avast finding a rootkit infection and moving it to the sandbox.

Today I scanned the USB sticks and portable hard drive with Avast. An infected file was in one of my old backup jobs in my portable hard drive. I moved it to the sand box.

When I checked the virus chest I also found the OTL.exe file. It's date was 28/04/2012 3:01:44.

I have saved my files. I'm ready for the next step.

Regards
frerom
Regular Member
 
Posts: 141
Joined: December 23rd, 2009, 3:18 pm
Location: Ontario, Canada

Re: Autocad lt 2007 stopped launching

Unread postby maxi » April 30th, 2012, 2:36 pm

Hi frerom,

TDSSKiller

Please download TDSSKiller.exe and save it to your Desktop.
  • Double click on TDSSKiller.exe to launch it.
  • Click on Start Scan, the scan will run.
  • When the scan has finished, if it finds anything please click on the drop down arrow next to Cure and select Skip
  • Now click on Report to open the log file created by TDSSKiller in your root directory C:\
  • To find the log go to Start > Computer > C:
  • Post the contents of that log in your next reply please.
  • DO NOT TRY TO FIX ANYTHING AT THIS POINT

Please post the log in your next reply:

Regards maxi :)
User avatar
maxi
Retired Graduate
 
Posts: 1262
Joined: September 25th, 2009, 10:17 am
Location: Cork, Ireland.

Re: Autocad lt 2007 stopped launching

Unread postby frerom » April 30th, 2012, 3:55 pm

Hi Maxi,
Program stops without scanning. It can't initiate log and can't load driver.

I have a question about transferring my IE files to my other computer. I realized that I have transferred my IE 8 files and settings to my other computer which has IE7. I tried installing IE8 but it doesn't appear to have installed. Should I uninstall all the IE7 updates and then uninstall IE7.
Then try installing IE8 again. If I remove IE7 do I have to retransfer my IE 8 settings and files?

I forgot to disable Avast.

15:57:09.0703 0492 TDSS rootkit removing tool 2.7.33.0 Apr 24 2012 18:43:43
15:57:09.0718 0492 ============================================================
15:57:09.0718 0492 Current date / time: 2012/04/30 15:57:09.0718
15:57:09.0718 0492 SystemInfo:
15:57:09.0718 0492
15:57:09.0718 0492 OS Version: 5.1.2600 ServicePack: 3.0
15:57:09.0718 0492 Product type: Workstation
15:57:09.0718 0492 ComputerName: DELL
15:57:09.0718 0492 UserName: FAR
15:57:09.0718 0492 Windows directory: C:\WINDOWS
15:57:09.0718 0492 System windows directory: C:\WINDOWS
15:57:09.0718 0492 Processor architecture: Intel x86
15:57:09.0718 0492 Number of processors: 2
15:57:09.0718 0492 Page size: 0x1000
15:57:09.0718 0492 Boot type: Normal boot
15:57:09.0718 0492 ============================================================
15:57:11.0828 0492 Drive \Device\Harddisk0\DR0 - Size: 0x1248119400 (73.13 Gb), SectorSize: 0x200, Cylinders: 0x254A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
15:57:11.0828 0492 ============================================================
15:57:11.0828 0492 \Device\Harddisk0\DR0:
15:57:11.0828 0492 MBR partitions:
15:57:11.0828 0492 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x17886, BlocksNum 0x8C239FB
15:57:11.0828 0492 ============================================================
15:57:12.0000 0492 C: <-> \Device\Harddisk0\DR0\Partition0
15:57:12.0000 0492 ============================================================
15:57:12.0000 0492 Initialize success
15:57:12.0000 0492 ============================================================
15:57:15.0718 3456 ============================================================
15:57:15.0718 3456 Scan started
15:57:15.0718 3456 Mode: Manual;
15:57:15.0718 3456 ============================================================
15:57:16.0640 3456 Aavmker4 (473f97edc5a5312f3665ab2921196c0c) C:\WINDOWS\system32\drivers\Aavmker4.sys
15:57:16.0640 3456 Aavmker4 - ok
15:57:16.0640 3456 Abiosdsk - ok
15:57:16.0687 3456 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
15:57:16.0687 3456 abp480n5 - ok
15:57:16.0734 3456 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
15:57:16.0765 3456 ACPI - ok
15:57:16.0781 3456 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
15:57:16.0796 3456 ACPIEC - ok
15:57:16.0859 3456 Adobe LM Service (6d182c31acf16213407f2768f1107fe3) C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
15:57:16.0859 3456 Adobe LM Service - ok
15:57:16.0968 3456 AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
15:57:17.0000 3456 AdobeFlashPlayerUpdateSvc - ok
15:57:17.0031 3456 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
15:57:17.0031 3456 adpu160m - ok
15:57:17.0062 3456 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
15:57:17.0078 3456 aec - ok
15:57:17.0125 3456 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
15:57:17.0140 3456 AFD - ok
15:57:17.0187 3456 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
15:57:17.0187 3456 agp440 - ok
15:57:17.0234 3456 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
15:57:17.0234 3456 agpCPQ - ok
15:57:17.0234 3456 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
15:57:17.0234 3456 Aha154x - ok
15:57:17.0250 3456 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
15:57:17.0250 3456 aic78u2 - ok
15:57:17.0265 3456 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
15:57:17.0265 3456 aic78xx - ok
15:57:17.0296 3456 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
15:57:17.0296 3456 Alerter - ok
15:57:17.0328 3456 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
15:57:17.0328 3456 ALG - ok
15:57:17.0343 3456 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
15:57:17.0343 3456 AliIde - ok
15:57:17.0359 3456 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
15:57:17.0359 3456 alim1541 - ok
15:57:17.0359 3456 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
15:57:17.0359 3456 amdagp - ok
15:57:17.0375 3456 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
15:57:17.0375 3456 amsint - ok
15:57:17.0421 3456 APPDRV - ok
15:57:17.0468 3456 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll
15:57:17.0484 3456 AppMgmt - ok
15:57:17.0546 3456 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
15:57:17.0562 3456 Arp1394 - ok
15:57:17.0562 3456 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
15:57:17.0562 3456 asc - ok
15:57:17.0578 3456 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
15:57:17.0578 3456 asc3350p - ok
15:57:17.0578 3456 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
15:57:17.0578 3456 asc3550 - ok
15:57:17.0718 3456 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
15:57:17.0734 3456 aspnet_state - ok
15:57:17.0765 3456 aswFsBlk (0ae43c6c411254049279c2ee55630f95) C:\WINDOWS\system32\drivers\aswFsBlk.sys
15:57:17.0765 3456 aswFsBlk - ok
15:57:17.0781 3456 aswMon2 (8c30b7ddd2f1d8d138ebe40345af2b11) C:\WINDOWS\system32\drivers\aswMon2.sys
15:57:17.0796 3456 aswMon2 - ok
15:57:17.0812 3456 aswRdr (da12626fd9a67f4e917e2f2fbe1e1764) C:\WINDOWS\system32\drivers\aswRdr.sys
15:57:17.0812 3456 aswRdr - ok
15:57:17.0890 3456 aswSnx (dcb199b967375753b5019ec15f008f53) C:\WINDOWS\system32\drivers\aswSnx.sys
15:57:17.0921 3456 aswSnx - ok
15:57:17.0953 3456 aswSP (b32873e5a1443c0a1e322266e203bf10) C:\WINDOWS\system32\drivers\aswSP.sys
15:57:17.0968 3456 aswSP - ok
15:57:18.0000 3456 aswTdi (6ff544175a9180c5d88534d3d9c9a9f7) C:\WINDOWS\system32\drivers\aswTdi.sys
15:57:18.0000 3456 aswTdi - ok
15:57:18.0031 3456 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
15:57:18.0046 3456 AsyncMac - ok
15:57:18.0046 3456 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
15:57:18.0062 3456 atapi - ok
15:57:18.0062 3456 Atdisk - ok
15:57:18.0156 3456 Ati HotKey Poller (954c1d5b84d1cf925999a4c27e2ab34d) C:\WINDOWS\system32\Ati2evxx.exe
15:57:18.0156 3456 Ati HotKey Poller - ok
15:57:18.0265 3456 ati2mtag (bebeb471617782d138b6f92e7c3fab1c) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
15:57:18.0343 3456 ati2mtag - ok
15:57:18.0515 3456 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
15:57:18.0515 3456 Atmarpc - ok
15:57:18.0546 3456 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
15:57:18.0546 3456 AudioSrv - ok
15:57:18.0609 3456 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
15:57:18.0609 3456 audstub - ok
15:57:18.0718 3456 Autodesk Licensing Service (32a5defddc3562bf89d73586f5915b34) C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
15:57:18.0734 3456 Autodesk Licensing Service - ok
15:57:18.0828 3456 avast! Antivirus (4041d31508a2a084dfb42c595854090f) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
15:57:18.0828 3456 avast! Antivirus - ok
15:57:18.0859 3456 bcm4sbxp (cd4646067cc7dcba1907fa0acf7e3966) C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
15:57:18.0859 3456 bcm4sbxp - ok
15:57:18.0921 3456 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
15:57:18.0921 3456 Beep - ok
15:57:18.0968 3456 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
15:57:19.0031 3456 BITS - ok
15:57:19.0078 3456 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
15:57:19.0093 3456 Browser - ok
15:57:19.0109 3456 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
15:57:19.0109 3456 cbidf - ok
15:57:19.0125 3456 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
15:57:19.0125 3456 cbidf2k - ok
15:57:19.0156 3456 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
15:57:19.0156 3456 cd20xrnt - ok
15:57:19.0171 3456 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
15:57:19.0171 3456 Cdaudio - ok
15:57:19.0218 3456 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
15:57:19.0218 3456 Cdfs - ok
15:57:19.0234 3456 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
15:57:19.0250 3456 Cdrom - ok
15:57:19.0250 3456 Changer - ok
15:57:19.0281 3456 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
15:57:19.0281 3456 CiSvc - ok
15:57:19.0296 3456 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
15:57:19.0296 3456 ClipSrv - ok
15:57:19.0437 3456 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:57:19.0453 3456 clr_optimization_v2.0.50727_32 - ok
15:57:19.0484 3456 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
15:57:19.0484 3456 CmBatt - ok
15:57:19.0531 3456 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
15:57:19.0531 3456 CmdIde - ok
15:57:19.0562 3456 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
15:57:19.0562 3456 Compbatt - ok
15:57:19.0562 3456 COMSysApp - ok
15:57:19.0625 3456 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
15:57:19.0625 3456 Cpqarray - ok
15:57:19.0656 3456 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
15:57:19.0671 3456 CryptSvc - ok
15:57:19.0687 3456 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
15:57:19.0703 3456 dac2w2k - ok
15:57:19.0750 3456 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
15:57:19.0750 3456 dac960nt - ok
15:57:19.0812 3456 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
15:57:19.0828 3456 DcomLaunch - ok
15:57:19.0875 3456 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
15:57:19.0890 3456 Dhcp - ok
15:57:19.0906 3456 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
15:57:19.0906 3456 Disk - ok
15:57:19.0921 3456 dmadmin - ok
15:57:20.0000 3456 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
15:57:20.0031 3456 dmboot - ok
15:57:20.0046 3456 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
15:57:20.0046 3456 dmio - ok
15:57:20.0078 3456 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
15:57:20.0078 3456 dmload - ok
15:57:20.0109 3456 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
15:57:20.0125 3456 dmserver - ok
15:57:20.0156 3456 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
15:57:20.0156 3456 DMusic - ok
15:57:20.0203 3456 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
15:57:20.0203 3456 Dnscache - ok
15:57:20.0250 3456 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
15:57:20.0265 3456 Dot3svc - ok
15:57:20.0296 3456 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
15:57:20.0296 3456 dpti2o - ok
15:57:20.0312 3456 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
15:57:20.0328 3456 drmkaud - ok
15:57:20.0359 3456 drvmcdb (e814854e6b246ccf498874839ab64d77) C:\WINDOWS\system32\drivers\drvmcdb.sys
15:57:20.0375 3456 drvmcdb - ok
15:57:20.0375 3456 drvnddm (ee83a4ebae70bc93cf14879d062f548b) C:\WINDOWS\system32\drivers\drvnddm.sys
15:57:20.0390 3456 drvnddm - ok
15:57:20.0515 3456 DSBrokerService (fe80901578e7e3da70299a5aeb2b7fbd) C:\Program Files\DellSupport\brkrsvc.exe
15:57:20.0515 3456 DSBrokerService - ok
15:57:20.0546 3456 DSproct (413f2d5f9d802688242c23b38f767ecb) C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
15:57:20.0546 3456 DSproct - ok
15:57:20.0578 3456 dsunidrv (dfeabb7cfffadea4a912ab95bdc3177a) C:\WINDOWS\system32\DRIVERS\dsunidrv.sys
15:57:20.0578 3456 dsunidrv - ok
15:57:20.0609 3456 E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys
15:57:20.0625 3456 E100B - ok
15:57:20.0671 3456 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
15:57:20.0671 3456 EapHost - ok
15:57:20.0718 3456 EIO (59d74c7b787aa3dda0948986403cea55) C:\WINDOWS\system32\drivers\EIO.sys
15:57:20.0718 3456 EIO - ok
15:57:20.0750 3456 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
15:57:20.0750 3456 ERSvc - ok
15:57:20.0796 3456 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
15:57:20.0843 3456 Eventlog - ok
15:57:20.0906 3456 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
15:57:20.0921 3456 EventSystem - ok
15:57:20.0984 3456 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
15:57:20.0984 3456 Fastfat - ok
15:57:21.0031 3456 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
15:57:21.0046 3456 FastUserSwitchingCompatibility - ok
15:57:21.0093 3456 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
15:57:21.0093 3456 Fdc - ok
15:57:21.0125 3456 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
15:57:21.0125 3456 Fips - ok
15:57:21.0140 3456 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
15:57:21.0156 3456 Flpydisk - ok
15:57:21.0203 3456 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
15:57:21.0218 3456 FltMgr - ok
15:57:21.0328 3456 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
15:57:21.0328 3456 FontCache3.0.0.0 - ok
15:57:21.0359 3456 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
15:57:21.0375 3456 Fs_Rec - ok
15:57:21.0421 3456 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
15:57:21.0437 3456 Ftdisk - ok
15:57:21.0484 3456 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
15:57:21.0484 3456 Gpc - ok
15:57:21.0500 3456 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
15:57:21.0515 3456 HDAudBus - ok
15:57:21.0593 3456 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
15:57:21.0609 3456 helpsvc - ok
15:57:21.0625 3456 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll
15:57:21.0640 3456 HidServ - ok
15:57:21.0656 3456 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
15:57:21.0671 3456 HidUsb - ok
15:57:21.0703 3456 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
15:57:21.0718 3456 hkmsvc - ok
15:57:21.0750 3456 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
15:57:21.0765 3456 hpn - ok
15:57:21.0812 3456 HSFHWAZL (1c8caa80e91fb71864e9426f9eed048d) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
15:57:21.0828 3456 HSFHWAZL - ok
15:57:21.0890 3456 HSF_DPV (698204d9c2832e53633e53a30a53fc3d) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
15:57:21.0937 3456 HSF_DPV - ok
15:57:22.0000 3456 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
15:57:22.0015 3456 HTTP - ok
15:57:22.0046 3456 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
15:57:22.0062 3456 HTTPFilter - ok
15:57:22.0109 3456 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
15:57:22.0109 3456 i2omgmt - ok
15:57:22.0140 3456 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
15:57:22.0140 3456 i2omp - ok
15:57:22.0171 3456 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
15:57:22.0171 3456 i8042prt - ok
15:57:22.0312 3456 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:57:22.0375 3456 idsvc - ok
15:57:22.0406 3456 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
15:57:22.0406 3456 Imapi - ok
15:57:22.0453 3456 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
15:57:22.0484 3456 ImapiService - ok
15:57:22.0531 3456 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
15:57:22.0531 3456 ini910u - ok
15:57:22.0578 3456 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
15:57:22.0578 3456 IntelIde - ok
15:57:22.0609 3456 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
15:57:22.0625 3456 intelppm - ok
15:57:22.0640 3456 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
15:57:22.0640 3456 Ip6Fw - ok
15:57:22.0671 3456 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
15:57:22.0687 3456 IpFilterDriver - ok
15:57:22.0718 3456 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
15:57:22.0718 3456 IpInIp - ok
15:57:22.0765 3456 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
15:57:22.0765 3456 IpNat - ok
15:57:22.0781 3456 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
15:57:22.0781 3456 IPSec - ok
15:57:22.0796 3456 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
15:57:22.0796 3456 IRENUM - ok
15:57:22.0843 3456 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
15:57:22.0843 3456 isapnp - ok
15:57:23.0015 3456 JavaQuickStarterService (0a5709543986843d37a92290b7838340) C:\Program Files\Java\jre6\bin\jqs.exe
15:57:23.0015 3456 JavaQuickStarterService - ok
15:57:23.0046 3456 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
15:57:23.0046 3456 Kbdclass - ok
15:57:23.0062 3456 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
15:57:23.0078 3456 kmixer - ok
15:57:23.0109 3456 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
15:57:23.0109 3456 KSecDD - ok
15:57:23.0171 3456 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
15:57:23.0187 3456 lanmanserver - ok
15:57:23.0234 3456 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
15:57:23.0265 3456 lanmanworkstation - ok
15:57:23.0281 3456 lbrtfdc - ok
15:57:23.0343 3456 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
15:57:23.0343 3456 LmHosts - ok
15:57:23.0343 3456 MaxBackServiceInt - ok
15:57:23.0484 3456 MDM (11f714f85530a2bd134074dc30e99fca) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
15:57:23.0515 3456 MDM - ok
15:57:23.0531 3456 mdmxsdk (3c318b9cd391371bed62126581ee9961) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
15:57:23.0546 3456 mdmxsdk - ok
15:57:23.0562 3456 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
15:57:23.0578 3456 Messenger - ok
15:57:23.0625 3456 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
15:57:23.0625 3456 mnmdd - ok
15:57:23.0671 3456 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
15:57:23.0671 3456 mnmsrvc - ok
15:57:23.0718 3456 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
15:57:23.0734 3456 Modem - ok
15:57:23.0765 3456 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
15:57:23.0781 3456 Mouclass - ok
15:57:23.0812 3456 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
15:57:23.0812 3456 mouhid - ok
15:57:23.0828 3456 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
15:57:23.0843 3456 MountMgr - ok
15:57:23.0875 3456 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
15:57:23.0875 3456 mraid35x - ok
15:57:23.0953 3456 MREMP50 (80b2ec735495823ae5771a5f603e73bd) C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
15:57:23.0953 3456 MREMP50 - ok
15:57:23.0953 3456 MREMP50a64 - ok
15:57:23.0984 3456 MRENDIS5 (594b9d8194e3f4ecbf0325bd10bbeb05) C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS
15:57:23.0984 3456 MRENDIS5 - ok
15:57:23.0984 3456 MRESP50 (37d7c22f7e26da90e2d2d260e5d27846) C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
15:57:23.0984 3456 MRESP50 - ok
15:57:24.0000 3456 MRESP50a64 - ok
15:57:24.0031 3456 mrtRate (5300cb219dcfebc7540ce61532db329e) C:\WINDOWS\system32\drivers\mrtRate.sys
15:57:24.0031 3456 mrtRate - ok
15:57:24.0062 3456 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
15:57:24.0078 3456 MRxDAV - ok
15:57:24.0140 3456 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
15:57:24.0171 3456 MRxSmb - ok
15:57:24.0218 3456 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
15:57:24.0218 3456 MSDTC - ok
15:57:24.0234 3456 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
15:57:24.0234 3456 Msfs - ok
15:57:24.0250 3456 MSIServer - ok
15:57:24.0296 3456 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
15:57:24.0296 3456 MSKSSRV - ok
15:57:24.0312 3456 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
15:57:24.0312 3456 MSPCLOCK - ok
15:57:24.0312 3456 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
15:57:24.0328 3456 MSPQM - ok
15:57:24.0359 3456 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
15:57:24.0375 3456 mssmbios - ok
15:57:24.0406 3456 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
15:57:24.0421 3456 Mup - ok
15:57:24.0453 3456 MXOPSWD (c29f284ff7ab4ed38ce419a9424e52a2) C:\WINDOWS\system32\DRIVERS\mxopswd.sys
15:57:24.0453 3456 MXOPSWD - ok
15:57:24.0515 3456 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
15:57:24.0562 3456 napagent - ok
15:57:24.0609 3456 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
15:57:24.0609 3456 NDIS - ok
15:57:24.0656 3456 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
15:57:24.0656 3456 NdisTapi - ok
15:57:24.0671 3456 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
15:57:24.0671 3456 Ndisuio - ok
15:57:24.0687 3456 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
15:57:24.0687 3456 NdisWan - ok
15:57:24.0750 3456 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
15:57:24.0750 3456 NDProxy - ok
15:57:24.0765 3456 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
15:57:24.0765 3456 NetBIOS - ok
15:57:24.0796 3456 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
15:57:24.0812 3456 NetBT - ok
15:57:24.0875 3456 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
15:57:24.0890 3456 NetDDE - ok
15:57:24.0890 3456 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
15:57:24.0906 3456 NetDDEdsdm - ok
15:57:24.0953 3456 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
15:57:24.0953 3456 Netlogon - ok
15:57:24.0984 3456 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
15:57:25.0000 3456 Netman - ok
15:57:25.0109 3456 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:57:25.0125 3456 NetTcpPortSharing - ok
15:57:25.0281 3456 NETw4x32 (88100ebdd10309fbd445ef8e42452eae) C:\WINDOWS\system32\DRIVERS\NETw4x32.sys
15:57:25.0390 3456 NETw4x32 - ok
15:57:25.0578 3456 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
15:57:25.0578 3456 NIC1394 - ok
15:57:25.0765 3456 NICCONFIGSVC (11d8a00c7eff1aaec8e8464769c84a3d) C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
15:57:25.0765 3456 NICCONFIGSVC - ok
15:57:25.0812 3456 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
15:57:25.0843 3456 Nla - ok
15:57:25.0890 3456 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
15:57:25.0890 3456 Npfs - ok
15:57:25.0921 3456 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
15:57:25.0953 3456 Ntfs - ok
15:57:26.0000 3456 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
15:57:26.0015 3456 NtLmSsp - ok
15:57:26.0062 3456 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
15:57:26.0093 3456 NtmsSvc - ok
15:57:26.0140 3456 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
15:57:26.0156 3456 Null - ok
15:57:26.0265 3456 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
15:57:26.0359 3456 nv - ok
15:57:26.0531 3456 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
15:57:26.0531 3456 NwlnkFlt - ok
15:57:26.0546 3456 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
15:57:26.0546 3456 NwlnkFwd - ok
15:57:26.0718 3456 OAcat (27e83f14ae20f92ed7c30e840d71e23d) C:\Program Files\Tall Emu\Online Armor\OAcat.exe
15:57:26.0750 3456 OAcat - ok
15:57:26.0812 3456 OADevice (da5e5a2026eeef52d94fcb760e171752) C:\WINDOWS\system32\drivers\OADriver.sys
15:57:26.0843 3456 OADevice - ok
15:57:26.0843 3456 OAmon (3524dd1f24bd0114eaa98048d76075c1) C:\WINDOWS\system32\drivers\OAmon.sys
15:57:26.0859 3456 OAmon - ok
15:57:26.0906 3456 OAnet (e57d9d511e837ef56f93ec29f1ff730d) C:\WINDOWS\system32\drivers\OAnet.sys
15:57:26.0906 3456 OAnet - ok
15:57:26.0937 3456 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
15:57:26.0937 3456 ohci1394 - ok
15:57:26.0984 3456 omci (b17228142cec9b3c222239fd935a37ca) C:\WINDOWS\system32\DRIVERS\omci.sys
15:57:26.0984 3456 omci - ok
15:57:27.0078 3456 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:57:27.0093 3456 ose - ok
15:57:27.0109 3456 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
15:57:27.0125 3456 Parport - ok
15:57:27.0125 3456 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
15:57:27.0125 3456 PartMgr - ok
15:57:27.0156 3456 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
15:57:27.0156 3456 ParVdm - ok
15:57:27.0187 3456 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
15:57:27.0187 3456 PCI - ok
15:57:27.0203 3456 PCIDump - ok
15:57:27.0234 3456 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
15:57:27.0234 3456 PCIIde - ok
15:57:27.0265 3456 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
15:57:27.0281 3456 Pcmcia - ok
15:57:27.0281 3456 PDCOMP - ok
15:57:27.0296 3456 PDFRAME - ok
15:57:27.0296 3456 PDRELI - ok
15:57:27.0312 3456 PDRFRAME - ok
15:57:27.0343 3456 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
15:57:27.0343 3456 perc2 - ok
15:57:27.0359 3456 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
15:57:27.0359 3456 perc2hib - ok
15:57:27.0437 3456 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
15:57:27.0453 3456 PlugPlay - ok
15:57:27.0515 3456 Pml Driver HPZ12 (2d091a99624fb9e7eef0a86d872ec0c3) C:\WINDOWS\system32\HPZipm12.exe
15:57:27.0515 3456 Pml Driver HPZ12 - ok
15:57:27.0546 3456 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
15:57:27.0546 3456 PolicyAgent - ok
15:57:27.0578 3456 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
15:57:27.0578 3456 PptpMiniport - ok
15:57:27.0578 3456 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
15:57:27.0593 3456 ProtectedStorage - ok
15:57:27.0609 3456 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
15:57:27.0609 3456 PSched - ok
15:57:27.0640 3456 PSI (d24dfd16a1e2a76034df5aa18125c35d) C:\WINDOWS\system32\DRIVERS\psi_mf.sys
15:57:27.0640 3456 PSI - ok
15:57:27.0671 3456 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
15:57:27.0687 3456 Ptilink - ok
15:57:27.0718 3456 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys
15:57:27.0734 3456 PxHelp20 - ok
15:57:27.0765 3456 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
15:57:27.0765 3456 ql1080 - ok
15:57:27.0781 3456 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
15:57:27.0796 3456 Ql10wnt - ok
15:57:27.0812 3456 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
15:57:27.0812 3456 ql12160 - ok
15:57:27.0828 3456 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
15:57:27.0828 3456 ql1240 - ok
15:57:27.0859 3456 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
15:57:27.0859 3456 ql1280 - ok
15:57:27.0890 3456 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
15:57:27.0890 3456 RasAcd - ok
15:57:27.0937 3456 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
15:57:27.0968 3456 RasAuto - ok
15:57:27.0984 3456 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
15:57:28.0000 3456 Rasl2tp - ok
15:57:28.0046 3456 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
15:57:28.0062 3456 RasMan - ok
15:57:28.0078 3456 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
15:57:28.0078 3456 RasPppoe - ok
15:57:28.0093 3456 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
15:57:28.0109 3456 Raspti - ok
15:57:28.0125 3456 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
15:57:28.0140 3456 Rdbss - ok
15:57:28.0171 3456 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
15:57:28.0171 3456 RDPCDD - ok
15:57:28.0203 3456 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
15:57:28.0203 3456 rdpdr - ok
15:57:28.0281 3456 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
15:57:28.0312 3456 RDPWD - ok
15:57:28.0359 3456 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
15:57:28.0390 3456 RDSessMgr - ok
15:57:28.0453 3456 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
15:57:28.0453 3456 redbook - ok
15:57:28.0484 3456 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
15:57:28.0500 3456 RemoteAccess - ok
15:57:28.0546 3456 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll
15:57:28.0562 3456 RemoteRegistry - ok
15:57:28.0593 3456 rimmptsk (d85e3fa9f5b1f29bb4ed185c450d1470) C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
15:57:28.0593 3456 rimmptsk - ok
15:57:28.0609 3456 rimsptsk (db8eb01c58c9fada00c70b1775278ae0) C:\WINDOWS\system32\DRIVERS\rimsptsk.sys
15:57:28.0609 3456 rimsptsk - ok
15:57:28.0625 3456 rismxdp (6c1f93c0760c9f79a1869d07233df39d) C:\WINDOWS\system32\DRIVERS\rixdptsk.sys
15:57:28.0625 3456 rismxdp - ok
15:57:28.0656 3456 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
15:57:28.0671 3456 RpcLocator - ok
15:57:28.0734 3456 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
15:57:28.0750 3456 RpcSs - ok
15:57:28.0812 3456 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
15:57:28.0843 3456 RSVP - ok
15:57:28.0859 3456 s24trans - ok
15:57:28.0906 3456 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
15:57:28.0921 3456 SamSs - ok
15:57:28.0953 3456 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
15:57:28.0984 3456 SCardSvr - ok
15:57:29.0031 3456 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
15:57:29.0062 3456 Schedule - ok
15:57:29.0109 3456 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
15:57:29.0109 3456 sdbus - ok
15:57:29.0156 3456 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
15:57:29.0156 3456 Secdrv - ok
15:57:29.0203 3456 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
15:57:29.0218 3456 seclogon - ok
15:57:29.0406 3456 Secunia PSI Agent (1ce8490e8919ef5c72275952c202e749) C:\Program Files\Secunia\PSI\PSIA.exe
15:57:29.0406 3456 Secunia PSI Agent - ok
15:57:29.0468 3456 Secunia Update Agent (9337c7c45392a32cac5e59ddac0d0342) C:\Program Files\Secunia\PSI\sua.exe
15:57:29.0484 3456 Secunia Update Agent - ok
15:57:29.0578 3456 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
15:57:29.0593 3456 SENS - ok
15:57:29.0687 3456 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
15:57:29.0703 3456 serenum - ok
15:57:29.0734 3456 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
15:57:29.0734 3456 Serial - ok
15:57:29.0765 3456 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
15:57:29.0765 3456 Sfloppy - ok
15:57:29.0812 3456 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
15:57:29.0843 3456 SharedAccess - ok
15:57:29.0906 3456 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
15:57:29.0921 3456 ShellHWDetection - ok
15:57:29.0921 3456 Simbad - ok
15:57:29.0968 3456 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
15:57:29.0968 3456 sisagp - ok
15:57:30.0015 3456 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
15:57:30.0015 3456 Sparrow - ok
15:57:30.0062 3456 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
15:57:30.0062 3456 splitter - ok
15:57:30.0109 3456 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
15:57:30.0125 3456 Spooler - ok
15:57:30.0140 3456 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
15:57:30.0156 3456 sr - ok
15:57:30.0203 3456 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
15:57:30.0234 3456 srservice - ok
15:57:30.0296 3456 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
15:57:30.0343 3456 Srv - ok
15:57:30.0359 3456 sscdbhk5 (d7968049be0adbb6a57cee3960320911) C:\WINDOWS\system32\drivers\sscdbhk5.sys
15:57:30.0359 3456 sscdbhk5 - ok
15:57:30.0390 3456 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
15:57:30.0406 3456 SSDPSRV - ok
15:57:30.0421 3456 ssrtln (c3ffd65abfb6441e7606cf74f1155273) C:\WINDOWS\system32\drivers\ssrtln.sys
15:57:30.0437 3456 ssrtln - ok
15:57:30.0515 3456 STHDA (2a2dc39623adef8ab3703ab9fac4b440) C:\WINDOWS\system32\drivers\sthda.sys
15:57:30.0562 3456 STHDA - ok
15:57:30.0609 3456 StillCam (a9573045baa16eab9b1085205b82f1ed) C:\WINDOWS\system32\DRIVERS\serscan.sys
15:57:30.0609 3456 StillCam - ok
15:57:30.0656 3456 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
15:57:30.0687 3456 stisvc - ok
15:57:30.0968 3456 SvcOnlineArmor (2a27eaa524005170ded0415596e75f46) C:\Program Files\Tall Emu\Online Armor\oasrv.exe
15:57:31.0140 3456 SvcOnlineArmor - ok
15:57:31.0312 3456 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
15:57:31.0312 3456 swenum - ok
15:57:31.0375 3456 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
15:57:31.0375 3456 swmidi - ok
15:57:31.0390 3456 SwPrv - ok
15:57:31.0437 3456 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
15:57:31.0437 3456 symc810 - ok
15:57:31.0453 3456 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
15:57:31.0468 3456 symc8xx - ok
15:57:31.0468 3456 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
15:57:31.0484 3456 sym_hi - ok
15:57:31.0484 3456 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
15:57:31.0500 3456 sym_u3 - ok
15:57:31.0562 3456 SynTP (35d5b3632e0bcebe27b391157de05996) C:\WINDOWS\system32\DRIVERS\SynTP.sys
15:57:31.0593 3456 SynTP - ok
15:57:31.0625 3456 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
15:57:31.0640 3456 sysaudio - ok
15:57:31.0687 3456 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
15:57:31.0703 3456 SysmonLog - ok
15:57:31.0750 3456 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
15:57:31.0781 3456 TapiSrv - ok
15:57:31.0843 3456 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
15:57:31.0875 3456 Tcpip - ok
15:57:31.0921 3456 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
15:57:31.0937 3456 TDPIPE - ok
15:57:31.0984 3456 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
15:57:31.0984 3456 TDTCP - ok
15:57:32.0000 3456 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
15:57:32.0015 3456 TermDD - ok
15:57:32.0062 3456 TermService (56f4867bae6fd78e5365a3a7afa59c82) C:\WINDOWS\System32\termsrv32.dll
15:57:32.0078 3456 TermService - ok
15:57:32.0187 3456 tfsnboio (30698355067d07da5f9eb81132c9fdd6) C:\WINDOWS\system32\dla\tfsnboio.sys
15:57:32.0187 3456 tfsnboio - ok
15:57:32.0187 3456 tfsncofs (fb9d825bb4a2abdf24600f7505050e2b) C:\WINDOWS\system32\dla\tfsncofs.sys
15:57:32.0187 3456 tfsncofs - ok
15:57:32.0203 3456 tfsndrct (cafd8cca11aa1e8b6d2ea1ba8f70ec33) C:\WINDOWS\system32\dla\tfsndrct.sys
15:57:32.0203 3456 tfsndrct - ok
15:57:32.0203 3456 tfsndres (8db1e78fbf7c426d8ec3d8f1a33d6485) C:\WINDOWS\system32\dla\tfsndres.sys
15:57:32.0218 3456 tfsndres - ok
15:57:32.0234 3456 tfsnifs (b92f67a71cc8176f331b8aa8d9f555ad) C:\WINDOWS\system32\dla\tfsnifs.sys
15:57:32.0234 3456 tfsnifs - ok
15:57:32.0234 3456 tfsnopio (85985faa9a71e2358fcc2edefc2a3c5c) C:\WINDOWS\system32\dla\tfsnopio.sys
15:57:32.0234 3456 tfsnopio - ok
15:57:32.0250 3456 tfsnpool (bba22094f0f7c210567efdaf11f64495) C:\WINDOWS\system32\dla\tfsnpool.sys
15:57:32.0250 3456 tfsnpool - ok
15:57:32.0265 3456 tfsnudf (81340bef80b9811e98ce64611e67e3ff) C:\WINDOWS\system32\dla\tfsnudf.sys
15:57:32.0265 3456 tfsnudf - ok
15:57:32.0281 3456 tfsnudfa (c035fd116224ccc8325f384776b6a8bb) C:\WINDOWS\system32\dla\tfsnudfa.sys
15:57:32.0281 3456 tfsnudfa - ok
15:57:32.0312 3456 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
15:57:32.0328 3456 Themes - ok
15:57:32.0390 3456 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32\tlntsvr.exe
15:57:32.0406 3456 TlntSvr - ok
15:57:32.0421 3456 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
15:57:32.0421 3456 TosIde - ok
15:57:32.0484 3456 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
15:57:32.0500 3456 TrkWks - ok
15:57:32.0531 3456 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
15:57:32.0546 3456 Udfs - ok
15:57:32.0562 3456 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
15:57:32.0562 3456 ultra - ok
15:57:32.0625 3456 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
15:57:32.0656 3456 Update - ok
15:57:32.0687 3456 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
15:57:32.0718 3456 upnphost - ok
15:57:32.0734 3456 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
15:57:32.0750 3456 UPS - ok
15:57:32.0796 3456 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
15:57:32.0812 3456 usbccgp - ok
15:57:32.0843 3456 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
15:57:32.0843 3456 usbehci - ok
15:57:32.0890 3456 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
15:57:32.0906 3456 usbhub - ok
15:57:32.0953 3456 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
15:57:32.0953 3456 usbscan - ok
15:57:33.0000 3456 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
15:57:33.0000 3456 USBSTOR - ok
15:57:33.0015 3456 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
15:57:33.0031 3456 usbuhci - ok
15:57:33.0046 3456 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
15:57:33.0046 3456 VgaSave - ok
15:57:33.0078 3456 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
15:57:33.0078 3456 viaagp - ok
15:57:33.0125 3456 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
15:57:33.0125 3456 ViaIde - ok
15:57:33.0171 3456 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
15:57:33.0187 3456 VolSnap - ok
15:57:33.0234 3456 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
15:57:33.0265 3456 VSS - ok
15:57:33.0328 3456 w32time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
15:57:33.0359 3456 w32time - ok
15:57:33.0468 3456 w39n51 (b1f126e7e28877106d60e6ff3998d033) C:\WINDOWS\system32\DRIVERS\w39n51.sys
15:57:33.0546 3456 w39n51 - ok
15:57:33.0687 3456 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
15:57:33.0703 3456 Wanarp - ok
15:57:33.0703 3456 wanatw - ok
15:57:33.0718 3456 WDICA - ok
15:57:33.0750 3456 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
15:57:33.0765 3456 wdmaud - ok
15:57:33.0812 3456 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
15:57:33.0828 3456 WebClient - ok
15:57:33.0937 3456 winachsf (74cf3f2e4e40c4a2e18d39d6300a5c24) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
15:57:33.0968 3456 winachsf - ok
15:57:34.0078 3456 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
15:57:34.0093 3456 winmgmt - ok
15:57:34.0156 3456 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
15:57:34.0171 3456 WmdmPmSN - ok
15:57:34.0250 3456 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll
15:57:34.0296 3456 Wmi - ok
15:57:34.0359 3456 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
15:57:34.0359 3456 WmiAcpi - ok
15:57:34.0390 3456 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
15:57:34.0406 3456 WmiApSrv - ok
15:57:34.0562 3456 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe
15:57:34.0578 3456 WMPNetworkSvc - ok
15:57:34.0625 3456 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
15:57:34.0656 3456 wscsvc - ok
15:57:34.0687 3456 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
15:57:34.0734 3456 wuauserv - ok
15:57:34.0765 3456 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
15:57:34.0781 3456 WudfPf - ok
15:57:34.0812 3456 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
15:57:34.0828 3456 WudfRd - ok
15:57:34.0828 3456 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
15:57:34.0859 3456 WudfSvc - ok
15:57:34.0921 3456 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
15:57:34.0968 3456 WZCSVC - ok
15:57:35.0015 3456 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
15:57:35.0078 3456 xmlprov - ok
15:57:35.0125 3456 MBR (0x1B8) (dea9e81f0228b68c9adaf84c9b0cf931) \Device\Harddisk0\DR0
15:57:35.0156 3456 \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - infected
15:57:35.0156 3456 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Sinowal.b (0)
15:57:35.0187 3456 Boot (0x1200) (43926fcb5c4b3ae5531c5fb6dcc2b5af) \Device\Harddisk0\DR0\Partition0
15:57:35.0187 3456 \Device\Harddisk0\DR0\Partition0 - ok
15:57:35.0187 3456 ============================================================
15:57:35.0187 3456 Scan finished
15:57:35.0187 3456 ============================================================
15:57:35.0203 4088 Detected object count: 1
15:57:35.0203 4088 Actual detected object count: 1
15:58:59.0609 4088 \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - skipped by user
15:58:59.0609 4088 \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - User select action: Skip
15:59:33.0468 2124 Deinitialize success
frerom
Regular Member
 
Posts: 141
Joined: December 23rd, 2009, 3:18 pm
Location: Ontario, Canada

Re: Autocad lt 2007 stopped launching

Unread postby maxi » May 1st, 2012, 5:30 am

Hi frerom, Well done you are doing well :)

Please don't transfer any files between computers until we are finished with the fix.

TDSSKiller

  • Important!: Run this fix once and once only.
  • First go to Start > Computer > C: and delete the TDSSKiller log that was created there.
  • Next double click on TDSSKiller.exe to launch it.
  • Click on Start Scan, the scan will run.
  • When the scan has finished Ensure Cure ( the default) is selected... then click Continue > Reboot now.
  • When finished re-booting, a log of the cleanup will be found at C:\TDSSKiller._version_.MM.YYYY_HH.MM.SS_log.txt .
  • To find the log go to Start > Computer > C:
  • Post the contents of that log in your next reply please.

In your next reply please include:
The log from TDSSKiller.
Any changes in your computers performance.

Regards maxi :)
User avatar
maxi
Retired Graduate
 
Posts: 1262
Joined: September 25th, 2009, 10:17 am
Location: Cork, Ireland.

Re: Autocad lt 2007 stopped launching

Unread postby frerom » May 1st, 2012, 6:52 am

Hi Maxi,
I forgot to disable Avast but TDSS appeared to complete okay anyways.

Re Computer operation: I still can't launch autocadlt. I would like to run chkdsk but I will wait until your next post.
Otherwise it appears to run okay. I haven't seen any slowdowns or lockups. But I haven't been using it that much.

T06:41:26.0578 2168 TDSS rootkit removing tool 2.7.33.0 Apr 24 2012 18:43:43
06:41:27.0203 2168 ============================================================
06:41:27.0203 2168 Current date / time: 2012/05/01 06:41:27.0203
06:41:27.0203 2168 SystemInfo:
06:41:27.0203 2168
06:41:27.0203 2168 OS Version: 5.1.2600 ServicePack: 3.0
06:41:27.0203 2168 Product type: Workstation
06:41:27.0203 2168 ComputerName: DELL
06:41:27.0203 2168 UserName: FAR
06:41:27.0203 2168 Windows directory: C:\WINDOWS
06:41:27.0203 2168 System windows directory: C:\WINDOWS
06:41:27.0203 2168 Processor architecture: Intel x86
06:41:27.0203 2168 Number of processors: 2
06:41:27.0203 2168 Page size: 0x1000
06:41:27.0203 2168 Boot type: Normal boot
06:41:27.0203 2168 ============================================================
06:41:36.0234 2168 Drive \Device\Harddisk0\DR0 - Size: 0x1248119400 (73.13 Gb), SectorSize: 0x200, Cylinders: 0x254A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
06:41:36.0250 2168 ============================================================
06:41:36.0250 2168 \Device\Harddisk0\DR0:
06:41:36.0250 2168 MBR partitions:
06:41:36.0250 2168 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x17886, BlocksNum 0x8C239FB
06:41:36.0250 2168 ============================================================
06:41:36.0328 2168 C: <-> \Device\Harddisk0\DR0\Partition0
06:41:36.0359 2168 ============================================================
06:41:36.0359 2168 Initialize success
06:41:36.0359 2168 ============================================================
06:42:08.0015 2756 ============================================================
06:42:08.0015 2756 Scan started
06:42:08.0015 2756 Mode: Manual;
06:42:08.0015 2756 ============================================================
06:42:08.0640 2756 Aavmker4 (473f97edc5a5312f3665ab2921196c0c) C:\WINDOWS\system32\drivers\Aavmker4.sys
06:42:08.0640 2756 Aavmker4 - ok
06:42:08.0640 2756 Abiosdsk - ok
06:42:08.0687 2756 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
06:42:08.0687 2756 abp480n5 - ok
06:42:08.0734 2756 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
06:42:08.0750 2756 ACPI - ok
06:42:08.0781 2756 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
06:42:08.0781 2756 ACPIEC - ok
06:42:08.0859 2756 Adobe LM Service (6d182c31acf16213407f2768f1107fe3) C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
06:42:08.0859 2756 Adobe LM Service - ok
06:42:08.0968 2756 AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
06:42:08.0968 2756 AdobeFlashPlayerUpdateSvc - ok
06:42:09.0015 2756 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
06:42:09.0015 2756 adpu160m - ok
06:42:09.0046 2756 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
06:42:09.0062 2756 aec - ok
06:42:09.0109 2756 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
06:42:09.0125 2756 AFD - ok
06:42:09.0171 2756 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
06:42:09.0171 2756 agp440 - ok
06:42:09.0203 2756 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
06:42:09.0203 2756 agpCPQ - ok
06:42:09.0218 2756 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
06:42:09.0218 2756 Aha154x - ok
06:42:09.0218 2756 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
06:42:09.0234 2756 aic78u2 - ok
06:42:09.0234 2756 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
06:42:09.0234 2756 aic78xx - ok
06:42:09.0281 2756 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
06:42:09.0281 2756 Alerter - ok
06:42:09.0312 2756 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
06:42:09.0312 2756 ALG - ok
06:42:09.0328 2756 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
06:42:09.0328 2756 AliIde - ok
06:42:09.0328 2756 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
06:42:09.0343 2756 alim1541 - ok
06:42:09.0343 2756 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
06:42:09.0343 2756 amdagp - ok
06:42:09.0359 2756 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
06:42:09.0359 2756 amsint - ok
06:42:09.0406 2756 APPDRV - ok
06:42:09.0453 2756 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll
06:42:09.0453 2756 AppMgmt - ok
06:42:09.0500 2756 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
06:42:09.0500 2756 Arp1394 - ok
06:42:09.0500 2756 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
06:42:09.0500 2756 asc - ok
06:42:09.0515 2756 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
06:42:09.0515 2756 asc3350p - ok
06:42:09.0515 2756 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
06:42:09.0515 2756 asc3550 - ok
06:42:09.0640 2756 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
06:42:09.0656 2756 aspnet_state - ok
06:42:09.0703 2756 aswFsBlk (0ae43c6c411254049279c2ee55630f95) C:\WINDOWS\system32\drivers\aswFsBlk.sys
06:42:09.0703 2756 aswFsBlk - ok
06:42:09.0750 2756 aswMon2 (8c30b7ddd2f1d8d138ebe40345af2b11) C:\WINDOWS\system32\drivers\aswMon2.sys
06:42:09.0750 2756 aswMon2 - ok
06:42:09.0765 2756 aswRdr (da12626fd9a67f4e917e2f2fbe1e1764) C:\WINDOWS\system32\drivers\aswRdr.sys
06:42:09.0765 2756 aswRdr - ok
06:42:09.0843 2756 aswSnx (dcb199b967375753b5019ec15f008f53) C:\WINDOWS\system32\drivers\aswSnx.sys
06:42:09.0875 2756 aswSnx - ok
06:42:09.0906 2756 aswSP (b32873e5a1443c0a1e322266e203bf10) C:\WINDOWS\system32\drivers\aswSP.sys
06:42:09.0921 2756 aswSP - ok
06:42:09.0953 2756 aswTdi (6ff544175a9180c5d88534d3d9c9a9f7) C:\WINDOWS\system32\drivers\aswTdi.sys
06:42:09.0953 2756 aswTdi - ok
06:42:10.0015 2756 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
06:42:10.0015 2756 AsyncMac - ok
06:42:10.0031 2756 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
06:42:10.0031 2756 atapi - ok
06:42:10.0031 2756 Atdisk - ok
06:42:10.0125 2756 Ati HotKey Poller (954c1d5b84d1cf925999a4c27e2ab34d) C:\WINDOWS\system32\Ati2evxx.exe
06:42:10.0125 2756 Ati HotKey Poller - ok
06:42:10.0250 2756 ati2mtag (bebeb471617782d138b6f92e7c3fab1c) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
06:42:10.0328 2756 ati2mtag - ok
06:42:10.0468 2756 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
06:42:10.0468 2756 Atmarpc - ok
06:42:10.0500 2756 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
06:42:10.0500 2756 AudioSrv - ok
06:42:10.0562 2756 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
06:42:10.0562 2756 audstub - ok
06:42:10.0671 2756 Autodesk Licensing Service (32a5defddc3562bf89d73586f5915b34) C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
06:42:10.0687 2756 Autodesk Licensing Service - ok
06:42:10.0765 2756 avast! Antivirus (4041d31508a2a084dfb42c595854090f) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
06:42:10.0781 2756 avast! Antivirus - ok
06:42:10.0812 2756 bcm4sbxp (cd4646067cc7dcba1907fa0acf7e3966) C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
06:42:10.0812 2756 bcm4sbxp - ok
06:42:10.0828 2756 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
06:42:10.0843 2756 Beep - ok
06:42:10.0890 2756 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
06:42:10.0953 2756 BITS - ok
06:42:11.0015 2756 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
06:42:11.0015 2756 Browser - ok
06:42:11.0046 2756 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
06:42:11.0046 2756 cbidf - ok
06:42:11.0046 2756 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
06:42:11.0046 2756 cbidf2k - ok
06:42:11.0062 2756 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
06:42:11.0062 2756 cd20xrnt - ok
06:42:11.0062 2756 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
06:42:11.0078 2756 Cdaudio - ok
06:42:11.0109 2756 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
06:42:11.0125 2756 Cdfs - ok
06:42:11.0140 2756 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
06:42:11.0140 2756 Cdrom - ok
06:42:11.0140 2756 Changer - ok
06:42:11.0187 2756 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
06:42:11.0187 2756 CiSvc - ok
06:42:11.0203 2756 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
06:42:11.0203 2756 ClipSrv - ok
06:42:11.0343 2756 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
06:42:11.0390 2756 clr_optimization_v2.0.50727_32 - ok
06:42:11.0421 2756 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
06:42:11.0437 2756 CmBatt - ok
06:42:11.0468 2756 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
06:42:11.0468 2756 CmdIde - ok
06:42:11.0500 2756 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
06:42:11.0500 2756 Compbatt - ok
06:42:11.0515 2756 COMSysApp - ok
06:42:11.0562 2756 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
06:42:11.0562 2756 Cpqarray - ok
06:42:11.0609 2756 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
06:42:11.0609 2756 CryptSvc - ok
06:42:11.0625 2756 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
06:42:11.0640 2756 dac2w2k - ok
06:42:11.0656 2756 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
06:42:11.0656 2756 dac960nt - ok
06:42:11.0718 2756 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
06:42:11.0734 2756 DcomLaunch - ok
06:42:11.0781 2756 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
06:42:11.0796 2756 Dhcp - ok
06:42:11.0812 2756 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
06:42:11.0812 2756 Disk - ok
06:42:11.0828 2756 dmadmin - ok
06:42:11.0906 2756 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
06:42:11.0968 2756 dmboot - ok
06:42:11.0984 2756 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
06:42:11.0984 2756 dmio - ok
06:42:12.0000 2756 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
06:42:12.0015 2756 dmload - ok
06:42:12.0046 2756 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
06:42:12.0046 2756 dmserver - ok
06:42:12.0078 2756 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
06:42:12.0093 2756 DMusic - ok
06:42:12.0125 2756 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
06:42:12.0140 2756 Dnscache - ok
06:42:12.0187 2756 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
06:42:12.0203 2756 Dot3svc - ok
06:42:12.0218 2756 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
06:42:12.0234 2756 dpti2o - ok
06:42:12.0250 2756 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
06:42:12.0250 2756 drmkaud - ok
06:42:12.0296 2756 drvmcdb (e814854e6b246ccf498874839ab64d77) C:\WINDOWS\system32\drivers\drvmcdb.sys
06:42:12.0296 2756 drvmcdb - ok
06:42:12.0312 2756 drvnddm (ee83a4ebae70bc93cf14879d062f548b) C:\WINDOWS\system32\drivers\drvnddm.sys
06:42:12.0312 2756 drvnddm - ok
06:42:12.0453 2756 DSBrokerService (fe80901578e7e3da70299a5aeb2b7fbd) C:\Program Files\DellSupport\brkrsvc.exe
06:42:12.0453 2756 DSBrokerService - ok
06:42:12.0484 2756 DSproct (413f2d5f9d802688242c23b38f767ecb) C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
06:42:12.0484 2756 DSproct - ok
06:42:12.0531 2756 dsunidrv (dfeabb7cfffadea4a912ab95bdc3177a) C:\WINDOWS\system32\DRIVERS\dsunidrv.sys
06:42:12.0531 2756 dsunidrv - ok
06:42:12.0578 2756 E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys
06:42:12.0593 2756 E100B - ok
06:42:12.0625 2756 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
06:42:12.0640 2756 EapHost - ok
06:42:12.0687 2756 EIO (59d74c7b787aa3dda0948986403cea55) C:\WINDOWS\system32\drivers\EIO.sys
06:42:12.0687 2756 EIO - ok
06:42:12.0718 2756 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
06:42:12.0718 2756 ERSvc - ok
06:42:12.0750 2756 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
06:42:12.0781 2756 Eventlog - ok
06:42:12.0828 2756 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
06:42:12.0828 2756 EventSystem - ok
06:42:12.0859 2756 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
06:42:12.0875 2756 Fastfat - ok
06:42:12.0906 2756 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
06:42:12.0937 2756 FastUserSwitchingCompatibility - ok
06:42:12.0968 2756 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
06:42:12.0968 2756 Fdc - ok
06:42:13.0000 2756 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
06:42:13.0000 2756 Fips - ok
06:42:13.0031 2756 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
06:42:13.0031 2756 Flpydisk - ok
06:42:13.0093 2756 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
06:42:13.0093 2756 FltMgr - ok
06:42:13.0218 2756 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
06:42:13.0218 2756 FontCache3.0.0.0 - ok
06:42:13.0250 2756 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
06:42:13.0250 2756 Fs_Rec - ok
06:42:13.0312 2756 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
06:42:13.0312 2756 Ftdisk - ok
06:42:13.0359 2756 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
06:42:13.0375 2756 Gpc - ok
06:42:13.0390 2756 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
06:42:13.0406 2756 HDAudBus - ok
06:42:13.0484 2756 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
06:42:13.0484 2756 helpsvc - ok
06:42:13.0515 2756 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll
06:42:13.0531 2756 HidServ - ok
06:42:13.0546 2756 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
06:42:13.0546 2756 HidUsb - ok
06:42:13.0593 2756 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
06:42:13.0593 2756 hkmsvc - ok
06:42:13.0625 2756 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
06:42:13.0625 2756 hpn - ok
06:42:13.0671 2756 HSFHWAZL (1c8caa80e91fb71864e9426f9eed048d) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
06:42:13.0687 2756 HSFHWAZL - ok
06:42:13.0734 2756 HSF_DPV (698204d9c2832e53633e53a30a53fc3d) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
06:42:13.0796 2756 HSF_DPV - ok
06:42:13.0843 2756 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
06:42:13.0859 2756 HTTP - ok
06:42:13.0906 2756 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
06:42:13.0921 2756 HTTPFilter - ok
06:42:13.0953 2756 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
06:42:13.0968 2756 i2omgmt - ok
06:42:13.0984 2756 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
06:42:13.0984 2756 i2omp - ok
06:42:14.0015 2756 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
06:42:14.0015 2756 i8042prt - ok
06:42:14.0171 2756 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
06:42:14.0203 2756 idsvc - ok
06:42:14.0234 2756 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
06:42:14.0234 2756 Imapi - ok
06:42:14.0296 2756 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
06:42:14.0312 2756 ImapiService - ok
06:42:14.0359 2756 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
06:42:14.0359 2756 ini910u - ok
06:42:14.0390 2756 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
06:42:14.0390 2756 IntelIde - ok
06:42:14.0437 2756 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
06:42:14.0437 2756 intelppm - ok
06:42:14.0468 2756 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
06:42:14.0468 2756 Ip6Fw - ok
06:42:14.0500 2756 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
06:42:14.0500 2756 IpFilterDriver - ok
06:42:14.0531 2756 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
06:42:14.0531 2756 IpInIp - ok
06:42:14.0578 2756 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
06:42:14.0593 2756 IpNat - ok
06:42:14.0593 2756 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
06:42:14.0609 2756 IPSec - ok
06:42:14.0609 2756 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
06:42:14.0609 2756 IRENUM - ok
06:42:14.0625 2756 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
06:42:14.0625 2756 isapnp - ok
06:42:14.0796 2756 JavaQuickStarterService (0a5709543986843d37a92290b7838340) C:\Program Files\Java\jre6\bin\jqs.exe
06:42:14.0796 2756 JavaQuickStarterService - ok
06:42:14.0828 2756 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
06:42:14.0828 2756 Kbdclass - ok
06:42:14.0859 2756 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
06:42:14.0859 2756 kmixer - ok
06:42:14.0890 2756 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
06:42:14.0906 2756 KSecDD - ok
06:42:14.0984 2756 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
06:42:15.0000 2756 lanmanserver - ok
06:42:15.0046 2756 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
06:42:15.0062 2756 lanmanworkstation - ok
06:42:15.0062 2756 lbrtfdc - ok
06:42:15.0140 2756 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
06:42:15.0140 2756 LmHosts - ok
06:42:15.0140 2756 MaxBackServiceInt - ok
06:42:15.0296 2756 MDM (11f714f85530a2bd134074dc30e99fca) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
06:42:15.0312 2756 MDM - ok
06:42:15.0343 2756 mdmxsdk (3c318b9cd391371bed62126581ee9961) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
06:42:15.0343 2756 mdmxsdk - ok
06:42:15.0375 2756 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
06:42:15.0390 2756 Messenger - ok
06:42:15.0421 2756 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
06:42:15.0421 2756 mnmdd - ok
06:42:15.0468 2756 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
06:42:15.0484 2756 mnmsrvc - ok
06:42:15.0531 2756 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
06:42:15.0531 2756 Modem - ok
06:42:15.0546 2756 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
06:42:15.0546 2756 Mouclass - ok
06:42:15.0593 2756 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
06:42:15.0593 2756 mouhid - ok
06:42:15.0609 2756 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
06:42:15.0609 2756 MountMgr - ok
06:42:15.0640 2756 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
06:42:15.0656 2756 mraid35x - ok
06:42:15.0718 2756 MREMP50 (80b2ec735495823ae5771a5f603e73bd) C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
06:42:15.0734 2756 MREMP50 - ok
06:42:15.0734 2756 MREMP50a64 - ok
06:42:15.0750 2756 MRENDIS5 (594b9d8194e3f4ecbf0325bd10bbeb05) C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS
06:42:15.0765 2756 MRENDIS5 - ok
06:42:15.0765 2756 MRESP50 (37d7c22f7e26da90e2d2d260e5d27846) C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
06:42:15.0765 2756 MRESP50 - ok
06:42:15.0765 2756 MRESP50a64 - ok
06:42:15.0796 2756 mrtRate (5300cb219dcfebc7540ce61532db329e) C:\WINDOWS\system32\drivers\mrtRate.sys
06:42:15.0812 2756 mrtRate - ok
06:42:15.0843 2756 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
06:42:15.0843 2756 MRxDAV - ok
06:42:15.0906 2756 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
06:42:15.0937 2756 MRxSmb - ok
06:42:15.0984 2756 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
06:42:15.0984 2756 MSDTC - ok
06:42:16.0031 2756 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
06:42:16.0031 2756 Msfs - ok
06:42:16.0031 2756 MSIServer - ok
06:42:16.0062 2756 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
06:42:16.0062 2756 MSKSSRV - ok
06:42:16.0078 2756 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
06:42:16.0078 2756 MSPCLOCK - ok
06:42:16.0078 2756 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
06:42:16.0078 2756 MSPQM - ok
06:42:16.0125 2756 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
06:42:16.0125 2756 mssmbios - ok
06:42:16.0156 2756 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
06:42:16.0156 2756 Mup - ok
06:42:16.0218 2756 MXOPSWD (c29f284ff7ab4ed38ce419a9424e52a2) C:\WINDOWS\system32\DRIVERS\mxopswd.sys
06:42:16.0218 2756 MXOPSWD - ok
06:42:16.0265 2756 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
06:42:16.0296 2756 napagent - ok
06:42:16.0328 2756 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
06:42:16.0343 2756 NDIS - ok
06:42:16.0375 2756 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
06:42:16.0390 2756 NdisTapi - ok
06:42:16.0390 2756 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
06:42:16.0406 2756 Ndisuio - ok
06:42:16.0406 2756 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
06:42:16.0421 2756 NdisWan - ok
06:42:16.0468 2756 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
06:42:16.0468 2756 NDProxy - ok
06:42:16.0515 2756 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
06:42:16.0515 2756 NetBIOS - ok
06:42:16.0546 2756 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
06:42:16.0562 2756 NetBT - ok
06:42:16.0609 2756 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
06:42:16.0625 2756 NetDDE - ok
06:42:16.0625 2756 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
06:42:16.0640 2756 NetDDEdsdm - ok
06:42:16.0687 2756 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
06:42:16.0687 2756 Netlogon - ok
06:42:16.0718 2756 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
06:42:16.0734 2756 Netman - ok
06:42:16.0843 2756 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
06:42:16.0859 2756 NetTcpPortSharing - ok
06:42:17.0000 2756 NETw4x32 (88100ebdd10309fbd445ef8e42452eae) C:\WINDOWS\system32\DRIVERS\NETw4x32.sys
06:42:17.0125 2756 NETw4x32 - ok
06:42:17.0312 2756 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
06:42:17.0312 2756 NIC1394 - ok
06:42:17.0484 2756 NICCONFIGSVC (11d8a00c7eff1aaec8e8464769c84a3d) C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
06:42:17.0500 2756 NICCONFIGSVC - ok
06:42:17.0546 2756 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
06:42:17.0578 2756 Nla - ok
06:42:17.0625 2756 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
06:42:17.0640 2756 Npfs - ok
06:42:17.0671 2756 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
06:42:17.0703 2756 Ntfs - ok
06:42:17.0750 2756 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
06:42:17.0765 2756 NtLmSsp - ok
06:42:17.0812 2756 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
06:42:17.0828 2756 NtmsSvc - ok
06:42:17.0859 2756 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
06:42:17.0875 2756 Null - ok
06:42:18.0015 2756 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
06:42:18.0125 2756 nv - ok
06:42:18.0234 2756 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
06:42:18.0234 2756 NwlnkFlt - ok
06:42:18.0250 2756 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
06:42:18.0250 2756 NwlnkFwd - ok
06:42:18.0421 2756 OAcat (27e83f14ae20f92ed7c30e840d71e23d) C:\Program Files\Tall Emu\Online Armor\OAcat.exe
06:42:18.0437 2756 OAcat - ok
06:42:18.0515 2756 OADevice (da5e5a2026eeef52d94fcb760e171752) C:\WINDOWS\system32\drivers\OADriver.sys
06:42:18.0531 2756 OADevice - ok
06:42:18.0546 2756 OAmon (3524dd1f24bd0114eaa98048d76075c1) C:\WINDOWS\system32\drivers\OAmon.sys
06:42:18.0546 2756 OAmon - ok
06:42:18.0593 2756 OAnet (e57d9d511e837ef56f93ec29f1ff730d) C:\WINDOWS\system32\drivers\OAnet.sys
06:42:18.0609 2756 OAnet - ok
06:42:18.0625 2756 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
06:42:18.0640 2756 ohci1394 - ok
06:42:18.0687 2756 omci (b17228142cec9b3c222239fd935a37ca) C:\WINDOWS\system32\DRIVERS\omci.sys
06:42:18.0687 2756 omci - ok
06:42:18.0781 2756 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
06:42:18.0781 2756 ose - ok
06:42:18.0812 2756 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
06:42:18.0812 2756 Parport - ok
06:42:18.0828 2756 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
06:42:18.0828 2756 PartMgr - ok
06:42:18.0859 2756 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
06:42:18.0859 2756 ParVdm - ok
06:42:18.0859 2756 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
06:42:18.0875 2756 PCI - ok
06:42:18.0875 2756 PCIDump - ok
06:42:18.0921 2756 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
06:42:18.0921 2756 PCIIde - ok
06:42:18.0953 2756 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
06:42:18.0968 2756 Pcmcia - ok
06:42:18.0968 2756 PDCOMP - ok
06:42:18.0984 2756 PDFRAME - ok
06:42:18.0984 2756 PDRELI - ok
06:42:19.0000 2756 PDRFRAME - ok
06:42:19.0015 2756 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
06:42:19.0015 2756 perc2 - ok
06:42:19.0031 2756 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
06:42:19.0031 2756 perc2hib - ok
06:42:19.0093 2756 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
06:42:19.0109 2756 PlugPlay - ok
06:42:19.0156 2756 Pml Driver HPZ12 (2d091a99624fb9e7eef0a86d872ec0c3) C:\WINDOWS\system32\HPZipm12.exe
06:42:19.0171 2756 Pml Driver HPZ12 - ok
06:42:19.0187 2756 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
06:42:19.0203 2756 PolicyAgent - ok
06:42:19.0234 2756 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
06:42:19.0250 2756 PptpMiniport - ok
06:42:19.0250 2756 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
06:42:19.0265 2756 ProtectedStorage - ok
06:42:19.0265 2756 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
06:42:19.0281 2756 PSched - ok
06:42:19.0312 2756 PSI (d24dfd16a1e2a76034df5aa18125c35d) C:\WINDOWS\system32\DRIVERS\psi_mf.sys
06:42:19.0328 2756 PSI - ok
06:42:19.0343 2756 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
06:42:19.0359 2756 Ptilink - ok
06:42:19.0406 2756 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys
06:42:19.0406 2756 PxHelp20 - ok
06:42:19.0437 2756 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
06:42:19.0437 2756 ql1080 - ok
06:42:19.0453 2756 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
06:42:19.0453 2756 Ql10wnt - ok
06:42:19.0484 2756 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
06:42:19.0484 2756 ql12160 - ok
06:42:19.0500 2756 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
06:42:19.0500 2756 ql1240 - ok
06:42:19.0531 2756 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
06:42:19.0531 2756 ql1280 - ok
06:42:19.0562 2756 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
06:42:19.0562 2756 RasAcd - ok
06:42:19.0609 2756 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
06:42:19.0625 2756 RasAuto - ok
06:42:19.0671 2756 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
06:42:19.0671 2756 Rasl2tp - ok
06:42:19.0718 2756 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
06:42:19.0734 2756 RasMan - ok
06:42:19.0750 2756 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
06:42:19.0750 2756 RasPppoe - ok
06:42:19.0781 2756 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
06:42:19.0781 2756 Raspti - ok
06:42:19.0812 2756 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
06:42:19.0812 2756 Rdbss - ok
06:42:19.0843 2756 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
06:42:19.0859 2756 RDPCDD - ok
06:42:19.0875 2756 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
06:42:19.0890 2756 rdpdr - ok
06:42:19.0937 2756 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
06:42:19.0953 2756 RDPWD - ok
06:42:20.0000 2756 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
06:42:20.0015 2756 RDSessMgr - ok
06:42:20.0062 2756 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
06:42:20.0078 2756 redbook - ok
06:42:20.0109 2756 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
06:42:20.0125 2756 RemoteAccess - ok
06:42:20.0156 2756 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll
06:42:20.0171 2756 RemoteRegistry - ok
06:42:20.0218 2756 rimmptsk (d85e3fa9f5b1f29bb4ed185c450d1470) C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
06:42:20.0218 2756 rimmptsk - ok
06:42:20.0218 2756 rimsptsk (db8eb01c58c9fada00c70b1775278ae0) C:\WINDOWS\system32\DRIVERS\rimsptsk.sys
06:42:20.0234 2756 rimsptsk - ok
06:42:20.0234 2756 rismxdp (6c1f93c0760c9f79a1869d07233df39d) C:\WINDOWS\system32\DRIVERS\rixdptsk.sys
06:42:20.0250 2756 rismxdp - ok
06:42:20.0281 2756 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
06:42:20.0296 2756 RpcLocator - ok
06:42:20.0359 2756 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
06:42:20.0375 2756 RpcSs - ok
06:42:20.0421 2756 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
06:42:20.0437 2756 RSVP - ok
06:42:20.0453 2756 s24trans - ok
06:42:20.0500 2756 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
06:42:20.0500 2756 SamSs - ok
06:42:20.0546 2756 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
06:42:20.0562 2756 SCardSvr - ok
06:42:20.0609 2756 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
06:42:20.0640 2756 Schedule - ok
06:42:20.0687 2756 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
06:42:20.0687 2756 sdbus - ok
06:42:20.0734 2756 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
06:42:20.0750 2756 Secdrv - ok
06:42:20.0781 2756 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
06:42:20.0796 2756 seclogon - ok
06:42:20.0968 2756 Secunia PSI Agent (1ce8490e8919ef5c72275952c202e749) C:\Program Files\Secunia\PSI\PSIA.exe
06:42:20.0984 2756 Secunia PSI Agent - ok
06:42:21.0031 2756 Secunia Update Agent (9337c7c45392a32cac5e59ddac0d0342) C:\Program Files\Secunia\PSI\sua.exe
06:42:21.0031 2756 Secunia Update Agent - ok
06:42:21.0140 2756 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
06:42:21.0156 2756 SENS - ok
06:42:21.0250 2756 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
06:42:21.0250 2756 serenum - ok
06:42:21.0281 2756 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
06:42:21.0281 2756 Serial - ok
06:42:21.0312 2756 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
06:42:21.0312 2756 Sfloppy - ok
06:42:21.0359 2756 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
06:42:21.0406 2756 SharedAccess - ok
06:42:21.0437 2756 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
06:42:21.0453 2756 ShellHWDetection - ok
06:42:21.0468 2756 Simbad - ok
06:42:21.0515 2756 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
06:42:21.0531 2756 sisagp - ok
06:42:21.0562 2756 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
06:42:21.0562 2756 Sparrow - ok
06:42:21.0609 2756 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
06:42:21.0609 2756 splitter - ok
06:42:21.0656 2756 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
06:42:21.0671 2756 Spooler - ok
06:42:21.0703 2756 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
06:42:21.0703 2756 sr - ok
06:42:21.0750 2756 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
06:42:21.0796 2756 srservice - ok
06:42:21.0859 2756 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
06:42:21.0875 2756 Srv - ok
06:42:21.0906 2756 sscdbhk5 (d7968049be0adbb6a57cee3960320911) C:\WINDOWS\system32\drivers\sscdbhk5.sys
06:42:21.0906 2756 sscdbhk5 - ok
06:42:21.0937 2756 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
06:42:21.0953 2756 SSDPSRV - ok
06:42:21.0968 2756 ssrtln (c3ffd65abfb6441e7606cf74f1155273) C:\WINDOWS\system32\drivers\ssrtln.sys
06:42:21.0968 2756 ssrtln - ok
06:42:22.0062 2756 STHDA (2a2dc39623adef8ab3703ab9fac4b440) C:\WINDOWS\system32\drivers\sthda.sys
06:42:22.0125 2756 STHDA - ok
06:42:22.0187 2756 StillCam (a9573045baa16eab9b1085205b82f1ed) C:\WINDOWS\system32\DRIVERS\serscan.sys
06:42:22.0187 2756 StillCam - ok
06:42:22.0234 2756 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
06:42:22.0265 2756 stisvc - ok
06:42:22.0546 2756 SvcOnlineArmor (2a27eaa524005170ded0415596e75f46) C:\Program Files\Tall Emu\Online Armor\oasrv.exe
06:42:22.0687 2756 SvcOnlineArmor - ok
06:42:22.0875 2756 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
06:42:22.0890 2756 swenum - ok
06:42:22.0937 2756 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
06:42:22.0937 2756 swmidi - ok
06:42:22.0953 2756 SwPrv - ok
06:42:23.0000 2756 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
06:42:23.0000 2756 symc810 - ok
06:42:23.0031 2756 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
06:42:23.0031 2756 symc8xx - ok
06:42:23.0046 2756 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
06:42:23.0046 2756 sym_hi - ok
06:42:23.0062 2756 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
06:42:23.0062 2756 sym_u3 - ok
06:42:23.0125 2756 SynTP (35d5b3632e0bcebe27b391157de05996) C:\WINDOWS\system32\DRIVERS\SynTP.sys
06:42:23.0140 2756 SynTP - ok
06:42:23.0156 2756 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
06:42:23.0171 2756 sysaudio - ok
06:42:23.0218 2756 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
06:42:23.0234 2756 SysmonLog - ok
06:42:23.0281 2756 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
06:42:23.0312 2756 TapiSrv - ok
06:42:23.0375 2756 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
06:42:23.0390 2756 Tcpip - ok
06:42:23.0421 2756 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
06:42:23.0421 2756 TDPIPE - ok
06:42:23.0484 2756 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
06:42:23.0484 2756 TDTCP - ok
06:42:23.0500 2756 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
06:42:23.0500 2756 TermDD - ok
06:42:23.0562 2756 TermService (56f4867bae6fd78e5365a3a7afa59c82) C:\WINDOWS\System32\termsrv32.dll
06:42:23.0578 2756 TermService - ok
06:42:23.0671 2756 tfsnboio (30698355067d07da5f9eb81132c9fdd6) C:\WINDOWS\system32\dla\tfsnboio.sys
06:42:23.0687 2756 tfsnboio - ok
06:42:23.0687 2756 tfsncofs (fb9d825bb4a2abdf24600f7505050e2b) C:\WINDOWS\system32\dla\tfsncofs.sys
06:42:23.0687 2756 tfsncofs - ok
06:42:23.0703 2756 tfsndrct (cafd8cca11aa1e8b6d2ea1ba8f70ec33) C:\WINDOWS\system32\dla\tfsndrct.sys
06:42:23.0703 2756 tfsndrct - ok
06:42:23.0703 2756 tfsndres (8db1e78fbf7c426d8ec3d8f1a33d6485) C:\WINDOWS\system32\dla\tfsndres.sys
06:42:23.0718 2756 tfsndres - ok
06:42:23.0718 2756 tfsnifs (b92f67a71cc8176f331b8aa8d9f555ad) C:\WINDOWS\system32\dla\tfsnifs.sys
06:42:23.0734 2756 tfsnifs - ok
06:42:23.0734 2756 tfsnopio (85985faa9a71e2358fcc2edefc2a3c5c) C:\WINDOWS\system32\dla\tfsnopio.sys
06:42:23.0734 2756 tfsnopio - ok
06:42:23.0750 2756 tfsnpool (bba22094f0f7c210567efdaf11f64495) C:\WINDOWS\system32\dla\tfsnpool.sys
06:42:23.0750 2756 tfsnpool - ok
06:42:23.0765 2756 tfsnudf (81340bef80b9811e98ce64611e67e3ff) C:\WINDOWS\system32\dla\tfsnudf.sys
06:42:23.0765 2756 tfsnudf - ok
06:42:23.0781 2756 tfsnudfa (c035fd116224ccc8325f384776b6a8bb) C:\WINDOWS\system32\dla\tfsnudfa.sys
06:42:23.0781 2756 tfsnudfa - ok
06:42:23.0828 2756 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
06:42:23.0843 2756 Themes - ok
06:42:23.0875 2756 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32\tlntsvr.exe
06:42:23.0906 2756 TlntSvr - ok
06:42:23.0937 2756 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
06:42:23.0937 2756 TosIde - ok
06:42:23.0984 2756 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
06:42:24.0000 2756 TrkWks - ok
06:42:24.0046 2756 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
06:42:24.0046 2756 Udfs - ok
06:42:24.0093 2756 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
06:42:24.0093 2756 ultra - ok
06:42:24.0156 2756 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
06:42:24.0171 2756 Update - ok
06:42:24.0218 2756 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
06:42:24.0250 2756 upnphost - ok
06:42:24.0265 2756 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
06:42:24.0281 2756 UPS - ok
06:42:24.0328 2756 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
06:42:24.0328 2756 usbccgp - ok
06:42:24.0359 2756 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
06:42:24.0375 2756 usbehci - ok
06:42:24.0421 2756 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
06:42:24.0421 2756 usbhub - ok
06:42:24.0468 2756 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
06:42:24.0468 2756 usbscan - ok
06:42:24.0484 2756 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
06:42:24.0500 2756 USBSTOR - ok
06:42:24.0500 2756 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
06:42:24.0515 2756 usbuhci - ok
06:42:24.0515 2756 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
06:42:24.0515 2756 VgaSave - ok
06:42:24.0562 2756 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
06:42:24.0562 2756 viaagp - ok
06:42:24.0593 2756 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
06:42:24.0593 2756 ViaIde - ok
06:42:24.0625 2756 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
06:42:24.0640 2756 VolSnap - ok
06:42:24.0687 2756 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
06:42:24.0718 2756 VSS - ok
06:42:24.0765 2756 w32time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
06:42:24.0796 2756 w32time - ok
06:42:24.0906 2756 w39n51 (b1f126e7e28877106d60e6ff3998d033) C:\WINDOWS\system32\DRIVERS\w39n51.sys
06:42:24.0968 2756 w39n51 - ok
06:42:25.0109 2756 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
06:42:25.0109 2756 Wanarp - ok
06:42:25.0109 2756 wanatw - ok
06:42:25.0125 2756 WDICA - ok
06:42:25.0156 2756 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
06:42:25.0171 2756 wdmaud - ok
06:42:25.0203 2756 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
06:42:25.0218 2756 WebClient - ok
06:42:25.0312 2756 winachsf (74cf3f2e4e40c4a2e18d39d6300a5c24) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
06:42:25.0359 2756 winachsf - ok
06:42:25.0468 2756 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
06:42:25.0484 2756 winmgmt - ok
06:42:25.0546 2756 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
06:42:25.0546 2756 WmdmPmSN - ok
06:42:25.0640 2756 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll
06:42:25.0671 2756 Wmi - ok
06:42:25.0734 2756 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
06:42:25.0734 2756 WmiAcpi - ok
06:42:25.0781 2756 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
06:42:25.0796 2756 WmiApSrv - ok
06:42:26.0031 2756 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe
06:42:26.0078 2756 WMPNetworkSvc - ok
06:42:26.0125 2756 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
06:42:26.0156 2756 wscsvc - ok
06:42:26.0203 2756 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
06:42:26.0250 2756 wuauserv - ok
06:42:26.0281 2756 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
06:42:26.0281 2756 WudfPf - ok
06:42:26.0312 2756 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
06:42:26.0312 2756 WudfRd - ok
06:42:26.0328 2756 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
06:42:26.0343 2756 WudfSvc - ok
06:42:26.0406 2756 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
06:42:26.0453 2756 WZCSVC - ok
06:42:26.0500 2756 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
06:42:26.0531 2756 xmlprov - ok
06:42:26.0562 2756 MBR (0x1B8) (dea9e81f0228b68c9adaf84c9b0cf931) \Device\Harddisk0\DR0
06:42:26.0578 2756 \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - infected
06:42:26.0578 2756 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Sinowal.b (0)
06:42:26.0609 2756 Boot (0x1200) (43926fcb5c4b3ae5531c5fb6dcc2b5af) \Device\Harddisk0\DR0\Partition0
06:42:26.0609 2756 \Device\Harddisk0\DR0\Partition0 - ok
06:42:26.0609 2756 ============================================================
06:42:26.0609 2756 Scan finished
06:42:26.0609 2756 ============================================================
06:42:26.0625 0188 Detected object count: 1
06:42:26.0625 0188 Actual detected object count: 1
06:42:38.0187 0188 \Device\Harddisk0\DR0\# - copied to quarantine
06:42:38.0187 0188 \Device\Harddisk0\DR0 - copied to quarantine
06:42:38.0218 0188 \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - will be cured on reboot
06:42:38.0234 0188 \Device\Harddisk0\DR0 - ok
06:42:38.0234 0188 \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - User select action: Cure
06:42:51.0000 2064 Deinitialize success
Report follows
frerom
Regular Member
 
Posts: 141
Joined: December 23rd, 2009, 3:18 pm
Location: Ontario, Canada

Re: Autocad lt 2007 stopped launching

Unread postby maxi » May 1st, 2012, 10:51 am

Hi frerom,

I would like to run chkdsk but I will wait until your next post.

Please don't try anything until I give you the go ahead.

Step 1
aswMBR.exe should still be on your Desktop, Please run this again using the same instructions you used before.

Step 2
Malwarebytes' Anti-Malware

Please download Malwarebytes' Anti-Malware and save to your desktop.

  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to:
    Update Malwarebytes' Anti-Malware
    Launch Malwarebytes' Anti-Malware
  • Then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform Quick Scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Check all items except items in the C:\System Volume Information folder... and click Remove Selected.
    Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.
  • When completed, a log will open in Notepad. Please copy and paste the log back into your next reply
  • The log can also be found here:
    C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt

In your next reply please include:
The log from aswMBR.exe.
The Malwarebytes log.
Any changes to your computer.

Regards maxi :)
User avatar
maxi
Retired Graduate
 
Posts: 1262
Joined: September 25th, 2009, 10:17 am
Location: Cork, Ireland.

Re: Autocad lt 2007 stopped launching

Unread postby frerom » May 1st, 2012, 1:19 pm

Hi Maxi,
I believe situation is better but there probably still is an infection.

For the MBytes scan I did not close Avast.

The Avast MBR.dat is now 512 bytes instead of a kilobyte.

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-04-28 10:20:50
-----------------------------
10:20:50.109 OS Version: Windows 5.1.2600 Service Pack 3
10:20:50.109 Number of processors: 2 586 0xE08
10:20:50.109 ComputerName: DELL UserName: FAR
10:21:09.921 Initialize success
10:21:48.125 AVAST engine defs: 12042800
10:23:53.578 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
10:23:53.578 Disk 0 Vendor: ST98823AS 8.03 Size: 74881MB BusType: 3
10:23:54.875 Disk 0 MBR read successfully
10:23:54.875 Disk 0 MBR scan
10:23:54.875 Disk 0 unknown MBR code
10:23:54.875 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 47 MB offset 63
10:23:54.890 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 71751 MB offset 96390
10:23:54.921 Disk 0 Partition 3 00 DB CP/M / CTOS Dell 8.0 3074 MB offset 147042945
10:23:54.953 Disk 0 scanning sectors +153340425
10:23:54.984 Disk 0 malicious Win32:MBRoot code @ sector 153340428 !
10:23:54.984 Disk 0 PE file @ sector 153340450 !
10:23:55.046 Disk 0 scanning C:\WINDOWS\system32\drivers
10:24:08.546 Service scanning
10:24:24.906 Modules scanning
10:24:54.703 Disk 0 trace - called modules:
10:24:54.781 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
10:24:54.781 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x87175ab8]
10:24:54.781 3 CLASSPNP.SYS[f75d1fd7] -> nt!IofCallDriver -> \Device\00000075[0x87178510]
10:24:54.781 5 ACPI.sys[f7468620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x871d3940]
10:24:55.328 AVAST engine scan C:\WINDOWS
10:25:03.968 AVAST engine scan C:\WINDOWS\system32
10:38:15.671 AVAST engine scan C:\WINDOWS\system32\drivers
10:38:34.937 AVAST engine scan C:\Documents and Settings\FAR
10:40:53.937 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\FAR\Desktop\MBR.dat"
10:40:53.937 The log file has been saved successfully to "C:\Documents and Settings\FAR\Desktop\aswMBR.txt"
10:42:37.171 File: C:\Documents and Settings\FAR\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll **HIDDEN**
10:42:37.468 File: C:\Documents and Settings\FAR\Application Data\Microsoft\Installer\{457791C5-D702-4143-A7B2-2744BE9573F2}\NewShortcut1_5B69D3033CA54B39B5ECE7D051297E77.exe **HIDDEN**
10:42:37.656 File: C:\Documents and Settings\FAR\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe **HIDDEN**
10:42:54.671 File: C:\Documents and Settings\FAR\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-72568e8b-n\decora-d3d.dll **HIDDEN**
10:42:54.921 File: C:\Documents and Settings\FAR\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-72568e8b-n\decora-sse.dll **HIDDEN**
10:42:58.156 File: C:\Documents and Settings\FAR\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-189832fc-n\jmc.dll **HIDDEN**
10:42:58.421 File: C:\Documents and Settings\FAR\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-189832fc-n\msvcp71.dll **HIDDEN**
10:42:58.750 File: C:\Documents and Settings\FAR\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-189832fc-n\msvcr71.dll **HIDDEN**
10:42:59.406 File: C:\Documents and Settings\FAR\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-3fe765a8-n\decora-d3d.dll **HIDDEN**
10:42:59.578 File: C:\Documents and Settings\FAR\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-3fe765a8-n\decora-sse.dll **HIDDEN**
10:43:00.781 File: C:\Documents and Settings\FAR\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-231517a0-n\jmc.dll **HIDDEN**
10:43:01.109 File: C:\Documents and Settings\FAR\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-231517a0-n\msvcp71.dll **HIDDEN**
10:43:01.281 File: C:\Documents and Settings\FAR\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-231517a0-n\msvcr71.dll **HIDDEN**
10:43:02.734 File: C:\Documents and Settings\FAR\Application Data\Sun\Java\jre1.6.0_22\gtapi.dll **HIDDEN**
10:43:03.062 File: C:\Documents and Settings\FAR\Application Data\Sun\Java\jre1.6.0_22\lzma.dll **HIDDEN**
10:43:05.812 File: C:\Documents and Settings\FAR\Desktop\aswMBR.exe **HIDDEN**
10:43:06.171 File: C:\Documents and Settings\FAR\Desktop\ccsetup317.exe **HIDDEN**
10:43:06.359 File: C:\Documents and Settings\FAR\Desktop\CIT207355-HPCOM-PATCH-v8.exe **HIDDEN**
10:43:06.500 File: C:\Documents and Settings\FAR\Desktop\cnet2_MyDefrag-v4_3_1_exe.exe **HIDDEN**
10:43:06.671 File: C:\Documents and Settings\FAR\Desktop\COL9278.exe **HIDDEN**
10:43:06.812 File: C:\Documents and Settings\FAR\Desktop\dds.com **HIDDEN**
10:43:06.984 File: C:\Documents and Settings\FAR\Desktop\dds.scr **HIDDEN**
10:43:07.218 File: C:\Documents and Settings\FAR\Desktop\Dial-a-fix-v0.60.0.24\Dial-a-fix-v0.60.0.24\Dial-a-fix.exe **HIDDEN**
10:43:07.359 File: C:\Documents and Settings\FAR\Desktop\Dial-a-fix-v0.60.0.24\Dial-a-fix-v0.60.0.24\secedit.exe **HIDDEN**
10:43:07.531 File: C:\Documents and Settings\FAR\Desktop\erunt\AUTOBACK.EXE **HIDDEN**
10:43:07.640 File: C:\Documents and Settings\FAR\Desktop\erunt\ERDNT.E_E **HIDDEN**
10:43:07.828 File: C:\Documents and Settings\FAR\Desktop\erunt\ERUNT.EXE **HIDDEN**
10:43:08.078 File: C:\Documents and Settings\FAR\Desktop\erunt\NTREGOPT.EXE **HIDDEN**
10:43:08.359 File: C:\Documents and Settings\FAR\Desktop\erunt-setup.exe **HIDDEN**
10:43:09.000 File: C:\Documents and Settings\FAR\Desktop\jre-6u31-windows-i586.exe **HIDDEN**
10:43:09.031 File: C:\Documents and Settings\FAR\Desktop\mbam-setup-1.46.exe **HIDDEN**
10:43:09.156 File: C:\Documents and Settings\FAR\Desktop\OnlineArmor_Setup_Free.exe **HIDDEN**
10:43:09.375 File: C:\Documents and Settings\FAR\Desktop\PSISetup.exe **HIDDEN**
10:43:09.421 File: C:\Documents and Settings\FAR\Desktop\QuickTimeInstaller.exe **HIDDEN**
10:43:09.531 File: C:\Documents and Settings\FAR\Desktop\RSIT.exe **HIDDEN**
10:43:09.687 File: C:\Documents and Settings\FAR\Desktop\TFC.exe **HIDDEN**
10:43:09.765 File: C:\Documents and Settings\FAR\Desktop\WindowsXP-KB936929-SP3-x86-ENU.exe **HIDDEN**
10:43:10.031 File: C:\Documents and Settings\FAR\Desktop\WindowsXP-KB942288-v3-x86.exe **HIDDEN**
10:43:10.234 File: C:\Documents and Settings\FAR\Desktop\wlsetup-web.exe **HIDDEN**
10:43:10.421 File: C:\Documents and Settings\FAR\Desktop\wpsetup.exe **HIDDEN**
10:43:44.312 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\ar-EG\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:44.750 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\cs\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:45.156 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\da\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:45.578 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\de\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:45.906 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\Dell.eSupport.DownloadManager.Core.dll **HIDDEN**
10:43:46.281 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\Dell.eSupport.DownloadManager.ISOImage.dll **HIDDEN**
10:43:46.656 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\Dell.eSupport.DownloadManager.Localization.dll **HIDDEN**
10:43:47.046 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\DellDriverDownloadManager.exe **HIDDEN**
10:43:47.718 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\el\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:48.187 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\en-US\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:48.640 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\es\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:49.046 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\fi\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:49.437 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\fr\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:49.906 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\fr-CA\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:50.312 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\he\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:50.703 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\hu\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:51.203 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\Interop.IWshRuntimeLibrary.dll **HIDDEN**
10:43:51.609 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\it\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:52.015 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\ja\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:52.468 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\ko\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:52.828 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\nl\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:53.171 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\no\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:53.515 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\pl\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:53.906 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\pt-BR\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:54.359 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\ro\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:54.781 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\ru\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:55.171 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\stdole.dll **HIDDEN**
10:43:55.625 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\sv\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:56.046 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\tr\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:56.421 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\Xceed.Compression.dll **HIDDEN**
10:43:56.890 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\zh-CN\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:57.343 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell...app_c8a6012355de1b2d_0002.0000_34518a22156bd8d9\zh-TW\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:57.968 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..ager_c8a6012355de1b2d_0004.0050_none_ec66d2575893ec7f\DellDriverDownloadManager.exe **HIDDEN**
10:43:58.171 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..core_c8a6012355de1b2d_0004.0050_none_b1600ccfe933d7dc\Dell.eSupport.DownloadManager.Core.dll **HIDDEN**
10:43:58.359 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..mage_c8a6012355de1b2d_0004.0050_none_2820c010b7539cc3\Dell.eSupport.DownloadManager.ISOImage.dll **HIDDEN**
10:43:58.562 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..rces_c8a6012355de1b2d_0004.0050_ar-eg_a1dd90878fa074ee\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:58.765 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..rces_c8a6012355de1b2d_0004.0050_cs_d170cc65a7eedb5a\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:58.968 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..rces_c8a6012355de1b2d_0004.0050_da_d2a4f22ba713e8ef\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:59.187 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..rces_c8a6012355de1b2d_0004.0050_de_d279b27ba73458b3\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:59.390 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..rces_c8a6012355de1b2d_0004.0050_el_d29f8a35a72420d1\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:59.593 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..rces_c8a6012355de1b2d_0004.0050_en-us_33d2ca03565a4a72\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:43:59.796 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..rces_c8a6012355de1b2d_0004.0050_es_d253dac1a75ce468\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:44:00.000 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..rces_c8a6012355de1b2d_0004.0050_fi_d3318127a6c2d185\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:44:00.203 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..rces_c8a6012355de1b2d_0004.0050_fr-ca_cecbe7304e2bb89f\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:44:00.406 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..rces_c8a6012355de1b2d_0004.0050_fr_d2d031dba70bccfe\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:44:00.625 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..rces_c8a6012355de1b2d_0004.0050_he_d43fcf33a6106acf\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:44:00.828 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..rces_c8a6012355de1b2d_0004.0050_hu_d392d073a69229df\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:44:01.031 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..rces_c8a6012355de1b2d_0004.0050_it_d40f278da6411275\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:44:01.218 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..rces_c8a6012355de1b2d_0004.0050_ja_d54e1d3fa55e0419\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:44:01.421 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..rces_c8a6012355de1b2d_0004.0050_ko_d5284585a5868fce\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:44:01.640 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..rces_c8a6012355de1b2d_0004.0050_nl_d69d4ad3a4934990\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:44:01.843 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..rces_c8a6012355de1b2d_0004.0050_no_d67cdb0fa4ab9d63\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:44:02.046 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..rces_c8a6012355de1b2d_0004.0050_pl_d780592fa401529e\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:44:02.250 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..rces_c8a6012355de1b2d_0004.0050_pt-br_356f0087c30e4811\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:44:02.453 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..rces_c8a6012355de1b2d_0004.0050_ro_d842f7c7a387af7f\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:44:02.671 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..rces_c8a6012355de1b2d_0004.0050_ru_d802183fa3b85725\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:44:02.875 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..rces_c8a6012355de1b2d_0004.0050_sv_d868cf81a377779d\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:44:03.078 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..rces_c8a6012355de1b2d_0004.0050_tr_d905965fa30e0c60\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:44:03.265 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..rces_c8a6012355de1b2d_0004.0050_zh-cn_935934713d7c2484\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:44:03.484 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..rces_c8a6012355de1b2d_0004.0050_zh-tw_975571c73aed00f4\Dell.eSupport.DownloadManager.Localization.resources.dll **HIDDEN**
10:44:03.687 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\dell..tion_c8a6012355de1b2d_0004.0050_none_892ef5fe67b2933f\Dell.eSupport.DownloadManager.Localization.dll **HIDDEN**
10:44:03.890 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\inte..rary_c8a6012355de1b2d_0001.0000_none_9f2fc1421dc4509c\Interop.IWshRuntimeLibrary.dll **HIDDEN**
10:44:09.062 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\stdole_b03f5f7f11d50a3a_0007.0000_none_333059d4a751806f\stdole.dll **HIDDEN**
10:44:09.296 File: C:\Documents and Settings\FAR\Local Settings\Apps\2.0\83YNVNEP.MBH\BERX0W2K.YD4\xcee..sion_ba83ff368b7563c6_0003.0007_none_9c2cb3433c0f3426\Xceed.Compression.dll **HIDDEN**
10:44:10.546 File: C:\Documents and Settings\FAR\Local Settings\Temp\Adobelm_Cleanup.0001 **HIDDEN**
10:44:14.171 File: C:\Documents and Settings\FAR\Local Settings\Temp\is-3PVLS.tmp\is-H8GG1.tmp **HIDDEN**
10:44:14.468 File: C:\Documents and Settings\FAR\Local Settings\Temp\is-TB9UQ.tmp\UNZIP32.EXE **HIDDEN**
10:44:14.734 File: C:\Documents and Settings\FAR\Local Settings\Temp\is-TB9UQ.tmp\_shfoldr.dll **HIDDEN**
10:44:15.718 File: C:\Documents and Settings\FAR\Local Settings\Temp\nsu8.tmp\MBR.DAT **HIDDEN**
10:44:16.171 File: C:\Documents and Settings\FAR\Local Settings\Temp\nsu8.tmp\PEV.DAT **HIDDEN**
10:44:16.500 File: C:\Documents and Settings\FAR\Local Settings\Temp\nsu8.tmp\SED.DAT **HIDDEN**
10:44:16.843 File: C:\Documents and Settings\FAR\Local Settings\Temp\nsu8.tmp\SWREG.DAT **HIDDEN**
10:44:17.109 File: C:\Documents and Settings\FAR\Local Settings\Temp\nsu8.tmp\System.dll **HIDDEN**
10:44:17.250 File: C:\Documents and Settings\FAR\Local Settings\Temp\nsu8.tmp\UserInfo.dll **HIDDEN**
10:44:17.703 File: C:\Documents and Settings\FAR\Local Settings\Temp\vmpremov.exe **HIDDEN**
10:47:05.093 File: C:\Documents and Settings\FAR\Local Settings\Temporary Internet Files\Content.IE5\NJOOI0TV\dds[1].scr **HIDDEN**
10:47:43.343 File: C:\Documents and Settings\FAR\My Documents\Downloads\esetsmartinstaller_enu.exe **HIDDEN**
10:47:43.703 File: C:\Documents and Settings\FAR\My Documents\Downloads\RealPlayerSPGold(2).exe **HIDDEN**
10:47:44.046 File: C:\Documents and Settings\FAR\My Documents\Downloads\RealPlayerSPGold.exe **HIDDEN**
10:47:53.562 AVAST engine scan C:\Documents and Settings\All Users
10:50:42.953 Scan finished successfully
10:56:27.375 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\FAR\Desktop\MBR.dat"
10:56:27.375 The log file has been saved successfully to "C:\Documents and Settings\FAR\Desktop\aswMBR.txt"


aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-04-30 11:40:32
-----------------------------
11:40:32.953 OS Version: Windows 5.1.2600 Service Pack 3
11:40:32.953 Number of processors: 2 586 0xE08
11:40:32.953 ComputerName: DELL UserName: FAR
11:40:49.750 Initialize success
11:40:54.453 AVAST engine defs: 12043000
11:41:15.453 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
11:41:15.453 Disk 0 Vendor: ST98823AS 8.03 Size: 74881MB BusType: 3
11:41:15.484 Disk 0 MBR read successfully
11:41:15.484 Disk 0 MBR scan
11:41:15.500 Disk 0 unknown MBR code
11:41:15.500 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 47 MB offset 63
11:41:15.515 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 71751 MB offset 96390
11:41:15.546 Disk 0 Partition 3 00 DB CP/M / CTOS Dell 8.0 3074 MB offset 147042945
11:41:15.546 Disk 0 scanning sectors +153340425
11:41:15.562 Disk 0 malicious Win32:MBRoot code @ sector 153340428 !
11:41:15.562 Disk 0 PE file @ sector 153340450 !
11:41:15.625 Disk 0 scanning C:\WINDOWS\system32\drivers
11:41:31.875 Service scanning
11:41:50.187 Modules scanning
11:41:56.546 Disk 0 trace - called modules:
11:41:56.578 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
11:41:56.578 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8711aab8]
11:41:56.578 3 CLASSPNP.SYS[f75d1fd7] -> nt!IofCallDriver -> \Device\00000075[0x871d4f18]
11:41:56.578 5 ACPI.sys[f7468620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x871d2d98]
11:41:56.890 AVAST engine scan C:\WINDOWS
11:42:05.218 AVAST engine scan C:\WINDOWS\system32
11:44:08.796 AVAST engine scan C:\WINDOWS\system32\drivers
11:44:23.375 AVAST engine scan C:\Documents and Settings\FAR
11:46:44.609 AVAST engine scan C:\Documents and Settings\All Users
11:49:06.781 Scan finished successfully
11:57:23.781 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\FAR\Desktop\MBR.dat"
11:57:23.781 The log file has been saved successfully to "C:\Documents and Settings\FAR\Desktop\aswMBR.txt"


aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-05-01 11:57:07
-----------------------------
11:57:07.125 OS Version: Windows 5.1.2600 Service Pack 3
11:57:07.125 Number of processors: 2 586 0xE08
11:57:07.125 ComputerName: DELL UserName: FAR
11:57:50.421 Initialize success
11:57:54.000 AVAST engine defs: 12050100
11:58:47.718 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
11:58:47.718 Disk 0 Vendor: ST98823AS 8.03 Size: 74881MB BusType: 3
11:58:47.796 Disk 0 MBR read successfully
11:58:47.796 Disk 0 MBR scan
11:58:47.796 Disk 0 unknown MBR code
11:58:47.796 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 47 MB offset 63
11:58:47.812 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 71751 MB offset 96390
11:58:47.843 Disk 0 Partition 3 00 DB CP/M / CTOS Dell 8.0 3074 MB offset 147042945
11:58:47.859 Disk 0 scanning sectors +153340425
11:58:47.875 Disk 0 malicious Win32:MBRoot code @ sector 153340428 !
11:58:47.921 Disk 0 scanning C:\WINDOWS\system32\drivers
11:58:57.828 Service scanning
11:59:14.281 Modules scanning
11:59:20.031 Disk 0 trace - called modules:
11:59:20.046 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
11:59:20.062 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x87116ab8]
11:59:20.062 3 CLASSPNP.SYS[f75d1fd7] -> nt!IofCallDriver -> \Device\00000075[0x871c9510]
11:59:20.062 5 ACPI.sys[f7468620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x87174940]
11:59:20.546 AVAST engine scan C:\WINDOWS
11:59:28.359 AVAST engine scan C:\WINDOWS\system32
12:01:33.156 AVAST engine scan C:\WINDOWS\system32\drivers
12:01:49.000 AVAST engine scan C:\Documents and Settings\FAR
12:04:05.984 AVAST engine scan C:\Documents and Settings\All Users
12:06:18.375 Scan finished successfully
12:10:49.890 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\FAR\Desktop\MBR.dat"
12:10:49.890 The log file has been saved successfully to "C:\Documents and Settings\FAR\Desktop\aswMBR.txt"


Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.05.01.09

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
FAR :: DELL [administrator]

01/05/2012 12:46:19 PM
mbam-log-2012-05-01 (12-46-19).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 294550
Time elapsed: 19 minute(s), 59 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
frerom
Regular Member
 
Posts: 141
Joined: December 23rd, 2009, 3:18 pm
Location: Ontario, Canada

Re: Autocad lt 2007 stopped launching

Unread postby maxi » May 1st, 2012, 5:43 pm

Hi frerom, Nearly there :)

Re-run aswMBR

  • Double click aswMBR.exe to run it.
  • Click the Scan button.
  • After a short while the scan will report "Scan finished successfully"
  • You should see the Fix button become active. Do not press the Fixmbr button
  • Click to fix the infection & and wait till the scanner reports "Infection fixed successfully"
  • Click Save log & save the log to your desktop
  • Click Exit then Reboot your computer.
  • After reboot, copy & Paste the contents of aswMBR.txt into your next reply.


Please post this log in your next reply.

Regards maxi :)
User avatar
maxi
Retired Graduate
 
Posts: 1262
Joined: September 25th, 2009, 10:17 am
Location: Cork, Ireland.
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 61 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware