Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Win7 Laptop Infected, I think


  • Please log in to reply
11 replies to this topic

#1 bustacaptx

bustacaptx

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:08 PM

Posted 05 June 2012 - 07:28 PM

I have a Lenovo G770 that has started giving me problems and is becoming unstable. Web browser and Windows Explorer windows will freeze, sometimes for minutes, sometimes permanently. Playing videos will often stutter and freeze. Programs will sometimes freeze and crash.

It's running updated Win7 Home Premium SP1 (64 bit), with Avast! and Microsoft Security Essentials set to each scan once a week.

I'd appreciate any help you could offer. Thanks very much.

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,561 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:08 PM

Posted 05 June 2012 - 08:04 PM

Hello, It may not be malware but we'll check first so that we know.

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.


Run TFC by OT (Temp File Cleaner)
Please download TFC by Old Timer and save it to your desktop.
alternate download link

Save any unsaved work. TFC will close ALL open programs including your browser!
Double-click on TFC.exe to run it. If you are using Vista, right-click on the file and choose Run As Administrator.
Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway to ensure a complete clean.


Next run Superantisypware (SAS):

Please download and scan with SUPERAntiSpyware Free
  • Double-click SUPERAntiSypware.exe and use the default settings for installation.
    For instructions with screenshots, please refer to the How to use SUPERAntiSpyware to scan and remove malware from your computer Guide.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If it will not start, go to Start > All Prgrams > SUPERAntiSpyware and click on Alternate Start.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)
  • In the Main Menu, click the Preferences... button.
  • Click the "General and Startup" tab, and under Start-up Options, make sure "Start SUPERAntiSpyware when Windows starts" box is unchecked.
  • Click the "Scanning Control" tab, and under Scanner Options, make sure the following are checked (leave all other options as they are set):
    • Close browsers before scanning.
    • Scan for tracking cookies.
    • Terminate memory threats before quarantining.
  • Click the "Close" button to leave the Control Center screen.
  • Back on the main screen, under "Select Scan Type" check the box for Complete Scan.
  • If your computer is badly infected, be sure to check the box next to Enable Rescue Scan (Highly Infected Systems ONLY).
  • Click the Scan your computer... button.
  • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
  • Make sure everything has a checkmark next to it and click "Next".
  • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
  • If asked if you want to reboot, click "Yes" and reboot normally.

To retrieve the scan log after reboot, launch SUPERAntiSpyware again.
  • Click the View Scan Logs button at the bottom.
  • This will open the Scanner Logs Window.
  • Click on the log to highlight it and then click on View Selected Log to open it.
  • Copy and paste the scan log results in your next reply.
-- Some types of malware will disable security tools. If SUPERAntiSpyware will not install, please refer to these instructions for using the SUPERAntiSpyware Installer. If SUPERAntiSpyware is already installed but will not run, then follow the instructions for using RUNSAS.EXE to launch the program.




Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log has a name like: TDSSKiller.Version_Date_Time_log.txt.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 bustacaptx

bustacaptx
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:08 PM

Posted 05 June 2012 - 09:10 PM

I'll do that, but I was running a full MalwareBytes scan (it found nothing) but while I was doing so, MS Security Essentials popped up the following warning box:

Posted Image

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,561 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:08 PM

Posted 05 June 2012 - 09:20 PM

Thanks,, we will be cleaning that temp folder and perhaps we'll sse the Java exploit in the Mini log..
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 bustacaptx

bustacaptx
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:08 PM

Posted 05 June 2012 - 09:35 PM

Minitoolbox results:


MiniToolBox by Farbar Version: 04-06-2012
Ran by Gary (administrator) on 05-06-2012 at 21:32:21
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================






========================= IP Configuration: ================================

Atheros AR9285 Wireless Network Adapter = Wireless Network Connection (Connected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
Atheros AR8152/8158 PCI-E Fast Ethernet Controller (NDIS 6.20) = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set subinterface interface=?> subinterface=ethernet_6 mtu=1477


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : wintermute
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : gateway.2wire.net

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : gateway.2wire.net
Description . . . . . . . . . . . : Atheros AR9285 Wireless Network Adapter
Physical Address. . . . . . . . . : D0-DF-9A-E0-D0-85
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::6495:53d5:e4e1:b80c%14(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.68(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, June 05, 2012 7:38:53 PM
Lease Expires . . . . . . . . . . : Wednesday, June 06, 2012 7:38:53 PM
Default Gateway . . . . . . . . . : 192.168.1.254
DHCP Server . . . . . . . . . . . : 192.168.1.254
DHCPv6 IAID . . . . . . . . . . . : 366010266
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-DE-86-11-B8-70-F4-34-92-25
DNS Servers . . . . . . . . . . . : 192.168.1.254
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR8152/8158 PCI-E Fast Ethernet Controller (NDIS 6.20)
Physical Address. . . . . . . . . : B8-70-F4-34-92-25
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Bluetooth Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : 38-59-F9-F4-73-54
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.gateway.2wire.net:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : gateway.2wire.net
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:243c:3278:3f57:febb(Preferred)
Link-local IPv6 Address . . . . . : fe80::243c:3278:3f57:febb%15(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: homeportal
Address: 192.168.1.254

Name: google.com
Addresses: 2607:f8b0:4000:801::1005
74.125.227.105
74.125.227.110
74.125.227.96
74.125.227.97
74.125.227.98
74.125.227.99
74.125.227.100
74.125.227.101
74.125.227.102
74.125.227.103
74.125.227.104


Pinging google.com [74.125.227.65] with 32 bytes of data:
Reply from 74.125.227.65: bytes=32 time=30ms TTL=50
Reply from 74.125.227.65: bytes=32 time=29ms TTL=50

Ping statistics for 74.125.227.65:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 29ms, Maximum = 30ms, Average = 29ms
Server: homeportal
Address: 192.168.1.254

Name: yahoo.com
Addresses: 72.30.38.140
98.139.183.24
209.191.122.70


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=108ms TTL=44
Reply from 98.139.183.24: bytes=32 time=99ms TTL=44

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 99ms, Maximum = 108ms, Average = 103ms
Server: homeportal
Address: 192.168.1.254

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
14...d0 df 9a e0 d0 85 ......Atheros AR9285 Wireless Network Adapter
13...b8 70 f4 34 92 25 ......Atheros AR8152/8158 PCI-E Fast Ethernet Controller (NDIS 6.20)
11...38 59 f9 f4 73 54 ......Bluetooth Device (Personal Area Network)
1...........................Software Loopback Interface 1
16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
15...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.68 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.68 281
192.168.1.68 255.255.255.255 On-link 192.168.1.68 281
192.168.1.255 255.255.255.255 On-link 192.168.1.68 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.68 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.68 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
15 58 ::/0 On-link
1 306 ::1/128 On-link
15 58 2001::/32 On-link
15 306 2001:0:4137:9e76:243c:3278:3f57:febb/128
On-link
14 281 fe80::/64 On-link
15 306 fe80::/64 On-link
15 306 fe80::243c:3278:3f57:febb/128
On-link
14 281 fe80::6495:53d5:e4e1:b80c/128
On-link
1 306 ff00::/8 On-link
15 306 ff00::/8 On-link
14 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 10 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (06/05/2012 09:06:48 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (06/05/2012 09:06:47 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (06/05/2012 09:06:46 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (06/05/2012 09:06:31 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (06/05/2012 09:06:31 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (06/05/2012 09:06:31 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (06/05/2012 09:06:31 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (06/05/2012 09:06:31 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (06/05/2012 09:06:31 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (06/05/2012 09:06:31 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.


System errors:
=============
Error: (06/05/2012 07:39:06 PM) (Source: Service Control Manager) (User: )
Description: The McAfee SiteAdvisor Service service failed to start due to the following error:
%%2

Error: (06/05/2012 07:06:37 PM) (Source: Service Control Manager) (User: )
Description: The McAfee SiteAdvisor Service service failed to start due to the following error:
%%2

Error: (06/05/2012 06:48:13 AM) (Source: Microsoft Antimalware) (User: )
Description: %%860 Real-Time Protection feature has encountered an error and failed.

Feature: %%834

Error Code: 0x80004005

Error description: Unspecified error

Reason: %%838

Error: (06/05/2012 06:34:25 AM) (Source: Service Control Manager) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%1070

Error: (06/05/2012 06:31:45 AM) (Source: Service Control Manager) (User: )
Description: The Peer Name Resolution Protocol service hung on starting.

Error: (06/05/2012 06:29:43 AM) (Source: Service Control Manager) (User: )
Description: The McAfee SiteAdvisor Service service failed to start due to the following error:
%%2

Error: (06/05/2012 06:29:37 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 6:27:50 AM on ?6/?5/?2012 was unexpected.

Error: (06/05/2012 06:27:36 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.

Error: (06/05/2012 06:27:06 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.

Error: (06/05/2012 06:20:47 AM) (Source: Service Control Manager) (User: )
Description: The Background Intelligent Transfer Service service hung on starting.


Microsoft Office Sessions:
=========================
Error: (06/05/2012 09:06:48 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (06/05/2012 09:06:47 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (06/05/2012 09:06:46 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (06/05/2012 09:06:31 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (06/05/2012 09:06:31 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (06/05/2012 09:06:31 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (06/05/2012 09:06:31 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (06/05/2012 09:06:31 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (06/05/2012 09:06:31 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (06/05/2012 09:06:31 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.


=========================== Installed Programs ============================

7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Acrobat.com (Version: 0.0.0)
Acrobat.com (Version: 1.2.443)
Adobe Acrobat 9 Pro - English, Français, Deutsch (Version: 9.0.0)
Adobe After Effects CS4 (Version: 9)
Adobe After Effects CS4 Presets (Version: 9)
Adobe After Effects CS4 Third Party Content (Version: 9)
Adobe AIR (Version: 3.1.0.4880)
Adobe Anchor Service CS4 (Version: 2.0)
Adobe Anchor Service x64 CS4 (Version: 2.0)
Adobe Asset Services CS4 (Version: 4)
Adobe Bridge CS4 (Version: 3)
Adobe CMaps CS4 (Version: 2.0)
Adobe CMaps x64 CS4 (Version: 2.0)
Adobe Color - Photoshop Specific CS4 (Version: 2.0)
Adobe Color EU Recommended Settings CS4 (Version: 2.0)
Adobe Color JA Extra Settings CS4 (Version: 2.0)
Adobe Color NA Extra Settings CS4 (Version: 2.0)
Adobe Color Video Profiles AE CS4 (Version: 2.0)
Adobe Color Video Profiles CS CS4 (Version: 2.0)
Adobe Contribute CS4 (Version: 5.0)
Adobe Creative Suite 4 Master Collection (Version: 4.0)
Adobe CS4 American English Speech Analysis Models (Version: 1)
Adobe CSI CS4 (Version: 1)
Adobe CSI CS4 x64 (Version: 1)
Adobe Default Language CS4 (Version: 2.0)
Adobe Device Central CS4 (Version: 2)
Adobe Dreamweaver CS4 (Version: 10.0)
Adobe Drive CS4 (Version: 1)
Adobe Drive CS4 x64 (Version: 1)
Adobe Dynamiclink Support (Version: 1)
Adobe Encore CS4 (Version: 4)
Adobe Encore CS4 Codecs (Version: 4)
Adobe ExtendScript Toolkit CS4 (Version: 3.0.0)
Adobe Extension Manager CS4 (Version: 2.0)
Adobe Fireworks CS4 (Version: 10.0)
Adobe Flash CS4 (Version: 10.0)
Adobe Flash CS4 Extension - Flash Lite STI en (Version: 3.0)
Adobe Flash CS4 STI-en (Version: 10.0)
Adobe Flash Player 11 ActiveX 64-bit (Version: 11.2.202.235)
Adobe Flash Player 11 Plugin (Version: 11.2.202.235)
Adobe Flash Player 11 Plugin 64-bit (Version: 11.2.202.235)
Adobe Fonts All (Version: 2.0)
Adobe Fonts All x64 (Version: 2.0)
Adobe Illustrator CS4 (Version: 14.0)
Adobe InDesign CS4 (Version: 6.0)
Adobe InDesign CS4 Application Feature Set Files (Roman) (Version: 6.0)
Adobe InDesign CS4 Common Base Files (Version: 6.0)
Adobe InDesign CS4 Icon Handler (Version: 6.0)
Adobe InDesign CS4 Icon Handler x64 (Version: 6.0)
Adobe Linguistics CS4 (Version: 4.0.0)
Adobe Linguistics CS4 x64 (Version: 4.0.0)
Adobe Media Encoder CS4 (Version: 1.0)
Adobe Media Encoder CS4 Additional Exporter (Version: 1.0)
Adobe Media Encoder CS4 Dolby (Version: 1.0)
Adobe Media Encoder CS4 Exporter (Version: 1.0)
Adobe Media Encoder CS4 Importer (Version: 1.0)
Adobe Media Player (Version: 0.0.0)
Adobe Media Player (Version: 1.1)
Adobe MotionPicture Color Files CS4 (Version: 2.0)
Adobe OnLocation CS4 (Version: 4)
Adobe Output Module (Version: 2.0)
Adobe PDF Library Files CS4 (Version: 9.0)
Adobe PDF Library Files x64 CS4 (Version: 9.0)
Adobe Photoshop CS4 (64 Bit) (Version: 11.0)
Adobe Photoshop CS4 (Version: 11.0)
Adobe Photoshop CS4 Support (Version: 11.0)
Adobe Premiere Pro CS4 (Version: 4)
Adobe Premiere Pro CS4 Functional Content (Version: 4)
Adobe Premiere Pro CS4 Third Party Content (Version: 4)
Adobe Reader X (10.1.0) (Version: 10.1.0)
Adobe Search for Help (Version: 1.0)
Adobe Service Manager Extension (Version: 1.0)
Adobe Setup (Version: 2.0)
Adobe SGM CS4 (Version: 3.0)
Adobe Shockwave Player 11.6 (Version: 11.6.1.629)
Adobe SING CS4 (Version: 2.0)
Adobe Soundbooth CS4 (Version: 2)
Adobe Soundbooth CS4 Codecs (Version: 2)
Adobe Type Support CS4 (Version: 9.0)
Adobe Type Support x64 CS4 (Version: 9.0)
Adobe Update Manager CS4 (Version: 6.0.0)
Adobe Version Cue CS4 Server (Version: 4.0)
Adobe WinSoft Linguistics Plugin (Version: 1.1)
Adobe WinSoft Linguistics Plugin x64 (Version: 1.1)
Adobe XMP Panels CS4 (Version: 2.0)
AdobeColorCommonSetCMYK (Version: 2.0)
AdobeColorCommonSetRGB (Version: 2.0)
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (Version: 2.1.3.127)
ASIO4ALL (Version: 2.10)
Atheros Client Installation Program (Version: 7.0)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (Version: 1.0.0.36)
ATI Catalyst Install Manager (Version: 3.0.808.0)
ATI Uninstaller (Version: 8.813.3.2-110324a-116588C-Lenovo)
Audacity 1.3.13 (Unicode)
avast! Free Antivirus (Version: 7.0.1426.0)
AVG 2012 (Version: 12.0.1901)
AVG 2012 (Version: 12.0.1913)
AVG 2012 (Version: 12.0.2176)
AVG 2012 (Version: 12.0.2425)
AVG 2012 (Version: 2012.0.2176)
Bonjour (Version: 3.0.0.10)
Catalyst Control Center Graphics Previews Common (Version: 2011.0324.2228.38483)
Catalyst Control Center InstallProxy (Version: 2011.0324.2228.38483)
Catalyst Control Center Localization All (Version: 2011.0324.2228.38483)
Catalyst Control Center Profiles Mobile (Version: 2011.0324.2228.38483)
ccc-core-static (Version: 2011.0324.2228.38483)
ccc-utility64 (Version: 2011.0324.2228.38483)
CCC Help Chinese Standard (Version: 2011.0324.2227.38483)
CCC Help Chinese Traditional (Version: 2011.0324.2227.38483)
CCC Help Czech (Version: 2011.0324.2227.38483)
CCC Help Danish (Version: 2011.0324.2227.38483)
CCC Help Dutch (Version: 2011.0324.2227.38483)
CCC Help English (Version: 2011.0324.2227.38483)
CCC Help Finnish (Version: 2011.0324.2227.38483)
CCC Help French (Version: 2011.0324.2227.38483)
CCC Help German (Version: 2011.0324.2227.38483)
CCC Help Greek (Version: 2011.0324.2227.38483)
CCC Help Hungarian (Version: 2011.0324.2227.38483)
CCC Help Italian (Version: 2011.0324.2227.38483)
CCC Help Japanese (Version: 2011.0324.2227.38483)
CCC Help Korean (Version: 2011.0324.2227.38483)
CCC Help Norwegian (Version: 2011.0324.2227.38483)
CCC Help Polish (Version: 2011.0324.2227.38483)
CCC Help Portuguese (Version: 2011.0324.2227.38483)
CCC Help Russian (Version: 2011.0324.2227.38483)
CCC Help Spanish (Version: 2011.0324.2227.38483)
CCC Help Swedish (Version: 2011.0324.2227.38483)
CCC Help Thai (Version: 2011.0324.2227.38483)
CCC Help Turkish (Version: 2011.0324.2227.38483)
CCleaner (Version: 3.10)
CDBurnerXP (Version: 4.3.8.2631)
Conexant HD Audio (Version: 8.54.1.0)
Connect (Version: 1.0.0.1)
CutePDF Writer 2.8
D3DX10 (Version: 15.4.2368.0902)
DFX for Windows Media Player (Version: 9.304.0.0)
Dropbox (Version: 1.1.45)
Energy Management (Version: 6.0.2.0)
eReg (Version: 1.20.138.34)
Fender FUSE
Fender FUSE 2.6.0.22
Fender Universal ASIO
FileZilla Client 3.5.1 (Version: 3.5.1)
Foxit Reader (Version: 5.3.0.423)
GOM Player (Version: 2.1.37.5085)
Google Chrome (Version: 19.0.1084.52)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.3.2710.138)
Google Update Helper (Version: 1.3.21.111)
Hulu Desktop (Version: 0.9.14)
ImgBurn (Version: 2.5.5.0)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Display Audio Driver (Version: 6.14.00.3074)
Intel® Management Engine Components (Version: 7.0.0.1144)
Intel® Rapid Storage Technology (Version: 10.1.5.1001)
IrfanView (remove only) (Version: 4.30)
iTunes (Version: 10.6.1.7)
Java Auto Updater (Version: 2.1.6.0)
Java™ 6 Update 22 (Version: 6.0.220)
Java™ 7 Update 4 (Version: 7.0.40)
JavaFX 2.1.0 (Version: 2.1.0)
Junk Mail filter update (Version: 15.4.3502.0922)
K-Lite Codec Pack 7.6.0 (Full) (Version: 7.6.0)
kuler (Version: 2.0)
Last.fm 1.5.4.27091
Lenovo Bluetooth with Enhanced Data Rate Software (Version: 6.3.0.7400)
Lenovo EasyCamera (Version: 5.8.56000.8)
Lenovo EE Boot Optimizer (Version: 0.0.1.6)
Lenovo Games Console (Version: 1.2.6.436)
Lenovo OneKey Recovery (Version: 7.0.1628)
Lenovo PowerDVD 10 (Version: 10.0.2811.52)
Lenovo YouCam (Version: 3.1.3728)
Logitech Harmony Remote Software 7 (Version: 7.7.0.0)
Logitech SetPoint 6.30 (Version: 6.30.43)
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
MediaImpression
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Security Client (Version: 4.0.1526.0)
Microsoft Security Essentials (Version: 4.0.1526.0)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Mozilla Firefox 12.0 (x86 en-US) (Version: 12.0)
Mozilla Maintenance Service (Version: 12.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
Notepad++ (Version: 5.9.3)
OpenOffice.org 3.3 (Version: 3.3.9567)
PDF Settings CS4 (Version: 9.0)
Photoshop Camera Raw (Version: 5.0)
Photoshop Camera Raw_x64 (Version: 5.0)
Pixel Bender Toolkit (Version: 1.0)
Power2Go (Version: 5.6.0.7303)
PX Profile Update (Version: 1.00.1.)
QuickTime (Version: 7.72.80.56)
Realtek USB 2.0 Reader Driver (Version: 6.1.7600.10003)
Remote Control USB Driver (Version: 2.3.2.317)
Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.0.32.0)
Safari (Version: 5.34.57.2)
Skype™ 5.5 (Version: 5.5.115)
Songmaster Downloader (Version: 0.2.7)
Spotify (Version: 0.5.2)
Spotify (Version: 0.8.2.610.g090a06f8)
SpyNet Field Office (Version: 1.0)
Steam (Version: 1.0.0.0)
Suite Shared Configuration CS4 (Version: 1.0)
Synaptics Pointing Device Driver (Version: 15.3.0.0)
TeamViewer 6 (Version: 6.0.11052)
The KMPlayer (remove only)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
UserGuide (Version: 1.0.0.6)
VeriFace (Version: 4.0.0.1224)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
VLC media player 1.1.11 (Version: 1.1.11)
Windows Driver Package - Lenovo (ACPIVPC) System (12/02/2010 6.1.0.1) (Version: 12/02/2010 6.1.0.1)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3508.1109)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinRAR 4.01 (64-bit) (Version: 4.01.0)
WMV9/VC-1 Video Playback (Version: 1.00.0000)
XnView 1.98.2 (Version: 1.98.2)

========================= Memory info: ===================================

Percentage of memory in use: 48%
Total physical RAM: 6087.86 MB
Available physical RAM: 3151.06 MB
Total Pagefile: 12173.91 MB
Available Pagefile: 8995.13 MB
Total Virtual: 4095.88 MB
Available Virtual: 3968.09 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:654.69 GB) (Free:577.7 GB) NTFS
2 Drive d: (LENOVO) (Fixed) (Total:29 GB) (Free:17.21 GB) NTFS
3 Drive f: (GDEC3TUTORIAL) (CDROM) (Total:3.89 GB) (Free:0 GB) UDF

========================= Users: ========================================

User accounts for \\WINTERMUTE

Administrator Gary Guest


**** End of log ****

Edited by bustacaptx, 05 June 2012 - 10:34 PM.


#6 bustacaptx

bustacaptx
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:08 PM

Posted 06 June 2012 - 08:38 AM

Okay, I have done everything else listed. I went ahead and had MS Security Essentials delete the files it found in the screenshot above.

TFC - Check
SuperAntiSpyware - Check. I forgot the log (saved on my portable hard drive which I left at home), but all it found was 242 tracking cookies; I had it delete them. I can post the log when I return this evening if you'd like.
TDSKiller - Check. It found nothing, even though I selected the two additional scanning options. I can also post that log once I get home.

Once again, thanks for the help! :thumbup2:

Edited by bustacaptx, 06 June 2012 - 08:46 AM.


#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,561 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:08 PM

Posted 06 June 2012 - 01:44 PM

Ok,Dont Need SAS as it was cookies.. Would like the TDSS.

I see 2 AV's is one disabled?
avast! Free Antivirus (Version: 7.0.1426.0)
AVG 2012 (Version: 2012.0.2176)


Need to Un instll this as it can be exploited

Java™ 6 Update 22 (Version: 6.0.220)

Reboot..


A last look.....
I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Under scan settings, check Posted Image and check Remove found threats
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image


NOTE: In some instances if no malware is found there will be no log produced.


How is it running now?

Edited by boopme, 06 June 2012 - 01:45 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 bustacaptx

bustacaptx
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:08 PM

Posted 06 June 2012 - 08:25 PM

It still seems a bit sluggish on bootup.

TDSSKIller Log:

07:03:30.0980 5800 TDSS rootkit removing tool 2.7.38.0 May 25 2012 17:35:31
07:03:31.0465 5800 ============================================================
07:03:31.0465 5800 Current date / time: 2012/06/06 07:03:31.0465
07:03:31.0465 5800 SystemInfo:
07:03:31.0465 5800
07:03:31.0465 5800 OS Version: 6.1.7601 ServicePack: 1.0
07:03:31.0465 5800 Product type: Workstation
07:03:31.0465 5800 ComputerName: WINTERMUTE
07:03:31.0465 5800 UserName: Gary
07:03:31.0465 5800 Windows directory: C:\windows
07:03:31.0465 5800 System windows directory: C:\windows
07:03:31.0465 5800 Running under WOW64
07:03:31.0465 5800 Processor architecture: Intel x64
07:03:31.0465 5800 Number of processors: 4
07:03:31.0465 5800 Page size: 0x1000
07:03:31.0465 5800 Boot type: Normal boot
07:03:31.0465 5800 ============================================================
07:03:31.0964 5800 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
07:03:31.0980 5800 ============================================================
07:03:31.0980 5800 \Device\Harddisk0\DR0:
07:03:31.0980 5800 MBR partitions:
07:03:31.0980 5800 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x64000
07:03:31.0980 5800 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64800, BlocksNum 0x51D61000
07:03:31.0995 5800 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x51DC6000, BlocksNum 0x39FE000
07:03:31.0995 5800 ============================================================
07:03:32.0058 5800 C: <-> \Device\Harddisk0\DR0\Partition1
07:03:32.0104 5800 D: <-> \Device\Harddisk0\DR0\Partition2
07:03:32.0104 5800 ============================================================
07:03:32.0104 5800 Initialize success
07:03:32.0104 5800 ============================================================
07:03:52.0774 7588 ============================================================
07:03:52.0774 7588 Scan started
07:03:52.0774 7588 Mode: Manual; SigCheck; TDLFS;
07:03:52.0774 7588 ============================================================
07:03:53.0024 7588 !SASCORE (7d9d615201a483d6fa99491c2e655a5a) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
07:03:53.0071 7588 !SASCORE - ok
07:03:53.0320 7588 1394ohci (a87d604aea360176311474c87a63bb88) C:\windows\system32\drivers\1394ohci.sys
07:03:53.0352 7588 1394ohci - ok
07:03:53.0508 7588 ACDaemon (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
07:03:53.0554 7588 ACDaemon - ok
07:03:53.0617 7588 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\windows\system32\drivers\ACPI.sys
07:03:53.0632 7588 ACPI - ok
07:03:53.0664 7588 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\windows\system32\drivers\acpipmi.sys
07:03:53.0695 7588 AcpiPmi - ok
07:03:53.0757 7588 ACPIVPC (5bbff8b826ec38d32c26334e079c7efc) C:\windows\system32\DRIVERS\AcpiVpc.sys
07:03:53.0773 7588 ACPIVPC - ok
07:03:53.0835 7588 adfs (2f0683fd2df1d92e891caca14b45a8c1) C:\windows\system32\drivers\adfs.sys
07:03:53.0835 7588 adfs - ok
07:03:53.0976 7588 Adobe Version Cue CS4 (57a3b9a69f14414ace12afd6ba701773) C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
07:03:54.0007 7588 Adobe Version Cue CS4 - ok
07:03:54.0069 7588 AdobeARMservice (11a52cf7b265631deeb24c6149309eff) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
07:03:54.0085 7588 AdobeARMservice - ok
07:03:54.0288 7588 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
07:03:54.0288 7588 AdobeFlashPlayerUpdateSvc - ok
07:03:54.0397 7588 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\drivers\adp94xx.sys
07:03:54.0412 7588 adp94xx - ok
07:03:54.0459 7588 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\drivers\adpahci.sys
07:03:54.0475 7588 adpahci - ok
07:03:54.0506 7588 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\drivers\adpu320.sys
07:03:54.0537 7588 adpu320 - ok
07:03:54.0584 7588 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\windows\System32\aelupsvc.dll
07:03:54.0631 7588 AeLookupSvc - ok
07:03:54.0771 7588 Afc (6ccd1135320109d6b219f1a6e04ad9f6) C:\windows\syswow64\drivers\Afc.sys
07:03:54.0787 7588 Afc - ok
07:03:54.0865 7588 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\windows\system32\drivers\afd.sys
07:03:54.0896 7588 AFD - ok
07:03:54.0943 7588 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\drivers\agp440.sys
07:03:54.0943 7588 agp440 - ok
07:03:54.0990 7588 ALG (3290d6946b5e30e70414990574883ddb) C:\windows\System32\alg.exe
07:03:55.0021 7588 ALG - ok
07:03:55.0052 7588 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\drivers\aliide.sys
07:03:55.0068 7588 aliide - ok
07:03:55.0130 7588 AMD External Events Utility (a9141f9fe92e67a92b3948635e96cf77) C:\windows\system32\atiesrxx.exe
07:03:55.0146 7588 AMD External Events Utility - ok
07:03:55.0161 7588 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\drivers\amdide.sys
07:03:55.0177 7588 amdide - ok
07:03:55.0208 7588 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\drivers\amdk8.sys
07:03:55.0239 7588 AmdK8 - ok
07:03:55.0692 7588 amdkmdag (99a33223b2d67a5a8839e373490f8ebc) C:\windows\system32\DRIVERS\atikmdag.sys
07:03:55.0894 7588 amdkmdag - ok
07:03:56.0113 7588 amdkmdap (73a3d07343773a4f0881a458d485be11) C:\windows\system32\DRIVERS\atikmpag.sys
07:03:56.0144 7588 amdkmdap - ok
07:03:56.0175 7588 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\drivers\amdppm.sys
07:03:56.0206 7588 AmdPPM - ok
07:03:56.0253 7588 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\windows\system32\drivers\amdsata.sys
07:03:56.0269 7588 amdsata - ok
07:03:56.0331 7588 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\drivers\amdsbs.sys
07:03:56.0378 7588 amdsbs - ok
07:03:56.0394 7588 amdxata (540daf1cea6094886d72126fd7c33048) C:\windows\system32\drivers\amdxata.sys
07:03:56.0409 7588 amdxata - ok
07:03:56.0456 7588 AppID (89a69c3f2f319b43379399547526d952) C:\windows\system32\drivers\appid.sys
07:03:56.0503 7588 AppID - ok
07:03:56.0534 7588 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\windows\System32\appidsvc.dll
07:03:56.0581 7588 AppIDSvc - ok
07:03:56.0596 7588 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\windows\System32\appinfo.dll
07:03:56.0659 7588 Appinfo - ok
07:03:56.0815 7588 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
07:03:56.0815 7588 Apple Mobile Device - ok
07:03:56.0862 7588 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\drivers\arc.sys
07:03:56.0877 7588 arc - ok
07:03:56.0908 7588 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\drivers\arcsas.sys
07:03:56.0924 7588 arcsas - ok
07:03:56.0971 7588 aswFsBlk (b9da213b5271db5fce962d827e6d620d) C:\windows\system32\drivers\aswFsBlk.sys
07:03:56.0971 7588 aswFsBlk - ok
07:03:57.0002 7588 aswMonFlt (21c9835d0e5ad2ff0f16134bcb32cc71) C:\windows\system32\drivers\aswMonFlt.sys
07:03:57.0018 7588 aswMonFlt - ok
07:03:57.0049 7588 aswRdr (1b96a5867abd4fa6135d8298fcccf9c6) C:\windows\System32\Drivers\aswrdr2.sys
07:03:57.0064 7588 aswRdr - ok
07:03:57.0158 7588 aswSnx (6e98bb288696777a3a8a07a52b0eaee9) C:\windows\system32\drivers\aswSnx.sys
07:03:57.0189 7588 aswSnx - ok
07:03:57.0220 7588 aswSP (d9fb49f16e4eb02efecae8cbfe4bcb4c) C:\windows\system32\drivers\aswSP.sys
07:03:57.0252 7588 aswSP - ok
07:03:57.0283 7588 aswTdi (7352bb9a564b94bbd7c9cbf165f55006) C:\windows\system32\drivers\aswTdi.sys
07:03:57.0298 7588 aswTdi - ok
07:03:57.0330 7588 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys
07:03:57.0376 7588 AsyncMac - ok
07:03:57.0408 7588 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\drivers\atapi.sys
07:03:57.0423 7588 atapi - ok
07:03:57.0688 7588 athr (782d36bad8ddbf008d02e055dbe70f82) C:\windows\system32\DRIVERS\athrx.sys
07:03:57.0766 7588 athr - ok
07:03:57.0969 7588 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
07:03:58.0016 7588 AudioEndpointBuilder - ok
07:03:58.0016 7588 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
07:03:58.0047 7588 AudioSrv - ok
07:03:58.0125 7588 avast! Antivirus (4041d31508a2a084dfb42c595854090f) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
07:03:58.0141 7588 avast! Antivirus - ok
07:03:58.0656 7588 AVGIDSAgent (ba60fd7a64b9759a14c0fba4a9ed4c7b) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
07:03:58.0780 7588 AVGIDSAgent - ok
07:03:58.0921 7588 AVGIDSDriver (1b2e9fcdc26dc7c81d4131430e2dc936) C:\windows\system32\DRIVERS\avgidsdrivera.sys
07:03:58.0936 7588 AVGIDSDriver - ok
07:03:58.0968 7588 AVGIDSFilter (0f293406f64b48d5d2f0d3a1117f3a83) C:\windows\system32\DRIVERS\avgidsfiltera.sys
07:03:58.0983 7588 AVGIDSFilter - ok
07:03:59.0030 7588 AVGIDSHA (cffc3a4a638f462e0561cb368b9a7a3a) C:\windows\system32\DRIVERS\avgidsha.sys
07:03:59.0046 7588 AVGIDSHA - ok
07:03:59.0092 7588 Avgldx64 (59955b4c288dd2a8b9fd2cd5158355c5) C:\windows\system32\DRIVERS\avgldx64.sys
07:03:59.0108 7588 Avgldx64 - ok
07:03:59.0139 7588 Avgmfx64 (a6aec362aae5e2dda7445e7690cb0f33) C:\windows\system32\DRIVERS\avgmfx64.sys
07:03:59.0155 7588 Avgmfx64 - ok
07:03:59.0202 7588 Avgrkx64 (645c7f0a0e39758a0024a9b1748273c0) C:\windows\system32\DRIVERS\avgrkx64.sys
07:03:59.0202 7588 Avgrkx64 - ok
07:03:59.0264 7588 Avgtdia (1bee674ad792b1c63bb0dac5fa724b23) C:\windows\system32\DRIVERS\avgtdia.sys
07:03:59.0295 7588 Avgtdia - ok
07:03:59.0420 7588 avgwd (ea1145debcd508fd25bd1e95c4346929) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
07:03:59.0420 7588 avgwd - ok
07:03:59.0482 7588 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\windows\System32\AxInstSV.dll
07:03:59.0529 7588 AxInstSV - ok
07:03:59.0607 7588 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\drivers\bxvbda.sys
07:03:59.0654 7588 b06bdrv - ok
07:03:59.0732 7588 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys
07:03:59.0779 7588 b57nd60a - ok
07:03:59.0826 7588 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\windows\System32\bdesvc.dll
07:03:59.0872 7588 BDESVC - ok
07:03:59.0888 7588 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys
07:03:59.0950 7588 Beep - ok
07:04:00.0044 7588 BFE (82974d6a2fd19445cc5171fc378668a4) C:\windows\System32\bfe.dll
07:04:00.0106 7588 BFE - ok
07:04:00.0216 7588 BITS (1ea7969e3271cbc59e1730697dc74682) C:\windows\System32\qmgr.dll
07:04:00.0247 7588 BITS - ok
07:04:00.0325 7588 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys
07:04:00.0340 7588 blbdrive - ok
07:04:00.0496 7588 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
07:04:00.0512 7588 Bonjour Service - ok
07:04:00.0559 7588 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\windows\system32\DRIVERS\bowser.sys
07:04:00.0621 7588 bowser - ok
07:04:00.0652 7588 BPntDrv (aaa4f992f879977a000fe8b8c730cd2c) C:\windows\system32\drivers\BPntDrv.sys
07:04:00.0652 7588 BPntDrv - ok
07:04:00.0684 7588 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\drivers\BrFiltLo.sys
07:04:00.0715 7588 BrFiltLo - ok
07:04:00.0746 7588 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\drivers\BrFiltUp.sys
07:04:00.0777 7588 BrFiltUp - ok
07:04:00.0824 7588 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\windows\System32\browser.dll
07:04:00.0871 7588 Browser - ok
07:04:00.0918 7588 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys
07:04:00.0964 7588 Brserid - ok
07:04:00.0980 7588 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys
07:04:01.0011 7588 BrSerWdm - ok
07:04:01.0042 7588 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys
07:04:01.0074 7588 BrUsbMdm - ok
07:04:01.0089 7588 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys
07:04:01.0120 7588 BrUsbSer - ok
07:04:01.0198 7588 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\windows\system32\drivers\BthEnum.sys
07:04:01.0214 7588 BthEnum - ok
07:04:01.0245 7588 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\drivers\bthmodem.sys
07:04:01.0276 7588 BTHMODEM - ok
07:04:01.0292 7588 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\windows\system32\DRIVERS\bthpan.sys
07:04:01.0339 7588 BthPan - ok
07:04:01.0448 7588 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\windows\System32\Drivers\BTHport.sys
07:04:01.0495 7588 BTHPORT - ok
07:04:01.0542 7588 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\windows\system32\bthserv.dll
07:04:01.0588 7588 bthserv - ok
07:04:01.0620 7588 BTHUSB (f188b7394d81010767b6df3178519a37) C:\windows\System32\Drivers\BTHUSB.sys
07:04:01.0651 7588 BTHUSB - ok
07:04:01.0744 7588 BTWAMPFL (9de56fa4533e485ae5409d3c11747143) C:\windows\system32\DRIVERS\btwampfl.sys
07:04:01.0760 7588 BTWAMPFL - ok
07:04:01.0822 7588 btwaudio (f6135859a582a7294ba7a3336e08baa1) C:\windows\system32\drivers\btwaudio.sys
07:04:01.0838 7588 btwaudio - ok
07:04:01.0869 7588 btwavdt (3def2370e414b4e299673558ba171a51) C:\windows\system32\DRIVERS\btwavdt.sys
07:04:01.0885 7588 btwavdt - ok
07:04:02.0103 7588 btwdins (7987fffda812abc69047d1b029d446a2) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
07:04:02.0119 7588 btwdins - ok
07:04:02.0150 7588 btwl2cap (e8d2bcd080ea91e74775b9f5ea051f97) C:\windows\system32\DRIVERS\btwl2cap.sys
07:04:02.0166 7588 btwl2cap - ok
07:04:02.0181 7588 btwrchid (9937e0e4dfc0030560a6dfe9d3a94b39) C:\windows\system32\DRIVERS\btwrchid.sys
07:04:02.0181 7588 btwrchid - ok
07:04:02.0228 7588 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys
07:04:02.0290 7588 cdfs - ok
07:04:02.0322 7588 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\windows\system32\DRIVERS\cdrom.sys
07:04:02.0353 7588 cdrom - ok
07:04:02.0415 7588 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
07:04:02.0478 7588 CertPropSvc - ok
07:04:02.0540 7588 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\drivers\circlass.sys
07:04:02.0571 7588 circlass - ok
07:04:02.0634 7588 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys
07:04:02.0649 7588 CLFS - ok
07:04:02.0836 7588 CLKMSVC10_3A60B698 (524dc3807cb1746225f9d26add19c319) C:\Program Files (x86)\Lenovo\PowerDVD10\NavFilter\kmsvc.exe
07:04:02.0836 7588 CLKMSVC10_3A60B698 - ok
07:04:02.0946 7588 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
07:04:02.0961 7588 clr_optimization_v2.0.50727_32 - ok
07:04:03.0008 7588 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
07:04:03.0024 7588 clr_optimization_v2.0.50727_64 - ok
07:04:03.0148 7588 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
07:04:03.0164 7588 clr_optimization_v4.0.30319_32 - ok
07:04:03.0242 7588 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
07:04:03.0258 7588 clr_optimization_v4.0.30319_64 - ok
07:04:03.0414 7588 clwvd (50f92c943f18b070f166d019dfab3d9a) C:\windows\system32\DRIVERS\clwvd.sys
07:04:03.0429 7588 clwvd - ok
07:04:03.0460 7588 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys
07:04:03.0492 7588 CmBatt - ok
07:04:03.0507 7588 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\drivers\cmdide.sys
07:04:03.0523 7588 cmdide - ok
07:04:03.0601 7588 CNG (c4943b6c962e4b82197542447ad599f4) C:\windows\system32\Drivers\cng.sys
07:04:03.0632 7588 CNG - ok
07:04:03.0819 7588 CnxtHdAudService (99b1b888b793de320c5479b3c953781f) C:\windows\system32\drivers\CHDRT64.sys
07:04:03.0882 7588 CnxtHdAudService - ok
07:04:04.0053 7588 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\drivers\compbatt.sys
07:04:04.0069 7588 Compbatt - ok
07:04:04.0069 7588 CompositeBus (03edb043586cceba243d689bdda370a8) C:\windows\system32\DRIVERS\CompositeBus.sys
07:04:04.0100 7588 CompositeBus - ok
07:04:04.0100 7588 COMSysApp - ok
07:04:04.0116 7588 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\drivers\crcdisk.sys
07:04:04.0131 7588 crcdisk - ok
07:04:04.0194 7588 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\windows\system32\cryptsvc.dll
07:04:04.0272 7588 CryptSvc - ok
07:04:04.0350 7588 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
07:04:04.0412 7588 DcomLaunch - ok
07:04:04.0459 7588 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\windows\System32\defragsvc.dll
07:04:04.0506 7588 defragsvc - ok
07:04:04.0537 7588 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\windows\system32\Drivers\dfsc.sys
07:04:04.0584 7588 DfsC - ok
07:04:04.0646 7588 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\windows\system32\dhcpcore.dll
07:04:04.0693 7588 Dhcp - ok
07:04:04.0740 7588 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys
07:04:04.0786 7588 discache - ok
07:04:04.0833 7588 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\drivers\disk.sys
07:04:04.0849 7588 Disk - ok
07:04:04.0896 7588 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\windows\System32\dnsrslvr.dll
07:04:04.0927 7588 Dnscache - ok
07:04:04.0989 7588 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\windows\System32\dot3svc.dll
07:04:05.0036 7588 dot3svc - ok
07:04:05.0067 7588 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\windows\system32\dps.dll
07:04:05.0114 7588 DPS - ok
07:04:05.0161 7588 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys
07:04:05.0192 7588 drmkaud - ok
07:04:05.0301 7588 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\windows\System32\drivers\dxgkrnl.sys
07:04:05.0332 7588 DXGKrnl - ok
07:04:05.0364 7588 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\windows\System32\eapsvc.dll
07:04:05.0442 7588 EapHost - ok
07:04:05.0707 7588 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\drivers\evbda.sys
07:04:05.0800 7588 ebdrv - ok
07:04:05.0956 7588 EFS (c118a82cd78818c29ab228366ebf81c3) C:\windows\System32\lsass.exe
07:04:05.0972 7588 EFS - ok
07:04:06.0081 7588 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\windows\ehome\ehRecvr.exe
07:04:06.0144 7588 ehRecvr - ok
07:04:06.0175 7588 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\windows\ehome\ehsched.exe
07:04:06.0206 7588 ehSched - ok
07:04:06.0315 7588 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\drivers\elxstor.sys
07:04:06.0331 7588 elxstor - ok
07:04:06.0346 7588 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\drivers\errdev.sys
07:04:06.0393 7588 ErrDev - ok
07:04:06.0456 7588 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\windows\system32\es.dll
07:04:06.0518 7588 EventSystem - ok
07:04:06.0580 7588 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys
07:04:06.0612 7588 exfat - ok
07:04:06.0643 7588 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys
07:04:06.0705 7588 fastfat - ok
07:04:06.0783 7588 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\windows\system32\fxssvc.exe
07:04:06.0846 7588 Fax - ok
07:04:06.0877 7588 fbfmon (3191aca33088ee2481044fc0db736442) C:\windows\system32\drivers\fbfmon.sys
07:04:06.0877 7588 fbfmon - ok
07:04:06.0892 7588 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\drivers\fdc.sys
07:04:06.0924 7588 fdc - ok
07:04:06.0955 7588 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\windows\system32\fdPHost.dll
07:04:06.0986 7588 fdPHost - ok
07:04:07.0017 7588 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\windows\system32\fdrespub.dll
07:04:07.0064 7588 FDResPub - ok
07:04:07.0111 7588 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys
07:04:07.0126 7588 FileInfo - ok
07:04:07.0142 7588 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys
07:04:07.0173 7588 Filetrace - ok
07:04:07.0376 7588 FLEXnet Licensing Service (1f63900e2eb00101b9aca2b7a870704e) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
07:04:07.0392 7588 FLEXnet Licensing Service - ok
07:04:07.0579 7588 FLEXnet Licensing Service 64 (1c3fb052a0bb72edaed90785c34d6eed) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
07:04:07.0610 7588 FLEXnet Licensing Service 64 - ok
07:04:07.0782 7588 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\drivers\flpydisk.sys
07:04:07.0797 7588 flpydisk - ok
07:04:07.0828 7588 FltMgr (da6b67270fd9db3697b20fce94950741) C:\windows\system32\drivers\fltmgr.sys
07:04:07.0860 7588 FltMgr - ok
07:04:07.0984 7588 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\windows\system32\FntCache.dll
07:04:08.0031 7588 FontCache - ok
07:04:08.0109 7588 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
07:04:08.0125 7588 FontCache3.0.0.0 - ok
07:04:08.0172 7588 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys
07:04:08.0187 7588 FsDepends - ok
07:04:08.0234 7588 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\windows\system32\drivers\Fs_Rec.sys
07:04:08.0234 7588 Fs_Rec - ok
07:04:08.0281 7588 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\windows\system32\DRIVERS\fvevol.sys
07:04:08.0312 7588 fvevol - ok
07:04:08.0343 7588 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\drivers\gagp30kx.sys
07:04:08.0359 7588 gagp30kx - ok
07:04:08.0406 7588 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\windows\system32\DRIVERS\GEARAspiWDM.sys
07:04:08.0421 7588 GEARAspiWDM - ok
07:04:08.0530 7588 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\windows\System32\gpsvc.dll
07:04:08.0577 7588 gpsvc - ok
07:04:08.0686 7588 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
07:04:08.0702 7588 gupdate - ok
07:04:08.0718 7588 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
07:04:08.0718 7588 gupdatem - ok
07:04:08.0796 7588 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
07:04:08.0796 7588 gusvc - ok
07:04:08.0842 7588 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys
07:04:08.0874 7588 hcw85cir - ok
07:04:08.0952 7588 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\windows\system32\drivers\HdAudio.sys
07:04:08.0998 7588 HdAudAddService - ok
07:04:09.0030 7588 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\windows\system32\DRIVERS\HDAudBus.sys
07:04:09.0061 7588 HDAudBus - ok
07:04:09.0076 7588 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\drivers\HidBatt.sys
07:04:09.0108 7588 HidBatt - ok
07:04:09.0123 7588 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\drivers\hidbth.sys
07:04:09.0154 7588 HidBth - ok
07:04:09.0186 7588 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\drivers\hidir.sys
07:04:09.0201 7588 HidIr - ok
07:04:09.0232 7588 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\windows\system32\hidserv.dll
07:04:09.0279 7588 hidserv - ok
07:04:09.0326 7588 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\windows\system32\DRIVERS\hidusb.sys
07:04:09.0342 7588 HidUsb - ok
07:04:09.0357 7588 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\windows\system32\kmsvc.dll
07:04:09.0435 7588 hkmsvc - ok
07:04:09.0482 7588 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\windows\system32\ListSvc.dll
07:04:09.0513 7588 HomeGroupListener - ok
07:04:09.0560 7588 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\windows\system32\provsvc.dll
07:04:09.0591 7588 HomeGroupProvider - ok
07:04:09.0638 7588 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\windows\system32\drivers\HpSAMD.sys
07:04:09.0654 7588 HpSAMD - ok
07:04:09.0747 7588 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\windows\system32\drivers\HTTP.sys
07:04:09.0825 7588 HTTP - ok
07:04:09.0841 7588 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\windows\system32\drivers\hwpolicy.sys
07:04:09.0856 7588 hwpolicy - ok
07:04:09.0903 7588 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\DRIVERS\i8042prt.sys
07:04:09.0934 7588 i8042prt - ok
07:04:10.0012 7588 iaStor (53cc5bf8b5a219119953c7abb19a7705) C:\windows\system32\DRIVERS\iaStor.sys
07:04:10.0028 7588 iaStor - ok
07:04:10.0153 7588 IAStorDataMgrSvc (f5c0317af600f8c0d7e4202eb04232b1) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
07:04:10.0153 7588 IAStorDataMgrSvc - ok
07:04:10.0215 7588 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\windows\system32\drivers\iaStorV.sys
07:04:10.0231 7588 iaStorV - ok
07:04:10.0402 7588 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
07:04:10.0434 7588 idsvc - ok
07:04:11.0167 7588 igfx (795c99dc4f574c97c03d0bb39cf099ee) C:\windows\system32\DRIVERS\igdkmd64.sys
07:04:11.0432 7588 igfx - ok
07:04:11.0619 7588 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\drivers\iirsp.sys
07:04:11.0635 7588 iirsp - ok
07:04:11.0728 7588 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\windows\System32\ikeext.dll
07:04:11.0791 7588 IKEEXT - ok
07:04:11.0869 7588 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\windows\system32\DRIVERS\IntcDAud.sys
07:04:11.0900 7588 IntcDAud - ok
07:04:11.0916 7588 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\drivers\intelide.sys
07:04:11.0916 7588 intelide - ok
07:04:12.0836 7588 intelkmd (795c99dc4f574c97c03d0bb39cf099ee) C:\windows\system32\DRIVERS\igdpmd64.sys
07:04:13.0070 7588 intelkmd - ok
07:04:13.0242 7588 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys
07:04:13.0273 7588 intelppm - ok
07:04:13.0320 7588 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\windows\system32\ipbusenum.dll
07:04:13.0366 7588 IPBusEnum - ok
07:04:13.0398 7588 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\windows\system32\DRIVERS\ipfltdrv.sys
07:04:13.0429 7588 IpFilterDriver - ok
07:04:13.0507 7588 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\windows\System32\iphlpsvc.dll
07:04:13.0538 7588 iphlpsvc - ok
07:04:13.0554 7588 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\windows\system32\drivers\IPMIDrv.sys
07:04:13.0585 7588 IPMIDRV - ok
07:04:13.0616 7588 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys
07:04:13.0678 7588 IPNAT - ok
07:04:13.0881 7588 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe
07:04:13.0897 7588 iPod Service - ok
07:04:13.0928 7588 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys
07:04:13.0959 7588 IRENUM - ok
07:04:13.0990 7588 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\drivers\isapnp.sys
07:04:13.0990 7588 isapnp - ok
07:04:14.0037 7588 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\windows\system32\drivers\msiscsi.sys
07:04:14.0053 7588 iScsiPrt - ok
07:04:14.0084 7588 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\DRIVERS\kbdclass.sys
07:04:14.0100 7588 kbdclass - ok
07:04:14.0115 7588 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\windows\system32\DRIVERS\kbdhid.sys
07:04:14.0146 7588 kbdhid - ok
07:04:14.0146 7588 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
07:04:14.0162 7588 KeyIso - ok
07:04:14.0209 7588 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\windows\system32\Drivers\ksecdd.sys
07:04:14.0240 7588 KSecDD - ok
07:04:14.0271 7588 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\windows\system32\Drivers\ksecpkg.sys
07:04:14.0287 7588 KSecPkg - ok
07:04:14.0318 7588 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys
07:04:14.0380 7588 ksthunk - ok
07:04:14.0443 7588 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\windows\system32\msdtckrm.dll
07:04:14.0505 7588 KtmRm - ok
07:04:14.0568 7588 L1C (95ca93fc12be372bb952669f37fff9c5) C:\windows\system32\DRIVERS\L1C62x64.sys
07:04:14.0583 7588 L1C - ok
07:04:14.0646 7588 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\windows\system32\srvsvc.dll
07:04:14.0708 7588 LanmanServer - ok
07:04:14.0739 7588 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\windows\System32\wkssvc.dll
07:04:14.0802 7588 LanmanWorkstation - ok
07:04:14.0958 7588 LBTServ (19eff704cd16dd0429e128431f1dd631) C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
07:04:14.0973 7588 LBTServ - ok
07:04:15.0004 7588 LEqdUsb (abfd2b5726f4cce49297ae48806cc594) C:\windows\system32\DRIVERS\LEqdUsb.Sys
07:04:15.0004 7588 LEqdUsb - ok
07:04:15.0051 7588 LHDmgr (be166935083f9c38edfdc21b9a7a679b) C:\windows\system32\DRIVERS\LhdX64.sys
07:04:15.0051 7588 LHDmgr - ok
07:04:15.0082 7588 LHidEqd (933f69cf9acd2498693bfcd7ed68e8d4) C:\windows\system32\DRIVERS\LHidEqd.Sys
07:04:15.0098 7588 LHidEqd - ok
07:04:15.0129 7588 LHidFilt (1074c77a47835e03c15bf92452f9a750) C:\windows\system32\DRIVERS\LHidFilt.Sys
07:04:15.0145 7588 LHidFilt - ok
07:04:15.0192 7588 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys
07:04:15.0238 7588 lltdio - ok
07:04:15.0285 7588 lltdsvc (c1185803384ab3feed115f79f109427f) C:\windows\System32\lltdsvc.dll
07:04:15.0363 7588 lltdsvc - ok
07:04:15.0394 7588 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\windows\System32\lmhsvc.dll
07:04:15.0426 7588 lmhosts - ok
07:04:15.0457 7588 LMouFilt (96999c364c649e2866a268f7420a304a) C:\windows\system32\DRIVERS\LMouFilt.Sys
07:04:15.0472 7588 LMouFilt - ok
07:04:15.0628 7588 LMS (2ed1786b7542cda261029f6b526edf44) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
07:04:15.0628 7588 LMS - ok
07:04:15.0675 7588 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\drivers\lsi_fc.sys
07:04:15.0691 7588 LSI_FC - ok
07:04:15.0738 7588 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\drivers\lsi_sas.sys
07:04:15.0753 7588 LSI_SAS - ok
07:04:15.0769 7588 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\drivers\lsi_sas2.sys
07:04:15.0784 7588 LSI_SAS2 - ok
07:04:15.0816 7588 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\drivers\lsi_scsi.sys
07:04:15.0831 7588 LSI_SCSI - ok
07:04:15.0862 7588 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys
07:04:15.0925 7588 luafv - ok
07:04:15.0972 7588 lxeb_device - ok
07:04:15.0987 7588 McAfee SiteAdvisor Service - ok
07:04:16.0018 7588 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\windows\system32\Mcx2Svc.dll
07:04:16.0065 7588 Mcx2Svc - ok
07:04:16.0112 7588 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\drivers\megasas.sys
07:04:16.0128 7588 megasas - ok
07:04:16.0190 7588 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\drivers\MegaSR.sys
07:04:16.0206 7588 MegaSR - ok
07:04:16.0252 7588 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\windows\system32\DRIVERS\HECIx64.sys
07:04:16.0268 7588 MEIx64 - ok
07:04:16.0299 7588 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
07:04:16.0330 7588 MMCSS - ok
07:04:16.0346 7588 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys
07:04:16.0377 7588 Modem - ok
07:04:16.0408 7588 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys
07:04:16.0440 7588 monitor - ok
07:04:16.0486 7588 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys
07:04:16.0502 7588 mouclass - ok
07:04:16.0518 7588 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys
07:04:16.0549 7588 mouhid - ok
07:04:16.0596 7588 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\windows\system32\drivers\mountmgr.sys
07:04:16.0596 7588 mountmgr - ok
07:04:16.0720 7588 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice_tmp.exe
07:04:16.0736 7588 MozillaMaintenance - ok
07:04:16.0783 7588 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\windows\system32\DRIVERS\MpFilter.sys
07:04:16.0814 7588 MpFilter - ok
07:04:16.0861 7588 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\windows\system32\drivers\mpio.sys
07:04:16.0892 7588 mpio - ok
07:04:16.0908 7588 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys
07:04:16.0939 7588 mpsdrv - ok
07:04:17.0064 7588 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\windows\system32\mpssvc.dll
07:04:17.0110 7588 MpsSvc - ok
07:04:17.0142 7588 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\windows\system32\drivers\mrxdav.sys
07:04:17.0188 7588 MRxDAV - ok
07:04:17.0235 7588 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\windows\system32\DRIVERS\mrxsmb.sys
07:04:17.0266 7588 mrxsmb - ok
07:04:17.0329 7588 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\windows\system32\DRIVERS\mrxsmb10.sys
07:04:17.0360 7588 mrxsmb10 - ok
07:04:17.0376 7588 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\windows\system32\DRIVERS\mrxsmb20.sys
07:04:17.0422 7588 mrxsmb20 - ok
07:04:17.0454 7588 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\windows\system32\drivers\msahci.sys
07:04:17.0469 7588 msahci - ok
07:04:17.0500 7588 msdsm (db801a638d011b9633829eb6f663c900) C:\windows\system32\drivers\msdsm.sys
07:04:17.0516 7588 msdsm - ok
07:04:17.0563 7588 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\windows\System32\msdtc.exe
07:04:17.0594 7588 MSDTC - ok
07:04:17.0610 7588 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys
07:04:17.0641 7588 Msfs - ok
07:04:17.0656 7588 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys
07:04:17.0703 7588 mshidkmdf - ok
07:04:17.0719 7588 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\drivers\msisadrv.sys
07:04:17.0734 7588 msisadrv - ok
07:04:17.0766 7588 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\windows\system32\iscsiexe.dll
07:04:17.0828 7588 MSiSCSI - ok
07:04:17.0844 7588 msiserver - ok
07:04:17.0875 7588 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys
07:04:17.0922 7588 MSKSSRV - ok
07:04:18.0031 7588 MsMpSvc (59faaf2c83c8169ea20f9e335e418907) c:\Program Files\Microsoft Security Client\MsMpEng.exe
07:04:18.0031 7588 MsMpSvc - ok
07:04:18.0062 7588 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys
07:04:18.0093 7588 MSPCLOCK - ok
07:04:18.0109 7588 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys
07:04:18.0171 7588 MSPQM - ok
07:04:18.0234 7588 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\windows\system32\drivers\MsRPC.sys
07:04:18.0249 7588 MsRPC - ok
07:04:18.0265 7588 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\DRIVERS\mssmbios.sys
07:04:18.0280 7588 mssmbios - ok
07:04:18.0296 7588 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys
07:04:18.0343 7588 MSTEE - ok
07:04:18.0358 7588 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\drivers\MTConfig.sys
07:04:18.0374 7588 MTConfig - ok
07:04:18.0405 7588 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys
07:04:18.0405 7588 Mup - ok
07:04:18.0483 7588 napagent (582ac6d9873e31dfa28a4547270862dd) C:\windows\system32\qagentRT.dll
07:04:18.0530 7588 napagent - ok
07:04:18.0608 7588 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys
07:04:18.0639 7588 NativeWifiP - ok
07:04:18.0733 7588 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\windows\system32\drivers\ndis.sys
07:04:18.0764 7588 NDIS - ok
07:04:18.0780 7588 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys
07:04:18.0826 7588 NdisCap - ok
07:04:18.0858 7588 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys
07:04:18.0889 7588 NdisTapi - ok
07:04:18.0904 7588 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\windows\system32\DRIVERS\ndisuio.sys
07:04:18.0936 7588 Ndisuio - ok
07:04:18.0951 7588 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\windows\system32\DRIVERS\ndiswan.sys
07:04:18.0998 7588 NdisWan - ok
07:04:19.0014 7588 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\windows\system32\drivers\NDProxy.sys
07:04:19.0045 7588 NDProxy - ok
07:04:19.0076 7588 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys
07:04:19.0123 7588 NetBIOS - ok
07:04:19.0154 7588 NetBT (09594d1089c523423b32a4229263f068) C:\windows\system32\DRIVERS\netbt.sys
07:04:19.0201 7588 NetBT - ok
07:04:19.0232 7588 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
07:04:19.0248 7588 Netlogon - ok
07:04:19.0341 7588 Netman (847d3ae376c0817161a14a82c8922a9e) C:\windows\System32\netman.dll
07:04:19.0388 7588 Netman - ok
07:04:19.0435 7588 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\windows\System32\netprofm.dll
07:04:19.0482 7588 netprofm - ok
07:04:19.0575 7588 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
07:04:19.0606 7588 NetTcpPortSharing - ok
07:04:19.0638 7588 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\drivers\nfrd960.sys
07:04:19.0653 7588 nfrd960 - ok
07:04:19.0700 7588 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\windows\system32\DRIVERS\NisDrvWFP.sys
07:04:19.0716 7588 NisDrv - ok
07:04:19.0840 7588 NisSrv (10a43829a9e606af3eef25a1c1665923) c:\Program Files\Microsoft Security Client\NisSrv.exe
07:04:19.0856 7588 NisSrv - ok
07:04:19.0918 7588 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\windows\System32\nlasvc.dll
07:04:19.0965 7588 NlaSvc - ok
07:04:19.0996 7588 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys
07:04:20.0028 7588 Npfs - ok
07:04:20.0043 7588 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\windows\system32\nsisvc.dll
07:04:20.0090 7588 nsi - ok
07:04:20.0121 7588 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys
07:04:20.0152 7588 nsiproxy - ok
07:04:20.0340 7588 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\windows\system32\drivers\Ntfs.sys
07:04:20.0386 7588 Ntfs - ok
07:04:20.0542 7588 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys
07:04:20.0574 7588 Null - ok
07:04:20.0620 7588 nusb3hub (158ad24745bd85ba9be3c51c38f48c32) C:\windows\system32\DRIVERS\nusb3hub.sys
07:04:20.0636 7588 nusb3hub - ok
07:04:20.0667 7588 nusb3xhc (d40a13b2c0891e218f9523b376955db6) C:\windows\system32\DRIVERS\nusb3xhc.sys
07:04:20.0698 7588 nusb3xhc - ok
07:04:20.0745 7588 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\windows\system32\drivers\nvraid.sys
07:04:20.0761 7588 nvraid - ok
07:04:20.0808 7588 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\windows\system32\drivers\nvstor.sys
07:04:20.0808 7588 nvstor - ok
07:04:20.0854 7588 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\drivers\nv_agp.sys
07:04:20.0870 7588 nv_agp - ok
07:04:20.0917 7588 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\drivers\ohci1394.sys
07:04:20.0948 7588 ohci1394 - ok
07:04:20.0995 7588 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
07:04:21.0026 7588 p2pimsvc - ok
07:04:21.0104 7588 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\windows\system32\p2psvc.dll
07:04:21.0120 7588 p2psvc - ok
07:04:21.0135 7588 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\drivers\parport.sys
07:04:21.0151 7588 Parport - ok
07:04:21.0182 7588 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\windows\system32\drivers\partmgr.sys
07:04:21.0198 7588 partmgr - ok
07:04:21.0229 7588 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\windows\System32\pcasvc.dll
07:04:21.0260 7588 PcaSvc - ok
07:04:21.0307 7588 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\windows\system32\drivers\pci.sys
07:04:21.0322 7588 pci - ok
07:04:21.0338 7588 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\drivers\pciide.sys
07:04:21.0354 7588 pciide - ok
07:04:21.0369 7588 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\drivers\pcmcia.sys
07:04:21.0385 7588 pcmcia - ok
07:04:21.0400 7588 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys
07:04:21.0416 7588 pcw - ok
07:04:21.0494 7588 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys
07:04:21.0556 7588 PEAUTH - ok
07:04:21.0650 7588 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\windows\SysWow64\perfhost.exe
07:04:21.0681 7588 PerfHost - ok
07:04:21.0853 7588 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\windows\system32\pla.dll
07:04:21.0915 7588 pla - ok
07:04:22.0009 7588 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\windows\system32\umpnpmgr.dll
07:04:22.0040 7588 PlugPlay - ok
07:04:22.0071 7588 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\windows\system32\pnrpauto.dll
07:04:22.0102 7588 PNRPAutoReg - ok
07:04:22.0149 7588 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
07:04:22.0165 7588 PNRPsvc - ok
07:04:22.0227 7588 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\windows\System32\ipsecsvc.dll
07:04:22.0290 7588 PolicyAgent - ok
07:04:22.0336 7588 Power (6ba9d927dded70bd1a9caded45f8b184) C:\windows\system32\umpo.dll
07:04:22.0383 7588 Power - ok
07:04:22.0461 7588 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\windows\system32\DRIVERS\raspptp.sys
07:04:22.0524 7588 PptpMiniport - ok
07:04:22.0555 7588 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\drivers\processr.sys
07:04:22.0570 7588 Processor - ok
07:04:22.0633 7588 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\windows\system32\profsvc.dll
07:04:22.0695 7588 ProfSvc - ok
07:04:22.0742 7588 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
07:04:22.0758 7588 ProtectedStorage - ok
07:04:22.0789 7588 Psched (0557cf5a2556bd58e26384169d72438d) C:\windows\system32\DRIVERS\pacer.sys
07:04:22.0820 7588 Psched - ok
07:04:22.0867 7588 PxHlpa64 (901dba98359966a62a6548596988e931) C:\windows\system32\Drivers\PxHlpa64.sys
07:04:22.0882 7588 PxHlpa64 - ok
07:04:23.0038 7588 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\drivers\ql2300.sys
07:04:23.0085 7588 ql2300 - ok
07:04:23.0257 7588 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\drivers\ql40xx.sys
07:04:23.0272 7588 ql40xx - ok
07:04:23.0319 7588 QWAVE (906191634e99aea92c4816150bda3732) C:\windows\system32\qwave.dll
07:04:23.0350 7588 QWAVE - ok
07:04:23.0382 7588 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys
07:04:23.0413 7588 QWAVEdrv - ok
07:04:23.0428 7588 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys
07:04:23.0475 7588 RasAcd - ok
07:04:23.0522 7588 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys
07:04:23.0569 7588 RasAgileVpn - ok
07:04:23.0584 7588 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\windows\System32\rasauto.dll
07:04:23.0647 7588 RasAuto - ok
07:04:23.0694 7588 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\windows\system32\DRIVERS\rasl2tp.sys
07:04:23.0756 7588 Rasl2tp - ok
07:04:23.0803 7588 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\windows\System32\rasmans.dll
07:04:23.0865 7588 RasMan - ok
07:04:23.0896 7588 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys
07:04:23.0943 7588 RasPppoe - ok
07:04:23.0974 7588 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys
07:04:24.0021 7588 RasSstp - ok
07:04:24.0084 7588 rdbss (77f665941019a1594d887a74f301fa2f) C:\windows\system32\DRIVERS\rdbss.sys
07:04:24.0146 7588 rdbss - ok
07:04:24.0162 7588 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\drivers\rdpbus.sys
07:04:24.0177 7588 rdpbus - ok
07:04:24.0193 7588 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys
07:04:24.0255 7588 RDPCDD - ok
07:04:24.0271 7588 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys
07:04:24.0318 7588 RDPENCDD - ok
07:04:24.0333 7588 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys
07:04:24.0364 7588 RDPREFMP - ok
07:04:24.0411 7588 RDPWD (6d76e6433574b058adcb0c50df834492) C:\windows\system32\drivers\RDPWD.sys
07:04:24.0458 7588 RDPWD - ok
07:04:24.0505 7588 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\windows\system32\drivers\rdyboost.sys
07:04:24.0520 7588 rdyboost - ok
07:04:24.0567 7588 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\windows\System32\mprdim.dll
07:04:24.0630 7588 RemoteAccess - ok
07:04:24.0692 7588 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\windows\system32\regsvc.dll
07:04:24.0739 7588 RemoteRegistry - ok
07:04:24.0786 7588 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\windows\system32\DRIVERS\rfcomm.sys
07:04:24.0833 7588 RFCOMM - ok
07:04:24.0864 7588 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\windows\System32\RpcEpMap.dll
07:04:24.0895 7588 RpcEptMapper - ok
07:04:24.0911 7588 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\windows\system32\locator.exe
07:04:24.0926 7588 RpcLocator - ok
07:04:24.0989 7588 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
07:04:25.0020 7588 RpcSs - ok
07:04:25.0051 7588 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys
07:04:25.0098 7588 rspndr - ok
07:04:25.0176 7588 RSUSBVSTOR (89dfb71b370d82dfe75183f677043cee) C:\windows\system32\Drivers\RtsUVStor.sys
07:04:25.0191 7588 RSUSBVSTOR - ok
07:04:25.0238 7588 RTL8167 (baefee35d27a5440d35092ce10267bec) C:\windows\system32\DRIVERS\Rt64win7.sys
07:04:25.0254 7588 RTL8167 - ok
07:04:25.0316 7588 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
07:04:25.0332 7588 SamSs - ok
07:04:25.0410 7588 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
07:04:25.0410 7588 SASDIFSV - ok
07:04:25.0425 7588 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
07:04:25.0425 7588 SASKUTIL - ok
07:04:25.0457 7588 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\windows\system32\drivers\sbp2port.sys
07:04:25.0472 7588 sbp2port - ok
07:04:25.0519 7588 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\windows\System32\SCardSvr.dll
07:04:25.0566 7588 SCardSvr - ok
07:04:25.0597 7588 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\windows\system32\DRIVERS\scfilter.sys
07:04:25.0644 7588 scfilter - ok
07:04:25.0769 7588 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\windows\system32\schedsvc.dll
07:04:25.0831 7588 Schedule - ok
07:04:25.0878 7588 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
07:04:25.0909 7588 SCPolicySvc - ok
07:04:25.0925 7588 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\windows\System32\SDRSVC.dll
07:04:25.0956 7588 SDRSVC - ok
07:04:26.0034 7588 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys
07:04:26.0081 7588 secdrv - ok
07:04:26.0112 7588 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\windows\system32\seclogon.dll
07:04:26.0143 7588 seclogon - ok
07:04:26.0159 7588 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\windows\System32\sens.dll
07:04:26.0205 7588 SENS - ok
07:04:26.0237 7588 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\windows\system32\sensrsvc.dll
07:04:26.0268 7588 SensrSvc - ok
07:04:26.0283 7588 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\drivers\serenum.sys
07:04:26.0315 7588 Serenum - ok
07:04:26.0377 7588 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\drivers\serial.sys
07:04:26.0408 7588 Serial - ok
07:04:26.0439 7588 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\drivers\sermouse.sys
07:04:26.0455 7588 sermouse - ok
07:04:26.0502 7588 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\windows\system32\sessenv.dll
07:04:26.0580 7588 SessionEnv - ok
07:04:26.0595 7588 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\drivers\sffdisk.sys
07:04:26.0611 7588 sffdisk - ok
07:04:26.0627 7588 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\drivers\sffp_mmc.sys
07:04:26.0673 7588 sffp_mmc - ok
07:04:26.0689 7588 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\windows\system32\drivers\sffp_sd.sys
07:04:26.0720 7588 sffp_sd - ok
07:04:26.0751 7588 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\drivers\sfloppy.sys
07:04:26.0767 7588 sfloppy - ok
07:04:26.0829 7588 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\windows\System32\ipnathlp.dll
07:04:26.0876 7588 SharedAccess - ok
07:04:26.0923 7588 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\windows\System32\shsvcs.dll
07:04:26.0970 7588 ShellHWDetection - ok
07:04:27.0017 7588 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\drivers\SiSRaid2.sys
07:04:27.0017 7588 SiSRaid2 - ok
07:04:27.0048 7588 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\drivers\sisraid4.sys
07:04:27.0063 7588 SiSRaid4 - ok
07:04:27.0095 7588 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys
07:04:27.0141 7588 Smb - ok
07:04:27.0173 7588 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\windows\System32\snmptrap.exe
07:04:27.0204 7588 SNMPTRAP - ok
07:04:27.0407 7588 SNP2UVC (047341270913a8df16a4a773fd11274d) C:\windows\system32\DRIVERS\snp2uvc.sys
07:04:27.0469 7588 SNP2UVC - ok
07:04:27.0656 7588 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys
07:04:27.0656 7588 spldr - ok
07:04:27.0750 7588 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\windows\System32\spoolsv.exe
07:04:27.0781 7588 Spooler - ok
07:04:28.0062 7588 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\windows\system32\sppsvc.exe
07:04:28.0202 7588 sppsvc - ok
07:04:28.0327 7588 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\windows\system32\sppuinotify.dll
07:04:28.0358 7588 sppuinotify - ok
07:04:28.0452 7588 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\windows\system32\DRIVERS\srv.sys
07:04:28.0499 7588 srv - ok
07:04:28.0545 7588 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\windows\system32\DRIVERS\srv2.sys
07:04:28.0577 7588 srv2 - ok
07:04:28.0623 7588 srvnet (27e461f0be5bff5fc737328f749538c3) C:\windows\system32\DRIVERS\srvnet.sys
07:04:28.0655 7588 srvnet - ok
07:04:28.0701 7588 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\windows\System32\ssdpsrv.dll
07:04:28.0748 7588 SSDPSRV - ok
07:04:28.0779 7588 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\windows\system32\sstpsvc.dll
07:04:28.0811 7588 SstpSvc - ok
07:04:28.0857 7588 Steam Client Service - ok
07:04:28.0904 7588 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\drivers\stexstor.sys
07:04:28.0920 7588 stexstor - ok
07:04:28.0998 7588 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\windows\System32\wiaservc.dll
07:04:29.0013 7588 stisvc - ok
07:04:29.0029 7588 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\DRIVERS\swenum.sys
07:04:29.0045 7588 swenum - ok
07:04:29.0107 7588 swprv (e08e46fdd841b7184194011ca1955a0b) C:\windows\System32\swprv.dll
07:04:29.0154 7588 swprv - ok
07:04:29.0325 7588 SynTP (9643991b5cfd7a9ba68626b7a005f7e6) C:\windows\system32\DRIVERS\SynTP.sys
07:04:29.0388 7588 SynTP - ok
07:04:29.0669 7588 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\windows\system32\sysmain.dll
07:04:29.0731 7588 SysMain - ok
07:04:29.0840 7588 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\windows\System32\TabSvc.dll
07:04:29.0871 7588 TabletInputService - ok
07:04:29.0918 7588 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\windows\System32\tapisrv.dll
07:04:29.0981 7588 TapiSrv - ok
07:04:29.0996 7588 TBS (1be03ac720f4d302ea01d40f588162f6) C:\windows\System32\tbssvc.dll
07:04:30.0027 7588 TBS - ok
07:04:30.0293 7588 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\drivers\tcpip.sys
07:04:30.0355 7588 Tcpip - ok
07:04:30.0636 7588 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\DRIVERS\tcpip.sys
07:04:30.0667 7588 TCPIP6 - ok
07:04:30.0761 7588 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\windows\system32\drivers\tcpipreg.sys
07:04:30.0807 7588 tcpipreg - ok
07:04:30.0823 7588 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys
07:04:30.0839 7588 TDPIPE - ok
07:04:30.0870 7588 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\windows\system32\drivers\tdtcp.sys
07:04:30.0901 7588 TDTCP - ok
07:04:30.0932 7588 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\windows\system32\DRIVERS\tdx.sys
07:04:30.0979 7588 tdx - ok
07:04:31.0275 7588 TeamViewer6 (b357451a6958e2b7b506fb1d08271be6) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
07:04:31.0307 7588 TeamViewer6 - ok
07:04:31.0478 7588 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\windows\system32\DRIVERS\termdd.sys
07:04:31.0494 7588 TermDD - ok
07:04:31.0572 7588 TermService (2e648163254233755035b46dd7b89123) C:\windows\System32\termsrv.dll
07:04:31.0634 7588 TermService - ok
07:04:31.0665 7588 Themes (f0344071948d1a1fa732231785a0664c) C:\windows\system32\themeservice.dll
07:04:31.0681 7588 Themes - ok
07:04:31.0712 7588 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
07:04:31.0743 7588 THREADORDER - ok
07:04:31.0775 7588 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\windows\System32\trkwks.dll
07:04:31.0821 7588 TrkWks - ok
07:04:31.0899 7588 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\windows\servicing\TrustedInstaller.exe
07:04:31.0946 7588 TrustedInstaller - ok
07:04:31.0977 7588 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\windows\system32\DRIVERS\tssecsrv.sys
07:04:32.0024 7588 tssecsrv - ok
07:04:32.0055 7588 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\windows\system32\drivers\tsusbflt.sys
07:04:32.0071 7588 TsUsbFlt - ok
07:04:32.0087 7588 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\windows\system32\drivers\TsUsbGD.sys
07:04:32.0102 7588 TsUsbGD - ok
07:04:32.0133 7588 tunnel (3566a8daafa27af944f5d705eaa64894) C:\windows\system32\DRIVERS\tunnel.sys
07:04:32.0180 7588 tunnel - ok
07:04:32.0196 7588 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\drivers\uagp35.sys
07:04:32.0211 7588 uagp35 - ok
07:04:32.0258 7588 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\windows\system32\DRIVERS\udfs.sys
07:04:32.0321 7588 udfs - ok
07:04:32.0352 7588 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\windows\system32\UI0Detect.exe
07:04:32.0367 7588 UI0Detect - ok
07:04:32.0399 7588 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\drivers\uliagpkx.sys
07:04:32.0414 7588 uliagpkx - ok
07:04:32.0461 7588 umbus (dc54a574663a895c8763af0fa1ff7561) C:\windows\system32\DRIVERS\umbus.sys
07:04:32.0477 7588 umbus - ok
07:04:32.0508 7588 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\drivers\umpass.sys
07:04:32.0523 7588 UmPass - ok
07:04:32.0913 7588 UNS (7e5e1603d0ff2d240ae70295c5c3fefc) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
07:04:32.0945 7588 UNS - ok
07:04:33.0116 7588 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\windows\System32\upnphost.dll
07:04:33.0179 7588 upnphost - ok
07:04:33.0241 7588 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\windows\system32\Drivers\usbaapl64.sys
07:04:33.0272 7588 USBAAPL64 - ok
07:04:33.0335 7588 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\windows\system32\drivers\usbaudio.sys
07:04:33.0366 7588 usbaudio - ok
07:04:33.0413 7588 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\windows\system32\DRIVERS\usbccgp.sys
07:04:33.0444 7588 usbccgp - ok
07:04:33.0475 7588 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\drivers\usbcir.sys
07:04:33.0506 7588 usbcir - ok
07:04:33.0522 7588 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\windows\system32\DRIVERS\usbehci.sys
07:04:33.0537 7588 usbehci - ok
07:04:33.0600 7588 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\windows\system32\DRIVERS\usbhub.sys
07:04:33.0631 7588 usbhub - ok
07:04:33.0662 7588 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\windows\system32\drivers\usbohci.sys
07:04:33.0693 7588 usbohci - ok
07:04:33.0725 7588 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\drivers\usbprint.sys
07:04:33.0740 7588 usbprint - ok
07:04:33.0787 7588 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\windows\system32\DRIVERS\USBSTOR.SYS
07:04:33.0818 7588 USBSTOR - ok
07:04:33.0818 7588 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\windows\system32\drivers\usbuhci.sys
07:04:33.0849 7588 usbuhci - ok
07:04:33.0896 7588 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\windows\system32\Drivers\usbvideo.sys
07:04:33.0927 7588 usbvideo - ok
07:04:33.0959 7588 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\windows\System32\uxsms.dll
07:04:34.0005 7588 UxSms - ok
07:04:34.0037 7588 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
07:04:34.0052 7588 VaultSvc - ok
07:04:34.0083 7588 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\drivers\vdrvroot.sys
07:04:34.0099 7588 vdrvroot - ok
07:04:34.0161 7588 vds (8d6b481601d01a456e75c3210f1830be) C:\windows\System32\vds.exe
07:04:34.0208 7588 vds - ok
07:04:34.0255 7588 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys
07:04:34.0271 7588 vga - ok
07:04:34.0286 7588 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys
07:04:34.0333 7588 VgaSave - ok
07:04:34.0380 7588 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\windows\system32\drivers\vhdmp.sys
07:04:34.0395 7588 vhdmp - ok
07:04:34.0411 7588 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\drivers\viaide.sys
07:04:34.0427 7588 viaide - ok
07:04:34.0458 7588 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\windows\system32\drivers\volmgr.sys
07:04:34.0473 7588 volmgr - ok
07:04:34.0520 7588 volmgrx (a255814907c89be58b79ef2f189b843b) C:\windows\system32\drivers\volmgrx.sys
07:04:34.0536 7588 volmgrx - ok
07:04:34.0583 7588 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\windows\system32\drivers\volsnap.sys
07:04:34.0614 7588 volsnap - ok
07:04:34.0661 7588 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\drivers\vsmraid.sys
07:04:34.0676 7588 vsmraid - ok
07:04:34.0848 7588 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\windows\system32\vssvc.exe
07:04:34.0926 7588 VSS - ok
07:04:35.0097 7588 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys
07:04:35.0129 7588 vwifibus - ok
07:04:35.0175 7588 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys
07:04:35.0191 7588 vwififlt - ok
07:04:35.0269 7588 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\windows\system32\w32time.dll
07:04:35.0300 7588 W32Time - ok
07:04:35.0316 7588 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\drivers\wacompen.sys
07:04:35.0347 7588 WacomPen - ok
07:04:35.0394 7588 WANARP (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
07:04:35.0441 7588 WANARP - ok
07:04:35.0456 7588 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
07:04:35.0487 7588 Wanarpv6 - ok
07:04:35.0628 7588 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\windows\system32\Wat\WatAdminSvc.exe
07:04:35.0675 7588 WatAdminSvc - ok
07:04:35.0831 7588 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\windows\system32\wbengine.exe
07:04:35.0893 7588 wbengine - ok
07:04:36.0018 7588 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\windows\System32\wbiosrvc.dll
07:04:36.0049 7588 WbioSrvc - ok
07:04:36.0096 7588 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\windows\System32\wcncsvc.dll
07:04:36.0143 7588 wcncsvc - ok
07:04:36.0158 7588 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\windows\System32\WcsPlugInService.dll
07:04:36.0174 7588 WcsPlugInService - ok
07:04:36.0221 7588 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\drivers\wd.sys
07:04:36.0236 7588 Wd - ok
07:04:36.0314 7588 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys
07:04:36.0330 7588 Wdf01000 - ok
07:04:36.0361 7588 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
07:04:36.0377 7588 WdiServiceHost - ok
07:04:36.0392 7588 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
07:04:36.0408 7588 WdiSystemHost - ok
07:04:36.0439 7588 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\windows\System32\webclnt.dll
07:04:36.0486 7588 WebClient - ok
07:04:36.0533 7588 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\windows\system32\wecsvc.dll
07:04:36.0579 7588 Wecsvc - ok
07:04:36.0595 7588 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\windows\System32\wercplsupport.dll
07:04:36.0657 7588 wercplsupport - ok
07:04:36.0673 7588 WerSvc (6d137963730144698cbd10f202e9f251) C:\windows\System32\WerSvc.dll
07:04:36.0720 7588 WerSvc - ok
07:04:36.0798 7588 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys
07:04:36.0829 7588 WfpLwf - ok
07:04:36.0845 7588 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys
07:04:36.0845 7588 WIMMount - ok
07:04:36.0907 7588 WinDefend - ok
07:04:36.0907 7588 WinHttpAutoProxySvc - ok
07:04:37.0001 7588 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\windows\system32\wbem\WMIsvc.dll
07:04:37.0032 7588 Winmgmt - ok
07:04:37.0235 7588 WinRM (bcb1310604aa415c4508708975b3931e) C:\windows\system32\WsmSvc.dll
07:04:37.0313 7588 WinRM - ok
07:04:37.0484 7588 WinUsb (fe88b288356e7b47b74b13372add906d) C:\windows\system32\DRIVERS\WinUsb.sys
07:04:37.0515 7588 WinUsb - ok
07:04:37.0609 7588 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\windows\System32\wlansvc.dll
07:04:37.0640 7588 Wlansvc - ok
07:04:37.0718 7588 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
07:04:37.0718 7588 wlcrasvc - ok
07:04:37.0983 7588 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
07:04:38.0061 7588 wlidsvc - ok
07:04:38.0202 7588 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\drivers\wmiacpi.sys
07:04:38.0233 7588 WmiAcpi - ok
07:04:38.0327 7588 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\windows\system32\wbem\WmiApSrv.exe
07:04:38.0358 7588 wmiApSrv - ok
07:04:38.0389 7588 WMPNetworkSvc - ok
07:04:38.0420 7588 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\windows\System32\wpcsvc.dll
07:04:38.0436 7588 WPCSvc - ok
07:04:38.0467 7588 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\windows\system32\wpdbusenum.dll
07:04:38.0498 7588 WPDBusEnum - ok
07:04:38.0529 7588 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys
07:04:38.0561 7588 ws2ifsl - ok
07:04:38.0576 7588 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\windows\System32\wscsvc.dll
07:04:38.0623 7588 wscsvc - ok
07:04:38.0623 7588 WSearch - ok
07:04:38.0685 7588 wsvd (83575c43b2bfe9ab0661a7f957e843c0) C:\windows\system32\DRIVERS\wsvd.sys
07:04:38.0701 7588 wsvd - ok
07:04:38.0919 7588 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\windows\system32\wuaueng.dll
07:04:39.0013 7588 wuauserv - ok
07:04:39.0200 7588 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\windows\system32\drivers\WudfPf.sys
07:04:39.0247 7588 WudfPf - ok
07:04:39.0309 7588 WUDFRd (cf8d590be3373029d57af80914190682) C:\windows\system32\DRIVERS\WUDFRd.sys
07:04:39.0372 7588 WUDFRd - ok
07:04:39.0403 7588 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\windows\System32\WUDFSvc.dll
07:04:39.0434 7588 wudfsvc - ok
07:04:39.0481 7588 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\windows\System32\wwansvc.dll
07:04:39.0528 7588 WwanSvc - ok
07:04:39.0590 7588 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
07:04:40.0121 7588 \Device\Harddisk0\DR0 - ok
07:04:40.0136 7588 Boot (0x1200) (0ea8a062438e14c0890c11f96aeb2089) \Device\Harddisk0\DR0\Partition0
07:04:40.0136 7588 \Device\Harddisk0\DR0\Partition0 - ok
07:04:40.0167 7588 Boot (0x1200) (a82a749bce94ce7df8d28a41fd21059f) \Device\Harddisk0\DR0\Partition1
07:04:40.0167 7588 \Device\Harddisk0\DR0\Partition1 - ok
07:04:40.0199 7588 Boot (0x1200) (86eb239cb5538a639fb7b4e66530b177) \Device\Harddisk0\DR0\Partition2
07:04:40.0199 7588 \Device\Harddisk0\DR0\Partition2 - ok
07:04:40.0199 7588 ============================================================
07:04:40.0199 7588 Scan finished
07:04:40.0199 7588 ============================================================
07:04:40.0199 6940 Detected object count: 0
07:04:40.0199 6940 Actual detected object count: 0
07:05:59.0525 6160 Deinitialize success

#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,561 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:08 PM

Posted 06 June 2012 - 08:47 PM

Did you do ESET?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 bustacaptx

bustacaptx
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:08 PM

Posted 06 June 2012 - 09:35 PM

Did you do ESET?


It's been running for 1 hr and it's about 27% done.

EDIT: Okay, it finished and found no threats.

Edited by bustacaptx, 07 June 2012 - 06:25 AM.


#11 bustacaptx

bustacaptx
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:08 PM

Posted 07 June 2012 - 08:19 AM

Okay, so all the scans have been run and I have uninstalled that Java update. I haven't had a chance to put it through its paces yet, but it seems quite a bit snappier now.

Is there anything else I should do, especially to help avoid Java exploits like that in the future?

Thanks again.

Edited by bustacaptx, 07 June 2012 - 08:24 AM.


#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,561 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:08 PM

Posted 07 June 2012 - 09:28 AM

You're welcome!!
If there are no more problems or signs of infection, you should Create a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been backed up, renamed and saved in System Restore. Since this is a protected directory your tools cannot access to delete these files, they sometimes can reinfect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.

The easiest and safest way to do this is:
  • Go to Posted Image > Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
  • Then use Disk Cleanup to remove all but the most recently created Restore Point.
  • Go to Posted Image > Run... and type: Cleanmgr
  • Click "Ok". Disk Cleanup will scan your files for several minutes, then open.
  • Click the "More Options" tab, then click the "Clean up" button under System Restore.
  • Click Ok. You will be prompted with "Are you sure you want to delete all but the most recent restore point?"
  • Click Yes, then click Ok.
  • Click Yes again when prompted with "Are you sure you want to perform these actions?"
  • Disk Cleanup will remove the files and close automatically.
Vista and Windows 7 users can refer to these links:
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users