Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Live Security Platinum "Scareware" Malware


  • Please log in to reply
3 replies to this topic

#1 cdegiorgis

cdegiorgis

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:05:35 PM

Posted 13 June 2012 - 03:08 PM

Hello - I'm running Win 7 Enterprise SP1, 64 bit on an HP Probook 6455b. Yesterday I was infected by the Live Security Platinum malware after receiving an email from FedEx that appeared legit.

I've followed instructions from various Malware removal sites, but I continue to get the blue screen of death every time I boot. I've removed every reference that I could find of Live Security, including through regedit, but nothing seems to make a difference.

I am unable to install Malwarebytes because of a registry error (hopefully not one that I've caused!), cannot access my User Account (could be company security), and the list continues. I think this particular malware has become smarter over the past few months and removal methods are ineffective.

I will add that this is my business laptop and therefore quite protected from the User being able to modify a lot of system data. Please let me know if I should list all the steps I have taken thus far, or if you have further recommendations before I drive two hours to my home office and get a Recovery CD to wipe out and rebuild. Aargh!

Thank you!
Connie

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,344 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:35 PM

Posted 13 June 2012 - 03:43 PM

Hello and welcome,There are some steps in here that should let you get thru this.

Please follow our Removal Guide here Remove Live Security Platinum .
After reading how the malware is misleading you ...
You will move to the Automated Removal Instructions

After you completed that, post your scan log here,let me know how things are.
The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 cdegiorgis

cdegiorgis
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:05:35 PM

Posted 14 June 2012 - 09:42 AM

Thank you for the quick response. I'm posting a few logs here; I continue to be unable to install Malwarebytes. This is the error I receive:

Error writing to registry key:

HKEY_CURRENT_USER\SOFTWARE\\Malwarebytes' Anti-Malware

RegSet ValueEx failed; code 5
Access is Denied

Click Retry to try again; Ignore to proceed anyway; or abort to cancel installation.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FSS.TXT
Farbar Service Scanner Version: 09-06-2012
Ran by degiorgi (administrator) on 14-06-2012 at 10:12:18
Running from "C:\Users\degiorgi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0GQ20DMM"
Microsoft Windows 7 Enterprise Service Pack 1 (X64)
Boot Mode: Nerwork
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall"=DWORD:0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall"=DWORD:0


System Restore:
============
SDRSVC Service is not running. Checking service configuration:
The start type of SDRSVC service is OK.
The ImagePath of SDRSVC service is OK.
The ServiceDll of SDRSVC service is OK.

VSS Service is not running. Checking service configuration:
The start type of VSS service is OK.
The ImagePath of VSS service is OK.


System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.

BITS Service is not running. Checking service configuration:
The start type of BITS service is OK.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.

EventSystem Service is not running. Checking service configuration:
The start type of EventSystem service is OK.
The ImagePath of EventSystem service is OK.
The ServiceDll of EventSystem service is OK.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll
[2012-01-03 18:22] - [2011-08-13 01:21] - 0317952 ____A (Microsoft Corporation) 0DAF7DA005BCA551672217F880B7CABC

C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2012-06-03 02:03] - [2012-03-30 06:26] - 1901424 ____A (Microsoft Corporation) 885B202006EE17AE99B9FBCEC9AF88C9

C:\Windows\System32\dnsrslvr.dll
[2012-01-03 16:10] - [2011-03-22 01:10] - 0183296 ____A (Microsoft Corporation) A06098E823EE2E63D42691C0D7BCDE46

C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
BSOD.TXT
==================================================
Dump File : 061312-33353-01.dmp
Crash Time : 6/13/2012 2:18:15 PM
Bug Check String : CRITICAL_OBJECT_TERMINATION
Bug Check Code : 0x000000f4
Parameter 1 : 00000000`00000003
Parameter 2 : fffffa80`06010b30
Parameter 3 : fffffa80`06010e10
Parameter 4 : fffff800`02d8cc30
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+7f140
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7601.21955 (win7sp1_ldr.120330-1503)
Processor : x64
Crash Address : ntoskrnl.exe+7f140
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\Windows\Minidump\061312-33353-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 7601
Dump File Size : 274,688
==================================================

==================================================
Dump File : 061312-31715-01.dmp
Crash Time : 6/13/2012 12:37:59 PM
Bug Check String : CRITICAL_OBJECT_TERMINATION
Bug Check Code : 0x000000f4
Parameter 1 : 00000000`00000003
Parameter 2 : fffffa80`0607eb30
Parameter 3 : fffffa80`0607ee10
Parameter 4 : fffff800`02d93c30
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+7f140
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7601.21955 (win7sp1_ldr.120330-1503)
Processor : x64
Crash Address : ntoskrnl.exe+7f140
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\Windows\Minidump\061312-31715-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 7601
Dump File Size : 274,688
==================================================

==================================================
Dump File : 061312-35006-01.dmp
Crash Time : 6/13/2012 11:14:41 AM
Bug Check String : CRITICAL_OBJECT_TERMINATION
Bug Check Code : 0x000000f4
Parameter 1 : 00000000`00000003
Parameter 2 : fffffa80`0603ab30
Parameter 3 : fffffa80`0603ae10
Parameter 4 : fffff800`02dc9c30
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+7f140
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7601.21955 (win7sp1_ldr.120330-1503)
Processor : x64
Crash Address : ntoskrnl.exe+7f140
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\Windows\Minidump\061312-35006-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 7601
Dump File Size : 274,688
==================================================

==================================================
Dump File : 061312-33665-01.dmp
Crash Time : 6/13/2012 11:09:16 AM
Bug Check String : CRITICAL_OBJECT_TERMINATION
Bug Check Code : 0x000000f4
Parameter 1 : 00000000`00000003
Parameter 2 : fffffa80`04dbbb30
Parameter 3 : fffffa80`04dbbe10
Parameter 4 : fffff800`02dc8c30
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+7f140
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7601.21955 (win7sp1_ldr.120330-1503)
Processor : x64
Crash Address : ntoskrnl.exe+7f140
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\Windows\Minidump\061312-33665-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 7601
Dump File Size : 274,688
==================================================

==================================================
Dump File : 061312-35552-01.dmp
Crash Time : 6/13/2012 10:12:40 AM
Bug Check String : CRITICAL_OBJECT_TERMINATION
Bug Check Code : 0x000000f4
Parameter 1 : 00000000`00000003
Parameter 2 : fffffa80`065f2b30
Parameter 3 : fffffa80`065f2e10
Parameter 4 : fffff800`02d95c30
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+7f140
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7601.21955 (win7sp1_ldr.120330-1503)
Processor : x64
Crash Address : ntoskrnl.exe+7f140
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\Windows\Minidump\061312-35552-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 7601
Dump File Size : 274,688
==================================================

==================================================
Dump File : 061212-34928-01.dmp
Crash Time : 6/12/2012 11:10:29 PM
Bug Check String : DRIVER_UNLOADED_WITHOUT_CANCELLING_PENDING_OPERATIONS
Bug Check Code : 0x000000ce
Parameter 1 : fffff880`00ddb4fc
Parameter 2 : 00000000`00000008
Parameter 3 : fffff880`00ddb4fc
Parameter 4 : 00000000`00000000
Caused By Driver : Ntfs.sys
Caused By Address : Ntfs.sys+f8ae
File Description :
Product Name :
Company :
File Version :
Processor : x64
Crash Address : ntoskrnl.exe+7f140
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\Windows\Minidump\061212-34928-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 7601
Dump File Size : 270,448
==================================================

==================================================
Dump File : 061212-35287-01.dmp
Crash Time : 6/12/2012 11:03:01 PM
Bug Check String : CRITICAL_OBJECT_TERMINATION
Bug Check Code : 0x000000f4
Parameter 1 : 00000000`00000003
Parameter 2 : fffffa80`064d5b30
Parameter 3 : fffffa80`064d5e10
Parameter 4 : fffff800`02dcfc30
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+7f140
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7601.21955 (win7sp1_ldr.120330-1503)
Processor : x64
Crash Address : ntoskrnl.exe+7f140
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\Windows\Minidump\061212-35287-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 7601
Dump File Size : 274,688
==================================================

==================================================
Dump File : 061212-35100-01.dmp
Crash Time : 6/12/2012 10:48:07 PM
Bug Check String : CRITICAL_OBJECT_TERMINATION
Bug Check Code : 0x000000f4
Parameter 1 : 00000000`00000003
Parameter 2 : fffffa80`065d0060
Parameter 3 : fffffa80`065d0340
Parameter 4 : fffff800`02ddbc30
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+7f140
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7601.21955 (win7sp1_ldr.120330-1503)
Processor : x64
Crash Address : ntoskrnl.exe+7f140
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\Windows\Minidump\061212-35100-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 7601
Dump File Size : 274,688
==================================================

==================================================
Dump File : 061212-34335-01.dmp
Crash Time : 6/12/2012 4:31:29 PM
Bug Check String : CRITICAL_OBJECT_TERMINATION
Bug Check Code : 0x000000f4
Parameter 1 : 00000000`00000003
Parameter 2 : fffffa80`060c1b30
Parameter 3 : fffffa80`060c1e10
Parameter 4 : fffff800`02ddfc30
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+7f140
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7601.21955 (win7sp1_ldr.120330-1503)
Processor : x64
Crash Address : ntoskrnl.exe+7f140
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\Windows\Minidump\061212-34335-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 7601
Dump File Size : 274,688
==================================================

==================================================
Dump File : 061212-34070-01.dmp
Crash Time : 6/12/2012 3:19:40 PM
Bug Check String : CRITICAL_OBJECT_TERMINATION
Bug Check Code : 0x000000f4
Parameter 1 : 00000000`00000003
Parameter 2 : fffffa80`064c4b30
Parameter 3 : fffffa80`064c4e10
Parameter 4 : fffff800`02ddac30
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+7f140
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7601.21955 (win7sp1_ldr.120330-1503)
Processor : x64
Crash Address : ntoskrnl.exe+7f140
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\Windows\Minidump\061212-34070-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 7601
Dump File Size : 274,688
==================================================

==================================================
Dump File : 061212-17612-01.dmp
Crash Time : 6/12/2012 1:49:12 PM
Bug Check String : CRITICAL_OBJECT_TERMINATION
Bug Check Code : 0x000000f4
Parameter 1 : 00000000`00000003
Parameter 2 : fffffa80`0649fb30
Parameter 3 : fffffa80`0649fe10
Parameter 4 : fffff800`02dd6c30
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+7f140
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7601.21955 (win7sp1_ldr.120330-1503)
Processor : x64
Crash Address : ntoskrnl.exe+7f140
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\Windows\Minidump\061212-17612-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 7601
Dump File Size : 274,688
==================================================

==================================================
Dump File : 061212-17503-01.dmp
Crash Time : 6/12/2012 1:37:57 PM
Bug Check String : CRITICAL_OBJECT_TERMINATION
Bug Check Code : 0x000000f4
Parameter 1 : 00000000`00000003
Parameter 2 : fffffa80`06496b30
Parameter 3 : fffffa80`06496e10
Parameter 4 : fffff800`02de1c30
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+7f140
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7601.21955 (win7sp1_ldr.120330-1503)
Processor : x64
Crash Address : ntoskrnl.exe+7f140
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\Windows\Minidump\061212-17503-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 7601
Dump File Size : 274,688
==================================================

==================================================
Dump File : 061212-18267-01.dmp
Crash Time : 6/12/2012 1:33:33 PM
Bug Check String : CRITICAL_OBJECT_TERMINATION
Bug Check Code : 0x000000f4
Parameter 1 : 00000000`00000003
Parameter 2 : fffffa80`063b7b30
Parameter 3 : fffffa80`063b7e10
Parameter 4 : fffff800`02dcfc30
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+7f140
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7601.21955 (win7sp1_ldr.120330-1503)
Processor : x64
Crash Address : ntoskrnl.exe+7f140
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\Windows\Minidump\061212-18267-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 7601
Dump File Size : 274,688
==================================================
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

TDSSkiller.TXT
10:14:41.0056 0708 TDSS rootkit removing tool 2.7.39.0 Jun 14 2012 08:11:46
10:14:41.0337 0708 ============================================================
10:14:41.0337 0708 Current date / time: 2012/06/14 10:14:41.0337
10:14:41.0337 0708 SystemInfo:
10:14:41.0337 0708
10:14:41.0337 0708 OS Version: 6.1.7601 ServicePack: 1.0
10:14:41.0337 0708 Product type: Workstation
10:14:41.0337 0708 ComputerName: DEGIORGI2
10:14:41.0337 0708 UserName: degiorgi
10:14:41.0337 0708 Windows directory: C:\Windows
10:14:41.0337 0708 System windows directory: C:\Windows
10:14:41.0337 0708 Running under WOW64
10:14:41.0337 0708 Processor architecture: Intel x64
10:14:41.0337 0708 Number of processors: 2
10:14:41.0337 0708 Page size: 0x1000
10:14:41.0337 0708 Boot type: Safe boot with network
10:14:41.0337 0708 ============================================================
10:14:42.0101 0708 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:14:42.0101 0708 Drive \Device\Harddisk1\DR1 - Size: 0xEE700000 (3.73 Gb), SectorSize: 0x200, Cylinders: 0x1E6, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
10:14:42.0101 0708 ============================================================
10:14:42.0101 0708 \Device\Harddisk0\DR0:
10:14:42.0101 0708 MBR partitions:
10:14:42.0101 0708 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2542DAB0
10:14:42.0101 0708 \Device\Harddisk1\DR1:
10:14:42.0101 0708 MBR partitions:
10:14:42.0101 0708 \Device\Harddisk1\DR1\Partition0: MBR, Type 0xB, StartLBA 0x10, BlocksNum 0x7737F0
10:14:42.0101 0708 ============================================================
10:14:42.0101 0708 Initialize success
10:14:42.0101 0708 ============================================================
10:14:51.0758 1476 ============================================================
10:14:51.0758 1476 Scan started
10:14:51.0758 1476 Mode: Manual; TDLFS;
10:14:51.0758 1476 ============================================================
10:14:51.0789 1476 !SASCORE - ok
10:14:51.0820 1476 1394ohci - ok
10:14:51.0836 1476 ac.sharedstore - ok
10:14:51.0836 1476 Accelerometer - ok
10:14:51.0851 1476 ACPI - ok
10:14:51.0851 1476 AcpiPmi - ok
10:14:51.0867 1476 adp94xx - ok
10:14:51.0882 1476 adpahci - ok
10:14:51.0882 1476 adpu320 - ok
10:14:51.0882 1476 AeLookupSvc - ok
10:14:51.0898 1476 AESTFilters - ok
10:14:51.0914 1476 AFD - ok
10:14:51.0945 1476 AgereModemAudio - ok
10:14:51.0945 1476 AgereSoftModem - ok
10:14:51.0945 1476 agp440 - ok
10:14:51.0945 1476 ALG - ok
10:14:51.0960 1476 aliide - ok
10:14:51.0960 1476 AMD External Events Utility - ok
10:14:51.0960 1476 amdide - ok
10:14:51.0976 1476 AmdK8 - ok
10:14:51.0976 1476 amdkmdag - ok
10:14:51.0976 1476 amdkmdap - ok
10:14:51.0992 1476 AmdPPM - ok
10:14:52.0007 1476 amdsata - ok
10:14:52.0007 1476 amdsbs - ok
10:14:52.0023 1476 amdxata - ok
10:14:52.0023 1476 AppID - ok
10:14:52.0023 1476 AppIDSvc - ok
10:14:52.0038 1476 Appinfo - ok
10:14:52.0038 1476 AppMgmt - ok
10:14:52.0038 1476 arc - ok
10:14:52.0038 1476 arcsas - ok
10:14:52.0070 1476 aswFsBlk - ok
10:14:52.0070 1476 aswMonFlt - ok
10:14:52.0085 1476 aswRdr - ok
10:14:52.0085 1476 aswSnx - ok
10:14:52.0085 1476 aswSP - ok
10:14:52.0101 1476 aswTdi - ok
10:14:52.0101 1476 AsyncMac - ok
10:14:52.0101 1476 atapi - ok
10:14:52.0101 1476 AtiHdmiService - ok
10:14:52.0132 1476 atikmdag - ok
10:14:52.0148 1476 AtiPcie - ok
10:14:52.0148 1476 AudioEndpointBuilder - ok
10:14:52.0148 1476 AudioSrv - ok
10:14:52.0163 1476 avast! Antivirus - ok
10:14:52.0163 1476 AxInstSV - ok
10:14:52.0163 1476 b06bdrv - ok
10:14:52.0194 1476 b57nd60a - ok
10:14:52.0194 1476 BCM43XX - ok
10:14:52.0194 1476 BDESVC - ok
10:14:52.0210 1476 Beep - ok
10:14:52.0210 1476 BFE - ok
10:14:52.0226 1476 BITS - ok
10:14:52.0226 1476 blbdrive - ok
10:14:52.0257 1476 bowser - ok
10:14:52.0257 1476 BrFiltLo - ok
10:14:52.0257 1476 BrFiltUp - ok
10:14:52.0257 1476 BridgeMP - ok
10:14:52.0272 1476 Browser - ok
10:14:52.0272 1476 Brserid - ok
10:14:52.0272 1476 BrSerWdm - ok
10:14:52.0288 1476 BrUsbMdm - ok
10:14:52.0288 1476 BrUsbSer - ok
10:14:52.0288 1476 BthEnum - ok
10:14:52.0288 1476 BTHMODEM - ok
10:14:52.0319 1476 BthPan - ok
10:14:52.0319 1476 BTHPORT - ok
10:14:52.0319 1476 bthserv - ok
10:14:52.0319 1476 BTHUSB - ok
10:14:52.0335 1476 btwaudio - ok
10:14:52.0350 1476 btwavdt - ok
10:14:52.0350 1476 btwdins - ok
10:14:52.0366 1476 btwl2cap - ok
10:14:52.0382 1476 btwrchid - ok
10:14:52.0382 1476 catchme - ok
10:14:52.0382 1476 cdfs - ok
10:14:52.0397 1476 cdrom - ok
10:14:52.0397 1476 CertPropSvc - ok
10:14:52.0397 1476 circlass - ok
10:14:52.0397 1476 CLFS - ok
10:14:52.0413 1476 clr_optimization_v2.0.50727_32 - ok
10:14:52.0413 1476 clr_optimization_v2.0.50727_64 - ok
10:14:52.0413 1476 CmBatt - ok
10:14:52.0444 1476 cmdide - ok
10:14:52.0444 1476 CNG - ok
10:14:52.0460 1476 Com4QLBEx - ok
10:14:52.0475 1476 Compbatt - ok
10:14:52.0475 1476 CompositeBus - ok
10:14:52.0506 1476 COMSysApp - ok
10:14:52.0506 1476 crcdisk - ok
10:14:52.0506 1476 CryptSvc - ok
10:14:52.0522 1476 CSC - ok
10:14:52.0522 1476 CscService - ok
10:14:52.0553 1476 ctxusbm - ok
10:14:52.0569 1476 DcomLaunch - ok
10:14:52.0569 1476 defragsvc - ok
10:14:52.0569 1476 DfsC - ok
10:14:52.0584 1476 Dhcp - ok
10:14:52.0584 1476 discache - ok
10:14:52.0584 1476 Disk - ok
10:14:52.0600 1476 dmvsc - ok
10:14:52.0600 1476 Dnscache - ok
10:14:52.0600 1476 dot3svc - ok
10:14:52.0600 1476 DPS - ok
10:14:52.0631 1476 drmkaud - ok
10:14:52.0631 1476 DXGKrnl - ok
10:14:52.0631 1476 EapHost - ok
10:14:52.0647 1476 ebdrv - ok
10:14:52.0647 1476 EFS - ok
10:14:52.0647 1476 ehRecvr - ok
10:14:52.0647 1476 ehSched - ok
10:14:52.0662 1476 elxstor - ok
10:14:52.0725 1476 enterceptAgent - ok
10:14:52.0725 1476 ErrDev - ok
10:14:52.0772 1476 EventSystem - ok
10:14:52.0772 1476 exfat - ok
10:14:52.0772 1476 fastfat - ok
10:14:52.0772 1476 Fax - ok
10:14:52.0787 1476 fdc - ok
10:14:52.0787 1476 fdPHost - ok
10:14:52.0787 1476 FDResPub - ok
10:14:52.0787 1476 FileInfo - ok
10:14:52.0818 1476 Filetrace - ok
10:14:52.0818 1476 FIMPasswordReset - ok
10:14:52.0834 1476 Firehk - ok
10:14:52.0834 1476 FirehkMP - ok
10:14:52.0834 1476 firelm01 - ok
10:14:52.0850 1476 FirePM - ok
10:14:52.0850 1476 FireTDI - ok
10:14:52.0850 1476 flpydisk - ok
10:14:52.0850 1476 FltMgr - ok
10:14:52.0881 1476 FontCache - ok
10:14:52.0881 1476 FontCache3.0.0.0 - ok
10:14:52.0881 1476 FsDepends - ok
10:14:52.0881 1476 Fs_Rec - ok
10:14:52.0896 1476 fvevol - ok
10:14:52.0896 1476 gagp30kx - ok
10:14:52.0896 1476 gpsvc - ok
10:14:52.0912 1476 gupdate - ok
10:14:52.0912 1476 gupdatem - ok
10:14:52.0912 1476 hcw85cir - ok
10:14:52.0912 1476 HDAudBus - ok
10:14:52.0943 1476 HECIx64 - ok
10:14:52.0943 1476 HidBatt - ok
10:14:52.0943 1476 HidBth - ok
10:14:52.0959 1476 HidIr - ok
10:14:52.0959 1476 hidserv - ok
10:14:52.0959 1476 HidUsb - ok
10:14:52.0959 1476 HIPK - ok
10:14:52.0974 1476 HIPPSK - ok
10:14:52.0974 1476 HIPQK - ok
10:14:52.0974 1476 hips - ok
10:14:52.0974 1476 hkmsvc - ok
10:14:53.0006 1476 HomeGroupListener - ok
10:14:53.0006 1476 HomeGroupProvider - ok
10:14:53.0006 1476 HP Power Assistant Service - ok
10:14:53.0021 1476 HP Wireless Assistant Service - ok
10:14:53.0021 1476 HPDrvMntSvc.exe - ok
10:14:53.0037 1476 hpdskflt - ok
10:14:53.0037 1476 HpqKbFiltr - ok
10:14:53.0037 1476 hpqwmiex - ok
10:14:53.0037 1476 HpSAMD - ok
10:14:53.0068 1476 hpsrv - ok
10:14:53.0068 1476 HTTP - ok
10:14:53.0068 1476 hwpolicy - ok
10:14:53.0068 1476 i8042prt - ok
10:14:53.0084 1476 iaStor - ok
10:14:53.0084 1476 iaStorV - ok
10:14:53.0084 1476 idsvc - ok
10:14:53.0084 1476 iirsp - ok
10:14:53.0099 1476 IKEEXT - ok
10:14:53.0099 1476 Impcd - ok
10:14:53.0099 1476 intelide - ok
10:14:53.0130 1476 intelppm - ok
10:14:53.0130 1476 IPBusEnum - ok
10:14:53.0130 1476 IpFilterDriver - ok
10:14:53.0130 1476 iphlpsvc - ok
10:14:53.0146 1476 IPMIDRV - ok
10:14:53.0146 1476 IPNAT - ok
10:14:53.0146 1476 IRENUM - ok
10:14:53.0162 1476 isapnp - ok
10:14:53.0162 1476 iScsiPrt - ok
10:14:53.0162 1476 kbdclass - ok
10:14:53.0162 1476 kbdhid - ok
10:14:53.0193 1476 KeyIso - ok
10:14:53.0193 1476 KSecDD - ok
10:14:53.0193 1476 KSecPkg - ok
10:14:53.0193 1476 ksthunk - ok
10:14:53.0208 1476 KtmRm - ok
10:14:53.0208 1476 LanmanServer - ok
10:14:53.0208 1476 LanmanWorkstation - ok
10:14:53.0224 1476 lltdio - ok
10:14:53.0224 1476 lltdsvc - ok
10:14:53.0224 1476 lmhosts - ok
10:14:53.0255 1476 LSI_FC - ok
10:14:53.0255 1476 LSI_SAS - ok
10:14:53.0255 1476 LSI_SAS2 - ok
10:14:53.0255 1476 LSI_SCSI - ok
10:14:53.0271 1476 luafv - ok
10:14:53.0271 1476 mbamchameleon - ok
10:14:53.0271 1476 McAfee SiteAdvisor Enterprise Service - ok
10:14:53.0286 1476 McAfeeEngineService - ok
10:14:53.0286 1476 McAfeeFramework - ok
10:14:53.0286 1476 McShield - ok
10:14:53.0286 1476 McTaskManager - ok
10:14:53.0318 1476 Mcx2Svc - ok
10:14:53.0318 1476 megasas - ok
10:14:53.0318 1476 MegaSR - ok
10:14:53.0318 1476 mfeapfk - ok
10:14:53.0333 1476 mfeavfk - ok
10:14:53.0333 1476 mfehidk - ok
10:14:53.0333 1476 mferkdet - ok
10:14:53.0333 1476 mfetdik - ok
10:14:53.0349 1476 mfevtp - ok
10:14:53.0349 1476 Microsoft SharePoint Workspace Audit Service - ok
10:14:53.0349 1476 MMCSS - ok
10:14:53.0349 1476 Modem - ok
10:14:53.0380 1476 monitor - ok
10:14:53.0380 1476 mouclass - ok
10:14:53.0380 1476 mouhid - ok
10:14:53.0396 1476 mountmgr - ok
10:14:53.0396 1476 mpio - ok
10:14:53.0396 1476 mpsdrv - ok
10:14:53.0396 1476 MpsSvc - ok
10:14:53.0411 1476 MRxDAV - ok
10:14:53.0411 1476 mrxsmb - ok
10:14:53.0411 1476 mrxsmb10 - ok
10:14:53.0411 1476 mrxsmb20 - ok
10:14:53.0442 1476 msahci - ok
10:14:53.0442 1476 msdsm - ok
10:14:53.0442 1476 MSDTC - ok
10:14:53.0458 1476 Msfs - ok
10:14:53.0458 1476 mshidkmdf - ok
10:14:53.0458 1476 msisadrv - ok
10:14:53.0458 1476 MSiSCSI - ok
10:14:53.0474 1476 msiserver - ok
10:14:53.0474 1476 MSKSSRV - ok
10:14:53.0474 1476 MSPCLOCK - ok
10:14:53.0474 1476 MSPQM - ok
10:14:53.0505 1476 MsRPC - ok
10:14:53.0505 1476 mssmbios - ok
10:14:53.0505 1476 MSTEE - ok
10:14:53.0520 1476 MTConfig - ok
10:14:53.0520 1476 Mup - ok
10:14:53.0520 1476 napagent - ok
10:14:53.0520 1476 NativeWifiP - ok
10:14:53.0536 1476 NDIS - ok
10:14:53.0536 1476 NdisCap - ok
10:14:53.0536 1476 NdisTapi - ok
10:14:53.0567 1476 Ndisuio - ok
10:14:53.0567 1476 NdisWan - ok
10:14:53.0567 1476 NDProxy - ok
10:14:53.0567 1476 Net Driver HPZ12 - ok
10:14:53.0583 1476 NetBIOS - ok
10:14:53.0583 1476 NetBT - ok
10:14:53.0583 1476 Netlogon - ok
10:14:53.0598 1476 Netman - ok
10:14:53.0598 1476 netprofm - ok
10:14:53.0598 1476 NetTcpPortSharing - ok
10:14:53.0598 1476 nfrd960 - ok
10:14:53.0630 1476 NlaSvc - ok
10:14:53.0630 1476 Npfs - ok
10:14:53.0630 1476 nsi - ok
10:14:53.0630 1476 nsiproxy - ok
10:14:53.0645 1476 Ntfs - ok
10:14:53.0645 1476 Null - ok
10:14:53.0645 1476 nvraid - ok
10:14:53.0661 1476 nvstor - ok
10:14:53.0661 1476 nv_agp - ok
10:14:53.0661 1476 ohci1394 - ok
10:14:53.0661 1476 ose - ok
10:14:53.0692 1476 osppsvc - ok
10:14:53.0692 1476 p2pimsvc - ok
10:14:53.0692 1476 p2psvc - ok
10:14:53.0708 1476 Parport - ok
10:14:53.0708 1476 partmgr - ok
10:14:53.0708 1476 PcaSvc - ok
10:14:53.0708 1476 pci - ok
10:14:53.0723 1476 pciide - ok
10:14:53.0723 1476 pcmcia - ok
10:14:53.0723 1476 pcw - ok
10:14:53.0723 1476 PdiService - ok
10:14:53.0754 1476 PEAUTH - ok
10:14:53.0754 1476 PeerDistSvc - ok
10:14:53.0754 1476 PerfHost - ok
10:14:53.0770 1476 pla - ok
10:14:53.0786 1476 PlugPlay - ok
10:14:53.0786 1476 Pml Driver HPZ12 - ok
10:14:53.0786 1476 PNRPAutoReg - ok
10:14:53.0786 1476 PNRPsvc - ok
10:14:53.0817 1476 PolicyAgent - ok
10:14:53.0817 1476 Power - ok
10:14:53.0817 1476 PptpMiniport - ok
10:14:53.0832 1476 Processor - ok
10:14:53.0832 1476 ProfSvc - ok
10:14:53.0832 1476 ProtectedStorage - ok
10:14:53.0832 1476 Psched - ok
10:14:53.0848 1476 ql2300 - ok
10:14:53.0848 1476 ql40xx - ok
10:14:53.0848 1476 QWAVE - ok
10:14:53.0848 1476 QWAVEdrv - ok
10:14:53.0879 1476 radexecd - ok
10:14:53.0879 1476 RadiaMsi - ok
10:14:53.0879 1476 radsched - ok
10:14:53.0879 1476 Radstgms - ok
10:14:53.0895 1476 RasAcd - ok
10:14:53.0895 1476 RasAgileVpn - ok
10:14:53.0895 1476 RasAuto - ok
10:14:53.0910 1476 Rasl2tp - ok
10:14:53.0910 1476 RasMan - ok
10:14:53.0910 1476 RasPppoe - ok
10:14:53.0910 1476 RasSstp - ok
10:14:53.0942 1476 rdbss - ok
10:14:53.0942 1476 rdpbus - ok
10:14:53.0942 1476 RDPCDD - ok
10:14:53.0942 1476 RDPDR - ok
10:14:53.0957 1476 RDPENCDD - ok
10:14:53.0957 1476 RDPREFMP - ok
10:14:53.0973 1476 RdpVideoMiniport - ok
10:14:53.0973 1476 RDPWD - ok
10:14:53.0973 1476 rdyboost - ok
10:14:53.0973 1476 RemoteAccess - ok
10:14:54.0004 1476 RemoteRegistry - ok
10:14:54.0004 1476 RFCOMM - ok
10:14:54.0004 1476 rimmptsk - ok
10:14:54.0004 1476 rimspci - ok
10:14:54.0020 1476 rimsptsk - ok
10:14:54.0020 1476 risdpcie - ok
10:14:54.0035 1476 rismxdp - ok
10:14:54.0035 1476 rixdpcie - ok
10:14:54.0035 1476 RpcEptMapper - ok
10:14:54.0066 1476 RpcLocator - ok
10:14:54.0066 1476 RpcSs - ok
10:14:54.0066 1476 rspndr - ok
10:14:54.0066 1476 RsvLock - ok
10:14:54.0082 1476 s3cap - ok
10:14:54.0082 1476 SafeBoot - ok
10:14:54.0082 1476 SafeBootClientManager - ok
10:14:54.0098 1476 SamSs - ok
10:14:54.0098 1476 SASDIFSV - ok
10:14:54.0098 1476 SASKUTIL - ok
10:14:54.0098 1476 SBAlg - ok
10:14:54.0129 1476 SbFlop - ok
10:14:54.0129 1476 SbFsLock - ok
10:14:54.0144 1476 sbp2port - ok
10:14:54.0144 1476 SbRegFlt - ok
10:14:54.0144 1476 SCardSvr - ok
10:14:54.0144 1476 scfilter - ok
10:14:54.0160 1476 Schedule - ok
10:14:54.0160 1476 SCPolicySvc - ok
10:14:54.0160 1476 SDRSVC - ok
10:14:54.0160 1476 secdrv - ok
10:14:54.0191 1476 seclogon - ok
10:14:54.0191 1476 SENS - ok
10:14:54.0191 1476 SensrSvc - ok
10:14:54.0191 1476 Serenum - ok
10:14:54.0207 1476 Serial - ok
10:14:54.0207 1476 sermouse - ok
10:14:54.0222 1476 SessionEnv - ok
10:14:54.0222 1476 sffdisk - ok
10:14:54.0222 1476 sffp_mmc - ok
10:14:54.0254 1476 sffp_sd - ok
10:14:54.0254 1476 sfloppy - ok
10:14:54.0254 1476 SharedAccess - ok
10:14:54.0254 1476 ShellHWDetection - ok
10:14:54.0269 1476 SiSRaid2 - ok
10:14:54.0269 1476 SiSRaid4 - ok
10:14:54.0269 1476 Smb - ok
10:14:54.0285 1476 SNMPTRAP - ok
10:14:54.0285 1476 spldr - ok
10:14:54.0285 1476 Spooler - ok
10:14:54.0316 1476 sppsvc - ok
10:14:54.0316 1476 sppuinotify - ok
10:14:54.0316 1476 srv - ok
10:14:54.0316 1476 srv2 - ok
10:14:54.0332 1476 srvnet - ok
10:14:54.0332 1476 SSDPSRV - ok
10:14:54.0332 1476 SstpSvc - ok
10:14:54.0332 1476 STacSV - ok
10:14:54.0347 1476 stexstor - ok
10:14:54.0347 1476 STHDA - ok
10:14:54.0347 1476 stisvc - ok
10:14:54.0378 1476 storflt - ok
10:14:54.0378 1476 StorSvc - ok
10:14:54.0378 1476 storvsc - ok
10:14:54.0378 1476 swenum - ok
10:14:54.0394 1476 swprv - ok
10:14:54.0394 1476 Synth3dVsc - ok
10:14:54.0394 1476 SynTP - ok
10:14:54.0394 1476 SysMain - ok
10:14:54.0410 1476 TabletInputService - ok
10:14:54.0410 1476 TapiSrv - ok
10:14:54.0410 1476 TBS - ok
10:14:54.0410 1476 Tcpip - ok
10:14:54.0441 1476 TCPIP6 - ok
10:14:54.0441 1476 tcpipreg - ok
10:14:54.0456 1476 TDPIPE - ok
10:14:54.0456 1476 TDTCP - ok
10:14:54.0456 1476 tdx - ok
10:14:54.0456 1476 TermDD - ok
10:14:54.0472 1476 terminpt - ok
10:14:54.0472 1476 TermService - ok
10:14:54.0472 1476 Themes - ok
10:14:54.0472 1476 THREADORDER - ok
10:14:54.0503 1476 TPM - ok
10:14:54.0503 1476 TrkWks - ok
10:14:54.0503 1476 TrustedInstaller - ok
10:14:54.0503 1476 tssecsrv - ok
10:14:54.0519 1476 TsUsbFlt - ok
10:14:54.0519 1476 TsUsbGD - ok
10:14:54.0519 1476 tsusbhub - ok
10:14:54.0534 1476 tunnel - ok
10:14:54.0534 1476 uagp35 - ok
10:14:54.0566 1476 udfs - ok
10:14:54.0566 1476 UI0Detect - ok
10:14:54.0566 1476 uliagpkx - ok
10:14:54.0581 1476 umbus - ok
10:14:54.0581 1476 UmPass - ok
10:14:54.0581 1476 UmRdpService - ok
10:14:54.0581 1476 upnphost - ok
10:14:54.0597 1476 usbccgp - ok
10:14:54.0597 1476 usbcir - ok
10:14:54.0597 1476 usbehci - ok
10:14:54.0597 1476 usbhub - ok
10:14:54.0628 1476 usbohci - ok
10:14:54.0628 1476 usbprint - ok
10:14:54.0628 1476 usbscan - ok
10:14:54.0644 1476 USBSTOR - ok
10:14:54.0644 1476 usbuhci - ok
10:14:54.0644 1476 UxSms - ok
10:14:54.0644 1476 VaultSvc - ok
10:14:54.0659 1476 vdrvroot - ok
10:14:54.0659 1476 vds - ok
10:14:54.0690 1476 vga - ok
10:14:54.0690 1476 VgaSave - ok
10:14:54.0690 1476 VGPU - ok
10:14:54.0690 1476 vhdmp - ok
10:14:54.0706 1476 viaide - ok
10:14:54.0706 1476 vmbus - ok
10:14:54.0706 1476 VMBusHID - ok
10:14:54.0706 1476 volmgr - ok
10:14:54.0722 1476 volmgrx - ok
10:14:54.0722 1476 volsnap - ok
10:14:54.0722 1476 vpnagent - ok
10:14:54.0722 1476 vpnva - ok
10:14:54.0753 1476 vsmraid - ok
10:14:54.0753 1476 VSS - ok
10:14:54.0753 1476 vwifibus - ok
10:14:54.0753 1476 vwififlt - ok
10:14:54.0768 1476 W32Time - ok
10:14:54.0768 1476 WacomPen - ok
10:14:54.0768 1476 WANARP - ok
10:14:54.0784 1476 Wanarpv6 - ok
10:14:54.0784 1476 wbengine - ok
10:14:54.0784 1476 WbioSrvc - ok
10:14:54.0784 1476 wcncsvc - ok
10:14:54.0815 1476 WcsPlugInService - ok
10:14:54.0815 1476 Wd - ok
10:14:54.0815 1476 Wdf01000 - ok
10:14:54.0815 1476 WdiServiceHost - ok
10:14:54.0831 1476 WdiSystemHost - ok
10:14:54.0831 1476 WebClient - ok
10:14:54.0831 1476 Wecsvc - ok
10:14:54.0846 1476 wercplsupport - ok
10:14:54.0846 1476 WerSvc - ok
10:14:54.0846 1476 WfpLwf - ok
10:14:54.0846 1476 WIMMount - ok
10:14:54.0878 1476 WinDefend - ok
10:14:54.0878 1476 WinHttpAutoProxySvc - ok
10:14:54.0878 1476 Winmgmt - ok
10:14:54.0878 1476 WinRM - ok
10:14:54.0893 1476 WinUsb - ok
10:14:54.0893 1476 Wlansvc - ok
10:14:54.0909 1476 WmiAcpi - ok
10:14:54.0909 1476 wmiApSrv - ok
10:14:54.0909 1476 WMPNetworkSvc - ok
10:14:54.0909 1476 WPCSvc - ok
10:14:54.0940 1476 WPDBusEnum - ok
10:14:54.0940 1476 ws2ifsl - ok
10:14:54.0940 1476 wscsvc - ok
10:14:54.0940 1476 WSearch - ok
10:14:54.0956 1476 wuauserv - ok
10:14:54.0956 1476 WudfPf - ok
10:14:54.0956 1476 WUDFRd - ok
10:14:54.0971 1476 wudfsvc - ok
10:14:54.0971 1476 WwanSvc - ok
10:14:54.0971 1476 yukonw7 - ok
10:14:55.0002 1476 MBR (0x1B8) (1d6f5defe2a2f808a4457742d0a67134) \Device\Harddisk0\DR0
10:14:55.0580 1476 \Device\Harddisk0\DR0 - ok
10:14:55.0595 1476 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR1
10:14:55.0782 1476 \Device\Harddisk1\DR1 - ok
10:14:55.0798 1476 Boot (0x1200) (947d3eb8804c4b5e06109e21a58faef3) \Device\Harddisk0\DR0\Partition0
10:14:55.0798 1476 \Device\Harddisk0\DR0\Partition0 - ok
10:14:55.0798 1476 Boot (0x1200) (c056f72e4a1e96e3ceebabce7bdbe9bf) \Device\Harddisk1\DR1\Partition0
10:14:55.0814 1476 \Device\Harddisk1\DR1\Partition0 - ok
10:14:55.0814 1476 ============================================================
10:14:55.0814 1476 Scan finished

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~`
FixExec.TXT
FixExec by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about FixExec can be found at this link:
http://www.bleepingcomputer.com/download/windows/utilities/fixexec

Program started at: 06/14/2012 10:28:03 AM in x64 mode.
Windows Version: Windows 7

Checking for processes to terminate before fixing executable associations.
* No processes found to kill.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

* HKLM\Software\Classes\exefile\shell\open\command\\IsolatedCommand was changed. It was reset to "%1" %*!

* HKLM\Software\Classes\exefile\shell\runas\command\\IsolatedCommand was changed. It was reset to "%1" %*!

* HKLM\Software\Classes\.com\\@ has been changed to ComFile!
* HKLM\Software\Classes\.com\\@ was reset to comfile!


Program finished at: 06/14/2012 10:28:06 AM
Execution time: 0 hours(s), 0 minute(s), and 2 seconds(s)

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,344 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:35 PM

Posted 15 June 2012 - 08:15 PM

Still no MBAM?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users