Hangs during bootup

Specba · Mar 15, 2013

OTL log 3-15-13

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2113384 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 1042432 bytes

Total Files Cleaned = 216.00 mb

OTL by OldTimer - Version 3.2.69.0 log created on 03152013_173033

Files\Folders moved on Reboot...
File\Folder C:\WINDOWS\temp\Perflib_Perfdata_1480.dat not found!
File\Folder C:\WINDOWS\temp\Perflib_Perfdata_814.dat not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Specba · Mar 15, 2013

MalwareBytes Log 3-15-13

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.03.15.08

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 7.0.5730.13
Dan Kamin :: DAN [administrator]

3/15/2013 5:41:24 PM
mbam-log-2013-03-15 (17-41-24).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 209080
Time elapsed: 7 minute(s), 24 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

Specba · Mar 15, 2013

TDSKiller Log 3-15-2013

17:52:36.0734 5400 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
17:52:38.0734 5400 ============================================================
17:52:38.0734 5400 Current date / time: 2013/03/15 17:52:38.0734
17:52:38.0734 5400 SystemInfo:
17:52:38.0734 5400
17:52:38.0734 5400 OS Version: 5.1.2600 ServicePack: 3.0
17:52:38.0734 5400 Product type: Workstation
17:52:38.0734 5400 ComputerName: DAN
17:52:38.0734 5400 UserName: Dan Kamin
17:52:38.0734 5400 Windows directory: C:\WINDOWS
17:52:38.0734 5400 System windows directory: C:\WINDOWS
17:52:38.0734 5400 Processor architecture: Intel x86
17:52:38.0734 5400 Number of processors: 2
17:52:38.0734 5400 Page size: 0x1000
17:52:38.0734 5400 Boot type: Normal boot
17:52:38.0734 5400 ============================================================
17:52:41.0906 5400 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
17:52:41.0906 5400 ============================================================
17:52:41.0906 5400 \Device\Harddisk0\DR0:
17:52:41.0906 5400 MBR partitions:
17:52:41.0906 5400 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x12A18A82
17:52:41.0906 5400 ============================================================
17:52:41.0968 5400 C: <-> \Device\Harddisk0\DR0\Partition1
17:52:41.0984 5400 ============================================================
17:52:41.0984 5400 Initialize success
17:52:41.0984 5400 ============================================================
17:52:46.0750 4908 ============================================================
17:52:46.0750 4908 Scan started
17:52:46.0750 4908 Mode: Manual;
17:52:46.0750 4908 ============================================================
17:52:51.0781 4908 ================ Scan system memory ========================
17:52:51.0796 4908 System memory - ok
17:52:51.0796 4908 ================ Scan services =============================
17:52:52.0781 4908 Abiosdsk - ok
17:52:52.0796 4908 abp480n5 - ok
17:52:52.0859 4908 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
17:52:52.0859 4908 ACPI - ok
17:52:52.0937 4908 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
17:52:52.0937 4908 ACPIEC - ok
17:52:53.0046 4908 [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
17:52:53.0171 4908 AdobeFlashPlayerUpdateSvc - ok
17:52:53.0171 4908 adpu160m - ok
17:52:53.0265 4908 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
17:52:53.0265 4908 aec - ok
17:52:53.0359 4908 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
17:52:53.0359 4908 AFD - ok
17:52:53.0375 4908 Aha154x - ok
17:52:53.0375 4908 aic78u2 - ok
17:52:53.0390 4908 aic78xx - ok
17:52:53.0484 4908 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
17:52:53.0484 4908 Alerter - ok
17:52:53.0562 4908 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
17:52:53.0562 4908 ALG - ok
17:52:53.0578 4908 AliIde - ok
17:52:53.0593 4908 amsint - ok
17:52:53.0687 4908 [ 350F19EB5FE4EC37A2414DF56CDE1AA8 ] ApfiltrService C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
17:52:53.0687 4908 ApfiltrService - ok
17:52:53.0921 4908 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:52:53.0937 4908 Apple Mobile Device - ok
17:52:54.0046 4908 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
17:52:54.0046 4908 AppMgmt - ok
17:52:54.0125 4908 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
17:52:54.0125 4908 Arp1394 - ok
17:52:54.0140 4908 asc - ok
17:52:54.0156 4908 asc3350p - ok
17:52:54.0156 4908 asc3550 - ok
17:52:54.0375 4908 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
17:52:54.0390 4908 aspnet_state - ok
17:52:54.0500 4908 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
17:52:54.0500 4908 AsyncMac - ok
17:52:54.0546 4908 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
17:52:54.0546 4908 atapi - ok
17:52:54.0546 4908 Atdisk - ok
17:52:54.0640 4908 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
17:52:54.0640 4908 Atmarpc - ok
17:52:54.0828 4908 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
17:52:54.0843 4908 AudioSrv - ok
17:52:54.0968 4908 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
17:52:54.0968 4908 audstub - ok
17:52:55.0140 4908 [ F96038AA1EC4013A93D2420FC689D1E9 ] b57w2k C:\WINDOWS\system32\DRIVERS\b57xp32.sys
17:52:55.0140 4908 b57w2k - ok
17:52:55.0578 4908 [ 345D38F298368DD6B0DF5C4F37457A22 ] BCM43XX C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
17:52:55.0609 4908 BCM43XX - ok
17:52:55.0687 4908 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
17:52:55.0687 4908 Beep - ok
17:52:55.0968 4908 [ D2A55F5FE6B716913FB573872F2E5944 ] BHDrvx86 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20130301.001\BHDrvx86.sys
17:52:56.0046 4908 BHDrvx86 - ok
17:52:56.0109 4908 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
17:52:56.0125 4908 BITS - ok
17:52:56.0281 4908 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:52:56.0296 4908 Bonjour Service - ok
17:52:56.0359 4908 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
17:52:56.0359 4908 Browser - ok
17:52:56.0718 4908 [ 8A7BE4B3E6DD4687CF849B70EBDBCFF0 ] CarboniteService C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe
17:52:57.0078 4908 CarboniteService - ok
17:52:57.0125 4908 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
17:52:57.0125 4908 cbidf2k - ok
17:52:57.0390 4908 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
17:52:57.0390 4908 CCDECODE - ok
17:52:57.0390 4908 cd20xrnt - ok
17:52:57.0609 4908 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
17:52:57.0609 4908 Cdaudio - ok
17:52:57.0671 4908 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
17:52:57.0671 4908 Cdfs - ok
17:52:57.0718 4908 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
17:52:57.0718 4908 Cdrom - ok
17:52:57.0750 4908 [ 84853B3FD012251690570E9E7E43343F ] cercsr6 C:\WINDOWS\system32\drivers\cercsr6.sys
17:52:57.0750 4908 cercsr6 - ok
17:52:57.0765 4908 Changer - ok
17:52:57.0843 4908 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
17:52:57.0843 4908 CiSvc - ok
17:52:57.0890 4908 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
17:52:57.0890 4908 ClipSrv - ok
17:52:57.0953 4908 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:52:57.0968 4908 clr_optimization_v2.0.50727_32 - ok
17:52:58.0000 4908 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
17:52:58.0000 4908 CmBatt - ok
17:52:58.0015 4908 CmdIde - ok
17:52:58.0046 4908 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
17:52:58.0046 4908 Compbatt - ok
17:52:58.0046 4908 COMSysApp - ok
17:52:58.0062 4908 Cpqarray - ok
17:52:58.0125 4908 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
17:52:58.0140 4908 CryptSvc - ok
17:52:58.0156 4908 dac2w2k - ok
17:52:58.0156 4908 dac960nt - ok
17:52:58.0359 4908 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
17:52:58.0484 4908 DcomLaunch - ok
17:52:58.0593 4908 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
17:52:58.0593 4908 Dhcp - ok
17:52:58.0656 4908 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
17:52:58.0656 4908 Disk - ok
17:52:58.0671 4908 dmadmin - ok
17:52:58.0750 4908 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
17:52:58.0750 4908 dmboot - ok
17:52:58.0828 4908 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
17:52:58.0828 4908 dmio - ok
17:52:58.0859 4908 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
17:52:58.0859 4908 dmload - ok
17:52:58.0937 4908 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
17:52:58.0953 4908 dmserver - ok
17:52:58.0984 4908 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
17:52:58.0984 4908 DMusic - ok
17:52:59.0093 4908 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
17:52:59.0093 4908 Dnscache - ok
17:52:59.0156 4908 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
17:52:59.0171 4908 Dot3svc - ok
17:52:59.0171 4908 dpti2o - ok
17:52:59.0234 4908 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
17:52:59.0234 4908 drmkaud - ok
17:52:59.0375 4908 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
17:52:59.0375 4908 EapHost - ok
17:52:59.0765 4908 [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
17:52:59.0812 4908 eeCtrl - ok
17:52:59.0859 4908 [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
17:52:59.0953 4908 EraserUtilRebootDrv - ok
17:52:59.0968 4908 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
17:52:59.0968 4908 ERSvc - ok
17:53:00.0093 4908 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
17:53:00.0171 4908 Eventlog - ok
17:53:00.0375 4908 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
17:53:00.0468 4908 EventSystem - ok
17:53:00.0531 4908 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
17:53:00.0531 4908 Fastfat - ok
17:53:00.0609 4908 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
17:53:00.0609 4908 FastUserSwitchingCompatibility - ok
17:53:00.0656 4908 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
17:53:00.0656 4908 Fdc - ok
17:53:00.0703 4908 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
17:53:00.0703 4908 Fips - ok
17:53:00.0718 4908 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
17:53:00.0718 4908 Flpydisk - ok
17:53:00.0796 4908 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
17:53:00.0796 4908 FltMgr - ok
17:53:00.0921 4908 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
17:53:00.0953 4908 FontCache3.0.0.0 - ok
17:53:01.0078 4908 [ 9513B437B7ADB1E6065B7F0D83D11ECF ] FreeAgentGoNext Service C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
17:53:01.0093 4908 FreeAgentGoNext Service - ok
17:53:01.0109 4908 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:53:01.0109 4908 Fs_Rec - ok
17:53:01.0140 4908 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
17:53:01.0140 4908 Ftdisk - ok
17:53:01.0281 4908 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
17:53:01.0281 4908 GEARAspiWDM - ok
17:53:01.0453 4908 [ 8F6AE606EB0CC884EE12C41948424422 ] GoToAssist C:\Program Files\Citrix\GoToAssist\615\g2aservice.exe
17:53:01.0468 4908 GoToAssist - ok
17:53:01.0500 4908 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
17:53:01.0500 4908 Gpc - ok
17:53:01.0562 4908 [ C0BDAB85F3E8B2138C513255E2BCC4D8 ] guardian2 C:\WINDOWS\system32\Drivers\oz776.sys
17:53:01.0562 4908 guardian2 - ok
17:53:01.0625 4908 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
17:53:01.0625 4908 HDAudBus - ok
17:53:01.0765 4908 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
17:53:01.0765 4908 helpsvc - ok
17:53:01.0781 4908 HidServ - ok
17:53:01.0843 4908 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
17:53:01.0843 4908 hidusb - ok
17:53:01.0937 4908 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
17:53:01.0937 4908 hkmsvc - ok
17:53:02.0109 4908 [ 53DCA61931847E35C950504BFB7559C6 ] HP LaserJet Service C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
17:53:02.0125 4908 HP LaserJet Service - ok
17:53:02.0125 4908 hpn - ok
17:53:02.0484 4908 [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
17:53:02.0546 4908 hpqcxs08 - ok
17:53:02.0609 4908 [ EE4C7A4CF2316701FFDE90F404520265 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
17:53:02.0609 4908 hpqddsvc - ok
17:53:02.0671 4908 [ 94D23D4F096F12CA42C2FE4196631F46 ] HPSIService C:\WINDOWS\system32\HPSIsvc.exe
17:53:02.0671 4908 HPSIService - ok
17:53:02.0781 4908 [ 6F9CB6539A1B2508BD1C53D29334431A ] HPSLPSVC C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
17:53:02.0890 4908 HPSLPSVC - ok
17:53:02.0984 4908 [ 290CDBB05903742EA06B7203C5A662F5 ] HSFHWAZL C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
17:53:02.0984 4908 HSFHWAZL - ok
17:53:03.0062 4908 [ 7AB812355F98858B9ECDD46E6FCC221F ] HSF_DPV C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
17:53:03.0078 4908 HSF_DPV - ok
17:53:03.0140 4908 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
17:53:03.0156 4908 HTTP - ok
17:53:03.0484 4908 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
17:53:03.0484 4908 HTTPFilter - ok
17:53:03.0500 4908 i2omgmt - ok
17:53:03.0500 4908 i2omp - ok
17:53:03.0609 4908 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
17:53:03.0609 4908 i8042prt - ok
17:53:04.0078 4908 [ 37EB2DC75D8F6451AE55071610DC24E1 ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
17:53:04.0140 4908 ialm - ok
17:53:04.0562 4908 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:53:04.0765 4908 idsvc - ok
17:53:04.0968 4908 [ C19BF2A07BE972A110220DF6B1E89D14 ] IDSxpx86 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20130313.003\IDSxpx86.sys
17:53:05.0000 4908 IDSxpx86 - ok
17:53:05.0062 4908 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
17:53:05.0062 4908 Imapi - ok
17:53:05.0125 4908 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
17:53:05.0156 4908 ImapiService - ok
17:53:05.0171 4908 ini910u - ok
17:53:05.0187 4908 IntelIde - ok
17:53:05.0343 4908 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
17:53:05.0359 4908 intelppm - ok
17:53:05.0406 4908 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
17:53:05.0421 4908 Ip6Fw - ok
17:53:05.0468 4908 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:53:05.0468 4908 IpFilterDriver - ok
17:53:05.0531 4908 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
17:53:05.0531 4908 IpInIp - ok
17:53:05.0593 4908 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
17:53:05.0593 4908 IpNat - ok
17:53:05.0703 4908 [ E6BE7A41A28D8F2DB174957454D32448 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
17:53:05.0796 4908 iPod Service - ok
17:53:05.0843 4908 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
17:53:05.0843 4908 IPSec - ok
17:53:05.0890 4908 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
17:53:05.0890 4908 IRENUM - ok
17:53:05.0921 4908 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
17:53:05.0921 4908 isapnp - ok
17:53:05.0984 4908 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
17:53:05.0984 4908 Kbdclass - ok
17:53:06.0015 4908 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
17:53:06.0015 4908 kmixer - ok
17:53:06.0078 4908 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
17:53:06.0078 4908 KSecDD - ok
17:53:06.0203 4908 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
17:53:06.0234 4908 lanmanserver - ok
17:53:06.0296 4908 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
17:53:06.0328 4908 lanmanworkstation - ok
17:53:06.0343 4908 lbrtfdc - ok
17:53:06.0421 4908 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
17:53:06.0437 4908 LmHosts - ok
17:53:06.0609 4908 [ 2D0AB9D29E6B0C42CCE955B5A8E0D62D ] LVcKap C:\WINDOWS\system32\DRIVERS\LVcKap.sys
17:53:06.0625 4908 LVcKap - ok
17:53:06.0734 4908 [ A3963E3D997C3646E1D3338EB88A48E9 ] LVMVDrv C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys
17:53:06.0750 4908 LVMVDrv - ok
17:53:06.0828 4908 [ 39C767BD6D99C23D28E71B6E0CBA3129 ] LVPr2Mon C:\WINDOWS\system32\drivers\LVPr2Mon.sys
17:53:06.0828 4908 LVPr2Mon - ok
17:53:07.0187 4908 [ 44B3B997E25C5D9A81D6C501451A96D7 ] LVPrcSrv c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
17:53:07.0250 4908 LVPrcSrv - ok
17:53:07.0609 4908 [ 7B4607C0C664DA98753508F85BB10694 ] LVSrvLauncher C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe
17:53:07.0625 4908 LVSrvLauncher - ok
17:53:07.0656 4908 [ 6AD3F5275F117F08C12EAB2233A9E3FB ] LVUSBSta C:\WINDOWS\system32\drivers\lvusbsta.sys
17:53:07.0656 4908 LVUSBSta - ok
17:53:07.0718 4908 [ 494DAAD7DAB01D160C37AE7D99B00DE6 ] mam4410c C:\WINDOWS\system32\Drivers\mam4410c.sys
17:53:07.0734 4908 mam4410c - ok
17:53:07.0765 4908 [ B2434B4F7827798ABECD2103FB8F64A5 ] mam4410m C:\WINDOWS\system32\Drivers\mam4410m.sys
17:53:07.0765 4908 mam4410m - ok
17:53:07.0796 4908 [ 5020E06AD2C3551A1F37CF2D48EBC418 ] mam4410u C:\WINDOWS\system32\Drivers\mam4410u.sys
17:53:07.0796 4908 mam4410u - ok
17:53:07.0859 4908 [ B51E7EAB4BAF13B492AA3299BCF52A35 ] MaRdPnp C:\WINDOWS\system32\DRIVERS\MaRdP2K.sys
17:53:07.0875 4908 MaRdPnp - ok
17:53:07.0906 4908 [ 8181CEB341CBB2F7F893F85B915D5E15 ] MaVctrl C:\WINDOWS\system32\DRIVERS\MaVc2K.sys
17:53:07.0906 4908 MaVctrl - ok
17:53:07.0921 4908 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
17:53:07.0921 4908 mdmxsdk - ok
17:53:07.0968 4908 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
17:53:07.0968 4908 Messenger - ok
17:53:08.0000 4908 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
17:53:08.0015 4908 mnmdd - ok
17:53:08.0078 4908 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
17:53:08.0093 4908 mnmsrvc - ok
17:53:08.0171 4908 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
17:53:08.0171 4908 Modem - ok
17:53:08.0281 4908 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
17:53:08.0343 4908 Mouclass - ok
17:53:08.0406 4908 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
17:53:08.0421 4908 mouhid - ok
17:53:08.0515 4908 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
17:53:08.0546 4908 MountMgr - ok
17:53:08.0640 4908 [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
17:53:08.0656 4908 MozillaMaintenance - ok
17:53:08.0656 4908 mraid35x - ok
17:53:08.0718 4908 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
17:53:08.0734 4908 MRxDAV - ok
17:53:08.0812 4908 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:53:08.0843 4908 MRxSmb - ok
17:53:08.0875 4908 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
17:53:08.0906 4908 MSDTC - ok
17:53:08.0968 4908 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
17:53:08.0968 4908 Msfs - ok
17:53:08.0968 4908 MSIServer - ok
17:53:09.0000 4908 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:53:09.0031 4908 MSKSSRV - ok
17:53:09.0062 4908 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:53:09.0093 4908 MSPCLOCK - ok
17:53:09.0156 4908 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
17:53:09.0171 4908 MSPQM - ok
17:53:09.0218 4908 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
17:53:09.0218 4908 mssmbios - ok
17:53:09.0375 4908 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
17:53:09.0390 4908 MSTEE - ok
17:53:09.0406 4908 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
17:53:09.0453 4908 Mup - ok
17:53:09.0500 4908 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
17:53:09.0500 4908 NABTSFEC - ok
17:53:09.0593 4908 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
17:53:09.0671 4908 napagent - ok
17:53:09.0828 4908 [ 7D7A3BC6640C1A0D1442816B30856928 ] NAVENG C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20130315.004\NAVENG.SYS
17:53:09.0828 4908 NAVENG - ok
17:53:10.0062 4908 [ 28494C43D62AA7584BDCA2FADFBC4D11 ] NAVEX15 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20130315.004\NAVEX15.SYS
17:53:10.0265 4908 NAVEX15 - ok
17:53:10.0484 4908 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
17:53:10.0593 4908 NDIS - ok
17:53:10.0656 4908 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
17:53:10.0656 4908 NdisIP - ok
17:53:10.0750 4908 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:53:10.0765 4908 NdisTapi - ok
17:53:10.0828 4908 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:53:10.0843 4908 Ndisuio - ok
17:53:10.0937 4908 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:53:10.0937 4908 NdisWan - ok
17:53:11.0000 4908 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
17:53:11.0015 4908 NDProxy - ok
17:53:11.0093 4908 [ 949941E4DE88DF1FAF49A4B3CFFB756F ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll
17:53:11.0109 4908 Net Driver HPZ12 - ok
17:53:11.0125 4908 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
17:53:11.0125 4908 NetBIOS - ok
17:53:11.0234 4908 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
17:53:11.0359 4908 NetBT - ok
17:53:11.0406 4908 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
17:53:11.0421 4908 NetDDE - ok
17:53:11.0437 4908 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
17:53:11.0437 4908 NetDDEdsdm - ok
17:53:11.0468 4908 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
17:53:11.0484 4908 Netlogon - ok
17:53:11.0625 4908 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
17:53:11.0671 4908 Netman - ok
17:53:11.0781 4908 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:53:11.0796 4908 NetTcpPortSharing - ok
17:53:11.0843 4908 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
17:53:11.0859 4908 NIC1394 - ok
17:53:12.0218 4908 [ E78A365CC3E0FBFC018A33DCE01909F8 ] NIS C:\Program Files\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
17:53:12.0218 4908 NIS - ok
17:53:12.0437 4908 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
17:53:12.0609 4908 Nla - ok
17:53:12.0656 4908 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
17:53:12.0671 4908 Npfs - ok
17:53:12.0828 4908 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
17:53:12.0890 4908 Ntfs - ok
17:53:12.0937 4908 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
17:53:12.0937 4908 NtLmSsp - ok
17:53:12.0968 4908 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
17:53:12.0984 4908 NtmsSvc - ok
17:53:13.0015 4908 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
17:53:13.0046 4908 Null - ok
17:53:13.0093 4908 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
17:53:13.0093 4908 NwlnkFlt - ok
17:53:13.0109 4908 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
17:53:13.0109 4908 NwlnkFwd - ok
17:53:13.0156 4908 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
17:53:13.0187 4908 ohci1394 - ok
17:53:13.0359 4908 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:53:13.0375 4908 ose - ok
17:53:13.0734 4908 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:53:13.0875 4908 osppsvc - ok
17:53:13.0953 4908 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
17:53:13.0984 4908 Parport - ok
17:53:14.0031 4908 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
17:53:14.0046 4908 PartMgr - ok
17:53:14.0093 4908 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
17:53:14.0093 4908 ParVdm - ok
17:53:14.0109 4908 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
17:53:14.0125 4908 PCI - ok
17:53:14.0125 4908 PCIDump - ok
17:53:14.0187 4908 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
17:53:14.0187 4908 PCIIde - ok
17:53:14.0406 4908 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys
17:53:14.0546 4908 Pcmcia - ok
17:53:14.0687 4908 [ 5B6C11DE7E839C05248CED8825470FEF ] pcouffin C:\WINDOWS\system32\Drivers\pcouffin.sys
17:53:14.0703 4908 pcouffin - ok
17:53:14.0703 4908 PDCOMP - ok
17:53:14.0703 4908 PDFRAME - ok
17:53:14.0718 4908 PDRELI - ok
17:53:14.0718 4908 PDRFRAME - ok
17:53:14.0796 4908 [ 4350CB255AD546F4668C8B8AFD6A00A4 ] pepifilter C:\WINDOWS\system32\DRIVERS\lv302af.sys
17:53:14.0796 4908 pepifilter - ok
17:53:14.0796 4908 perc2 - ok
17:53:14.0812 4908 perc2hib - ok
17:53:14.0953 4908 [ 6B310DE726E1A0DEFD66718A7F79B5D2 ] PID_08A0 C:\WINDOWS\system32\DRIVERS\LV302AV.SYS
17:53:15.0093 4908 PID_08A0 - ok
17:53:15.0140 4908 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
17:53:15.0140 4908 PlugPlay - ok
17:53:15.0234 4908 [ 2F4CA141A609CAF5C98F6E4760EF1B9B ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll
17:53:15.0234 4908 Pml Driver HPZ12 - ok
17:53:15.0281 4908 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
17:53:15.0281 4908 PolicyAgent - ok
17:53:15.0375 4908 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
17:53:15.0375 4908 PptpMiniport - ok
17:53:15.0375 4908 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
17:53:15.0375 4908 ProtectedStorage - ok
17:53:15.0390 4908 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
17:53:15.0390 4908 PSched - ok
17:53:15.0453 4908 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
17:53:15.0453 4908 Ptilink - ok
17:53:15.0453 4908 ql1080 - ok
17:53:15.0453 4908 Ql10wnt - ok
17:53:15.0468 4908 ql12160 - ok
17:53:15.0468 4908 ql1240 - ok
17:53:15.0468 4908 ql1280 - ok
17:53:15.0531 4908 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:53:15.0531 4908 RasAcd - ok
17:53:15.0578 4908 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
17:53:15.0593 4908 RasAuto - ok
17:53:15.0625 4908 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
17:53:15.0640 4908 Rasl2tp - ok
17:53:15.0718 4908 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
17:53:15.0718 4908 RasMan - ok
17:53:15.0734 4908 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:53:15.0734 4908 RasPppoe - ok
17:53:15.0734 4908 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
17:53:15.0734 4908 Raspti - ok
17:53:15.0765 4908 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:53:15.0765 4908 Rdbss - ok
17:53:15.0765 4908 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
17:53:15.0765 4908 RDPCDD - ok
17:53:15.0796 4908 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
17:53:15.0796 4908 rdpdr - ok
17:53:15.0843 4908 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
17:53:15.0843 4908 RDPWD - ok
17:53:15.0875 4908 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
17:53:15.0890 4908 RDSessMgr - ok
17:53:15.0906 4908 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
17:53:15.0906 4908 redbook - ok
17:53:15.0953 4908 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
17:53:15.0953 4908 RemoteAccess - ok
17:53:16.0000 4908 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
17:53:16.0000 4908 RemoteRegistry - ok
17:53:16.0015 4908 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
17:53:16.0015 4908 RpcLocator - ok
17:53:16.0046 4908 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll
17:53:16.0062 4908 RpcSs - ok
17:53:16.0109 4908 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
17:53:16.0125 4908 RSVP - ok
17:53:16.0140 4908 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
17:53:16.0140 4908 SamSs - ok
17:53:16.0140 4908 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
17:53:16.0156 4908 SCardSvr - ok
17:53:16.0187 4908 [ 50B724C9D03111245DF270BC3F49F04D ] ScFBPNT2 C:\WINDOWS\system32\drivers\ScFBPNT2.SYS
17:53:16.0203 4908 ScFBPNT2 - ok
17:53:16.0328 4908 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
17:53:16.0390 4908 Schedule - ok
17:53:16.0453 4908 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
17:53:16.0453 4908 Secdrv - ok
17:53:16.0515 4908 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
17:53:16.0515 4908 seclogon - ok
17:53:16.0562 4908 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
17:53:16.0578 4908 SENS - ok
17:53:16.0625 4908 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
17:53:16.0625 4908 serenum - ok
17:53:16.0703 4908 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
17:53:16.0718 4908 Serial - ok
17:53:16.0750 4908 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
17:53:16.0765 4908 Sfloppy - ok
17:53:16.0828 4908 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
17:53:16.0843 4908 SharedAccess - ok
17:53:16.0859 4908 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
17:53:16.0859 4908 ShellHWDetection - ok
17:53:16.0859 4908 Simbad - ok
17:53:16.0937 4908 [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
17:53:16.0953 4908 SkypeUpdate - ok
17:53:16.0984 4908 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
17:53:16.0984 4908 SLIP - ok
17:53:17.0000 4908 Sparrow - ok
17:53:17.0015 4908 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
17:53:17.0046 4908 splitter - ok
17:53:17.0109 4908 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
17:53:17.0125 4908 Spooler - ok
17:53:17.0187 4908 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
17:53:17.0187 4908 sr - ok
17:53:17.0312 4908 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
17:53:17.0375 4908 srservice - ok
17:53:17.0578 4908 [ 83726CF02ECED69138948083E06B6EAC ] SRTSP C:\WINDOWS\System32\Drivers\NIS\1207020.003\SRTSP.SYS
17:53:17.0671 4908 SRTSP - ok
17:53:17.0703 4908 [ 4E7EAB2E5615D39CF1F1DF9C71E5E225 ] SRTSPX C:\WINDOWS\system32\drivers\NIS\1207020.003\SRTSPX.SYS
17:53:17.0718 4908 SRTSPX - ok
17:53:17.0796 4908 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
17:53:17.0968 4908 Srv - ok
17:53:18.0046 4908 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
17:53:18.0046 4908 SSDPSRV - ok
17:53:18.0171 4908 [ 6F855B5625A47F3AC731A262FDC379A6 ] STacSV C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe
17:53:18.0187 4908 STacSV - ok
17:53:18.0390 4908 [ 951801DFB54D86F611F0AF47825476F9 ] STHDA C:\WINDOWS\system32\drivers\sthda.sys
17:53:18.0562 4908 STHDA - ok
17:53:18.0609 4908 [ A9573045BAA16EAB9B1085205B82F1ED ] StillCam C:\WINDOWS\system32\DRIVERS\serscan.sys
17:53:18.0625 4908 StillCam - ok
17:53:18.0703 4908 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
17:53:18.0781 4908 stisvc - ok
17:53:18.0812 4908 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
17:53:18.0828 4908 streamip - ok
17:53:18.0859 4908 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
17:53:18.0859 4908 swenum - ok
17:53:18.0921 4908 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
17:53:18.0937 4908 swmidi - ok
17:53:18.0937 4908 SwPrv - ok
17:53:18.0953 4908 symc810 - ok
17:53:18.0968 4908 symc8xx - ok
17:53:19.0046 4908 [ 9BBEB8C6258E72D62E7560E6667AAD39 ] SymDS C:\WINDOWS\system32\drivers\NIS\1207020.003\SYMDS.SYS
17:53:19.0062 4908 SymDS - ok
17:53:19.0484 4908 [ D5C02629C02A820A7E71BCA3D44294A3 ] SymEFA C:\WINDOWS\system32\drivers\NIS\1207020.003\SYMEFA.SYS
17:53:19.0656 4908 SymEFA - ok
17:53:19.0734 4908 [ AB33C3B196197CA467CBDDA717860DBA ] SymEvent C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
17:53:19.0734 4908 SymEvent - ok
17:53:19.0765 4908 [ A73399804D5D4A8B20BA60FCF70C9F1F ] SymIRON C:\WINDOWS\system32\drivers\NIS\1207020.003\Ironx86.SYS
17:53:19.0765 4908 SymIRON - ok
17:53:19.0906 4908 [ 336CACE58F0359D5CBB1AE6B8A2FB205 ] SYMTDI C:\WINDOWS\System32\Drivers\NIS\1207020.003\SYMTDI.SYS
17:53:19.0968 4908 SYMTDI - ok
17:53:19.0984 4908 sym_hi - ok
17:53:19.0984 4908 sym_u3 - ok
17:53:20.0140 4908 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
17:53:20.0140 4908 sysaudio - ok
17:53:20.0203 4908 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
17:53:20.0203 4908 SysmonLog - ok
17:53:20.0250 4908 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
17:53:20.0250 4908 TapiSrv - ok
17:53:20.0296 4908 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:53:20.0312 4908 Tcpip - ok
17:53:20.0343 4908 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
17:53:20.0343 4908 TDPIPE - ok
17:53:20.0359 4908 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
17:53:20.0359 4908 TDTCP - ok
17:53:20.0390 4908 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
17:53:20.0390 4908 TermDD - ok
17:53:20.0437 4908 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
17:53:20.0453 4908 TermService - ok
17:53:20.0468 4908 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
17:53:20.0468 4908 Themes - ok
17:53:20.0515 4908 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
17:53:20.0515 4908 TlntSvr - ok
17:53:20.0531 4908 TosIde - ok
17:53:20.0578 4908 [ 8D624D3BD1F2D78BD1C01A2D4E954B4E ] tosporte C:\WINDOWS\system32\DRIVERS\tosporte.sys
17:53:20.0578 4908 tosporte - ok
17:53:20.0625 4908 [ 8C3BFAF3FCA90502E6FA35503B8E979E ] tosrfbd C:\WINDOWS\system32\DRIVERS\tosrfbd.sys
17:53:20.0640 4908 tosrfbd - ok
17:53:20.0687 4908 [ 90C8525BC578AAFFE87C2D0ED4379E9E ] tosrfbnp C:\WINDOWS\system32\Drivers\tosrfbnp.sys
17:53:20.0687 4908 tosrfbnp - ok
17:53:20.0734 4908 [ 4742F0BAD28268AB093ED6F4EA857997 ] Tosrfcom C:\WINDOWS\system32\Drivers\tosrfcom.sys
17:53:20.0734 4908 Tosrfcom - ok
17:53:20.0750 4908 [ 7C807BA9660E2995CC0217A14A24094C ] Tosrfhid C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys
17:53:20.0750 4908 Tosrfhid - ok
17:53:20.0781 4908 [ C52FD27B9ADF3A1F22CB90E6BCF9B0CB ] tosrfnds C:\WINDOWS\system32\DRIVERS\tosrfnds.sys
17:53:20.0781 4908 tosrfnds - ok
17:53:20.0828 4908 [ 01C90086CD37E7E8D9A827E24167FCB7 ] Tosrfusb C:\WINDOWS\system32\DRIVERS\tosrfusb.sys
17:53:20.0828 4908 Tosrfusb - ok
17:53:20.0890 4908 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
17:53:20.0890 4908 TrkWks - ok
17:53:20.0906 4908 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
17:53:20.0921 4908 Udfs - ok
17:53:20.0937 4908 ultra - ok
17:53:21.0000 4908 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
17:53:21.0015 4908 Update - ok
17:53:21.0046 4908 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
17:53:21.0062 4908 upnphost - ok
17:53:21.0093 4908 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
17:53:21.0109 4908 UPS - ok
17:53:21.0156 4908 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
17:53:21.0156 4908 usbaudio - ok
17:53:21.0218 4908 [ AF9388E736AF0C325067F05EDC350010 ] usbbus C:\WINDOWS\system32\DRIVERS\lgusbbus.sys
17:53:21.0218 4908 usbbus - ok
17:53:21.0265 4908 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
17:53:21.0265 4908 usbccgp - ok
17:53:21.0312 4908 [ AE30EA96E60E823C7B525DA356283AE8 ] UsbDiag C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys
17:53:21.0312 4908 UsbDiag - ok
17:53:21.0343 4908 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
17:53:21.0343 4908 usbehci - ok
17:53:21.0359 4908 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
17:53:21.0359 4908 usbhub - ok
17:53:21.0406 4908 [ 46AC66DF3D6EFE81F69BEA823A53AAB5 ] USBModem C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys
17:53:21.0406 4908 USBModem - ok
17:53:21.0437 4908 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
17:53:21.0437 4908 usbprint - ok
17:53:21.0468 4908 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
17:53:21.0468 4908 USBSTOR - ok
17:53:21.0500 4908 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
17:53:21.0515 4908 usbuhci - ok
17:53:21.0546 4908 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
17:53:21.0546 4908 VgaSave - ok
17:53:21.0546 4908 ViaIde - ok
17:53:21.0609 4908 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
17:53:21.0609 4908 VolSnap - ok
17:53:21.0671 4908 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
17:53:21.0687 4908 VSS - ok
17:53:21.0718 4908 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
17:53:21.0718 4908 W32Time - ok
17:53:21.0734 4908 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:53:21.0734 4908 Wanarp - ok
17:53:21.0812 4908 [ FD47474BD21794508AF449D9D91AF6E6 ] Wdf01000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
17:53:21.0828 4908 Wdf01000 - ok
17:53:21.0843 4908 WDICA - ok
17:53:21.0875 4908 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
17:53:21.0875 4908 wdmaud - ok
17:53:21.0937 4908 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
17:53:21.0953 4908 WebClient - ok
17:53:21.0984 4908 [ A8596CF86D445269A42ECC08B7066A4C ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
17:53:22.0015 4908 winachsf - ok
17:53:22.0140 4908 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
17:53:22.0140 4908 winmgmt - ok
17:53:22.0156 4908 wltrysvc - ok
17:53:22.0203 4908 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
17:53:22.0218 4908 WmdmPmSN - ok
17:53:22.0265 4908 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll
17:53:22.0296 4908 Wmi - ok
17:53:22.0312 4908 [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
17:53:22.0328 4908 WmiAcpi - ok
17:53:22.0343 4908 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
17:53:22.0343 4908 WmiApSrv - ok
17:53:22.0468 4908 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
17:53:22.0500 4908 WMPNetworkSvc - ok
17:53:22.0562 4908 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
17:53:22.0578 4908 wscsvc - ok
17:53:22.0578 4908 WSearch - ok
17:53:22.0625 4908 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
17:53:22.0625 4908 WSTCODEC - ok
17:53:22.0671 4908 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
17:53:22.0671 4908 wuauserv - ok
17:53:22.0734 4908 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
17:53:22.0750 4908 WudfPf - ok
17:53:22.0765 4908 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
17:53:22.0765 4908 WudfRd - ok
17:53:22.0812 4908 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
17:53:22.0812 4908 WudfSvc - ok
17:53:22.0875 4908 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
17:53:22.0906 4908 WZCSVC - ok
17:53:22.0953 4908 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
17:53:22.0953 4908 xmlprov - ok
17:53:22.0968 4908 ================ Scan global ===============================
17:53:23.0031 4908 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
17:53:23.0078 4908 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
17:53:23.0109 4908 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
17:53:23.0125 4908 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
17:53:23.0140 4908 [Global] - ok
17:53:23.0140 4908 ================ Scan MBR ==================================
17:53:23.0156 4908 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
17:53:23.0437 4908 \Device\Harddisk0\DR0 - ok
17:53:23.0437 4908 ================ Scan VBR ==================================
17:53:23.0453 4908 [ 3D6A656C4F09990DF07BCE99AD6682FA ] \Device\Harddisk0\DR0\Partition1
17:53:23.0453 4908 \Device\Harddisk0\DR0\Partition1 - ok
17:53:23.0453 4908 ============================================================
17:53:23.0453 4908 Scan finished
17:53:23.0453 4908 ============================================================
17:53:23.0468 5424 Detected object count: 0
17:53:23.0468 5424 Actual detected object count: 0

Dakeyras · Mar 15, 2013

The icons still lag for about 3 minutes before they come in. This might be the best we can do.

Acknowledged/possibly...I will have a think about this/sleep on it so to speak and reply back in due course.

In the meantime the requested OTL Log from the Custom Script is incomplete, could you repost it again please.

Specba · Mar 16, 2013

Complete OTL Log 3-15

All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CTFMON.EXE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HotKeysCmds\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IgfxTray\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KernelFaultCheck\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Persistence\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SigmatelSysTrayApp\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TkBellExe\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\APSDaemonl not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\hpqSRMon deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\HPUsageTrackingLEDM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\ITSecMng deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\LogitechCommunicationsManager deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\LogitechQuickCamRibbon deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\MaxMenuMgr deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\vProt deleted successfully.
Registry key HKEY_USERS\S-1-5-21-1229272821-1500820517-682003330-1003\Run not found.
========== FILES ==========
File\Folder C:\Program Files\AVG not found.
File\Folder C:\Program Files\AVG Secure Search not found.
File\Folder C:\Program Files\MediaGet2 not found.
C:\WINDOWS\tasks\ROC_JAN2013_TB_rmv.job moved successfully.
File\Folder C:\Documents and Settings\Dan Kamin\Local Settings\Application Data\MediaGet2 not found.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Dan Kamin
->Temp folder emptied: 1380223 bytes
->Temporary Internet Files folder emptied: 9295269 bytes
->FireFox cache emptied: 212029502 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 2402 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2113384 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 1042432 bytes

Total Files Cleaned = 216.00 mb

OTL by OldTimer - Version 3.2.69.0 log created on 03152013_173033

Files\Folders moved on Reboot...
File\Folder C:\WINDOWS\temp\Perflib_Perfdata_1480.dat not found!
File\Folder C:\WINDOWS\temp\Perflib_Perfdata_814.dat not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Dakeyras · Mar 16, 2013

Hi.

Going back to this you mentioned:-

HP printer software insisted on installing after OTL ran.

Any further problems just consider uninstalling the software as no real need for it. I have a HP printer myself and do not have any of the associated software installed apart from the required driver etc. Though the downside of that is the scan feature does not work as should but I do not use that very often and still prefer to keep the HP software at bay so to speak.

How long is left on the subscription for Norton Internet Security before it expires ?

Re-scan with RogueKiller:

Again as outlined here, then after the pre-scan has completed click on the ShortcutsFix button.

Post the new log created in your next reply.

System File Check:

Close all open applications/windows etc.

Click on Start >> Run...
Type in SFC /Scannow <--- Make sure to leave a space between SFC and the forward slash.
Click on OK
System File Checker will now scan all protected files to verify their versions.

Note: This will take some time. Also you may be prompted to place the XP installation CD-ROM in the CD-Drive if required.

TFC(Temp File Cleaner):

Please download TFC to the desktop.
Save any unsaved work. TFC will close all open application windows.
Double-click TFC.exe to run the program.
Click the Start button in the bottom left of TFC
If prompted, click "Yes" to reboot.

Note: Save your work. TFC will automatically close any open programs, let it run uninterrupted. It should not take longer than a couple of minutes , and may only take a few seconds. Only if needed will you be prompted to reboot.

I advice consider keeping TFC on the desktop after I give the all clear and run it say at least once per week as it is a very effective piece of software for cleaning out temp' files etc.

Next:

Let myself know when completed the above, if any further problems/issues encountered etc. Post the new RogueKiller log along with the answer to my NIS query and we will then go from there, thank you.

Specba · Mar 16, 2013

RogueKiller Log 3-16-13

RogueKiller V8.5.3 [Mar 13 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User : Dan Kamin [Admin rights]
Mode : Shortcuts HJfix -- Date : 03/16/2013 08:17:37
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ File attributes restored: ¤¤¤
Desktop: Success 0 / Fail 0
Quick launch: Success 0 / Fail 0
Programs: Success 6 / Fail 0
Start menu: Success 0 / Fail 0
User folder: Success 74 / Fail 0
My documents: Success 198 / Fail 198
My favorites: Success 0 / Fail 0
My pictures: Success 0 / Fail 0
My music: Success 0 / Fail 0
My videos: Success 0 / Fail 0
Local drives: Success 97 / Fail 291
Backup: [NOT FOUND]

Drives:
[C:] \Device\HarddiskVolume1 -- 0x3 --> Restored
[D:] \Device\CdRom0 -- 0x5 --> Skipped

Finished : << RKreport[3]_SC_03162013_02d0817.txt >>
RKreport[1]_S_03122013_02d1300.txt ; RKreport[2]_S_03162013_02d0815.txt ; RKreport[3]_SC_03162013_02d0817.txt

Specba · Mar 16, 2013

Norton

His Norton expires in August. Personally I like Windows Defender. I've also used Avast! . Is there something you would recommend?

Dakeyras · Mar 16, 2013

Hi.

His Norton expires in August.

Acknowledged...

I am a great believer in if something is not broke do not fix and if the need we can address this. The problem with such bundled security related software is at times they can cause a myriad of system related problems that affect over performance.

Personally I like Windows Defender. I've also used Avast!

Both are fine applications. Windows Defender did get a somewhat bad reputation in it's early days as it was based up Giant AntiSpyware originally and called in turn Microsoft AntiSpyware if I recall but the more recent incarnations have improved considerably.

Is there something you would recommend?

Microsoft Security Essentials and I use that myself on all my machines, has a low system footprint and does the job so to speak.

Though with Windows 8 it is actually incorporated into Windows Defender and uses the same virus database/definitions etc.

Specba · Mar 16, 2013

What's next?

What would you like me to do next? Are we at the cleanup stage?

Specba

Dakeyras · Mar 16, 2013

How's the machine now, still the same issuies ?

Specba · Mar 16, 2013

3 Minutes

The delay is still about 3 minutes. When he was over the night before last he said there was always somewhat of a delay on this machine before his icons came in. Either way it is light years ahead of the 15 minutes it used to take when he first brought the machine over.

My wife and I are seeing him tonight. I'd love to be able to give it back to him. Dan and I have been friends since 1968. He was in college and I was in High School when we met. This computer is his lifeline.

Specba

Dakeyras · Mar 16, 2013

Hi.

Acknowledged, well far as I can ascertain malware is no longer a issue...

But we can run a few quick checks and I'll be back later on to provide some advice/clear up tools etc.

Profile Check:

Click on Start >> Control Panel >> User Accounts

Now click on Create a new account >> name it say Test >> Create Account

Then power down the machine >> reboot it into the test account and check for myself if still the same lag.

Note: Feel free to remove the test account when finished.

Scan with Speccy:

Please download the installer for Speccy from here to the desktop.

Double-click on spsetup120.exe to install the application >> follow the prompts >> deselect the option Automatically check for updates to Speccy(the others leave as is per your preferance) >> Install
Delselct View Release notes but leave Run Speccy vN.NN selected >> Finish
Speccy will now automatically scan your system, this may take some time etc.
Once it has completed scanning >> click on File >> Save as Text File... >> select the Desktop as the save destination >> Save
Close Speccy.
Open the notepad file you have just saved...
Scroll down to the heading Operating System >> next to Serial Number:
Delete/remove the actual serial number as prudent not to have that displayed in a open forum for security reasons etc.
Post the Speccy log in your next reply for my review.

Software Check/Update:

Let check/update some software as follows shall we...

Download and install FileHippo Update Checker from here.
Once installed(during the installation process deselect the option:- Run at Startup >> Start >> All Programs >> double-click on Update Checker >> a browser window will open after the scan is complete.
Download any updates detected(apart from beta updates) to the desktop >> uninstall anything that requires updating via Add/Remove Programs in the Control Panel.
Re-install the updated software, delete the installers and then empty the Recycle Bin.

Note: When I give the all clear my advice would be to consider keeping FileHippo Update Checker installed. Then periodically use it to check for any updates as having certain software outdated is a potential for malware to gain a foothold and exploit a system etc.

Specba · Mar 16, 2013

Speccy Log

I tried to post the log, but got an error message that it was too long. It is attached as a .zip file.

Specba · Mar 16, 2013

Faster log in

The test account I created logged in without the delay.

Specba

Specba · Mar 16, 2013

One other item.

A message appeared saying a trial license for a bluetooth management program had expired. I uninstalled the program. I'm not sure if his laptop even has bluetooth.

Specba

Specba · Mar 16, 2013

Problem

On reboot I now get a message that a USB driver needs to load. After having it search it could not find a driver.

I check the device manager and there is an exclamation point by the usb device.

I tried going to Dell's website and logged in to check if there was a usb driver for this service tag. I couldn't find one.

Dakeyras · Mar 16, 2013

Hi.

The temperature of the machine is a tad high:-

Intel Mobile Core 2 Duo T7250 @ 2.00GH 63 °C

Motherboard Dell Inc 63 °C

This may explain some of the errors you mentioned, so might be idea to check all fans are working and none of the airflow vents are blocked etc.

Also carry out the below please as follows...

Create a User account/transfer old settings:

Create a new user account:
Go to Start >> Control Panel >> User Accounts.
Click on Create A New Account.
Give the account a name and click Next > >> Create Account.

Note: Ensure that the new account type is a Computer Administrator, you may change it to a limited account later on for security reasons if you so wish.

Now login into your friends account and perform the following:

Right-click My Computer, and select Properties.
Select the Advanced tab.
Click the Settings button in the User Profiles section.
Select the user account that was corrupted.
Click the Copy To button.
Click Browse button and then browse For Folder dialogue box to locate the Documents and Settings folder and select the new account.

A confirmation dialogue box should appear that informs you that the original files will be deleted and prompts you to confirm the copy operation. Click Yes.
Once the profile is copied, log off from the system and login again with the new Account/User-name. All the settings of the old account should be copied.

Check the new account is working correctly then:

Go to Start >> Control Panel >> User Accounts.
Click on the old account >> Delete the account >> Delete Files >> Delete Account.

Let myself know the outcome when completed the above and we then proceed from there, thank you.

Specba · Mar 16, 2013

Driver issue solved

The driver issue turned out to be an internal bluetooth device. I was able to find the correct drivers and load them. Device manager is now happy.

Specba · Mar 16, 2013

Copy process hangs

I can't copy his profile. It hangs on the hour glass.

I tried copying from within his profile and couldn't see the new one listed. I logged out and logged into the test profile I created earlier. I then could see all three. I tried copying from within that third profile. That is when I got the hour glass. I let it run for some 30 minutes.

Hangs during bootup

New member

New member

New member

Security Expert-Emeritus

New member

Security Expert-Emeritus

New member

New member

Security Expert-Emeritus

New member

Security Expert-Emeritus

New member

Security Expert-Emeritus

New member

New member

New member

New member

Security Expert-Emeritus

New member

New member