Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Computer would not start, now errors


  • Please log in to reply
29 replies to this topic

#1 kadh2000

kadh2000

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:36 PM

Posted 12 July 2012 - 10:46 AM

Hi,

My daughter was using the computer to surf the internet and apparently picked up a virus or two. The system failed to boot. Windows startup repair was able to get me on. I did a scan with norton 360 which removed two viruses (It doesn't say which ones). Then I started to receive an error message from Norton whenever I turned the computer on: error 5013 3. Their website said to turn on the base filtering engine. I got error code 5: access is denied. Following instructions on their website, I added a user category everyone to the appropriate registry key and gave it full permissions and enabled the base filtering engine. This did enable the BFE, but did not remove the error. They next sent me to microsoft to reinstall the BFE. There it was suggested to run the bootrec tool, which looks rather scary when you're not sure what you're doing. Instead I came here. Help.
"Cry woe, destruction, ruin, loss, decay;
The worst is Kadh, and Kadh will have his day!"

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:36 PM

Posted 12 July 2012 - 12:56 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)



Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 kadh2000

kadh2000
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:36 PM

Posted 12 July 2012 - 04:48 PM

Here are the results.

tdsskiller:

16:34:46.0696 1016 TDSS rootkit removing tool 2.7.45.0 Jul 9 2012 12:46:35
16:34:46.0935 1016 ============================================================
16:34:46.0935 1016 Current date / time: 2012/07/12 16:34:46.0935
16:34:46.0935 1016 SystemInfo:
16:34:46.0935 1016
16:34:46.0935 1016 OS Version: 6.1.7601 ServicePack: 1.0
16:34:46.0935 1016 Product type: Workstation
16:34:46.0935 1016 ComputerName: FISHWICKE
16:34:46.0935 1016 UserName: Kathy
16:34:46.0935 1016 Windows directory: C:\Windows
16:34:46.0935 1016 System windows directory: C:\Windows
16:34:46.0935 1016 Running under WOW64
16:34:46.0935 1016 Processor architecture: Intel x64
16:34:46.0935 1016 Number of processors: 6
16:34:46.0935 1016 Page size: 0x1000
16:34:46.0935 1016 Boot type: Normal boot
16:34:46.0935 1016 ============================================================
16:34:54.0376 1016 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:34:54.0392 1016 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB5E00 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
16:34:54.0438 1016 ============================================================
16:34:54.0438 1016 \Device\Harddisk0\DR0:
16:34:54.0454 1016 MBR partitions:
16:34:54.0454 1016 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x152D000
16:34:54.0454 1016 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1541000, BlocksNum 0x731C5000
16:34:54.0454 1016 \Device\Harddisk1\DR1:
16:34:54.0454 1016 MBR partitions:
16:34:54.0454 1016 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705981
16:34:54.0454 1016 ============================================================
16:34:54.0532 1016 C: <-> \Device\Harddisk0\DR0\Partition1
16:34:54.0548 1016 I: <-> \Device\Harddisk1\DR1\Partition0
16:34:54.0548 1016 ============================================================
16:34:54.0548 1016 Initialize success
16:34:54.0548 1016 ============================================================
16:35:33.0249 4392 ============================================================
16:35:33.0249 4392 Scan started
16:35:33.0249 4392 Mode: Manual; TDLFS;
16:35:33.0249 4392 ============================================================
16:35:35.0027 4392 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
16:35:35.0027 4392 1394ohci - ok
16:35:35.0058 4392 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
16:35:35.0058 4392 ACPI - ok
16:35:35.0074 4392 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
16:35:35.0074 4392 AcpiPmi - ok
16:35:35.0168 4392 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:35:35.0168 4392 AdobeFlashPlayerUpdateSvc - ok
16:35:35.0230 4392 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
16:35:35.0230 4392 adp94xx - ok
16:35:35.0230 4392 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
16:35:35.0230 4392 adpahci - ok
16:35:35.0246 4392 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
16:35:35.0246 4392 adpu320 - ok
16:35:35.0277 4392 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
16:35:35.0277 4392 AeLookupSvc - ok
16:35:35.0324 4392 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
16:35:35.0324 4392 AFD - ok
16:35:35.0355 4392 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
16:35:35.0355 4392 agp440 - ok
16:35:35.0370 4392 ahcix64s (af53917d9741a84627fa689ea622558a) C:\Windows\system32\DRIVERS\ahcix64s.sys
16:35:35.0370 4392 ahcix64s - ok
16:35:35.0386 4392 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
16:35:35.0386 4392 ALG - ok
16:35:35.0402 4392 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
16:35:35.0402 4392 aliide - ok
16:35:35.0448 4392 AMD External Events Utility (f0e61cf2c0fda5b011cd1cb2e2353c9a) C:\Windows\system32\atiesrxx.exe
16:35:35.0448 4392 AMD External Events Utility - ok
16:35:35.0511 4392 AMDFusionSVC (b2b7d8f695b5d97a63eda789e9d237e1) c:\Program Files (x86)\AMD\AMD Fusion Utility for Desktops\FusionSVC.exe
16:35:35.0511 4392 AMDFusionSVC - ok
16:35:35.0526 4392 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
16:35:35.0526 4392 amdide - ok
16:35:35.0542 4392 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
16:35:35.0542 4392 AmdK8 - ok
16:35:35.0714 4392 amdkmdag (cf3db4d8b2ce0b282ab39c9d846eca74) C:\Windows\system32\DRIVERS\atikmdag.sys
16:35:35.0745 4392 amdkmdag - ok
16:35:35.0823 4392 amdkmdap (7d07db26f6d3a16a6c8d34ce6c09fd01) C:\Windows\system32\DRIVERS\atikmpag.sys
16:35:35.0823 4392 amdkmdap - ok
16:35:35.0838 4392 AmdLLD64 (c27e46c19d5a48ca02c11e3c9b58f4c1) C:\Windows\system32\DRIVERS\AmdLLD64.sys
16:35:35.0838 4392 AmdLLD64 - ok
16:35:35.0854 4392 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
16:35:35.0870 4392 AmdPPM - ok
16:35:35.0901 4392 amdsata (53d8d46d51d390abdb54eca623165cb7) C:\Windows\system32\DRIVERS\amdsata.sys
16:35:35.0901 4392 amdsata - ok
16:35:35.0901 4392 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
16:35:35.0901 4392 amdsbs - ok
16:35:35.0916 4392 amdxata (75c51148154e34eb3d7bb84749a758d5) C:\Windows\system32\DRIVERS\amdxata.sys
16:35:35.0916 4392 amdxata - ok
16:35:35.0932 4392 AMD_RAIDXpert (b01289cc07a2e21c4efca722d1efb243) C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
16:35:35.0932 4392 AMD_RAIDXpert - ok
16:35:35.0948 4392 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
16:35:35.0948 4392 AppID - ok
16:35:35.0979 4392 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
16:35:35.0979 4392 AppIDSvc - ok
16:35:35.0994 4392 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
16:35:35.0994 4392 Appinfo - ok
16:35:36.0197 4392 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:35:36.0213 4392 Apple Mobile Device - ok
16:35:36.0244 4392 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
16:35:36.0244 4392 arc - ok
16:35:36.0244 4392 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
16:35:36.0260 4392 arcsas - ok
16:35:36.0322 4392 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:35:36.0322 4392 aspnet_state - ok
16:35:36.0338 4392 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
16:35:36.0338 4392 AsyncMac - ok
16:35:36.0353 4392 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
16:35:36.0353 4392 atapi - ok
16:35:36.0400 4392 AtiHdmiService (637e0753bd6deb8ea5314a5c357ec1a0) C:\Windows\system32\drivers\AtiHdmi.sys
16:35:36.0400 4392 AtiHdmiService - ok
16:35:36.0447 4392 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
16:35:36.0462 4392 AudioEndpointBuilder - ok
16:35:36.0462 4392 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
16:35:36.0462 4392 AudioSrv - ok
16:35:36.0494 4392 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
16:35:36.0494 4392 AxInstSV - ok
16:35:36.0525 4392 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
16:35:36.0525 4392 b06bdrv - ok
16:35:36.0556 4392 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
16:35:36.0556 4392 b57nd60a - ok
16:35:36.0587 4392 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
16:35:36.0587 4392 BDESVC - ok
16:35:36.0587 4392 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
16:35:36.0587 4392 Beep - ok
16:35:36.0634 4392 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
16:35:36.0650 4392 BFE - ok
16:35:36.0821 4392 BHDrvx64 (c8ab71a5102d0fc103f6dfc750005137) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\BASHDefs\20120711.002\BHDrvx64.sys
16:35:36.0837 4392 BHDrvx64 - ok
16:35:36.0930 4392 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
16:35:36.0930 4392 BITS - ok
16:35:36.0977 4392 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
16:35:36.0977 4392 blbdrive - ok
16:35:37.0055 4392 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
16:35:37.0071 4392 Bonjour Service - ok
16:35:37.0102 4392 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
16:35:37.0118 4392 bowser - ok
16:35:37.0133 4392 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:35:37.0133 4392 BrFiltLo - ok
16:35:37.0149 4392 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:35:37.0149 4392 BrFiltUp - ok
16:35:37.0180 4392 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
16:35:37.0180 4392 Browser - ok
16:35:37.0196 4392 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
16:35:37.0196 4392 Brserid - ok
16:35:37.0211 4392 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
16:35:37.0211 4392 BrSerWdm - ok
16:35:37.0211 4392 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
16:35:37.0211 4392 BrUsbMdm - ok
16:35:37.0227 4392 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
16:35:37.0227 4392 BrUsbSer - ok
16:35:37.0227 4392 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
16:35:37.0227 4392 BTHMODEM - ok
16:35:37.0258 4392 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
16:35:37.0258 4392 bthserv - ok
16:35:37.0258 4392 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
16:35:37.0258 4392 cdfs - ok
16:35:37.0305 4392 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
16:35:37.0320 4392 cdrom - ok
16:35:37.0336 4392 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
16:35:37.0336 4392 CertPropSvc - ok
16:35:37.0336 4392 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
16:35:37.0336 4392 circlass - ok
16:35:37.0367 4392 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
16:35:37.0367 4392 CLFS - ok
16:35:37.0414 4392 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:35:37.0414 4392 clr_optimization_v2.0.50727_32 - ok
16:35:37.0445 4392 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:35:37.0445 4392 clr_optimization_v2.0.50727_64 - ok
16:35:37.0523 4392 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:35:37.0523 4392 clr_optimization_v4.0.30319_32 - ok
16:35:37.0554 4392 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:35:37.0554 4392 clr_optimization_v4.0.30319_64 - ok
16:35:37.0570 4392 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
16:35:37.0570 4392 CmBatt - ok
16:35:37.0586 4392 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
16:35:37.0586 4392 cmdide - ok
16:35:37.0648 4392 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
16:35:37.0648 4392 CNG - ok
16:35:37.0664 4392 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
16:35:37.0664 4392 Compbatt - ok
16:35:37.0710 4392 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
16:35:37.0710 4392 CompositeBus - ok
16:35:37.0726 4392 COMSysApp - ok
16:35:37.0726 4392 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
16:35:37.0726 4392 crcdisk - ok
16:35:37.0773 4392 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
16:35:37.0773 4392 CryptSvc - ok
16:35:37.0804 4392 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
16:35:37.0820 4392 DcomLaunch - ok
16:35:37.0913 4392 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
16:35:37.0913 4392 defragsvc - ok
16:35:37.0944 4392 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
16:35:37.0944 4392 DfsC - ok
16:35:37.0991 4392 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
16:35:37.0991 4392 Dhcp - ok
16:35:38.0007 4392 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
16:35:38.0007 4392 discache - ok
16:35:38.0022 4392 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
16:35:38.0022 4392 Disk - ok
16:35:38.0038 4392 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
16:35:38.0038 4392 Dnscache - ok
16:35:38.0085 4392 DockLoginService - ok
16:35:38.0132 4392 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
16:35:38.0147 4392 dot3svc - ok
16:35:38.0163 4392 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
16:35:38.0178 4392 DPS - ok
16:35:38.0194 4392 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
16:35:38.0210 4392 drmkaud - ok
16:35:38.0272 4392 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
16:35:38.0288 4392 DXGKrnl - ok
16:35:38.0303 4392 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
16:35:38.0303 4392 EapHost - ok
16:35:38.0412 4392 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
16:35:38.0428 4392 ebdrv - ok
16:35:38.0490 4392 eeCtrl (ba6420c1f7070ed8f1ba372844f3e1ec) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
16:35:38.0506 4392 eeCtrl - ok
16:35:38.0568 4392 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
16:35:38.0584 4392 EFS - ok
16:35:38.0600 4392 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
16:35:38.0615 4392 ehRecvr - ok
16:35:38.0631 4392 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
16:35:38.0631 4392 ehSched - ok
16:35:38.0678 4392 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
16:35:38.0678 4392 elxstor - ok
16:35:38.0709 4392 EraserUtilRebootDrv (1343df3451bc0c442dc69837c6fba21b) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
16:35:38.0709 4392 EraserUtilRebootDrv - ok
16:35:38.0740 4392 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
16:35:38.0740 4392 ErrDev - ok
16:35:38.0802 4392 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
16:35:38.0802 4392 EventSystem - ok
16:35:38.0880 4392 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
16:35:38.0880 4392 exfat - ok
16:35:38.0912 4392 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
16:35:38.0912 4392 fastfat - ok
16:35:38.0974 4392 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
16:35:38.0974 4392 Fax - ok
16:35:38.0974 4392 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
16:35:38.0974 4392 fdc - ok
16:35:39.0005 4392 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
16:35:39.0021 4392 fdPHost - ok
16:35:39.0021 4392 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
16:35:39.0021 4392 FDResPub - ok
16:35:39.0036 4392 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
16:35:39.0052 4392 FileInfo - ok
16:35:39.0068 4392 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
16:35:39.0068 4392 Filetrace - ok
16:35:39.0130 4392 FLEXnet Licensing Service (8669be94f63944e4f899c3950b520241) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
16:35:39.0146 4392 FLEXnet Licensing Service - ok
16:35:39.0161 4392 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
16:35:39.0161 4392 flpydisk - ok
16:35:39.0192 4392 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
16:35:39.0192 4392 FltMgr - ok
16:35:39.0270 4392 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
16:35:39.0286 4392 FontCache - ok
16:35:39.0333 4392 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:35:39.0333 4392 FontCache3.0.0.0 - ok
16:35:39.0364 4392 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
16:35:39.0380 4392 FsDepends - ok
16:35:39.0411 4392 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
16:35:39.0411 4392 fssfltr - ok
16:35:39.0520 4392 fsssvc (4ce9dac1518ff7e77bd213e6394b9d77) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
16:35:39.0520 4392 fsssvc - ok
16:35:39.0629 4392 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
16:35:39.0629 4392 Fs_Rec - ok
16:35:39.0645 4392 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
16:35:39.0660 4392 fvevol - ok
16:35:39.0676 4392 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
16:35:39.0676 4392 gagp30kx - ok
16:35:39.0692 4392 GEARAspiWDM (af4dee5531395dee72b35b36c9671fd0) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:35:39.0707 4392 GEARAspiWDM - ok
16:35:39.0754 4392 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
16:35:39.0754 4392 gpsvc - ok
16:35:39.0754 4392 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
16:35:39.0754 4392 hcw85cir - ok
16:35:39.0785 4392 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
16:35:39.0785 4392 HDAudBus - ok
16:35:39.0801 4392 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
16:35:39.0801 4392 HidBatt - ok
16:35:39.0832 4392 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
16:35:39.0832 4392 HidBth - ok
16:35:39.0832 4392 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
16:35:39.0832 4392 HidIr - ok
16:35:39.0848 4392 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
16:35:39.0848 4392 hidserv - ok
16:35:39.0863 4392 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
16:35:39.0863 4392 HidUsb - ok
16:35:39.0894 4392 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
16:35:39.0894 4392 hkmsvc - ok
16:35:39.0926 4392 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
16:35:39.0926 4392 HomeGroupListener - ok
16:35:39.0941 4392 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
16:35:39.0941 4392 HomeGroupProvider - ok
16:35:39.0957 4392 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
16:35:39.0957 4392 HpSAMD - ok
16:35:39.0988 4392 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
16:35:40.0004 4392 HTTP - ok
16:35:40.0035 4392 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
16:35:40.0035 4392 hwpolicy - ok
16:35:40.0050 4392 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
16:35:40.0050 4392 i8042prt - ok
16:35:40.0082 4392 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
16:35:40.0082 4392 iaStorV - ok
16:35:40.0144 4392 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:35:40.0144 4392 idsvc - ok
16:35:40.0331 4392 IDSVia64 (ce0bf35c79e03bb89da6b14fac838605) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\IPSDefs\20120711.001\IDSvia64.sys
16:35:40.0331 4392 IDSVia64 - ok
16:35:40.0394 4392 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
16:35:40.0409 4392 iirsp - ok
16:35:40.0456 4392 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
16:35:40.0472 4392 IKEEXT - ok
16:35:40.0581 4392 IntcAzAudAddService (52d9171838bb92319f23656f502916e9) C:\Windows\system32\drivers\RTKVHD64.sys
16:35:40.0596 4392 IntcAzAudAddService - ok
16:35:40.0674 4392 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
16:35:40.0674 4392 intelide - ok
16:35:40.0690 4392 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
16:35:40.0706 4392 intelppm - ok
16:35:40.0752 4392 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
16:35:40.0752 4392 IPBusEnum - ok
16:35:40.0768 4392 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:35:40.0768 4392 IpFilterDriver - ok
16:35:40.0799 4392 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
16:35:40.0799 4392 IPMIDRV - ok
16:35:40.0815 4392 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
16:35:40.0815 4392 IPNAT - ok
16:35:40.0908 4392 iPod Service (a9ab99ee7d39725eafec82732d2b3271) C:\Program Files\iPod\bin\iPodService.exe
16:35:40.0908 4392 iPod Service - ok
16:35:40.0924 4392 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
16:35:40.0924 4392 IRENUM - ok
16:35:40.0940 4392 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
16:35:40.0940 4392 isapnp - ok
16:35:40.0955 4392 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
16:35:40.0955 4392 iScsiPrt - ok
16:35:40.0986 4392 k57nd60a (9d7ea8c7215d8d4ae7be110eee61085d) C:\Windows\system32\DRIVERS\k57nd60a.sys
16:35:40.0986 4392 k57nd60a - ok
16:35:41.0002 4392 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
16:35:41.0002 4392 kbdclass - ok
16:35:41.0049 4392 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
16:35:41.0049 4392 kbdhid - ok
16:35:41.0064 4392 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:35:41.0064 4392 KeyIso - ok
16:35:41.0096 4392 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
16:35:41.0096 4392 KSecDD - ok
16:35:41.0096 4392 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
16:35:41.0096 4392 KSecPkg - ok
16:35:41.0111 4392 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
16:35:41.0111 4392 ksthunk - ok
16:35:41.0142 4392 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
16:35:41.0142 4392 KtmRm - ok
16:35:41.0205 4392 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
16:35:41.0205 4392 LanmanServer - ok
16:35:41.0220 4392 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
16:35:41.0220 4392 LanmanWorkstation - ok
16:35:41.0298 4392 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
16:35:41.0298 4392 lltdio - ok
16:35:41.0330 4392 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
16:35:41.0330 4392 lltdsvc - ok
16:35:41.0345 4392 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
16:35:41.0345 4392 lmhosts - ok
16:35:41.0392 4392 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
16:35:41.0392 4392 LSI_FC - ok
16:35:41.0392 4392 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
16:35:41.0392 4392 LSI_SAS - ok
16:35:41.0423 4392 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:35:41.0423 4392 LSI_SAS2 - ok
16:35:41.0439 4392 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:35:41.0439 4392 LSI_SCSI - ok
16:35:41.0439 4392 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
16:35:41.0454 4392 luafv - ok
16:35:41.0486 4392 McAfee SiteAdvisor Service - ok
16:35:41.0532 4392 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
16:35:41.0532 4392 Mcx2Svc - ok
16:35:41.0548 4392 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
16:35:41.0548 4392 megasas - ok
16:35:41.0564 4392 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
16:35:41.0564 4392 MegaSR - ok
16:35:41.0564 4392 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:35:41.0564 4392 MMCSS - ok
16:35:41.0579 4392 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
16:35:41.0579 4392 Modem - ok
16:35:41.0595 4392 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
16:35:41.0595 4392 monitor - ok
16:35:41.0610 4392 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
16:35:41.0610 4392 mouclass - ok
16:35:41.0626 4392 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
16:35:41.0626 4392 mouhid - ok
16:35:41.0642 4392 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
16:35:41.0642 4392 mountmgr - ok
16:35:41.0704 4392 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:35:41.0704 4392 MozillaMaintenance - ok
16:35:41.0720 4392 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
16:35:41.0720 4392 mpio - ok
16:35:41.0735 4392 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
16:35:41.0735 4392 mpsdrv - ok
16:35:41.0766 4392 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
16:35:41.0766 4392 MRxDAV - ok
16:35:41.0798 4392 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
16:35:41.0798 4392 mrxsmb - ok
16:35:41.0813 4392 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:35:41.0813 4392 mrxsmb10 - ok
16:35:41.0844 4392 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:35:41.0844 4392 mrxsmb20 - ok
16:35:41.0844 4392 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
16:35:41.0844 4392 msahci - ok
16:35:41.0860 4392 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
16:35:41.0860 4392 msdsm - ok
16:35:41.0891 4392 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
16:35:41.0891 4392 MSDTC - ok
16:35:41.0907 4392 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
16:35:41.0907 4392 Msfs - ok
16:35:41.0922 4392 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
16:35:41.0922 4392 mshidkmdf - ok
16:35:41.0938 4392 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
16:35:41.0938 4392 msisadrv - ok
16:35:41.0954 4392 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
16:35:41.0969 4392 MSiSCSI - ok
16:35:41.0969 4392 msiserver - ok
16:35:42.0000 4392 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
16:35:42.0000 4392 MSKSSRV - ok
16:35:42.0016 4392 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
16:35:42.0016 4392 MSPCLOCK - ok
16:35:42.0016 4392 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
16:35:42.0016 4392 MSPQM - ok
16:35:42.0047 4392 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
16:35:42.0047 4392 MsRPC - ok
16:35:42.0063 4392 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
16:35:42.0063 4392 mssmbios - ok
16:35:42.0063 4392 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
16:35:42.0063 4392 MSTEE - ok
16:35:42.0078 4392 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
16:35:42.0078 4392 MTConfig - ok
16:35:42.0094 4392 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
16:35:42.0094 4392 Mup - ok
16:35:42.0156 4392 N360 (e78a365cc3e0fbfc018a33dce01909f8) C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe
16:35:42.0156 4392 N360 - ok
16:35:42.0188 4392 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
16:35:42.0188 4392 napagent - ok
16:35:42.0203 4392 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
16:35:42.0203 4392 NativeWifiP - ok
16:35:42.0312 4392 NAVENG (8043d41f881d6ace40b854ad6e32217f) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20120711.018\ENG64.SYS
16:35:42.0312 4392 NAVENG - ok
16:35:42.0406 4392 NAVEX15 (9a9ab2fc45d701daed465d14980f1305) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20120711.018\EX64.SYS
16:35:42.0406 4392 NAVEX15 - ok
16:35:42.0546 4392 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
16:35:42.0546 4392 NDIS - ok
16:35:42.0562 4392 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
16:35:42.0562 4392 NdisCap - ok
16:35:42.0578 4392 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
16:35:42.0578 4392 NdisTapi - ok
16:35:42.0624 4392 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
16:35:42.0624 4392 Ndisuio - ok
16:35:42.0671 4392 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
16:35:42.0671 4392 NdisWan - ok
16:35:42.0687 4392 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
16:35:42.0687 4392 NDProxy - ok
16:35:42.0687 4392 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
16:35:42.0687 4392 NetBIOS - ok
16:35:42.0702 4392 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
16:35:42.0702 4392 NetBT - ok
16:35:42.0734 4392 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:35:42.0734 4392 Netlogon - ok
16:35:42.0749 4392 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
16:35:42.0749 4392 Netman - ok
16:35:42.0827 4392 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:35:42.0827 4392 NetMsmqActivator - ok
16:35:42.0843 4392 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:35:42.0843 4392 NetPipeActivator - ok
16:35:42.0874 4392 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
16:35:42.0890 4392 netprofm - ok
16:35:42.0890 4392 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:35:42.0890 4392 NetTcpActivator - ok
16:35:42.0890 4392 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:35:42.0890 4392 NetTcpPortSharing - ok
16:35:42.0921 4392 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
16:35:42.0921 4392 nfrd960 - ok
16:35:42.0936 4392 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
16:35:42.0952 4392 NlaSvc - ok
16:35:42.0968 4392 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
16:35:42.0968 4392 Npfs - ok
16:35:42.0968 4392 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
16:35:42.0968 4392 nsi - ok
16:35:42.0983 4392 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
16:35:42.0983 4392 nsiproxy - ok
16:35:43.0061 4392 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
16:35:43.0061 4392 Ntfs - ok
16:35:43.0139 4392 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
16:35:43.0139 4392 Null - ok
16:35:43.0170 4392 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
16:35:43.0170 4392 nvraid - ok
16:35:43.0217 4392 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
16:35:43.0217 4392 nvstor - ok
16:35:43.0248 4392 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
16:35:43.0248 4392 nv_agp - ok
16:35:43.0264 4392 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
16:35:43.0264 4392 ohci1394 - ok
16:35:43.0311 4392 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:35:43.0311 4392 ose - ok
16:35:43.0545 4392 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:35:43.0560 4392 osppsvc - ok
16:35:43.0623 4392 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:35:43.0623 4392 p2pimsvc - ok
16:35:43.0654 4392 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
16:35:43.0654 4392 p2psvc - ok
16:35:43.0670 4392 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
16:35:43.0670 4392 Parport - ok
16:35:43.0701 4392 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
16:35:43.0701 4392 partmgr - ok
16:35:43.0716 4392 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
16:35:43.0732 4392 PcaSvc - ok
16:35:43.0779 4392 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 (7317a0b550f7ac0223b7070897670476) c:\program files\dell support center\pcdsrvc_x64.pkms
16:35:43.0779 4392 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - ok
16:35:43.0794 4392 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
16:35:43.0794 4392 pci - ok
16:35:43.0826 4392 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
16:35:43.0826 4392 pciide - ok
16:35:43.0841 4392 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
16:35:43.0841 4392 pcmcia - ok
16:35:43.0841 4392 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
16:35:43.0841 4392 pcw - ok
16:35:43.0872 4392 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
16:35:43.0872 4392 PEAUTH - ok
16:35:43.0904 4392 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
16:35:43.0904 4392 PerfHost - ok
16:35:43.0950 4392 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
16:35:43.0966 4392 pla - ok
16:35:44.0013 4392 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
16:35:44.0013 4392 PlugPlay - ok
16:35:44.0044 4392 Pml Driver HPZ12 (f485770eec8959684cc4c4786b63c06c) C:\Windows\system32\HPZipm12.dll
16:35:44.0044 4392 Pml Driver HPZ12 - ok
16:35:44.0075 4392 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
16:35:44.0075 4392 PNRPAutoReg - ok
16:35:44.0091 4392 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:35:44.0106 4392 PNRPsvc - ok
16:35:44.0122 4392 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
16:35:44.0122 4392 PolicyAgent - ok
16:35:44.0138 4392 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
16:35:44.0138 4392 Power - ok
16:35:44.0184 4392 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
16:35:44.0184 4392 PptpMiniport - ok
16:35:44.0200 4392 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
16:35:44.0200 4392 Processor - ok
16:35:44.0216 4392 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
16:35:44.0216 4392 ProfSvc - ok
16:35:44.0231 4392 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:35:44.0231 4392 ProtectedStorage - ok
16:35:44.0247 4392 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
16:35:44.0247 4392 Psched - ok
16:35:44.0278 4392 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
16:35:44.0278 4392 PxHlpa64 - ok
16:35:44.0340 4392 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
16:35:44.0356 4392 ql2300 - ok
16:35:44.0465 4392 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
16:35:44.0465 4392 ql40xx - ok
16:35:44.0481 4392 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
16:35:44.0496 4392 QWAVE - ok
16:35:44.0496 4392 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
16:35:44.0496 4392 QWAVEdrv - ok
16:35:44.0512 4392 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
16:35:44.0512 4392 RasAcd - ok
16:35:44.0528 4392 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
16:35:44.0543 4392 RasAgileVpn - ok
16:35:44.0543 4392 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
16:35:44.0559 4392 RasAuto - ok
16:35:44.0574 4392 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
16:35:44.0574 4392 Rasl2tp - ok
16:35:44.0590 4392 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
16:35:44.0606 4392 RasMan - ok
16:35:44.0621 4392 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
16:35:44.0621 4392 RasPppoe - ok
16:35:44.0637 4392 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
16:35:44.0637 4392 RasSstp - ok
16:35:44.0652 4392 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
16:35:44.0652 4392 rdbss - ok
16:35:44.0668 4392 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
16:35:44.0668 4392 rdpbus - ok
16:35:44.0668 4392 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
16:35:44.0668 4392 RDPCDD - ok
16:35:44.0730 4392 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
16:35:44.0730 4392 RDPENCDD - ok
16:35:44.0730 4392 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
16:35:44.0730 4392 RDPREFMP - ok
16:35:44.0762 4392 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
16:35:44.0762 4392 RDPWD - ok
16:35:44.0793 4392 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
16:35:44.0793 4392 rdyboost - ok
16:35:44.0808 4392 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
16:35:44.0808 4392 RemoteAccess - ok
16:35:44.0824 4392 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
16:35:44.0840 4392 RemoteRegistry - ok
16:35:44.0964 4392 RoxMediaDB10 (05fc44d32a144925eae45570029fd6e1) c:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
16:35:44.0980 4392 RoxMediaDB10 - ok
16:35:44.0996 4392 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
16:35:44.0996 4392 RpcEptMapper - ok
16:35:45.0011 4392 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
16:35:45.0011 4392 RpcLocator - ok
16:35:45.0042 4392 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
16:35:45.0042 4392 RpcSs - ok
16:35:45.0074 4392 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
16:35:45.0074 4392 rspndr - ok
16:35:45.0074 4392 RxFilter - ok
16:35:45.0105 4392 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:35:45.0105 4392 SamSs - ok
16:35:45.0120 4392 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
16:35:45.0136 4392 sbp2port - ok
16:35:45.0152 4392 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
16:35:45.0167 4392 SCardSvr - ok
16:35:45.0198 4392 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
16:35:45.0198 4392 scfilter - ok
16:35:45.0245 4392 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
16:35:45.0276 4392 Schedule - ok
16:35:45.0308 4392 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
16:35:45.0308 4392 SCPolicySvc - ok
16:35:45.0323 4392 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
16:35:45.0323 4392 SDRSVC - ok
16:35:45.0401 4392 SeaPort (16a252022535b680046f6e34e136d378) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
16:35:45.0417 4392 SeaPort - ok
16:35:45.0448 4392 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
16:35:45.0448 4392 secdrv - ok
16:35:45.0448 4392 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
16:35:45.0464 4392 seclogon - ok
16:35:45.0464 4392 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
16:35:45.0479 4392 SENS - ok
16:35:45.0479 4392 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
16:35:45.0495 4392 SensrSvc - ok
16:35:45.0495 4392 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
16:35:45.0495 4392 Serenum - ok
16:35:45.0510 4392 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
16:35:45.0510 4392 Serial - ok
16:35:45.0526 4392 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
16:35:45.0526 4392 sermouse - ok
16:35:45.0557 4392 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
16:35:45.0557 4392 SessionEnv - ok
16:35:45.0573 4392 SessionLauncher - ok
16:35:45.0588 4392 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
16:35:45.0588 4392 sffdisk - ok
16:35:45.0604 4392 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
16:35:45.0604 4392 sffp_mmc - ok
16:35:45.0604 4392 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
16:35:45.0604 4392 sffp_sd - ok
16:35:45.0620 4392 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
16:35:45.0620 4392 sfloppy - ok
16:35:45.0635 4392 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
16:35:45.0651 4392 ShellHWDetection - ok
16:35:45.0666 4392 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:35:45.0666 4392 SiSRaid2 - ok
16:35:45.0682 4392 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
16:35:45.0682 4392 SiSRaid4 - ok
16:35:45.0698 4392 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
16:35:45.0698 4392 Smb - ok
16:35:45.0713 4392 SMR300 (10bc9f077fc149e4e0a40bae1d42a259) C:\Windows\system32\drivers\SMR300.SYS
16:35:45.0713 4392 SMR300 - ok
16:35:45.0744 4392 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
16:35:45.0744 4392 SNMPTRAP - ok
16:35:45.0760 4392 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
16:35:45.0760 4392 spldr - ok
16:35:45.0791 4392 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
16:35:45.0791 4392 Spooler - ok
16:35:45.0916 4392 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
16:35:45.0932 4392 sppsvc - ok
16:35:46.0025 4392 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
16:35:46.0025 4392 sppuinotify - ok
16:35:46.0103 4392 SRTSP (90ef30c3867bcde4579c01a6d6e75a7a) C:\Windows\System32\Drivers\N360x64\0502020.003\SRTSP64.SYS
16:35:46.0103 4392 SRTSP - ok
16:35:46.0119 4392 SRTSPX (c513e8a5e7978da49077f5484344ee1b) C:\Windows\system32\drivers\N360x64\0502020.003\SRTSPX64.SYS
16:35:46.0119 4392 SRTSPX - ok
16:35:46.0150 4392 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
16:35:46.0166 4392 srv - ok
16:35:46.0181 4392 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
16:35:46.0181 4392 srv2 - ok
16:35:46.0197 4392 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
16:35:46.0197 4392 srvnet - ok
16:35:46.0212 4392 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
16:35:46.0212 4392 SSDPSRV - ok
16:35:46.0228 4392 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
16:35:46.0228 4392 SstpSvc - ok
16:35:46.0228 4392 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
16:35:46.0228 4392 stexstor - ok
16:35:46.0509 4392 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
16:35:46.0524 4392 stisvc - ok
16:35:46.0587 4392 stllssvr (ff5eb78af7dfb68c2fb363537aaf753e) c:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
16:35:46.0587 4392 stllssvr - ok
16:35:46.0634 4392 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
16:35:46.0634 4392 swenum - ok
16:35:46.0665 4392 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
16:35:46.0680 4392 swprv - ok
16:35:46.0696 4392 SymDS (6160145c7a87fc7672e8e3b886888176) C:\Windows\system32\drivers\N360x64\0502020.003\SYMDS64.SYS
16:35:46.0712 4392 SymDS - ok
16:35:46.0758 4392 SymEFA (96aeed40d4d3521568b42027687e69e0) C:\Windows\system32\drivers\N360x64\0502020.003\SYMEFA64.SYS
16:35:46.0774 4392 SymEFA - ok
16:35:46.0790 4392 SymEvent (21a1c2d694c3cf962d31f5e873ab3d6f) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
16:35:46.0790 4392 SymEvent - ok
16:35:46.0821 4392 SymIRON (bd0d711d8cbfcaa19ca123306eaf53a5) C:\Windows\system32\drivers\N360x64\0502020.003\Ironx64.SYS
16:35:46.0821 4392 SymIRON - ok
16:35:46.0836 4392 SymNetS (a6adb3d83023f8daa0f7b6fda785d83b) C:\Windows\System32\Drivers\N360x64\0502020.003\SYMNETS.SYS
16:35:46.0852 4392 SymNetS - ok
16:35:46.0930 4392 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
16:35:46.0930 4392 SysMain - ok
16:35:47.0008 4392 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
16:35:47.0008 4392 TabletInputService - ok
16:35:47.0008 4392 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
16:35:47.0024 4392 TapiSrv - ok
16:35:47.0039 4392 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
16:35:47.0055 4392 TBS - ok
16:35:47.0148 4392 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
16:35:47.0148 4392 Tcpip - ok
16:35:47.0273 4392 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
16:35:47.0289 4392 TCPIP6 - ok
16:35:47.0351 4392 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
16:35:47.0351 4392 tcpipreg - ok
16:35:47.0382 4392 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
16:35:47.0382 4392 TDPIPE - ok
16:35:47.0398 4392 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
16:35:47.0398 4392 TDTCP - ok
16:35:47.0429 4392 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
16:35:47.0429 4392 tdx - ok
16:35:47.0460 4392 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
16:35:47.0460 4392 TermDD - ok
16:35:47.0492 4392 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
16:35:47.0507 4392 TermService - ok
16:35:47.0523 4392 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
16:35:47.0523 4392 Themes - ok
16:35:47.0538 4392 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:35:47.0538 4392 THREADORDER - ok
16:35:47.0554 4392 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
16:35:47.0554 4392 TrkWks - ok
16:35:47.0601 4392 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
16:35:47.0616 4392 TrustedInstaller - ok
16:35:47.0648 4392 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
16:35:47.0648 4392 tssecsrv - ok
16:35:47.0663 4392 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
16:35:47.0663 4392 TsUsbFlt - ok
16:35:47.0679 4392 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
16:35:47.0679 4392 tunnel - ok
16:35:47.0694 4392 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
16:35:47.0710 4392 uagp35 - ok
16:35:47.0726 4392 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
16:35:47.0741 4392 udfs - ok
16:35:47.0741 4392 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
16:35:47.0741 4392 UI0Detect - ok
16:35:47.0757 4392 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
16:35:47.0757 4392 uliagpkx - ok
16:35:47.0788 4392 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
16:35:47.0788 4392 umbus - ok
16:35:47.0819 4392 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
16:35:47.0819 4392 UmPass - ok
16:35:47.0850 4392 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
16:35:47.0850 4392 upnphost - ok
16:35:47.0882 4392 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
16:35:47.0882 4392 USBAAPL64 - ok
16:35:47.0897 4392 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
16:35:47.0897 4392 usbccgp - ok
16:35:47.0928 4392 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
16:35:47.0928 4392 usbcir - ok
16:35:47.0944 4392 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
16:35:47.0944 4392 usbehci - ok
16:35:47.0960 4392 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
16:35:47.0960 4392 usbhub - ok
16:35:47.0975 4392 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
16:35:47.0975 4392 usbohci - ok
16:35:47.0975 4392 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
16:35:47.0975 4392 usbprint - ok
16:35:47.0975 4392 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:35:47.0991 4392 USBSTOR - ok
16:35:47.0991 4392 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
16:35:47.0991 4392 usbuhci - ok
16:35:48.0006 4392 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
16:35:48.0006 4392 UxSms - ok
16:35:48.0022 4392 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:35:48.0022 4392 VaultSvc - ok
16:35:48.0038 4392 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
16:35:48.0038 4392 vdrvroot - ok
16:35:48.0084 4392 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
16:35:48.0100 4392 vds - ok
16:35:48.0100 4392 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
16:35:48.0100 4392 vga - ok
16:35:48.0147 4392 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
16:35:48.0147 4392 VgaSave - ok
16:35:48.0178 4392 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
16:35:48.0178 4392 vhdmp - ok
16:35:48.0194 4392 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
16:35:48.0194 4392 viaide - ok
16:35:48.0194 4392 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
16:35:48.0194 4392 volmgr - ok
16:35:48.0225 4392 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
16:35:48.0225 4392 volmgrx - ok
16:35:48.0240 4392 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
16:35:48.0240 4392 volsnap - ok
16:35:48.0256 4392 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
16:35:48.0256 4392 vsmraid - ok
16:35:48.0318 4392 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
16:35:48.0318 4392 VSS - ok
16:35:48.0412 4392 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
16:35:48.0428 4392 vwifibus - ok
16:35:48.0459 4392 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
16:35:48.0474 4392 W32Time - ok
16:35:48.0490 4392 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
16:35:48.0490 4392 WacomPen - ok
16:35:48.0506 4392 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
16:35:48.0506 4392 WANARP - ok
16:35:48.0521 4392 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
16:35:48.0521 4392 Wanarpv6 - ok
16:35:48.0599 4392 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
16:35:48.0615 4392 WatAdminSvc - ok
16:35:48.0677 4392 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
16:35:48.0677 4392 wbengine - ok
16:35:48.0724 4392 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
16:35:48.0724 4392 WbioSrvc - ok
16:35:48.0755 4392 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
16:35:48.0755 4392 wcncsvc - ok
16:35:48.0771 4392 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
16:35:48.0771 4392 WcsPlugInService - ok
16:35:48.0786 4392 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
16:35:48.0786 4392 Wd - ok
16:35:48.0802 4392 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
16:35:48.0802 4392 Wdf01000 - ok
16:35:48.0818 4392 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:35:48.0833 4392 WdiServiceHost - ok
16:35:48.0833 4392 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:35:48.0833 4392 WdiSystemHost - ok
16:35:48.0880 4392 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
16:35:48.0896 4392 WebClient - ok
16:35:48.0911 4392 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
16:35:48.0911 4392 Wecsvc - ok
16:35:48.0927 4392 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
16:35:48.0927 4392 wercplsupport - ok
16:35:48.0942 4392 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
16:35:48.0942 4392 WerSvc - ok
16:35:48.0974 4392 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
16:35:48.0974 4392 WfpLwf - ok
16:35:49.0005 4392 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
16:35:49.0005 4392 WimFltr - ok
16:35:49.0005 4392 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
16:35:49.0005 4392 WIMMount - ok
16:35:49.0020 4392 WinHttpAutoProxySvc - ok
16:35:49.0067 4392 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
16:35:49.0083 4392 Winmgmt - ok
16:35:49.0145 4392 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
16:35:49.0176 4392 WinRM - ok
16:35:49.0270 4392 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
16:35:49.0270 4392 WinUsb - ok
16:35:49.0332 4392 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
16:35:49.0332 4392 Wlansvc - ok
16:35:49.0379 4392 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
16:35:49.0379 4392 wlcrasvc - ok
16:35:49.0457 4392 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:35:49.0488 4392 wlidsvc - ok
16:35:49.0566 4392 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
16:35:49.0566 4392 WmiAcpi - ok
16:35:49.0598 4392 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
16:35:49.0598 4392 wmiApSrv - ok
16:35:49.0613 4392 WMPNetworkSvc - ok
16:35:49.0644 4392 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
16:35:49.0644 4392 WPCSvc - ok
16:35:49.0691 4392 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
16:35:49.0691 4392 WPDBusEnum - ok
16:35:49.0722 4392 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
16:35:49.0722 4392 ws2ifsl - ok
16:35:49.0754 4392 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys
16:35:49.0754 4392 WSDPrintDevice - ok
16:35:49.0754 4392 WSearch - ok
16:35:49.0894 4392 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
16:35:49.0910 4392 wuauserv - ok
16:35:49.0956 4392 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
16:35:49.0972 4392 WudfPf - ok
16:35:49.0988 4392 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
16:35:49.0988 4392 WUDFRd - ok
16:35:49.0988 4392 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
16:35:50.0003 4392 wudfsvc - ok
16:35:50.0003 4392 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
16:35:50.0019 4392 WwanSvc - ok
16:35:50.0034 4392 MBR (0x1B8) (cdb4de4bbd714f152979da2dcbef57eb) \Device\Harddisk0\DR0
16:35:50.0284 4392 \Device\Harddisk0\DR0 - ok
16:35:50.0284 4392 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR1
16:35:50.0440 4392 \Device\Harddisk1\DR1 - ok
16:35:50.0456 4392 Boot (0x1200) (22a92d08b035cf02d324f8731eab2ae1) \Device\Harddisk0\DR0\Partition0
16:35:50.0456 4392 \Device\Harddisk0\DR0\Partition0 - ok
16:35:50.0456 4392 Boot (0x1200) (66c0df424d786504b66f1d01ff03c6aa) \Device\Harddisk0\DR0\Partition1
16:35:50.0456 4392 \Device\Harddisk0\DR0\Partition1 - ok
16:35:50.0471 4392 Boot (0x1200) (ee5c6ba51652e3ad489f6493c1b4b8f1) \Device\Harddisk1\DR1\Partition0
16:35:50.0471 4392 \Device\Harddisk1\DR1\Partition0 - ok
16:35:50.0471 4392 ============================================================
16:35:50.0471 4392 Scan finished
16:35:50.0471 4392 ============================================================
16:35:50.0471 3708 Detected object count: 0
16:35:50.0471 3708 Actual detected object count: 0
16:36:22.0879 3960 Deinitialize success

aswMBR
(since it wasn't in your instructions, I didn't click "Fix MBR" when done.)
aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-12 16:37:02
-----------------------------
16:37:02.888 OS Version: Windows x64 6.1.7601 Service Pack 1
16:37:02.888 Number of processors: 6 586 0xA00
16:37:02.888 ComputerName: FISHWICKE UserName: Kathy
16:37:05.527 Initialize success
16:37:45.186 AVAST engine defs: 12071201
16:37:53.283 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000067
16:37:53.283 Disk 0 Vendor: ST310005 CC46 Size: 953869MB BusType: 11
16:37:53.314 Disk 0 MBR read successfully
16:37:53.329 Disk 0 MBR scan
16:37:53.329 Disk 0 Windows VISTA default MBR code
16:37:53.345 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
16:37:53.361 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 10842 MB offset 81920
16:37:53.392 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 942986 MB offset 22286336
16:37:53.454 Disk 0 scanning C:\Windows\system32\drivers
16:38:15.762 Service scanning
16:38:31.821 Modules scanning
16:38:31.831 Disk 0 trace - called modules:
16:38:31.861 ntoskrnl.exe CLASSPNP.SYS disk.sys amdxata.sys storport.sys hal.dll amdsata.sys
16:38:32.181 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005ab3790]
16:38:32.191 3 CLASSPNP.SYS[fffff8800185143f] -> nt!IofCallDriver -> [0xfffffa80052fa3e0]
16:38:32.201 5 amdxata.sys[fffff880011857a8] -> nt!IofCallDriver -> \Device\00000067[0xfffffa80052f0640]
16:38:35.121 AVAST engine scan C:\Windows
16:38:38.731 AVAST engine scan C:\Windows\system32
16:41:42.220 AVAST engine scan C:\Windows\system32\drivers
16:41:54.107 AVAST engine scan C:\Users\Kathy
16:49:03.561 AVAST engine scan C:\ProgramData
16:52:03.351 Scan finished successfully
16:53:41.319 Disk 0 MBR has been saved successfully to "C:\MBR.dat"
16:53:41.319 The log file has been saved successfully to "C:\aswMBR.txt"


eset

C:\Windows\Installer\{9ba5d92e-44ee-eb49-5327-2e3241332220}\U\00000008.@ Win64/Agent.BA trojan cleaned by deleting - quarantined
C:\Windows\Installer\{9ba5d92e-44ee-eb49-5327-2e3241332220}\U\80000064.@ Win64/Sirefef.AN trojan cleaned by deleting - quarantined
"Cry woe, destruction, ruin, loss, decay;
The worst is Kadh, and Kadh will have his day!"

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:36 PM

Posted 12 July 2012 - 06:03 PM

Download

systemlook

Launch it and copy this script and paste in the BOX

:filefind
services.exe
:folderfind
{9ba5d92e-44ee-eb49-5327-2e3241332220}


Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log


Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Edited by narenxp, 12 July 2012 - 06:04 PM.


#5 kadh2000

kadh2000
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:36 PM

Posted 13 July 2012 - 03:44 PM

systemlook:

SystemLook 30.07.11 by jpshortstuff
Log created at 19:52 on 12/07/2012 by Kathy
Administrator - Elevation successful

========== filefind ==========

Searching for "services.exe"
C:\Windows\System32\services.exe --a---- 328704 bytes [23:19 13/07/2009] [01:39 14/07/2009] 24ACB7E5BE595468E3B9AA488B9B4FCB
C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe --a---- 328704 bytes [23:19 13/07/2009] [01:39 14/07/2009] 24ACB7E5BE595468E3B9AA488B9B4FCB

========== folderfind ==========

Searching for "{9ba5d92e-44ee-eb49-5327-2e3241332220}"
C:\Users\Kathy\AppData\Local\{9ba5d92e-44ee-eb49-5327-2e3241332220} d--hs-- [05:28 11/01/2012]
C:\Windows\Installer\{9ba5d92e-44ee-eb49-5327-2e3241332220} d--hs-- [05:28 11/01/2012]

-= EOF =-

MBAM found no infections on either scan.

minitoolbox:

MiniToolBox by Farbar Version: 25-06-2012
Ran by Kathy (administrator) on 13-07-2012 at 16:36:38
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Broadcom NetLink ™ Gigabit Ethernet = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Fishwicke
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : hsd1.pa.comcast.net

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : hsd1.pa.comcast.net
Description . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet
Physical Address. . . . . . . . . : B8-AC-6F-9B-9E-9A
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::4188:9602:6976:3138%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.143(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Thursday, July 12, 2012 9:07:32 PM
Lease Expires . . . . . . . . . . : Saturday, July 14, 2012 4:32:16 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 246983791
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-1C-8E-DB-B8-AC-6F-9B-9E-9A
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.hsd1.pa.comcast.net:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: KadhRouter2012.hsd1.pa.comcast.net
Address: 192.168.1.1

Name: google.com
Addresses: 2607:f8b0:4006:803::1003
74.125.226.238
74.125.226.229
74.125.226.225
74.125.226.231
74.125.226.230
74.125.226.227
74.125.226.228
74.125.226.233
74.125.226.232
74.125.226.226
74.125.226.224


Pinging google.com [74.125.226.224] with 32 bytes of data:
Reply from 74.125.226.224: bytes=32 time=22ms TTL=54
Reply from 74.125.226.224: bytes=32 time=20ms TTL=54

Ping statistics for 74.125.226.224:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 20ms, Maximum = 22ms, Average = 21ms
Server: KadhRouter2012.hsd1.pa.comcast.net
Address: 192.168.1.1

Name: yahoo.com
Addresses: 98.139.183.24
209.191.122.70
72.30.38.140


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=103ms TTL=49
Reply from 72.30.38.140: bytes=32 time=125ms TTL=49

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 103ms, Maximum = 125ms, Average = 114ms
Server: KadhRouter2012.hsd1.pa.comcast.net
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
10...b8 ac 6f 9b 9e 9a ......Broadcom NetLink ™ Gigabit Ethernet
1...........................Software Loopback Interface 1
11...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
12...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.143 10
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.143 266
192.168.1.143 255.255.255.255 On-link 192.168.1.143 266
192.168.1.255 255.255.255.255 On-link 192.168.1.143 266
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.143 266
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.143 266
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
10 266 fe80::/64 On-link
10 266 fe80::4188:9602:6976:3138/128
On-link
1 306 ff00::/8 On-link
10 266 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 08 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 mswsock.dll [File Not found] ()
Catalog9 02 mswsock.dll [File Not found] ()
Catalog9 03 mswsock.dll [File Not found] ()
Catalog9 04 mswsock.dll [File Not found] ()
Catalog9 05 mswsock.dll [File Not found] ()
Catalog9 06 mswsock.dll [File Not found] ()
Catalog9 07 mswsock.dll [File Not found] ()
Catalog9 08 mswsock.dll [File Not found] ()
Catalog9 09 mswsock.dll [File Not found] ()
Catalog9 10 mswsock.dll [File Not found] ()
x64-Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 07 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

x64-Catalog5 08 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 mswsock.dll [File Not found] ()
x64-Catalog9 02 mswsock.dll [File Not found] ()
x64-Catalog9 03 mswsock.dll [File Not found] ()
x64-Catalog9 04 mswsock.dll [File Not found] ()
x64-Catalog9 05 mswsock.dll [File Not found] ()
x64-Catalog9 06 mswsock.dll [File Not found] ()
x64-Catalog9 07 mswsock.dll [File Not found] ()
x64-Catalog9 08 mswsock.dll [File Not found] ()
x64-Catalog9 09 mswsock.dll [File Not found] ()
x64-Catalog9 10 mswsock.dll [File Not found] ()

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/13/2012 00:35:53 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/13/2012 00:35:53 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/13/2012 00:35:52 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/13/2012 00:33:47 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/12/2012 04:55:25 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/12/2012 04:55:10 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/12/2012 10:13:33 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10031

Error: (07/12/2012 10:13:33 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10031

Error: (07/12/2012 10:13:33 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/12/2012 10:13:32 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9017


System errors:
=============
Error: (07/13/2012 04:32:17 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (07/13/2012 04:32:17 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (07/13/2012 00:13:50 AM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (07/13/2012 00:13:50 AM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (07/12/2012 09:08:40 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (07/12/2012 09:08:19 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (07/12/2012 09:08:19 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (07/12/2012 09:07:50 PM) (Source: Service Control Manager) (User: )
Description: The IKE and AuthIP IPsec Keying Modules service terminated with the following error:
%%1753

Error: (07/12/2012 09:07:50 PM) (Source: Service Control Manager) (User: )
Description: The IKE and AuthIP IPsec Keying Modules service terminated with the following error:
%%1753

Error: (07/12/2012 09:07:50 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060


Microsoft Office Sessions:
=========================
Error: (07/13/2012 00:35:53 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Users\Kathy\AppData\Local\microsoft\Windows\temporary internet files\Content.IE5\UCQQNY0S\esetsmartinstaller_enu.exe

Error: (07/13/2012 00:35:53 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Users\Kathy\AppData\Local\microsoft\Windows\temporary internet files\Content.IE5\UCQQNY0S\esetsmartinstaller_enu.exe

Error: (07/13/2012 00:35:52 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Users\Kathy\AppData\Local\microsoft\Windows\temporary internet files\Content.IE5\UCQQNY0S\esetsmartinstaller_enu.exe

Error: (07/13/2012 00:33:47 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (07/12/2012 04:55:25 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Kathy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UCQQNY0S\esetsmartinstaller_enu.exe

Error: (07/12/2012 04:55:10 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Kathy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UCQQNY0S\esetsmartinstaller_enu.exe

Error: (07/12/2012 10:13:33 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10031

Error: (07/12/2012 10:13:33 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10031

Error: (07/12/2012 10:13:33 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/12/2012 10:13:32 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9017


=========================== Installed Programs ============================

Adobe AIR (Version: 2.0.4.13090)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.265)
Adobe Flash Player 11 Plugin (Version: 11.3.300.265)
Adobe Reader 9.5.1 (Version: 9.5.1)
AMD Fusion Media Explorer (Version: 1.0.2.0163)
AMD Fusion Utility for Desktops (Version: 1.1.1)
Apple Application Support (Version: 2.1.9)
Apple Mobile Device Support (Version: 5.2.0.6)
Apple Software Update (Version: 2.1.3.127)
ATI Catalyst Control Center (Version: 2.010.0517.1741)
Aventail Access Manager (Version: 10.52.35)
Aventail Web Proxy Agent (Version: 10.52.35)
Bonjour (Version: 3.0.0.10)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2010.0517.1742.29870)
Catalyst Control Center Graphics Previews Vista (Version: 2010.0517.1742.29870)
Catalyst Control Center InstallProxy (Version: 2010.0517.1742.29870)
Catalyst Control Center Localization All (Version: 2010.0517.1742.29870)
ccc-core-static (Version: 2010.0517.1742.29870)
ccc-utility64 (Version: 2010.0517.1742.29870)
CCC Help Chinese Standard (Version: 2010.0517.1741.29870)
CCC Help Chinese Traditional (Version: 2010.0517.1741.29870)
CCC Help Czech (Version: 2010.0517.1741.29870)
CCC Help Danish (Version: 2010.0517.1741.29870)
CCC Help Dutch (Version: 2010.0517.1741.29870)
CCC Help English (Version: 2010.0517.1741.29870)
CCC Help Finnish (Version: 2010.0517.1741.29870)
CCC Help French (Version: 2010.0517.1741.29870)
CCC Help German (Version: 2010.0517.1741.29870)
CCC Help Greek (Version: 2010.0517.1741.29870)
CCC Help Hungarian (Version: 2010.0517.1741.29870)
CCC Help Italian (Version: 2010.0517.1741.29870)
CCC Help Japanese (Version: 2010.0517.1741.29870)
CCC Help Korean (Version: 2010.0517.1741.29870)
CCC Help Norwegian (Version: 2010.0517.1741.29870)
CCC Help Polish (Version: 2010.0517.1741.29870)
CCC Help Portuguese (Version: 2010.0517.1741.29870)
CCC Help Russian (Version: 2010.0517.1741.29870)
CCC Help Spanish (Version: 2010.0517.1741.29870)
CCC Help Swedish (Version: 2010.0517.1741.29870)
CCC Help Thai (Version: 2010.0517.1741.29870)
CCC Help Turkish (Version: 2010.0517.1741.29870)
Coupon Printer for Windows (Version: 5.0.0.0)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell Support Center (Version: 3.1.5907.39)
DirectXInstallService (Version: 9.0.2)
EMC 10 Content (Version: 1.0.035)
EMCGadgets64 (Version: 1.0.302)
ESET Online Scanner v3
HP Officejet 6500 E710n-z Basic Device Software (Version: 22.50.231.0)
HP Officejet 6500 E710n-z Help (Version: 140.0.2.2)
HP Update (Version: 5.002.006.003)
iCloud (Version: 1.1.0.40)
iTunes (Version: 10.6.3.25)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 20 (64-bit) (Version: 6.0.200)
Java™ 6 Update 31 (Version: 6.0.310)
Junk Mail filter update (Version: 15.4.3502.0922)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Home and Business 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook Connector (Version: 14.0.5118.5000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (Version: 14.0.5120.5000)
Microsoft Search Enhancement Pack (Version: 3.0.133.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Mozilla Firefox 13.0.1 (x86 en-US) (Version: 13.0.1)
Mozilla Maintenance Service (Version: 13.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Multimedia Card Reader (Version: 1.7.915.93)
Norton 360 (Version: 5.2.2.3)
Origin (Version: 8.5.0.4554)
QualxServ Service Agreement (Version: 2.0.0)
QuickTime (Version: 7.72.80.56)
RAIDXpert (Version: 2.4.1540.27)
Realtek High Definition Audio Driver (Version: 6.0.1.5983)
Roxio Activation Module (Version: 1.0)
Roxio BackOnTrack (Version: 1.3.0)
Roxio Central Audio (Version: 3.8.0)
Roxio Central Copy (Version: 3.8.0)
Roxio Central Core (Version: 3.8.0)
Roxio Central Data (Version: 3.8.0)
Roxio Central Tools (Version: 3.8.0)
Roxio Easy CD and DVD Burning (Version: 10.3)
Roxio Easy CD and DVD Burning (Version: 10.3.106)
Roxio Express Labeler 3 (Version: 3.2.1)
Roxio File Backup (Version: 1.3.0)
Roxio Update Manager (Version: 6.0.0)
Skins (Version: 2010.0517.1742.29870)
Sonic CinePlayer Decoder Pack (Version: 4.3.0)
The Sims Medieval (Version: 2.0.113)
The Sims™ 3 (Version: 1.34.27)
The Sims™ 3 Ambitions (Version: 4.6.6)
The Sims™ 3 Create a Pattern Tool (Version: 1.0.0)
The Sims™ 3 High-End Loft Stuff (Version: 3.9.6)
The Sims™ 3 Late Night (Version: 6.2.4)
The Sims™ 3 Master Suite Stuff (Version: 11.0.84)
The Sims™ 3 Outdoor Living Stuff (Version: 7.3.2)
The Sims™ 3 Pets (Version: 10.0.96)
The Sims™ 3 World Adventures (Version: 2.13.6)
THX TruStudio PC (Version: 1.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
VD64Inst (Version: 1.00.0000)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Family Safety (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)

========================= Memory info: ===================================

Percentage of memory in use: 22%
Total physical RAM: 6143.3 MB
Available physical RAM: 4753.07 MB
Total Pagefile: 12284.79 MB
Available Pagefile: 9518.2 MB
Total Virtual: 4095.88 MB
Available Virtual: 3962.93 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:920.88 GB) (Free:820.28 GB) NTFS
2 Drive d: (Sims3SP03) (CDROM) (Total:4.58 GB) (Free:0 GB) UDF
6 Drive i: (FreeAgent GoFlex Drive) (Fixed) (Total:931.51 GB) (Free:489.37 GB) NTFS

========================= Users: ========================================

User accounts for \\FISHWICKE

Administrator Guest Kathy


**** End of log ****
"Cry woe, destruction, ruin, loss, decay;
The worst is Kadh, and Kadh will have his day!"

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:36 PM

Posted 13 July 2012 - 04:02 PM

Open your C drive

On top,click on Organize-folder and search options

Click on View tab and scroll down

Check mark Show hidden files
Uncheck Hide operating system files


Click ok,now go to

C:\Users\Kathy\AppData\Local\{9ba5d92e-44ee-eb49-5327-2e3241332220}
C:\Windows\Installer\{9ba5d92e-44ee-eb49-5327-2e3241332220}

delete both the folders

Post the new system look log

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

#7 kadh2000

kadh2000
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:36 PM

Posted 13 July 2012 - 04:27 PM

After doing what you asked, I did not find the first file in the C:\users\Kathy\AppData\Local folder
I did not find the c:\Windows\Installer folder at all

FSS results (I had to disable N360 to allow my computer to save the FSS file)

Farbar Service Scanner Version: 08-07-2012
Ran by Kathy (administrator) on 13-07-2012 at 17:24:24
Running from "C:\Users\Kathy\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****
"Cry woe, destruction, ruin, loss, decay;
The worst is Kadh, and Kadh will have his day!"

#8 kadh2000

kadh2000
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:36 PM

Posted 13 July 2012 - 04:30 PM

edit: nevermind. Found what I forgot to do. Results coming.
"Cry woe, destruction, ruin, loss, decay;
The worst is Kadh, and Kadh will have his day!"

#9 kadh2000

kadh2000
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:36 PM

Posted 13 July 2012 - 04:35 PM

SystemLook

SystemLook 30.07.11 by jpshortstuff
Log created at 17:33 on 13/07/2012 by Kathy
Administrator - Elevation successful

========== filefind ==========

Searching for "services.exe"
C:\Windows\System32\services.exe --a---- 328704 bytes [23:19 13/07/2009] [01:39 14/07/2009] 24ACB7E5BE595468E3B9AA488B9B4FCB
C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe --a---- 328704 bytes [23:19 13/07/2009] [01:39 14/07/2009] 24ACB7E5BE595468E3B9AA488B9B4FCB

========== folderfind ==========

Searching for "{9ba5d92e-44ee-eb49-5327-2e3241332220}"
No folders found.

-= EOF =-

FSS (after deleting those files)

Farbar Service Scanner Version: 08-07-2012
Ran by Kathy (administrator) on 13-07-2012 at 17:35:23
Running from "C:\Users\Kathy\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****
"Cry woe, destruction, ruin, loss, decay;
The worst is Kadh, and Kadh will have his day!"

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:36 PM

Posted 13 July 2012 - 05:33 PM

Create a restore point before trying this

Download

MpsSvc
wscsvc
defender


Launch them ,click YES when you get UAC prompt

restart the PC and post the new FSS log

#11 kadh2000

kadh2000
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:36 PM

Posted 13 July 2012 - 06:15 PM

Norton 360 still shows a 5013 3 error when rebooting.

FSS log

Farbar Service Scanner Version: 08-07-2012
Ran by Kathy (administrator) on 13-07-2012 at 19:13:03
Running from "C:\Users\Kathy\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
MpsSvc Service is not running. Checking service configuration:
The start type of MpsSvc service is OK.
The ImagePath of MpsSvc service is OK.
The ServiceDll of MpsSvc service is OK.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv: "C:\Windows\system32\wuaueng.dll".


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****
"Cry woe, destruction, ruin, loss, decay;
The worst is Kadh, and Kadh will have his day!"

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:36 PM

Posted 13 July 2012 - 06:18 PM

Press Windows+R key and type

regedit and click ok

go to

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess

Right click on it-permissions

Click on ADD and type

Everyone and click ok

Now Click on Everyone

Below you have permission for users

Select full control and click ok

Now start the windows firewall service

Click on startmenu and type

cmd

Right click on it and select run as administrator and run this command

netsh winsock reset press ENTER

Restart the PC,post the new FSS log

Let me know if you have any current issues

#13 kadh2000

kadh2000
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:36 PM

Posted 13 July 2012 - 06:33 PM

Norton 360 still shows a 5013 3 error.

FSS log

Farbar Service Scanner Version: 08-07-2012
Ran by Kathy (administrator) on 13-07-2012 at 19:28:58
Running from "C:\Users\Kathy\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
MpsSvc Service is not running. Checking service configuration:
The start type of MpsSvc service is OK.
The ImagePath of MpsSvc service is OK.
The ServiceDll of MpsSvc service is OK.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****
"Cry woe, destruction, ruin, loss, decay;
The worst is Kadh, and Kadh will have his day!"

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:36 PM

Posted 13 July 2012 - 06:45 PM

Did you give registry permissions? I dont think so

Now start the windows firewall service


Did you start it?

Edited by narenxp, 13 July 2012 - 06:46 PM.


#15 kadh2000

kadh2000
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:36 PM

Posted 13 July 2012 - 07:08 PM

permissions for
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess
show Everyone has Full Control and Read permissions

assuming that netsh winsock reset started windows firewall service, I did do that.
When I look at services now, it shows that windows firewall service is not started. I clicked start and received the following error message
error 1079: the account specified for this service is different from the account specified for other services running in the same process.
"Cry woe, destruction, ruin, loss, decay;
The worst is Kadh, and Kadh will have his day!"




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users