Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

blaster.worm


  • Please log in to reply
11 replies to this topic

#1 tyromaniac

tyromaniac

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:07:43 PM

Posted 23 March 2012 - 10:09 PM

What I can find says windows xp media edition with latest service packs should not be affected, but the message I get when I try to do anything is that iexplore cannot run because it is infected with "w32/Blaster.worm" along with an offer for virus removal software for $60.00. To get to this forum, I upgraded??? with a Vista upgrade I had. I would like to get back to xp. Is it possible to remove the worm and return to Windows xp -- system restore wouldn't work either. Thanks

Edit: Moved topic from XP to the more appropriate forum. ~ Animal

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:43 PM

Posted 24 March 2012 - 07:52 AM

Boot into safemode with networking


Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log


Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)


Please download GMER from here(doesnot work on 64 bit OS)

http://www2.gmer.net/download.php

Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.

GMER will open to the Rootkit/Malware tab and perform an automatic Full Scan when first run. (do not use the computer while the scan is in progress)

If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
Now click the Scan button. If you see a rootkit warning window, click OK.
When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
Click the Copy button and paste the results into your next reply.


Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

#3 tyromaniac

tyromaniac
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:07:43 PM

Posted 24 March 2012 - 09:30 AM

Thanks for your response.

I attemped to log on to "Earlier vesion of Windows"

I was asked "which windows installation?" I guessed "1"

I was instructed "type the administrator password"
I don't think I've ever set up a password. Is there a default it would have, or a way to retrieve the password

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:43 PM

Posted 24 March 2012 - 06:59 PM

Are you entering into recovery console?

Restart your PC

Press F8 at boot up

You should get the Advanced startup options

Select safemode with networking

Let me know if you can run tools in safemode with networking

If safemode doesnt work then download

Download

http://download.bleepingcomputer.com/grinler/rkill.scr

Run it in regular mode,after the screen closes,try to run malwarebytes

goof luck

#5 tyromaniac

tyromaniac
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:07:43 PM

Posted 25 March 2012 - 12:03 AM

i can enter into recovery console in Vista where the scans don't find much. What i can't do is boot into xp. In the meantime, available disc space has gone from 16.1gb to 10.3gb in the last two days. Vista scan:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-03-25 00:27:15
-----------------------------
00:27:15.394 OS Version: Windows 6.0.6000
00:27:15.394 Number of processors: 2 586 0xE08
00:27:15.394 ComputerName: GARY-PC UserName: Gary
00:27:18.644 Initialize success
00:28:24.023 AVAST engine defs: 12032401
00:28:35.742 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1
00:28:35.742 Disk 0 Vendor: HTS541080G9SA00 MB4OC65D Size: 76319MB BusType: 3
00:28:35.773 Disk 0 MBR read successfully
00:28:35.789 Disk 0 MBR scan
00:28:35.835 Disk 0 Windows VISTA default MBR code
00:28:35.851 Disk 0 Partition 1 00 12 Compaq diag NTFS 5592 MB offset 63
00:28:35.882 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 70723 MB offset 11454345
00:28:35.898 Disk 0 scanning sectors +156296385
00:28:35.992 Disk 0 scanning C:\Windows\system32\drivers
00:28:47.382 Service scanning
00:29:13.070 Modules scanning
00:29:19.679 Disk 0 trace - called modules:
00:29:19.726 ntkrnlpa.exe CLASSPNP.SYS disk.sys hal.dll acpi.sys ataport.SYS intelide.sys PCIIDEX.SYS atapi.sys dxgkrnl.sys igdkmd32.sys
00:29:19.757 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x82f66578]
00:29:19.773 3 ntkrnlpa.exe[818b07e2] -> nt!IofCallDriver -> [0x82ba04a8]
00:29:19.789 5 acpi.sys[8066932a] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-1[0x82b8a3a8]
00:29:21.648 AVAST engine scan C:\Windows
00:29:25.554 AVAST engine scan C:\Windows\system32
00:32:55.960 AVAST engine scan C:\Windows\system32\drivers
00:33:09.742 AVAST engine scan C:\Users\Gary
00:35:08.554 AVAST engine scan C:\ProgramData
00:35:17.976 Scan finished successfully
00:36:18.507 Disk 0 MBR has been saved successfully to "C:\Users\Gary\Documents\MBR.dat"
00:36:18.523 The log file has been saved successfully to "C:\Users\Gary\Documents\aswMBR.txt"

01:07:30.0088 1044 TDSS rootkit removing tool 2.7.22.0 Mar 21 2012 17:40:00
01:07:30.0166 1044 ============================================================
01:07:30.0166 1044 Current date / time: 2012/03/25 01:07:30.0166
01:07:30.0166 1044 SystemInfo:
01:07:30.0166 1044
01:07:30.0166 1044 OS Version: 6.0.6000 ServicePack: 0.0
01:07:30.0166 1044 Product type: Workstation
01:07:30.0166 1044 ComputerName: GARY-PC
01:07:30.0166 1044 UserName: Gary
01:07:30.0166 1044 Windows directory: C:\Windows
01:07:30.0166 1044 System windows directory: C:\Windows
01:07:30.0166 1044 Processor architecture: Intel x86
01:07:30.0166 1044 Number of processors: 2
01:07:30.0166 1044 Page size: 0x1000
01:07:30.0166 1044 Boot type: Normal boot
01:07:30.0166 1044 ============================================================
01:07:32.0041 1044 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
01:07:32.0041 1044 \Device\Harddisk0\DR0:
01:07:32.0041 1044 MBR used
01:07:32.0041 1044 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0xAEC789, BlocksNum 0x8A21D38
01:07:32.0307 1044 Initialize success
01:07:32.0322 1044 ============================================================
01:07:36.0822 2872 ============================================================
01:07:36.0822 2872 Scan started
01:07:36.0822 2872 Mode: Manual;
01:07:36.0822 2872 ============================================================
01:07:39.0213 2872 ACPI (84fc6df81212d16be5c4f441682feccc) C:\Windows\system32\drivers\acpi.sys
01:07:39.0244 2872 ACPI - ok
01:07:39.0322 2872 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
01:07:39.0353 2872 adp94xx - ok
01:07:39.0494 2872 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
01:07:39.0494 2872 adpahci - ok
01:07:39.0572 2872 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
01:07:39.0572 2872 adpu160m - ok
01:07:39.0603 2872 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
01:07:39.0603 2872 adpu320 - ok
01:07:39.0666 2872 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
01:07:39.0682 2872 AeLookupSvc - ok
01:07:39.0885 2872 AFD (5d24caf8efd924a875698ff28384db8b) C:\Windows\system32\drivers\afd.sys
01:07:39.0916 2872 AFD - ok
01:07:40.0010 2872 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
01:07:40.0010 2872 agp440 - ok
01:07:40.0088 2872 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
01:07:40.0088 2872 aic78xx - ok
01:07:40.0103 2872 ALG (e69fb0e3112c40fdc0ef7d21a52dc951) C:\Windows\System32\alg.exe
01:07:40.0119 2872 ALG - ok
01:07:40.0135 2872 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
01:07:40.0135 2872 aliide - ok
01:07:40.0150 2872 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
01:07:40.0150 2872 amdagp - ok
01:07:40.0182 2872 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
01:07:40.0182 2872 amdide - ok
01:07:40.0244 2872 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
01:07:40.0244 2872 AmdK7 - ok
01:07:40.0275 2872 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
01:07:40.0275 2872 AmdK8 - ok
01:07:40.0338 2872 Appinfo (cfa455816879f06f1c4e5bbf9e8aef7d) C:\Windows\System32\appinfo.dll
01:07:40.0338 2872 Appinfo - ok
01:07:40.0416 2872 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
01:07:40.0432 2872 arc - ok
01:07:40.0478 2872 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
01:07:40.0478 2872 arcsas - ok
01:07:40.0494 2872 AsyncMac (e86cf7ce67d5de898f27ef884dc357d8) C:\Windows\system32\DRIVERS\asyncmac.sys
01:07:40.0510 2872 AsyncMac - ok
01:07:40.0541 2872 atapi (b35cfcef838382ab6490b321c87edf17) C:\Windows\system32\drivers\atapi.sys
01:07:40.0541 2872 atapi - ok
01:07:40.0775 2872 AudioEndpointBuilder (e760fc1bd68f7f6f1b17eb4e8d9480b0) C:\Windows\System32\Audiosrv.dll
01:07:40.0791 2872 AudioEndpointBuilder - ok
01:07:40.0807 2872 Audiosrv (e760fc1bd68f7f6f1b17eb4e8d9480b0) C:\Windows\System32\Audiosrv.dll
01:07:40.0807 2872 Audiosrv - ok
01:07:40.0869 2872 b57nd60x (8e287eb3a52fd30c999482c576f4a61b) C:\Windows\system32\DRIVERS\b57nd60x.sys
01:07:40.0869 2872 b57nd60x - ok
01:07:40.0932 2872 Beep (ac3dd1708b22761ebd7cbe14dcc3b5d7) C:\Windows\system32\drivers\Beep.sys
01:07:40.0932 2872 Beep - ok
01:07:40.0994 2872 BFE (98ebdffb824a7c265337d68dd480e45c) C:\Windows\System32\bfe.dll
01:07:41.0010 2872 BFE - ok
01:07:41.0322 2872 BITS (da551697e34d2b9943c8b1c8eaffe89a) C:\Windows\System32\qmgr.dll
01:07:41.0338 2872 BITS - ok
01:07:41.0447 2872 blbdrive - ok
01:07:41.0525 2872 bowser (913cd06fbe9105ce6077e90fd4418561) C:\Windows\system32\DRIVERS\bowser.sys
01:07:41.0525 2872 bowser - ok
01:07:41.0557 2872 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
01:07:41.0557 2872 BrFiltLo - ok
01:07:41.0588 2872 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
01:07:41.0588 2872 BrFiltUp - ok
01:07:41.0635 2872 Browser (beb6470532b7461d7bb426e3facb424f) C:\Windows\System32\browser.dll
01:07:41.0635 2872 Browser - ok
01:07:41.0713 2872 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
01:07:41.0713 2872 Brserid - ok
01:07:41.0728 2872 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
01:07:41.0728 2872 BrSerWdm - ok
01:07:41.0760 2872 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
01:07:41.0760 2872 BrUsbMdm - ok
01:07:41.0775 2872 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
01:07:41.0775 2872 BrUsbSer - ok
01:07:41.0807 2872 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
01:07:41.0807 2872 BTHMODEM - ok
01:07:41.0822 2872 cdfs (6c3a437fc873c6f6a4fc620b6888cb86) C:\Windows\system32\DRIVERS\cdfs.sys
01:07:41.0838 2872 cdfs - ok
01:07:41.0869 2872 cdrom (8d1866e61af096ae8b582454f5e4d303) C:\Windows\system32\DRIVERS\cdrom.sys
01:07:41.0869 2872 cdrom - ok
01:07:41.0885 2872 CertPropSvc (0600e04315fe543802a379d5d23c8be0) C:\Windows\System32\certprop.dll
01:07:41.0885 2872 CertPropSvc - ok
01:07:41.0900 2872 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
01:07:41.0900 2872 circlass - ok
01:07:41.0963 2872 CLFS (1b84fd0937d3b99af9ba38ddff3daf54) C:\Windows\system32\CLFS.sys
01:07:41.0978 2872 CLFS - ok
01:07:42.0072 2872 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
01:07:42.0072 2872 clr_optimization_v2.0.50727_32 - ok
01:07:42.0322 2872 CmBatt (ed97ad3df1b9005989eaf149bf06c821) C:\Windows\system32\DRIVERS\CmBatt.sys
01:07:42.0322 2872 CmBatt - ok
01:07:42.0369 2872 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
01:07:42.0369 2872 cmdide - ok
01:07:42.0400 2872 Compbatt (722936afb75a7f509662b69b5632f48a) C:\Windows\system32\DRIVERS\compbatt.sys
01:07:42.0400 2872 Compbatt - ok
01:07:42.0416 2872 COMSysApp - ok
01:07:42.0432 2872 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
01:07:42.0447 2872 crcdisk - ok
01:07:42.0478 2872 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
01:07:42.0478 2872 Crusoe - ok
01:07:42.0525 2872 CryptSvc (1c26fb097170a2a91066d1e3a24366e3) C:\Windows\system32\cryptsvc.dll
01:07:42.0525 2872 CryptSvc - ok
01:07:42.0603 2872 DcomLaunch (7b981222a257d076885bffb66f19b7ce) C:\Windows\system32\rpcss.dll
01:07:42.0619 2872 DcomLaunch - ok
01:07:42.0713 2872 DfsC (a7179de59ae269ab70345527894ccd7c) C:\Windows\system32\Drivers\dfsc.sys
01:07:42.0728 2872 DfsC - ok
01:07:42.0791 2872 Dhcp (dc45739bc22d528d2b3e50d3f6761750) C:\Windows\System32\dhcpcsvc.dll
01:07:42.0791 2872 Dhcp - ok
01:07:42.0822 2872 disk (841af4c4d41d3e3b2f244e976b0f7963) C:\Windows\system32\drivers\disk.sys
01:07:42.0822 2872 disk - ok
01:07:42.0869 2872 Dnscache (eecba1dd142bf8693c476be8f32fe253) C:\Windows\System32\dnsrslvr.dll
01:07:42.0869 2872 Dnscache - ok
01:07:42.0932 2872 dot3svc (1f795d214820e496bf1124434a6db546) C:\Windows\System32\dot3svc.dll
01:07:42.0947 2872 dot3svc - ok
01:07:42.0994 2872 DPS (032c90ad677bf7b7a8013d6087c7a921) C:\Windows\system32\dps.dll
01:07:43.0010 2872 DPS - ok
01:07:43.0072 2872 drmkaud (ee472cd2c01f6f8e8aa1fa06ffef61b6) C:\Windows\system32\drivers\drmkaud.sys
01:07:43.0072 2872 drmkaud - ok
01:07:43.0119 2872 DXGKrnl (334988883de69adb27e2cf9f9715bbdb) C:\Windows\System32\drivers\dxgkrnl.sys
01:07:43.0135 2872 DXGKrnl - ok
01:07:43.0275 2872 EapHost (90a0a875642e18618010645311b4e89e) C:\Windows\System32\eapsvc.dll
01:07:43.0275 2872 EapHost - ok
01:07:43.0353 2872 Ecache (0efc7531b936ee57fdb4e837664c509f) C:\Windows\system32\drivers\ecache.sys
01:07:43.0353 2872 Ecache - ok
01:07:43.0447 2872 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
01:07:43.0447 2872 elxstor - ok
01:07:43.0557 2872 EMDMgmt (3226fda08988526e819e364e8cce4cee) C:\Windows\system32\emdmgmt.dll
01:07:43.0572 2872 EMDMgmt - ok
01:07:43.0666 2872 EventSystem (7b4971c3d43525175a4ea0d143e0412e) C:\Windows\system32\es.dll
01:07:43.0666 2872 EventSystem - ok
01:07:43.0697 2872 fastfat (84a317cb0b3954d3768cdcd018dbf670) C:\Windows\system32\drivers\fastfat.sys
01:07:43.0713 2872 fastfat - ok
01:07:43.0728 2872 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
01:07:43.0728 2872 fdc - ok
01:07:43.0807 2872 fdPHost (e43bce1a77d6fd4ed5f8e0482b9e7df1) C:\Windows\system32\fdPHost.dll
01:07:43.0807 2872 fdPHost - ok
01:07:43.0838 2872 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
01:07:43.0838 2872 FDResPub - ok
01:07:43.0947 2872 FileInfo (65773d6115c037ffd7ef8280ae85eb9d) C:\Windows\system32\drivers\fileinfo.sys
01:07:43.0947 2872 FileInfo - ok
01:07:43.0978 2872 Filetrace (c226dd0de060745f3e042f58dcf78402) C:\Windows\system32\drivers\filetrace.sys
01:07:43.0978 2872 Filetrace - ok
01:07:44.0010 2872 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
01:07:44.0010 2872 flpydisk - ok
01:07:44.0025 2872 FltMgr (a6a8da7ae4d53394ab22ac3ab6d3f5d3) C:\Windows\system32\drivers\fltmgr.sys
01:07:44.0041 2872 FltMgr - ok
01:07:44.0197 2872 FontCache3.0.0.0 (c9be08664611ddaf98e2331e9288b00b) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
01:07:44.0213 2872 FontCache3.0.0.0 - ok
01:07:44.0275 2872 Fs_Rec (66a078591208baa210c7634b11eb392c) C:\Windows\system32\drivers\Fs_Rec.sys
01:07:44.0275 2872 Fs_Rec - ok
01:07:44.0307 2872 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
01:07:44.0307 2872 gagp30kx - ok
01:07:44.0369 2872 gpsvc (bcf6589c42d8f6a20f33ef133ffe0524) C:\Windows\System32\gpsvc.dll
01:07:44.0385 2872 gpsvc - ok
01:07:44.0588 2872 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
01:07:44.0588 2872 HdAudAddService - ok
01:07:44.0635 2872 HDAudBus (0db613a7e427b5663563677796fd5258) C:\Windows\system32\DRIVERS\HDAudBus.sys
01:07:44.0635 2872 HDAudBus - ok
01:07:44.0697 2872 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
01:07:44.0697 2872 HidBth - ok
01:07:44.0728 2872 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
01:07:44.0744 2872 HidIr - ok
01:07:44.0760 2872 hidserv (8fa640195279ace21bea91396a0054fc) C:\Windows\system32\hidserv.dll
01:07:44.0760 2872 hidserv - ok
01:07:44.0775 2872 HidUsb (3c64042b95e583b366ba4e5d2450235e) C:\Windows\system32\DRIVERS\hidusb.sys
01:07:44.0775 2872 HidUsb - ok
01:07:44.0838 2872 hkmsvc (d40aa05e29bf6ed29b139f044b461e9b) C:\Windows\system32\kmsvc.dll
01:07:44.0838 2872 hkmsvc - ok
01:07:44.0869 2872 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
01:07:44.0869 2872 HpCISSs - ok
01:07:44.0900 2872 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
01:07:44.0916 2872 HSFHWAZL - ok
01:07:44.0963 2872 HSF_DPV (ec36f1d542ed4252390d446bf6d4dfd0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS
01:07:44.0978 2872 HSF_DPV - ok
01:07:45.0213 2872 HTTP (3c3cba3ce1a66439a960d4531a167c39) C:\Windows\system32\drivers\HTTP.sys
01:07:45.0213 2872 HTTP - ok
01:07:45.0275 2872 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
01:07:45.0291 2872 i2omp - ok
01:07:45.0369 2872 i8042prt (1c9ee072baa3abb460b91d7ee9152660) C:\Windows\system32\DRIVERS\i8042prt.sys
01:07:45.0400 2872 i8042prt - ok
01:07:45.0650 2872 ialm (496db78e6a0c4c44023d9a92b4a7ac31) C:\Windows\system32\DRIVERS\igdkmd32.sys
01:07:45.0682 2872 ialm - ok
01:07:46.0119 2872 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
01:07:46.0150 2872 iaStorV - ok
01:07:46.0353 2872 idsvc (7b630acaed64fef0c3e1cf255cb56686) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
01:07:46.0385 2872 idsvc - ok
01:07:46.0416 2872 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
01:07:46.0416 2872 iirsp - ok
01:07:46.0494 2872 IKEEXT (35662fe4d8622f667aa5a5568f7f1b40) C:\Windows\System32\ikeext.dll
01:07:46.0510 2872 IKEEXT - ok
01:07:46.0603 2872 intelide (988981c840084f480ba9e3319cebde1b) C:\Windows\system32\drivers\intelide.sys
01:07:46.0603 2872 intelide - ok
01:07:46.0697 2872 intelppm (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys
01:07:46.0697 2872 intelppm - ok
01:07:46.0728 2872 IPBusEnum (88cf5281ed9880d74dc9011cf8b5262d) C:\Windows\system32\ipbusenum.dll
01:07:46.0744 2872 IPBusEnum - ok
01:07:46.0760 2872 IpFilterDriver (880c6f86cc3f551b8fea2c11141268c0) C:\Windows\system32\DRIVERS\ipfltdrv.sys
01:07:46.0760 2872 IpFilterDriver - ok
01:07:46.0822 2872 iphlpsvc (ecc9ad72cfc4ab41cf6a9bcc11f9fef6) C:\Windows\System32\iphlpsvc.dll
01:07:46.0838 2872 iphlpsvc - ok
01:07:46.0838 2872 IpInIp - ok
01:07:46.0869 2872 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
01:07:46.0869 2872 IPMIDRV - ok
01:07:46.0900 2872 IPNAT (10077c35845101548037df04fd1a420b) C:\Windows\system32\DRIVERS\ipnat.sys
01:07:46.0900 2872 IPNAT - ok
01:07:46.0916 2872 IRENUM (a82f328f4792304184642d6d397bb1e3) C:\Windows\system32\drivers\irenum.sys
01:07:46.0916 2872 IRENUM - ok
01:07:46.0947 2872 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
01:07:46.0947 2872 isapnp - ok
01:07:47.0010 2872 iScsiPrt (4dca456d4d5723f8fa9c6760d240b0df) C:\Windows\system32\DRIVERS\msiscsi.sys
01:07:47.0010 2872 iScsiPrt - ok
01:07:47.0025 2872 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
01:07:47.0041 2872 iteatapi - ok
01:07:47.0057 2872 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
01:07:47.0057 2872 iteraid - ok
01:07:47.0088 2872 kbdclass (b076b2ab806b3f696dab21375389101c) C:\Windows\system32\DRIVERS\kbdclass.sys
01:07:47.0088 2872 kbdclass - ok
01:07:47.0166 2872 kbdhid (ed61dbc6603f612b7338283edbacbc4b) C:\Windows\system32\DRIVERS\kbdhid.sys
01:07:47.0166 2872 kbdhid - ok
01:07:47.0291 2872 KeyIso (c731b1fe449d4e9cea358c9d55b69be9) C:\Windows\system32\lsass.exe
01:07:47.0291 2872 KeyIso - ok
01:07:47.0369 2872 KSecDD (0a829977b078dea11641fc2af87ceade) C:\Windows\system32\Drivers\ksecdd.sys
01:07:47.0385 2872 KSecDD - ok
01:07:47.0447 2872 KtmRm (45c537fe5dde9a0146aeff76e615737d) C:\Windows\system32\msdtckrm.dll
01:07:47.0447 2872 KtmRm - ok
01:07:47.0510 2872 LanmanServer (53d1482fc1aa36ac015a85e6cf2146bd) C:\Windows\system32\srvsvc.dll
01:07:47.0510 2872 LanmanServer - ok
01:07:47.0572 2872 LanmanWorkstation (435f0f6dc87a4b5da78f1fa309884189) C:\Windows\System32\wkssvc.dll
01:07:47.0588 2872 LanmanWorkstation - ok
01:07:47.0650 2872 lltdio (fd015b4f95daa2b712f0e372a116fbad) C:\Windows\system32\DRIVERS\lltdio.sys
01:07:47.0650 2872 lltdio - ok
01:07:47.0713 2872 lltdsvc (7450dbcf754391dd6363fffd5ef0e789) C:\Windows\System32\lltdsvc.dll
01:07:47.0713 2872 lltdsvc - ok
01:07:47.0760 2872 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
01:07:47.0775 2872 lmhosts - ok
01:07:47.0807 2872 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
01:07:47.0807 2872 LSI_FC - ok
01:07:47.0885 2872 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
01:07:47.0900 2872 LSI_SAS - ok
01:07:47.0947 2872 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
01:07:47.0947 2872 LSI_SCSI - ok
01:07:47.0978 2872 luafv (42885bb44b6e065b8575a8dd6c430c52) C:\Windows\system32\drivers\luafv.sys
01:07:47.0978 2872 luafv - ok
01:07:48.0041 2872 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\Windows\system32\drivers\mbam.sys
01:07:48.0041 2872 MBAMProtector - ok
01:07:48.0119 2872 MBAMService (056b19651bd7b7ce5f89a3ac46dbdc08) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
01:07:48.0135 2872 MBAMService - ok
01:07:48.0182 2872 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
01:07:48.0182 2872 megasas - ok
01:07:48.0244 2872 MMCSS (9dfa3a459af0954aa85b4f7622ad87bb) C:\Windows\system32\mmcss.dll
01:07:48.0260 2872 MMCSS - ok
01:07:48.0307 2872 Modem (21755967298a46fb6adfec9db6012211) C:\Windows\system32\drivers\modem.sys
01:07:48.0322 2872 Modem - ok
01:07:48.0369 2872 monitor (7446e104a5fe5987ca9e4983fbac4f97) C:\Windows\system32\DRIVERS\monitor.sys
01:07:48.0369 2872 monitor - ok
01:07:48.0463 2872 mouclass (5fba13c1a1841b0885d316ed3589489d) C:\Windows\system32\DRIVERS\mouclass.sys
01:07:48.0463 2872 mouclass - ok
01:07:48.0510 2872 mouhid (b569b5c5d3bde545df3a6af512cccdba) C:\Windows\system32\DRIVERS\mouhid.sys
01:07:48.0525 2872 mouhid - ok
01:07:48.0541 2872 MountMgr (01f1e5a3e4877c931cbb31613fec16a6) C:\Windows\system32\drivers\mountmgr.sys
01:07:48.0541 2872 MountMgr - ok
01:07:48.0572 2872 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
01:07:48.0572 2872 mpio - ok
01:07:48.0619 2872 mpsdrv (6e7a7f0c1193ee5648443fe2d4b789ec) C:\Windows\system32\drivers\mpsdrv.sys
01:07:48.0619 2872 mpsdrv - ok
01:07:48.0666 2872 MpsSvc (563ed845885c6a7c09a7715d8bd0585c) C:\Windows\system32\mpssvc.dll
01:07:48.0682 2872 MpsSvc - ok
01:07:48.0697 2872 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
01:07:48.0713 2872 Mraid35x - ok
01:07:48.0728 2872 MRxDAV (1d8828b98ee309d65e006f0829e280e5) C:\Windows\system32\drivers\mrxdav.sys
01:07:48.0744 2872 MRxDAV - ok
01:07:48.0775 2872 mrxsmb (8af705ce1bb907932157fab821170f27) C:\Windows\system32\DRIVERS\mrxsmb.sys
01:07:48.0791 2872 mrxsmb - ok
01:07:48.0807 2872 mrxsmb10 (47e13ab23371be3279eef22bbfa2c1be) C:\Windows\system32\DRIVERS\mrxsmb10.sys
01:07:48.0807 2872 mrxsmb10 - ok
01:07:48.0838 2872 mrxsmb20 (90b3fc7bd6b3d7ee7635debba2187f66) C:\Windows\system32\DRIVERS\mrxsmb20.sys
01:07:48.0838 2872 mrxsmb20 - ok
01:07:48.0916 2872 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys
01:07:48.0916 2872 msahci - ok
01:07:48.0947 2872 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
01:07:48.0947 2872 msdsm - ok
01:07:49.0025 2872 MSDTC (bc64a92d821efea8bab8e8caf1b668bc) C:\Windows\System32\msdtc.exe
01:07:49.0025 2872 MSDTC - ok
01:07:49.0072 2872 Msfs (729eafefd4e7417165f353a18dbe947d) C:\Windows\system32\drivers\Msfs.sys
01:07:49.0072 2872 Msfs - ok
01:07:49.0088 2872 msisadrv (5f454a16a5146cd91a176d70f0cfa3ec) C:\Windows\system32\drivers\msisadrv.sys
01:07:49.0103 2872 msisadrv - ok
01:07:49.0150 2872 MSiSCSI (8acf956d9154e893e789881430c12632) C:\Windows\system32\iscsiexe.dll
01:07:49.0150 2872 MSiSCSI - ok
01:07:49.0166 2872 msiserver - ok
01:07:49.0213 2872 MSKSSRV (892cedefa7e0ffe7be8da651b651d047) C:\Windows\system32\drivers\MSKSSRV.sys
01:07:49.0213 2872 MSKSSRV - ok
01:07:49.0244 2872 MSPCLOCK (ae2cb1da69b2676b4cee2a501af5871c) C:\Windows\system32\drivers\MSPCLOCK.sys
01:07:49.0244 2872 MSPCLOCK - ok
01:07:49.0260 2872 MSPQM (f910da84fa90c44a3addb7cd874463fd) C:\Windows\system32\drivers\MSPQM.sys
01:07:49.0260 2872 MSPQM - ok
01:07:49.0275 2872 MsRPC (84571c0ae07647ba38d493f5f0015df7) C:\Windows\system32\drivers\MsRPC.sys
01:07:49.0275 2872 MsRPC - ok
01:07:49.0322 2872 mssmbios (4385c80ede885e25492d408cad91bd6f) C:\Windows\system32\DRIVERS\mssmbios.sys
01:07:49.0322 2872 mssmbios - ok
01:07:49.0338 2872 MSTEE (c826dd1373f38afd9ca46ec3c436a14e) C:\Windows\system32\drivers\MSTEE.sys
01:07:49.0353 2872 MSTEE - ok
01:07:49.0385 2872 Mup (fa7aa70050cf5e2d15de00941e5665e5) C:\Windows\system32\Drivers\mup.sys
01:07:49.0385 2872 Mup - ok
01:07:49.0447 2872 napagent (1cdbb5d002fe2bc5300aa20550d8a52e) C:\Windows\system32\qagentRT.dll
01:07:49.0447 2872 napagent - ok
01:07:49.0525 2872 NativeWifiP (6da4a0fc7c0e83df0cb3cfd0a514c3bc) C:\Windows\system32\DRIVERS\nwifi.sys
01:07:49.0525 2872 NativeWifiP - ok
01:07:49.0603 2872 NDIS (227c11e1e7cf6ef8afb2a238d209760c) C:\Windows\system32\drivers\ndis.sys
01:07:49.0603 2872 NDIS - ok
01:07:49.0775 2872 NdisTapi (81659cdcbd0f9a9e07e6878ad8c78d3f) C:\Windows\system32\DRIVERS\ndistapi.sys
01:07:49.0775 2872 NdisTapi - ok
01:07:49.0791 2872 Ndisuio (5de5ee546bf40838ebe0e01cb629df64) C:\Windows\system32\DRIVERS\ndisuio.sys
01:07:49.0791 2872 Ndisuio - ok
01:07:49.0807 2872 NdisWan (397402adcbb8946223a1950101f6cd94) C:\Windows\system32\DRIVERS\ndiswan.sys
01:07:49.0807 2872 NdisWan - ok
01:07:49.0838 2872 NDProxy (1b24fa907af283199a81b3bb37e5e526) C:\Windows\system32\drivers\NDProxy.sys
01:07:49.0838 2872 NDProxy - ok
01:07:49.0853 2872 NetBIOS (356dbb9f98e8dc1028dd3092fceeb877) C:\Windows\system32\DRIVERS\netbios.sys
01:07:49.0853 2872 NetBIOS - ok
01:07:49.0885 2872 netbt (e3a168912e7eefc3bd3b814720d68b41) C:\Windows\system32\DRIVERS\netbt.sys
01:07:49.0885 2872 netbt - ok
01:07:49.0900 2872 Netlogon (c731b1fe449d4e9cea358c9d55b69be9) C:\Windows\system32\lsass.exe
01:07:49.0900 2872 Netlogon - ok
01:07:49.0963 2872 Netman (90a4dae28b94497f83bea0f2a3b77092) C:\Windows\System32\netman.dll
01:07:49.0978 2872 Netman - ok
01:07:50.0041 2872 netprofm (7c5c3d9ceee838856b828ab6f98a2857) C:\Windows\System32\netprofm.dll
01:07:50.0057 2872 netprofm - ok
01:07:50.0150 2872 NetTcpPortSharing (0ad5876ef4e9eb77c8f93eb5b2fff386) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
01:07:50.0166 2872 NetTcpPortSharing - ok
01:07:50.0307 2872 NETw3v32 (a15f219208843a5a210c8cb391384453) C:\Windows\system32\DRIVERS\NETw3v32.sys
01:07:50.0353 2872 NETw3v32 - ok
01:07:50.0525 2872 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
01:07:50.0525 2872 nfrd960 - ok
01:07:50.0619 2872 NlaSvc (c424117a562f2de37a42266894c79aeb) C:\Windows\System32\nlasvc.dll
01:07:50.0619 2872 NlaSvc - ok
01:07:50.0650 2872 Npfs (4f9832beb9fafd8ceb0e541f1323b26e) C:\Windows\system32\drivers\Npfs.sys
01:07:50.0650 2872 Npfs - ok
01:07:50.0713 2872 nsi (23b8201a363de0e649fc75ee9874dee2) C:\Windows\system32\nsisvc.dll
01:07:50.0713 2872 nsi - ok
01:07:50.0744 2872 nsiproxy (b488dfec274de1fc9d653870ef2587be) C:\Windows\system32\drivers\nsiproxy.sys
01:07:50.0744 2872 nsiproxy - ok
01:07:50.0838 2872 Ntfs (37430aa7a66d7a63407adc2c0d05e9f6) C:\Windows\system32\drivers\Ntfs.sys
01:07:50.0869 2872 Ntfs - ok
01:07:50.0900 2872 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
01:07:50.0900 2872 ntrigdigi - ok
01:07:51.0025 2872 Null (ec5efb3c60f1b624648344a328bce596) C:\Windows\system32\drivers\Null.sys
01:07:51.0025 2872 Null - ok
01:07:51.0088 2872 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
01:07:51.0103 2872 nvraid - ok
01:07:51.0119 2872 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
01:07:51.0135 2872 nvstor - ok
01:07:51.0150 2872 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
01:07:51.0166 2872 nv_agp - ok
01:07:51.0166 2872 NwlnkFlt - ok
01:07:51.0197 2872 NwlnkFwd - ok
01:07:51.0228 2872 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\DRIVERS\ohci1394.sys
01:07:51.0228 2872 ohci1394 - ok
01:07:51.0260 2872 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\DRIVERS\parport.sys
01:07:51.0260 2872 Parport - ok
01:07:51.0275 2872 partmgr (555a5b2c8022983bc7467bc925b222ee) C:\Windows\system32\drivers\partmgr.sys
01:07:51.0275 2872 partmgr - ok
01:07:51.0291 2872 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\DRIVERS\parvdm.sys
01:07:51.0307 2872 Parvdm - ok
01:07:51.0338 2872 PcaSvc (d8c5c215c932233a4f1d7f368f4e4e65) C:\Windows\System32\pcasvc.dll
01:07:51.0353 2872 PcaSvc - ok
01:07:51.0369 2872 pci (1085d75657807e0e8b32f9e19a1647c3) C:\Windows\system32\drivers\pci.sys
01:07:51.0369 2872 pci - ok
01:07:51.0400 2872 pciide (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\drivers\pciide.sys
01:07:51.0400 2872 pciide - ok
01:07:51.0447 2872 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\DRIVERS\pcmcia.sys
01:07:51.0447 2872 pcmcia - ok
01:07:51.0525 2872 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
01:07:51.0557 2872 PEAUTH - ok
01:07:51.0728 2872 pla (cd05a38d166beade18030bafc0c0a939) C:\Windows\system32\pla.dll
01:07:51.0775 2872 pla - ok
01:07:51.0869 2872 PlugPlay (747bb4c31f3b6e8d1b5ed0ad61518cb5) C:\Windows\system32\umpnpmgr.dll
01:07:51.0869 2872 PlugPlay - ok
01:07:51.0932 2872 PolicyAgent (5ebdec613bd377ce9a85382be5c6b83b) C:\Windows\System32\ipsecsvc.dll
01:07:51.0947 2872 PolicyAgent - ok
01:07:52.0010 2872 PptpMiniport (6c359ac71d7b550a0d41f9db4563ce05) C:\Windows\system32\DRIVERS\raspptp.sys
01:07:52.0010 2872 PptpMiniport - ok
01:07:52.0057 2872 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
01:07:52.0057 2872 Processor - ok
01:07:52.0166 2872 ProfSvc (213112e152e68f0e4705e36f052a2880) C:\Windows\system32\profsvc.dll
01:07:52.0182 2872 ProfSvc - ok
01:07:52.0260 2872 ProtectedStorage (c731b1fe449d4e9cea358c9d55b69be9) C:\Windows\system32\lsass.exe
01:07:52.0275 2872 ProtectedStorage - ok
01:07:52.0353 2872 PSched (2c8bae55247c4e09352e870292e4d1ab) C:\Windows\system32\DRIVERS\pacer.sys
01:07:52.0369 2872 PSched - ok
01:07:52.0432 2872 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
01:07:52.0463 2872 ql2300 - ok
01:07:52.0541 2872 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
01:07:52.0572 2872 ql40xx - ok
01:07:52.0619 2872 QWAVE (ca61bdfd3713a7ce75f2812afc431594) C:\Windows\system32\qwave.dll
01:07:52.0619 2872 QWAVE - ok
01:07:52.0697 2872 QWAVEdrv (d2b3e2b7426dc23e185fbc73c8936c12) C:\Windows\system32\drivers\qwavedrv.sys
01:07:52.0713 2872 QWAVEdrv - ok
01:07:52.0744 2872 RasAcd (bd7b30f55b3649506dd8b3d38f571d2a) C:\Windows\system32\DRIVERS\rasacd.sys
01:07:52.0744 2872 RasAcd - ok
01:07:52.0791 2872 RasAuto (f14f4aab9f54d099fe99192bdb100ac9) C:\Windows\System32\rasauto.dll
01:07:52.0807 2872 RasAuto - ok
01:07:52.0838 2872 Rasl2tp (88587dd843e2059848995b407b67f6cf) C:\Windows\system32\DRIVERS\rasl2tp.sys
01:07:52.0838 2872 Rasl2tp - ok
01:07:52.0853 2872 RasMan (11d65e29bc9d1e4114d18fe68194394c) C:\Windows\System32\rasmans.dll
01:07:52.0869 2872 RasMan - ok
01:07:52.0885 2872 RasPppoe (ccf4e9c6cbbac81437f88cb2ae0b6c96) C:\Windows\system32\DRIVERS\raspppoe.sys
01:07:52.0885 2872 RasPppoe - ok
01:07:52.0916 2872 rdbss (54129c5d9581bbec8bd1ebd3ba813f47) C:\Windows\system32\DRIVERS\rdbss.sys
01:07:52.0932 2872 rdbss - ok
01:07:52.0963 2872 RDPCDD (794585276b5d7fca9f3fc15543f9f0b9) C:\Windows\system32\DRIVERS\RDPCDD.sys
01:07:52.0963 2872 RDPCDD - ok
01:07:52.0994 2872 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
01:07:53.0010 2872 rdpdr - ok
01:07:53.0025 2872 RDPENCDD (980b56e2e273e19d3a9d72d5c420f008) C:\Windows\system32\drivers\rdpencdd.sys
01:07:53.0025 2872 RDPENCDD - ok
01:07:53.0103 2872 RDPWD (8830e790a74a96605faba74f9665bb3c) C:\Windows\system32\drivers\RDPWD.sys
01:07:53.0119 2872 RDPWD - ok
01:07:53.0182 2872 RemoteAccess (6c1a43c589ee8011a1ebfd51c01b77ce) C:\Windows\System32\mprdim.dll
01:07:53.0197 2872 RemoteAccess - ok
01:07:53.0228 2872 RemoteRegistry (9a043808667c8c1893da7275af373f0e) C:\Windows\system32\regsvc.dll
01:07:53.0244 2872 RemoteRegistry - ok
01:07:53.0307 2872 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
01:07:53.0307 2872 RpcLocator - ok
01:07:53.0416 2872 RpcSs (7b981222a257d076885bffb66f19b7ce) C:\Windows\system32\rpcss.dll
01:07:53.0416 2872 RpcSs - ok
01:07:53.0478 2872 rspndr (97e939d2128fec5d5a3e6e79b290a2f4) C:\Windows\system32\DRIVERS\rspndr.sys
01:07:53.0494 2872 rspndr - ok
01:07:53.0525 2872 SamSs (c731b1fe449d4e9cea358c9d55b69be9) C:\Windows\system32\lsass.exe
01:07:53.0525 2872 SamSs - ok
01:07:53.0557 2872 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
01:07:53.0557 2872 sbp2port - ok
01:07:53.0650 2872 SCardSvr (565b4b9e5ad2f2f18a4f8aafa6c06bbb) C:\Windows\System32\SCardSvr.dll
01:07:53.0650 2872 SCardSvr - ok
01:07:53.0744 2872 Schedule (886cec884b5be29ab9828b8ab46b11f7) C:\Windows\system32\schedsvc.dll
01:07:53.0760 2872 Schedule - ok
01:07:53.0869 2872 SCPolicySvc (0600e04315fe543802a379d5d23c8be0) C:\Windows\System32\certprop.dll
01:07:53.0869 2872 SCPolicySvc - ok
01:07:53.0932 2872 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
01:07:53.0932 2872 secdrv - ok
01:07:53.0947 2872 seclogon (8388c4133ddbe62ad7bc3ec9f14271ed) C:\Windows\system32\seclogon.dll
01:07:53.0963 2872 seclogon - ok
01:07:53.0994 2872 SENS (34350ae2c1d33d21c7305f861bd8dad8) C:\Windows\System32\sens.dll
01:07:53.0994 2872 SENS - ok
01:07:54.0025 2872 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
01:07:54.0025 2872 Serenum - ok
01:07:54.0088 2872 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
01:07:54.0088 2872 Serial - ok
01:07:54.0135 2872 sermouse (450accd77ec5cea720c1cdb9e26b953b) C:\Windows\system32\drivers\sermouse.sys
01:07:54.0150 2872 sermouse - ok
01:07:54.0291 2872 SessionEnv (78878235da4df0d116e86837a0a21df8) C:\Windows\system32\sessenv.dll
01:07:54.0291 2872 SessionEnv - ok
01:07:54.0322 2872 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
01:07:54.0322 2872 sffdisk - ok
01:07:54.0338 2872 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
01:07:54.0353 2872 sffp_mmc - ok
01:07:54.0369 2872 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
01:07:54.0369 2872 sffp_sd - ok
01:07:54.0400 2872 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
01:07:54.0400 2872 sfloppy - ok
01:07:54.0463 2872 SharedAccess (9a82bf4c90b00a63150a606a1e2fd82b) C:\Windows\System32\ipnathlp.dll
01:07:54.0478 2872 SharedAccess - ok
01:07:54.0603 2872 ShellHWDetection (b264dfa21677728613267fe63802b332) C:\Windows\System32\shsvcs.dll
01:07:54.0603 2872 ShellHWDetection - ok
01:07:54.0666 2872 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
01:07:54.0666 2872 sisagp - ok
01:07:54.0697 2872 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
01:07:54.0697 2872 SiSRaid2 - ok
01:07:54.0728 2872 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
01:07:54.0728 2872 SiSRaid4 - ok
01:07:54.0932 2872 slsvc (a1dcd30534835cb67733ad00175125a6) C:\Windows\system32\SLsvc.exe
01:07:55.0010 2872 slsvc - ok
01:07:55.0150 2872 SLUINotify (56da296e7b376a727e7bdc5ac7fbee02) C:\Windows\system32\SLUINotify.dll
01:07:55.0150 2872 SLUINotify - ok
01:07:55.0291 2872 Smb (ac0d90738adb51a6fd12ff00874a2162) C:\Windows\system32\DRIVERS\smb.sys
01:07:55.0291 2872 Smb - ok
01:07:55.0353 2872 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
01:07:55.0353 2872 SNMPTRAP - ok
01:07:55.0385 2872 spldr (426f9b029aa9162ceccf65369457d046) C:\Windows\system32\drivers\spldr.sys
01:07:55.0385 2872 spldr - ok
01:07:55.0416 2872 Spooler (da612ef2556776df2630b68bf2d48935) C:\Windows\System32\spoolsv.exe
01:07:55.0416 2872 Spooler - ok
01:07:55.0478 2872 srv (038579c35f7cad4a4bbf735dbf83277d) C:\Windows\system32\DRIVERS\srv.sys
01:07:55.0478 2872 srv - ok
01:07:55.0525 2872 srv2 (6971a757af8cb5e2cbcbb76cc530db6c) C:\Windows\system32\DRIVERS\srv2.sys
01:07:55.0525 2872 srv2 - ok
01:07:55.0541 2872 srvnet (9e1a4603b874eebce0298113951abefb) C:\Windows\system32\DRIVERS\srvnet.sys
01:07:55.0541 2872 srvnet - ok
01:07:55.0557 2872 SSDPSRV (8d3e4baff8b3997138c38eb1b600519a) C:\Windows\System32\ssdpsrv.dll
01:07:55.0572 2872 SSDPSRV - ok
01:07:55.0666 2872 stisvc (a941e099ef46e3cc12f898cbe1c39910) C:\Windows\System32\wiaservc.dll
01:07:55.0697 2872 stisvc - ok
01:07:55.0807 2872 swenum (1379bdb336f8158c176a465e30759f57) C:\Windows\system32\DRIVERS\swenum.sys
01:07:55.0822 2872 swenum - ok
01:07:55.0900 2872 swprv (749ada8d6c18a08adfede69cbf5db2e0) C:\Windows\System32\swprv.dll
01:07:55.0916 2872 swprv - ok
01:07:55.0932 2872 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
01:07:55.0947 2872 Symc8xx - ok
01:07:55.0963 2872 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
01:07:55.0963 2872 Sym_hi - ok
01:07:55.0994 2872 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
01:07:55.0994 2872 Sym_u3 - ok
01:07:56.0057 2872 SysMain (8f2b5fede18bd3c4c926cbf88e6f1264) C:\Windows\system32\sysmain.dll
01:07:56.0072 2872 SysMain - ok
01:07:56.0135 2872 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
01:07:56.0150 2872 TabletInputService - ok
01:07:56.0182 2872 TapiSrv (ef3dd33c740fc2f82e7e4622f1c49289) C:\Windows\System32\tapisrv.dll
01:07:56.0197 2872 TapiSrv - ok
01:07:56.0213 2872 TBS (68fa52794ae9acc61bde16fe0956b414) C:\Windows\System32\tbssvc.dll
01:07:56.0228 2872 TBS - ok
01:07:56.0338 2872 Tcpip (4a82fa8f0df67aa354580c3faaf8bde3) C:\Windows\system32\drivers\tcpip.sys
01:07:56.0353 2872 Tcpip - ok
01:07:56.0541 2872 Tcpip6 (4a82fa8f0df67aa354580c3faaf8bde3) C:\Windows\system32\DRIVERS\tcpip.sys
01:07:56.0557 2872 Tcpip6 - ok
01:07:56.0619 2872 tcpipreg (5ce0c4a7b12d0067dad527d72b68c726) C:\Windows\system32\drivers\tcpipreg.sys
01:07:56.0619 2872 tcpipreg - ok
01:07:56.0635 2872 TDPIPE (964248aef49c31fa6a93201a73ffaf50) C:\Windows\system32\drivers\tdpipe.sys
01:07:56.0635 2872 TDPIPE - ok
01:07:56.0666 2872 TDTCP (7d2c1ae1648a60fce4aa0f7982e419d3) C:\Windows\system32\drivers\tdtcp.sys
01:07:56.0666 2872 TDTCP - ok
01:07:56.0697 2872 tdx (ab4fde8af4a0270a46a001c08cbce1c2) C:\Windows\system32\DRIVERS\tdx.sys
01:07:56.0697 2872 tdx - ok
01:07:56.0713 2872 TermDD (2c549bd9dd091fbfaa0a2a48e82ec2fb) C:\Windows\system32\DRIVERS\termdd.sys
01:07:56.0728 2872 TermDD - ok
01:07:56.0807 2872 TermService (fad71c1e8e4047b154e899ae31eb8caa) C:\Windows\System32\termsrv.dll
01:07:56.0822 2872 TermService - ok
01:07:56.0885 2872 Themes (b264dfa21677728613267fe63802b332) C:\Windows\system32\shsvcs.dll
01:07:56.0900 2872 Themes - ok
01:07:56.0947 2872 THREADORDER (9dfa3a459af0954aa85b4f7622ad87bb) C:\Windows\system32\mmcss.dll
01:07:56.0963 2872 THREADORDER - ok
01:07:56.0978 2872 TrkWks (6bba0582c0025d43729a1112d3b57897) C:\Windows\System32\trkwks.dll
01:07:56.0994 2872 TrkWks - ok
01:07:57.0088 2872 TrustedInstaller (34e388a395fedba1d0511ed39bbf4074) C:\Windows\servicing\TrustedInstaller.exe
01:07:57.0088 2872 TrustedInstaller - ok
01:07:57.0275 2872 tssecsrv (29f0eca726f0d51f7e048bdb0b372f29) C:\Windows\system32\DRIVERS\tssecsrv.sys
01:07:57.0275 2872 tssecsrv - ok
01:07:57.0338 2872 tunmp (65e953bc0084d44498b51f59784d2a82) C:\Windows\system32\DRIVERS\tunmp.sys
01:07:57.0338 2872 tunmp - ok
01:07:57.0353 2872 tunnel (4a39bda5e0fd30bdf4884f9d33ae6105) C:\Windows\system32\DRIVERS\tunnel.sys
01:07:57.0353 2872 tunnel - ok
01:07:57.0385 2872 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
01:07:57.0385 2872 uagp35 - ok
01:07:57.0416 2872 udfs (6348da98707ceda8a0dfb05820e17732) C:\Windows\system32\DRIVERS\udfs.sys
01:07:57.0416 2872 udfs - ok
01:07:57.0494 2872 UI0Detect (24a333f4f14dcfb6ff6d5a1b9e5d79dd) C:\Windows\system32\UI0Detect.exe
01:07:57.0510 2872 UI0Detect - ok
01:07:57.0525 2872 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
01:07:57.0525 2872 uliagpkx - ok
01:07:57.0572 2872 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
01:07:57.0572 2872 uliahci - ok
01:07:57.0603 2872 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
01:07:57.0619 2872 UlSata - ok
01:07:57.0635 2872 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
01:07:57.0635 2872 ulsata2 - ok
01:07:57.0666 2872 umbus (3fb78f1d1dd86d87bececd9dffa24dd9) C:\Windows\system32\DRIVERS\umbus.sys
01:07:57.0666 2872 umbus - ok
01:07:57.0760 2872 upnphost (8eb871a3deb6b3d5a85eb6ddfc390b59) C:\Windows\System32\upnphost.dll
01:07:57.0775 2872 upnphost - ok
01:07:57.0869 2872 usbccgp (b0ba9caffe9b0555ec0317f30cb79cd2) C:\Windows\system32\DRIVERS\usbccgp.sys
01:07:57.0869 2872 usbccgp - ok
01:07:57.0916 2872 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
01:07:57.0916 2872 usbcir - ok
01:07:57.0947 2872 usbehci (c9fcd05b0a80ea08c2768e5a279b14de) C:\Windows\system32\DRIVERS\usbehci.sys
01:07:57.0947 2872 usbehci - ok
01:07:57.0963 2872 usbhub (5e44f7d957f7560da06bfe6b84b58a35) C:\Windows\system32\DRIVERS\usbhub.sys
01:07:57.0963 2872 usbhub - ok
01:07:57.0994 2872 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
01:07:57.0994 2872 usbohci - ok
01:07:58.0010 2872 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys
01:07:58.0010 2872 usbprint - ok
01:07:58.0072 2872 USBSTOR (7887ce56934e7f104e98c975f47353c5) C:\Windows\system32\DRIVERS\USBSTOR.SYS
01:07:58.0072 2872 USBSTOR - ok
01:07:58.0088 2872 usbuhci (d864735b0bfcb65440960a0b7cc1a38d) C:\Windows\system32\DRIVERS\usbuhci.sys
01:07:58.0103 2872 usbuhci - ok
01:07:58.0150 2872 UxSms (f79d0d7c9004474cb42746d9b2c30a2b) C:\Windows\System32\uxsms.dll
01:07:58.0166 2872 UxSms - ok
01:07:58.0197 2872 vds (c9d0bafee0d0a2681f048ca61bc0da96) C:\Windows\System32\vds.exe
01:07:58.0213 2872 vds - ok
01:07:58.0244 2872 VgaSave (17a8f877314e4067f8c8172cc6d9101c) C:\Windows\System32\drivers\vga.sys
01:07:58.0244 2872 VgaSave - ok
01:07:58.0260 2872 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
01:07:58.0260 2872 viaagp - ok
01:07:58.0291 2872 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
01:07:58.0291 2872 ViaC7 - ok
01:07:58.0463 2872 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
01:07:58.0463 2872 viaide - ok
01:07:58.0525 2872 volmgr (103e84c95832d0ed93507997cc7b54e8) C:\Windows\system32\drivers\volmgr.sys
01:07:58.0525 2872 volmgr - ok
01:07:58.0557 2872 volmgrx (294da8d3f965f6a8db934a83c7b461ff) C:\Windows\system32\drivers\volmgrx.sys
01:07:58.0557 2872 volmgrx - ok
01:07:58.0619 2872 volsnap (80dc0c9bcb579ed9815001a4d37cbfd5) C:\Windows\system32\drivers\volsnap.sys
01:07:58.0619 2872 volsnap - ok
01:07:58.0650 2872 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
01:07:58.0666 2872 vsmraid - ok
01:07:58.0744 2872 VSS (e0e29d9ef2524abd11749c7c2fd7f607) C:\Windows\system32\vssvc.exe
01:07:58.0775 2872 VSS - ok
01:07:58.0853 2872 W32Time (62b0d0f6f5580d9d0dfa5e0b466ff2ed) C:\Windows\system32\w32time.dll
01:07:58.0869 2872 W32Time - ok
01:07:58.0947 2872 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
01:07:58.0947 2872 WacomPen - ok
01:07:59.0010 2872 Wanarp (6798c1209a53b5a0ded8d437c45145ff) C:\Windows\system32\DRIVERS\wanarp.sys
01:07:59.0010 2872 Wanarp - ok
01:07:59.0025 2872 Wanarpv6 (6798c1209a53b5a0ded8d437c45145ff) C:\Windows\system32\DRIVERS\wanarp.sys
01:07:59.0025 2872 Wanarpv6 - ok
01:07:59.0057 2872 wcncsvc (c1b19162e0509ceab4cdf664e139d956) C:\Windows\System32\wcncsvc.dll
01:07:59.0057 2872 wcncsvc - ok
01:07:59.0088 2872 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
01:07:59.0088 2872 WcsPlugInService - ok
01:07:59.0135 2872 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
01:07:59.0135 2872 Wd - ok
01:07:59.0213 2872 Wdf01000 (7b5f66e4a2219c7d9daf9e738480e534) C:\Windows\system32\drivers\Wdf01000.sys
01:07:59.0228 2872 Wdf01000 - ok
01:07:59.0291 2872 WdiServiceHost (2a424b89b14ef17a3d06bcb5a8f79601) C:\Windows\system32\wdi.dll
01:07:59.0307 2872 WdiServiceHost - ok
01:07:59.0307 2872 WdiSystemHost (2a424b89b14ef17a3d06bcb5a8f79601) C:\Windows\system32\wdi.dll
01:07:59.0322 2872 WdiSystemHost - ok
01:07:59.0385 2872 WebClient (01e41c264eedcb827820a1909162579f) C:\Windows\System32\webclnt.dll
01:07:59.0400 2872 WebClient - ok
01:07:59.0447 2872 Wecsvc (9cf67ff7f8d34cbf115d0c278b9f74aa) C:\Windows\system32\wecsvc.dll
01:07:59.0447 2872 Wecsvc - ok
01:07:59.0541 2872 wercplsupport (b68cab45db1dab59d92acadfad6364a8) C:\Windows\System32\wercplsupport.dll
01:07:59.0541 2872 wercplsupport - ok
01:07:59.0557 2872 WerSvc (36ba0707680ef4236fd752bee982cc25) C:\Windows\System32\WerSvc.dll
01:07:59.0572 2872 WerSvc - ok
01:07:59.0682 2872 winachsf (5c7bdcf5864db00323fe2d90fa26a8a2) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
01:07:59.0697 2872 winachsf - ok
01:07:59.0775 2872 WinDefend (0d5ad0e71ff5ddac5dd2f443b499abd0) C:\Program Files\Windows Defender\mpsvc.dll
01:07:59.0791 2872 WinDefend - ok
01:07:59.0807 2872 WinHttpAutoProxySvc - ok
01:07:59.0947 2872 Winmgmt (38a7b89de4e3417c122317949667fdd8) C:\Windows\system32\wbem\WMIsvc.dll
01:07:59.0947 2872 Winmgmt - ok
01:08:00.0057 2872 WinRM (3f6823040030c3e4da1cf11cd40b7534) C:\Windows\system32\WsmSvc.dll
01:08:00.0072 2872 WinRM - ok
01:08:00.0182 2872 Wlansvc (7640acea41348bfef34b76e245501261) C:\Windows\System32\wlansvc.dll
01:08:00.0197 2872 Wlansvc - ok
01:08:00.0322 2872 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
01:08:00.0322 2872 WmiAcpi - ok
01:08:00.0353 2872 wmiApSrv (a279323bee5fffafda222910bce92132) C:\Windows\system32\wbem\WmiApSrv.exe
01:08:00.0353 2872 wmiApSrv - ok
01:08:00.0385 2872 WPCSvc (3d3b3b80c12abe506f56930c46422c28) C:\Windows\System32\wpcsvc.dll
01:08:00.0400 2872 WPCSvc - ok
01:08:00.0432 2872 WPDBusEnum (c24844a1d0d9528b19d5bc266b8cd572) C:\Windows\system32\wpdbusenum.dll
01:08:00.0447 2872 WPDBusEnum - ok
01:08:00.0478 2872 ws2ifsl (84620aecdcfd2a7a14e6263927d8c0ed) C:\Windows\system32\drivers\ws2ifsl.sys
01:08:00.0478 2872 ws2ifsl - ok
01:08:00.0572 2872 wscsvc (f97cbb919af6d0a6643d1a59c15014d1) C:\Windows\System32\wscsvc.dll
01:08:00.0572 2872 wscsvc - ok
01:08:00.0588 2872 WSearch - ok
01:08:00.0744 2872 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
01:08:00.0807 2872 wuauserv - ok
01:08:00.0916 2872 WUDFRd (a2aafcc8a204736296d937c7c545b53f) C:\Windows\system32\DRIVERS\WUDFRd.sys
01:08:00.0916 2872 WUDFRd - ok
01:08:00.0947 2872 wudfsvc (db5bf5aab72b1b99b5331231d09ebb26) C:\Windows\System32\WUDFSvc.dll
01:08:00.0947 2872 wudfsvc - ok
01:08:01.0041 2872 yukonwlh (7d1f3b131d503ef43ee594b5a2b9b427) C:\Windows\system32\DRIVERS\yk60x86.sys
01:08:01.0057 2872 yukonwlh - ok
01:08:01.0103 2872 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
01:08:01.0150 2872 \Device\Harddisk0\DR0 - ok
01:08:01.0150 2872 Boot (0x1200) (134a90992882132c9206ebff5aa9e3d8) \Device\Harddisk0\DR0\Partition0
01:08:01.0166 2872 \Device\Harddisk0\DR0\Partition0 - ok
01:08:01.0166 2872 ============================================================
01:08:01.0166 2872 Scan finished
01:08:01.0166 2872 ============================================================
01:08:01.0182 1488 Detected object count: 0
01:08:01.0182 1488 Actual detected object count: 0
01:08:47.0119 0396 Deinitialize success

Edited by tyromaniac, 25 March 2012 - 12:12 AM.


#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:43 PM

Posted 25 March 2012 - 08:57 AM

Waiting for GMER log :thumbup2:

#7 tyromaniac

tyromaniac
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:07:43 PM

Posted 01 April 2012 - 06:59 AM

It doesn't look lile I'm going to be able to restore my XP OS. Here's the log run from Vista. I don't know what happened to the first one, then every time I set up scan to run overnight, Bill Gates restarted my system and clobbered the log.

Malwarebytes Anti-Malware (Trial) 1.60.1.1000
www.malwarebytes.org

Database version: v2012.03.31.14

Windows Vista x86 NTFS
Internet Explorer 7.0.6000.16982
Gary :: GARY-PC [administrator]

Protection: Enabled

3/31/2012 9:53:50 PM
mbam-log-2012-03-31 (21-53-50).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 688951
Time elapsed: 2 hour(s), 31 minute(s), 52 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:43 PM

Posted 01 April 2012 - 08:45 AM

Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply


Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

#9 tyromaniac

tyromaniac
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:07:43 PM

Posted 08 April 2012 - 07:30 AM

eset found no infected files and gave no "list" option

MiniToolBox by Farbar Version: 18-01-2012
Ran by Gary (administrator) on 08-04-2012 at 08:26:19
Microsoft® Windows Vista™ Starter (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================

Intel® PRO/Wireless 3945ABG Network Connection = Wireless Network Connection (Connected)
Marvell Yukon 88E8036 PCI-E Fast Ethernet Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set interface luid=loopback_0 forwarding=disabled advertise=disabled mtu=0 metric=0 metric=0 nud=disabled basereachabletime=0 retransmittime=0 routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled
set interface luid=ethernet_1 forwarding=disabled advertise=disabled mtu=0 metric=0 metric=0 nud=disabled basereachabletime=0 retransmittime=0 routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled
set interface luid=ethernet_4 forwarding=disabled advertise=disabled mtu=0 metric=0 metric=0 nud=disabled basereachabletime=0 retransmittime=0 routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled
set interface luid=wireless_0 forwarding=disabled advertise=disabled mtu=0 metric=0 metric=0 nud=disabled basereachabletime=0 retransmittime=0 routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Gary-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® PRO/Wireless 3945ABG Network Connection
Physical Address. . . . . . . . . : 00-18-DE-45-DD-31
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::194:2dd0:ce5f:e0b9%9(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.109(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Sunday, April 08, 2012 3:58:25 AM
Lease Expires . . . . . . . . . . : Monday, April 09, 2012 3:58:23 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 151001310
DNS Servers . . . . . . . . . . . : 167.206.245.130
167.206.245.129
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Marvell Yukon 88E8036 PCI-E Fast Ethernet Controller
Physical Address. . . . . . . . . : 00-13-A9-7D-96-98
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 6:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{E4595146-54C9-4F86-9DF5-3A0CAE645C4C}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 8:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{FB4BA686-9AE8-493D-8B92-4A8B36E88AD1}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::5efe:192.168.1.109%11(Preferred)
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 167.206.245.130
167.206.245.129
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 9:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:2059:296c:3f57:fe92(Preferred)
Link-local IPv6 Address . . . . . : fe80::2059:296c:3f57:fe92%12(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: vdns2.srv.prnynj.cv.net
Address: 167.206.245.130:53

Name: google.com
Addresses: 173.194.43.7, 173.194.43.1, 173.194.43.6, 173.194.43.4
173.194.43.3, 173.194.43.9, 173.194.43.8, 173.194.43.0, 173.194.43.14
173.194.43.2, 173.194.43.5



Pinging google.com [173.194.43.7] with 32 bytes of data:



Reply from 173.194.43.7: bytes=32 time=11ms TTL=55

Reply from 173.194.43.7: bytes=32 time=13ms TTL=55



Ping statistics for 173.194.43.7:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 11ms, Maximum = 13ms, Average = 12ms

Server: vdns2.srv.prnynj.cv.net
Address: 167.206.245.130:53

Name: yahoo.com
Addresses: 72.30.38.140, 98.139.183.24, 209.191.122.70



Pinging yahoo.com [209.191.122.70] with 32 bytes of data:



Reply from 209.191.122.70: bytes=32 time=73ms TTL=51

Reply from 209.191.122.70: bytes=32 time=62ms TTL=52



Ping statistics for 209.191.122.70:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 62ms, Maximum = 73ms, Average = 67ms

Server: vdns2.srv.prnynj.cv.net
Address: 167.206.245.130:53

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:



Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time=2ms TTL=128

Reply from 127.0.0.1: bytes=32 time=2ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 2ms, Maximum = 2ms, Average = 2ms

===========================================================================
Interface List
9 ...00 18 de 45 dd 31 ...... Intel® PRO/Wireless 3945ABG Network Connection
8 ...00 13 a9 7d 96 98 ...... Marvell Yukon 88E8036 PCI-E Fast Ethernet Controller
1 ........................... Software Loopback Interface 1
10 ...00 00 00 00 00 00 00 e0 isatap.{E4595146-54C9-4F86-9DF5-3A0CAE645C4C}
11 ...00 00 00 00 00 00 00 e0 isatap.{FB4BA686-9AE8-493D-8B92-4A8B36E88AD1}
12 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.109 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.109 281
192.168.1.109 255.255.255.255 On-link 192.168.1.109 281
192.168.1.255 255.255.255.255 On-link 192.168.1.109 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.109 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.109 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
12 18 ::/0 On-link
1 306 ::1/128 On-link
12 18 2001::/32 On-link
12 266 2001:0:4137:9e76:2059:296c:3f57:fe92/128
On-link
9 281 fe80::/64 On-link
12 266 fe80::/64 On-link
11 286 fe80::5efe:192.168.1.109/128
On-link
9 281 fe80::194:2dd0:ce5f:e0b9/128
On-link
12 266 fe80::2059:296c:3f57:fe92/128
On-link
1 306 ff00::/8 On-link
12 266 ff00::/8 On-link
9 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\mswsock.dll [227328] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (04/08/2012 01:43:32 AM) (Source: Application Hang) (User: )
Description: The program PokerClient.exe version 2.0.1.4376 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: ee8
Start Time: 01cd1545861453de
Termination Time: 631

Error: (03/27/2012 11:38:22 PM) (Source: EventSystem) (User: )
Description: 80070005EventSystem.EventSubscription{A81506CD-72F4-4870-BDA3-83E487105FD5}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}

Error: (03/27/2012 11:16:14 PM) (Source: Perflib) (User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll4

Error: (03/24/2012 01:08:56 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 7.0.6000.16982 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: 774
Start Time: 01cd09c9e5679fee
Termination Time: 1344

Error: (03/23/2012 09:10:52 PM) (Source: ESENT) (User: )
Description: WinMail (3960) WindowsMail0: The backup has been stopped because it was halted by the client or the connection with the client failed.

Error: (03/18/2012 08:48:26 AM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Failed to compile: System.WorkflowServices, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35 . Error code = 0x80131522

Error: (03/18/2012 08:48:01 AM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Failed to compile: System.Web.Extensions.Design, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35 . Error code = 0x80131522

Error: (03/18/2012 08:47:19 AM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Failed to compile: System.ServiceModel.Web, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35 . Error code = 0x80131522

Error: (03/18/2012 08:46:40 AM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Failed to compile: System.Data.Services, Version=3.5.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x80131522

Error: (03/18/2012 05:51:54 AM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 7.0.6000.16386 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: a38
Start Time: 01cd04ea2034fe6f
Termination Time: 0


System errors:
=============
Error: (04/08/2012 03:58:58 AM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (04/08/2012 00:26:59 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: SYSTEM)
Description: 0x80242016Security Update for Windows Vista (KB972270){768796FB-BA0F-4F2D-8D31-D491177896D1}105

Error: (04/08/2012 00:24:56 AM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (04/01/2012 03:06:50 AM) (Source: DCOM) (User: )
Description: {752073A1-23F2-4396-85F0-8FDB879ED0ED}

Error: (03/31/2012 08:54:22 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: SYSTEM)
Description: 0x80070103Microsoft - Other hardware - HID Non-User Input Data Filter (KB 911895){C946D56F-C13B-4183-879C-8A67B01FE80A}101

Error: (03/31/2012 08:54:22 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: SYSTEM)
Description: 0x80070103Microsoft - Other hardware - HID Non-User Input Data Filter (KB 911895){5B03B16A-80AA-4D0A-9A1C-6F9466B7CD9A}101

Error: (03/31/2012 08:44:51 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (03/28/2012 03:02:15 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: SYSTEM)
Description: 0x80070103Microsoft - Other hardware - HID Non-User Input Data Filter (KB 911895){C946D56F-C13B-4183-879C-8A67B01FE80A}101

Error: (03/28/2012 03:02:15 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: SYSTEM)
Description: 0x80070103Microsoft - Other hardware - HID Non-User Input Data Filter (KB 911895){5B03B16A-80AA-4D0A-9A1C-6F9466B7CD9A}101

Error: (03/27/2012 08:42:36 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058


Microsoft Office Sessions:
=========================
Error: (04/08/2012 01:43:32 AM) (Source: Application Hang)(User: )
Description: PokerClient.exe2.0.1.4376ee801cd1545861453de631

Error: (03/27/2012 11:38:22 PM) (Source: EventSystem)(User: )
Description: 80070005EventSystem.EventSubscription{A81506CD-72F4-4870-BDA3-83E487105FD5}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}

Error: (03/27/2012 11:16:14 PM) (Source: Perflib)(User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll4

Error: (03/24/2012 01:08:56 PM) (Source: Application Hang)(User: )
Description: iexplore.exe7.0.6000.1698277401cd09c9e5679fee1344

Error: (03/23/2012 09:10:52 PM) (Source: ESENT)(User: )
Description: WinMail3960WindowsMail0:

Error: (03/18/2012 08:48:26 AM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Failed to compile: System.WorkflowServices, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35 . Error code = 0x80131522
System.WorkflowServices, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35

Error: (03/18/2012 08:48:01 AM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Failed to compile: System.Web.Extensions.Design, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35 . Error code = 0x80131522
System.Web.Extensions.Design, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35

Error: (03/18/2012 08:47:19 AM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Failed to compile: System.ServiceModel.Web, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35 . Error code = 0x80131522
System.ServiceModel.Web, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35

Error: (03/18/2012 08:46:40 AM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Failed to compile: System.Data.Services, Version=3.5.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x80131522
System.Data.Services, Version=3.5.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089

Error: (03/18/2012 05:51:54 AM) (Source: Application Hang)(User: )
Description: iexplore.exe7.0.6000.16386a3801cd04ea2034fe6f0


=========================== Installed Programs ============================

Adobe Flash Player 11 ActiveX (Version: 11.2.202.228)
Cake Poker 2.0 (Version: 2.0.1.4376)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 31 (Version: 6.0.310)
Malwarebytes Anti-Malware version 1.60.1.1000 (Version: 1.60.1.1000)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)

========================= Memory info: ===================================

Percentage of memory in use: 69%
Total physical RAM: 1013.56 MB
Available physical RAM: 309.91 MB
Total Pagefile: 2280.25 MB
Available Pagefile: 1256.34 MB
Total Virtual: 2047.88 MB
Available Virtual: 1972.95 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:69.07 GB) (Free:13.24 GB) NTFS

========================= Users: ========================================

User accounts for \\GARY-PC

Administrator Gary Guest


**** End of log ****

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:43 PM

Posted 08 April 2012 - 08:40 AM

That looks good

Download

TFC


Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp


Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#11 tyromaniac

tyromaniac
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:07:43 PM

Posted 08 April 2012 - 06:47 PM

thank you.

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:43 PM

Posted 08 April 2012 - 07:15 PM

You're welcome :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users