Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Need some Help- Firewall won't stay on


  • Please log in to reply
16 replies to this topic

#1 smokey43

smokey43

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:03:25 AM

Posted 22 April 2012 - 01:13 AM

I noticed today that my mcafee security suite from verizon firewall will not stay on. I click it on and goes off by itself. I did run a scan and had 6 threats that were removed. It still will not stay on. Obviously I have an issue somewhere. Can you please assist me with this problem. Thanks much

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:25 AM

Posted 22 April 2012 - 01:25 AM

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)


Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

#3 smokey43

smokey43
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:03:25 AM

Posted 22 April 2012 - 11:41 PM

Ok, Here is the FSS Log.



Farbar Service Scanner Version: 16-04-2012
Ran by Morris Family (administrator) on 23-04-2012 at 00:39:36
Running from "C:\Users\Morris Family\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: Attention! Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: Attention! Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: Attention! Unable to open MpsSvc registry key. The service key does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: Attention! Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: Attention! Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: Attention! Unable to open bfe registry key. The service key does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: Attention! Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: Attention! Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: Attention! Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: Attention! Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: Attention! Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: Attention! Unable to open WinDefend registry key. The service key does not exist.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#4 smokey43

smokey43
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:03:25 AM

Posted 22 April 2012 - 11:44 PM

Here is the TDSS Killer Log

00:41:34.0446 3400 TDSS rootkit removing tool 2.7.31.0 Apr 20 2012 19:49:47
00:41:34.0929 3400 ============================================================
00:41:34.0929 3400 Current date / time: 2012/04/23 00:41:34.0929
00:41:34.0929 3400 SystemInfo:
00:41:34.0929 3400
00:41:34.0930 3400 OS Version: 6.1.7601 ServicePack: 1.0
00:41:34.0930 3400 Product type: Workstation
00:41:34.0930 3400 ComputerName: MORRISFAMILY-PC
00:41:34.0930 3400 UserName: Morris Family
00:41:34.0930 3400 Windows directory: C:\Windows
00:41:34.0930 3400 System windows directory: C:\Windows
00:41:34.0930 3400 Running under WOW64
00:41:34.0930 3400 Processor architecture: Intel x64
00:41:34.0930 3400 Number of processors: 2
00:41:34.0930 3400 Page size: 0x1000
00:41:34.0930 3400 Boot type: Normal boot
00:41:34.0930 3400 ============================================================
00:41:36.0513 3400 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
00:41:36.0534 3400 \Device\Harddisk0\DR0:
00:41:36.0535 3400 MBR partitions:
00:41:36.0535 3400 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D9F000
00:41:36.0535 3400 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1DB3000, BlocksNum 0x385D2800
00:41:36.0567 3400 C: <-> \Device\Harddisk0\DR0\Partition1
00:41:36.0567 3400 Initialize success
00:41:36.0567 3400 ============================================================
00:42:07.0790 5824 ============================================================
00:42:07.0790 5824 Scan started
00:42:07.0790 5824 Mode: Manual; TDLFS;
00:42:07.0790 5824 ============================================================
00:42:08.0113 5824 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
00:42:08.0224 5824 1394ohci - ok
00:42:08.0245 5824 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
00:42:08.0296 5824 ACPI - ok
00:42:08.0308 5824 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
00:42:08.0355 5824 AcpiPmi - ok
00:42:08.0452 5824 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
00:42:08.0540 5824 AdobeARMservice - ok
00:42:08.0610 5824 AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
00:42:08.0612 5824 AdobeFlashPlayerUpdateSvc - ok
00:42:08.0686 5824 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
00:42:08.0713 5824 adp94xx - ok
00:42:08.0745 5824 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
00:42:08.0770 5824 adpahci - ok
00:42:08.0796 5824 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
00:42:08.0814 5824 adpu320 - ok
00:42:08.0854 5824 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
00:42:08.0857 5824 AeLookupSvc - ok
00:42:08.0924 5824 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
00:42:08.0932 5824 AFD - ok
00:42:08.0952 5824 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
00:42:08.0964 5824 agp440 - ok
00:42:08.0983 5824 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
00:42:08.0996 5824 ALG - ok
00:42:09.0017 5824 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
00:42:09.0029 5824 aliide - ok
00:42:09.0061 5824 AMD External Events Utility (e2934a5f82e010d8783544536384b035) C:\Windows\system32\atiesrxx.exe
00:42:09.0136 5824 AMD External Events Utility - ok
00:42:09.0143 5824 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
00:42:09.0145 5824 amdide - ok
00:42:09.0167 5824 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
00:42:09.0170 5824 AmdK8 - ok
00:42:09.0192 5824 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
00:42:09.0195 5824 AmdPPM - ok
00:42:09.0214 5824 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
00:42:09.0306 5824 amdsata - ok
00:42:09.0323 5824 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
00:42:09.0330 5824 amdsbs - ok
00:42:09.0345 5824 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
00:42:09.0393 5824 amdxata - ok
00:42:09.0419 5824 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
00:42:09.0466 5824 AppID - ok
00:42:09.0485 5824 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
00:42:09.0489 5824 AppIDSvc - ok
00:42:09.0500 5824 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
00:42:09.0501 5824 Appinfo - ok
00:42:09.0528 5824 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
00:42:09.0536 5824 arc - ok
00:42:09.0553 5824 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
00:42:09.0570 5824 arcsas - ok
00:42:09.0646 5824 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
00:42:09.0734 5824 aspnet_state - ok
00:42:09.0788 5824 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
00:42:09.0793 5824 AsyncMac - ok
00:42:09.0810 5824 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
00:42:09.0811 5824 atapi - ok
00:42:09.0860 5824 AtiHdmiService (fb7602c5c508be281368aae0b61b51c6) C:\Windows\system32\drivers\AtiHdmi.sys
00:42:09.0966 5824 AtiHdmiService - ok
00:42:10.0055 5824 atikmdag (adf81052d94bcd3ff7db2fe59e3ed6f4) C:\Windows\system32\DRIVERS\atikmdag.sys
00:42:10.0307 5824 atikmdag - ok
00:42:10.0350 5824 AtiPcie (7c5d273e29dcc5505469b299c6f29163) C:\Windows\system32\drivers\AtiPcie.sys
00:42:10.0440 5824 AtiPcie - ok
00:42:10.0484 5824 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
00:42:10.0495 5824 AudioEndpointBuilder - ok
00:42:10.0530 5824 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
00:42:10.0541 5824 AudioSrv - ok
00:42:10.0561 5824 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
00:42:10.0599 5824 AxInstSV - ok
00:42:10.0624 5824 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
00:42:10.0634 5824 b06bdrv - ok
00:42:10.0666 5824 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
00:42:10.0684 5824 b57nd60a - ok
00:42:10.0709 5824 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
00:42:10.0721 5824 BDESVC - ok
00:42:10.0742 5824 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
00:42:10.0755 5824 Beep - ok
00:42:10.0804 5824 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
00:42:10.0821 5824 BITS - ok
00:42:10.0849 5824 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
00:42:10.0865 5824 blbdrive - ok
00:42:10.0897 5824 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
00:42:10.0991 5824 bowser - ok
00:42:11.0006 5824 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
00:42:11.0011 5824 BrFiltLo - ok
00:42:11.0018 5824 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
00:42:11.0023 5824 BrFiltUp - ok
00:42:11.0048 5824 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
00:42:11.0050 5824 Browser - ok
00:42:11.0060 5824 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
00:42:11.0068 5824 Brserid - ok
00:42:11.0076 5824 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
00:42:11.0081 5824 BrSerWdm - ok
00:42:11.0097 5824 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
00:42:11.0106 5824 BrUsbMdm - ok
00:42:11.0118 5824 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
00:42:11.0126 5824 BrUsbSer - ok
00:42:11.0140 5824 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
00:42:11.0144 5824 BTHMODEM - ok
00:42:11.0160 5824 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
00:42:11.0163 5824 bthserv - ok
00:42:11.0181 5824 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
00:42:11.0187 5824 cdfs - ok
00:42:11.0213 5824 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
00:42:11.0295 5824 cdrom - ok
00:42:11.0316 5824 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
00:42:11.0361 5824 CertPropSvc - ok
00:42:11.0394 5824 cfwids (ed0263b2eb24f0f4e3898036fa1d28a1) C:\Windows\system32\drivers\cfwids.sys
00:42:11.0442 5824 cfwids - ok
00:42:11.0462 5824 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
00:42:11.0465 5824 circlass - ok
00:42:11.0489 5824 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
00:42:11.0499 5824 CLFS - ok
00:42:11.0563 5824 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:42:11.0573 5824 clr_optimization_v2.0.50727_32 - ok
00:42:11.0611 5824 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
00:42:11.0624 5824 clr_optimization_v2.0.50727_64 - ok
00:42:11.0685 5824 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:42:11.0778 5824 clr_optimization_v4.0.30319_32 - ok
00:42:11.0804 5824 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
00:42:11.0859 5824 clr_optimization_v4.0.30319_64 - ok
00:42:11.0913 5824 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
00:42:11.0917 5824 CmBatt - ok
00:42:11.0927 5824 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
00:42:11.0937 5824 cmdide - ok
00:42:11.0988 5824 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
00:42:12.0067 5824 CNG - ok
00:42:12.0074 5824 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
00:42:12.0079 5824 Compbatt - ok
00:42:12.0104 5824 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
00:42:12.0155 5824 CompositeBus - ok
00:42:12.0167 5824 COMSysApp - ok
00:42:12.0176 5824 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
00:42:12.0179 5824 crcdisk - ok
00:42:12.0203 5824 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
00:42:12.0205 5824 CryptSvc - ok
00:42:12.0301 5824 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
00:42:12.0316 5824 cvhsvc - ok
00:42:12.0358 5824 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
00:42:12.0361 5824 DcomLaunch - ok
00:42:12.0375 5824 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
00:42:12.0383 5824 defragsvc - ok
00:42:12.0416 5824 DellDigitalDelivery (742e683ce96ec699ad74926f4f65551d) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
00:42:12.0501 5824 DellDigitalDelivery - ok
00:42:12.0536 5824 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
00:42:12.0583 5824 DfsC - ok
00:42:12.0618 5824 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
00:42:12.0620 5824 Dhcp - ok
00:42:12.0635 5824 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
00:42:12.0638 5824 discache - ok
00:42:12.0664 5824 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
00:42:12.0678 5824 Disk - ok
00:42:12.0708 5824 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
00:42:12.0713 5824 Dnscache - ok
00:42:12.0743 5824 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
00:42:12.0836 5824 dot3svc - ok
00:42:12.0851 5824 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
00:42:12.0852 5824 DPS - ok
00:42:12.0895 5824 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
00:42:12.0910 5824 drmkaud - ok
00:42:12.0959 5824 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
00:42:13.0093 5824 DXGKrnl - ok
00:42:13.0109 5824 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
00:42:13.0113 5824 EapHost - ok
00:42:13.0171 5824 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
00:42:13.0288 5824 ebdrv - ok
00:42:13.0337 5824 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
00:42:13.0338 5824 EFS - ok
00:42:13.0405 5824 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
00:42:13.0515 5824 ehRecvr - ok
00:42:13.0533 5824 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
00:42:13.0537 5824 ehSched - ok
00:42:13.0575 5824 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
00:42:13.0584 5824 elxstor - ok
00:42:13.0592 5824 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
00:42:13.0596 5824 ErrDev - ok
00:42:13.0631 5824 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
00:42:13.0639 5824 EventSystem - ok
00:42:13.0671 5824 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
00:42:13.0691 5824 exfat - ok
00:42:13.0717 5824 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
00:42:13.0734 5824 fastfat - ok
00:42:13.0768 5824 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
00:42:13.0869 5824 Fax - ok
00:42:13.0881 5824 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
00:42:13.0884 5824 fdc - ok
00:42:13.0910 5824 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
00:42:13.0914 5824 fdPHost - ok
00:42:13.0927 5824 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
00:42:13.0930 5824 FDResPub - ok
00:42:13.0941 5824 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
00:42:13.0944 5824 FileInfo - ok
00:42:13.0958 5824 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
00:42:13.0961 5824 Filetrace - ok
00:42:13.0972 5824 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
00:42:13.0983 5824 flpydisk - ok
00:42:14.0009 5824 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
00:42:14.0099 5824 FltMgr - ok
00:42:14.0138 5824 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
00:42:14.0151 5824 FontCache - ok
00:42:14.0206 5824 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
00:42:14.0298 5824 FontCache3.0.0.0 - ok
00:42:14.0362 5824 fpUpdateSvc (849525cb37c5b84bb866561bc035a065) C:\Program Files (x86)\Internet Content Filter\UpdateService.exe
00:42:14.0455 5824 fpUpdateSvc - ok
00:42:14.0512 5824 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
00:42:14.0523 5824 FsDepends - ok
00:42:14.0559 5824 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
00:42:14.0655 5824 Fs_Rec - ok
00:42:14.0683 5824 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
00:42:14.0734 5824 fvevol - ok
00:42:14.0747 5824 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
00:42:14.0752 5824 gagp30kx - ok
00:42:14.0814 5824 GamesAppService (c403c5db49a0f9aaf4f2128edc0106d8) C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
00:42:14.0948 5824 GamesAppService - ok
00:42:14.0985 5824 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
00:42:15.0072 5824 GEARAspiWDM - ok
00:42:15.0118 5824 GoToAssist (d3316f6e3c011435f36e3d6e49b3196c) C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
00:42:15.0171 5824 GoToAssist - ok
00:42:15.0205 5824 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
00:42:15.0294 5824 gpsvc - ok
00:42:15.0370 5824 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
00:42:15.0373 5824 gupdate - ok
00:42:15.0390 5824 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
00:42:15.0393 5824 gupdatem - ok
00:42:15.0429 5824 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
00:42:15.0506 5824 gusvc - ok
00:42:15.0578 5824 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
00:42:15.0581 5824 hcw85cir - ok
00:42:15.0619 5824 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
00:42:15.0725 5824 HDAudBus - ok
00:42:15.0732 5824 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
00:42:15.0736 5824 HidBatt - ok
00:42:15.0744 5824 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
00:42:15.0748 5824 HidBth - ok
00:42:15.0756 5824 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
00:42:15.0760 5824 HidIr - ok
00:42:15.0791 5824 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
00:42:15.0795 5824 hidserv - ok
00:42:15.0819 5824 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
00:42:15.0909 5824 HidUsb - ok
00:42:15.0924 5824 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
00:42:15.0963 5824 hkmsvc - ok
00:42:15.0977 5824 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
00:42:16.0016 5824 HomeGroupListener - ok
00:42:16.0042 5824 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
00:42:16.0081 5824 HomeGroupProvider - ok
00:42:16.0095 5824 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
00:42:16.0144 5824 HpSAMD - ok
00:42:16.0189 5824 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
00:42:16.0279 5824 HTTP - ok
00:42:16.0287 5824 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
00:42:16.0326 5824 hwpolicy - ok
00:42:16.0344 5824 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
00:42:16.0350 5824 i8042prt - ok
00:42:16.0385 5824 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
00:42:16.0482 5824 iaStorV - ok
00:42:16.0541 5824 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
00:42:16.0641 5824 idsvc - ok
00:42:16.0693 5824 IHA_MessageCenter (c135bff15563592b8ea070ea109967f7) C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
00:42:16.0792 5824 IHA_MessageCenter - ok
00:42:16.0844 5824 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
00:42:16.0859 5824 iirsp - ok
00:42:16.0919 5824 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
00:42:17.0074 5824 IKEEXT - ok
00:42:17.0156 5824 IntcAzAudAddService (9526f32b8a76f8dc25a1587400e30084) C:\Windows\system32\drivers\RTKVHD64.sys
00:42:17.0356 5824 IntcAzAudAddService - ok
00:42:17.0394 5824 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
00:42:17.0396 5824 intelide - ok
00:42:17.0405 5824 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
00:42:17.0411 5824 intelppm - ok
00:42:17.0441 5824 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
00:42:17.0456 5824 IPBusEnum - ok
00:42:17.0470 5824 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
00:42:17.0582 5824 IpFilterDriver - ok
00:42:17.0590 5824 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
00:42:17.0638 5824 IPMIDRV - ok
00:42:17.0653 5824 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
00:42:17.0660 5824 IPNAT - ok
00:42:17.0716 5824 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
00:42:17.0725 5824 IRENUM - ok
00:42:17.0741 5824 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
00:42:17.0749 5824 isapnp - ok
00:42:17.0783 5824 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
00:42:17.0890 5824 iScsiPrt - ok
00:42:17.0931 5824 k57nd60a (d85f3f18e44f7447b5f1ba5c85baeb7c) C:\Windows\system32\DRIVERS\k57nd60a.sys
00:42:18.0017 5824 k57nd60a - ok
00:42:18.0036 5824 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
00:42:18.0041 5824 kbdclass - ok
00:42:18.0056 5824 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
00:42:18.0104 5824 kbdhid - ok
00:42:18.0145 5824 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
00:42:18.0146 5824 KeyIso - ok
00:42:18.0158 5824 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
00:42:18.0240 5824 KSecDD - ok
00:42:18.0258 5824 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
00:42:18.0309 5824 KSecPkg - ok
00:42:18.0333 5824 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
00:42:18.0337 5824 ksthunk - ok
00:42:18.0369 5824 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
00:42:18.0378 5824 KtmRm - ok
00:42:18.0444 5824 L6UX2 (1107dd2b04a2c73ccbb614c12c70b775) C:\Windows\system32\Drivers\L6UX264.sys
00:42:18.0554 5824 L6UX2 - ok
00:42:18.0595 5824 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
00:42:18.0597 5824 LanmanServer - ok
00:42:18.0626 5824 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
00:42:18.0628 5824 LanmanWorkstation - ok
00:42:18.0681 5824 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
00:42:18.0694 5824 lltdio - ok
00:42:18.0731 5824 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
00:42:18.0749 5824 lltdsvc - ok
00:42:18.0770 5824 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
00:42:18.0786 5824 lmhosts - ok
00:42:18.0822 5824 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
00:42:18.0834 5824 LSI_FC - ok
00:42:18.0848 5824 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
00:42:18.0857 5824 LSI_SAS - ok
00:42:18.0871 5824 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
00:42:18.0877 5824 LSI_SAS2 - ok
00:42:18.0892 5824 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
00:42:18.0897 5824 LSI_SCSI - ok
00:42:18.0915 5824 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
00:42:18.0918 5824 luafv - ok
00:42:19.0005 5824 lxdiCATSCustConnectService (baa003617d899996cf282a3d92aee29b) C:\Windows\system32\spool\DRIVERS\x64\3\\lxdiserv.exe
00:42:19.0136 5824 lxdiCATSCustConnectService - ok
00:42:19.0170 5824 lxdi_device - ok
00:42:19.0221 5824 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
00:42:19.0325 5824 MBAMProtector - ok
00:42:19.0372 5824 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
00:42:19.0556 5824 MBAMService - ok
00:42:19.0593 5824 McAfee SiteAdvisor Service (be8c524313db75fa26fb2b0c0aaff88e) c:\PROGRA~2\mcafee\SITEAD~1\McSACore.exe
00:42:19.0686 5824 McAfee SiteAdvisor Service - ok
00:42:19.0760 5824 McAWFwk (f48571922079bbab289c57bafefe88f3) c:\PROGRA~1\mcafee\msc\mcawfwk.exe
00:42:19.0867 5824 McAWFwk - ok
00:42:19.0922 5824 McMPFSvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
00:42:20.0000 5824 McMPFSvc - ok
00:42:20.0012 5824 mcmscsvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
00:42:20.0013 5824 mcmscsvc - ok
00:42:20.0028 5824 McNaiAnn (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
00:42:20.0030 5824 McNaiAnn - ok
00:42:20.0061 5824 McNASvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
00:42:20.0062 5824 McNASvc - ok
00:42:20.0122 5824 McODS (07b89e7de2f7971cf7eef0262207c4de) C:\Program Files\McAfee\VirusScan\mcods.exe
00:42:20.0130 5824 McODS - ok
00:42:20.0162 5824 McOobeSv (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
00:42:20.0167 5824 McOobeSv - ok
00:42:20.0186 5824 McProxy (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
00:42:20.0190 5824 McProxy - ok
00:42:20.0218 5824 McShield (4a463d645b48bb487ca7df12ba5d1602) C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
00:42:20.0340 5824 McShield - ok
00:42:20.0408 5824 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
00:42:20.0513 5824 Mcx2Svc - ok
00:42:20.0535 5824 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
00:42:20.0540 5824 megasas - ok
00:42:20.0550 5824 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
00:42:20.0558 5824 MegaSR - ok
00:42:20.0621 5824 mfeapfk (ef3acfb7e3f82d5f7cde9ef5f0a4e2e2) C:\Windows\system32\drivers\mfeapfk.sys
00:42:20.0755 5824 mfeapfk - ok
00:42:20.0795 5824 mfeavfk (e7a60bdb4365b561d896019b82fb7dd0) C:\Windows\system32\drivers\mfeavfk.sys
00:42:20.0888 5824 mfeavfk - ok
00:42:20.0901 5824 mfeavfk01 - ok
00:42:20.0944 5824 mfefire (c53b7aba204d9f7e9568ec147a1485c5) C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
00:42:21.0019 5824 mfefire - ok
00:42:21.0057 5824 mfefirek (670dffe55e2f9ab99d9169c428bcece9) C:\Windows\system32\drivers\mfefirek.sys
00:42:21.0113 5824 mfefirek - ok
00:42:21.0149 5824 mfehidk (1892616b7f9291fd77c3fa0a5811fe9f) C:\Windows\system32\drivers\mfehidk.sys
00:42:21.0249 5824 mfehidk - ok
00:42:21.0276 5824 mfenlfk (1721261c77f6e7a9e0cb51b7d9f31b60) C:\Windows\system32\DRIVERS\mfenlfk.sys
00:42:21.0324 5824 mfenlfk - ok
00:42:21.0349 5824 mferkdet (65776bd8029e409935b90de30bf99526) C:\Windows\system32\drivers\mferkdet.sys
00:42:21.0398 5824 mferkdet - ok
00:42:21.0427 5824 mfevtp (8f3b3c3625e3aaa11d6d4db8423e1721) C:\Windows\system32\mfevtps.exe
00:42:21.0477 5824 mfevtp - ok
00:42:21.0492 5824 mfewfpk (4f17d8b85b903d96ef7033bb6ef50516) C:\Windows\system32\drivers\mfewfpk.sys
00:42:21.0544 5824 mfewfpk - ok
00:42:21.0568 5824 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
00:42:21.0569 5824 MMCSS - ok
00:42:21.0600 5824 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
00:42:21.0608 5824 Modem - ok
00:42:21.0659 5824 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
00:42:21.0683 5824 monitor - ok
00:42:21.0734 5824 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
00:42:21.0748 5824 mouclass - ok
00:42:21.0773 5824 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
00:42:21.0787 5824 mouhid - ok
00:42:21.0811 5824 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
00:42:21.0911 5824 mountmgr - ok
00:42:21.0932 5824 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
00:42:21.0983 5824 mpio - ok
00:42:21.0998 5824 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
00:42:21.0999 5824 mpsdrv - ok
00:42:22.0008 5824 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
00:42:22.0061 5824 MRxDAV - ok
00:42:22.0091 5824 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
00:42:22.0182 5824 mrxsmb - ok
00:42:22.0197 5824 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
00:42:22.0247 5824 mrxsmb10 - ok
00:42:22.0259 5824 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
00:42:22.0307 5824 mrxsmb20 - ok
00:42:22.0320 5824 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
00:42:22.0371 5824 msahci - ok
00:42:22.0380 5824 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
00:42:22.0436 5824 msdsm - ok
00:42:22.0458 5824 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
00:42:22.0464 5824 MSDTC - ok
00:42:22.0482 5824 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
00:42:22.0492 5824 Msfs - ok
00:42:22.0512 5824 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
00:42:22.0527 5824 mshidkmdf - ok
00:42:22.0542 5824 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
00:42:22.0545 5824 msisadrv - ok
00:42:22.0571 5824 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
00:42:22.0578 5824 MSiSCSI - ok
00:42:22.0584 5824 msiserver - ok
00:42:22.0657 5824 MSK80Service (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
00:42:22.0661 5824 MSK80Service - ok
00:42:22.0697 5824 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
00:42:22.0712 5824 MSKSSRV - ok
00:42:22.0724 5824 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
00:42:22.0739 5824 MSPCLOCK - ok
00:42:22.0752 5824 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
00:42:22.0759 5824 MSPQM - ok
00:42:22.0783 5824 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
00:42:22.0824 5824 MsRPC - ok
00:42:22.0857 5824 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
00:42:22.0861 5824 mssmbios - ok
00:42:22.0886 5824 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
00:42:22.0890 5824 MSTEE - ok
00:42:22.0897 5824 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
00:42:22.0901 5824 MTConfig - ok
00:42:22.0932 5824 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
00:42:22.0947 5824 Mup - ok
00:42:22.0987 5824 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
00:42:23.0094 5824 napagent - ok
00:42:23.0126 5824 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
00:42:23.0134 5824 NativeWifiP - ok
00:42:23.0192 5824 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys
00:42:23.0301 5824 NDIS - ok
00:42:23.0322 5824 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
00:42:23.0327 5824 NdisCap - ok
00:42:23.0357 5824 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
00:42:23.0360 5824 NdisTapi - ok
00:42:23.0381 5824 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
00:42:23.0470 5824 Ndisuio - ok
00:42:23.0484 5824 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
00:42:23.0533 5824 NdisWan - ok
00:42:23.0550 5824 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
00:42:23.0598 5824 NDProxy - ok
00:42:23.0609 5824 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
00:42:23.0614 5824 NetBIOS - ok
00:42:23.0630 5824 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
00:42:23.0683 5824 NetBT - ok
00:42:23.0721 5824 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
00:42:23.0722 5824 Netlogon - ok
00:42:23.0755 5824 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
00:42:23.0773 5824 Netman - ok
00:42:23.0842 5824 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:42:23.0951 5824 NetMsmqActivator - ok
00:42:23.0956 5824 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:42:23.0957 5824 NetPipeActivator - ok
00:42:23.0981 5824 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
00:42:23.0989 5824 netprofm - ok
00:42:23.0995 5824 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:42:23.0996 5824 NetTcpActivator - ok
00:42:23.0999 5824 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:42:24.0000 5824 NetTcpPortSharing - ok
00:42:24.0029 5824 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
00:42:24.0032 5824 nfrd960 - ok
00:42:24.0291 5824 NIHardwareService (fdcfe6c98fcd64aa6d8411f44faa2c29) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
00:42:24.0395 5824 NIHardwareService - ok
00:42:24.0718 5824 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
00:42:24.0726 5824 NlaSvc - ok
00:42:24.0759 5824 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
00:42:24.0765 5824 Npfs - ok
00:42:24.0798 5824 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
00:42:24.0802 5824 nsi - ok
00:42:24.0818 5824 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
00:42:24.0820 5824 nsiproxy - ok
00:42:24.0888 5824 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
00:42:25.0047 5824 Ntfs - ok
00:42:25.0061 5824 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
00:42:25.0075 5824 Null - ok
00:42:25.0098 5824 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
00:42:25.0206 5824 nvraid - ok
00:42:25.0221 5824 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
00:42:25.0272 5824 nvstor - ok
00:42:25.0289 5824 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
00:42:25.0296 5824 nv_agp - ok
00:42:25.0304 5824 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
00:42:25.0310 5824 ohci1394 - ok
00:42:25.0377 5824 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:42:25.0548 5824 ose - ok
00:42:25.0689 5824 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
00:42:25.0831 5824 osppsvc - ok
00:42:25.0904 5824 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
00:42:25.0924 5824 p2pimsvc - ok
00:42:25.0974 5824 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
00:42:25.0999 5824 p2psvc - ok
00:42:26.0062 5824 paeusbaudio (7634df7a26dac83bba1fd49d7f8a390d) C:\Windows\system32\DRIVERS\paeusbaudio_x64.sys
00:42:26.0170 5824 paeusbaudio - ok
00:42:26.0209 5824 paeusbaudiodsp (622672369d4369049ffeb6793f0b44a8) C:\Windows\system32\DRIVERS\paeusbaudiodsp_x64.sys
00:42:26.0259 5824 paeusbaudiodsp - ok
00:42:26.0273 5824 paeusbaudioks (afe5c14b0b1ef1a4c8500a0756c90805) C:\Windows\system32\DRIVERS\paeusbaudioks_x64.sys
00:42:26.0322 5824 paeusbaudioks - ok
00:42:26.0347 5824 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
00:42:26.0351 5824 Parport - ok
00:42:26.0367 5824 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
00:42:26.0497 5824 partmgr - ok
00:42:26.0519 5824 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
00:42:26.0526 5824 PcaSvc - ok
00:42:26.0609 5824 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 (7317a0b550f7ac0223b7070897670476) c:\program files\dell support center\pcdsrvc_x64.pkms
00:42:26.0712 5824 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - ok
00:42:26.0745 5824 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
00:42:26.0748 5824 pci - ok
00:42:26.0768 5824 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
00:42:26.0781 5824 pciide - ok
00:42:26.0797 5824 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
00:42:26.0812 5824 pcmcia - ok
00:42:26.0837 5824 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
00:42:26.0846 5824 pcw - ok
00:42:26.0878 5824 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
00:42:26.0911 5824 PEAUTH - ok
00:42:26.0957 5824 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
00:42:26.0964 5824 PerfHost - ok
00:42:27.0041 5824 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
00:42:27.0171 5824 pla - ok
00:42:27.0207 5824 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
00:42:27.0289 5824 PlugPlay - ok
00:42:27.0306 5824 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
00:42:27.0312 5824 PNRPAutoReg - ok
00:42:27.0335 5824 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
00:42:27.0337 5824 PNRPsvc - ok
00:42:27.0377 5824 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
00:42:27.0478 5824 PolicyAgent - ok
00:42:27.0498 5824 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
00:42:27.0502 5824 Power - ok
00:42:27.0546 5824 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
00:42:27.0618 5824 PptpMiniport - ok
00:42:27.0638 5824 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
00:42:27.0642 5824 Processor - ok
00:42:27.0664 5824 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
00:42:27.0667 5824 ProfSvc - ok
00:42:27.0704 5824 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
00:42:27.0708 5824 ProtectedStorage - ok
00:42:27.0744 5824 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
00:42:27.0846 5824 Psched - ok
00:42:27.0880 5824 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
00:42:27.0973 5824 PxHlpa64 - ok
00:42:28.0022 5824 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
00:42:28.0100 5824 ql2300 - ok
00:42:28.0116 5824 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
00:42:28.0123 5824 ql40xx - ok
00:42:28.0149 5824 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
00:42:28.0156 5824 QWAVE - ok
00:42:28.0175 5824 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
00:42:28.0180 5824 QWAVEdrv - ok
00:42:28.0192 5824 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
00:42:28.0201 5824 RasAcd - ok
00:42:28.0233 5824 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
00:42:28.0241 5824 RasAgileVpn - ok
00:42:28.0264 5824 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
00:42:28.0284 5824 RasAuto - ok
00:42:28.0307 5824 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
00:42:28.0391 5824 Rasl2tp - ok
00:42:28.0410 5824 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
00:42:28.0450 5824 RasMan - ok
00:42:28.0465 5824 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
00:42:28.0471 5824 RasPppoe - ok
00:42:28.0486 5824 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
00:42:28.0489 5824 RasSstp - ok
00:42:28.0510 5824 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
00:42:28.0603 5824 rdbss - ok
00:42:28.0618 5824 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
00:42:28.0623 5824 rdpbus - ok
00:42:28.0642 5824 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
00:42:28.0646 5824 RDPCDD - ok
00:42:28.0660 5824 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
00:42:28.0668 5824 RDPENCDD - ok
00:42:28.0700 5824 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
00:42:28.0705 5824 RDPREFMP - ok
00:42:28.0737 5824 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
00:42:28.0786 5824 RDPWD - ok
00:42:28.0806 5824 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
00:42:28.0894 5824 rdyboost - ok
00:42:28.0923 5824 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
00:42:28.0928 5824 RemoteAccess - ok
00:42:28.0959 5824 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
00:42:28.0967 5824 RemoteRegistry - ok
00:42:29.0087 5824 RoxMediaDB12OEM (3c957189b31c34d3ad21967b12b6aed7) C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
00:42:29.0238 5824 RoxMediaDB12OEM - ok
00:42:29.0264 5824 RoxWatch12 (2b73088cc2ca757a172b425c9398e5bc) C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
00:42:29.0325 5824 RoxWatch12 - ok
00:42:29.0388 5824 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
00:42:29.0394 5824 RpcEptMapper - ok
00:42:29.0428 5824 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
00:42:29.0444 5824 RpcLocator - ok
00:42:29.0478 5824 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
00:42:29.0490 5824 RpcSs - ok
00:42:29.0531 5824 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
00:42:29.0540 5824 rspndr - ok
00:42:29.0579 5824 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
00:42:29.0582 5824 SamSs - ok
00:42:29.0604 5824 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
00:42:29.0752 5824 sbp2port - ok
00:42:29.0768 5824 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
00:42:29.0775 5824 SCardSvr - ok
00:42:29.0792 5824 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
00:42:29.0886 5824 scfilter - ok
00:42:29.0913 5824 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
00:42:29.0968 5824 Schedule - ok
00:42:29.0990 5824 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
00:42:29.0991 5824 SCPolicySvc - ok
00:42:30.0004 5824 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
00:42:30.0006 5824 SDRSVC - ok
00:42:30.0018 5824 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
00:42:30.0021 5824 secdrv - ok
00:42:30.0029 5824 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
00:42:30.0069 5824 seclogon - ok
00:42:30.0088 5824 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
00:42:30.0089 5824 SENS - ok
00:42:30.0122 5824 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
00:42:30.0131 5824 SensrSvc - ok
00:42:30.0165 5824 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
00:42:30.0172 5824 Serenum - ok
00:42:30.0187 5824 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
00:42:30.0195 5824 Serial - ok
00:42:30.0210 5824 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
00:42:30.0218 5824 sermouse - ok
00:42:30.0255 5824 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
00:42:30.0313 5824 SessionEnv - ok
00:42:30.0321 5824 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
00:42:30.0325 5824 sffdisk - ok
00:42:30.0333 5824 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
00:42:30.0338 5824 sffp_mmc - ok
00:42:30.0347 5824 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
00:42:30.0393 5824 sffp_sd - ok
00:42:30.0401 5824 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
00:42:30.0405 5824 sfloppy - ok
00:42:30.0471 5824 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
00:42:30.0608 5824 Sftfs - ok
00:42:30.0691 5824 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
00:42:30.0804 5824 sftlist - ok
00:42:30.0818 5824 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
00:42:30.0870 5824 Sftplay - ok
00:42:30.0883 5824 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
00:42:30.0932 5824 Sftredir - ok
00:42:30.0982 5824 SftService (74ec60e20516aaa573be74f31175270f) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
00:42:31.0096 5824 SftService - ok
00:42:31.0130 5824 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
00:42:31.0179 5824 Sftvol - ok
00:42:31.0221 5824 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
00:42:31.0319 5824 sftvsa - ok
00:42:31.0355 5824 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
00:42:31.0370 5824 SharedAccess - ok
00:42:31.0409 5824 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
00:42:31.0501 5824 ShellHWDetection - ok
00:42:31.0535 5824 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
00:42:31.0540 5824 SiSRaid2 - ok
00:42:31.0553 5824 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
00:42:31.0567 5824 SiSRaid4 - ok
00:42:31.0595 5824 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
00:42:31.0612 5824 Smb - ok
00:42:31.0647 5824 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
00:42:31.0663 5824 SNMPTRAP - ok
00:42:31.0686 5824 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
00:42:31.0690 5824 spldr - ok
00:42:31.0713 5824 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
00:42:31.0867 5824 Spooler - ok
00:42:31.0969 5824 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
00:42:32.0120 5824 sppsvc - ok
00:42:32.0137 5824 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
00:42:32.0143 5824 sppuinotify - ok
00:42:32.0200 5824 sprtsvc_verizondm - ok
00:42:32.0245 5824 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
00:42:32.0349 5824 srv - ok
00:42:32.0364 5824 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
00:42:32.0415 5824 srv2 - ok
00:42:32.0434 5824 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
00:42:32.0483 5824 srvnet - ok
00:42:32.0519 5824 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
00:42:32.0524 5824 SSDPSRV - ok
00:42:32.0542 5824 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
00:42:32.0548 5824 SstpSvc - ok
00:42:32.0571 5824 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
00:42:32.0581 5824 stexstor - ok
00:42:32.0618 5824 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
00:42:32.0710 5824 stisvc - ok
00:42:32.0772 5824 stllssvr (7731f46ec0d687a931cba063e8f90ef0) C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
00:42:32.0891 5824 stllssvr - ok
00:42:32.0905 5824 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
00:42:32.0909 5824 swenum - ok
00:42:32.0932 5824 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
00:42:32.0936 5824 swprv - ok
00:42:32.0975 5824 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
00:42:33.0076 5824 SysMain - ok
00:42:33.0095 5824 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
00:42:33.0176 5824 TabletInputService - ok
00:42:33.0195 5824 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
00:42:33.0236 5824 TapiSrv - ok
00:42:33.0254 5824 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
00:42:33.0258 5824 TBS - ok
00:42:33.0335 5824 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
00:42:33.0364 5824 Tcpip - ok
00:42:33.0427 5824 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
00:42:33.0436 5824 TCPIP6 - ok
00:42:33.0472 5824 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
00:42:33.0554 5824 tcpipreg - ok
00:42:33.0572 5824 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
00:42:33.0578 5824 TDPIPE - ok
00:42:33.0596 5824 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
00:42:33.0644 5824 TDTCP - ok
00:42:33.0682 5824 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
00:42:33.0683 5824 tdx - ok
00:42:33.0701 5824 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
00:42:33.0783 5824 TermDD - ok
00:42:33.0821 5824 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
00:42:33.0950 5824 TermService - ok
00:42:33.0999 5824 tgsrvc_verizondm - ok
00:42:34.0020 5824 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
00:42:34.0025 5824 Themes - ok
00:42:34.0059 5824 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
00:42:34.0064 5824 THREADORDER - ok
00:42:34.0084 5824 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
00:42:34.0100 5824 TrkWks - ok
00:42:34.0133 5824 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
00:42:34.0214 5824 TrustedInstaller - ok
00:42:34.0249 5824 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
00:42:34.0296 5824 tssecsrv - ok
00:42:34.0319 5824 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
00:42:34.0367 5824 TsUsbFlt - ok
00:42:34.0385 5824 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
00:42:34.0433 5824 TsUsbGD - ok
00:42:34.0463 5824 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
00:42:34.0552 5824 tunnel - ok
00:42:34.0561 5824 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
00:42:34.0565 5824 uagp35 - ok
00:42:34.0587 5824 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
00:42:34.0680 5824 udfs - ok
00:42:34.0708 5824 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
00:42:34.0714 5824 UI0Detect - ok
00:42:34.0722 5824 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
00:42:34.0726 5824 uliagpkx - ok
00:42:34.0749 5824 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
00:42:34.0829 5824 umbus - ok
00:42:34.0854 5824 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
00:42:34.0857 5824 UmPass - ok
00:42:34.0875 5824 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
00:42:34.0882 5824 upnphost - ok
00:42:34.0908 5824 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
00:42:34.0993 5824 usbaudio - ok
00:42:35.0016 5824 usbccgp (19ad7990c0b67e48dac5b26f99628223) C:\Windows\system32\DRIVERS\usbccgp.sys
00:42:35.0064 5824 usbccgp - ok
00:42:35.0100 5824 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
00:42:35.0113 5824 usbcir - ok
00:42:35.0132 5824 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
00:42:35.0228 5824 usbehci - ok
00:42:35.0268 5824 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
00:42:35.0396 5824 usbhub - ok
00:42:35.0410 5824 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
00:42:35.0459 5824 usbohci - ok
00:42:35.0480 5824 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
00:42:35.0483 5824 usbprint - ok
00:42:35.0527 5824 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
00:42:35.0535 5824 usbscan - ok
00:42:35.0562 5824 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
00:42:35.0653 5824 USBSTOR - ok
00:42:35.0670 5824 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
00:42:35.0717 5824 usbuhci - ok
00:42:35.0740 5824 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
00:42:35.0744 5824 UxSms - ok
00:42:35.0786 5824 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
00:42:35.0788 5824 VaultSvc - ok
00:42:35.0809 5824 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
00:42:35.0823 5824 vdrvroot - ok
00:42:35.0859 5824 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
00:42:35.0958 5824 vds - ok
00:42:35.0977 5824 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
00:42:35.0980 5824 vga - ok
00:42:35.0995 5824 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
00:42:36.0000 5824 VgaSave - ok
00:42:36.0020 5824 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
00:42:36.0113 5824 vhdmp - ok
00:42:36.0121 5824 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
00:42:36.0126 5824 viaide - ok
00:42:36.0147 5824 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
00:42:36.0240 5824 volmgr - ok
00:42:36.0261 5824 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
00:42:36.0316 5824 volmgrx - ok
00:42:36.0346 5824 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
00:42:36.0400 5824 volsnap - ok
00:42:36.0414 5824 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
00:42:36.0420 5824 vsmraid - ok
00:42:36.0482 5824 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
00:42:36.0511 5824 VSS - ok
00:42:36.0538 5824 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
00:42:36.0541 5824 vwifibus - ok
00:42:36.0563 5824 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
00:42:36.0573 5824 W32Time - ok
00:42:36.0584 5824 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
00:42:36.0599 5824 WacomPen - ok
00:42:36.0634 5824 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
00:42:36.0731 5824 WANARP - ok
00:42:36.0745 5824 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
00:42:36.0746 5824 Wanarpv6 - ok
00:42:36.0808 5824 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
00:42:36.0920 5824 WatAdminSvc - ok
00:42:36.0972 5824 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
00:42:37.0095 5824 wbengine - ok
00:42:37.0111 5824 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
00:42:37.0119 5824 WbioSrvc - ok
00:42:37.0135 5824 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
00:42:37.0177 5824 wcncsvc - ok
00:42:37.0192 5824 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
00:42:37.0195 5824 WcsPlugInService - ok
00:42:37.0226 5824 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
00:42:37.0231 5824 Wd - ok
00:42:37.0257 5824 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
00:42:37.0294 5824 Wdf01000 - ok
00:42:37.0317 5824 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
00:42:37.0337 5824 WdiServiceHost - ok
00:42:37.0345 5824 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
00:42:37.0351 5824 WdiSystemHost - ok
00:42:37.0380 5824 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
00:42:37.0450 5824 WebClient - ok
00:42:37.0470 5824 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
00:42:37.0478 5824 Wecsvc - ok
00:42:37.0495 5824 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
00:42:37.0501 5824 wercplsupport - ok
00:42:37.0516 5824 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
00:42:37.0522 5824 WerSvc - ok
00:42:37.0553 5824 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
00:42:37.0560 5824 WfpLwf - ok
00:42:37.0612 5824 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
00:42:37.0740 5824 WimFltr - ok
00:42:37.0765 5824 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
00:42:37.0768 5824 WIMMount - ok
00:42:37.0774 5824 WinHttpAutoProxySvc - ok
00:42:37.0827 5824 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
00:42:37.0828 5824 Winmgmt - ok
00:42:37.0906 5824 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
00:42:38.0052 5824 WinRM - ok
00:42:38.0117 5824 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
00:42:38.0168 5824 Wlansvc - ok
00:42:38.0233 5824 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
00:42:38.0344 5824 wlcrasvc - ok
00:42:38.0416 5824 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
00:42:38.0538 5824 wlidsvc - ok
00:42:38.0608 5824 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
00:42:38.0619 5824 WmiAcpi - ok
00:42:38.0682 5824 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
00:42:38.0698 5824 wmiApSrv - ok
00:42:38.0735 5824 WMPNetworkSvc - ok
00:42:38.0770 5824 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
00:42:38.0783 5824 WPCSvc - ok
00:42:38.0803 5824 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
00:42:38.0882 5824 WPDBusEnum - ok
00:42:38.0907 5824 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
00:42:38.0911 5824 ws2ifsl - ok
00:42:38.0918 5824 WSearch - ok
00:42:38.0962 5824 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
00:42:38.0975 5824 wuauserv - ok
00:42:38.0996 5824 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
00:42:39.0044 5824 WudfPf - ok
00:42:39.0081 5824 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
00:42:39.0171 5824 WUDFRd - ok
00:42:39.0189 5824 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
00:42:39.0228 5824 wudfsvc - ok
00:42:39.0250 5824 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
00:42:39.0258 5824 WwanSvc - ok
00:42:39.0288 5824 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
00:42:39.0845 5824 \Device\Harddisk0\DR0 - ok
00:42:39.0852 5824 Boot (0x1200) (9976d6ff7044333af239613637284b1a) \Device\Harddisk0\DR0\Partition0
00:42:39.0855 5824 \Device\Harddisk0\DR0\Partition0 - ok
00:42:39.0891 5824 Boot (0x1200) (4c6116bae408ff5c7653fe1d2567921f) \Device\Harddisk0\DR0\Partition1
00:42:39.0893 5824 \Device\Harddisk0\DR0\Partition1 - ok
00:42:39.0894 5824 ============================================================
00:42:39.0894 5824 Scan finished
00:42:39.0894 5824 ============================================================
00:42:39.0916 2488 Detected object count: 0
00:42:39.0916 2488 Actual detected object count: 0
00:43:33.0343 4356 Deinitialize success

#5 smokey43

smokey43
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:03:25 AM

Posted 22 April 2012 - 11:55 PM

Here is the aswmbr Log

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-04-23 00:44:55
-----------------------------
00:44:55.958 OS Version: Windows x64 6.1.7601 Service Pack 1
00:44:55.958 Number of processors: 2 586 0x603
00:44:55.959 ComputerName: MORRISFAMILY-PC UserName: Morris Family
00:44:57.475 Initialize success
00:45:22.755 AVAST engine defs: 12042201
00:45:33.798 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
00:45:33.803 Disk 0 Vendor: WDC_WD5000AAKX-753CA1 19.01H19 Size: 476940MB BusType: 11
00:45:33.837 Disk 0 MBR read successfully
00:45:33.842 Disk 0 MBR scan
00:45:33.853 Disk 0 Windows VISTA default MBR code
00:45:33.860 Disk 0 Partition 1 00 DE Dell Utility DELL 4.1 39 MB offset 63
00:45:33.881 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 15166 MB offset 81920
00:45:33.906 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 461733 MB offset 31141888
00:45:33.954 Disk 0 scanning C:\Windows\system32\drivers
00:45:45.103 Service scanning
00:46:04.729 Modules scanning
00:46:04.747 Disk 0 trace - called modules:
00:46:04.759
00:46:06.633 AVAST engine scan C:\Windows
00:46:10.442 AVAST engine scan C:\Windows\system32
00:51:32.431 AVAST engine scan C:\Windows\system32\drivers
00:51:42.947 AVAST engine scan C:\Users\Morris Family
00:52:39.463 Disk 0 MBR has been saved successfully to "C:\Program Files (x86)\Mozilla Firefox\MBR.dat"
00:52:39.496 The log file has been saved successfully to "C:\Program Files (x86)\Mozilla Firefox\aswMBR.txt"

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:25 AM

Posted 23 April 2012 - 05:36 AM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

#7 smokey43

smokey43
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:03:25 AM

Posted 23 April 2012 - 09:48 PM

Scanner results

C:\Users\Morris Family\AppData\Local\Temp\trdwad.dll a variant of Win32/Kryptik.AEPV trojan cleaned by deleting (after the next restart) - quarantined
C:\Users\Morris Family\AppData\Local\Temp\is324156961\MyBabylonTB.exe Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\Users\Morris Family\Desktop\Old Computer Files\downloads\Downloads\MediaPlayerSetup.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
C:\Users\Morris Family\Desktop\Old Computer Files\downloads\Downloads\SoftonicDownloader_for_prism-video-converter.exe a variant of Win32/SoftonicDownloader.A application cleaned by deleting - quarantined
C:\Users\Morris Family\Downloads\setup-converterlite-ic-1.1.1.exe a variant of Win32/InstallCore.P application cleaned by deleting - quarantined

Mini ToolBox Results

MiniToolBox by Farbar Version: 18-01-2012
Ran by Morris Family (administrator) on 23-04-2012 at 22:47:09
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

========================= Hosts content: =================================



========================= IP Configuration: ================================

Broadcom NetLink ™ Gigabit Ethernet = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set interface interface="Local Area Connection" forwarding=disabled advertise=disabled mtu=1492 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : MorrisFamily-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : home

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet
Physical Address. . . . . . . . . : D0-67-E5-05-89-10
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::14fa:d847:f4ee:8f22%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.2(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Monday, April 23, 2012 10:37:49 PM
Lease Expires . . . . . . . . . . : Tuesday, April 24, 2012 10:37:48 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 248539109
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-4A-B3-7B-D0-67-E5-05-89-10
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.home:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: google.com
Addresses: 74.125.228.101
74.125.228.103
74.125.228.96
74.125.228.97
74.125.228.104
74.125.228.99
74.125.228.102
74.125.228.110
74.125.228.98
74.125.228.100
74.125.228.105


Pinging google.com [74.125.228.7] with 32 bytes of data:
Reply from 74.125.228.7: bytes=32 time=15ms TTL=252
Reply from 74.125.228.7: bytes=32 time=14ms TTL=252

Ping statistics for 74.125.228.7:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 14ms, Maximum = 15ms, Average = 14ms
Server: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: yahoo.com
Addresses: 209.191.122.70
72.30.38.140
98.139.183.24


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=99ms TTL=250
Reply from 72.30.38.140: bytes=32 time=127ms TTL=250

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 99ms, Maximum = 127ms, Average = 113ms
Server: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
11...d0 67 e5 05 89 10 ......Broadcom NetLink ™ Gigabit Ethernet
1...........................Software Loopback Interface 1
12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
13...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.2 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.2 276
192.168.1.2 255.255.255.255 On-link 192.168.1.2 276
192.168.1.255 255.255.255.255 On-link 192.168.1.2 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.2 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.2 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
11 276 fe80::/64 On-link
11 276 fe80::14fa:d847:f4ee:8f22/128
On-link
1 306 ff00::/8 On-link
11 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SYSWOW64\icf.dll [299024] (McAfee, Inc.)
Catalog9 02 C:\Windows\SYSWOW64\icf.dll [299024] (McAfee, Inc.)
Catalog9 03 C:\Windows\SYSWOW64\icf.dll [299024] (McAfee, Inc.)
Catalog9 04 C:\Windows\SYSWOW64\icf.dll [299024] (McAfee, Inc.)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\SYSWOW64\icf.dll [299024] (McAfee, Inc.)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\icf.dll [335376] (McAfee, Inc.)
x64-Catalog9 02 C:\Windows\System32\icf.dll [335376] (McAfee, Inc.)
x64-Catalog9 03 C:\Windows\System32\icf.dll [335376] (McAfee, Inc.)
x64-Catalog9 04 C:\Windows\System32\icf.dll [335376] (McAfee, Inc.)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 12 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 13 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 14 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 15 C:\Windows\System32\icf.dll [335376] (McAfee, Inc.)

========================= Event log errors: ===============================

Application errors:
==================
Error: (04/23/2012 10:39:35 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/23/2012 10:31:33 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (04/23/2012 09:24:54 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (04/23/2012 09:24:47 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (04/23/2012 09:17:59 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/23/2012 08:01:31 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/23/2012 07:11:18 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/23/2012 01:44:13 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/22/2012 08:10:15 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/22/2012 06:41:04 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="X86",publicKeyToken="6595b64144ccf1df",type="win64",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="X86",publicKeyToken="6595b64144ccf1df",type="win64",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.


System errors:
=============
Error: (04/23/2012 10:40:37 PM) (Source: Service Control Manager) (User: )
Description: The McAfee Personal Firewall Service service depends the following service: MpsSvc. This service might not be installed.

Error: (04/23/2012 10:40:37 PM) (Source: Service Control Manager) (User: )
Description: The McAfee Personal Firewall Service service depends the following service: MpsSvc. This service might not be installed.

Error: (04/23/2012 10:38:30 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Listener service terminated with service-specific error %%-2147023143.

Error: (04/23/2012 10:38:00 PM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

Error: (04/23/2012 10:37:57 PM) (Source: Service Control Manager) (User: )
Description: The McAfee Personal Firewall Service service depends the following service: MpsSvc. This service might not be installed.

Error: (04/23/2012 10:37:57 PM) (Source: Service Control Manager) (User: )
Description: The lxdiCATSCustConnectService service failed to start due to the following error:
%%1053

Error: (04/23/2012 10:37:57 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the lxdiCATSCustConnectService service to connect.

Error: (04/23/2012 10:37:57 PM) (Source: Service Control Manager) (User: )
Description: The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

Error: (04/23/2012 10:37:54 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (04/23/2012 09:19:07 PM) (Source: Service Control Manager) (User: )
Description: The McAfee Personal Firewall Service service depends the following service: MpsSvc. This service might not be installed.


Microsoft Office Sessions:
=========================
Error: (04/23/2012 10:39:35 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/23/2012 10:31:33 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Morris Family\Downloads\esetsmartinstaller_enu.exe

Error: (04/23/2012 09:24:54 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Morris Family\Downloads\esetsmartinstaller_enu.exe

Error: (04/23/2012 09:24:47 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Morris Family\Downloads\esetsmartinstaller_enu.exe

Error: (04/23/2012 09:17:59 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/23/2012 08:01:31 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/23/2012 07:11:18 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/23/2012 01:44:13 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/22/2012 08:10:15 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/22/2012 06:41:04 PM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="X86",publicKeyToken="6595b64144ccf1df",type="win64",version="6.0.0.0"C:\Windows\system32\L6DriverControlPanel.cpl


=========================== Installed Programs ============================

Adobe Flash Player 11 ActiveX 64-bit (Version: 11.2.202.233)
Adobe Flash Player 11 Plugin 64-bit (Version: 11.2.202.233)
Adobe Reader X (10.1.3) MUI (Version: 10.1.3)
Apple Application Support (Version: 2.1.5)
Apple Software Update (Version: 2.1.3.127)
ATI Catalyst Control Center (Version: 2.009.0714.2131)
AudioBox VSL version 1.0 (Version: 1.0)
Bejeweled 2 Deluxe (Version: 2.2.0.95)
BestPractice (remove only)
Bigasoft Total Video Converter 3.6.13.4455
Blackhawk Striker 2 (Version: 2.2.0.95)
Bounce Symphony (Version: 2.2.0.95)
Build-a-lot 2 (Version: 2.2.0.95)
Cake Mania (Version: 2.2.0.95)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2009.0714.2132.36830)
Catalyst Control Center Graphics Full Existing (Version: 2009.0714.2132.36830)
Catalyst Control Center Graphics Full New (Version: 2009.0714.2132.36830)
Catalyst Control Center Graphics Light (Version: 2009.0714.2132.36830)
Catalyst Control Center Graphics Previews Common (Version: 2009.0714.2132.36830)
Catalyst Control Center Graphics Previews Vista (Version: 2009.0714.2132.36830)
Catalyst Control Center InstallProxy (Version: 2009.0714.2132.36830)
Catalyst Control Center Localization All (Version: 2009.0714.2132.36830)
ccc-core-static (Version: 2009.0714.2132.36830)
ccc-utility64 (Version: 2009.0714.2132.36830)
CCC Help Chinese Standard (Version: 2009.0714.2131.36830)
CCC Help Chinese Traditional (Version: 2009.0714.2131.36830)
CCC Help Czech (Version: 2009.0714.2131.36830)
CCC Help Danish (Version: 2009.0714.2131.36830)
CCC Help Dutch (Version: 2009.0714.2131.36830)
CCC Help English (Version: 2009.0714.2131.36830)
CCC Help Finnish (Version: 2009.0714.2131.36830)
CCC Help French (Version: 2009.0714.2131.36830)
CCC Help German (Version: 2009.0714.2131.36830)
CCC Help Greek (Version: 2009.0714.2131.36830)
CCC Help Hungarian (Version: 2009.0714.2131.36830)
CCC Help Italian (Version: 2009.0714.2131.36830)
CCC Help Japanese (Version: 2009.0714.2131.36830)
CCC Help Korean (Version: 2009.0714.2131.36830)
CCC Help Norwegian (Version: 2009.0714.2131.36830)
CCC Help Polish (Version: 2009.0714.2131.36830)
CCC Help Portuguese (Version: 2009.0714.2131.36830)
CCC Help Russian (Version: 2009.0714.2131.36830)
CCC Help Spanish (Version: 2009.0714.2131.36830)
CCC Help Swedish (Version: 2009.0714.2131.36830)
CCC Help Thai (Version: 2009.0714.2131.36830)
CCC Help Turkish (Version: 2009.0714.2131.36830)
Chuzzle Deluxe (Version: 2.2.0.95)
ConverterLite 1.1.1 (Version: 1.1.1)
Cradle of Egypt Premium Edition
CWA Reminder by We-Care.com v4.0.16.3 (Version: 4.0.16.3)
D3DX10 (Version: 15.4.2368.0902)
Dell DataSafe Local Backup - Support Software (Version: 9.4.60)
Dell DataSafe Local Backup (Version: 9.4.60)
Dell Digital Delivery (Version: 2.0.1012.0)
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell Marketplace Webslice IE8 (Version: 8.0)
Dell MusicStage (Version: 1.5.201.0)
Dell PhotoStage (Version: 1.5.0.65)
Dell Stage (Version: 1.7.209.0)
Dell Support Center (Version: 3.1.5907.39)
Dell VideoStage (Version: 1.2.0.1712)
DigiTech RP150 Drivers (Version: 2.1.0)
DigiTech X-Edit 2.4.1 (Version: 2.4.1.2)
Diner Dash 2 Restaurant Rescue (Version: 2.2.0.95)
DirectX 9 Runtime (Version: 1.00.0000)
Dora's World Adventure (Version: 2.2.0.95)
eBay (Version: 1.4.0)
Escape Whisper Valley ™ (Version: 2.2.0.95)
ESET Online Scanner v3
EZdrummer Lite Installer (Version: 1.1.4)
EZXCocktail (Version: 1.2)
Family Protection (Version: 1.1.420)
Farm Frenzy (Version: 2.2.0.95)
FATE (Version: 2.2.0.95)
Final Drive Fury (Version: 2.2.0.95)
Final Drive Nitro (Version: 2.2.0.95)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.3.2710.138)
Google Update Helper (Version: 1.3.21.111)
GoToAssist 8.0.0.514
Guitar Pro 6
IHA_MessageCenter (Version: 1.8.8)
Internet Explorer (Version: 8)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 27 (64-bit) (Version: 6.0.270)
Java™ 6 Update 29 (Version: 6.0.290)
Jewel Quest (Version: 2.2.0.95)
Jewel Quest Solitaire 2 (Version: 2.2.0.95)
Junk Mail filter update (Version: 15.4.3502.0922)
Lexmark 3500-4500 Series
Line 6 Uninstaller (Version: )
Luxor (Version: 2.2.0.95)
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
Melodyne Runtime 4.1 (x64) (Version: 1.0.0)
Melodyne singletrack (Version: 1.03.0048)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - English (Version: 14.0.4763.1000)
Microsoft Silverlight (Version: 4.1.10111.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Movie DVD Copy 1.3.3
Mozilla Firefox 11.0 (x86 en-US) (Version: 11.0)
MP3 Converter Simple (Version: MP3 Converter Simple)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0)
Namco All-Stars PAC-MAN (Version: 2.2.0.95)
Native Instruments Abbey Road 60s Drums Vintage (Version: 1.0.0.001)
Native Instruments Controller Editor (Version: 1.4.3.891)
Native Instruments Guitar Rig 3 (Version: 3.2.1.004)
Native Instruments Guitar Rig 4 (Version: 4.2.2.2564)
Native Instruments Guitar Rig 5 (Version: 5.1.0.2645)
Native Instruments Guitar Rig Mobile I/O (Version: 3.0.0.625)
Native Instruments Guitar Rig Session I/O (Version: 3.0.0.625)
Native Instruments Komplete 7 Players (Version: 7.0.0.002)
Native Instruments Komplete Elements (Version: 7.0.0.001)
Native Instruments Kontakt 4 (Version: 4.2.4.5316)
Native Instruments Kontakt Elements Selection R2 (Version: 1.0.0.002)
Native Instruments Kontakt Factory Selection (Version: 1.0.0.011)
Native Instruments Kore Player (Version: 2.1.4.8325)
Native Instruments Reaktor 5 (Version: 5.6.2.11367)
Native Instruments Reaktor Elements Selection (Version: 1.0.0.002)
Native Instruments Reaktor Factory Selection (Version: 1.0.0.000)
Native Instruments Reaktor Spark R2 (Version: 1.1.0.006)
Native Instruments Rig Kontrol 3 (Version: 3.0.0.625)
Native Instruments Service Center (Version: 2.3.2.926)
Native Instruments Skanner (Version: 1.0.0.005)
Penguins! (Version: 2.2.0.95)
PhotoShowExpress (Version: 2.0.063)
Plants vs. Zombies - Game of the Year (Version: 2.2.0.95)
Poker Superstars III (Version: 2.2.0.95)
Polar Bowler (Version: 2.2.0.95)
Polar Golfer (Version: 2.2.0.95)
PreSonus Studio One 2 x64 (Version: 2.0.4.17496)
QuickTime (Version: 7.71.80.42)
RBVirtualFolder64Inst (Version: 1.00.0000)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer
Realtek High Definition Audio Driver (Version: 6.0.1.5977)
RealUpgrade 1.1 (Version: 1.1.0)
REAPER (x64)
Redist (Version: 3.00.0000)
Roxio Activation Module (Version: 1.0)
Roxio BackOnTrack (Version: 1.3.3)
Roxio Burn (Version: 1.8)
Roxio Creator Starter (Version: 1.0.439)
Roxio Creator Starter (Version: 12.1.77.0)
Roxio Creator Starter (Version: 5.0.0)
Roxio Express Labeler 3 (Version: 3.2.2)
Roxio File Backup (Version: 1.3.2)
Samantha Swift (Version: 2.2.0.95)
Skins (Version: 2009.0714.2132.36830)
Skype Toolbars (Version: 1.0.4051)
Skype™ 4.2 (Version: 4.2.169)
Sonic CinePlayer Decoder Pack (Version: 4.3.0)
Toontrack solo (Version: 1.2.2)
TrustedID (Version: 5.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update Installer for WildTangent Games App
Verizon Download Manager (Version: 16)
Verizon Internet Security Suite (Version: 11.0.654)
Verizon Media Manager (Version: 9.5.93)
VideoPad Video Editor
Virtual Villagers 4 - The Tree of Life (Version: 2.2.0.95)
Vz In Home Agent (Version: 8.03.53)
Wedding Dash - Ready, Aim, Love! (Version: 2.2.0.95)
WildTangent Games (Version: 1.0.2.5)
WildTangent Games App (Dell Games) (Version: 4.0.5.2)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3508.1109)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Movie Maker 2.6 (Version: 2.6.4037.0)
Zuma Deluxe (Version: 2.2.0.95)

========================= Memory info: ===================================

Percentage of memory in use: 35%
Total physical RAM: 3838.98 MB
Available physical RAM: 2467.54 MB
Total Pagefile: 7675.17 MB
Available Pagefile: 5607.56 MB
Total Virtual: 4095.88 MB
Available Virtual: 3968.48 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:450.91 GB) (Free:309.9 GB) NTFS

========================= Users: ========================================

User accounts for \\MORRISFAMILY-PC

Administrator Guest Morris Family


**** End of log ****

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:25 AM

Posted 23 April 2012 - 10:54 PM

To be on safer side before running registry fixes i would suggest you to

Download

http://www.snapfiles.com/get/erunt.html

Install it and backup your registry to C:/Windows/erdnt

Now Download the registry files

http://www.mediafire.com/?317ea53a883288d

http://www.mediafire.com/?z6aw8j7997qa7j9

http://www.mediafire.com/?uo36rkbqarxd618

http://www.mediafire.com/?vujckeuo1repw9v

Download these files

Launch them one by one,click YES when you get a prompt


If it opens as a notepad,right click on them

Click on OPEN WITH

Click on BROWSE

navigate to C:/WINDOWS and select REGEDIT and click ok

Now you should get a UAC prompt,click YES

Restart your PC

Now,press windows+R key and type

regedit and click ok

go to

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE

Right click on it-permissions

Click on ADD and type

Everyone and click ok

Now Click on Everyone

Below you have permission for users

Select full control and click ok


Now,press Windows+R key and type

services.msc and click ok

start base filtering engine service and then windows firewall service

Post the new FSS log

Good luck

#9 smokey43

smokey43
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:03:25 AM

Posted 23 April 2012 - 11:15 PM

New FSS LOG

Farbar Service Scanner Version: 16-04-2012
Ran by Morris Family (administrator) on 24-04-2012 at 00:14:55
Running from "C:\Users\Morris Family\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#10 smokey43

smokey43
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:03:25 AM

Posted 23 April 2012 - 11:23 PM

Also since doing the ESET scan , when I reboot I see this box pop up and it says,

There was a problem starting
C:/Users/Morris~1/appdata/local/temp/trdwad.dll
The specified module could not be found

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:25 AM

Posted 24 April 2012 - 10:02 AM

Download

http://download.sysinternals.com/files/Autoruns.zip

Extract and launch it,allow it to scan

Now click on FILE-SAVE AS

Autoruns.txt

and upload the text file to www.filedropper.com and post the link here

good luck

#12 smokey43

smokey43
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:03:25 AM

Posted 24 April 2012 - 06:13 PM

here is the link
http://www.filedropper.com/autoruns

or it gave this option as an embedded option not sure so I post both

<a href=http://www.filedropper.com/autoruns><img src=http://www.filedropper.com/download_button.png width=127 height=145 border=0/></a><br /><div style=font-size:9px;font-family:Arial, Helvetica, sans-serif;width:127px;font-color:#44a854;> <a href=http://www.filedropper.com >file backup online</a></div>

Edited by smokey43, 24 April 2012 - 06:14 PM.


#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:25 AM

Posted 24 April 2012 - 06:22 PM

Launch autoruns


"HKCU\Software\Microsoft\Windows\CurrentVersion\Run"

Uncheck this entry

"trdwad" "File not found: C:\Users\MORRIS~1\AppData\Local\Temp\trdwad.dll"

restart the PC and check if you still have issues

good luck

Edited by narenxp, 24 April 2012 - 06:23 PM.


#14 smokey43

smokey43
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:03:25 AM

Posted 24 April 2012 - 06:31 PM

great that error no longer appears. Does this mean I'm in good shape now??

#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:25 AM

Posted 24 April 2012 - 07:17 PM

That looks good

Download

TFC


Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp


Update your antivirus frequently,do not click on suspicious links

Safe surfing :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users