Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Search Engine Results Redirection


  • Please log in to reply
10 replies to this topic

#1 Dean2012

Dean2012

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:02:05 AM

Posted 08 May 2012 - 11:18 AM

Hello,

My research indicated that many people have this problem. I have someone with it also.

The user clicked on a BBB attachment and got a load of trouble. I've been able to clean up all the scareware, fake alerts and various other trojans. Computer runs fine except for those search results. Here is a brief rundown of what I have done and observed so far.

All network settings and hosts files are good. Ran a Winsock repair and its fine.

If I run Fiddler in the background search results are normal! (it seems Fiddler captures the packets before the virus can)

Mbam comes up clean

Every day I run SAS it detects and repairs Trojan.RootKit/Gen. Here are some snippets of this repair from Friday, Monday and Today:

Trojan.RootKit/Gen
C:\WINDOWS\SYSTEM32\DRIVERS\D59F4E1330002204.SYS


Trojan.RootKit/Gen
HKLM\system\controlset001\services\d59f4e1330002204
C:\WINDOWS\SYSTEM32\DRIVERS\D59F4E1330002204.SYS
HKLM\system\controlset002\services\d59f4e1330002204


Trojan.RootKit/Gen
C:\WINDOWS\SYSTEM32\DRIVERS\D59F4E1330002204.SYS


I had previously deleted and disable System Restore

I am unable to run TDSS killer in safe mode or normal mode -- even afer renaming it to all sorts of things (following rkill examples).

I don't see any traces of TDSS, Alureon, or TDL3 in file system or registry


Any other tools?? What else can I look for?



Thanks!








BC AdBot (Login to Remove)

 


#2 Dean2012

Dean2012
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:02:05 AM

Posted 08 May 2012 - 11:35 AM

Update - the SAS issue was a false alarm. D59F4E1330002204.SYS was not being deleted. I deleted it myself from WinPXE and still getting search result redirection

#3 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:05 AM

Posted 08 May 2012 - 12:33 PM

Download

FIXTDSS

Launch it ,It may ask for restart,reboot the PC

On reboot,click on REPAIR

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Note:Choose the default option for scan results unless instructed

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

#4 Dean2012

Dean2012
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:02:05 AM

Posted 08 May 2012 - 05:07 PM

FixTDSS did the job. I had no idea it was the MBR that was infected

Thanks a bunch!

#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:05 AM

Posted 08 May 2012 - 08:57 PM

Grt!!!

Please post the logs to make sure system is clean

good luck

#6 Dean2012

Dean2012
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:02:05 AM

Posted 09 May 2012 - 10:54 AM

More info: I am also able to remote into computer with Logmein. The PC would reboot upon connecting when infected (another symptom)


I was able to run TDSSKiller this time. Here is that log and the AVAST log. Is that what you wanted?


TDSSKiller
08:14:52.0898 3484 TDSS rootkit removing tool 2.7.34.0 May 2 2012 09:59:18
08:14:53.0350 3484 ============================================================
08:14:53.0350 3484 Current date / time: 2012/05/09 08:14:53.0350
08:14:53.0350 3484 SystemInfo:
08:14:53.0350 3484
08:14:53.0350 3484 OS Version: 6.1.7601 ServicePack: 1.0
08:14:53.0350 3484 Product type: Workstation
08:14:53.0350 3484 ComputerName: SM-FRONT-1
08:14:53.0350 3484 UserName: moliveira
08:14:53.0350 3484 Windows directory: C:\Windows
08:14:53.0350 3484 System windows directory: C:\Windows
08:14:53.0350 3484 Processor architecture: Intel x86
08:14:53.0350 3484 Number of processors: 2
08:14:53.0350 3484 Page size: 0x1000
08:14:53.0350 3484 Boot type: Normal boot
08:14:53.0350 3484 ============================================================
08:14:54.0520 3484 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
08:14:54.0520 3484 ============================================================
08:14:54.0520 3484 \Device\Harddisk0\DR0:
08:14:54.0520 3484 MBR partitions:
08:14:54.0520 3484 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3FF800
08:14:54.0520 3484 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x400000, BlocksNum 0x391E4000
08:14:54.0520 3484 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x395E4000, BlocksNum 0xD9D000
08:14:54.0520 3484 ============================================================
08:14:54.0536 3484 C: <-> \Device\Harddisk0\DR0\Partition1
08:14:54.0661 3484 D: <-> \Device\Harddisk0\DR0\Partition2
08:14:54.0661 3484 ============================================================
08:14:54.0661 3484 Initialize success
08:14:54.0661 3484 ============================================================
08:14:58.0904 2788 ============================================================
08:14:58.0904 2788 Scan started
08:14:58.0904 2788 Mode: Manual;
08:14:58.0904 2788 ============================================================
08:14:59.0637 2788 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
08:14:59.0637 2788 !SASCORE - ok
08:14:59.0793 2788 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
08:14:59.0793 2788 1394ohci - ok
08:14:59.0871 2788 a4wnetMgrService (c48a84202213924bbe630906e6c34a38) C:\Program Files\Common Files\Sage\Sage Accpac\a4wnetMgrService.exe
08:14:59.0871 2788 a4wnetMgrService - ok
08:14:59.0933 2788 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
08:14:59.0949 2788 ACPI - ok
08:14:59.0965 2788 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
08:14:59.0980 2788 AcpiPmi - ok
08:15:00.0074 2788 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
08:15:00.0074 2788 AdobeARMservice - ok
08:15:00.0121 2788 AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
08:15:00.0121 2788 AdobeFlashPlayerUpdateSvc - ok
08:15:00.0152 2788 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
08:15:00.0152 2788 adp94xx - ok
08:15:00.0167 2788 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
08:15:00.0167 2788 adpahci - ok
08:15:00.0183 2788 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
08:15:00.0183 2788 adpu320 - ok
08:15:00.0214 2788 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
08:15:00.0214 2788 AeLookupSvc - ok
08:15:00.0245 2788 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
08:15:00.0245 2788 AFD - ok
08:15:00.0261 2788 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
08:15:00.0261 2788 agp440 - ok
08:15:00.0308 2788 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
08:15:00.0308 2788 aic78xx - ok
08:15:00.0339 2788 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
08:15:00.0339 2788 ALG - ok
08:15:00.0355 2788 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
08:15:00.0355 2788 aliide - ok
08:15:00.0386 2788 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
08:15:00.0386 2788 amdagp - ok
08:15:00.0386 2788 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
08:15:00.0386 2788 amdide - ok
08:15:00.0417 2788 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
08:15:00.0417 2788 AmdK8 - ok
08:15:00.0433 2788 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
08:15:00.0433 2788 AmdPPM - ok
08:15:00.0448 2788 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
08:15:00.0448 2788 amdsata - ok
08:15:00.0464 2788 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
08:15:00.0479 2788 amdsbs - ok
08:15:00.0495 2788 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
08:15:00.0495 2788 amdxata - ok
08:15:00.0526 2788 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
08:15:00.0526 2788 AppID - ok
08:15:00.0557 2788 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
08:15:00.0557 2788 AppIDSvc - ok
08:15:00.0573 2788 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
08:15:00.0573 2788 Appinfo - ok
08:15:00.0620 2788 AppMgmt (a45d184df6a8803da13a0b329517a64a) C:\Windows\System32\appmgmts.dll
08:15:00.0635 2788 AppMgmt - ok
08:15:00.0667 2788 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
08:15:00.0667 2788 arc - ok
08:15:00.0682 2788 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
08:15:00.0682 2788 arcsas - ok
08:15:00.0698 2788 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
08:15:00.0698 2788 AsyncMac - ok
08:15:00.0713 2788 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
08:15:00.0713 2788 atapi - ok
08:15:00.0760 2788 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
08:15:00.0776 2788 AudioEndpointBuilder - ok
08:15:00.0791 2788 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
08:15:00.0791 2788 Audiosrv - ok
08:15:00.0823 2788 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
08:15:00.0838 2788 AxInstSV - ok
08:15:00.0885 2788 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
08:15:00.0901 2788 b06bdrv - ok
08:15:00.0963 2788 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
08:15:00.0979 2788 b57nd60x - ok
08:15:01.0025 2788 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
08:15:01.0025 2788 BDESVC - ok
08:15:01.0041 2788 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
08:15:01.0041 2788 Beep - ok
08:15:01.0088 2788 BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll
08:15:01.0103 2788 BFE - ok
08:15:01.0166 2788 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\System32\qmgr.dll
08:15:01.0197 2788 BITS - ok
08:15:01.0213 2788 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
08:15:01.0213 2788 blbdrive - ok
08:15:01.0244 2788 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
08:15:01.0244 2788 bowser - ok
08:15:01.0275 2788 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
08:15:01.0275 2788 BrFiltLo - ok
08:15:01.0275 2788 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
08:15:01.0291 2788 BrFiltUp - ok
08:15:01.0306 2788 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
08:15:01.0306 2788 Browser - ok
08:15:01.0337 2788 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
08:15:01.0337 2788 Brserid - ok
08:15:01.0353 2788 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
08:15:01.0353 2788 BrSerWdm - ok
08:15:01.0353 2788 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
08:15:01.0353 2788 BrUsbMdm - ok
08:15:01.0369 2788 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
08:15:01.0369 2788 BrUsbSer - ok
08:15:01.0369 2788 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
08:15:01.0369 2788 BTHMODEM - ok
08:15:01.0400 2788 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
08:15:01.0400 2788 bthserv - ok
08:15:01.0415 2788 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
08:15:01.0415 2788 cdfs - ok
08:15:01.0478 2788 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\drivers\cdrom.sys
08:15:01.0493 2788 cdrom - ok
08:15:01.0556 2788 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
08:15:01.0556 2788 CertPropSvc - ok
08:15:01.0571 2788 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
08:15:01.0571 2788 circlass - ok
08:15:01.0618 2788 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
08:15:01.0618 2788 CLFS - ok
08:15:01.0681 2788 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:15:01.0681 2788 clr_optimization_v2.0.50727_32 - ok
08:15:01.0727 2788 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:15:01.0743 2788 clr_optimization_v4.0.30319_32 - ok
08:15:01.0759 2788 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
08:15:01.0759 2788 CmBatt - ok
08:15:01.0774 2788 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
08:15:01.0790 2788 cmdide - ok
08:15:01.0821 2788 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
08:15:01.0821 2788 CNG - ok
08:15:01.0837 2788 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
08:15:01.0837 2788 Compbatt - ok
08:15:01.0868 2788 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
08:15:01.0868 2788 CompositeBus - ok
08:15:01.0899 2788 COMSysApp - ok
08:15:01.0899 2788 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
08:15:01.0899 2788 crcdisk - ok
08:15:01.0946 2788 CryptSvc (a585bebf7d054bd9618eda0922d5484a) C:\Windows\system32\cryptsvc.dll
08:15:01.0961 2788 CryptSvc - ok
08:15:01.0977 2788 CSC (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys
08:15:01.0977 2788 CSC - ok
08:15:02.0008 2788 CscService (15f93b37f6801943360d9eb42485d5d3) C:\Windows\System32\cscsvc.dll
08:15:02.0008 2788 CscService - ok
08:15:02.0024 2788 d59f4e1330002204 - ok
08:15:02.0071 2788 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
08:15:02.0071 2788 DcomLaunch - ok
08:15:02.0133 2788 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
08:15:02.0149 2788 defragsvc - ok
08:15:02.0195 2788 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
08:15:02.0195 2788 DfsC - ok
08:15:02.0258 2788 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
08:15:02.0273 2788 Dhcp - ok
08:15:02.0289 2788 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
08:15:02.0289 2788 discache - ok
08:15:02.0336 2788 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
08:15:02.0336 2788 Disk - ok
08:15:02.0367 2788 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
08:15:02.0367 2788 Dnscache - ok
08:15:02.0398 2788 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
08:15:02.0414 2788 dot3svc - ok
08:15:02.0429 2788 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
08:15:02.0429 2788 DPS - ok
08:15:02.0461 2788 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
08:15:02.0523 2788 drmkaud - ok
08:15:02.0804 2788 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
08:15:02.0819 2788 DXGKrnl - ok
08:15:02.0882 2788 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
08:15:02.0882 2788 EapHost - ok
08:15:03.0131 2788 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
08:15:03.0194 2788 ebdrv - ok
08:15:03.0287 2788 EFS (f42309c4191c506b71db5d1126d26318) C:\Windows\System32\lsass.exe
08:15:03.0287 2788 EFS - ok
08:15:03.0365 2788 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe
08:15:03.0381 2788 ehRecvr - ok
08:15:03.0412 2788 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
08:15:03.0428 2788 ehSched - ok
08:15:03.0490 2788 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
08:15:03.0506 2788 elxstor - ok
08:15:03.0537 2788 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
08:15:03.0537 2788 ErrDev - ok
08:15:03.0599 2788 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
08:15:03.0599 2788 EventSystem - ok
08:15:03.0631 2788 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
08:15:03.0631 2788 exfat - ok
08:15:03.0646 2788 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
08:15:03.0662 2788 fastfat - ok
08:15:03.0724 2788 Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
08:15:03.0724 2788 Fax - ok
08:15:03.0724 2788 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
08:15:03.0724 2788 fdc - ok
08:15:03.0755 2788 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
08:15:03.0755 2788 fdPHost - ok
08:15:03.0771 2788 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
08:15:03.0771 2788 FDResPub - ok
08:15:03.0787 2788 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
08:15:03.0787 2788 FileInfo - ok
08:15:03.0802 2788 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
08:15:03.0802 2788 Filetrace - ok
08:15:03.0802 2788 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
08:15:03.0802 2788 flpydisk - ok
08:15:03.0833 2788 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
08:15:03.0833 2788 FltMgr - ok
08:15:03.0880 2788 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll
08:15:03.0880 2788 FontCache - ok
08:15:03.0943 2788 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
08:15:03.0943 2788 FontCache3.0.0.0 - ok
08:15:03.0958 2788 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
08:15:03.0958 2788 FsDepends - ok
08:15:03.0989 2788 fssfltr (d909075fa72c090f27aa926c32cb4612) C:\Windows\system32\DRIVERS\fssfltr.sys
08:15:03.0989 2788 fssfltr - ok
08:15:04.0083 2788 fsssvc (4ce9dac1518ff7e77bd213e6394b9d77) C:\Program Files\Windows Live\Family Safety\fsssvc.exe
08:15:04.0130 2788 fsssvc - ok
08:15:04.0177 2788 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
08:15:04.0177 2788 Fs_Rec - ok
08:15:04.0208 2788 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
08:15:04.0208 2788 fvevol - ok
08:15:04.0223 2788 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
08:15:04.0223 2788 gagp30kx - ok
08:15:04.0270 2788 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
08:15:04.0270 2788 gpsvc - ok
08:15:04.0270 2788 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
08:15:04.0286 2788 hcw85cir - ok
08:15:04.0348 2788 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
08:15:04.0348 2788 HdAudAddService - ok
08:15:04.0379 2788 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
08:15:04.0379 2788 HDAudBus - ok
08:15:04.0379 2788 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
08:15:04.0379 2788 HidBatt - ok
08:15:04.0395 2788 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
08:15:04.0395 2788 HidBth - ok
08:15:04.0411 2788 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
08:15:04.0411 2788 HidIr - ok
08:15:04.0442 2788 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll
08:15:04.0442 2788 hidserv - ok
08:15:04.0457 2788 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\drivers\hidusb.sys
08:15:04.0457 2788 HidUsb - ok
08:15:04.0489 2788 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
08:15:04.0489 2788 hkmsvc - ok
08:15:04.0520 2788 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
08:15:04.0520 2788 HomeGroupListener - ok
08:15:04.0535 2788 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
08:15:04.0535 2788 HomeGroupProvider - ok
08:15:04.0676 2788 HP Health Check Service (00b239202f7756695c8ccdf8bafa7d3d) C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
08:15:04.0676 2788 HP Health Check Service - ok
08:15:04.0723 2788 hpqwmiex (fdf273a845f1ffcceadf363aaf47582f) C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
08:15:04.0723 2788 hpqwmiex - ok
08:15:04.0754 2788 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
08:15:04.0754 2788 HpSAMD - ok
08:15:04.0801 2788 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
08:15:04.0801 2788 HTTP - ok
08:15:04.0832 2788 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
08:15:04.0832 2788 hwpolicy - ok
08:15:04.0879 2788 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
08:15:04.0879 2788 i8042prt - ok
08:15:04.0957 2788 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
08:15:04.0957 2788 iaStorV - ok
08:15:05.0113 2788 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
08:15:05.0128 2788 idsvc - ok
08:15:05.0378 2788 igfx (ad626f6964f4d364d226c39e06872dd3) C:\Windows\system32\DRIVERS\igdkmd32.sys
08:15:05.0440 2788 igfx - ok
08:15:05.0534 2788 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
08:15:05.0549 2788 iirsp - ok
08:15:05.0596 2788 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
08:15:05.0612 2788 IKEEXT - ok
08:15:05.0705 2788 IntcAzAudAddService (ed6631bb92491df75e8557bda219d483) C:\Windows\system32\drivers\RTKVHDA.sys
08:15:05.0752 2788 IntcAzAudAddService - ok
08:15:05.0846 2788 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
08:15:05.0846 2788 intelide - ok
08:15:05.0877 2788 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
08:15:05.0877 2788 intelppm - ok
08:15:05.0908 2788 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
08:15:05.0908 2788 IPBusEnum - ok
08:15:05.0924 2788 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
08:15:05.0924 2788 IpFilterDriver - ok
08:15:05.0986 2788 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll
08:15:06.0002 2788 iphlpsvc - ok
08:15:06.0033 2788 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
08:15:06.0033 2788 IPMIDRV - ok
08:15:06.0049 2788 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
08:15:06.0049 2788 IPNAT - ok
08:15:06.0064 2788 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
08:15:06.0064 2788 IRENUM - ok
08:15:06.0080 2788 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
08:15:06.0080 2788 isapnp - ok
08:15:06.0095 2788 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
08:15:06.0095 2788 iScsiPrt - ok
08:15:06.0173 2788 IviRegMgr (213822072085b5bbad9af30ab577d817) C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
08:15:06.0173 2788 IviRegMgr - ok
08:15:06.0220 2788 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys
08:15:06.0220 2788 kbdclass - ok
08:15:06.0267 2788 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys
08:15:06.0267 2788 kbdhid - ok
08:15:06.0298 2788 KeyIso (f42309c4191c506b71db5d1126d26318) C:\Windows\system32\lsass.exe
08:15:06.0298 2788 KeyIso - ok
08:15:06.0314 2788 KSecDD (412cea1aa78cc02a447f5c9e62b32ff1) C:\Windows\system32\Drivers\ksecdd.sys
08:15:06.0314 2788 KSecDD - ok
08:15:06.0345 2788 KSecPkg (26c046977e85b95036453d7b88ba1820) C:\Windows\system32\Drivers\ksecpkg.sys
08:15:06.0345 2788 KSecPkg - ok
08:15:06.0361 2788 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
08:15:06.0376 2788 KtmRm - ok
08:15:06.0407 2788 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\system32\srvsvc.dll
08:15:06.0407 2788 LanmanServer - ok
08:15:06.0423 2788 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
08:15:06.0439 2788 LanmanWorkstation - ok
08:15:06.0470 2788 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
08:15:06.0470 2788 lltdio - ok
08:15:06.0501 2788 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
08:15:06.0501 2788 lltdsvc - ok
08:15:06.0517 2788 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
08:15:06.0517 2788 lmhosts - ok
08:15:06.0610 2788 LMIGuardianSvc (2375e7e01635fbccde2f796a9e078e07) C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
08:15:06.0626 2788 LMIGuardianSvc - ok
08:15:06.0657 2788 LMIInfo (4f69faaabb7db0d43e327c0b6aab40fc) C:\Program Files\LogMeIn\x86\RaInfo.sys
08:15:06.0657 2788 LMIInfo - ok
08:15:06.0673 2788 LMIMaint (b9c127273eaba403311854a8dcb6d0aa) C:\Program Files\LogMeIn\x86\RaMaint.exe
08:15:06.0673 2788 LMIMaint - ok
08:15:06.0735 2788 lmimirr (4477689e2d8ae6b78ba34c9af4cc1ed1) C:\Windows\system32\DRIVERS\lmimirr.sys
08:15:06.0735 2788 lmimirr - ok
08:15:06.0766 2788 LogMeIn (432618fa75b61059d2c57d6a7e55147a) C:\Program Files\LogMeIn\x86\LogMeIn.exe
08:15:06.0782 2788 LogMeIn - ok
08:15:06.0813 2788 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
08:15:06.0829 2788 LSI_FC - ok
08:15:06.0829 2788 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
08:15:06.0829 2788 LSI_SAS - ok
08:15:06.0844 2788 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
08:15:06.0844 2788 LSI_SAS2 - ok
08:15:06.0860 2788 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
08:15:06.0860 2788 LSI_SCSI - ok
08:15:06.0891 2788 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
08:15:06.0891 2788 luafv - ok
08:15:06.0891 2788 MBAMProtector - ok
08:15:06.0953 2788 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
08:15:06.0953 2788 MBAMService - ok
08:15:06.0969 2788 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll
08:15:06.0985 2788 Mcx2Svc - ok
08:15:06.0985 2788 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
08:15:06.0985 2788 megasas - ok
08:15:07.0016 2788 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
08:15:07.0016 2788 MegaSR - ok
08:15:07.0047 2788 MfeAVFK (64b96de8c492bd435372d9130a535f1d) C:\Windows\system32\drivers\MfeAVFK.sys
08:15:07.0047 2788 MfeAVFK - ok
08:15:07.0047 2788 MfeBOPK (078e87a89d36cc3516f19d5fb518bddc) C:\Windows\system32\drivers\MfeBOPK.sys
08:15:07.0047 2788 MfeBOPK - ok
08:15:07.0078 2788 mfehidk (168c565101fd5b9db694efdec91fafa9) C:\Windows\system32\drivers\mfehidk.sys
08:15:07.0078 2788 mfehidk - ok
08:15:07.0078 2788 MfeRKDK (e0842f67dc9bc4d21d1e319610ebe9e5) C:\Windows\system32\drivers\MfeRKDK.sys
08:15:07.0078 2788 MfeRKDK - ok
08:15:07.0094 2788 mfetdik (43a7acbbd70ecd62f0b63486c72089a3) C:\Windows\system32\drivers\mfetdik.sys
08:15:07.0094 2788 mfetdik - ok
08:15:07.0125 2788 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
08:15:07.0125 2788 MMCSS - ok
08:15:07.0125 2788 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
08:15:07.0141 2788 Modem - ok
08:15:07.0187 2788 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
08:15:07.0203 2788 monitor - ok
08:15:07.0234 2788 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\drivers\mouclass.sys
08:15:07.0250 2788 mouclass - ok
08:15:07.0281 2788 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
08:15:07.0297 2788 mouhid - ok
08:15:07.0328 2788 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
08:15:07.0328 2788 mountmgr - ok
08:15:07.0406 2788 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
08:15:07.0406 2788 MozillaMaintenance - ok
08:15:07.0468 2788 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
08:15:07.0468 2788 mpio - ok
08:15:07.0499 2788 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
08:15:07.0499 2788 mpsdrv - ok
08:15:07.0593 2788 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll
08:15:07.0609 2788 MpsSvc - ok
08:15:07.0624 2788 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
08:15:07.0624 2788 MRxDAV - ok
08:15:07.0655 2788 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
08:15:07.0655 2788 mrxsmb - ok
08:15:07.0687 2788 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
08:15:07.0687 2788 mrxsmb10 - ok
08:15:07.0718 2788 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
08:15:07.0718 2788 mrxsmb20 - ok
08:15:07.0765 2788 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
08:15:07.0765 2788 msahci - ok
08:15:07.0811 2788 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
08:15:07.0811 2788 msdsm - ok
08:15:07.0827 2788 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
08:15:07.0827 2788 MSDTC - ok
08:15:07.0874 2788 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
08:15:07.0874 2788 Msfs - ok
08:15:07.0874 2788 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
08:15:07.0874 2788 mshidkmdf - ok
08:15:07.0905 2788 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
08:15:07.0905 2788 msisadrv - ok
08:15:07.0936 2788 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
08:15:07.0936 2788 MSiSCSI - ok
08:15:07.0936 2788 msiserver - ok
08:15:07.0952 2788 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
08:15:07.0952 2788 MSKSSRV - ok
08:15:07.0967 2788 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
08:15:07.0967 2788 MSPCLOCK - ok
08:15:07.0983 2788 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
08:15:07.0983 2788 MSPQM - ok
08:15:07.0999 2788 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
08:15:07.0999 2788 MsRPC - ok
08:15:08.0030 2788 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
08:15:08.0045 2788 mssmbios - ok
08:15:08.0045 2788 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
08:15:08.0045 2788 MSTEE - ok
08:15:08.0061 2788 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
08:15:08.0061 2788 MTConfig - ok
08:15:08.0077 2788 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
08:15:08.0077 2788 Mup - ok
08:15:08.0108 2788 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
08:15:08.0123 2788 napagent - ok
08:15:08.0170 2788 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
08:15:08.0170 2788 NativeWifiP - ok
08:15:08.0233 2788 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
08:15:08.0233 2788 NDIS - ok
08:15:08.0264 2788 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
08:15:08.0264 2788 NdisCap - ok
08:15:08.0279 2788 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
08:15:08.0279 2788 NdisTapi - ok
08:15:08.0311 2788 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
08:15:08.0311 2788 Ndisuio - ok
08:15:08.0342 2788 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
08:15:08.0342 2788 NdisWan - ok
08:15:08.0373 2788 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
08:15:08.0373 2788 NDProxy - ok
08:15:08.0373 2788 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
08:15:08.0373 2788 NetBIOS - ok
08:15:08.0389 2788 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
08:15:08.0389 2788 NetBT - ok
08:15:08.0420 2788 Netlogon (f42309c4191c506b71db5d1126d26318) C:\Windows\system32\lsass.exe
08:15:08.0420 2788 Netlogon - ok
08:15:08.0451 2788 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
08:15:08.0451 2788 Netman - ok
08:15:08.0482 2788 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
08:15:08.0482 2788 netprofm - ok
08:15:08.0545 2788 NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
08:15:08.0545 2788 NetTcpPortSharing - ok
08:15:08.0576 2788 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
08:15:08.0591 2788 nfrd960 - ok
08:15:08.0607 2788 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
08:15:08.0623 2788 NlaSvc - ok
08:15:08.0623 2788 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
08:15:08.0623 2788 Npfs - ok
08:15:08.0654 2788 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
08:15:08.0654 2788 nsi - ok
08:15:08.0669 2788 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
08:15:08.0669 2788 nsiproxy - ok
08:15:08.0716 2788 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
08:15:08.0747 2788 Ntfs - ok
08:15:08.0810 2788 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
08:15:08.0810 2788 Null - ok
08:15:09.0262 2788 nvlddmkm (8dfdcffabd7ab73cab9c738c3b7dccf4) C:\Windows\system32\DRIVERS\nvlddmkm.sys
08:15:09.0434 2788 nvlddmkm - ok
08:15:09.0590 2788 NVNET (4bcfe7c801d969020e58f1d39e09e2a7) C:\Windows\system32\DRIVERS\nvmf6232.sys
08:15:09.0621 2788 NVNET - ok
08:15:09.0668 2788 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
08:15:09.0668 2788 nvraid - ok
08:15:09.0715 2788 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
08:15:09.0715 2788 nvstor - ok
08:15:09.0761 2788 nvstor32 (032ef66dd96692ad3a9d36160f467f67) C:\Windows\system32\DRIVERS\nvstor32.sys
08:15:09.0761 2788 nvstor32 - ok
08:15:09.0824 2788 nvsvc (11b65eba46cbe29643ec6d0ef6a5fffb) C:\Windows\system32\nvvsvc.exe
08:15:09.0824 2788 nvsvc - ok
08:15:09.0839 2788 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
08:15:09.0855 2788 nv_agp - ok
08:15:09.0871 2788 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
08:15:09.0871 2788 ohci1394 - ok
08:15:09.0949 2788 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:15:09.0964 2788 ose - ok
08:15:10.0198 2788 osppsvc (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
08:15:10.0292 2788 osppsvc - ok
08:15:10.0370 2788 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
08:15:10.0385 2788 p2pimsvc - ok
08:15:10.0432 2788 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
08:15:10.0432 2788 p2psvc - ok
08:15:10.0463 2788 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
08:15:10.0479 2788 Parport - ok
08:15:10.0510 2788 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys
08:15:10.0510 2788 partmgr - ok
08:15:10.0526 2788 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
08:15:10.0526 2788 Parvdm - ok
08:15:10.0541 2788 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
08:15:10.0557 2788 PcaSvc - ok
08:15:10.0604 2788 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
08:15:10.0604 2788 pci - ok
08:15:10.0619 2788 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
08:15:10.0619 2788 pciide - ok
08:15:10.0635 2788 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
08:15:10.0635 2788 pcmcia - ok
08:15:10.0651 2788 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
08:15:10.0651 2788 pcw - ok
08:15:10.0682 2788 pdfcDispatcher - ok
08:15:10.0713 2788 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
08:15:10.0713 2788 PEAUTH - ok
08:15:10.0760 2788 PeerDistSvc (af4d64d2a57b9772cf3801950b8058a6) C:\Windows\system32\peerdistsvc.dll
08:15:10.0775 2788 PeerDistSvc - ok
08:15:10.0838 2788 pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
08:15:10.0869 2788 pla - ok
08:15:10.0947 2788 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll
08:15:10.0947 2788 PlugPlay - ok
08:15:10.0978 2788 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
08:15:10.0994 2788 PNRPAutoReg - ok
08:15:11.0009 2788 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
08:15:11.0009 2788 PNRPsvc - ok
08:15:11.0025 2788 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
08:15:11.0041 2788 PolicyAgent - ok
08:15:11.0056 2788 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
08:15:11.0072 2788 Power - ok
08:15:11.0134 2788 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
08:15:11.0134 2788 PptpMiniport - ok
08:15:11.0150 2788 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
08:15:11.0150 2788 Processor - ok
08:15:11.0197 2788 ProfSvc (43ca4ccc22d52fb58e8988f0198851d0) C:\Windows\system32\profsvc.dll
08:15:11.0212 2788 ProfSvc - ok
08:15:11.0228 2788 ProtectedStorage (f42309c4191c506b71db5d1126d26318) C:\Windows\system32\lsass.exe
08:15:11.0228 2788 ProtectedStorage - ok
08:15:11.0243 2788 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
08:15:11.0243 2788 Psched - ok
08:15:11.0275 2788 PSI (d24dfd16a1e2a76034df5aa18125c35d) C:\Windows\system32\DRIVERS\psi_mf.sys
08:15:11.0275 2788 PSI - ok
08:15:11.0353 2788 PSI_SVC_2 (a6a7ad767bf5141665f5c675f671b3e1) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
08:15:11.0368 2788 PSI_SVC_2 - ok
08:15:11.0415 2788 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
08:15:11.0446 2788 ql2300 - ok
08:15:11.0509 2788 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
08:15:11.0509 2788 ql40xx - ok
08:15:11.0540 2788 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
08:15:11.0540 2788 QWAVE - ok
08:15:11.0555 2788 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
08:15:11.0555 2788 QWAVEdrv - ok
08:15:11.0587 2788 radpms (b953369c5ef43615f1bfa9cea69fc9aa) C:\Windows\system32\DRIVERS\radpms.sys
08:15:11.0587 2788 radpms - ok
08:15:11.0602 2788 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
08:15:11.0602 2788 RasAcd - ok
08:15:11.0633 2788 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
08:15:11.0633 2788 RasAgileVpn - ok
08:15:11.0633 2788 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
08:15:11.0649 2788 RasAuto - ok
08:15:11.0649 2788 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
08:15:11.0649 2788 Rasl2tp - ok
08:15:11.0696 2788 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
08:15:11.0711 2788 RasMan - ok
08:15:11.0727 2788 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
08:15:11.0727 2788 RasPppoe - ok
08:15:11.0743 2788 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
08:15:11.0743 2788 RasSstp - ok
08:15:11.0758 2788 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
08:15:11.0758 2788 rdbss - ok
08:15:11.0774 2788 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
08:15:11.0774 2788 rdpbus - ok
08:15:11.0805 2788 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
08:15:11.0805 2788 RDPCDD - ok
08:15:11.0836 2788 RDPDR (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys
08:15:11.0836 2788 RDPDR - ok
08:15:11.0867 2788 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
08:15:11.0867 2788 RDPENCDD - ok
08:15:11.0883 2788 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
08:15:11.0883 2788 RDPREFMP - ok
08:15:11.0930 2788 RDPWD (288b06960d78428ff89e811632684e20) C:\Windows\system32\drivers\RDPWD.sys
08:15:11.0930 2788 RDPWD - ok
08:15:11.0961 2788 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
08:15:11.0961 2788 rdyboost - ok
08:15:11.0992 2788 regi (001b4278407f4303efc902a2b16f2453) C:\Windows\system32\drivers\regi.sys
08:15:11.0992 2788 regi - ok
08:15:12.0023 2788 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
08:15:12.0023 2788 RemoteAccess - ok
08:15:12.0055 2788 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
08:15:12.0070 2788 RemoteRegistry - ok
08:15:12.0086 2788 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
08:15:12.0086 2788 RpcEptMapper - ok
08:15:12.0101 2788 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
08:15:12.0101 2788 RpcLocator - ok
08:15:12.0133 2788 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
08:15:12.0148 2788 RpcSs - ok
08:15:12.0179 2788 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
08:15:12.0179 2788 rspndr - ok
08:15:12.0211 2788 s3cap (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys
08:15:12.0211 2788 s3cap - ok
08:15:12.0226 2788 SamSs (f42309c4191c506b71db5d1126d26318) C:\Windows\system32\lsass.exe
08:15:12.0226 2788 SamSs - ok
08:15:12.0289 2788 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
08:15:12.0289 2788 SASDIFSV - ok
08:15:12.0304 2788 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
08:15:12.0304 2788 SASKUTIL - ok
08:15:12.0476 2788 SBAMSvc (77dbda1401ff941962bb133125ee22c7) C:\Program Files\Sunbelt Software\SBEAgent\SBAMSvc.exe
08:15:12.0523 2788 SBAMSvc - ok
08:15:12.0632 2788 sbapifs (cc5dd5bc0d6168a8bbb30d9388285ce5) C:\Windows\system32\DRIVERS\sbapifs.sys
08:15:12.0632 2788 sbapifs - ok
08:15:12.0679 2788 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
08:15:12.0679 2788 sbp2port - ok
08:15:12.0741 2788 SBPIMSvc (f2d18d2bd968f949c812472afad8c55a) C:\Program Files\Sunbelt Software\SBEAgent\SBPIMSvc.exe
08:15:12.0757 2788 SBPIMSvc - ok
08:15:12.0772 2788 SBRE (d09961c0d2b452745575c7d0511bf3da) C:\Windows\system32\drivers\SBREdrv.sys
08:15:12.0788 2788 SBRE - ok
08:15:12.0850 2788 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
08:15:12.0881 2788 SBSDWSCService - ok
08:15:12.0928 2788 SbTis (6468e2973e04525decc105947ddd0d34) C:\Windows\system32\drivers\sbtis.sys
08:15:12.0944 2788 SbTis - ok
08:15:12.0959 2788 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
08:15:12.0959 2788 SCardSvr - ok
08:15:12.0991 2788 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
08:15:12.0991 2788 scfilter - ok
08:15:13.0022 2788 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
08:15:13.0037 2788 Schedule - ok
08:15:13.0069 2788 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
08:15:13.0069 2788 SCPolicySvc - ok
08:15:13.0084 2788 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
08:15:13.0100 2788 SDRSVC - ok
08:15:13.0147 2788 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
08:15:13.0147 2788 secdrv - ok
08:15:13.0178 2788 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
08:15:13.0193 2788 seclogon - ok
08:15:13.0287 2788 Secunia PSI Agent (5b66db4877bbac9f7493aa8d84421e49) C:\Program Files\Secunia\PSI\PSIA.exe
08:15:13.0303 2788 Secunia PSI Agent - ok
08:15:13.0334 2788 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll
08:15:13.0349 2788 SENS - ok
08:15:13.0381 2788 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
08:15:13.0381 2788 SensrSvc - ok
08:15:13.0412 2788 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
08:15:13.0412 2788 Serenum - ok
08:15:13.0443 2788 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
08:15:13.0443 2788 Serial - ok
08:15:13.0459 2788 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
08:15:13.0474 2788 sermouse - ok
08:15:13.0505 2788 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
08:15:13.0505 2788 SessionEnv - ok
08:15:13.0521 2788 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
08:15:13.0521 2788 sffdisk - ok
08:15:13.0537 2788 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
08:15:13.0537 2788 sffp_mmc - ok
08:15:13.0537 2788 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
08:15:13.0537 2788 sffp_sd - ok
08:15:13.0552 2788 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
08:15:13.0552 2788 sfloppy - ok
08:15:13.0583 2788 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
08:15:13.0583 2788 SharedAccess - ok
08:15:13.0615 2788 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
08:15:13.0615 2788 ShellHWDetection - ok
08:15:13.0646 2788 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
08:15:13.0646 2788 sisagp - ok
08:15:13.0661 2788 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
08:15:13.0661 2788 SiSRaid2 - ok
08:15:13.0677 2788 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
08:15:13.0677 2788 SiSRaid4 - ok
08:15:13.0708 2788 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
08:15:13.0708 2788 Smb - ok
08:15:13.0739 2788 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
08:15:13.0739 2788 SNMPTRAP - ok
08:15:13.0755 2788 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
08:15:13.0755 2788 spldr - ok
08:15:13.0786 2788 Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe
08:15:13.0786 2788 Spooler - ok
08:15:13.0864 2788 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe
08:15:13.0927 2788 sppsvc - ok
08:15:13.0989 2788 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll
08:15:13.0989 2788 sppuinotify - ok
08:15:14.0020 2788 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
08:15:14.0020 2788 srv - ok
08:15:14.0036 2788 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
08:15:14.0051 2788 srv2 - ok
08:15:14.0051 2788 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
08:15:14.0051 2788 srvnet - ok
08:15:14.0083 2788 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
08:15:14.0083 2788 SSDPSRV - ok
08:15:14.0114 2788 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
08:15:14.0114 2788 SstpSvc - ok
08:15:14.0129 2788 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
08:15:14.0129 2788 stexstor - ok
08:15:14.0161 2788 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll
08:15:14.0161 2788 StiSvc - ok
08:15:14.0192 2788 storflt (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys
08:15:14.0192 2788 storflt - ok
08:15:14.0207 2788 StorSvc (0bf669f0a910beda4a32258d363af2a5) C:\Windows\system32\storsvc.dll
08:15:14.0223 2788 StorSvc - ok
08:15:14.0254 2788 storvsc (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys
08:15:14.0254 2788 storvsc - ok
08:15:14.0285 2788 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
08:15:14.0285 2788 swenum - ok
08:15:14.0301 2788 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
08:15:14.0301 2788 swprv - ok
08:15:14.0348 2788 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll
08:15:14.0379 2788 SysMain - ok
08:15:14.0395 2788 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll
08:15:14.0410 2788 TabletInputService - ok
08:15:14.0426 2788 TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll
08:15:14.0441 2788 TapiSrv - ok
08:15:14.0441 2788 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
08:15:14.0457 2788 TBS - ok
08:15:14.0535 2788 Tcpip (04e4a7d53a7ace02e8c55b17a498f631) C:\Windows\system32\drivers\tcpip.sys
08:15:14.0566 2788 Tcpip - ok
08:15:14.0644 2788 TCPIP6 (04e4a7d53a7ace02e8c55b17a498f631) C:\Windows\system32\DRIVERS\tcpip.sys
08:15:14.0660 2788 TCPIP6 - ok
08:15:14.0753 2788 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
08:15:14.0753 2788 tcpipreg - ok
08:15:14.0769 2788 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
08:15:14.0785 2788 TDPIPE - ok
08:15:14.0785 2788 TDTCP (2c10395baa4847f83042813c515cc289) C:\Windows\system32\drivers\tdtcp.sys
08:15:14.0785 2788 TDTCP - ok
08:15:14.0800 2788 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
08:15:14.0816 2788 tdx - ok
08:15:14.0847 2788 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
08:15:14.0847 2788 TermDD - ok
08:15:14.0878 2788 TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll
08:15:14.0878 2788 TermService - ok
08:15:14.0894 2788 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
08:15:14.0909 2788 Themes - ok
08:15:14.0925 2788 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
08:15:14.0925 2788 THREADORDER - ok
08:15:14.0956 2788 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
08:15:14.0956 2788 TrkWks - ok
08:15:15.0019 2788 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe
08:15:15.0034 2788 TrustedInstaller - ok
08:15:15.0065 2788 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
08:15:15.0065 2788 tssecsrv - ok
08:15:15.0112 2788 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
08:15:15.0112 2788 TsUsbFlt - ok
08:15:15.0159 2788 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
08:15:15.0159 2788 tunnel - ok
08:15:15.0175 2788 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
08:15:15.0175 2788 uagp35 - ok
08:15:15.0190 2788 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
08:15:15.0206 2788 udfs - ok
08:15:15.0221 2788 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
08:15:15.0221 2788 UI0Detect - ok
08:15:15.0268 2788 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
08:15:15.0268 2788 uliagpkx - ok
08:15:15.0315 2788 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys
08:15:15.0315 2788 umbus - ok
08:15:15.0315 2788 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
08:15:15.0331 2788 UmPass - ok
08:15:15.0362 2788 UmRdpService (409994a8eaceee4e328749c0353527a0) C:\Windows\System32\umrdp.dll
08:15:15.0362 2788 UmRdpService - ok
08:15:15.0409 2788 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
08:15:15.0424 2788 upnphost - ok
08:15:15.0440 2788 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
08:15:15.0440 2788 usbccgp - ok
08:15:15.0471 2788 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
08:15:15.0471 2788 usbcir - ok
08:15:15.0487 2788 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
08:15:15.0487 2788 usbehci - ok
08:15:15.0518 2788 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
08:15:15.0518 2788 usbhub - ok
08:15:15.0533 2788 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\DRIVERS\usbohci.sys
08:15:15.0533 2788 usbohci - ok
08:15:15.0565 2788 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
08:15:15.0565 2788 usbprint - ok
08:15:15.0580 2788 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
08:15:15.0580 2788 USBSTOR - ok
08:15:15.0596 2788 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\drivers\usbuhci.sys
08:15:15.0596 2788 usbuhci - ok
08:15:15.0611 2788 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
08:15:15.0627 2788 UxSms - ok
08:15:15.0627 2788 VaultSvc (f42309c4191c506b71db5d1126d26318) C:\Windows\system32\lsass.exe
08:15:15.0643 2788 VaultSvc - ok
08:15:15.0658 2788 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
08:15:15.0658 2788 vdrvroot - ok
08:15:15.0705 2788 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe
08:15:15.0721 2788 vds - ok
08:15:15.0752 2788 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
08:15:15.0752 2788 vga - ok
08:15:15.0767 2788 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
08:15:15.0767 2788 VgaSave - ok
08:15:15.0799 2788 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
08:15:15.0799 2788 vhdmp - ok
08:15:15.0830 2788 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
08:15:15.0830 2788 viaagp - ok
08:15:15.0845 2788 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
08:15:15.0845 2788 ViaC7 - ok
08:15:15.0861 2788 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
08:15:15.0861 2788 viaide - ok
08:15:15.0892 2788 vmbus (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys
08:15:15.0892 2788 vmbus - ok
08:15:15.0908 2788 VMBusHID (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys
08:15:15.0908 2788 VMBusHID - ok
08:15:15.0923 2788 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
08:15:15.0923 2788 volmgr - ok
08:15:15.0939 2788 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
08:15:15.0939 2788 volmgrx - ok
08:15:15.0970 2788 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
08:15:15.0970 2788 volsnap - ok
08:15:16.0001 2788 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
08:15:16.0001 2788 vsmraid - ok
08:15:16.0048 2788 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe
08:15:16.0064 2788 VSS - ok
08:15:16.0079 2788 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
08:15:16.0079 2788 vwifibus - ok
08:15:16.0095 2788 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
08:15:16.0111 2788 W32Time - ok
08:15:16.0126 2788 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
08:15:16.0126 2788 WacomPen - ok
08:15:16.0142 2788 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
08:15:16.0142 2788 WANARP - ok
08:15:16.0142 2788 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
08:15:16.0142 2788 Wanarpv6 - ok
08:15:16.0204 2788 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\Windows\system32\Wat\WatAdminSvc.exe
08:15:16.0235 2788 WatAdminSvc - ok
08:15:16.0313 2788 wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe
08:15:16.0345 2788 wbengine - ok
08:15:16.0360 2788 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
08:15:16.0360 2788 WbioSrvc - ok
08:15:16.0391 2788 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll
08:15:16.0391 2788 wcncsvc - ok
08:15:16.0407 2788 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
08:15:16.0407 2788 WcsPlugInService - ok
08:15:16.0438 2788 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
08:15:16.0438 2788 Wd - ok
08:15:16.0454 2788 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
08:15:16.0454 2788 Wdf01000 - ok
08:15:16.0469 2788 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
08:15:16.0485 2788 WdiServiceHost - ok
08:15:16.0485 2788 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
08:15:16.0485 2788 WdiSystemHost - ok
08:15:16.0501 2788 WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll
08:15:16.0516 2788 WebClient - ok
08:15:16.0532 2788 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
08:15:16.0532 2788 Wecsvc - ok
08:15:16.0547 2788 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
08:15:16.0547 2788 wercplsupport - ok
08:15:16.0563 2788 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
08:15:16.0579 2788 WerSvc - ok
08:15:16.0594 2788 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
08:15:16.0594 2788 WfpLwf - ok
08:15:16.0610 2788 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
08:15:16.0610 2788 WIMMount - ok
08:15:16.0735 2788 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
08:15:16.0750 2788 WinDefend - ok
08:15:16.0766 2788 WinHttpAutoProxySvc - ok
08:15:16.0828 2788 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
08:15:16.0828 2788 Winmgmt - ok
08:15:16.0891 2788 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll
08:15:16.0922 2788 WinRM - ok
08:15:17.0015 2788 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys
08:15:17.0015 2788 WinUsb - ok
08:15:17.0078 2788 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
08:15:17.0093 2788 Wlansvc - ok
08:15:17.0171 2788 wlcrasvc (6067acef367e79914af628fa1e9b5330) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
08:15:17.0187 2788 wlcrasvc - ok
08:15:17.0374 2788 wlidsvc (0a70f4022ec2e14c159efc4f69aa2477) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
08:15:17.0390 2788 wlidsvc - ok
08:15:17.0499 2788 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
08:15:17.0515 2788 WmiAcpi - ok
08:15:17.0546 2788 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
08:15:17.0561 2788 wmiApSrv - ok
08:15:17.0639 2788 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
08:15:17.0671 2788 WMPNetworkSvc - ok
08:15:17.0733 2788 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
08:15:17.0733 2788 WPCSvc - ok
08:15:17.0764 2788 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll
08:15:17.0780 2788 WPDBusEnum - ok
08:15:17.0795 2788 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
08:15:17.0795 2788 ws2ifsl - ok
08:15:17.0811 2788 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\System32\wscsvc.dll
08:15:17.0811 2788 wscsvc - ok
08:15:17.0827 2788 WSearch - ok
08:15:17.0936 2788 wuauserv (3026418a50c5b4761befa632cedb7406) C:\Windows\system32\wuaueng.dll
08:15:17.0967 2788 wuauserv - ok
08:15:18.0045 2788 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
08:15:18.0045 2788 WudfPf - ok
08:15:18.0061 2788 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
08:15:18.0076 2788 WUDFRd - ok
08:15:18.0092 2788 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll
08:15:18.0092 2788 wudfsvc - ok
08:15:18.0139 2788 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
08:15:18.0139 2788 WwanSvc - ok
08:15:18.0170 2788 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
08:15:18.0232 2788 \Device\Harddisk0\DR0 - ok
08:15:18.0263 2788 Boot (0x1200) (336d7f49ef10413cbe625fab0a821e9d) \Device\Harddisk0\DR0\Partition0
08:15:18.0263 2788 \Device\Harddisk0\DR0\Partition0 - ok
08:15:18.0279 2788 Boot (0x1200) (798622475340c4492fede669bf5198c3) \Device\Harddisk0\DR0\Partition1
08:15:18.0279 2788 \Device\Harddisk0\DR0\Partition1 - ok
08:15:18.0326 2788 Boot (0x1200) (ef60ba0a8879c8af4b619f7ff9bbe5ab) \Device\Harddisk0\DR0\Partition2
08:15:18.0357 2788 \Device\Harddisk0\DR0\Partition2 - ok
08:15:18.0373 2788 ============================================================
08:15:18.0373 2788 Scan finished
08:15:18.0373 2788 ============================================================
08:15:18.0388 2996 Detected object count: 0
08:15:18.0388 2996 Actual detected object count: 0
08:15:46.0094 3788 Deinitialize success

AVAST

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-05-09 08:15:51
-----------------------------
08:15:51.850 OS Version: Windows 6.1.7601 Service Pack 1
08:15:51.850 Number of processors: 2 586 0x602
08:15:51.850 ComputerName: SM-FRONT-1 UserName: moliveira
08:15:53.972 Initialize success
08:18:42.060 The log file has been saved successfully to "C:\AV\AVAST\aswMBR.txt"



aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-05-09 08:15:51
-----------------------------
08:15:51.850 OS Version: Windows 6.1.7601 Service Pack 1
08:15:51.850 Number of processors: 2 586 0x602
08:15:51.850 ComputerName: SM-FRONT-1 UserName: moliveira
08:15:53.972 Initialize success
08:18:42.060 The log file has been saved successfully to "C:\AV\AVAST\aswMBR.txt"
08:22:09.914 AVAST engine defs: 12050900
08:27:13.690 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000061
08:27:13.706 Disk 0 Vendor: ST350041 HP34 Size: 476940MB BusType: 3
08:27:13.737 Disk 0 MBR read successfully
08:27:13.737 Disk 0 MBR scan
08:27:13.753 Disk 0 Windows 7 default MBR code
08:27:13.768 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 2047 MB offset 2048
08:27:13.784 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 467912 MB offset 4194304
08:27:13.815 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 6970 MB offset 962478080
08:27:13.862 Disk 0 scanning sectors +976752640
08:27:13.924 Disk 0 scanning C:\Windows\system32\drivers
08:27:21.475 Service scanning
08:27:39.992 Modules scanning
08:27:44.828 Disk 0 trace - called modules:
08:27:44.859 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll storport.sys nvstor32.sys
08:27:44.859 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85a8d2e0]
08:27:44.875 3 CLASSPNP.SYS[8859f59e] -> nt!IofCallDriver -> [0x84a6f8e0]
08:27:44.875 5 ACPI.sys[880323d4] -> nt!IofCallDriver -> \Device\00000061[0x853c9858]
08:27:47.090 AVAST engine scan C:\Windows
08:27:51.177 AVAST engine scan C:\Windows\system32
08:30:20.140 AVAST engine scan C:\Windows\system32\drivers
08:30:30.514 AVAST engine scan C:\Users\moliveira
08:32:52.692 AVAST engine scan C:\ProgramData
08:33:43.984 Scan finished successfully
08:38:09.822 Disk 0 MBR has been saved successfully to "C:\AV\AVAST\MBR.dat"
08:38:09.838 The log file has been saved successfully to "C:\AV\AVAST\aswMBR.txt"




Edited by Dean2012, 09 May 2012 - 10:57 AM.


#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:05 AM

Posted 09 May 2012 - 11:19 AM

Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply


Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

#8 Dean2012

Dean2012
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:02:05 AM

Posted 09 May 2012 - 04:03 PM

Had some issues trying to get ESET to update but was able to in safe mode. A threat was found and removed:

C:\Users\moliveira\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AQLIJTXW\2395ccc009752c4a[1].htm JS/Fraud.NAQ trojan cleaned by deleting - quarantined

=====================================================================
MiniToolBox by Farbar Version: 18-01-2012
Ran by moliveira (administrator) on 09-05-2012 at 12:25:05
Microsoft Windows 7 Professional Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
ProxyServer: http=127.0.0.1:8888;https=127.0.0.1:8888

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

# ::1 localhost

========================= IP Configuration: ================================

NVIDIA nForce 10/100 Mbps Ethernet = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : SM-FRONT-1
Primary Dns Suffix . . . . . . . : DavexLabs.local
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : DavexLabs.local

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : DavexLabs.local
Description . . . . . . . . . . . : NVIDIA nForce 10/100 Mbps Ethernet
Physical Address. . . . . . . . . : F4-CE-46-02-B2-B4
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::b919:67fe:7476:3bb7%12(Preferred)
IPv4 Address. . . . . . . . . . . : 10.1.1.43(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, May 08, 2012 2:54:53 PM
Lease Expires . . . . . . . . . . : Wednesday, May 16, 2012 2:54:51 PM
Default Gateway . . . . . . . . . : 10.1.1.254
DHCP Server . . . . . . . . . . . : 10.1.1.2
DHCPv6 IAID . . . . . . . . . . . : 284479046
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-19-F2-CA-F4-CE-46-02-B2-B4
DNS Servers . . . . . . . . . . . : 10.1.1.2
Primary WINS Server . . . . . . . : 10.1.1.2
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.DavexLabs.local:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : DavexLabs.local
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Teredo Tunneling Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: mail.davexlabs.local
Address: 10.1.1.2

Name: google.com
Addresses: 74.125.224.230
74.125.224.231
74.125.224.232
74.125.224.233
74.125.224.238
74.125.224.224
74.125.224.225
74.125.224.226
74.125.224.227
74.125.224.228
74.125.224.229


Pinging google.com [74.125.224.230] with 32 bytes of data:
Reply from 74.125.224.230: bytes=32 time=17ms TTL=49
Reply from 74.125.224.230: bytes=32 time=18ms TTL=49

Ping statistics for 74.125.224.230:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 17ms, Maximum = 18ms, Average = 17ms
Server: mail.davexlabs.com
Address: 10.1.1.2

Name: yahoo.com
Addresses: 209.191.122.70
72.30.38.140
98.139.183.24


Pinging yahoo.com [209.191.122.70] with 32 bytes of data:
Reply from 209.191.122.70: bytes=32 time=56ms TTL=50
Reply from 209.191.122.70: bytes=32 time=59ms TTL=50

Ping statistics for 209.191.122.70:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 56ms, Maximum = 59ms, Average = 57ms
Server: mail.davexlabs.local
Address: 10.1.1.2

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Request timed out.
Request timed out.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
12...f4 ce 46 02 b2 b4 ......NVIDIA nForce 10/100 Mbps Ethernet
1...........................Software Loopback Interface 1
13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
10...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
11...00 00 00 00 00 00 00 e0 Microsoft Teredo Tunneling Adapter
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.1.1.254 10.1.1.43 20
10.1.1.0 255.255.255.0 On-link 10.1.1.43 276
10.1.1.43 255.255.255.255 On-link 10.1.1.43 276
10.1.1.255 255.255.255.255 On-link 10.1.1.43 276
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 10.1.1.43 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 10.1.1.43 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
12 276 fe80::/64 On-link
12 276 fe80::b919:67fe:7476:3bb7/128
On-link
1 306 ff00::/8 On-link
12 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 C:\Windows\System32\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 08 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/09/2012 08:11:44 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 90080108

Error: (05/09/2012 07:25:23 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (05/08/2012 01:17:07 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 90080108

Error: (05/08/2012 00:08:06 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (05/08/2012 00:31:28 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (05/08/2012 00:30:46 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (05/08/2012 00:30:44 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (05/08/2012 00:30:44 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (05/07/2012 06:47:19 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 90080108

Error: (05/07/2012 05:38:55 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005


System errors:
=============
Error: (05/08/2012 02:57:01 PM) (Source: Service Control Manager) (User: )
Description: The MBAMService service depends on the MBAMProtector service which failed to start because of the following error:
%%2

Error: (05/08/2012 02:57:01 PM) (Source: Service Control Manager) (User: )
Description: The MBAMProtector service failed to start due to the following error:
%%2

Error: (05/08/2012 09:32:24 AM) (Source: Service Control Manager) (User: )
Description: The MBAMService service depends on the MBAMProtector service which failed to start because of the following error:
%%2

Error: (05/08/2012 09:32:24 AM) (Source: Service Control Manager) (User: )
Description: The MBAMProtector service failed to start due to the following error:
%%2

Error: (05/08/2012 09:25:57 AM) (Source: Service Control Manager) (User: )
Description: The MBAMSwissArmy service failed to start due to the following error:
%%31

Error: (05/08/2012 09:11:01 AM) (Source: Service Control Manager) (User: )
Description: The MBAMService service depends on the MBAMProtector service which failed to start because of the following error:
%%2

Error: (05/08/2012 09:11:01 AM) (Source: Service Control Manager) (User: )
Description: The MBAMProtector service failed to start due to the following error:
%%2

Error: (05/08/2012 09:09:00 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
mfehidk
mfetdik
SASDIFSV
SASKUTIL
SbTis

Error: (05/08/2012 08:49:17 AM) (Source: Service Control Manager) (User: )
Description: The SASKUTIL service failed to start due to the following error:
%%31

Error: (05/08/2012 08:49:14 AM) (Source: Service Control Manager) (User: )
Description: The SASDIFSV service failed to start due to the following error:
%%31


Microsoft Office Sessions:
=========================
Error: (05/09/2012 08:11:44 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 90080108

Error: (05/09/2012 07:25:23 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005

Error: (05/08/2012 01:17:07 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 90080108

Error: (05/08/2012 00:08:06 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005

Error: (05/08/2012 00:31:28 AM) (Source: SideBySide)(User: )
Description: assemblyIdentitylanguage*c:\program files\spybot - search & destroy\DelZip179.dllc:\program files\spybot - search & destroy\DelZip179.dll8

Error: (05/08/2012 00:30:46 AM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\konica minolta\printerdrivers\652_602series\Setup64.exe

Error: (05/08/2012 00:30:44 AM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\konica minolta\universal driver pcl\uninstaller\UPDSetup64.exe

Error: (05/08/2012 00:30:44 AM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\konica minolta\printerdrivers\c652series\Setup64.exe

Error: (05/07/2012 06:47:19 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 90080108

Error: (05/07/2012 05:38:55 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005


=========================== Installed Programs ============================

ActiveCheck component for HP Active Support Library (Version: 3.0.0.1)
Adobe Acrobat 7.0 Professional (Version: 7.1.0)
Adobe Acrobat 7.1.0 Professional (Version: 7.1.0)
Adobe Flash Player 11 ActiveX (Version: 11.2.202.233)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Advanced Monitoring Agent GP (Version: 1.0)
Bing Rewards Client Installer (Version: 16.0.345.0)
D3DX10 (Version: 15.4.2368.0902)
Definition update for Microsoft Office 2010 (KB982726)
Dropbox (Version: 1.2.52)
ESET Online Scanner v3
Fiddler2 (Version: 2.3.9.5)
GFI Business Agent (Version: 5.0.4464)
HP Customer Experience Enhancements (Version: 6.0.1.3)
HP Support Assistant (Version: 4.2.5.3)
HPAsset component for HP Active Support Library (Version: 3.0.0.3)
InterVideo WinDVD 8 (Version: 8.5.10.36)
Java Auto Updater (Version: 2.1.6.0)
Java™ 6 Update 23 (Version: 6.0.230)
Java™ 6 Update 7 (Version: 1.6.0.70)
Java™ 7 Update 3 (Version: 7.0.30)
JavaFX 2.0.3 (Version: 2.0.3)
Junk Mail filter update (Version: 15.4.3502.0922)
KONICA MINOLTA C652Series
KONICA MINOLTA Universal PCL
KONICAMINOLTA652/602Series
LogMeIn (Version: 4.1.2138)
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Office Access database engine 2007 (English) (Version: 12.0.6425.1000)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Outlook Connector (Version: 14.0.5118.5000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Professional 2010 (Version: 14.0.4763.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.4763.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.4763.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Single Image 2010 (Version: 14.0.4763.1000)
Microsoft Office Suite Activation Assistant (Version: 2.8)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (Version: 14.0.5120.5000)
Microsoft Silverlight (Version: 4.0.60831.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft SQL Server 2008 Native Client (Version: 10.0.1600.22)
Microsoft SQL Server Native Client (Version: 9.00.4035.00)
Microsoft UI Engine (Version: 6.3.2348.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Mozilla Firefox 12.0 (x86 en-US) (Version: 12.0)
Mozilla Maintenance Service (Version: 12.0)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NVIDIA Drivers (Version: 1.5)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
PDF Complete Special Edition (Version: 3.5.109)
Realtek High Definition Audio Driver (Version: 6.0.1.5882)
Sage Accpac .NET Libraries 5.6A (Version: 5.6.0000)
Sage Accpac 5.6A (Version: 5.6)
Secunia PSI (2.0.0.4003) (Version: 2.0.0.4003)
Spybot - Search & Destroy (Version: 1.6.2)
Stonefield Query for Sage Accpac ERP (Version: 4.0.3852.0)
SUPERAntiSpyware (Version: 5.0.1148)
System Center Essentials Configuration Helper (Version: 7.0.2432.0)
Update for Microsoft Office 2010 (KB2202188)
Update for Microsoft Office 2010 (KB2413186)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2523113)
Update for Microsoft OneNote 2010 (KB2493983)
Update for Microsoft Outlook Social Connector (KB2441641)
UPS Thermal Printer Plugin - Version 8.10
Visual Basic for Applications ® Core - English (Version: 6.4.99.69)
Visual Basic for Applications ® Core (Version: 6.4.99.69)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Family Safety (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)

========================= Memory info: ===================================

Percentage of memory in use: 60%
Total physical RAM: 1791.3 MB
Available physical RAM: 704.02 MB
Total Pagefile: 3582.61 MB
Available Pagefile: 2430.55 MB
Total Virtual: 2047.88 MB
Available Virtual: 1939.19 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:456.95 GB) (Free:421.3 GB) NTFS
2 Drive d: (HP_RECOVERY) (Fixed) (Total:6.81 GB) (Free:0.67 GB) NTFS
4 Drive f: () (Network) (Total:465.7 GB) (Free:103.33 GB) NTFS
5 Drive h: () (Network) (Total:465.7 GB) (Free:103.33 GB) NTFS
6 Drive i: () (Network) (Total:465.7 GB) (Free:103.33 GB) NTFS
7 Drive j: () (Network) (Total:465.7 GB) (Free:103.33 GB) NTFS
8 Drive p: () (Network) (Total:465.7 GB) (Free:103.33 GB) NTFS
9 Drive s: () (Network) (Total:1397.19 GB) (Free:1213.23 GB) NTFS
10 Drive x: () (Network) (Total:465.7 GB) (Free:103.33 GB) NTFS
11 Drive z: () (Network) (Total:465.7 GB) (Free:103.33 GB) NTFS

========================= Users: ========================================

User accounts for \\SM-FRONT-1

Administrator davexlabsnew Guest


**** End of log ****


#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:05 AM

Posted 09 May 2012 - 04:10 PM

That looks good

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Advice the user to install antivirus and not to click on suspicious links

good luck

#10 Dean2012

Dean2012
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:02:05 AM

Posted 10 May 2012 - 02:18 PM

Everything is completed. Last win update was last August and OS is now up to date also (and fixed update errors)

Thanks again! I really appreciate the help.

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:05 AM

Posted 10 May 2012 - 03:33 PM

You're most welcome :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users