Browser and Security Center hijacked

[two beers]

Ugh, searches are hijacked again. I'm pretty sure I've just visited my usual sites, and with the AV and firewall on...

 

[oldman960]

Hi two beers,

Nothing to worry about in the ESET log.



Download the latest version of TDSSKiller from here and save it to your Desktop.

• Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  
  
  
  
  
• Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
  
  
  
  
  
• Click the Start Scan button.
  
  
  
  
  
• If a suspicious object is detected, the default action will be Skip, click on Continue.
  
  
  
  
  
• If malicious objects are found, they will show in the Scan results and offer three (3) options.
• Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
  
  
  
  
  
• Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

 

[two beers]

oldman- here's the TDSS file:

19:02:39.0328 2676 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
19:02:40.0031 2676 ============================================================
19:02:40.0031 2676 Current date / time: 2012/10/08 19:02:40.0031
19:02:40.0031 2676 SystemInfo:
19:02:40.0031 2676
19:02:40.0031 2676 OS Version: 5.1.2600 ServicePack: 3.0
19:02:40.0031 2676 Product type: Workstation
19:02:40.0031 2676 ComputerName: TOSHIBA-USER
19:02:40.0031 2676 UserName: rob
19:02:40.0031 2676 Windows directory: C:\WINDOWS
19:02:40.0031 2676 System windows directory: C:\WINDOWS
19:02:40.0031 2676 Processor architecture: Intel x86
19:02:40.0046 2676 Number of processors: 1
19:02:40.0046 2676 Page size: 0x1000
19:02:40.0046 2676 Boot type: Normal boot
19:02:40.0046 2676 ============================================================
19:02:42.0984 2676 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
19:02:43.0031 2676 ============================================================
19:02:43.0046 2676 \Device\Harddisk0\DR0:
19:02:43.0078 2676 MBR partitions:
19:02:43.0078 2676 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x947551B
19:02:43.0078 2676 ============================================================
19:02:43.0093 2676 C: <-> \Device\Harddisk0\DR0\Partition1
19:02:43.0093 2676 ============================================================
19:02:43.0093 2676 Initialize success
19:02:43.0093 2676 ============================================================
19:05:29.0281 3464 ============================================================
19:05:29.0312 3464 Scan started
19:05:29.0312 3464 Mode: Manual; SigCheck; TDLFS;
19:05:29.0312 3464 ============================================================
19:05:29.0687 3464 ================ Scan system memory ========================
19:05:34.0437 3464 System memory - ok
19:05:34.0453 3464 ================ Scan services =============================
19:05:34.0734 3464 [ 0352A73CD6B1782EA3ED7A03A8268F55 ] Aavmker4 C:\WINDOWS\system32\drivers\Aavmker4.sys
19:05:35.0343 3464 Aavmker4 - ok
19:05:35.0359 3464 Abiosdsk - ok
19:05:35.0375 3464 abp480n5 - ok
19:05:35.0453 3464 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
19:05:37.0156 3464 ACPI - ok
19:05:37.0218 3464 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
19:05:37.0625 3464 ACPIEC - ok
19:05:37.0703 3464 [ 552CF8B82150C0E70D5B017F32EFA067 ] ACS C:\WINDOWS\system32\acs.exe
19:05:37.0765 3464 ACS ( UnsignedFile.Multi.Generic ) - warning
19:05:37.0765 3464 ACS - detected UnsignedFile.Multi.Generic (1)
19:05:37.0937 3464 [ E12CFCF1DDBFC50948A75E6E38793225 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:05:38.0031 3464 AdobeFlashPlayerUpdateSvc - ok
19:05:38.0062 3464 adpu160m - ok
19:05:38.0125 3464 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
19:05:38.0609 3464 aec - ok
19:05:38.0656 3464 [ ACCD563BF09C4659B54143FDE633B57D ] AegisP C:\WINDOWS\system32\DRIVERS\AegisP.sys
19:05:38.0671 3464 AegisP ( UnsignedFile.Multi.Generic ) - warning
19:05:38.0671 3464 AegisP - detected UnsignedFile.Multi.Generic (1)
19:05:38.0750 3464 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
19:05:38.0875 3464 AFD - ok
19:05:38.0984 3464 [ C41A5740468D0B9CB46E6390A0E15CE3 ] AgereSoftModem C:\WINDOWS\system32\DRIVERS\AGRSM.sys
19:05:39.0156 3464 AgereSoftModem - ok
19:05:39.0171 3464 Aha154x - ok
19:05:39.0203 3464 aic78u2 - ok
19:05:39.0234 3464 aic78xx - ok
19:05:39.0296 3464 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
19:05:39.0765 3464 Alerter - ok
19:05:39.0812 3464 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
19:05:40.0281 3464 ALG - ok
19:05:40.0312 3464 AliIde - ok
19:05:40.0343 3464 amsint - ok
19:05:40.0375 3464 AppMgmt - ok
19:05:40.0468 3464 [ 3D769924A07C00F5BB4B890F3934CD1E ] AR5211 C:\WINDOWS\system32\DRIVERS\ar5211.sys
19:05:40.0578 3464 AR5211 - ok
19:05:40.0656 3464 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
19:05:41.0125 3464 Arp1394 - ok
19:05:41.0156 3464 asc - ok
19:05:41.0187 3464 asc3350p - ok
19:05:41.0234 3464 asc3550 - ok
19:05:41.0406 3464 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
19:05:41.0500 3464 aspnet_state - ok
19:05:41.0593 3464 [ F5DC168BF77572D51BE28BA261B30CB4 ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys
19:05:41.0671 3464 aswFsBlk - ok
19:05:41.0718 3464 [ 2B9B1DF809E965EF63402CBBA6DB50AE ] aswMon2 C:\WINDOWS\system32\drivers\aswMon2.sys
19:05:41.0781 3464 aswMon2 - ok
19:05:41.0859 3464 [ B7D5E4486BA658ED08624D8084ABB830 ] AswRdr C:\WINDOWS\system32\drivers\AswRdr.sys
19:05:41.0906 3464 AswRdr - ok
19:05:41.0984 3464 [ 30E45AF8B4D83176CA850FC9699E860B ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
19:05:42.0109 3464 aswSnx - ok
19:05:42.0218 3464 [ F04BDBCB965C05C51F4A7DE7B62063D6 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
19:05:42.0312 3464 aswSP - ok
19:05:42.0343 3464 [ DFE9152ABFA89BB8CFDC057409B2D4DA ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
19:05:42.0437 3464 aswTdi - ok
19:05:42.0484 3464 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
19:05:42.0921 3464 AsyncMac - ok
19:05:43.0015 3464 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
19:05:43.0468 3464 atapi - ok
19:05:43.0484 3464 Atdisk - ok
19:05:43.0578 3464 [ ABC57A6F6070BAF9786C318F59F29F0B ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
19:05:43.0718 3464 Ati HotKey Poller - ok
19:05:43.0906 3464 [ 03621F7F968FF63713943405DEB777F9 ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
19:05:44.0109 3464 ati2mtag - ok
19:05:44.0156 3464 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
19:05:44.0593 3464 Atmarpc - ok
19:05:44.0671 3464 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
19:05:45.0062 3464 AudioSrv - ok
19:05:45.0125 3464 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
19:05:45.0578 3464 audstub - ok
19:05:45.0703 3464 [ 04AC21E821F259845BD7367CEE057290 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
19:05:45.0796 3464 avast! Antivirus - ok
19:05:45.0828 3464 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
19:05:46.0281 3464 Beep - ok
19:05:46.0375 3464 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
19:05:46.0906 3464 BITS - ok
19:05:47.0015 3464 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
19:05:47.0093 3464 Browser - ok
19:05:47.0265 3464 catchme - ok
19:05:47.0375 3464 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
19:05:47.0906 3464 cbidf2k - ok
19:05:47.0937 3464 cd20xrnt - ok
19:05:48.0000 3464 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
19:05:48.0484 3464 Cdaudio - ok
19:05:48.0515 3464 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
19:05:48.0953 3464 Cdfs - ok
19:05:49.0000 3464 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
19:05:49.0484 3464 Cdrom - ok
19:05:49.0546 3464 [ 3CB0CC8879956C187E87E18634EE5164 ] CFSvcs C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
19:05:49.0625 3464 CFSvcs ( UnsignedFile.Multi.Generic ) - warning
19:05:49.0625 3464 CFSvcs - detected UnsignedFile.Multi.Generic (1)
19:05:49.0640 3464 Changer - ok
19:05:49.0703 3464 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
19:05:50.0109 3464 CiSvc - ok
19:05:50.0187 3464 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
19:05:50.0625 3464 ClipSrv - ok
19:05:50.0671 3464 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:05:50.0843 3464 clr_optimization_v2.0.50727_32 - ok
19:05:50.0875 3464 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
19:05:51.0328 3464 CmBatt - ok
19:05:51.0343 3464 CmdIde - ok
19:05:51.0390 3464 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
19:05:51.0906 3464 Compbatt - ok
19:05:51.0937 3464 COMSysApp - ok
19:05:51.0984 3464 Cpqarray - ok
19:05:52.0062 3464 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
19:05:52.0515 3464 CryptSvc - ok
19:05:52.0531 3464 dac2w2k - ok
19:05:52.0562 3464 dac960nt - ok
19:05:52.0656 3464 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
19:05:52.0781 3464 DcomLaunch - ok
19:05:52.0843 3464 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
19:05:53.0453 3464 Dhcp - ok
19:05:53.0484 3464 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
19:05:53.0953 3464 Disk - ok
19:05:54.0015 3464 [ EE4325BECEF51B8C32B4329097E4F301 ] DLABOIOM C:\WINDOWS\system32\DLA\DLABOIOM.SYS
19:05:54.0062 3464 DLABOIOM ( UnsignedFile.Multi.Generic ) - warning
19:05:54.0062 3464 DLABOIOM - detected UnsignedFile.Multi.Generic (1)
19:05:54.0093 3464 [ D979BEBCF7EDCC9C9EE1857D1A68C67B ] DLACDBHM C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
19:05:54.0109 3464 DLACDBHM ( UnsignedFile.Multi.Generic ) - warning
19:05:54.0109 3464 DLACDBHM - detected UnsignedFile.Multi.Generic (1)
19:05:54.0171 3464 [ 1E6C6597833A04C2157BE7B39EA92CE1 ] DLADResN C:\WINDOWS\system32\DLA\DLADResN.SYS
19:05:54.0218 3464 DLADResN ( UnsignedFile.Multi.Generic ) - warning
19:05:54.0218 3464 DLADResN - detected UnsignedFile.Multi.Generic (1)
19:05:54.0250 3464 [ 752376E109A090970BFA9722F0F40B03 ] DLAIFS_M C:\WINDOWS\system32\DLA\DLAIFS_M.SYS
19:05:54.0281 3464 DLAIFS_M ( UnsignedFile.Multi.Generic ) - warning
19:05:54.0281 3464 DLAIFS_M - detected UnsignedFile.Multi.Generic (1)
19:05:54.0312 3464 [ 62EE7902E74B90BF1CCC4643FC6C07A7 ] DLAOPIOM C:\WINDOWS\system32\DLA\DLAOPIOM.SYS
19:05:54.0343 3464 DLAOPIOM ( UnsignedFile.Multi.Generic ) - warning
19:05:54.0343 3464 DLAOPIOM - detected UnsignedFile.Multi.Generic (1)
19:05:54.0375 3464 [ 5C220124C5AFEAEE84A9BB89D685C17B ] DLAPoolM C:\WINDOWS\system32\DLA\DLAPoolM.SYS
19:05:54.0437 3464 DLAPoolM ( UnsignedFile.Multi.Generic ) - warning
19:05:54.0437 3464 DLAPoolM - detected UnsignedFile.Multi.Generic (1)
19:05:54.0468 3464 [ 7EE0852AE8907689DF25049DCD2342E8 ] DLARTL_N C:\WINDOWS\system32\Drivers\DLARTL_N.SYS
19:05:54.0484 3464 DLARTL_N ( UnsignedFile.Multi.Generic ) - warning
19:05:54.0484 3464 DLARTL_N - detected UnsignedFile.Multi.Generic (1)
19:05:54.0515 3464 [ 4EBB78D9BBF072119363B35B9B3E518F ] DLAUDFAM C:\WINDOWS\system32\DLA\DLAUDFAM.SYS
19:05:54.0578 3464 DLAUDFAM ( UnsignedFile.Multi.Generic ) - warning
19:05:54.0578 3464 DLAUDFAM - detected UnsignedFile.Multi.Generic (1)
19:05:54.0625 3464 [ 333B770E52D2CEA7BD86391120466E43 ] DLAUDF_M C:\WINDOWS\system32\DLA\DLAUDF_M.SYS
19:05:54.0718 3464 DLAUDF_M ( UnsignedFile.Multi.Generic ) - warning
19:05:54.0718 3464 DLAUDF_M - detected UnsignedFile.Multi.Generic (1)
19:05:54.0734 3464 dmadmin - ok
19:05:54.0875 3464 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
19:05:55.0406 3464 dmboot - ok
19:05:55.0468 3464 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
19:05:55.0953 3464 dmio - ok
19:05:56.0015 3464 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
19:05:56.0546 3464 dmload - ok
19:05:56.0609 3464 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
19:05:57.0078 3464 dmserver - ok
19:05:57.0125 3464 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
19:05:57.0531 3464 DMusic - ok
19:05:57.0593 3464 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
19:05:57.0718 3464 Dnscache - ok
19:05:57.0812 3464 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
19:05:59.0500 3464 Dot3svc - ok
19:05:59.0515 3464 dpti2o - ok
19:05:59.0578 3464 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
19:06:00.0093 3464 drmkaud - ok
19:06:00.0171 3464 [ FD0F95981FEF9073659D8EC58E40AA3C ] DRVMCDB C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
19:06:00.0234 3464 DRVMCDB ( UnsignedFile.Multi.Generic ) - warning
19:06:00.0234 3464 DRVMCDB - detected UnsignedFile.Multi.Generic (1)
19:06:00.0250 3464 [ B4869D320428CDC5EC4D7F5E808E99B5 ] DRVNDDM C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
19:06:00.0281 3464 DRVNDDM ( UnsignedFile.Multi.Generic ) - warning
19:06:00.0281 3464 DRVNDDM - detected UnsignedFile.Multi.Generic (1)
19:06:00.0390 3464 [ C9FFBD6B8EDC46CD3D13E3C6DB914FB7 ] DVD-RAM_Service C:\WINDOWS\system32\DVDRAMSV.exe
19:06:00.0453 3464 DVD-RAM_Service ( UnsignedFile.Multi.Generic ) - warning
19:06:00.0453 3464 DVD-RAM_Service - detected UnsignedFile.Multi.Generic (1)
19:06:00.0578 3464 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
19:06:01.0296 3464 EapHost - ok
19:06:01.0375 3464 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
19:06:02.0203 3464 ERSvc - ok
19:06:02.0296 3464 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
19:06:02.0484 3464 Eventlog - ok
19:06:02.0562 3464 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
19:06:02.0968 3464 EventSystem - ok
19:06:03.0000 3464 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
19:06:03.0890 3464 Fastfat - ok
19:06:04.0062 3464 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
19:06:04.0218 3464 FastUserSwitchingCompatibility - ok
19:06:04.0296 3464 [ E97D6A8684466DF94FF3BC24FB787A07 ] Fax C:\WINDOWS\system32\fxssvc.exe
19:06:05.0234 3464 Fax - ok
19:06:05.0312 3464 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
19:06:05.0906 3464 Fdc - ok
19:06:06.0015 3464 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
19:06:07.0171 3464 Fips - ok
19:06:07.0203 3464 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
19:06:08.0234 3464 Flpydisk - ok
19:06:08.0359 3464 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
19:06:09.0906 3464 FltMgr - ok
19:06:10.0109 3464 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
19:06:10.0296 3464 FontCache3.0.0.0 - ok
19:06:10.0375 3464 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:06:11.0984 3464 Fs_Rec - ok
19:06:12.0046 3464 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
19:06:13.0921 3464 Ftdisk - ok
19:06:14.0062 3464 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
19:06:16.0031 3464 Gpc - ok
19:06:16.0125 3464 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
19:06:17.0703 3464 HDAudBus - ok
19:06:17.0875 3464 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
19:06:19.0406 3464 helpsvc - ok
19:06:19.0484 3464 HidServ - ok
19:06:19.0546 3464 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
19:06:20.0281 3464 HidUsb - ok
19:06:20.0406 3464 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
19:06:21.0062 3464 hkmsvc - ok
19:06:21.0062 3464 hpn - ok
19:06:21.0156 3464 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
19:06:21.0343 3464 HTTP - ok
19:06:21.0437 3464 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
19:06:22.0109 3464 HTTPFilter - ok
19:06:22.0140 3464 i2omgmt - ok
19:06:22.0156 3464 i2omp - ok
19:06:22.0218 3464 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
19:06:22.0796 3464 i8042prt - ok
19:06:22.0906 3464 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:06:23.0093 3464 idsvc - ok
19:06:23.0156 3464 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
19:06:23.0718 3464 Imapi - ok
19:06:23.0781 3464 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
19:06:24.0390 3464 ImapiService - ok
19:06:24.0406 3464 ini910u - ok
19:06:25.0906 3464 [ B12A9FC49CD2765A43829D834F518AED ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
19:06:26.0484 3464 IntcAzAudAddService - ok
19:06:26.0484 3464 IntelIde - ok
19:06:26.0593 3464 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
19:06:27.0484 3464 intelppm - ok
19:06:27.0515 3464 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
19:06:27.0890 3464 Ip6Fw - ok
19:06:27.0968 3464 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:06:28.0250 3464 IpFilterDriver - ok
19:06:28.0343 3464 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
19:06:28.0687 3464 IpInIp - ok
19:06:28.0718 3464 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
19:06:28.0968 3464 IpNat - ok
19:06:29.0000 3464 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
19:06:29.0250 3464 IPSec - ok
19:06:29.0281 3464 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
19:06:29.0625 3464 IRENUM - ok
19:06:29.0750 3464 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
19:06:30.0250 3464 isapnp - ok
19:06:30.0421 3464 [ 0E410EDC8D0527801B899CF29E60597C ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
19:06:30.0515 3464 JavaQuickStarterService - ok
19:06:30.0546 3464 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
19:06:30.0765 3464 Kbdclass - ok
19:06:30.0828 3464 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
19:06:31.0015 3464 kmixer - ok
19:06:31.0062 3464 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
19:06:31.0093 3464 KSecDD - ok
19:06:31.0203 3464 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
19:06:31.0250 3464 lanmanserver - ok
19:06:31.0343 3464 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
19:06:31.0406 3464 lanmanworkstation - ok
19:06:31.0421 3464 Lbd - ok
19:06:31.0437 3464 lbrtfdc - ok
19:06:31.0515 3464 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
19:06:31.0671 3464 LmHosts - ok
19:06:31.0812 3464 [ 1F37F74E1F719B0D75F0398F1F397F66 ] lxedCATSCustConnectService C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxedserv.exe
19:06:31.0875 3464 lxedCATSCustConnectService - ok
19:06:31.0890 3464 lxed_device - ok
19:06:31.0953 3464 [ 3F6F7993AE46ADED2DB2886ED3080C80 ] LxrJD31d C:\WINDOWS\system32\Drivers\LxrJD31d.sys
19:06:31.0984 3464 LxrJD31d ( UnsignedFile.Multi.Generic ) - warning
19:06:31.0984 3464 LxrJD31d - detected UnsignedFile.Multi.Generic (1)
19:06:32.0000 3464 LxrJD31s - ok
19:06:32.0062 3464 [ 7EFAC183A25B30FB5D64CC9D484B1EB6 ] meiudf C:\WINDOWS\system32\Drivers\meiudf.sys
19:06:32.0093 3464 meiudf ( UnsignedFile.Multi.Generic ) - warning
19:06:32.0093 3464 meiudf - detected UnsignedFile.Multi.Generic (1)
19:06:32.0234 3464 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
19:06:32.0421 3464 Messenger - ok
19:06:32.0453 3464 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
19:06:32.0656 3464 mnmdd - ok
19:06:32.0703 3464 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
19:06:32.0906 3464 mnmsrvc - ok
19:06:32.0921 3464 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
19:06:33.0078 3464 Modem - ok
19:06:33.0109 3464 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
19:06:33.0296 3464 Mouclass - ok
19:06:33.0343 3464 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
19:06:33.0531 3464 mouhid - ok
19:06:33.0546 3464 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
19:06:33.0734 3464 MountMgr - ok
19:06:33.0796 3464 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
19:06:33.0828 3464 MozillaMaintenance - ok
19:06:33.0828 3464 mraid35x - ok
19:06:33.0875 3464 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
19:06:34.0062 3464 MRxDAV - ok
19:06:34.0140 3464 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:06:34.0296 3464 MRxSmb - ok
19:06:34.0343 3464 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
19:06:34.0625 3464 MSDTC - ok
19:06:34.0640 3464 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
19:06:34.0828 3464 Msfs - ok
19:06:34.0843 3464 MSIServer - ok
19:06:34.0890 3464 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:06:35.0078 3464 MSKSSRV - ok
19:06:35.0109 3464 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:06:35.0296 3464 MSPCLOCK - ok
19:06:35.0296 3464 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
19:06:35.0656 3464 MSPQM - ok
19:06:35.0703 3464 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
19:06:36.0015 3464 mssmbios - ok
19:06:36.0078 3464 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
19:06:36.0125 3464 Mup - ok
19:06:36.0187 3464 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
19:06:36.0406 3464 napagent - ok
19:06:36.0437 3464 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
19:06:36.0593 3464 NDIS - ok
19:06:36.0656 3464 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:06:36.0718 3464 NdisTapi - ok
19:06:36.0734 3464 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:06:36.0937 3464 Ndisuio - ok
19:06:36.0953 3464 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:06:37.0234 3464 NdisWan - ok
19:06:37.0343 3464 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
19:06:37.0421 3464 NDProxy - ok
19:06:37.0500 3464 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
19:06:37.0796 3464 NetBIOS - ok
19:06:37.0828 3464 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
19:06:38.0062 3464 NetBT - ok
19:06:38.0109 3464 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
19:06:38.0406 3464 NetDDE - ok
19:06:38.0406 3464 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
19:06:38.0593 3464 NetDDEdsdm - ok
19:06:38.0656 3464 [ 1265EB253ED4EBE4ACB3BD5F548FF796 ] Netdevio C:\WINDOWS\system32\DRIVERS\netdevio.sys
19:06:38.0687 3464 Netdevio ( UnsignedFile.Multi.Generic ) - warning
19:06:38.0687 3464 Netdevio - detected UnsignedFile.Multi.Generic (1)
19:06:38.0796 3464 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
19:06:39.0359 3464 Netlogon - ok
19:06:39.0421 3464 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
19:06:39.0828 3464 Netman - ok
19:06:40.0015 3464 [ 37E7512BFBE86871FB4E5A101CF5E7FB ] netrcacm C:\WINDOWS\system32\DRIVERS\netrcacm.sys
19:06:40.0093 3464 netrcacm - ok
19:06:40.0125 3464 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:06:40.0156 3464 NetTcpPortSharing - ok
19:06:40.0187 3464 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
19:06:40.0484 3464 NIC1394 - ok
19:06:40.0546 3464 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
19:06:40.0687 3464 Nla - ok
19:06:40.0718 3464 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
19:06:41.0078 3464 Npfs - ok
19:06:41.0140 3464 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
19:06:41.0546 3464 Ntfs - ok
19:06:42.0281 3464 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
19:06:42.0562 3464 NtLmSsp - ok
19:06:42.0687 3464 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
19:06:43.0000 3464 NtmsSvc - ok
19:06:43.0062 3464 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
19:06:43.0250 3464 Null - ok
19:06:43.0281 3464 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
19:06:43.0562 3464 NwlnkFlt - ok
19:06:43.0593 3464 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
19:06:43.0828 3464 NwlnkFwd - ok
19:06:43.0875 3464 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
19:06:44.0062 3464 ohci1394 - ok
19:06:44.0093 3464 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\drivers\Parport.sys
19:06:44.0312 3464 Parport - ok
19:06:44.0328 3464 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
19:06:44.0593 3464 PartMgr - ok
19:06:44.0640 3464 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
19:06:44.0859 3464 ParVdm - ok
19:06:44.0859 3464 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
19:06:45.0046 3464 PCI - ok
19:06:45.0062 3464 PCIDump - ok
19:06:45.0078 3464 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
19:06:45.0296 3464 PCIIde - ok
19:06:45.0359 3464 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys
19:06:45.0546 3464 Pcmcia - ok
19:06:45.0562 3464 PDCOMP - ok
19:06:45.0578 3464 PDFRAME - ok
19:06:45.0593 3464 PDRELI - ok
19:06:45.0609 3464 PDRFRAME - ok
19:06:45.0625 3464 perc2 - ok
19:06:45.0625 3464 perc2hib - ok
19:06:45.0687 3464 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
19:06:45.0750 3464 PlugPlay - ok
19:06:45.0781 3464 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
19:06:46.0078 3464 PolicyAgent - ok
19:06:46.0140 3464 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
19:06:46.0890 3464 PptpMiniport - ok
19:06:46.0906 3464 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
19:06:47.0093 3464 ProtectedStorage - ok
19:06:47.0109 3464 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
19:06:47.0343 3464 PSched - ok
19:06:47.0390 3464 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
19:06:47.0671 3464 Ptilink - ok
19:06:47.0703 3464 [ D86B4A68565E444D76457F14172C875A ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
19:06:47.0718 3464 PxHelp20 - ok
19:06:47.0734 3464 ql1080 - ok
19:06:47.0750 3464 Ql10wnt - ok
19:06:47.0765 3464 ql12160 - ok
19:06:47.0781 3464 ql1240 - ok
19:06:47.0796 3464 ql1280 - ok
19:06:47.0812 3464 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:06:48.0031 3464 RasAcd - ok
19:06:48.0078 3464 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
19:06:48.0265 3464 RasAuto - ok
19:06:48.0296 3464 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
19:06:48.0484 3464 Rasl2tp - ok
19:06:48.0578 3464 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
19:06:48.0734 3464 RasMan - ok
19:06:48.0750 3464 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:06:48.0937 3464 RasPppoe - ok
19:06:48.0984 3464 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
19:06:49.0250 3464 Raspti - ok
19:06:49.0281 3464 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:06:49.0453 3464 Rdbss - ok
19:06:49.0484 3464 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
19:06:49.0656 3464 RDPCDD - ok
19:06:49.0734 3464 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
19:06:49.0781 3464 RDPWD - ok
19:06:49.0843 3464 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
19:06:50.0031 3464 RDSessMgr - ok
19:06:50.0093 3464 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
19:06:50.0296 3464 redbook - ok
19:06:50.0343 3464 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
19:06:50.0531 3464 RemoteAccess - ok
19:06:50.0578 3464 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
19:06:50.0765 3464 RpcLocator - ok
19:06:50.0859 3464 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\System32\rpcss.dll
19:06:51.0031 3464 RpcSs - ok
19:06:51.0062 3464 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
19:06:51.0968 3464 RSVP - ok
19:06:52.0015 3464 [ 7988BFE882BCD94199225B5C3482F1BD ] RTL8023xp C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
19:06:52.0109 3464 RTL8023xp - ok
19:06:52.0125 3464 [ D507C1400284176573224903819FFDA3 ] rtl8139 C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
19:06:54.0890 3464 rtl8139 - ok
19:06:54.0921 3464 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
19:06:55.0078 3464 SamSs - ok
19:06:55.0125 3464 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
19:06:55.0406 3464 SCardSvr - ok
19:06:55.0515 3464 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
19:06:55.0765 3464 Schedule - ok
19:06:56.0140 3464 [ D98E936BDD4A6CFE39535F3696D0EC6F ] SDScannerService C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
19:06:56.0406 3464 SDScannerService - ok
19:06:56.0734 3464 [ 2D5088524613D1ED55D20195AF42DDC7 ] SDUpdateService C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
19:06:57.0421 3464 SDUpdateService - ok
19:06:57.0515 3464 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
19:06:57.0828 3464 Secdrv - ok
19:06:57.0875 3464 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
19:06:58.0109 3464 seclogon - ok
19:06:58.0140 3464 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
19:06:58.0343 3464 SENS - ok
19:06:58.0375 3464 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
19:06:58.0531 3464 Serial - ok
19:06:58.0593 3464 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
19:06:58.0781 3464 Sfloppy - ok
19:06:58.0843 3464 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
19:06:59.0109 3464 SharedAccess - ok
19:06:59.0156 3464 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
19:06:59.0187 3464 ShellHWDetection - ok
19:06:59.0203 3464 Simbad - ok
19:06:59.0218 3464 Sparrow - ok
19:06:59.0250 3464 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
19:06:59.0562 3464 splitter - ok
19:06:59.0609 3464 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
19:06:59.0656 3464 Spooler - ok
19:06:59.0687 3464 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
19:06:59.0890 3464 sr - ok
19:06:59.0953 3464 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
19:07:00.0156 3464 srservice - ok
19:07:00.0218 3464 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
19:07:00.0375 3464 Srv - ok
19:07:00.0406 3464 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
19:07:00.0578 3464 SSDPSRV - ok
19:07:00.0625 3464 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
19:07:00.0906 3464 stisvc - ok
19:07:00.0984 3464 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
19:07:01.0281 3464 swenum - ok
19:07:01.0328 3464 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
19:07:01.0562 3464 swmidi - ok
19:07:01.0578 3464 SwPrv - ok
19:07:01.0750 3464 [ 486A64AABD88E4E174681E89E9736BC9 ] Swupdtmr c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
19:07:01.0812 3464 Swupdtmr ( UnsignedFile.Multi.Generic ) - warning
19:07:01.0812 3464 Swupdtmr - detected UnsignedFile.Multi.Generic (1)
19:07:01.0828 3464 symc810 - ok
19:07:01.0859 3464 symc8xx - ok
19:07:01.0875 3464 sym_hi - ok
19:07:01.0890 3464 sym_u3 - ok
19:07:02.0015 3464 [ A6CC8C28D5AAD4179EF32F05BED55E91 ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
19:07:02.0109 3464 SynTP - ok
19:07:02.0203 3464 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
19:07:02.0406 3464 sysaudio - ok
19:07:02.0468 3464 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
19:07:02.0671 3464 SysmonLog - ok
19:07:02.0781 3464 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
19:07:03.0109 3464 TapiSrv - ok
19:07:03.0203 3464 [ 36772B5EAAAF42DB5C5EE6EEB0EC0AF7 ] TAPPSRV C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
19:07:03.0234 3464 TAPPSRV ( UnsignedFile.Multi.Generic ) - warning
19:07:03.0234 3464 TAPPSRV - detected UnsignedFile.Multi.Generic (1)
19:07:03.0312 3464 [ 7147B0575BCC93A6AB7D5C90F47C0B9F ] tbiosdrv C:\WINDOWS\system32\DRIVERS\tbiosdrv.sys
19:07:03.0375 3464 tbiosdrv - ok
19:07:03.0484 3464 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:07:03.0656 3464 Tcpip - ok
19:07:03.0734 3464 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
19:07:04.0093 3464 TDPIPE - ok
19:07:04.0125 3464 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
19:07:04.0328 3464 TDTCP - ok
19:07:04.0328 3464 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
19:07:04.0546 3464 TermDD - ok
19:07:04.0609 3464 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
19:07:04.0843 3464 TermService - ok
19:07:04.0875 3464 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
19:07:04.0906 3464 Themes - ok
19:07:04.0921 3464 TosIde - ok
19:07:04.0953 3464 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
19:07:05.0140 3464 TrkWks - ok
19:07:05.0234 3464 [ 676DB15DDF2E0FF6EC03068DEA428B8B ] TVALD C:\WINDOWS\system32\DRIVERS\NBSMI.sys
19:07:05.0250 3464 TVALD ( UnsignedFile.Multi.Generic ) - warning
19:07:05.0250 3464 TVALD - detected UnsignedFile.Multi.Generic (1)
19:07:05.0312 3464 [ 568DCCFF5D0F2BE99CB04A49A70A63D4 ] Tvs C:\WINDOWS\system32\DRIVERS\Tvs.sys
19:07:05.0328 3464 Tvs ( UnsignedFile.Multi.Generic ) - warning
19:07:05.0328 3464 Tvs - detected UnsignedFile.Multi.Generic (1)
19:07:05.0375 3464 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
19:07:05.0546 3464 Udfs - ok
19:07:05.0562 3464 ultra - ok
19:07:05.0734 3464 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
19:07:05.0921 3464 Update - ok
19:07:05.0953 3464 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
19:07:06.0140 3464 upnphost - ok
19:07:06.0187 3464 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
19:07:06.0328 3464 UPS - ok
19:07:06.0375 3464 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
19:07:06.0546 3464 usbccgp - ok
19:07:06.0562 3464 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
19:07:06.0828 3464 usbehci - ok
19:07:06.0906 3464 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
19:07:07.0109 3464 usbhub - ok
19:07:07.0171 3464 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
19:07:07.0328 3464 usbohci - ok
19:07:07.0343 3464 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
19:07:07.0500 3464 usbprint - ok
19:07:07.0500 3464 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
19:07:07.0703 3464 usbscan - ok
19:07:07.0750 3464 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
19:07:07.0937 3464 USBSTOR - ok
19:07:07.0953 3464 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
19:07:08.0140 3464 VgaSave - ok
19:07:08.0156 3464 ViaIde - ok
19:07:08.0187 3464 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
19:07:08.0359 3464 VolSnap - ok
19:07:08.0484 3464 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
19:07:08.0703 3464 VSS - ok
19:07:08.0750 3464 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
19:07:08.0953 3464 W32Time - ok
19:07:09.0062 3464 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:07:09.0234 3464 Wanarp - ok
19:07:09.0265 3464 [ 0A716C08CB13C3A8F4F51E882DBF7416 ] wanatw C:\WINDOWS\system32\DRIVERS\wanatw4.sys
19:07:09.0312 3464 wanatw - ok
19:07:09.0328 3464 WDICA - ok
19:07:09.0359 3464 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
19:07:09.0531 3464 wdmaud - ok
19:07:09.0562 3464 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
19:07:12.0078 3464 WebClient - ok
19:07:12.0171 3464 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
19:07:12.0359 3464 winmgmt - ok
19:07:12.0515 3464 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
19:07:12.0562 3464 WmdmPmSN - ok
19:07:12.0609 3464 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
19:07:12.0812 3464 WmiApSrv - ok
19:07:12.0953 3464 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
19:07:13.0078 3464 WMPNetworkSvc - ok
19:07:13.0140 3464 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
19:07:13.0343 3464 WS2IFSL - ok
19:07:13.0468 3464 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
19:07:13.0656 3464 wscsvc - ok
19:07:13.0671 3464 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
19:07:13.0859 3464 wuauserv - ok
19:07:13.0953 3464 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
19:07:14.0015 3464 WudfPf - ok
19:07:14.0046 3464 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
19:07:14.0093 3464 WudfRd - ok
19:07:14.0125 3464 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
19:07:14.0187 3464 WudfSvc - ok
19:07:14.0265 3464 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
19:07:14.0515 3464 WZCSVC - ok
19:07:14.0546 3464 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
19:07:14.0718 3464 xmlprov - ok
19:07:14.0750 3464 ================ Scan global ===============================
19:07:14.0828 3464 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
19:07:14.0906 3464 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
19:07:14.0937 3464 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
19:07:14.0984 3464 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
19:07:14.0984 3464 [Global] - ok
19:07:14.0984 3464 ================ Scan MBR ==================================
19:07:15.0015 3464 [ 09CE7397AF23D4C0B331B89D0297CC7E ] \Device\Harddisk0\DR0
19:07:15.0312 3464 \Device\Harddisk0\DR0 - ok
19:07:15.0312 3464 ================ Scan VBR ==================================
19:07:15.0328 3464 [ 0A50C3C54CE787DDCF0B7AC2639DF0E4 ] \Device\Harddisk0\DR0\Partition1
19:07:15.0328 3464 \Device\Harddisk0\DR0\Partition1 - ok
19:07:15.0328 3464 ============================================================
19:07:15.0328 3464 Scan finished
19:07:15.0328 3464 ============================================================
19:07:15.0453 3756 Detected object count: 22
19:07:15.0453 3756 Actual detected object count: 22
19:07:52.0187 3756 ACS ( UnsignedFile.Multi.Generic ) - skipped by user
19:07:52.0187 3756 ACS ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:07:52.0187 3756 AegisP ( UnsignedFile.Multi.Generic ) - skipped by user
19:07:52.0187 3756 AegisP ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:07:52.0187 3756 CFSvcs ( UnsignedFile.Multi.Generic ) - skipped by user
19:07:52.0187 3756 CFSvcs ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:07:52.0187 3756 DLABOIOM ( UnsignedFile.Multi.Generic ) - skipped by user
19:07:52.0187 3756 DLABOIOM ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:07:52.0203 3756 DLACDBHM ( UnsignedFile.Multi.Generic ) - skipped by user
19:07:52.0203 3756 DLACDBHM ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:07:52.0203 3756 DLADResN ( UnsignedFile.Multi.Generic ) - skipped by user
19:07:52.0203 3756 DLADResN ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:07:52.0218 3756 DLAIFS_M ( UnsignedFile.Multi.Generic ) - skipped by user
19:07:52.0218 3756 DLAIFS_M ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:07:52.0234 3756 DLAOPIOM ( UnsignedFile.Multi.Generic ) - skipped by user
19:07:52.0234 3756 DLAOPIOM ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:07:52.0234 3756 DLAPoolM ( UnsignedFile.Multi.Generic ) - skipped by user
19:07:52.0234 3756 DLAPoolM ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:07:52.0234 3756 DLARTL_N ( UnsignedFile.Multi.Generic ) - skipped by user
19:07:52.0234 3756 DLARTL_N ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:07:52.0250 3756 DLAUDFAM ( UnsignedFile.Multi.Generic ) - skipped by user
19:07:52.0250 3756 DLAUDFAM ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:07:52.0250 3756 DLAUDF_M ( UnsignedFile.Multi.Generic ) - skipped by user
19:07:52.0250 3756 DLAUDF_M ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:07:52.0250 3756 DRVMCDB ( UnsignedFile.Multi.Generic ) - skipped by user
19:07:52.0250 3756 DRVMCDB ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:07:52.0250 3756 DRVNDDM ( UnsignedFile.Multi.Generic ) - skipped by user
19:07:52.0250 3756 DRVNDDM ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:07:52.0265 3756 DVD-RAM_Service ( UnsignedFile.Multi.Generic ) - skipped by user
19:07:52.0265 3756 DVD-RAM_Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:07:52.0265 3756 LxrJD31d ( UnsignedFile.Multi.Generic ) - skipped by user
19:07:52.0265 3756 LxrJD31d ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:07:52.0265 3756 meiudf ( UnsignedFile.Multi.Generic ) - skipped by user
19:07:52.0265 3756 meiudf ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:07:52.0265 3756 Netdevio ( UnsignedFile.Multi.Generic ) - skipped by user
19:07:52.0265 3756 Netdevio ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:07:52.0281 3756 Swupdtmr ( UnsignedFile.Multi.Generic ) - skipped by user
19:07:52.0281 3756 Swupdtmr ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:07:52.0281 3756 TAPPSRV ( UnsignedFile.Multi.Generic ) - skipped by user
19:07:52.0281 3756 TAPPSRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:07:52.0281 3756 TVALD ( UnsignedFile.Multi.Generic ) - skipped by user
19:07:52.0281 3756 TVALD ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:07:52.0296 3756 Tvs ( UnsignedFile.Multi.Generic ) - skipped by user
19:07:52.0296 3756 Tvs ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:10:40.0125 3824 Deinitialize success

 

[oldman960]

Hi two beers.

Next, please click your start botton, click run

• in the run box, type cmd
• click ok
• in the black command window that opens type ipconfig /flushdns
  note there is a space between inconfig and the /
• hit enter
• it should give you a messeage similar to "Successfully flushed the DNS Resolver Cache"
• close the window

Try some searches and see how it goes.

 

[two beers]

oldman-

I did the above, but it's still redirecting.

 

[oldman960]

Hi two beers,

We'll use a CD that we will make bootable. We also need a USB flashdrive that has some space on it. We will not be changing any of the data on the usb device just using it for a file.

You will also need to use FireFox to download a file as Internet Explorer seems to mangle the download.

If you have an problems with these steps please let me know. These may look complicated but it's fairly straight forward and for the most part automated.


Download GETxPUD.exe to your desktop.

• Run GETxPUD.exe by double clicking it.
• A new folder will appear on the desktop.
• Open the GETxPUD folder and click on the get&burn.bat
• The program will download xpud_0.9.2.iso, and when finished, it will open BurnCDCC which will be ready to burn the image.
• Click on Start and follow the prompts to burn the image to a CD

Using FireFox, please download and save dumpit to your usb device.

You may want to print out this part as you will not be able to view these instructions.

• Leave the usb device attached to the computer
• Boot the infected computer with the CD you just burned
  • with the CD in the computer, restart the computer
• The computer must be set to boot from the CD,depending on your computer you can either do this by pressing F12 and selecting the CD as the first boot option or it can be set in the BIOS
• Once you have the computer set to boot from the CD allow it to boot
• A Welcome to xPUD screen will appear
• Click on File
• Expand mnt
• sda1,2...usually corresponds to your HDD
• sdb1 is likely your USB
• Click on the folder that represents your USB drive (sdb1 ?)
  (you will be able to tell if it the right one as the screen will populate with your files)
• Locate the file you downloaded and saved earlier, dumpit
• double click it to run it
• a black window will open, follow the instructions to close the window when it's finished
• a file called MBR.zip should now be placed in the right hand panel
• Click the Home icon at top
• Remove the CD and click Power off
• Click restart

Once the computer has rebooted open the usb device and attach the MBR.zip file to your next reply.

 

[two beers]

oldman- when I click on dumpit, it opens a firefox page with lots of code strings; will this run?

 

[oldman960]

Hi two beers,

That's the same problem that happens in IE, it tries to open the file.

Try it this way. Right click the link and click save link as. Make sure the save as is set to all files

 

[two beers]

oldman-

hmm, after pressing F12, i get a black screen with:

PXE-E61: media test failure, check cable
PXE-MOF Exiting PXE system
Missing operating system_

I don't know if it's related, but I had noticed that I was unable to play CDs after the infection started.

 

[oldman960]

Hi two beers,

Click start

• right click My Computer
• click properties
• click the hardware tab
• click the device manager button

Are there any yellow exclaimation marks or question marks beside any of the entries?

What is listed under DVD/CD rom drives?


What is the make and model of your computer?

 

[two beers]

oldman-

There are no question marks or exclamation points.

Under DVD/CD: Matshita DVD/CDRW UJDA770

It's a Toshiba Satellite A105 -S2141. It's old, but it has been a real warhorse until now.

 

[oldman960]

Hi two beers,

Click start

• right click My Computer
• click properties
• click the hardware tab
• click the device manager button
• right click on the Cd rom that is listed
• click properties
• click the drivers tab
• click driver details

what is listed there?

 

[two beers]

oldman,

Here are the driver details:

C:\Windows\system 32\DRIVERS\cdrom.sys
C:\Windows\System 32\Drivers\DLACDBHM.SYS
C:\Windows\System 32\Drivers\DRVMCDB.SYS
C:\Windows\system 32\DRIVERS\imapi.sys
C:\Windows\System 32\Drivers\PxHelp20.sys
C:\Windows\system 32\DRIVERS\redbook.sys
C:\Windows\system 32\Drivers\storprop.dll

 

[oldman960]

Hi two beers,

Hi

When did you install sonic?

Let's try changing the boot order in the bios.

• place in the xpUD disk in the cd player
• reboot your computer

While the computer is rebooting you should see on the screen which key to press to enter the bios. It may be F2 for yours.

Once you have entered the bios look for a heading caleed boot order or something similar. Change the boot order so the cd is firat, your hard drive second and the Lan or network last.

There should be instructions on the screen which keys to use to navigate in the bios and which one will save the chanes and exit.

Once you exit the bios the computer should attempt to boot from the cd. If it is unable to boot from the cd it will either infrom you that it can't or it will simply continue on to boot from the hard drive.

Let me know how you make out.

 

[oldman960]

Due to inactivity, this thread will now be closed.

Note:If it has been three days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a fresh DDS log and a link to your previous thread. Please do not add any logs that might have been requested in the closed topic, you would be starting fresh.