Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

McAfee firewall & Windows Firewall won't turn on


  • Please log in to reply
10 replies to this topic

#1 DexLem42

DexLem42

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:07:05 PM

Posted 07 April 2012 - 02:19 PM

Greetings....I hope you can help me with my problem. I have had McAfee Security Center installed on my computer since the day I bought it (approx. 2 years), & recently I've been getting alerts telling me that my computer is at risk because the firewall is not turned on, & when I go into settings, & click turn on, it comes on for a brief second, and then turns back off immediately. Got on to McAfee's help center, ran several programs they suggested, i.e. McAfee virtual technician, Stinger, & also programs suggested within their forum, i.e. Malwarebytes, Superantispyware, Tuneup Utilities, none of which helped resolve my issue. I even uninstalled/reinstalled McAfee, & the only thing it did was stop giving me the notices, but if I go into settings for the firewall, it still says its off, & when I click turn on, it does for a brief sec, then goes right back off again. And when I checked the Windows firewall, it gives me an error when I try to change the settings (Error code 0x80070424). In searching through forums, it's sounding like I've got some sort of Virus/Malware that is causing this, but I've pretty much exhausted all my resources in trying to fix this......I hope you can help. My system is a Dell XPS 8100, Windows 7 Home Premium Ver.6.1, Build 7601: SP1.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:05 PM

Posted 07 April 2012 - 04:35 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)



Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

#3 DexLem42

DexLem42
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:07:05 PM

Posted 08 April 2012 - 08:36 AM

Here are the results:



23:45:12.0239 3896 TDSS rootkit removing tool 2.7.26.0 Apr 4 2012 19:52:02
23:45:12.0834 3896 ============================================================
23:45:12.0834 3896 Current date / time: 2012/04/07 23:45:12.0834
23:45:12.0834 3896 SystemInfo:
23:45:12.0834 3896
23:45:12.0834 3896 OS Version: 6.1.7601 ServicePack: 1.0
23:45:12.0834 3896 Product type: Workstation
23:45:12.0834 3896 ComputerName: LEMMY2-PC
23:45:12.0834 3896 UserName: Lemmy2
23:45:12.0834 3896 Windows directory: C:\Windows
23:45:12.0834 3896 System windows directory: C:\Windows
23:45:12.0834 3896 Running under WOW64
23:45:12.0834 3896 Processor architecture: Intel x64
23:45:12.0834 3896 Number of processors: 4
23:45:12.0834 3896 Page size: 0x1000
23:45:12.0834 3896 Boot type: Normal boot
23:45:12.0834 3896 ============================================================
23:45:13.0623 3896 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:45:13.0625 3896 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
23:45:22.0650 3896 \Device\Harddisk0\DR0:
23:45:22.0650 3896 MBR used
23:45:22.0650 3896 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x15C3000
23:45:22.0650 3896 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x15D7000, BlocksNum 0x7312F000
23:45:22.0650 3896 \Device\Harddisk1\DR1:
23:45:22.0650 3896 MBR used
23:45:22.0651 3896 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02
23:45:22.0731 3896 Initialize success
23:45:22.0731 3896 ============================================================
23:46:00.0731 6808 ============================================================
23:46:00.0731 6808 Scan started
23:46:00.0731 6808 Mode: Manual; TDLFS;
23:46:00.0731 6808 ============================================================
23:46:01.0329 6808 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
23:46:01.0385 6808 1394ohci - ok
23:46:01.0420 6808 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
23:46:01.0422 6808 ACPI - ok
23:46:01.0449 6808 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
23:46:01.0505 6808 AcpiPmi - ok
23:46:01.0578 6808 Adobe LM Service (8b46d5a1d3ef08232c04d0eafb871fb2) C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
23:46:01.0654 6808 Adobe LM Service - ok
23:46:01.0797 6808 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
23:46:01.0861 6808 AdobeARMservice - ok
23:46:01.0888 6808 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
23:46:01.0899 6808 adp94xx - ok
23:46:01.0920 6808 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
23:46:01.0930 6808 adpahci - ok
23:46:01.0951 6808 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
23:46:01.0958 6808 adpu320 - ok
23:46:02.0005 6808 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
23:46:02.0010 6808 AeLookupSvc - ok
23:46:02.0057 6808 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
23:46:02.0116 6808 AFD - ok
23:46:02.0134 6808 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
23:46:02.0139 6808 agp440 - ok
23:46:02.0158 6808 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
23:46:02.0163 6808 ALG - ok
23:46:02.0191 6808 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
23:46:02.0196 6808 aliide - ok
23:46:02.0227 6808 AMD External Events Utility (f0e61cf2c0fda5b011cd1cb2e2353c9a) C:\Windows\system32\atiesrxx.exe
23:46:02.0281 6808 AMD External Events Utility - ok
23:46:02.0294 6808 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
23:46:02.0297 6808 amdide - ok
23:46:02.0317 6808 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
23:46:02.0321 6808 AmdK8 - ok
23:46:02.0417 6808 amdkmdag (cf3db4d8b2ce0b282ab39c9d846eca74) C:\Windows\system32\DRIVERS\atikmdag.sys
23:46:02.0520 6808 amdkmdag - ok
23:46:02.0536 6808 amdkmdap (7d07db26f6d3a16a6c8d34ce6c09fd01) C:\Windows\system32\DRIVERS\atikmpag.sys
23:46:02.0593 6808 amdkmdap - ok
23:46:02.0614 6808 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
23:46:02.0618 6808 AmdPPM - ok
23:46:02.0649 6808 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
23:46:02.0707 6808 amdsata - ok
23:46:02.0728 6808 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
23:46:02.0735 6808 amdsbs - ok
23:46:02.0750 6808 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
23:46:02.0751 6808 amdxata - ok
23:46:02.0788 6808 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
23:46:02.0844 6808 AppID - ok
23:46:02.0855 6808 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
23:46:02.0859 6808 AppIDSvc - ok
23:46:02.0870 6808 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
23:46:02.0871 6808 Appinfo - ok
23:46:03.0066 6808 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
23:46:03.0130 6808 Apple Mobile Device - ok
23:46:03.0151 6808 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
23:46:03.0154 6808 arc - ok
23:46:03.0182 6808 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
23:46:03.0189 6808 arcsas - ok
23:46:03.0213 6808 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
23:46:03.0219 6808 AsyncMac - ok
23:46:03.0264 6808 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
23:46:03.0267 6808 atapi - ok
23:46:03.0299 6808 AtiHdmiService (637e0753bd6deb8ea5314a5c357ec1a0) C:\Windows\system32\drivers\AtiHdmi.sys
23:46:03.0352 6808 AtiHdmiService - ok
23:46:03.0373 6808 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
23:46:03.0416 6808 AudioEndpointBuilder - ok
23:46:03.0424 6808 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
23:46:03.0467 6808 AudioSrv - ok
23:46:03.0502 6808 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
23:46:03.0545 6808 AxInstSV - ok
23:46:03.0564 6808 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
23:46:03.0579 6808 b06bdrv - ok
23:46:03.0604 6808 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
23:46:03.0611 6808 b57nd60a - ok
23:46:03.0648 6808 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
23:46:03.0652 6808 BDESVC - ok
23:46:03.0669 6808 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
23:46:03.0675 6808 Beep - ok
23:46:03.0758 6808 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
23:46:03.0843 6808 BITS - ok
23:46:03.0861 6808 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
23:46:03.0867 6808 blbdrive - ok
23:46:03.0948 6808 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
23:46:04.0003 6808 Bonjour Service - ok
23:46:04.0018 6808 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
23:46:04.0019 6808 bowser - ok
23:46:04.0120 6808 BrcmMgmtAgent (50147ce97418865f881238c79194a658) C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe
23:46:04.0171 6808 BrcmMgmtAgent - ok
23:46:04.0187 6808 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
23:46:04.0194 6808 BrFiltLo - ok
23:46:04.0208 6808 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
23:46:04.0214 6808 BrFiltUp - ok
23:46:04.0232 6808 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
23:46:04.0233 6808 Browser - ok
23:46:04.0257 6808 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
23:46:04.0265 6808 Brserid - ok
23:46:04.0285 6808 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
23:46:04.0291 6808 BrSerWdm - ok
23:46:04.0307 6808 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
23:46:04.0311 6808 BrUsbMdm - ok
23:46:04.0344 6808 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
23:46:04.0346 6808 BrUsbSer - ok
23:46:04.0374 6808 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
23:46:04.0377 6808 BTHMODEM - ok
23:46:04.0396 6808 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
23:46:04.0398 6808 bthserv - ok
23:46:04.0431 6808 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
23:46:04.0437 6808 cdfs - ok
23:46:04.0461 6808 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
23:46:04.0512 6808 cdrom - ok
23:46:04.0537 6808 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
23:46:04.0578 6808 CertPropSvc - ok
23:46:04.0617 6808 cfwids (ed0263b2eb24f0f4e3898036fa1d28a1) C:\Windows\system32\drivers\cfwids.sys
23:46:04.0669 6808 cfwids - ok
23:46:04.0686 6808 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
23:46:04.0689 6808 circlass - ok
23:46:04.0713 6808 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
23:46:04.0717 6808 CLFS - ok
23:46:04.0812 6808 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:46:04.0815 6808 clr_optimization_v2.0.50727_32 - ok
23:46:04.0882 6808 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:46:04.0887 6808 clr_optimization_v2.0.50727_64 - ok
23:46:04.0976 6808 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:46:05.0036 6808 clr_optimization_v4.0.30319_32 - ok
23:46:05.0061 6808 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:46:05.0120 6808 clr_optimization_v4.0.30319_64 - ok
23:46:05.0145 6808 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
23:46:05.0150 6808 CmBatt - ok
23:46:05.0385 6808 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
23:46:05.0388 6808 cmdide - ok
23:46:05.0434 6808 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
23:46:05.0445 6808 CNG - ok
23:46:05.0472 6808 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
23:46:05.0478 6808 Compbatt - ok
23:46:05.0495 6808 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
23:46:05.0552 6808 CompositeBus - ok
23:46:05.0558 6808 COMSysApp - ok
23:46:05.0605 6808 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
23:46:05.0607 6808 crcdisk - ok
23:46:05.0654 6808 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
23:46:05.0655 6808 CryptSvc - ok
23:46:05.0724 6808 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
23:46:05.0732 6808 DcomLaunch - ok
23:46:05.0772 6808 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
23:46:05.0780 6808 defragsvc - ok
23:46:05.0851 6808 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
23:46:05.0852 6808 DfsC - ok
23:46:05.0887 6808 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
23:46:05.0889 6808 Dhcp - ok
23:46:05.0902 6808 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
23:46:05.0905 6808 discache - ok
23:46:05.0921 6808 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
23:46:05.0922 6808 Disk - ok
23:46:05.0986 6808 dleaCATSCustConnectService (1017d70abe5483f40c10b7774397d120) C:\Windows\system32\spool\DRIVERS\x64\3\\dleaserv.exe
23:46:06.0040 6808 dleaCATSCustConnectService - ok
23:46:06.0046 6808 dlea_device - ok
23:46:06.0067 6808 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
23:46:06.0107 6808 Dnscache - ok
23:46:06.0210 6808 DockLoginService (0840abbbdf438691ee65a20040635cbe) C:\Program Files\Dell\DellDock\DockLogin.exe
23:46:06.0267 6808 DockLoginService - ok
23:46:06.0293 6808 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
23:46:06.0334 6808 dot3svc - ok
23:46:06.0351 6808 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
23:46:06.0354 6808 DPS - ok
23:46:06.0409 6808 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
23:46:06.0419 6808 drmkaud - ok
23:46:06.0459 6808 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
23:46:06.0523 6808 DXGKrnl - ok
23:46:06.0573 6808 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
23:46:06.0577 6808 EapHost - ok
23:46:06.0646 6808 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
23:46:06.0685 6808 ebdrv - ok
23:46:06.0745 6808 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
23:46:06.0799 6808 EFS - ok
23:46:06.0899 6808 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
23:46:06.0953 6808 ehRecvr - ok
23:46:06.0967 6808 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
23:46:06.0969 6808 ehSched - ok
23:46:07.0003 6808 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
23:46:07.0011 6808 elxstor - ok
23:46:07.0033 6808 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
23:46:07.0037 6808 ErrDev - ok
23:46:07.0114 6808 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
23:46:07.0119 6808 EventSystem - ok
23:46:07.0141 6808 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
23:46:07.0149 6808 exfat - ok
23:46:07.0175 6808 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
23:46:07.0177 6808 fastfat - ok
23:46:07.0210 6808 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
23:46:07.0271 6808 Fax - ok
23:46:07.0295 6808 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
23:46:07.0299 6808 fdc - ok
23:46:07.0315 6808 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
23:46:07.0316 6808 fdPHost - ok
23:46:07.0330 6808 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
23:46:07.0331 6808 FDResPub - ok
23:46:07.0340 6808 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
23:46:07.0341 6808 FileInfo - ok
23:46:07.0355 6808 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
23:46:07.0358 6808 Filetrace - ok
23:46:07.0447 6808 FLEXnet Licensing Service (8669be94f63944e4f899c3950b520241) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
23:46:07.0535 6808 FLEXnet Licensing Service - ok
23:46:07.0559 6808 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
23:46:07.0563 6808 flpydisk - ok
23:46:07.0579 6808 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
23:46:07.0582 6808 FltMgr - ok
23:46:07.0629 6808 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
23:46:07.0672 6808 FontCache - ok
23:46:07.0756 6808 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:46:07.0815 6808 FontCache3.0.0.0 - ok
23:46:07.0830 6808 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
23:46:07.0834 6808 FsDepends - ok
23:46:07.0852 6808 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
23:46:07.0908 6808 fssfltr - ok
23:46:07.0996 6808 fsssvc (40cdfad174b3d5e80f95dda003c0b97f) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
23:46:08.0063 6808 fsssvc - ok
23:46:08.0075 6808 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
23:46:08.0077 6808 Fs_Rec - ok
23:46:08.0095 6808 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
23:46:08.0100 6808 fvevol - ok
23:46:08.0119 6808 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
23:46:08.0128 6808 gagp30kx - ok
23:46:08.0146 6808 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
23:46:08.0198 6808 GEARAspiWDM - ok
23:46:08.0264 6808 GoToAssist (8f6ae606eb0cc884ee12c41948424422) C:\Program Files (x86)\Citrix\GoToAssist\615\g2aservice.exe
23:46:08.0321 6808 GoToAssist - ok
23:46:08.0347 6808 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
23:46:08.0395 6808 gpsvc - ok
23:46:08.0410 6808 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
23:46:08.0413 6808 hcw85cir - ok
23:46:08.0428 6808 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
23:46:08.0478 6808 HDAudBus - ok
23:46:08.0519 6808 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
23:46:08.0572 6808 HECIx64 - ok
23:46:08.0590 6808 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
23:46:08.0593 6808 HidBatt - ok
23:46:08.0657 6808 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
23:46:08.0662 6808 HidBth - ok
23:46:08.0678 6808 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
23:46:08.0681 6808 HidIr - ok
23:46:08.0708 6808 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
23:46:08.0713 6808 hidserv - ok
23:46:08.0769 6808 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
23:46:08.0821 6808 HidUsb - ok
23:46:08.0854 6808 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
23:46:08.0897 6808 hkmsvc - ok
23:46:08.0909 6808 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
23:46:08.0949 6808 HomeGroupListener - ok
23:46:08.0990 6808 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
23:46:08.0992 6808 HomeGroupProvider - ok
23:46:09.0012 6808 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
23:46:09.0066 6808 HpSAMD - ok
23:46:09.0099 6808 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
23:46:09.0158 6808 HTTP - ok
23:46:09.0176 6808 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
23:46:09.0176 6808 hwpolicy - ok
23:46:09.0204 6808 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
23:46:09.0212 6808 i8042prt - ok
23:46:09.0235 6808 iaStor (631fa8935163b01fc0c02966cb3adb92) C:\Windows\system32\DRIVERS\iaStor.sys
23:46:09.0237 6808 iaStor - ok
23:46:09.0368 6808 IAStorDataMgrSvc (7493ea4de41348f7d3edbf9db298f56a) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
23:46:09.0428 6808 IAStorDataMgrSvc - ok
23:46:09.0445 6808 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
23:46:09.0503 6808 iaStorV - ok
23:46:09.0675 6808 IDriverT (6f95324909b502e2651442c1548ab12f) C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
23:46:09.0684 6808 IDriverT - ok
23:46:09.0793 6808 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:46:09.0855 6808 idsvc - ok
23:46:09.0871 6808 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
23:46:09.0879 6808 iirsp - ok
23:46:09.0918 6808 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
23:46:09.0963 6808 IKEEXT - ok
23:46:09.0979 6808 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys
23:46:10.0031 6808 Impcd - ok
23:46:10.0111 6808 IntcAzAudAddService (ee64207f2f5c20bfe5f73db2566c4601) C:\Windows\system32\drivers\RTKVHD64.sys
23:46:10.0173 6808 IntcAzAudAddService - ok
23:46:10.0196 6808 IntcDAud (58cf58dee26c909bd6f977b61d246295) C:\Windows\system32\DRIVERS\IntcDAud.sys
23:46:10.0249 6808 IntcDAud - ok
23:46:10.0263 6808 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
23:46:10.0264 6808 intelide - ok
23:46:10.0289 6808 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
23:46:10.0295 6808 intelppm - ok
23:46:10.0320 6808 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
23:46:10.0326 6808 IPBusEnum - ok
23:46:10.0357 6808 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:46:10.0411 6808 IpFilterDriver - ok
23:46:10.0434 6808 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
23:46:10.0486 6808 IPMIDRV - ok
23:46:10.0509 6808 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
23:46:10.0516 6808 IPNAT - ok
23:46:10.0598 6808 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe
23:46:10.0661 6808 iPod Service - ok
23:46:10.0698 6808 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
23:46:10.0702 6808 IRENUM - ok
23:46:10.0717 6808 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
23:46:10.0720 6808 isapnp - ok
23:46:10.0796 6808 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
23:46:10.0853 6808 iScsiPrt - ok
23:46:10.0925 6808 k57nd60a (d85f3f18e44f7447b5f1ba5c85baeb7c) C:\Windows\system32\DRIVERS\k57nd60a.sys
23:46:10.0927 6808 k57nd60a - ok
23:46:10.0977 6808 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
23:46:10.0983 6808 kbdclass - ok
23:46:10.0995 6808 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
23:46:11.0047 6808 kbdhid - ok
23:46:11.0091 6808 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
23:46:11.0147 6808 KeyIso - ok
23:46:11.0162 6808 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
23:46:11.0163 6808 KSecDD - ok
23:46:11.0177 6808 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
23:46:11.0179 6808 KSecPkg - ok
23:46:11.0192 6808 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
23:46:11.0197 6808 ksthunk - ok
23:46:11.0277 6808 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
23:46:11.0287 6808 KtmRm - ok
23:46:11.0353 6808 L6BODP (1107dd2b04a2c73ccbb614c12c70b775) C:\Windows\system32\Drivers\L6BODP64.sys
23:46:11.0412 6808 L6BODP - ok
23:46:11.0454 6808 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
23:46:11.0456 6808 LanmanServer - ok
23:46:11.0517 6808 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
23:46:11.0520 6808 LanmanWorkstation - ok
23:46:11.0557 6808 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
23:46:11.0561 6808 lltdio - ok
23:46:11.0581 6808 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
23:46:11.0587 6808 lltdsvc - ok
23:46:11.0626 6808 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
23:46:11.0632 6808 lmhosts - ok
23:46:11.0762 6808 LMS (0b4f38aa22d5634c48edb18fe257f005) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
23:46:11.0851 6808 LMS - ok
23:46:11.0877 6808 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
23:46:11.0882 6808 LSI_FC - ok
23:46:11.0898 6808 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
23:46:11.0901 6808 LSI_SAS - ok
23:46:11.0923 6808 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
23:46:11.0926 6808 LSI_SAS2 - ok
23:46:11.0949 6808 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
23:46:11.0954 6808 LSI_SCSI - ok
23:46:12.0011 6808 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
23:46:12.0012 6808 luafv - ok
23:46:12.0059 6808 McAfee SiteAdvisor Service (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
23:46:12.0112 6808 McAfee SiteAdvisor Service - ok
23:46:12.0127 6808 McMPFSvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
23:46:12.0128 6808 McMPFSvc - ok
23:46:12.0133 6808 mcmscsvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
23:46:12.0134 6808 mcmscsvc - ok
23:46:12.0138 6808 McNaiAnn (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
23:46:12.0142 6808 McNaiAnn - ok
23:46:12.0156 6808 McNASvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
23:46:12.0157 6808 McNASvc - ok
23:46:12.0229 6808 McODS (b3914a7c97a81acb1e9befe07e4c387f) C:\Program Files\McAfee\VirusScan\mcods.exe
23:46:12.0231 6808 McODS - ok
23:46:12.0250 6808 McProxy (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
23:46:12.0252 6808 McProxy - ok
23:46:12.0293 6808 McShield (4a463d645b48bb487ca7df12ba5d1602) C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
23:46:12.0347 6808 McShield - ok
23:46:12.0361 6808 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
23:46:12.0406 6808 Mcx2Svc - ok
23:46:12.0424 6808 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
23:46:12.0430 6808 megasas - ok
23:46:12.0448 6808 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
23:46:12.0455 6808 MegaSR - ok
23:46:12.0480 6808 mfeapfk (ef3acfb7e3f82d5f7cde9ef5f0a4e2e2) C:\Windows\system32\drivers\mfeapfk.sys
23:46:12.0534 6808 mfeapfk - ok
23:46:12.0557 6808 mfeavfk (e7a60bdb4365b561d896019b82fb7dd0) C:\Windows\system32\drivers\mfeavfk.sys
23:46:12.0613 6808 mfeavfk - ok
23:46:12.0620 6808 mfeavfk01 - ok
23:46:12.0648 6808 mfefire (c53b7aba204d9f7e9568ec147a1485c5) C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
23:46:12.0701 6808 mfefire - ok
23:46:12.0722 6808 mfefirek (670dffe55e2f9ab99d9169c428bcece9) C:\Windows\system32\drivers\mfefirek.sys
23:46:12.0785 6808 mfefirek - ok
23:46:12.0830 6808 mfehidk (1892616b7f9291fd77c3fa0a5811fe9f) C:\Windows\system32\drivers\mfehidk.sys
23:46:12.0836 6808 mfehidk - ok
23:46:12.0866 6808 mfenlfk (1721261c77f6e7a9e0cb51b7d9f31b60) C:\Windows\system32\DRIVERS\mfenlfk.sys
23:46:12.0922 6808 mfenlfk - ok
23:46:12.0956 6808 mferkdet (65776bd8029e409935b90de30bf99526) C:\Windows\system32\drivers\mferkdet.sys
23:46:12.0958 6808 mferkdet - ok
23:46:13.0007 6808 mfevtp (3ed58a36f7f7d60f0ef44d29810b0b80) C:\Windows\system32\mfevtps.exe
23:46:13.0061 6808 mfevtp - ok
23:46:13.0076 6808 mfewfpk (4f17d8b85b903d96ef7033bb6ef50516) C:\Windows\system32\drivers\mfewfpk.sys
23:46:13.0079 6808 mfewfpk - ok
23:46:13.0167 6808 Microsoft SharePoint Workspace Audit Service - ok
23:46:13.0211 6808 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
23:46:13.0213 6808 MMCSS - ok
23:46:13.0230 6808 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
23:46:13.0233 6808 Modem - ok
23:46:13.0263 6808 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
23:46:13.0263 6808 monitor - ok
23:46:13.0290 6808 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
23:46:13.0296 6808 mouclass - ok
23:46:13.0327 6808 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
23:46:13.0332 6808 mouhid - ok
23:46:13.0346 6808 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
23:46:13.0347 6808 mountmgr - ok
23:46:13.0387 6808 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
23:46:13.0443 6808 mpio - ok
23:46:13.0459 6808 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
23:46:13.0465 6808 mpsdrv - ok
23:46:13.0491 6808 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
23:46:13.0549 6808 MRxDAV - ok
23:46:13.0575 6808 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
23:46:13.0577 6808 mrxsmb - ok
23:46:13.0591 6808 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:46:13.0594 6808 mrxsmb10 - ok
23:46:13.0609 6808 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:46:13.0610 6808 mrxsmb20 - ok
23:46:13.0655 6808 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
23:46:13.0713 6808 msahci - ok
23:46:13.0726 6808 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
23:46:13.0787 6808 msdsm - ok
23:46:13.0806 6808 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
23:46:13.0813 6808 MSDTC - ok
23:46:13.0847 6808 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
23:46:13.0848 6808 Msfs - ok
23:46:13.0858 6808 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
23:46:13.0864 6808 mshidkmdf - ok
23:46:13.0878 6808 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
23:46:13.0880 6808 msisadrv - ok
23:46:13.0916 6808 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
23:46:13.0922 6808 MSiSCSI - ok
23:46:13.0930 6808 msiserver - ok
23:46:13.0971 6808 MSK80Service (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
23:46:13.0973 6808 MSK80Service - ok
23:46:13.0996 6808 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
23:46:14.0002 6808 MSKSSRV - ok
23:46:14.0020 6808 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
23:46:14.0026 6808 MSPCLOCK - ok
23:46:14.0034 6808 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
23:46:14.0038 6808 MSPQM - ok
23:46:14.0059 6808 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
23:46:14.0063 6808 MsRPC - ok
23:46:14.0073 6808 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
23:46:14.0078 6808 mssmbios - ok
23:46:14.0098 6808 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
23:46:14.0103 6808 MSTEE - ok
23:46:14.0125 6808 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
23:46:14.0132 6808 MTConfig - ok
23:46:14.0163 6808 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
23:46:14.0164 6808 Mup - ok
23:46:14.0231 6808 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
23:46:14.0274 6808 napagent - ok
23:46:14.0300 6808 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
23:46:14.0308 6808 NativeWifiP - ok
23:46:14.0367 6808 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
23:46:14.0376 6808 NDIS - ok
23:46:14.0394 6808 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
23:46:14.0400 6808 NdisCap - ok
23:46:14.0407 6808 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
23:46:14.0413 6808 NdisTapi - ok
23:46:14.0433 6808 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
23:46:14.0485 6808 Ndisuio - ok
23:46:14.0506 6808 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
23:46:14.0558 6808 NdisWan - ok
23:46:14.0573 6808 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
23:46:14.0625 6808 NDProxy - ok
23:46:14.0641 6808 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
23:46:14.0642 6808 NetBIOS - ok
23:46:14.0660 6808 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
23:46:14.0711 6808 NetBT - ok
23:46:14.0750 6808 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
23:46:14.0805 6808 Netlogon - ok
23:46:14.0857 6808 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
23:46:14.0864 6808 Netman - ok
23:46:14.0883 6808 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
23:46:14.0890 6808 netprofm - ok
23:46:15.0007 6808 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:46:15.0012 6808 NetTcpPortSharing - ok
23:46:15.0044 6808 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
23:46:15.0048 6808 nfrd960 - ok
23:46:15.0067 6808 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
23:46:15.0069 6808 NlaSvc - ok
23:46:15.0084 6808 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
23:46:15.0085 6808 Npfs - ok
23:46:15.0104 6808 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
23:46:15.0105 6808 nsi - ok
23:46:15.0123 6808 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
23:46:15.0126 6808 nsiproxy - ok
23:46:15.0170 6808 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
23:46:15.0184 6808 Ntfs - ok
23:46:15.0199 6808 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
23:46:15.0206 6808 Null - ok
23:46:15.0242 6808 NUVision - ok
23:46:15.0290 6808 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
23:46:15.0345 6808 nvraid - ok
23:46:15.0365 6808 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
23:46:15.0422 6808 nvstor - ok
23:46:15.0441 6808 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
23:46:15.0448 6808 nv_agp - ok
23:46:15.0472 6808 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
23:46:15.0479 6808 ohci1394 - ok
23:46:15.0582 6808 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:46:15.0584 6808 ose - ok
23:46:15.0761 6808 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
23:46:15.0800 6808 osppsvc - ok
23:46:15.0851 6808 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
23:46:15.0856 6808 p2pimsvc - ok
23:46:15.0879 6808 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
23:46:15.0882 6808 p2psvc - ok
23:46:15.0906 6808 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
23:46:15.0911 6808 Parport - ok
23:46:15.0933 6808 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
23:46:15.0934 6808 partmgr - ok
23:46:15.0947 6808 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
23:46:15.0953 6808 PcaSvc - ok
23:46:16.0004 6808 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 (7317a0b550f7ac0223b7070897670476) c:\program files\dell support center\pcdsrvc_x64.pkms
23:46:16.0057 6808 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - ok
23:46:16.0074 6808 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
23:46:16.0076 6808 pci - ok
23:46:16.0095 6808 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
23:46:16.0101 6808 pciide - ok
23:46:16.0125 6808 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
23:46:16.0131 6808 pcmcia - ok
23:46:16.0146 6808 pcouffin (af7ce12c4f3dc8cb2b07685c916bbcfe) C:\Windows\system32\Drivers\pcouffin.sys
23:46:16.0198 6808 pcouffin - ok
23:46:16.0223 6808 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
23:46:16.0224 6808 pcw - ok
23:46:16.0245 6808 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
23:46:16.0257 6808 PEAUTH - ok
23:46:16.0317 6808 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
23:46:16.0318 6808 PerfHost - ok
23:46:16.0355 6808 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
23:46:16.0398 6808 pla - ok
23:46:16.0453 6808 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
23:46:16.0494 6808 PlugPlay - ok
23:46:16.0518 6808 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
23:46:16.0524 6808 PNRPAutoReg - ok
23:46:16.0534 6808 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
23:46:16.0537 6808 PNRPsvc - ok
23:46:16.0610 6808 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
23:46:16.0656 6808 PolicyAgent - ok
23:46:16.0678 6808 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
23:46:16.0684 6808 Power - ok
23:46:16.0729 6808 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
23:46:16.0781 6808 PptpMiniport - ok
23:46:16.0810 6808 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
23:46:16.0813 6808 Processor - ok
23:46:16.0830 6808 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
23:46:16.0833 6808 ProfSvc - ok
23:46:16.0895 6808 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
23:46:16.0949 6808 ProtectedStorage - ok
23:46:16.0997 6808 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
23:46:17.0048 6808 Psched - ok
23:46:17.0058 6808 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
23:46:17.0114 6808 PxHlpa64 - ok
23:46:17.0159 6808 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
23:46:17.0179 6808 ql2300 - ok
23:46:17.0216 6808 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
23:46:17.0219 6808 ql40xx - ok
23:46:17.0268 6808 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
23:46:17.0273 6808 QWAVE - ok
23:46:17.0289 6808 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
23:46:17.0294 6808 QWAVEdrv - ok
23:46:17.0307 6808 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
23:46:17.0311 6808 RasAcd - ok
23:46:17.0354 6808 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
23:46:17.0357 6808 RasAgileVpn - ok
23:46:17.0372 6808 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
23:46:17.0380 6808 RasAuto - ok
23:46:17.0397 6808 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
23:46:17.0449 6808 Rasl2tp - ok
23:46:17.0465 6808 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
23:46:17.0506 6808 RasMan - ok
23:46:17.0518 6808 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
23:46:17.0525 6808 RasPppoe - ok
23:46:17.0573 6808 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
23:46:17.0576 6808 RasSstp - ok
23:46:17.0594 6808 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
23:46:17.0598 6808 rdbss - ok
23:46:17.0614 6808 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
23:46:17.0620 6808 rdpbus - ok
23:46:17.0637 6808 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
23:46:17.0639 6808 RDPCDD - ok
23:46:17.0656 6808 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
23:46:17.0659 6808 RDPENCDD - ok
23:46:17.0671 6808 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
23:46:17.0673 6808 RDPREFMP - ok
23:46:17.0716 6808 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
23:46:17.0767 6808 RDPWD - ok
23:46:17.0786 6808 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
23:46:17.0789 6808 rdyboost - ok
23:46:17.0821 6808 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
23:46:17.0827 6808 RemoteAccess - ok
23:46:17.0835 6808 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
23:46:17.0839 6808 RemoteRegistry - ok
23:46:17.0860 6808 RimUsb - ok
23:46:17.0916 6808 RimVSerPort (c903d49655b4aae46673f0aaa6be0f58) C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
23:46:17.0969 6808 RimVSerPort - ok
23:46:18.0049 6808 ROOTMODEM (388d3dd1a6457280f3badba9f3acd6b1) C:\Windows\system32\Drivers\RootMdm.sys
23:46:18.0054 6808 ROOTMODEM - ok
23:46:18.0189 6808 RoxMediaDB10 (05fc44d32a144925eae45570029fd6e1) c:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
23:46:18.0257 6808 RoxMediaDB10 - ok
23:46:18.0279 6808 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
23:46:18.0282 6808 RpcEptMapper - ok
23:46:18.0328 6808 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
23:46:18.0335 6808 RpcLocator - ok
23:46:18.0358 6808 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
23:46:18.0362 6808 RpcSs - ok
23:46:18.0398 6808 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
23:46:18.0401 6808 rspndr - ok
23:46:18.0430 6808 RxFilter (aa097220efc843a0581dfc06d082d4af) C:\Windows\system32\DRIVERS\RxFilter.sys
23:46:18.0432 6808 RxFilter - ok
23:46:18.0492 6808 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
23:46:18.0547 6808 SamSs - ok
23:46:18.0725 6808 SASDIFSV - ok
23:46:18.0742 6808 SASKUTIL - ok
23:46:18.0764 6808 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
23:46:18.0819 6808 sbp2port - ok
23:46:18.0864 6808 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
23:46:18.0870 6808 SCardSvr - ok
23:46:18.0884 6808 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
23:46:18.0942 6808 scfilter - ok
23:46:18.0972 6808 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
23:46:18.0978 6808 Schedule - ok
23:46:19.0026 6808 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
23:46:19.0027 6808 SCPolicySvc - ok
23:46:19.0065 6808 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
23:46:19.0105 6808 SDRSVC - ok
23:46:19.0216 6808 SeaPort (16a252022535b680046f6e34e136d378) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
23:46:19.0278 6808 SeaPort - ok
23:46:19.0315 6808 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
23:46:19.0318 6808 secdrv - ok
23:46:19.0334 6808 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
23:46:19.0376 6808 seclogon - ok
23:46:19.0389 6808 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
23:46:19.0391 6808 SENS - ok
23:46:19.0399 6808 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
23:46:19.0402 6808 SensrSvc - ok
23:46:19.0426 6808 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
23:46:19.0429 6808 Serenum - ok
23:46:19.0451 6808 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
23:46:19.0454 6808 Serial - ok
23:46:19.0478 6808 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
23:46:19.0482 6808 sermouse - ok
23:46:19.0519 6808 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
23:46:19.0560 6808 SessionEnv - ok
23:46:19.0577 6808 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
23:46:19.0582 6808 sffdisk - ok
23:46:19.0595 6808 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
23:46:19.0599 6808 sffp_mmc - ok
23:46:19.0636 6808 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
23:46:19.0691 6808 sffp_sd - ok
23:46:19.0710 6808 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
23:46:19.0715 6808 sfloppy - ok
23:46:19.0833 6808 SftService (e1974a92ac0914a3859359a0a8c82c68) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
23:46:19.0930 6808 SftService - ok
23:46:19.0944 6808 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
23:46:19.0951 6808 SharedAccess - ok
23:46:19.0968 6808 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
23:46:19.0971 6808 ShellHWDetection - ok
23:46:19.0988 6808 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
23:46:19.0993 6808 SiSRaid2 - ok
23:46:20.0015 6808 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
23:46:20.0020 6808 SiSRaid4 - ok
23:46:20.0051 6808 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
23:46:20.0057 6808 Smb - ok
23:46:20.0133 6808 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
23:46:20.0140 6808 SNMPTRAP - ok
23:46:20.0154 6808 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
23:46:20.0155 6808 spldr - ok
23:46:20.0178 6808 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
23:46:20.0240 6808 Spooler - ok
23:46:20.0300 6808 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
23:46:20.0365 6808 sppsvc - ok
23:46:20.0403 6808 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
23:46:20.0410 6808 sppuinotify - ok
23:46:20.0433 6808 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
23:46:20.0437 6808 srv - ok
23:46:20.0484 6808 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
23:46:20.0536 6808 srv2 - ok
23:46:20.0559 6808 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
23:46:20.0561 6808 srvnet - ok
23:46:20.0588 6808 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
23:46:20.0591 6808 SSDPSRV - ok
23:46:20.0603 6808 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
23:46:20.0608 6808 SstpSvc - ok
23:46:20.0631 6808 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
23:46:20.0635 6808 stexstor - ok
23:46:20.0688 6808 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
23:46:20.0731 6808 stisvc - ok
23:46:20.0784 6808 stllssvr (ff5eb78af7dfb68c2fb363537aaf753e) c:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
23:46:20.0845 6808 stllssvr - ok
23:46:20.0852 6808 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
23:46:20.0858 6808 swenum - ok
23:46:20.0883 6808 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
23:46:20.0890 6808 swprv - ok
23:46:20.0929 6808 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
23:46:20.0975 6808 SysMain - ok
23:46:20.0996 6808 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
23:46:21.0037 6808 TabletInputService - ok
23:46:21.0054 6808 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
23:46:21.0094 6808 TapiSrv - ok
23:46:21.0166 6808 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
23:46:21.0170 6808 TBS - ok
23:46:21.0236 6808 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
23:46:21.0249 6808 Tcpip - ok
23:46:21.0290 6808 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
23:46:21.0299 6808 TCPIP6 - ok
23:46:21.0316 6808 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
23:46:21.0368 6808 tcpipreg - ok
23:46:21.0384 6808 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
23:46:21.0390 6808 TDPIPE - ok
23:46:21.0450 6808 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
23:46:21.0502 6808 TDTCP - ok
23:46:21.0515 6808 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
23:46:21.0567 6808 tdx - ok
23:46:21.0584 6808 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
23:46:21.0626 6808 TermDD - ok
23:46:21.0645 6808 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
23:46:21.0690 6808 TermService - ok
23:46:21.0704 6808 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
23:46:21.0706 6808 Themes - ok
23:46:21.0772 6808 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
23:46:21.0775 6808 THREADORDER - ok
23:46:21.0793 6808 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
23:46:21.0799 6808 TrkWks - ok
23:46:21.0852 6808 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
23:46:21.0905 6808 TrustedInstaller - ok
23:46:21.0914 6808 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
23:46:21.0967 6808 tssecsrv - ok
23:46:22.0026 6808 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
23:46:22.0077 6808 TsUsbFlt - ok
23:46:22.0116 6808 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
23:46:22.0170 6808 tunnel - ok
23:46:22.0184 6808 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
23:46:22.0189 6808 uagp35 - ok
23:46:22.0209 6808 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
23:46:22.0262 6808 udfs - ok
23:46:22.0285 6808 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
23:46:22.0292 6808 UI0Detect - ok
23:46:22.0316 6808 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
23:46:22.0320 6808 uliagpkx - ok
23:46:22.0355 6808 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
23:46:22.0409 6808 umbus - ok
23:46:22.0428 6808 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
23:46:22.0430 6808 UmPass - ok
23:46:22.0625 6808 UNS (6fdb1ca1add261f893c90738eba37197) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
23:46:22.0741 6808 UNS - ok
23:46:22.0756 6808 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
23:46:22.0759 6808 upnphost - ok
23:46:22.0808 6808 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
23:46:22.0859 6808 USBAAPL64 - ok
23:46:22.0876 6808 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
23:46:22.0931 6808 usbccgp - ok
23:46:22.0955 6808 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
23:46:22.0960 6808 usbcir - ok
23:46:22.0978 6808 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
23:46:23.0031 6808 usbehci - ok
23:46:23.0050 6808 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
23:46:23.0110 6808 usbhub - ok
23:46:23.0131 6808 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
23:46:23.0185 6808 usbohci - ok
23:46:23.0217 6808 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
23:46:23.0220 6808 usbprint - ok
23:46:23.0250 6808 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
23:46:23.0253 6808 usbscan - ok
23:46:23.0264 6808 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:46:23.0315 6808 USBSTOR - ok
23:46:23.0335 6808 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
23:46:23.0388 6808 usbuhci - ok
23:46:23.0437 6808 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
23:46:23.0441 6808 UxSms - ok
23:46:23.0485 6808 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
23:46:23.0540 6808 VaultSvc - ok
23:46:23.0557 6808 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
23:46:23.0558 6808 vdrvroot - ok
23:46:23.0577 6808 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
23:46:23.0630 6808 vds - ok
23:46:23.0650 6808 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
23:46:23.0654 6808 vga - ok
23:46:23.0667 6808 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
23:46:23.0672 6808 VgaSave - ok
23:46:23.0695 6808 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
23:46:23.0750 6808 vhdmp - ok
23:46:23.0766 6808 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
23:46:23.0771 6808 viaide - ok
23:46:23.0789 6808 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
23:46:23.0790 6808 volmgr - ok
23:46:23.0806 6808 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
23:46:23.0809 6808 volmgrx - ok
23:46:23.0826 6808 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
23:46:23.0829 6808 volsnap - ok
23:46:23.0845 6808 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
23:46:23.0852 6808 vsmraid - ok
23:46:23.0887 6808 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
23:46:23.0896 6808 VSS - ok
23:46:23.0961 6808 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
23:46:23.0964 6808 vwifibus - ok
23:46:23.0985 6808 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
23:46:23.0993 6808 W32Time - ok
23:46:24.0012 6808 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
23:46:24.0018 6808 WacomPen - ok
23:46:24.0050 6808 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
23:46:24.0102 6808 WANARP - ok
23:46:24.0117 6808 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
23:46:24.0118 6808 Wanarpv6 - ok
23:46:24.0163 6808 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
23:46:24.0222 6808 WatAdminSvc - ok
23:46:24.0265 6808 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
23:46:24.0320 6808 wbengine - ok
23:46:24.0339 6808 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
23:46:24.0346 6808 WbioSrvc - ok
23:46:24.0362 6808 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
23:46:24.0406 6808 wcncsvc - ok
23:46:24.0424 6808 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
23:46:24.0427 6808 WcsPlugInService - ok
23:46:24.0473 6808 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
23:46:24.0501 6808 Wd - ok
23:46:24.0530 6808 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
23:46:24.0535 6808 Wdf01000 - ok
23:46:24.0572 6808 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
23:46:24.0575 6808 WdiServiceHost - ok
23:46:24.0582 6808 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
23:46:24.0584 6808 WdiSystemHost - ok
23:46:24.0601 6808 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
23:46:24.0641 6808 WebClient - ok
23:46:24.0665 6808 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
23:46:24.0673 6808 Wecsvc - ok
23:46:24.0741 6808 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
23:46:24.0747 6808 wercplsupport - ok
23:46:24.0774 6808 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
23:46:24.0779 6808 WerSvc - ok
23:46:24.0794 6808 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
23:46:24.0797 6808 WfpLwf - ok
23:46:24.0814 6808 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
23:46:24.0868 6808 WimFltr - ok
23:46:24.0885 6808 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
23:46:24.0887 6808 WIMMount - ok
23:46:24.0891 6808 WinHttpAutoProxySvc - ok
23:46:24.0985 6808 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
23:46:24.0987 6808 Winmgmt - ok
23:46:25.0024 6808 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
23:46:25.0076 6808 WinRM - ok
23:46:25.0121 6808 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
23:46:25.0175 6808 WinUsb - ok
23:46:25.0203 6808 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
23:46:25.0213 6808 Wlansvc - ok
23:46:25.0319 6808 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
23:46:25.0372 6808 wlcrasvc - ok
23:46:25.0463 6808 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
23:46:25.0522 6808 wlidsvc - ok
23:46:25.0536 6808 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
23:46:25.0541 6808 WmiAcpi - ok
23:46:25.0561 6808 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
23:46:25.0567 6808 wmiApSrv - ok
23:46:25.0617 6808 WMPNetworkSvc - ok
23:46:25.0665 6808 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
23:46:25.0671 6808 WPCSvc - ok
23:46:25.0726 6808 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
23:46:25.0767 6808 WPDBusEnum - ok
23:46:25.0781 6808 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
23:46:25.0784 6808 ws2ifsl - ok
23:46:25.0814 6808 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys
23:46:25.0820 6808 WSDPrintDevice - ok
23:46:25.0828 6808 WSearch - ok
23:46:25.0872 6808 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
23:46:25.0927 6808 wuauserv - ok
23:46:25.0945 6808 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
23:46:25.0997 6808 WudfPf - ok
23:46:26.0019 6808 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
23:46:26.0071 6808 WUDFRd - ok
23:46:26.0083 6808 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
23:46:26.0125 6808 wudfsvc - ok
23:46:26.0145 6808 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
23:46:26.0153 6808 WwanSvc - ok
23:46:26.0199 6808 MBR (0x1B8) (cdb4de4bbd714f152979da2dcbef57eb) \Device\Harddisk0\DR0
23:46:26.0309 6808 \Device\Harddisk0\DR0 - ok
23:46:26.0341 6808 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR1
23:46:26.0511 6808 \Device\Harddisk1\DR1 - ok
23:46:26.0513 6808 Boot (0x1200) (0e52ff93e3eae33e46127f33e2ae4a5f) \Device\Harddisk0\DR0\Partition0
23:46:26.0514 6808 \Device\Harddisk0\DR0\Partition0 - ok
23:46:26.0517 6808 Boot (0x1200) (21a0ee119df255a45af503bce9efd7e2) \Device\Harddisk0\DR0\Partition1
23:46:26.0518 6808 \Device\Harddisk0\DR0\Partition1 - ok
23:46:26.0521 6808 Boot (0x1200) (18c48decabad747e9f65ec188bd68f96) \Device\Harddisk1\DR1\Partition0
23:46:26.0523 6808 \Device\Harddisk1\DR1\Partition0 - ok
23:46:26.0524 6808 ============================================================
23:46:26.0524 6808 Scan finished
23:46:26.0524 6808 ============================================================
23:46:26.0534 3256 Detected object count: 0
23:46:26.0534 3256 Actual detected object count: 0
23:47:48.0368 1444 Deinitialize success



aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-04-07 23:51:56
-----------------------------
23:51:56.035 OS Version: Windows x64 6.1.7601 Service Pack 1
23:51:56.035 Number of processors: 4 586 0x2505
23:51:56.036 ComputerName: LEMMY2-PC UserName: Lemmy2
23:51:57.024 Initialize success
23:53:43.663 AVAST engine defs: 12040701
23:54:03.419 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-2
23:54:03.421 Disk 0 Vendor: SAMSUNG_ 1AJ1 Size: 953869MB BusType: 8
23:54:03.430 Disk 0 MBR read successfully
23:54:03.436 Disk 0 MBR scan
23:54:03.440 Disk 0 Windows VISTA default MBR code
23:54:03.443 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
23:54:03.478 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 11142 MB offset 81920
23:54:03.491 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 942686 MB offset 22900736
23:54:03.511 Disk 0 scanning C:\Windows\system32\drivers
23:54:12.044 Service scanning
23:54:30.747 Modules scanning
23:54:30.754 Disk 0 trace - called modules:
23:54:30.769 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
23:54:30.773 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007e86060]
23:54:30.778 3 CLASSPNP.SYS[fffff88001a0143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-2[0xfffffa8007b5e050]
23:54:31.650 AVAST engine scan C:\Windows
23:54:34.709 AVAST engine scan C:\Windows\system32
23:59:25.244 AVAST engine scan C:\Windows\system32\drivers
23:59:59.840 AVAST engine scan C:\Users\Lemmy2
02:26:42.768 AVAST engine scan C:\ProgramData
02:30:13.937 Scan finished successfully
08:33:59.231 Disk 0 MBR has been saved successfully to "C:\Users\Lemmy2\Downloads\MBR.dat"
08:33:59.239 The log file has been saved successfully to "C:\Users\Lemmy2\Downloads\aswMBR.txt"

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:05 PM

Posted 08 April 2012 - 08:47 AM

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log


Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#5 DexLem42

DexLem42
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:07:05 PM

Posted 09 April 2012 - 04:41 PM

Here are the results:

Farbar Service Scanner Version: 01-03-2012
Ran by Lemmy2 (administrator) on 08-04-2012 at 09:01:26
Running from "C:\Users\Lemmy2\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: Attention! Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: Attention! Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: Attention! Unable to open MpsSvc registry key. The service key does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: Attention! Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: Attention! Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: Attention! Unable to open bfe registry key. The service key does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: Attention! Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: Attention! Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: Attention! Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============

Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: Attention! Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: Attention! Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: Attention! Unable to open WinDefend registry key. The service key does not exist.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****



C:\Program Files (x86)\Yontoo Layers\YontooIEClient.dll a variant of Win32/Adware.Yontoo.A application cleaned by deleting - quarantined
C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll a variant of Win32/Adware.Yontoo.B application cleaned by deleting - quarantined
C:\ProgramData\Tarma Installer\{ED7702F7-093C-4968-8B84-3CF5D1A3F23D}\_Setupx.dll a variant of Win32/Adware.Yontoo.B application cleaned by deleting - quarantined
C:\Users\Lemmy2\DVD Tools\Nero 7.8.5.0 Ultra\Nero 7.8.5.0 Ultra.exe Win32/Toolbar.AskSBar application deleted - quarantined
C:\Users\Lemmy2\games\dopewars.exe multiple threats deleted - quarantined
C:\Users\Lemmy2\New Downloads\YouTubeDownloaderSetup34.exe a variant of Win32/Toolbar.Widgi application deleted - quarantined
J:\backup 3-12-12\DVD Tools\Nero 7.8.5.0 Ultra\Nero 7.8.5.0 Ultra.exe Win32/Toolbar.AskSBar application deleted - quarantined

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:05 PM

Posted 11 April 2012 - 04:05 AM

To be on safer side before running registry fixes i would suggest you to

Download

http://www.snapfiles.com/get/erunt.html

Install it and backup your registry to C:/Windows/erdnt

Now Download the registry files

http://www.mediafire.com/?317ea53a883288d

http://www.mediafire.com/?z6aw8j7997qa7j9

http://www.mediafire.com/?uo36rkbqarxd618

http://www.mediafire.com/?vujckeuo1repw9v

Download these files

Launch them one by one,click YES when you get a prompt


If it opens as a notepad,right click on them

Click on OPEN WITH

Click on BROWSE

navigate to C:/WINDOWS and select REGEDIT and click ok

Now you should get a UAC prompt,click YES

Restart your PC

Now,press windows+R key and type

regedit and click ok

go to

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE

Right click on it-permissions

Click on ADD and type

Everyone and click ok

Now Click on Everyone

Below you have permission for users

Select full control and click ok


Now,press Windows+R key and type

services.msc and click ok

start base filtering engine service and then windows firewall service

Post the new FSS log

Good luck

#7 DexLem42

DexLem42
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:07:05 PM

Posted 11 April 2012 - 07:32 PM

Here are the FSS results:

Farbar Service Scanner Version: 01-03-2012
Ran by Lemmy2 (administrator) on 11-04-2012 at 19:30:59
Running from "C:\Users\Lemmy2\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#8 DexLem42

DexLem42
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:07:05 PM

Posted 11 April 2012 - 07:38 PM

That did it!!! Thank you VERY much for all your help!! Is there anything I can do to prevent this from happening again?

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:05 PM

Posted 11 April 2012 - 11:29 PM

Very good :thumbsup:

Let me get this log first

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

good luck

#10 DexLem42

DexLem42
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:07:05 PM

Posted 12 April 2012 - 12:05 AM

Can I PM you with this log? I don't feel comfortable showing all that info......

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:05 PM

Posted 12 April 2012 - 01:00 AM

That looks good

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users