Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

try to run rkill, says access is denied


  • Please log in to reply
11 replies to this topic

#1 larsok

larsok

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:02:40 PM

Posted 27 June 2012 - 10:28 PM

Have worked through all steps to remove "smart hdd" malware, but it is still infected.
Have noticed when running the rkill program, it says "please be patient", but then says "access is denied". Could this be my problem?
The computer does not have any user restrictions on it, i.e. no administrator account.

BC AdBot (Login to Remove)

 


#2 ElFasso

ElFasso

  • Members
  • 229 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Belgium
  • Local time:08:40 PM

Posted 28 June 2012 - 02:03 AM

If you have Windows 7 or Vista, you need to click on right mouse button on Rkill and Run it as administrator.
If it still doesn't work please download Rkill but under another name: http://www.bleepingcomputer.com/download/rkill/dl/11/

Edited by ElFasso, 28 June 2012 - 02:05 AM.


#3 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:40 PM

Posted 28 June 2012 - 03:47 AM

Boot the PC into safemode with networking

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)


Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#4 larsok

larsok
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:02:40 PM

Posted 28 June 2012 - 10:31 AM

I performed all the scans suggested.
Here are the log files (could not figure how to just attach the files).

This is from the TDSSKiller:

07:00:41.0301 3008 TDSS rootkit removing tool 2.7.42.0 Jun 25 2012 21:18:44
07:00:41.0675 3008 ============================================================
07:00:41.0675 3008 Current date / time: 2012/06/28 07:00:41.0675
07:00:41.0675 3008 SystemInfo:
07:00:41.0675 3008
07:00:41.0675 3008 OS Version: 6.1.7601 ServicePack: 1.0
07:00:41.0675 3008 Product type: Workstation
07:00:41.0675 3008 ComputerName: LARS-PC
07:00:41.0675 3008 UserName: Lars
07:00:41.0675 3008 Windows directory: C:\Windows
07:00:41.0675 3008 System windows directory: C:\Windows
07:00:41.0675 3008 Running under WOW64
07:00:41.0675 3008 Processor architecture: Intel x64
07:00:41.0675 3008 Number of processors: 4
07:00:41.0675 3008 Page size: 0x1000
07:00:41.0675 3008 Boot type: Safe boot with network
07:00:41.0675 3008 ============================================================
07:00:42.0143 3008 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
07:00:42.0143 3008 ============================================================
07:00:42.0143 3008 \Device\Harddisk0\DR0:
07:00:42.0143 3008 MBR partitions:
07:00:42.0143 3008 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x32FCD, BlocksNum 0x1D4C000
07:00:42.0143 3008 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D7EFCD, BlocksNum 0x38606863
07:00:42.0143 3008 ============================================================
07:00:42.0174 3008 C: <-> \Device\Harddisk0\DR0\Partition1
07:00:42.0174 3008 ============================================================
07:00:42.0174 3008 Initialize success
07:00:42.0174 3008 ============================================================
07:01:09.0396 2852 ============================================================
07:01:09.0396 2852 Scan started
07:01:09.0396 2852 Mode: Manual; TDLFS;
07:01:09.0396 2852 ============================================================
07:01:09.0662 2852 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
07:01:09.0677 2852 1394ohci - ok
07:01:09.0755 2852 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
07:01:09.0755 2852 ACPI - ok
07:01:09.0818 2852 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
07:01:09.0818 2852 AcpiPmi - ok
07:01:09.0896 2852 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
07:01:09.0927 2852 adp94xx - ok
07:01:09.0958 2852 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
07:01:09.0958 2852 adpahci - ok
07:01:09.0974 2852 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
07:01:09.0989 2852 adpu320 - ok
07:01:10.0020 2852 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
07:01:10.0020 2852 AeLookupSvc - ok
07:01:10.0083 2852 AERTFilters (d1e343bc00136ce03c4d403194d06a80) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
07:01:10.0083 2852 AERTFilters - ok
07:01:10.0161 2852 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
07:01:10.0176 2852 AFD - ok
07:01:10.0239 2852 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
07:01:10.0239 2852 agp440 - ok
07:01:10.0286 2852 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
07:01:10.0286 2852 ALG - ok
07:01:10.0317 2852 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
07:01:10.0317 2852 aliide - ok
07:01:10.0348 2852 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
07:01:10.0348 2852 amdide - ok
07:01:10.0395 2852 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
07:01:10.0395 2852 AmdK8 - ok
07:01:10.0457 2852 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
07:01:10.0457 2852 AmdPPM - ok
07:01:10.0504 2852 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
07:01:10.0504 2852 amdsata - ok
07:01:10.0566 2852 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
07:01:10.0582 2852 amdsbs - ok
07:01:10.0598 2852 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
07:01:10.0598 2852 amdxata - ok
07:01:10.0644 2852 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
07:01:10.0660 2852 AppID - ok
07:01:10.0676 2852 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
07:01:10.0676 2852 AppIDSvc - ok
07:01:10.0738 2852 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
07:01:10.0738 2852 Appinfo - ok
07:01:10.0847 2852 Apple Mobile Device (018857ead9a077a56aedfc0e5ef7a24a) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
07:01:10.0847 2852 Apple Mobile Device - ok
07:01:10.0894 2852 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
07:01:10.0894 2852 arc - ok
07:01:10.0925 2852 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
07:01:10.0925 2852 arcsas - ok
07:01:10.0956 2852 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
07:01:10.0956 2852 AsyncMac - ok
07:01:11.0003 2852 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
07:01:11.0003 2852 atapi - ok
07:01:11.0081 2852 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
07:01:11.0112 2852 AudioEndpointBuilder - ok
07:01:11.0112 2852 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
07:01:11.0112 2852 AudioSrv - ok
07:01:11.0175 2852 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
07:01:11.0175 2852 AxInstSV - ok
07:01:11.0253 2852 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
07:01:11.0268 2852 b06bdrv - ok
07:01:11.0315 2852 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
07:01:11.0315 2852 b57nd60a - ok
07:01:11.0456 2852 BBSvc (37bfed63841e56f465e1a0cd32f1bcc9) C:\Program Files (x86)\Microsoft\BingBar\7.1.364.0\BBSvc.exe
07:01:11.0456 2852 BBSvc - ok
07:01:11.0518 2852 BBUpdate (b47230df549e171449b5d25cfcee9f57) C:\Program Files (x86)\Microsoft\BingBar\7.1.364.0\SeaPort.exe
07:01:11.0534 2852 BBUpdate - ok
07:01:11.0768 2852 BCM43XX (8b5d16d20774fc3727f44e161be2c0ac) C:\Windows\system32\DRIVERS\bcmwl664.sys
07:01:11.0783 2852 BCM43XX - ok
07:01:11.0908 2852 BcmVWL (d224b2e6bb543f1d8f1177d57fec2950) C:\Windows\system32\DRIVERS\bcmvwl64.sys
07:01:11.0908 2852 BcmVWL - ok
07:01:11.0955 2852 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
07:01:11.0955 2852 BDESVC - ok
07:01:12.0002 2852 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
07:01:12.0002 2852 Beep - ok
07:01:12.0111 2852 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
07:01:12.0126 2852 BFE - ok
07:01:12.0220 2852 bgsvcgen (acc9c8c560c567fad6f79c977ab2ea09) C:\Windows\SysWOW64\bgsvcgen.exe
07:01:12.0236 2852 bgsvcgen - ok
07:01:12.0329 2852 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
07:01:12.0376 2852 BITS - ok
07:01:12.0423 2852 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
07:01:12.0423 2852 blbdrive - ok
07:01:12.0516 2852 Bonjour Service (f832f1505ad8b83474bd9a5b1b985e01) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
07:01:12.0532 2852 Bonjour Service - ok
07:01:12.0579 2852 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
07:01:12.0579 2852 bowser - ok
07:01:12.0610 2852 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
07:01:12.0610 2852 BrFiltLo - ok
07:01:12.0641 2852 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
07:01:12.0641 2852 BrFiltUp - ok
07:01:12.0672 2852 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
07:01:12.0688 2852 Browser - ok
07:01:12.0719 2852 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
07:01:12.0719 2852 Brserid - ok
07:01:12.0735 2852 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
07:01:12.0735 2852 BrSerWdm - ok
07:01:12.0782 2852 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
07:01:12.0782 2852 BrUsbMdm - ok
07:01:12.0797 2852 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
07:01:12.0797 2852 BrUsbSer - ok
07:01:12.0860 2852 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
07:01:12.0860 2852 BthEnum - ok
07:01:12.0922 2852 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
07:01:12.0922 2852 BTHMODEM - ok
07:01:12.0953 2852 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
07:01:12.0953 2852 BthPan - ok
07:01:13.0031 2852 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
07:01:13.0047 2852 BTHPORT - ok
07:01:13.0094 2852 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
07:01:13.0094 2852 bthserv - ok
07:01:13.0125 2852 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
07:01:13.0125 2852 BTHUSB - ok
07:01:13.0156 2852 btusbflt (d3466f77c2c49c6e393ba5fba963a33e) C:\Windows\system32\drivers\btusbflt.sys
07:01:13.0172 2852 btusbflt - ok
07:01:13.0250 2852 btwaudio (af838d8029ae7c27470862d63fa54d24) C:\Windows\system32\drivers\btwaudio.sys
07:01:13.0250 2852 btwaudio - ok
07:01:13.0281 2852 btwavdt (5c849bd7c78791c5cee9f4651d7fe38d) C:\Windows\system32\drivers\btwavdt.sys
07:01:13.0281 2852 btwavdt - ok
07:01:13.0406 2852 btwdins (10ffb5fa51d5713d872b41a59dfc2213) c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
07:01:13.0437 2852 btwdins - ok
07:01:13.0484 2852 btwl2cap (6149301dc3f81d6f9667a3fbac410975) C:\Windows\system32\DRIVERS\btwl2cap.sys
07:01:13.0484 2852 btwl2cap - ok
07:01:13.0515 2852 btwrchid (3e1991afa851a36dc978b0a1b0535c8b) C:\Windows\system32\DRIVERS\btwrchid.sys
07:01:13.0515 2852 btwrchid - ok
07:01:13.0562 2852 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
07:01:13.0562 2852 cdfs - ok
07:01:13.0608 2852 cdrbsdrv (9edd76d0800a022ae10b9243d0224e72) C:\Windows\system32\drivers\cdrbsdrv.sys
07:01:13.0608 2852 cdrbsdrv - ok
07:01:13.0671 2852 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
07:01:13.0671 2852 cdrom - ok
07:01:13.0733 2852 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
07:01:13.0733 2852 CertPropSvc - ok
07:01:13.0811 2852 cfwids (274ce03459896006f7a5069266e0469e) C:\Windows\system32\drivers\cfwids.sys
07:01:13.0811 2852 cfwids - ok
07:01:13.0858 2852 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
07:01:13.0874 2852 circlass - ok
07:01:13.0905 2852 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
07:01:13.0920 2852 CLFS - ok
07:01:13.0998 2852 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
07:01:14.0014 2852 clr_optimization_v2.0.50727_32 - ok
07:01:14.0092 2852 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
07:01:14.0092 2852 clr_optimization_v2.0.50727_64 - ok
07:01:14.0170 2852 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
07:01:14.0232 2852 clr_optimization_v4.0.30319_32 - ok
07:01:14.0310 2852 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
07:01:14.0310 2852 clr_optimization_v4.0.30319_64 - ok
07:01:14.0357 2852 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
07:01:14.0357 2852 CmBatt - ok
07:01:14.0388 2852 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
07:01:14.0388 2852 cmdide - ok
07:01:14.0466 2852 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
07:01:14.0482 2852 CNG - ok
07:01:14.0529 2852 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
07:01:14.0529 2852 Compbatt - ok
07:01:14.0576 2852 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
07:01:14.0576 2852 CompositeBus - ok
07:01:14.0607 2852 COMSysApp - ok
07:01:14.0622 2852 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
07:01:14.0622 2852 crcdisk - ok
07:01:14.0700 2852 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
07:01:14.0700 2852 CryptSvc - ok
07:01:14.0747 2852 CtClsFlt (fbe228abeab2be13b9c3a3a112d4d8dc) C:\Windows\system32\DRIVERS\CtClsFlt.sys
07:01:14.0747 2852 CtClsFlt - ok
07:01:14.0794 2852 dc3d (23d4b856725f5fc3c4f410c150ab107b) C:\Windows\system32\DRIVERS\dc3d.sys
07:01:14.0794 2852 dc3d - ok
07:01:14.0872 2852 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
07:01:14.0888 2852 DcomLaunch - ok
07:01:14.0934 2852 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
07:01:14.0950 2852 defragsvc - ok
07:01:14.0997 2852 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
07:01:14.0997 2852 DfsC - ok
07:01:15.0059 2852 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
07:01:15.0075 2852 Dhcp - ok
07:01:15.0122 2852 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
07:01:15.0122 2852 discache - ok
07:01:15.0168 2852 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
07:01:15.0168 2852 Disk - ok
07:01:15.0231 2852 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
07:01:15.0231 2852 Dnscache - ok
07:01:15.0324 2852 DockLoginService (0840abbbdf438691ee65a20040635cbe) C:\Program Files\Dell\DellDock\DockLogin.exe
07:01:15.0324 2852 DockLoginService - ok
07:01:15.0371 2852 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
07:01:15.0387 2852 dot3svc - ok
07:01:15.0449 2852 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
07:01:15.0449 2852 DPS - ok
07:01:15.0496 2852 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
07:01:15.0496 2852 drmkaud - ok
07:01:15.0605 2852 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
07:01:15.0636 2852 DXGKrnl - ok
07:01:15.0699 2852 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
07:01:15.0699 2852 EapHost - ok
07:01:15.0886 2852 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
07:01:15.0948 2852 ebdrv - ok
07:01:16.0058 2852 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
07:01:16.0058 2852 EFS - ok
07:01:16.0167 2852 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
07:01:16.0182 2852 ehRecvr - ok
07:01:16.0214 2852 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
07:01:16.0214 2852 ehSched - ok
07:01:16.0307 2852 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
07:01:16.0338 2852 elxstor - ok
07:01:16.0432 2852 EpsonBidirectionalService (abdd5ad016affd34ad40e944ce94bf59) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
07:01:16.0463 2852 EpsonBidirectionalService - ok
07:01:16.0541 2852 EPSON_EB_RPCV4_04 (7db097f4f6786307168c0dddec43a565) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
07:01:16.0572 2852 EPSON_EB_RPCV4_04 - ok
07:01:16.0682 2852 EPSON_PM_RPCV4_04 (258aa65a0862e19b7de6981fda3758ad) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
07:01:16.0682 2852 EPSON_PM_RPCV4_04 - ok
07:01:16.0713 2852 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
07:01:16.0713 2852 ErrDev - ok
07:01:16.0775 2852 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
07:01:16.0791 2852 EventSystem - ok
07:01:16.0838 2852 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
07:01:16.0838 2852 exfat - ok
07:01:16.0916 2852 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
07:01:16.0916 2852 fastfat - ok
07:01:17.0009 2852 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
07:01:17.0040 2852 Fax - ok
07:01:17.0072 2852 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
07:01:17.0072 2852 fdc - ok
07:01:17.0103 2852 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
07:01:17.0103 2852 fdPHost - ok
07:01:17.0118 2852 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
07:01:17.0118 2852 FDResPub - ok
07:01:17.0150 2852 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
07:01:17.0150 2852 FileInfo - ok
07:01:17.0196 2852 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
07:01:17.0196 2852 Filetrace - ok
07:01:17.0228 2852 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
07:01:17.0228 2852 flpydisk - ok
07:01:17.0290 2852 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
07:01:17.0321 2852 FltMgr - ok
07:01:17.0415 2852 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
07:01:17.0462 2852 FontCache - ok
07:01:17.0555 2852 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
07:01:17.0555 2852 FontCache3.0.0.0 - ok
07:01:17.0602 2852 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
07:01:17.0602 2852 FsDepends - ok
07:01:17.0618 2852 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
07:01:17.0618 2852 Fs_Rec - ok
07:01:17.0680 2852 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
07:01:17.0680 2852 fvevol - ok
07:01:17.0742 2852 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
07:01:17.0742 2852 gagp30kx - ok
07:01:17.0836 2852 GamesAppService (c403c5db49a0f9aaf4f2128edc0106d8) C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
07:01:17.0836 2852 GamesAppService - ok
07:01:17.0867 2852 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
07:01:17.0867 2852 GEARAspiWDM - ok
07:01:17.0945 2852 GoToAssist (d3316f6e3c011435f36e3d6e49b3196c) C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
07:01:17.0945 2852 GoToAssist - ok
07:01:18.0023 2852 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
07:01:18.0054 2852 gpsvc - ok
07:01:18.0117 2852 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
07:01:18.0117 2852 gupdate - ok
07:01:18.0148 2852 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
07:01:18.0148 2852 gupdatem - ok
07:01:18.0195 2852 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
07:01:18.0195 2852 hcw85cir - ok
07:01:18.0273 2852 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
07:01:18.0273 2852 HDAudBus - ok
07:01:18.0320 2852 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
07:01:18.0320 2852 HECIx64 - ok
07:01:18.0351 2852 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
07:01:18.0351 2852 HidBatt - ok
07:01:18.0366 2852 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
07:01:18.0382 2852 HidBth - ok
07:01:18.0398 2852 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
07:01:18.0398 2852 HidIr - ok
07:01:18.0429 2852 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
07:01:18.0429 2852 hidserv - ok
07:01:18.0476 2852 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
07:01:18.0476 2852 HidUsb - ok
07:01:18.0507 2852 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
07:01:18.0507 2852 hkmsvc - ok
07:01:18.0554 2852 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
07:01:18.0569 2852 HomeGroupListener - ok
07:01:18.0616 2852 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
07:01:18.0616 2852 HomeGroupProvider - ok
07:01:18.0663 2852 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
07:01:18.0663 2852 HpSAMD - ok
07:01:18.0756 2852 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
07:01:18.0772 2852 HTTP - ok
07:01:18.0819 2852 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
07:01:18.0819 2852 hwpolicy - ok
07:01:18.0912 2852 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
07:01:18.0912 2852 i8042prt - ok
07:01:18.0975 2852 iaStor (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\DRIVERS\iaStor.sys
07:01:18.0975 2852 iaStor - ok
07:01:19.0068 2852 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
07:01:19.0115 2852 iaStorV - ok
07:01:19.0240 2852 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
07:01:19.0256 2852 idsvc - ok
07:01:19.0724 2852 igfx (31569a2e836c12014148bf7342716946) C:\Windows\system32\DRIVERS\igdkmd64.sys
07:01:19.0911 2852 igfx - ok
07:01:20.0051 2852 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
07:01:20.0051 2852 iirsp - ok
07:01:20.0129 2852 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
07:01:20.0145 2852 IKEEXT - ok
07:01:20.0176 2852 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys
07:01:20.0176 2852 Impcd - ok
07:01:20.0348 2852 IntcAzAudAddService (6e4ccb3aff07e2b9f2a937385c84b573) C:\Windows\system32\drivers\RTKVHD64.sys
07:01:20.0410 2852 IntcAzAudAddService - ok
07:01:20.0519 2852 IntcDAud (03c74719d48056a1078f3a51ceb76baa) C:\Windows\system32\DRIVERS\IntcDAud.sys
07:01:20.0519 2852 IntcDAud - ok
07:01:20.0551 2852 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
07:01:20.0551 2852 intelide - ok
07:01:20.0613 2852 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
07:01:20.0613 2852 intelppm - ok
07:01:20.0644 2852 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
07:01:20.0644 2852 IPBusEnum - ok
07:01:20.0691 2852 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
07:01:20.0691 2852 IpFilterDriver - ok
07:01:20.0769 2852 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
07:01:20.0785 2852 iphlpsvc - ok
07:01:20.0831 2852 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
07:01:20.0831 2852 IPMIDRV - ok
07:01:20.0878 2852 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
07:01:20.0878 2852 IPNAT - ok
07:01:21.0003 2852 iPod Service (e94503089df8976f5c4c9d5168e9765f) C:\Program Files\iPod\bin\iPodService.exe
07:01:21.0019 2852 iPod Service - ok
07:01:21.0065 2852 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
07:01:21.0065 2852 IRENUM - ok
07:01:21.0112 2852 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
07:01:21.0112 2852 isapnp - ok
07:01:21.0159 2852 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
07:01:21.0159 2852 iScsiPrt - ok
07:01:21.0190 2852 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
07:01:21.0190 2852 kbdclass - ok
07:01:21.0268 2852 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
07:01:21.0268 2852 kbdhid - ok
07:01:21.0315 2852 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
07:01:21.0315 2852 KeyIso - ok
07:01:21.0331 2852 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
07:01:21.0331 2852 KSecDD - ok
07:01:21.0362 2852 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
07:01:21.0362 2852 KSecPkg - ok
07:01:21.0393 2852 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
07:01:21.0409 2852 ksthunk - ok
07:01:21.0471 2852 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
07:01:21.0471 2852 KtmRm - ok
07:01:21.0533 2852 L1C (39918db0efcf045a1ce6fabbf339f975) C:\Windows\system32\DRIVERS\L1C62x64.sys
07:01:21.0533 2852 L1C - ok
07:01:21.0611 2852 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
07:01:21.0627 2852 LanmanServer - ok
07:01:21.0674 2852 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
07:01:21.0689 2852 LanmanWorkstation - ok
07:01:21.0736 2852 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
07:01:21.0736 2852 lltdio - ok
07:01:21.0799 2852 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
07:01:21.0799 2852 lltdsvc - ok
07:01:21.0814 2852 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
07:01:21.0814 2852 lmhosts - ok
07:01:21.0923 2852 LMS (23d990150d56b670a62b21b9abdd45ee) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
07:01:21.0939 2852 LMS - ok
07:01:21.0970 2852 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
07:01:21.0986 2852 LSI_FC - ok
07:01:22.0017 2852 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
07:01:22.0017 2852 LSI_SAS - ok
07:01:22.0048 2852 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
07:01:22.0048 2852 LSI_SAS2 - ok
07:01:22.0064 2852 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
07:01:22.0079 2852 LSI_SCSI - ok
07:01:22.0111 2852 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
07:01:22.0111 2852 luafv - ok
07:01:22.0204 2852 McAfee SiteAdvisor Service (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
07:01:22.0204 2852 McAfee SiteAdvisor Service - ok
07:01:22.0235 2852 McMPFSvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
07:01:22.0235 2852 McMPFSvc - ok
07:01:22.0251 2852 mcmscsvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
07:01:22.0251 2852 mcmscsvc - ok
07:01:22.0251 2852 McNaiAnn (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
07:01:22.0251 2852 McNaiAnn - ok
07:01:22.0282 2852 McNASvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
07:01:22.0282 2852 McNASvc - ok
07:01:22.0438 2852 McODS (dd2321925274f2902929d76ce2b0eb45) C:\Program Files\McAfee\VirusScan\mcods.exe
07:01:22.0438 2852 McODS - ok
07:01:22.0469 2852 McProxy (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
07:01:22.0469 2852 McProxy - ok
07:01:22.0547 2852 McShield (e998e3b12101288d716558466cbf6ae1) C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
07:01:22.0547 2852 McShield - ok
07:01:22.0594 2852 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
07:01:22.0594 2852 Mcx2Svc - ok
07:01:22.0610 2852 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
07:01:22.0610 2852 megasas - ok
07:01:22.0657 2852 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
07:01:22.0672 2852 MegaSR - ok
07:01:22.0750 2852 mfeapfk (01884cb7655c8908b43ff5e364fe6fd2) C:\Windows\system32\drivers\mfeapfk.sys
07:01:22.0750 2852 mfeapfk - ok
07:01:22.0813 2852 mfeavfk (dab9a9cdfb04e4d68924492aa043019d) C:\Windows\system32\drivers\mfeavfk.sys
07:01:22.0828 2852 mfeavfk - ok
07:01:22.0875 2852 mfefire (b26782c3d6045b4464017d7926877560) C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
07:01:22.0875 2852 mfefire - ok
07:01:22.0922 2852 mfefirek (ce9a3680675c0907ade16404ca967b49) C:\Windows\system32\drivers\mfefirek.sys
07:01:22.0937 2852 mfefirek - ok
07:01:23.0000 2852 mfehidk (60cf67458dd29cd17e77f2327b1a9a54) C:\Windows\system32\drivers\mfehidk.sys
07:01:23.0015 2852 mfehidk - ok
07:01:23.0062 2852 mfenlfk (a8129cfb919347f8533c934b365e9202) C:\Windows\system32\DRIVERS\mfenlfk.sys
07:01:23.0062 2852 mfenlfk - ok
07:01:23.0125 2852 mferkdet (5041fa2bd2b3a2693b015771bfbf6dca) C:\Windows\system32\drivers\mferkdet.sys
07:01:23.0125 2852 mferkdet - ok
07:01:23.0171 2852 mfevtp (723a5eb6cef7f408c3d0f15a82a6bff8) C:\Windows\system32\mfevtps.exe
07:01:23.0171 2852 mfevtp - ok
07:01:23.0218 2852 mfewfpk (919c56db14a0e1e2ab6da5d2821dc26e) C:\Windows\system32\drivers\mfewfpk.sys
07:01:23.0249 2852 mfewfpk - ok
07:01:23.0343 2852 Microsoft SharePoint Workspace Audit Service - ok
07:01:23.0390 2852 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
07:01:23.0390 2852 MMCSS - ok
07:01:23.0437 2852 MOBKbackup (8cc001c65c31633171991fa72a551d43) C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
07:01:23.0452 2852 MOBKbackup - ok
07:01:23.0468 2852 MOBKFilter (3800c23d0d90c59aafcdefdc82b5c4af) C:\Windows\system32\DRIVERS\MOBK.sys
07:01:23.0468 2852 MOBKFilter - ok
07:01:23.0499 2852 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
07:01:23.0499 2852 Modem - ok
07:01:23.0546 2852 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
07:01:23.0546 2852 monitor - ok
07:01:23.0593 2852 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
07:01:23.0608 2852 mouclass - ok
07:01:23.0624 2852 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
07:01:23.0624 2852 mouhid - ok
07:01:23.0655 2852 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
07:01:23.0655 2852 mountmgr - ok
07:01:23.0702 2852 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
07:01:23.0702 2852 mpio - ok
07:01:23.0733 2852 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
07:01:23.0733 2852 mpsdrv - ok
07:01:23.0827 2852 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
07:01:23.0842 2852 MpsSvc - ok
07:01:23.0873 2852 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
07:01:23.0873 2852 MRxDAV - ok
07:01:23.0920 2852 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
07:01:23.0920 2852 mrxsmb - ok
07:01:23.0967 2852 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
07:01:23.0983 2852 mrxsmb10 - ok
07:01:23.0998 2852 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
07:01:23.0998 2852 mrxsmb20 - ok
07:01:24.0045 2852 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
07:01:24.0045 2852 msahci - ok
07:01:24.0076 2852 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
07:01:24.0076 2852 msdsm - ok
07:01:24.0139 2852 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
07:01:24.0139 2852 MSDTC - ok
07:01:24.0170 2852 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
07:01:24.0170 2852 Msfs - ok
07:01:24.0185 2852 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
07:01:24.0201 2852 mshidkmdf - ok
07:01:24.0232 2852 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
07:01:24.0232 2852 msisadrv - ok
07:01:24.0279 2852 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
07:01:24.0279 2852 MSiSCSI - ok
07:01:24.0279 2852 msiserver - ok
07:01:24.0404 2852 MSK80Service (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
07:01:24.0404 2852 MSK80Service - ok
07:01:24.0451 2852 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
07:01:24.0451 2852 MSKSSRV - ok
07:01:24.0466 2852 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
07:01:24.0466 2852 MSPCLOCK - ok
07:01:24.0482 2852 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
07:01:24.0482 2852 MSPQM - ok
07:01:24.0560 2852 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
07:01:24.0575 2852 MsRPC - ok
07:01:24.0607 2852 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
07:01:24.0607 2852 mssmbios - ok
07:01:24.0638 2852 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
07:01:24.0653 2852 MSTEE - ok
07:01:24.0669 2852 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
07:01:24.0669 2852 MTConfig - ok
07:01:24.0716 2852 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
07:01:24.0731 2852 Mup - ok
07:01:24.0778 2852 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
07:01:24.0825 2852 napagent - ok
07:01:24.0887 2852 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
07:01:24.0903 2852 NativeWifiP - ok
07:01:24.0997 2852 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
07:01:24.0997 2852 NDIS - ok
07:01:25.0059 2852 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
07:01:25.0059 2852 NdisCap - ok
07:01:25.0090 2852 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
07:01:25.0090 2852 NdisTapi - ok
07:01:25.0121 2852 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
07:01:25.0121 2852 Ndisuio - ok
07:01:25.0153 2852 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
07:01:25.0153 2852 NdisWan - ok
07:01:25.0199 2852 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
07:01:25.0199 2852 NDProxy - ok
07:01:25.0231 2852 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
07:01:25.0231 2852 NetBIOS - ok
07:01:25.0293 2852 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
07:01:25.0293 2852 NetBT - ok
07:01:25.0340 2852 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
07:01:25.0340 2852 Netlogon - ok
07:01:25.0387 2852 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
07:01:25.0402 2852 Netman - ok
07:01:25.0449 2852 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
07:01:25.0465 2852 netprofm - ok
07:01:25.0574 2852 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
07:01:25.0574 2852 NetTcpPortSharing - ok
07:01:25.0636 2852 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
07:01:25.0636 2852 nfrd960 - ok
07:01:25.0683 2852 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
07:01:25.0699 2852 NlaSvc - ok
07:01:25.0714 2852 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
07:01:25.0714 2852 Npfs - ok
07:01:25.0730 2852 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
07:01:25.0730 2852 nsi - ok
07:01:25.0730 2852 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
07:01:25.0730 2852 nsiproxy - ok
07:01:25.0886 2852 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
07:01:25.0948 2852 Ntfs - ok
07:01:26.0057 2852 NuidFltr (4c08a14d04e62963e96e0bb57bbc953b) C:\Windows\system32\DRIVERS\NuidFltr.sys
07:01:26.0057 2852 NuidFltr - ok
07:01:26.0089 2852 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
07:01:26.0089 2852 Null - ok
07:01:26.0135 2852 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
07:01:26.0151 2852 nvraid - ok
07:01:26.0182 2852 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
07:01:26.0182 2852 nvstor - ok
07:01:26.0229 2852 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
07:01:26.0229 2852 nv_agp - ok
07:01:26.0276 2852 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
07:01:26.0291 2852 ohci1394 - ok
07:01:26.0369 2852 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
07:01:26.0369 2852 ose - ok
07:01:26.0650 2852 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
07:01:26.0744 2852 osppsvc - ok
07:01:26.0869 2852 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
07:01:26.0884 2852 p2pimsvc - ok
07:01:26.0931 2852 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
07:01:26.0947 2852 p2psvc - ok
07:01:26.0993 2852 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
07:01:26.0993 2852 Parport - ok
07:01:27.0025 2852 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
07:01:27.0025 2852 partmgr - ok
07:01:27.0071 2852 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
07:01:27.0087 2852 PcaSvc - ok
07:01:27.0181 2852 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 (7317a0b550f7ac0223b7070897670476) c:\program files\dell support center\pcdsrvc_x64.pkms
07:01:27.0212 2852 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - ok
07:01:27.0274 2852 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
07:01:27.0274 2852 pci - ok
07:01:27.0321 2852 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
07:01:27.0321 2852 pciide - ok
07:01:27.0368 2852 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
07:01:27.0368 2852 pcmcia - ok
07:01:27.0399 2852 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
07:01:27.0399 2852 pcw - ok
07:01:27.0446 2852 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
07:01:27.0461 2852 PEAUTH - ok
07:01:27.0539 2852 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
07:01:27.0571 2852 PerfHost - ok
07:01:27.0695 2852 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
07:01:27.0727 2852 pla - ok
07:01:27.0789 2852 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
07:01:27.0805 2852 PlugPlay - ok
07:01:27.0820 2852 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
07:01:27.0836 2852 PNRPAutoReg - ok
07:01:27.0867 2852 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
07:01:27.0867 2852 PNRPsvc - ok
07:01:27.0961 2852 Point64 (b23f79e41e30ed500586151a9ef27d8f) C:\Windows\system32\DRIVERS\point64.sys
07:01:27.0961 2852 Point64 - ok
07:01:28.0007 2852 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
07:01:28.0023 2852 PolicyAgent - ok
07:01:28.0070 2852 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
07:01:28.0070 2852 Power - ok
07:01:28.0132 2852 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
07:01:28.0132 2852 PptpMiniport - ok
07:01:28.0179 2852 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
07:01:28.0179 2852 Processor - ok
07:01:28.0241 2852 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
07:01:28.0257 2852 ProfSvc - ok
07:01:28.0288 2852 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
07:01:28.0288 2852 ProtectedStorage - ok
07:01:28.0351 2852 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
07:01:28.0351 2852 Psched - ok
07:01:28.0397 2852 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
07:01:28.0397 2852 PxHlpa64 - ok
07:01:28.0538 2852 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
07:01:28.0569 2852 ql2300 - ok
07:01:28.0694 2852 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
07:01:28.0694 2852 ql40xx - ok
07:01:28.0725 2852 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
07:01:28.0725 2852 QWAVE - ok
07:01:28.0756 2852 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
07:01:28.0756 2852 QWAVEdrv - ok
07:01:28.0772 2852 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
07:01:28.0772 2852 RasAcd - ok
07:01:28.0803 2852 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
07:01:28.0803 2852 RasAgileVpn - ok
07:01:28.0834 2852 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
07:01:28.0834 2852 RasAuto - ok
07:01:28.0865 2852 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
07:01:28.0865 2852 Rasl2tp - ok
07:01:28.0928 2852 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
07:01:28.0943 2852 RasMan - ok
07:01:28.0975 2852 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
07:01:28.0990 2852 RasPppoe - ok
07:01:29.0037 2852 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
07:01:29.0037 2852 RasSstp - ok
07:01:29.0099 2852 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
07:01:29.0099 2852 rdbss - ok
07:01:29.0115 2852 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
07:01:29.0115 2852 rdpbus - ok
07:01:29.0131 2852 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
07:01:29.0131 2852 RDPCDD - ok
07:01:29.0162 2852 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
07:01:29.0162 2852 RDPENCDD - ok
07:01:29.0177 2852 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
07:01:29.0193 2852 RDPREFMP - ok
07:01:29.0224 2852 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
07:01:29.0240 2852 RDPWD - ok
07:01:29.0302 2852 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
07:01:29.0318 2852 rdyboost - ok
07:01:29.0365 2852 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
07:01:29.0365 2852 RemoteAccess - ok
07:01:29.0396 2852 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
07:01:29.0396 2852 RemoteRegistry - ok
07:01:29.0443 2852 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
07:01:29.0458 2852 RFCOMM - ok
07:01:29.0521 2852 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
07:01:29.0521 2852 RpcEptMapper - ok
07:01:29.0552 2852 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
07:01:29.0552 2852 RpcLocator - ok
07:01:29.0614 2852 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
07:01:29.0630 2852 RpcSs - ok
07:01:29.0692 2852 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
07:01:29.0692 2852 rspndr - ok
07:01:29.0739 2852 RSUSBSTOR (22d6b47d004a6568c500680be2972854) C:\Windows\system32\Drivers\RtsUStor.sys
07:01:29.0739 2852 RSUSBSTOR - ok
07:01:29.0786 2852 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
07:01:29.0786 2852 SamSs - ok
07:01:29.0817 2852 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
07:01:29.0817 2852 sbp2port - ok
07:01:29.0864 2852 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
07:01:29.0879 2852 SCardSvr - ok
07:01:29.0911 2852 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
07:01:29.0926 2852 scfilter - ok
07:01:30.0020 2852 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
07:01:30.0035 2852 Schedule - ok
07:01:30.0082 2852 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
07:01:30.0082 2852 SCPolicySvc - ok
07:01:30.0129 2852 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
07:01:30.0129 2852 SDRSVC - ok
07:01:30.0191 2852 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
07:01:30.0207 2852 secdrv - ok
07:01:30.0254 2852 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
07:01:30.0254 2852 seclogon - ok
07:01:30.0285 2852 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
07:01:30.0301 2852 SENS - ok
07:01:30.0316 2852 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
07:01:30.0316 2852 SensrSvc - ok
07:01:30.0363 2852 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
07:01:30.0363 2852 Serenum - ok
07:01:30.0379 2852 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
07:01:30.0394 2852 Serial - ok
07:01:30.0441 2852 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
07:01:30.0441 2852 sermouse - ok
07:01:30.0488 2852 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
07:01:30.0503 2852 SessionEnv - ok
07:01:30.0535 2852 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
07:01:30.0535 2852 sffdisk - ok
07:01:30.0550 2852 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
07:01:30.0550 2852 sffp_mmc - ok
07:01:30.0581 2852 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
07:01:30.0581 2852 sffp_sd - ok
07:01:30.0613 2852 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
07:01:30.0613 2852 sfloppy - ok
07:01:30.0737 2852 SftService (e1974a92ac0914a3859359a0a8c82c68) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
07:01:30.0753 2852 SftService - ok
07:01:30.0815 2852 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
07:01:30.0831 2852 SharedAccess - ok
07:01:30.0893 2852 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
07:01:30.0909 2852 ShellHWDetection - ok
07:01:30.0971 2852 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
07:01:30.0971 2852 SiSRaid2 - ok
07:01:31.0003 2852 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
07:01:31.0003 2852 SiSRaid4 - ok
07:01:31.0034 2852 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
07:01:31.0034 2852 Smb - ok
07:01:31.0127 2852 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
07:01:31.0127 2852 SNMPTRAP - ok
07:01:31.0127 2852 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
07:01:31.0127 2852 spldr - ok
07:01:31.0190 2852 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
07:01:31.0221 2852 Spooler - ok
07:01:31.0424 2852 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
07:01:31.0502 2852 sppsvc - ok
07:01:31.0595 2852 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
07:01:31.0595 2852 sppuinotify - ok
07:01:31.0705 2852 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
07:01:31.0705 2852 srv - ok
07:01:31.0751 2852 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
07:01:31.0751 2852 srv2 - ok
07:01:31.0783 2852 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
07:01:31.0783 2852 srvnet - ok
07:01:31.0829 2852 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
07:01:31.0845 2852 SSDPSRV - ok
07:01:31.0861 2852 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
07:01:31.0861 2852 SstpSvc - ok
07:01:31.0892 2852 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
07:01:31.0892 2852 stexstor - ok
07:01:31.0954 2852 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
07:01:31.0970 2852 stisvc - ok
07:01:32.0017 2852 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
07:01:32.0017 2852 swenum - ok
07:01:32.0063 2852 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
07:01:32.0095 2852 swprv - ok
07:01:32.0126 2852 SynTP (c25866bdf0e818e02bb8e76845d26e54) C:\Windows\system32\DRIVERS\SynTP.sys
07:01:32.0126 2852 SynTP - ok
07:01:32.0266 2852 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
07:01:32.0313 2852 SysMain - ok
07:01:32.0422 2852 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
07:01:32.0422 2852 TabletInputService - ok
07:01:32.0485 2852 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
07:01:32.0500 2852 TapiSrv - ok
07:01:32.0531 2852 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
07:01:32.0531 2852 TBS - ok
07:01:32.0672 2852 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
07:01:32.0719 2852 Tcpip - ok
07:01:32.0953 2852 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
07:01:32.0953 2852 TCPIP6 - ok
07:01:33.0062 2852 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
07:01:33.0062 2852 tcpipreg - ok
07:01:33.0093 2852 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
07:01:33.0093 2852 TDPIPE - ok
07:01:33.0140 2852 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
07:01:33.0140 2852 TDTCP - ok
07:01:33.0171 2852 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
07:01:33.0171 2852 tdx - ok
07:01:33.0218 2852 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
07:01:33.0218 2852 TermDD - ok
07:01:33.0296 2852 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
07:01:33.0311 2852 TermService - ok
07:01:33.0343 2852 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
07:01:33.0343 2852 Themes - ok
07:01:33.0358 2852 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
07:01:33.0358 2852 THREADORDER - ok
07:01:33.0405 2852 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
07:01:33.0405 2852 TrkWks - ok
07:01:33.0467 2852 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
07:01:33.0467 2852 TrustedInstaller - ok
07:01:33.0514 2852 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
07:01:33.0514 2852 tssecsrv - ok
07:01:33.0577 2852 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
07:01:33.0577 2852 TsUsbFlt - ok
07:01:33.0639 2852 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
07:01:33.0639 2852 tunnel - ok
07:01:33.0686 2852 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
07:01:33.0686 2852 uagp35 - ok
07:01:33.0748 2852 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
07:01:33.0764 2852 udfs - ok
07:01:33.0811 2852 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
07:01:33.0811 2852 UI0Detect - ok
07:01:33.0857 2852 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
07:01:33.0857 2852 uliagpkx - ok
07:01:33.0904 2852 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
07:01:33.0904 2852 umbus - ok
07:01:33.0935 2852 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
07:01:33.0935 2852 UmPass - ok
07:01:34.0138 2852 UNS (cbdee152d73200ee49031a26310b9d3e) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
07:01:34.0185 2852 UNS - ok
07:01:34.0310 2852 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
07:01:34.0310 2852 upnphost - ok
07:01:34.0372 2852 USBAAPL64 (f724b03c3dfaacf08d17d38bf3333583) C:\Windows\system32\Drivers\usbaapl64.sys
07:01:34.0372 2852 USBAAPL64 - ok
07:01:34.0403 2852 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
07:01:34.0403 2852 usbccgp - ok
07:01:34.0450 2852 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
07:01:34.0466 2852 usbcir - ok
07:01:34.0513 2852 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
07:01:34.0513 2852 usbehci - ok
07:01:34.0575 2852 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
07:01:34.0591 2852 usbhub - ok
07:01:34.0606 2852 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
07:01:34.0606 2852 usbohci - ok
07:01:34.0653 2852 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
07:01:34.0653 2852 usbprint - ok
07:01:34.0700 2852 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
07:01:34.0700 2852 usbscan - ok
07:01:34.0747 2852 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
07:01:34.0747 2852 USBSTOR - ok
07:01:34.0778 2852 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
07:01:34.0778 2852 usbuhci - ok
07:01:34.0840 2852 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
07:01:34.0840 2852 usbvideo - ok
07:01:34.0887 2852 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
07:01:34.0887 2852 UxSms - ok
07:01:34.0918 2852 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
07:01:34.0918 2852 VaultSvc - ok
07:01:34.0965 2852 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
07:01:34.0965 2852 vdrvroot - ok
07:01:35.0059 2852 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
07:01:35.0074 2852 vds - ok
07:01:35.0105 2852 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
07:01:35.0105 2852 vga - ok
07:01:35.0121 2852 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
07:01:35.0121 2852 VgaSave - ok
07:01:35.0183 2852 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
07:01:35.0183 2852 vhdmp - ok
07:01:35.0246 2852 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
07:01:35.0246 2852 viaide - ok
07:01:35.0308 2852 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
07:01:35.0308 2852 volmgr - ok
07:01:35.0371 2852 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
07:01:35.0371 2852 volmgrx - ok
07:01:35.0402 2852 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
07:01:35.0433 2852 volsnap - ok
07:01:35.0480 2852 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
07:01:35.0480 2852 vsmraid - ok
07:01:35.0605 2852 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
07:01:35.0651 2852 VSS - ok
07:01:35.0761 2852 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
07:01:35.0761 2852 vwifibus - ok
07:01:35.0807 2852 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
07:01:35.0807 2852 vwififlt - ok
07:01:35.0870 2852 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
07:01:35.0870 2852 vwifimp - ok
07:01:35.0917 2852 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
07:01:35.0917 2852 W32Time - ok
07:01:35.0948 2852 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
07:01:35.0948 2852 WacomPen - ok
07:01:36.0026 2852 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
07:01:36.0026 2852 WANARP - ok
07:01:36.0026 2852 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
07:01:36.0026 2852 Wanarpv6 - ok
07:01:36.0182 2852 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
07:01:36.0213 2852 WatAdminSvc - ok
07:01:36.0353 2852 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
07:01:36.0385 2852 wbengine - ok
07:01:36.0494 2852 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
07:01:36.0509 2852 WbioSrvc - ok
07:01:36.0556 2852 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
07:01:36.0572 2852 wcncsvc - ok
07:01:36.0587 2852 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
07:01:36.0587 2852 WcsPlugInService - ok
07:01:36.0650 2852 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
07:01:36.0650 2852 Wd - ok
07:01:36.0712 2852 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
07:01:36.0728 2852 Wdf01000 - ok
07:01:36.0759 2852 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
07:01:36.0759 2852 WdiServiceHost - ok
07:01:36.0759 2852 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
07:01:36.0775 2852 WdiSystemHost - ok
07:01:36.0837 2852 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
07:01:36.0837 2852 WebClient - ok
07:01:36.0868 2852 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
07:01:36.0884 2852 Wecsvc - ok
07:01:36.0899 2852 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
07:01:36.0899 2852 wercplsupport - ok
07:01:36.0931 2852 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
07:01:36.0931 2852 WerSvc - ok
07:01:36.0993 2852 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
07:01:36.0993 2852 WfpLwf - ok
07:01:37.0071 2852 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
07:01:37.0071 2852 WimFltr - ok
07:01:37.0102 2852 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
07:01:37.0102 2852 WIMMount - ok
07:01:37.0133 2852 WinDefend - ok
07:01:37.0149 2852 WinHttpAutoProxySvc - ok
07:01:37.0211 2852 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
07:01:37.0227 2852 Winmgmt - ok
07:01:37.0367 2852 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
07:01:37.0399 2852 WinRM - ok
07:01:37.0555 2852 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
07:01:37.0555 2852 WinUsb - ok
07:01:37.0648 2852 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
07:01:37.0664 2852 Wlansvc - ok
07:01:37.0835 2852 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
07:01:37.0882 2852 wlidsvc - ok
07:01:38.0023 2852 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
07:01:38.0023 2852 WmiAcpi - ok
07:01:38.0085 2852 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
07:01:38.0101 2852 wmiApSrv - ok
07:01:38.0147 2852 WMPNetworkSvc - ok
07:01:38.0163 2852 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
07:01:38.0163 2852 WPCSvc - ok
07:01:38.0210 2852 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
07:01:38.0210 2852 WPDBusEnum - ok
07:01:38.0241 2852 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
07:01:38.0241 2852 ws2ifsl - ok
07:01:38.0257 2852 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
07:01:38.0257 2852 wscsvc - ok
07:01:38.0303 2852 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys
07:01:38.0303 2852 WSDPrintDevice - ok
07:01:38.0335 2852 WSDScan (4a2a5c50dd1a63577d3aca94269fbc7f) C:\Windows\system32\DRIVERS\WSDScan.sys
07:01:38.0335 2852 WSDScan - ok
07:01:38.0335 2852 WSearch - ok
07:01:38.0506 2852 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
07:01:38.0553 2852 wuauserv - ok
07:01:38.0678 2852 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
07:01:38.0678 2852 WudfPf - ok
07:01:38.0725 2852 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
07:01:38.0725 2852 WUDFRd - ok
07:01:38.0771 2852 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
07:01:38.0771 2852 wudfsvc - ok
07:01:38.0803 2852 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
07:01:38.0818 2852 WwanSvc - ok
07:01:38.0881 2852 {1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7} (74983addca2d9618512c088d856d6615) C:\Program Files (x86)\CyberLink\PowerDVD DX\000.fcl
07:01:38.0881 2852 {1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7} - ok
07:01:38.0927 2852 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
07:01:39.0286 2852 \Device\Harddisk0\DR0 - ok
07:01:39.0286 2852 Boot (0x1200) (79ed531b8aef9bad535b4adefc409b13) \Device\Harddisk0\DR0\Partition0
07:01:39.0302 2852 \Device\Harddisk0\DR0\Partition0 - ok
07:01:39.0317 2852 Boot (0x1200) (2340c985aa75654c7597e3a6ea3097d0) \Device\Harddisk0\DR0\Partition1
07:01:39.0317 2852 \Device\Harddisk0\DR0\Partition1 - ok
07:01:39.0317 2852 ============================================================
07:01:39.0317 2852 Scan finished
07:01:39.0317 2852 ============================================================
07:01:39.0333 2444 Detected object count: 0
07:01:39.0333 2444 Actual detected object count: 0

This is from the aswMBR scan:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-06-28 07:06:34
-----------------------------
07:06:34.439 OS Version: Windows x64 6.1.7601 Service Pack 1
07:06:34.439 Number of processors: 4 586 0x2505
07:06:34.439 ComputerName: LARS-PC UserName: Lars
07:06:35.406 Initialize success
07:17:46.956 AVAST engine defs: 12062800
07:20:13.752 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
07:20:13.768 Disk 0 Vendor: WDC_WD50 01.0 Size: 476940MB BusType: 3
07:20:13.783 Disk 0 MBR read successfully
07:20:13.814 Disk 0 MBR scan
07:20:13.830 Disk 0 Windows VISTA default MBR code
07:20:13.830 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 101 MB offset 63
07:20:13.846 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 15000 MB offset 208845
07:20:13.892 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 461837 MB offset 30928845
07:20:13.908 Disk 0 scanning C:\Windows\system32\drivers
07:20:23.970 Service scanning
07:21:01.629 Modules scanning
07:21:01.629 Disk 0 trace - called modules:
07:21:01.660 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
07:21:01.660 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004c09060]
07:21:01.660 3 CLASSPNP.SYS[fffff88001a0143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004943050]
07:21:03.017 AVAST engine scan C:\Windows
07:21:05.544 AVAST engine scan C:\Windows\system32
07:24:24.866 AVAST engine scan C:\Windows\system32\drivers
07:24:37.486 AVAST engine scan C:\Users\Lars
07:26:42.349 Disk 0 MBR has been saved successfully to "C:\MBR.dat"
07:26:42.364 The log file has been saved successfully to "C:\aswMBR.txt"

And here is the text file from the ESET scan:

C:\ProgramData\sdlP3ggqQYUPTv.exe a variant of Win32/Kryptik.AHLS trojan cleaned by deleting - quarantined
C:\ProgramData\xlSBCDGdOUbA.exe a variant of Win32/Kryptik.AHLS trojan cleaned by deleting - quarantined
C:\Users\Lars\AppData\Local\Temp\zu4dyelbYRcFBM.exe.tmp a variant of Win32/Kryptik.AHLS trojan cleaned by deleting - quarantined

#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:40 PM

Posted 28 June 2012 - 12:14 PM

Boot into normal mode

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Post the clean log


Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

#6 larsok

larsok
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:02:40 PM

Posted 28 June 2012 - 07:48 PM

Things are looking up.

Here is the scan log.

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.06.28.13

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Lars :: LARS-PC [administrator]

6/28/2012 5:33:00 PM
mbam-log-2012-06-28 (19-13-05).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 364150
Time elapsed: 1 hour(s), 38 minute(s), 36 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 2
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowMyComputer (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowSearch (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken.

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

I very much appreciate the help.
Regarding the mini toolbox result, maybe I'm being too cautious but there seems to be info that I don't necessarily want to post.
Is there anything in particular that is needed to see?

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:40 PM

Posted 28 June 2012 - 08:00 PM

MBAM infections have not been removed.Run scan again and remove it.

There is nothing in minitoolbox log to be worried about.If you still have problems posting here,send me a PM or post the log and later EDIT it

Is you files hidden? Does your startmenu look empty?

Edited by narenxp, 28 June 2012 - 08:39 PM.


#8 larsok

larsok
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:02:40 PM

Posted 28 June 2012 - 08:50 PM

Actually, I created the log before I clicked on "remove selected items". So I think it did remove them.
I ran the unhide utility again and things look better now. Still some things that don't look the same, but I'll probably figure those out.
Thanks again.
Here is the minitoolbox log:

MiniToolBox by Farbar Version: 25-06-2012
Ran by Lars (administrator) on 28-06-2012 at 19:24:19
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================



========================= IP Configuration: ================================

DW1501 Wireless-N WLAN Half-Mini Card = Wireless Network Connection (Connected)
Atheros AR8152 PCI-E Fast Ethernet Controller = Local Area Connection (Media disconnected)
Broadcom Virtual Wireless Adapter = Local Area Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration


DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.

Pinging google.com [74.125.225.39] with 32 bytes of data:
Reply from 74.125.225.39: bytes=32 time=72ms TTL=56
Reply from 74.125.225.39: bytes=32 time=58ms TTL=56

========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 06 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 10 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 06 C:\Program Files\Bonjour\mdnsNSP.dll [193824] (Apple Inc.)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 10 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (06/28/2012 05:29:32 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/28/2012 05:23:42 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {6ed26a82-80b7-437d-b247-e79ee46bffdb}

Error: (06/28/2012 08:18:39 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/27/2012 09:32:07 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {535c068d-4f9a-4d78-b5af-d72e8e005ab7}

Error: (06/27/2012 08:14:03 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {52be9570-0ed4-4a52-ba4c-a5bfc20a843a}

Error: (06/26/2012 05:32:07 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {19bda557-15a9-4923-9c1a-f48578981c73}

Error: (06/26/2012 05:13:09 PM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 8.0.7601.17514, time stamp: 0x4ce79912
Faulting module name: mshtml.dll, version: 8.0.7601.17744, time stamp: 0x4eeaf73c
Exception code: 0xc0000005
Fault offset: 0x001b78f3
Faulting process id: 0x262c
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (06/26/2012 05:02:44 PM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 8.0.7601.17514, time stamp: 0x4ce79912
Faulting module name: jvm.dll, version: 20.4.0.2, time stamp: 0x4e89b323
Exception code: 0xc0000005
Fault offset: 0x0005e4e2
Faulting process id: 0x1794
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (06/25/2012 05:08:11 PM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 8.0.7601.17514, time stamp: 0x4ce79912
Faulting module name: mshtml.dll, version: 8.0.7601.17744, time stamp: 0x4eeaf73c
Exception code: 0xc0000005
Fault offset: 0x001b78f3
Faulting process id: 0x22e0
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (06/25/2012 03:56:23 PM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 8.0.7601.17514, time stamp: 0x4ce79912
Faulting module name: mshtml.dll, version: 8.0.7601.17744, time stamp: 0x4eeaf73c
Exception code: 0xc0000005
Fault offset: 0x001b78f3
Faulting process id: 0x3300
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3


System errors:
=============
Error: (06/28/2012 06:50:15 AM) (Source: DCOM) (User: )
Description: 1068fdPHost{D3DCB472-7261-43CE-924B-0704BD730D5F}

Error: (06/28/2012 06:50:15 AM) (Source: DCOM) (User: )
Description: 1068fdPHost{145B4335-FE2A-4927-A040-7C35AD3180EF}

Error: (06/28/2012 06:41:13 AM) (Source: DCOM) (User: )
Description: 1084McNaiAnn{DC7EF8E1-824F-4110-AB43-1604DA9B4F40}

Error: (06/28/2012 06:37:43 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (06/28/2012 06:37:43 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (06/28/2012 06:37:43 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (06/28/2012 06:37:33 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (06/28/2012 06:37:33 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (06/28/2012 06:37:33 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (06/28/2012 06:37:32 AM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1068


Microsoft Office Sessions:
=========================
Error: (06/28/2012 05:29:32 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\esetsmartinstaller_enu.exe

Error: (06/28/2012 05:23:42 PM) (Source: VSS)(User: )
Description: 0x80070005, Access is denied.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {6ed26a82-80b7-437d-b247-e79ee46bffdb}

Error: (06/28/2012 08:18:39 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\esetsmartinstaller_enu.exe

Error: (06/27/2012 09:32:07 PM) (Source: VSS)(User: )
Description: 0x80070005, Access is denied.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {535c068d-4f9a-4d78-b5af-d72e8e005ab7}

Error: (06/27/2012 08:14:03 PM) (Source: VSS)(User: )
Description: 0x80070005, Access is denied.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {52be9570-0ed4-4a52-ba4c-a5bfc20a843a}

Error: (06/26/2012 05:32:07 PM) (Source: VSS)(User: )
Description: 0x80070005, Access is denied.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {19bda557-15a9-4923-9c1a-f48578981c73}

Error: (06/26/2012 05:13:09 PM) (Source: Application Error)(User: )
Description: iexplore.exe8.0.7601.175144ce79912mshtml.dll8.0.7601.177444eeaf73cc0000005001b78f3262c01cd53e89ee437e6C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mshtml.dll1bf69593-bfdc-11e1-aff5-f04da259b806

Error: (06/26/2012 05:02:44 PM) (Source: Application Error)(User: )
Description: iexplore.exe8.0.7601.175144ce79912jvm.dll20.4.0.24e89b323c00000050005e4e2179401cd51519d4b9d3aC:\Program Files (x86)\Internet Explorer\iexplore.exeC:\PROGRA~2\Java\jre6\bin\client\jvm.dlla7938c1e-bfda-11e1-aff5-f04da259b806

Error: (06/25/2012 05:08:11 PM) (Source: Application Error)(User: )
Description: iexplore.exe8.0.7601.175144ce79912mshtml.dll8.0.7601.177444eeaf73cc0000005001b78f322e001cd531e006876e3C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mshtml.dll3fecdfe4-bf12-11e1-aff5-f04da259b806

Error: (06/25/2012 03:56:23 PM) (Source: Application Error)(User: )
Description: iexplore.exe8.0.7601.175144ce79912mshtml.dll8.0.7601.177444eeaf73cc0000005001b78f3330001cd531261d50369C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mshtml.dll38263b17-bf08-11e1-aff5-f04da259b806

========================= Memory info: ===================================

Percentage of memory in use: 44%
Total physical RAM: 3892.52 MB
Available physical RAM: 2145.45 MB
Total Pagefile: 7783.24 MB
Available Pagefile: 5638.28 MB
Total Virtual: 4095.88 MB
Available Virtual: 3981.28 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:451.01 GB) (Free:366.08 GB) NTFS

========================= Users: ========================================

User accounts for \\LARS-PC

Administrator Guest Lars


**** End of log ****

Edited by larsok, 29 June 2012 - 06:39 AM.


#9 larsok

larsok
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:02:40 PM

Posted 28 June 2012 - 09:15 PM

Maybe you can suggest what I should do as far as antivirus software.
I currently have McAfee, but after this event I am no longer impressed with it.
Is there anyway I can use the Malwarebytes program that has fixed this problem, and can I then disable or uninstall McAfee?

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:40 PM

Posted 29 June 2012 - 01:29 AM

Malwarebytes is not an antivirus.If you're not happy with mcafee use microsoft security essentials+malwarebytes.

Download

TFC


Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp


Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#11 larsok

larsok
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:02:40 PM

Posted 29 June 2012 - 07:13 AM

I'm not sure what to click to create a new restore point after rebooting.
First the available drives are "recovery" and "OS(C:)(system)"
It also gives a message that "your new disk space setting is not large enough to store all existing restore points".
After rebooting, do I click "restore system settings and previous versions of files" or "only restore previous versions of files"?

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:40 PM

Posted 29 June 2012 - 07:33 AM

Click on OS C(SYSTEM)-configure-restore system settings and previous versions of files

Click ok.This should turn on your system restore

Now create a restore point

good luck

Edited by narenxp, 29 June 2012 - 07:34 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users