Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I cannot access Windows Firewall controls even after virus removal


  • Please log in to reply
11 replies to this topic

#1 Domo!

Domo!

  • Members
  • 174 posts
  • OFFLINE
  •  
  • Local time:10:56 AM

Posted 24 July 2012 - 07:25 PM

Hello there. I have what I hope is a small issue and was looking for some help. One of the laptops in my household had acquired a virus that caused Avast to have multiple intrusion pop-ups and then the computer would blue screen and then shut off. I went through several scans with different programs and have gotten the virus removed (to my knowledge) and the computer running smoothly (no more blue screen or Avast intrusion pop-ups).

I then went to make sure the security on the laptop was intact and when I tried to get the firewall going I was given the error 0x80070424. I went to the Microsoft website to get a fix and downloaded what they had available but even after the fix (http://support.microsoft.com/kb/968002) the problem persisted. I am running Microsoft Windows 7 Home Premium on a Toshiba Satellite L455D. I also hope I am posting in the right section of the forum, I was going to post in the Windows 7 forum but since this started with a virus I figured I would post it here. Thanks for any help in advanced. (I also have logs from the scans I had done previously if it helps, I will not post them unless asked to.) Thanks again.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:56 PM

Posted 24 July 2012 - 08:42 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 Domo!

Domo!
  • Topic Starter

  • Members
  • 174 posts
  • OFFLINE
  •  
  • Local time:10:56 AM

Posted 24 July 2012 - 10:54 PM

Sure thing. Here is the TDSS Log. The default option was skip so I hit continue in order to get to the log file:

21:50:14.0040 1108 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
21:50:14.0352 1108 ============================================================
21:50:14.0352 1108 Current date / time: 2012/07/24 21:50:14.0352
21:50:14.0352 1108 SystemInfo:
21:50:14.0352 1108
21:50:14.0352 1108 OS Version: 6.1.7601 ServicePack: 1.0
21:50:14.0352 1108 Product type: Workstation
21:50:14.0352 1108 ComputerName: LMC2010-PC
21:50:14.0352 1108 UserName: LMC2010
21:50:14.0352 1108 Windows directory: C:\windows
21:50:14.0352 1108 System windows directory: C:\windows
21:50:14.0352 1108 Processor architecture: Intel x86
21:50:14.0352 1108 Number of processors: 1
21:50:14.0352 1108 Page size: 0x1000
21:50:14.0352 1108 Boot type: Normal boot
21:50:14.0352 1108 ============================================================
21:50:15.0850 1108 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
21:50:15.0897 1108 ============================================================
21:50:15.0897 1108 \Device\Harddisk0\DR0:
21:50:15.0897 1108 MBR partitions:
21:50:15.0897 1108 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x1BEAA800
21:50:15.0897 1108 ============================================================
21:50:15.0959 1108 C: <-> \Device\Harddisk0\DR0\Partition0
21:50:15.0959 1108 ============================================================
21:50:15.0959 1108 Initialize success
21:50:15.0959 1108 ============================================================
21:50:55.0692 6032 ============================================================
21:50:55.0692 6032 Scan started
21:50:55.0692 6032 Mode: Manual; TDLFS;
21:50:55.0692 6032 ============================================================
21:50:57.0050 6032 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\windows\system32\drivers\1394ohci.sys
21:50:57.0050 6032 1394ohci - ok
21:50:57.0112 6032 ACPI (cea80c80bed809aa0da6febc04733349) C:\windows\system32\drivers\ACPI.sys
21:50:57.0112 6032 ACPI - ok
21:50:57.0174 6032 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\windows\system32\drivers\acpipmi.sys
21:50:57.0174 6032 AcpiPmi - ok
21:50:57.0315 6032 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
21:50:57.0315 6032 AdobeFlashPlayerUpdateSvc - ok
21:50:57.0408 6032 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\windows\system32\DRIVERS\adp94xx.sys
21:50:57.0424 6032 adp94xx - ok
21:50:57.0486 6032 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\windows\system32\DRIVERS\adpahci.sys
21:50:57.0486 6032 adpahci - ok
21:50:57.0518 6032 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\windows\system32\DRIVERS\adpu320.sys
21:50:57.0533 6032 adpu320 - ok
21:50:57.0642 6032 ADVService (985e43b02d2443f6c0f440771c77e5d1) C:\Program Files\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe
21:50:57.0642 6032 ADVService - ok
21:50:57.0705 6032 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\windows\System32\aelupsvc.dll
21:50:57.0705 6032 AeLookupSvc - ok
21:50:57.0783 6032 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\windows\system32\drivers\afd.sys
21:50:57.0783 6032 AFD - ok
21:50:57.0892 6032 AgereSoftModem (7e10e3bb9b258ad8a9300f91214d67b9) C:\windows\system32\DRIVERS\AGRSM.sys
21:50:57.0892 6032 AgereSoftModem - ok
21:50:57.0939 6032 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\windows\system32\drivers\agp440.sys
21:50:57.0939 6032 agp440 - ok
21:50:58.0001 6032 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\windows\system32\DRIVERS\djsvs.sys
21:50:58.0001 6032 aic78xx - ok
21:50:58.0079 6032 ALG (18a54e132947cd98fea9accc57f98f13) C:\windows\System32\alg.exe
21:50:58.0079 6032 ALG - ok
21:50:58.0142 6032 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\windows\system32\drivers\aliide.sys
21:50:58.0142 6032 aliide - ok
21:50:58.0204 6032 AMD External Events Utility (0bc6704f6fb4c63cdcb85401e8263a1b) C:\windows\system32\atiesrxx.exe
21:50:58.0204 6032 AMD External Events Utility - ok
21:50:58.0235 6032 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\windows\system32\drivers\amdagp.sys
21:50:58.0235 6032 amdagp - ok
21:50:58.0298 6032 amdide (cd5914170297126b6266860198d1d4f0) C:\windows\system32\drivers\amdide.sys
21:50:58.0298 6032 amdide - ok
21:50:58.0344 6032 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\windows\system32\DRIVERS\amdk8.sys
21:50:58.0360 6032 AmdK8 - ok
21:50:58.0407 6032 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\windows\system32\DRIVERS\amdppm.sys
21:50:58.0407 6032 AmdPPM - ok
21:50:58.0469 6032 amdsata (d320bf87125326f996d4904fe24300fc) C:\windows\system32\drivers\amdsata.sys
21:50:58.0469 6032 amdsata - ok
21:50:58.0516 6032 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\windows\system32\DRIVERS\amdsbs.sys
21:50:58.0532 6032 amdsbs - ok
21:50:58.0547 6032 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\windows\system32\drivers\amdxata.sys
21:50:58.0547 6032 amdxata - ok
21:50:58.0625 6032 androidusb (dd8d9c597af7cd2f6b70a3d6a4a1acea) C:\windows\system32\Drivers\ssadadb.sys
21:50:58.0625 6032 androidusb - ok
21:50:58.0672 6032 AppID (aea177f783e20150ace5383ee368da19) C:\windows\system32\drivers\appid.sys
21:50:58.0672 6032 AppID - ok
21:50:58.0719 6032 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\windows\System32\appidsvc.dll
21:50:58.0719 6032 AppIDSvc - ok
21:50:58.0797 6032 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\windows\System32\appinfo.dll
21:50:58.0797 6032 Appinfo - ok
21:50:58.0859 6032 arc (2932004f49677bd84dbc72edb754ffb3) C:\windows\system32\DRIVERS\arc.sys
21:50:58.0859 6032 arc - ok
21:50:58.0906 6032 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\windows\system32\DRIVERS\arcsas.sys
21:50:58.0906 6032 arcsas - ok
21:50:58.0968 6032 aswFsBlk (054df24c92b55427e0757cfff160e4f2) C:\windows\system32\drivers\aswFsBlk.sys
21:50:58.0968 6032 aswFsBlk - ok
21:50:59.0031 6032 aswMonFlt (258143605e77e4008f1758481d6a977d) C:\windows\system32\drivers\aswMonFlt.sys
21:50:59.0031 6032 aswMonFlt - ok
21:50:59.0078 6032 aswRdr (352d5a48ebab35a7693b048679304831) C:\windows\system32\drivers\aswRdr.sys
21:50:59.0078 6032 aswRdr - ok
21:50:59.0187 6032 aswSnx (8d34d2b24297e27d93e847319abfdec4) C:\windows\system32\drivers\aswSnx.sys
21:50:59.0187 6032 aswSnx - ok
21:50:59.0249 6032 aswSP (010012597333da1f46c3243f33f8409e) C:\windows\system32\drivers\aswSP.sys
21:50:59.0249 6032 aswSP - ok
21:50:59.0280 6032 aswTdi (f9f84364416658e9786235904d448d37) C:\windows\system32\drivers\aswTdi.sys
21:50:59.0280 6032 aswTdi - ok
21:50:59.0343 6032 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\windows\system32\DRIVERS\asyncmac.sys
21:50:59.0343 6032 AsyncMac - ok
21:50:59.0405 6032 atapi (338c86357871c167a96ab976519bf59e) C:\windows\system32\drivers\atapi.sys
21:50:59.0405 6032 atapi - ok
21:50:59.0702 6032 atikmdag (c97be8350fbcb1960b22fad2e6c2b514) C:\windows\system32\DRIVERS\atikmdag.sys
21:50:59.0842 6032 atikmdag - ok
21:50:59.0982 6032 AtiPcie (b73c832088dd54b55e04ff6f9646ad8c) C:\windows\system32\DRIVERS\AtiPcie.sys
21:50:59.0982 6032 AtiPcie - ok
21:51:00.0060 6032 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\windows\System32\Audiosrv.dll
21:51:00.0076 6032 AudioEndpointBuilder - ok
21:51:00.0092 6032 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\windows\System32\Audiosrv.dll
21:51:00.0092 6032 Audiosrv - ok
21:51:00.0185 6032 avast! Antivirus (996e6d052438e8d8dfd501f31560b2e0) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
21:51:00.0185 6032 avast! Antivirus - ok
21:51:00.0263 6032 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\windows\System32\AxInstSV.dll
21:51:00.0263 6032 AxInstSV - ok
21:51:00.0326 6032 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\windows\system32\DRIVERS\bxvbdx.sys
21:51:00.0341 6032 b06bdrv - ok
21:51:00.0388 6032 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\windows\system32\DRIVERS\b57nd60x.sys
21:51:00.0404 6032 b57nd60x - ok
21:51:00.0450 6032 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\windows\System32\bdesvc.dll
21:51:00.0450 6032 BDESVC - ok
21:51:00.0497 6032 Beep (505506526a9d467307b3c393dedaf858) C:\windows\system32\drivers\Beep.sys
21:51:00.0497 6032 Beep - ok
21:51:00.0606 6032 BITS (e585445d5021971fae10393f0f1c3961) C:\windows\System32\qmgr.dll
21:51:00.0622 6032 BITS - ok
21:51:00.0653 6032 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\windows\system32\DRIVERS\blbdrive.sys
21:51:00.0653 6032 blbdrive - ok
21:51:00.0716 6032 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\windows\system32\DRIVERS\bowser.sys
21:51:00.0716 6032 bowser - ok
21:51:00.0747 6032 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\windows\system32\DRIVERS\BrFiltLo.sys
21:51:00.0747 6032 BrFiltLo - ok
21:51:00.0809 6032 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\windows\system32\DRIVERS\BrFiltUp.sys
21:51:00.0809 6032 BrFiltUp - ok
21:51:00.0872 6032 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\windows\System32\browser.dll
21:51:00.0872 6032 Browser - ok
21:51:00.0934 6032 Brserid (845b8ce732e67f3b4133164868c666ea) C:\windows\System32\Drivers\Brserid.sys
21:51:00.0950 6032 Brserid - ok
21:51:01.0074 6032 BrSerIf (1a5fc78e41840edf79d65ec16eff2787) C:\windows\system32\Drivers\BrSerIf.sys
21:51:01.0074 6032 BrSerIf - ok
21:51:01.0106 6032 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\windows\System32\Drivers\BrSerWdm.sys
21:51:01.0106 6032 BrSerWdm - ok
21:51:01.0137 6032 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\windows\System32\Drivers\BrUsbMdm.sys
21:51:01.0137 6032 BrUsbMdm - ok
21:51:01.0184 6032 BrUsbSer (a24c7b39602218f8dbdb2b6704325fc7) C:\windows\system32\Drivers\BrUsbSer.sys
21:51:01.0184 6032 BrUsbSer - ok
21:51:01.0215 6032 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\windows\system32\DRIVERS\bthmodem.sys
21:51:01.0215 6032 BTHMODEM - ok
21:51:01.0277 6032 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\windows\system32\bthserv.dll
21:51:01.0277 6032 bthserv - ok
21:51:01.0386 6032 CamDrL (0f5ca31bb3fdb5c1e63c170cfbecc93b) C:\windows\system32\DRIVERS\Camdrl.sys
21:51:01.0386 6032 CamDrL - ok
21:51:01.0433 6032 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\windows\system32\DRIVERS\cdfs.sys
21:51:01.0433 6032 cdfs - ok
21:51:01.0496 6032 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\windows\system32\DRIVERS\cdrom.sys
21:51:01.0511 6032 cdrom - ok
21:51:01.0558 6032 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\windows\System32\certprop.dll
21:51:01.0558 6032 CertPropSvc - ok
21:51:01.0683 6032 cfWiMAXService (1f8a319d29394f9ce1b7ae020df2ebbf) C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe
21:51:01.0698 6032 cfWiMAXService - ok
21:51:01.0730 6032 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\windows\system32\DRIVERS\circlass.sys
21:51:01.0745 6032 circlass - ok
21:51:01.0792 6032 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\windows\system32\CLFS.sys
21:51:01.0808 6032 CLFS - ok
21:51:01.0901 6032 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:51:01.0917 6032 clr_optimization_v2.0.50727_32 - ok
21:51:02.0026 6032 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:51:02.0057 6032 clr_optimization_v4.0.30319_32 - ok
21:51:02.0104 6032 CmBatt (dea805815e587dad1dd2c502220b5616) C:\windows\system32\DRIVERS\CmBatt.sys
21:51:02.0104 6032 CmBatt - ok
21:51:02.0151 6032 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\windows\system32\drivers\cmdide.sys
21:51:02.0151 6032 cmdide - ok
21:51:02.0213 6032 CNG (247b4ce2dab1160cd422d532d5241e1f) C:\windows\system32\Drivers\cng.sys
21:51:02.0213 6032 CNG - ok
21:51:02.0260 6032 Compbatt (a6023d3823c37043986713f118a89bee) C:\windows\system32\DRIVERS\compbatt.sys
21:51:02.0260 6032 Compbatt - ok
21:51:02.0322 6032 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\windows\system32\drivers\CompositeBus.sys
21:51:02.0322 6032 CompositeBus - ok
21:51:02.0354 6032 COMSysApp - ok
21:51:02.0447 6032 ConfigFree Service (cab0eeaf5295fc96ddd3e19dce27e131) C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
21:51:02.0447 6032 ConfigFree Service - ok
21:51:02.0494 6032 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\windows\system32\DRIVERS\crcdisk.sys
21:51:02.0494 6032 crcdisk - ok
21:51:02.0572 6032 CryptSvc (06e771aa596b8761107ab57e99f128d7) C:\windows\system32\cryptsvc.dll
21:51:02.0572 6032 CryptSvc - ok
21:51:02.0744 6032 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
21:51:02.0759 6032 cvhsvc - ok
21:51:02.0837 6032 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\windows\system32\rpcss.dll
21:51:02.0853 6032 DcomLaunch - ok
21:51:02.0900 6032 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\windows\System32\defragsvc.dll
21:51:02.0915 6032 defragsvc - ok
21:51:03.0009 6032 DfsC (f024449c97ec1e464aaffda18593db88) C:\windows\system32\Drivers\dfsc.sys
21:51:03.0009 6032 DfsC - ok
21:51:03.0087 6032 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\windows\system32\dhcpcore.dll
21:51:03.0102 6032 Dhcp - ok
21:51:03.0134 6032 discache (1a050b0274bfb3890703d490f330c0da) C:\windows\system32\drivers\discache.sys
21:51:03.0134 6032 discache - ok
21:51:03.0196 6032 Disk (565003f326f99802e68ca78f2a68e9ff) C:\windows\system32\DRIVERS\disk.sys
21:51:03.0196 6032 Disk - ok
21:51:03.0258 6032 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\windows\System32\dnsrslvr.dll
21:51:03.0258 6032 Dnscache - ok
21:51:03.0321 6032 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\windows\System32\dot3svc.dll
21:51:03.0321 6032 dot3svc - ok
21:51:03.0399 6032 Dot4 (b5e479eb83707dd698f66953e922042c) C:\windows\system32\DRIVERS\Dot4.sys
21:51:03.0399 6032 Dot4 - ok
21:51:03.0461 6032 Dot4Print (caefd09b6a6249c53a67d55a9a9fcabf) C:\windows\system32\DRIVERS\Dot4Prt.sys
21:51:03.0461 6032 Dot4Print - ok
21:51:03.0492 6032 dot4usb (cf491ff38d62143203c065260567e2f7) C:\windows\system32\DRIVERS\dot4usb.sys
21:51:03.0492 6032 dot4usb - ok
21:51:03.0555 6032 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\windows\system32\dps.dll
21:51:03.0555 6032 DPS - ok
21:51:03.0602 6032 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\windows\system32\drivers\drmkaud.sys
21:51:03.0602 6032 drmkaud - ok
21:51:03.0680 6032 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\windows\System32\drivers\dxgkrnl.sys
21:51:03.0695 6032 DXGKrnl - ok
21:51:03.0758 6032 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\windows\System32\eapsvc.dll
21:51:03.0758 6032 EapHost - ok
21:51:03.0976 6032 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\windows\system32\DRIVERS\evbdx.sys
21:51:04.0038 6032 ebdrv - ok
21:51:04.0194 6032 EFS (81951f51e318aecc2d68559e47485cc4) C:\windows\System32\lsass.exe
21:51:04.0210 6032 EFS - ok
21:51:04.0304 6032 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\windows\ehome\ehRecvr.exe
21:51:04.0319 6032 ehRecvr - ok
21:51:04.0350 6032 ehSched (d389bff34f80caede417bf9d1507996a) C:\windows\ehome\ehsched.exe
21:51:04.0366 6032 ehSched - ok
21:51:04.0491 6032 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\windows\system32\DRIVERS\elxstor.sys
21:51:04.0506 6032 elxstor - ok
21:51:04.0553 6032 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\windows\system32\drivers\errdev.sys
21:51:04.0553 6032 ErrDev - ok
21:51:04.0616 6032 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\windows\system32\es.dll
21:51:04.0631 6032 EventSystem - ok
21:51:04.0678 6032 exfat (2dc9108d74081149cc8b651d3a26207f) C:\windows\system32\drivers\exfat.sys
21:51:04.0678 6032 exfat - ok
21:51:04.0709 6032 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\windows\system32\drivers\fastfat.sys
21:51:04.0725 6032 fastfat - ok
21:51:04.0850 6032 Fax (967ea5b213e9984cbe270205df37755b) C:\windows\system32\fxssvc.exe
21:51:04.0912 6032 Fax - ok
21:51:04.0974 6032 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\windows\system32\DRIVERS\fdc.sys
21:51:04.0974 6032 fdc - ok
21:51:05.0021 6032 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\windows\system32\fdPHost.dll
21:51:05.0021 6032 fdPHost - ok
21:51:05.0052 6032 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\windows\system32\fdrespub.dll
21:51:05.0052 6032 FDResPub - ok
21:51:05.0084 6032 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\windows\system32\drivers\fileinfo.sys
21:51:05.0084 6032 FileInfo - ok
21:51:05.0130 6032 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\windows\system32\drivers\filetrace.sys
21:51:05.0130 6032 Filetrace - ok
21:51:05.0162 6032 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\windows\system32\DRIVERS\flpydisk.sys
21:51:05.0162 6032 flpydisk - ok
21:51:05.0224 6032 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\windows\system32\drivers\fltmgr.sys
21:51:05.0224 6032 FltMgr - ok
21:51:05.0318 6032 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\windows\system32\FntCache.dll
21:51:05.0333 6032 FontCache - ok
21:51:05.0442 6032 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
21:51:05.0442 6032 FontCache3.0.0.0 - ok
21:51:05.0489 6032 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\windows\system32\drivers\FsDepends.sys
21:51:05.0489 6032 FsDepends - ok
21:51:05.0552 6032 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\windows\system32\drivers\Fs_Rec.sys
21:51:05.0552 6032 Fs_Rec - ok
21:51:05.0614 6032 FTDIBUS (aae37f0f2f613218dce17b42a18c38db) C:\windows\system32\drivers\ftdibus.sys
21:51:05.0614 6032 FTDIBUS - ok
21:51:05.0661 6032 FTSER2K (48bfd1ba45c9c9e7ab339e25abfba1d2) C:\windows\system32\drivers\ftser2k.sys
21:51:05.0661 6032 FTSER2K - ok
21:51:05.0723 6032 fvevol (8a73e79089b282100b9393b644cb853b) C:\windows\system32\DRIVERS\fvevol.sys
21:51:05.0739 6032 fvevol - ok
21:51:05.0786 6032 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\windows\system32\DRIVERS\gagp30kx.sys
21:51:05.0786 6032 gagp30kx - ok
21:51:05.0942 6032 GameConsoleService (521a469caf61f00e1de081cc2099c1d6) C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe
21:51:05.0957 6032 GameConsoleService - ok
21:51:06.0020 6032 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\windows\System32\gpsvc.dll
21:51:06.0035 6032 gpsvc - ok
21:51:06.0082 6032 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\windows\system32\drivers\hcw85cir.sys
21:51:06.0082 6032 hcw85cir - ok
21:51:06.0160 6032 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\windows\system32\drivers\HdAudio.sys
21:51:06.0160 6032 HdAudAddService - ok
21:51:06.0222 6032 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\windows\system32\drivers\HDAudBus.sys
21:51:06.0222 6032 HDAudBus - ok
21:51:06.0238 6032 hdpwjmvu - ok
21:51:06.0285 6032 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\windows\system32\DRIVERS\HidBatt.sys
21:51:06.0285 6032 HidBatt - ok
21:51:06.0316 6032 HidBth (89448f40e6df260c206a193a4683ba78) C:\windows\system32\DRIVERS\hidbth.sys
21:51:06.0316 6032 HidBth - ok
21:51:06.0378 6032 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\windows\system32\DRIVERS\hidir.sys
21:51:06.0378 6032 HidIr - ok
21:51:06.0425 6032 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\windows\system32\hidserv.dll
21:51:06.0425 6032 hidserv - ok
21:51:06.0503 6032 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\windows\system32\DRIVERS\hidusb.sys
21:51:06.0503 6032 HidUsb - ok
21:51:06.0550 6032 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\windows\system32\kmsvc.dll
21:51:06.0566 6032 hkmsvc - ok
21:51:06.0581 6032 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\windows\system32\ListSvc.dll
21:51:06.0597 6032 HomeGroupListener - ok
21:51:06.0644 6032 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\windows\system32\provsvc.dll
21:51:06.0659 6032 HomeGroupProvider - ok
21:51:06.0815 6032 hpqcxs08 (08457d8f8149757c70cea59c71ec5d27) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
21:51:06.0831 6032 hpqcxs08 - ok
21:51:06.0878 6032 hpqddsvc (75cc8c5146a3fb76221a7606628778d5) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
21:51:06.0878 6032 hpqddsvc - ok
21:51:06.0940 6032 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\windows\system32\drivers\HpSAMD.sys
21:51:06.0956 6032 HpSAMD - ok
21:51:07.0080 6032 HPSLPSVC (83db5dd8be71cba5447fbd7a48fdbeda) C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
21:51:07.0096 6032 HPSLPSVC - ok
21:51:07.0190 6032 HTTP (871917b07a141bff43d76d8844d48106) C:\windows\system32\drivers\HTTP.sys
21:51:07.0190 6032 HTTP - ok
21:51:07.0221 6032 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\windows\system32\drivers\hwpolicy.sys
21:51:07.0221 6032 hwpolicy - ok
21:51:07.0283 6032 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\windows\system32\drivers\i8042prt.sys
21:51:07.0283 6032 i8042prt - ok
21:51:07.0361 6032 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\windows\system32\drivers\iaStorV.sys
21:51:07.0361 6032 iaStorV - ok
21:51:07.0548 6032 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:51:07.0564 6032 idsvc - ok
21:51:07.0689 6032 iirsp (4173ff5708f3236cf25195fecd742915) C:\windows\system32\DRIVERS\iirsp.sys
21:51:07.0689 6032 iirsp - ok
21:51:07.0798 6032 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\windows\System32\ikeext.dll
21:51:07.0798 6032 IKEEXT - ok
21:51:08.0032 6032 IntcAzAudAddService (e4a2e810cb2607c9c159c0dfb0bd4c88) C:\windows\system32\drivers\RTKVHDA.sys
21:51:08.0063 6032 IntcAzAudAddService - ok
21:51:08.0219 6032 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\windows\system32\drivers\intelide.sys
21:51:08.0219 6032 intelide - ok
21:51:08.0282 6032 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\windows\system32\DRIVERS\intelppm.sys
21:51:08.0282 6032 intelppm - ok
21:51:08.0328 6032 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\windows\system32\ipbusenum.dll
21:51:08.0328 6032 IPBusEnum - ok
21:51:08.0360 6032 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\windows\system32\DRIVERS\ipfltdrv.sys
21:51:08.0360 6032 IpFilterDriver - ok
21:51:08.0422 6032 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\windows\system32\drivers\IPMIDrv.sys
21:51:08.0422 6032 IPMIDRV - ok
21:51:08.0469 6032 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\windows\system32\drivers\ipnat.sys
21:51:08.0469 6032 IPNAT - ok
21:51:08.0500 6032 IRENUM (42996cff20a3084a56017b7902307e9f) C:\windows\system32\drivers\irenum.sys
21:51:08.0516 6032 IRENUM - ok
21:51:08.0562 6032 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\windows\system32\drivers\isapnp.sys
21:51:08.0562 6032 isapnp - ok
21:51:08.0625 6032 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\windows\system32\drivers\msiscsi.sys
21:51:08.0625 6032 iScsiPrt - ok
21:51:08.0703 6032 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\windows\system32\DRIVERS\kbdclass.sys
21:51:08.0703 6032 kbdclass - ok
21:51:08.0765 6032 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\windows\system32\DRIVERS\kbdhid.sys
21:51:08.0765 6032 kbdhid - ok
21:51:08.0828 6032 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe
21:51:08.0828 6032 KeyIso - ok
21:51:08.0874 6032 KSecDD (b7895b4182c0d16f6efadeb8081e8d36) C:\windows\system32\Drivers\ksecdd.sys
21:51:08.0874 6032 KSecDD - ok
21:51:08.0921 6032 KSecPkg (d30159ac9237519fbc62c6ec247d2d46) C:\windows\system32\Drivers\ksecpkg.sys
21:51:08.0921 6032 KSecPkg - ok
21:51:08.0984 6032 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\windows\system32\msdtckrm.dll
21:51:08.0984 6032 KtmRm - ok
21:51:09.0062 6032 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\windows\system32\srvsvc.dll
21:51:09.0077 6032 LanmanServer - ok
21:51:09.0140 6032 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\windows\System32\wkssvc.dll
21:51:09.0155 6032 LanmanWorkstation - ok
21:51:09.0327 6032 LightScribeService (71c6a95a5f0ccc87298c4dd0f2c3635a) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
21:51:09.0327 6032 LightScribeService - ok
21:51:09.0374 6032 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\windows\system32\DRIVERS\lltdio.sys
21:51:09.0374 6032 lltdio - ok
21:51:09.0436 6032 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\windows\System32\lltdsvc.dll
21:51:09.0436 6032 lltdsvc - ok
21:51:09.0467 6032 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\windows\System32\lmhsvc.dll
21:51:09.0483 6032 lmhosts - ok
21:51:09.0530 6032 LPCFilter (6e3d3816749e107883eec5734ce44493) C:\windows\system32\DRIVERS\LPCFilter.sys
21:51:09.0545 6032 LPCFilter - ok
21:51:09.0592 6032 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\windows\system32\DRIVERS\lsi_fc.sys
21:51:09.0592 6032 LSI_FC - ok
21:51:09.0639 6032 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\windows\system32\DRIVERS\lsi_sas.sys
21:51:09.0639 6032 LSI_SAS - ok
21:51:09.0686 6032 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\windows\system32\DRIVERS\lsi_sas2.sys
21:51:09.0686 6032 LSI_SAS2 - ok
21:51:09.0732 6032 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\windows\system32\DRIVERS\lsi_scsi.sys
21:51:09.0732 6032 LSI_SCSI - ok
21:51:09.0764 6032 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\windows\system32\drivers\luafv.sys
21:51:09.0779 6032 luafv - ok
21:51:09.0842 6032 LVUSBSta (64bc29c3a0388bfc580bb8b1346f7659) C:\windows\system32\drivers\LVUSBSta.sys
21:51:09.0842 6032 LVUSBSta - ok
21:51:09.0904 6032 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\windows\system32\Mcx2Svc.dll
21:51:09.0920 6032 Mcx2Svc - ok
21:51:09.0966 6032 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\windows\system32\DRIVERS\megasas.sys
21:51:09.0966 6032 megasas - ok
21:51:10.0013 6032 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\windows\system32\DRIVERS\MegaSR.sys
21:51:10.0029 6032 MegaSR - ok
21:51:10.0060 6032 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\windows\system32\mmcss.dll
21:51:10.0060 6032 MMCSS - ok
21:51:10.0107 6032 Modem (f001861e5700ee84e2d4e52c712f4964) C:\windows\system32\drivers\modem.sys
21:51:10.0122 6032 Modem - ok
21:51:10.0154 6032 monitor (79d10964de86b292320e9dfe02282a23) C:\windows\system32\DRIVERS\monitor.sys
21:51:10.0154 6032 monitor - ok
21:51:10.0216 6032 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\windows\system32\DRIVERS\mouclass.sys
21:51:10.0216 6032 mouclass - ok
21:51:10.0247 6032 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\windows\system32\DRIVERS\mouhid.sys
21:51:10.0247 6032 mouhid - ok
21:51:10.0294 6032 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\windows\system32\drivers\mountmgr.sys
21:51:10.0294 6032 mountmgr - ok
21:51:10.0356 6032 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\windows\system32\drivers\mpio.sys
21:51:10.0372 6032 mpio - ok
21:51:10.0419 6032 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\windows\system32\drivers\mpsdrv.sys
21:51:10.0419 6032 mpsdrv - ok
21:51:10.0481 6032 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\windows\system32\drivers\mrxdav.sys
21:51:10.0481 6032 MRxDAV - ok
21:51:10.0544 6032 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\windows\system32\DRIVERS\mrxsmb.sys
21:51:10.0544 6032 mrxsmb - ok
21:51:10.0606 6032 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\windows\system32\DRIVERS\mrxsmb10.sys
21:51:10.0606 6032 mrxsmb10 - ok
21:51:10.0653 6032 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\windows\system32\DRIVERS\mrxsmb20.sys
21:51:10.0668 6032 mrxsmb20 - ok
21:51:10.0715 6032 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\windows\system32\drivers\msahci.sys
21:51:10.0715 6032 msahci - ok
21:51:10.0746 6032 msdsm (55055f8ad8be27a64c831322a780a228) C:\windows\system32\drivers\msdsm.sys
21:51:10.0746 6032 msdsm - ok
21:51:10.0871 6032 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\windows\System32\msdtc.exe
21:51:10.0902 6032 MSDTC - ok
21:51:10.0965 6032 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\windows\system32\drivers\Msfs.sys
21:51:10.0965 6032 Msfs - ok
21:51:10.0996 6032 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\windows\System32\drivers\mshidkmdf.sys
21:51:10.0996 6032 mshidkmdf - ok
21:51:11.0043 6032 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\windows\system32\drivers\msisadrv.sys
21:51:11.0043 6032 msisadrv - ok
21:51:11.0105 6032 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\windows\system32\iscsiexe.dll
21:51:11.0105 6032 MSiSCSI - ok
21:51:11.0121 6032 msiserver - ok
21:51:11.0183 6032 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\windows\system32\drivers\MSKSSRV.sys
21:51:11.0183 6032 MSKSSRV - ok
21:51:11.0214 6032 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\windows\system32\drivers\MSPCLOCK.sys
21:51:11.0214 6032 MSPCLOCK - ok
21:51:11.0261 6032 MSPQM (f456e973590d663b1073e9c463b40932) C:\windows\system32\drivers\MSPQM.sys
21:51:11.0261 6032 MSPQM - ok
21:51:11.0308 6032 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\windows\system32\drivers\MsRPC.sys
21:51:11.0324 6032 MsRPC - ok
21:51:11.0370 6032 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\windows\system32\drivers\mssmbios.sys
21:51:11.0386 6032 mssmbios - ok
21:51:11.0433 6032 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\windows\system32\drivers\MSTEE.sys
21:51:11.0433 6032 MSTEE - ok
21:51:11.0464 6032 MTConfig (33599130f44e1f34631cea241de8ac84) C:\windows\system32\DRIVERS\MTConfig.sys
21:51:11.0464 6032 MTConfig - ok
21:51:11.0511 6032 Mup (159fad02f64e6381758c990f753bcc80) C:\windows\system32\Drivers\mup.sys
21:51:11.0511 6032 Mup - ok
21:51:11.0558 6032 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\windows\system32\qagentRT.dll
21:51:11.0573 6032 napagent - ok
21:51:11.0636 6032 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\windows\system32\DRIVERS\nwifi.sys
21:51:11.0651 6032 NativeWifiP - ok
21:51:11.0729 6032 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\windows\system32\drivers\ndis.sys
21:51:11.0745 6032 NDIS - ok
21:51:11.0792 6032 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\windows\system32\DRIVERS\ndiscap.sys
21:51:11.0792 6032 NdisCap - ok
21:51:11.0838 6032 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\windows\system32\DRIVERS\ndistapi.sys
21:51:11.0838 6032 NdisTapi - ok
21:51:11.0885 6032 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\windows\system32\DRIVERS\ndisuio.sys
21:51:11.0885 6032 Ndisuio - ok
21:51:11.0932 6032 NdisWan (38fbe267e7e6983311179230facb1017) C:\windows\system32\DRIVERS\ndiswan.sys
21:51:11.0932 6032 NdisWan - ok
21:51:11.0979 6032 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\windows\system32\drivers\NDProxy.sys
21:51:11.0979 6032 NDProxy - ok
21:51:12.0057 6032 Net Driver HPZ12 (a081cb6fb9a12668f233eb5414be3a0e) C:\windows\system32\HPZinw12.dll
21:51:12.0057 6032 Net Driver HPZ12 - ok
21:51:12.0104 6032 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\windows\system32\DRIVERS\netbios.sys
21:51:12.0104 6032 NetBIOS - ok
21:51:12.0166 6032 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\windows\system32\DRIVERS\netbt.sys
21:51:12.0166 6032 NetBT - ok
21:51:12.0213 6032 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe
21:51:12.0228 6032 Netlogon - ok
21:51:12.0291 6032 Netman (7cccfca7510684768da22092d1fa4db2) C:\windows\System32\netman.dll
21:51:12.0306 6032 Netman - ok
21:51:12.0338 6032 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\windows\System32\netprofm.dll
21:51:12.0353 6032 netprofm - ok
21:51:12.0462 6032 NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:51:12.0462 6032 NetTcpPortSharing - ok
21:51:12.0540 6032 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\windows\system32\DRIVERS\nfrd960.sys
21:51:12.0540 6032 nfrd960 - ok
21:51:12.0603 6032 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\windows\System32\nlasvc.dll
21:51:12.0618 6032 NlaSvc - ok
21:51:12.0634 6032 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\windows\system32\drivers\Npfs.sys
21:51:12.0650 6032 Npfs - ok
21:51:12.0681 6032 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\windows\system32\nsisvc.dll
21:51:12.0681 6032 nsi - ok
21:51:12.0712 6032 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\windows\system32\drivers\nsiproxy.sys
21:51:12.0712 6032 nsiproxy - ok
21:51:12.0868 6032 Ntfs (81189c3d7763838e55c397759d49007a) C:\windows\system32\drivers\Ntfs.sys
21:51:12.0899 6032 Ntfs - ok
21:51:13.0055 6032 Null (f9756a98d69098dca8945d62858a812c) C:\windows\system32\drivers\Null.sys
21:51:13.0055 6032 Null - ok
21:51:13.0118 6032 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\windows\system32\drivers\nvraid.sys
21:51:13.0133 6032 nvraid - ok
21:51:13.0164 6032 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\windows\system32\drivers\nvstor.sys
21:51:13.0164 6032 nvstor - ok
21:51:13.0211 6032 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\windows\system32\drivers\nv_agp.sys
21:51:13.0211 6032 nv_agp - ok
21:51:13.0352 6032 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:51:13.0367 6032 odserv - ok
21:51:13.0414 6032 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\windows\system32\drivers\ohci1394.sys
21:51:13.0414 6032 ohci1394 - ok
21:51:13.0508 6032 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:51:13.0508 6032 ose - ok
21:51:13.0835 6032 osppsvc (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:51:13.0944 6032 osppsvc - ok
21:51:14.0069 6032 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\windows\system32\pnrpsvc.dll
21:51:14.0085 6032 p2pimsvc - ok
21:51:14.0132 6032 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\windows\system32\p2psvc.dll
21:51:14.0132 6032 p2psvc - ok
21:51:14.0210 6032 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\windows\system32\DRIVERS\parport.sys
21:51:14.0225 6032 Parport - ok
21:51:14.0272 6032 partmgr (3f34a1b4c5f6475f320c275e63afce9b) C:\windows\system32\drivers\partmgr.sys
21:51:14.0272 6032 partmgr - ok
21:51:14.0319 6032 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\windows\system32\DRIVERS\parvdm.sys
21:51:14.0319 6032 Parvdm - ok
21:51:14.0381 6032 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\windows\System32\pcasvc.dll
21:51:14.0381 6032 PcaSvc - ok
21:51:14.0444 6032 pci (673e55c3498eb970088e812ea820aa8f) C:\windows\system32\drivers\pci.sys
21:51:14.0444 6032 pci - ok
21:51:14.0475 6032 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\windows\system32\drivers\pciide.sys
21:51:14.0475 6032 pciide - ok
21:51:14.0522 6032 pcmcia (f396431b31693e71e8a80687ef523506) C:\windows\system32\DRIVERS\pcmcia.sys
21:51:14.0537 6032 pcmcia - ok
21:51:14.0568 6032 pcw (250f6b43d2b613172035c6747aeeb19f) C:\windows\system32\drivers\pcw.sys
21:51:14.0568 6032 pcw - ok
21:51:14.0631 6032 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\windows\system32\drivers\peauth.sys
21:51:14.0631 6032 PEAUTH - ok
21:51:14.0802 6032 pla (414bba67a3ded1d28437eb66aeb8a720) C:\windows\system32\pla.dll
21:51:14.0818 6032 pla - ok
21:51:14.0990 6032 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\windows\system32\umpnpmgr.dll
21:51:15.0005 6032 PlugPlay - ok
21:51:15.0083 6032 Pml Driver HPZ12 (65bc271f337637731d3c71455ae1f476) C:\windows\system32\HPZipm12.dll
21:51:15.0083 6032 Pml Driver HPZ12 - ok
21:51:15.0130 6032 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\windows\system32\pnrpauto.dll
21:51:15.0130 6032 PNRPAutoReg - ok
21:51:15.0177 6032 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\windows\system32\pnrpsvc.dll
21:51:15.0192 6032 PNRPsvc - ok
21:51:15.0255 6032 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\windows\System32\ipsecsvc.dll
21:51:15.0255 6032 PolicyAgent - ok
21:51:15.0317 6032 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\windows\system32\umpo.dll
21:51:15.0333 6032 Power - ok
21:51:15.0411 6032 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\windows\system32\DRIVERS\raspptp.sys
21:51:15.0411 6032 PptpMiniport - ok
21:51:15.0442 6032 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\windows\system32\DRIVERS\processr.sys
21:51:15.0442 6032 Processor - ok
21:51:15.0520 6032 ProfSvc (cadefac453040e370a1bdff3973be00d) C:\windows\system32\profsvc.dll
21:51:15.0520 6032 ProfSvc - ok
21:51:15.0582 6032 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe
21:51:15.0582 6032 ProtectedStorage - ok
21:51:15.0629 6032 Psched (6270ccae2a86de6d146529fe55b3246a) C:\windows\system32\DRIVERS\pacer.sys
21:51:15.0629 6032 Psched - ok
21:51:15.0754 6032 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\windows\system32\DRIVERS\ql2300.sys
21:51:15.0770 6032 ql2300 - ok
21:51:15.0910 6032 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\windows\system32\DRIVERS\ql40xx.sys
21:51:15.0910 6032 ql40xx - ok
21:51:15.0957 6032 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\windows\system32\qwave.dll
21:51:15.0972 6032 QWAVE - ok
21:51:15.0988 6032 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\windows\system32\drivers\qwavedrv.sys
21:51:16.0004 6032 QWAVEdrv - ok
21:51:16.0019 6032 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\windows\system32\DRIVERS\rasacd.sys
21:51:16.0035 6032 RasAcd - ok
21:51:16.0082 6032 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\windows\system32\DRIVERS\AgileVpn.sys
21:51:16.0082 6032 RasAgileVpn - ok
21:51:16.0128 6032 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\windows\System32\rasauto.dll
21:51:16.0128 6032 RasAuto - ok
21:51:16.0191 6032 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\windows\system32\DRIVERS\rasl2tp.sys
21:51:16.0191 6032 Rasl2tp - ok
21:51:16.0269 6032 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\windows\System32\rasmans.dll
21:51:16.0284 6032 RasMan - ok
21:51:16.0331 6032 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\windows\system32\DRIVERS\raspppoe.sys
21:51:16.0331 6032 RasPppoe - ok
21:51:16.0394 6032 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\windows\system32\DRIVERS\rassstp.sys
21:51:16.0394 6032 RasSstp - ok
21:51:16.0456 6032 rdbss (d528bc58a489409ba40334ebf96a311b) C:\windows\system32\DRIVERS\rdbss.sys
21:51:16.0456 6032 rdbss - ok
21:51:16.0487 6032 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\windows\system32\DRIVERS\rdpbus.sys
21:51:16.0503 6032 rdpbus - ok
21:51:16.0550 6032 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\windows\system32\DRIVERS\RDPCDD.sys
21:51:16.0550 6032 RDPCDD - ok
21:51:16.0596 6032 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\windows\system32\drivers\rdpencdd.sys
21:51:16.0596 6032 RDPENCDD - ok
21:51:16.0628 6032 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\windows\system32\drivers\rdprefmp.sys
21:51:16.0628 6032 RDPREFMP - ok
21:51:16.0674 6032 RDPWD (f031683e6d1fea157abb2ff260b51e61) C:\windows\system32\drivers\RDPWD.sys
21:51:16.0690 6032 RDPWD - ok
21:51:16.0752 6032 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\windows\system32\drivers\rdyboost.sys
21:51:16.0752 6032 rdyboost - ok
21:51:16.0799 6032 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\windows\System32\mprdim.dll
21:51:16.0815 6032 RemoteAccess - ok
21:51:16.0846 6032 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\windows\system32\regsvc.dll
21:51:16.0862 6032 RemoteRegistry - ok
21:51:16.0908 6032 RimUsb (f17713d108aca124a139fde877eef68a) C:\windows\system32\Drivers\RimUsb.sys
21:51:16.0908 6032 RimUsb - ok
21:51:16.0971 6032 RimVSerPort (2c4fb2e9f039287767c384e46ee91030) C:\windows\system32\DRIVERS\RimSerial.sys
21:51:16.0971 6032 RimVSerPort - ok
21:51:17.0018 6032 ROOTMODEM (564297827d213f52c7a3a2ff749568ca) C:\windows\system32\Drivers\RootMdm.sys
21:51:17.0018 6032 ROOTMODEM - ok
21:51:17.0080 6032 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\windows\System32\RpcEpMap.dll
21:51:17.0080 6032 RpcEptMapper - ok
21:51:17.0127 6032 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\windows\system32\locator.exe
21:51:17.0127 6032 RpcLocator - ok
21:51:17.0189 6032 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\windows\system32\rpcss.dll
21:51:17.0205 6032 RpcSs - ok
21:51:17.0267 6032 rspndr (032b0d36ad92b582d869879f5af5b928) C:\windows\system32\DRIVERS\rspndr.sys
21:51:17.0267 6032 rspndr - ok
21:51:17.0298 6032 RSUSBSTOR - ok
21:51:17.0361 6032 RTL8167 (26a9d6227d12b9d9da5a81bb9b55d810) C:\windows\system32\DRIVERS\Rt86win7.sys
21:51:17.0361 6032 RTL8167 - ok
21:51:17.0439 6032 RTL8187Se (e48daf453d773a89a44134ce4ba9af44) C:\windows\system32\DRIVERS\RTL8187Se.sys
21:51:17.0439 6032 RTL8187Se - ok
21:51:17.0470 6032 RtsUIR - ok
21:51:17.0517 6032 SamSs (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe
21:51:17.0517 6032 SamSs - ok
21:51:17.0595 6032 sbp2port (05d860da1040f111503ac416ccef2bca) C:\windows\system32\drivers\sbp2port.sys
21:51:17.0595 6032 sbp2port - ok
21:51:17.0642 6032 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\windows\System32\SCardSvr.dll
21:51:17.0642 6032 SCardSvr - ok
21:51:17.0688 6032 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\windows\system32\DRIVERS\scfilter.sys
21:51:17.0688 6032 scfilter - ok
21:51:17.0782 6032 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\windows\system32\schedsvc.dll
21:51:17.0798 6032 Schedule - ok
21:51:17.0844 6032 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\windows\System32\certprop.dll
21:51:17.0844 6032 SCPolicySvc - ok
21:51:17.0907 6032 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\windows\System32\SDRSVC.dll
21:51:17.0907 6032 SDRSVC - ok
21:51:17.0954 6032 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\drivers\secdrv.sys
21:51:17.0969 6032 secdrv - ok
21:51:18.0000 6032 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\windows\system32\seclogon.dll
21:51:18.0000 6032 seclogon - ok
21:51:18.0047 6032 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\windows\System32\sens.dll
21:51:18.0047 6032 SENS - ok
21:51:18.0094 6032 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\windows\system32\sensrsvc.dll
21:51:18.0094 6032 SensrSvc - ok
21:51:18.0141 6032 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\windows\system32\DRIVERS\serenum.sys
21:51:18.0156 6032 Serenum - ok
21:51:18.0188 6032 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\windows\system32\DRIVERS\serial.sys
21:51:18.0188 6032 Serial - ok
21:51:18.0234 6032 sermouse (79bffb520327ff916a582dfea17aa813) C:\windows\system32\DRIVERS\sermouse.sys
21:51:18.0234 6032 sermouse - ok
21:51:18.0312 6032 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\windows\system32\sessenv.dll
21:51:18.0328 6032 SessionEnv - ok
21:51:18.0375 6032 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\windows\system32\drivers\sffdisk.sys
21:51:18.0375 6032 sffdisk - ok
21:51:18.0406 6032 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\windows\system32\drivers\sffp_mmc.sys
21:51:18.0406 6032 sffp_mmc - ok
21:51:18.0422 6032 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\windows\system32\drivers\sffp_sd.sys
21:51:18.0422 6032 sffp_sd - ok
21:51:18.0468 6032 sfloppy (db96666cc8312ebc45032f30b007a547) C:\windows\system32\DRIVERS\sfloppy.sys
21:51:18.0468 6032 sfloppy - ok
21:51:18.0546 6032 Sftfs (d9b734638dd8dba9d59aad3189cd0fad) C:\windows\system32\DRIVERS\Sftfslh.sys
21:51:18.0562 6032 Sftfs - ok
21:51:18.0718 6032 sftlist (cb73bc422c07fb611f194da18d1e7f36) C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
21:51:18.0734 6032 sftlist - ok
21:51:18.0765 6032 Sftplay (2f61bd46c0bff4eb36e1e359ca17bfc5) C:\windows\system32\DRIVERS\Sftplaylh.sys
21:51:18.0765 6032 Sftplay - ok
21:51:18.0827 6032 Sftredir (518bac0179f94304f422696b47c0ec12) C:\windows\system32\DRIVERS\Sftredirlh.sys
21:51:18.0827 6032 Sftredir - ok
21:51:18.0874 6032 Sftvol (747325236d88b3f05ffd27ff9ec711c5) C:\windows\system32\DRIVERS\Sftvollh.sys
21:51:18.0874 6032 Sftvol - ok
21:51:18.0936 6032 sftvsa (a5812f0281ca5081bf696626f9bf324d) C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
21:51:18.0936 6032 sftvsa - ok
21:51:18.0999 6032 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\windows\System32\shsvcs.dll
21:51:19.0014 6032 ShellHWDetection - ok
21:51:19.0077 6032 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\windows\system32\drivers\sisagp.sys
21:51:19.0077 6032 sisagp - ok
21:51:19.0139 6032 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\windows\system32\DRIVERS\SiSRaid2.sys
21:51:19.0139 6032 SiSRaid2 - ok
21:51:19.0170 6032 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\windows\system32\DRIVERS\sisraid4.sys
21:51:19.0170 6032 SiSRaid4 - ok
21:51:19.0217 6032 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\windows\system32\DRIVERS\smb.sys
21:51:19.0233 6032 Smb - ok
21:51:19.0326 6032 SMSIVZAM5 (1e715247efffdda938c085913045d599) C:\PROGRA~1\VERIZO~1\VZACCE~1\SMSIVZAM5.SYS
21:51:19.0326 6032 SMSIVZAM5 - ok
21:51:19.0420 6032 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\windows\System32\snmptrap.exe
21:51:19.0420 6032 SNMPTRAP - ok
21:51:19.0451 6032 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\windows\system32\drivers\spldr.sys
21:51:19.0451 6032 spldr - ok
21:51:19.0514 6032 Spooler (866a43013535dc8587c258e43579c764) C:\windows\System32\spoolsv.exe
21:51:19.0529 6032 Spooler - ok
21:51:19.0763 6032 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\windows\system32\sppsvc.exe
21:51:19.0857 6032 sppsvc - ok
21:51:20.0013 6032 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\windows\system32\sppuinotify.dll
21:51:20.0013 6032 sppuinotify - ok
21:51:20.0122 6032 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\windows\system32\DRIVERS\srv.sys
21:51:20.0138 6032 srv - ok
21:51:20.0169 6032 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\windows\system32\DRIVERS\srv2.sys
21:51:20.0184 6032 srv2 - ok
21:51:20.0231 6032 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\windows\system32\DRIVERS\srvnet.sys
21:51:20.0247 6032 srvnet - ok
21:51:20.0309 6032 ssadbus (64e44acd8c238fcbbb78f0ba4bdc4b05) C:\windows\system32\DRIVERS\ssadbus.sys
21:51:20.0309 6032 ssadbus - ok
21:51:20.0356 6032 ssadmdfl (bb2c84a15c765da89fd832b0e73f26ce) C:\windows\system32\DRIVERS\ssadmdfl.sys
21:51:20.0356 6032 ssadmdfl - ok
21:51:20.0387 6032 ssadmdm (6d0d132ddc6f43eda00dced6d8b1ca31) C:\windows\system32\DRIVERS\ssadmdm.sys
21:51:20.0387 6032 ssadmdm - ok
21:51:20.0450 6032 ssadserd (1a5a397bc459f346ab56492b61ef79f6) C:\windows\system32\DRIVERS\ssadserd.sys
21:51:20.0465 6032 ssadserd - ok
21:51:20.0512 6032 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\windows\System32\ssdpsrv.dll
21:51:20.0512 6032 SSDPSRV - ok
21:51:20.0559 6032 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\windows\system32\sstpsvc.dll
21:51:20.0559 6032 SstpSvc - ok
21:51:20.0606 6032 stexstor (db32d325c192b801df274bfd12a7e72b) C:\windows\system32\DRIVERS\stexstor.sys
21:51:20.0606 6032 stexstor - ok
21:51:20.0652 6032 StillCam (edb05bd63148796f23ea78506404a538) C:\windows\system32\DRIVERS\serscan.sys
21:51:20.0652 6032 StillCam - ok
21:51:20.0715 6032 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\windows\System32\wiaservc.dll
21:51:20.0730 6032 StiSvc - ok
21:51:20.0808 6032 swenum (e58c78a848add9610a4db6d214af5224) C:\windows\system32\drivers\swenum.sys
21:51:20.0808 6032 swenum - ok
21:51:20.0871 6032 swprv (a28bd92df340e57b024ba433165d34d7) C:\windows\System32\swprv.dll
21:51:20.0871 6032 swprv - ok
21:51:20.0933 6032 SynTP (8bd10dc8809dc69a1c5a795cb10add76) C:\windows\system32\DRIVERS\SynTP.sys
21:51:20.0933 6032 SynTP - ok
21:51:21.0042 6032 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\windows\system32\sysmain.dll
21:51:21.0058 6032 SysMain - ok
21:51:21.0105 6032 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\windows\System32\TabSvc.dll
21:51:21.0120 6032 TabletInputService - ok
21:51:21.0183 6032 TapiSrv (613bf4820361543956909043a265c6ac) C:\windows\System32\tapisrv.dll
21:51:21.0214 6032 TapiSrv - ok
21:51:21.0245 6032 TBS (b799d9fdb26111737f58288d8dc172d9) C:\windows\System32\tbssvc.dll
21:51:21.0261 6032 TBS - ok
21:51:21.0401 6032 Tcpip (7fa2e0f8b072bd04b77b421480b6cc22) C:\windows\system32\drivers\tcpip.sys
21:51:21.0417 6032 Tcpip - ok
21:51:21.0635 6032 TCPIP6 (7fa2e0f8b072bd04b77b421480b6cc22) C:\windows\system32\DRIVERS\tcpip.sys
21:51:21.0651 6032 TCPIP6 - ok
21:51:21.0822 6032 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\windows\system32\drivers\tcpipreg.sys
21:51:21.0822 6032 tcpipreg - ok
21:51:21.0885 6032 tdcmdpst (4084ea00d50c858d6f9038f86ae2e2d0) C:\windows\system32\DRIVERS\tdcmdpst.sys
21:51:21.0885 6032 tdcmdpst - ok
21:51:21.0932 6032 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\windows\system32\drivers\tdpipe.sys
21:51:21.0932 6032 TDPIPE - ok
21:51:21.0994 6032 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\windows\system32\drivers\tdtcp.sys
21:51:21.0994 6032 TDTCP - ok
21:51:22.0056 6032 tdx (b459575348c20e8121d6039da063c704) C:\windows\system32\DRIVERS\tdx.sys
21:51:22.0056 6032 tdx - ok
21:51:22.0103 6032 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\windows\system32\drivers\termdd.sys
21:51:22.0103 6032 TermDD - ok
21:51:22.0181 6032 TermService (382c804c92811be57829d8e550a900e2) C:\windows\System32\termsrv.dll
21:51:22.0197 6032 TermService - ok
21:51:22.0244 6032 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\windows\system32\themeservice.dll
21:51:22.0244 6032 Themes - ok
21:51:22.0290 6032 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\windows\system32\mmcss.dll
21:51:22.0290 6032 THREADORDER - ok
21:51:22.0384 6032 TMachInfo (f120967184a27e927052e8ddbb727851) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
21:51:22.0384 6032 TMachInfo - ok
21:51:22.0446 6032 TODDSrv (fe65d33b7d4ff07dd1d29526a48df810) C:\Windows\system32\TODDSrv.exe
21:51:22.0446 6032 TODDSrv - ok
21:51:22.0540 6032 TosCoSrv (451b09ba1a0d019ba0b5a27229559d55) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
21:51:22.0540 6032 TosCoSrv - ok
21:51:22.0587 6032 TOSHIBA HDD SSD Alert Service (67c1da40d78c92622081a3e780c926b2) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
21:51:22.0587 6032 TOSHIBA HDD SSD Alert Service - ok
21:51:22.0680 6032 tos_sps32 (969377943fe7284609babbab4e06b93c) C:\windows\system32\DRIVERS\tos_sps32.sys
21:51:22.0680 6032 tos_sps32 - ok
21:51:22.0743 6032 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\windows\System32\trkwks.dll
21:51:22.0758 6032 TrkWks - ok
21:51:22.0852 6032 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\windows\servicing\TrustedInstaller.exe
21:51:22.0852 6032 TrustedInstaller - ok
21:51:22.0914 6032 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\windows\system32\DRIVERS\tssecsrv.sys
21:51:22.0914 6032 tssecsrv - ok
21:51:22.0977 6032 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\windows\system32\drivers\tsusbflt.sys
21:51:22.0977 6032 TsUsbFlt - ok
21:51:23.0055 6032 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\windows\system32\DRIVERS\tunnel.sys
21:51:23.0055 6032 tunnel - ok
21:51:23.0117 6032 TVALZ (fc24015b4052600c324c43e3a79c0664) C:\windows\system32\DRIVERS\TVALZ_O.SYS
21:51:23.0117 6032 TVALZ - ok
21:51:23.0148 6032 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\windows\system32\DRIVERS\uagp35.sys
21:51:23.0148 6032 uagp35 - ok
21:51:23.0211 6032 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\windows\system32\DRIVERS\udfs.sys
21:51:23.0226 6032 udfs - ok
21:51:23.0289 6032 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\windows\system32\UI0Detect.exe
21:51:23.0289 6032 UI0Detect - ok
21:51:23.0351 6032 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\windows\system32\drivers\uliagpkx.sys
21:51:23.0351 6032 uliagpkx - ok
21:51:23.0398 6032 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\windows\system32\drivers\umbus.sys
21:51:23.0398 6032 umbus - ok
21:51:23.0445 6032 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\windows\system32\DRIVERS\umpass.sys
21:51:23.0445 6032 UmPass - ok
21:51:23.0507 6032 upnphost (833fbb672460efce8011d262175fad33) C:\windows\System32\upnphost.dll
21:51:23.0523 6032 upnphost - ok
21:51:23.0570 6032 usbaudio (1d9f2bd026e8e2d45033a4df3f16b78c) C:\windows\system32\drivers\usbaudio.sys
21:51:23.0570 6032 usbaudio - ok
21:51:23.0616 6032 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\windows\system32\DRIVERS\usbccgp.sys
21:51:23.0616 6032 usbccgp - ok
21:51:23.0648 6032 USBCCID - ok
21:51:23.0694 6032 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\windows\system32\drivers\usbcir.sys
21:51:23.0694 6032 usbcir - ok
21:51:23.0741 6032 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\windows\system32\DRIVERS\usbehci.sys
21:51:23.0741 6032 usbehci - ok
21:51:23.0804 6032 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\windows\system32\DRIVERS\usbhub.sys
21:51:23.0819 6032 usbhub - ok
21:51:23.0850 6032 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\windows\system32\DRIVERS\usbohci.sys
21:51:23.0850 6032 usbohci - ok
21:51:23.0897 6032 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\windows\system32\DRIVERS\usbprint.sys
21:51:23.0897 6032 usbprint - ok
21:51:23.0928 6032 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\windows\system32\DRIVERS\usbscan.sys
21:51:23.0944 6032 usbscan - ok
21:51:23.0991 6032 USBSTOR (f991ab9cc6b908db552166768176896a) C:\windows\system32\DRIVERS\USBSTOR.SYS
21:51:23.0991 6032 USBSTOR - ok
21:51:24.0038 6032 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\windows\system32\drivers\usbuhci.sys
21:51:24.0038 6032 usbuhci - ok
21:51:24.0084 6032 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\windows\System32\uxsms.dll
21:51:24.0084 6032 UxSms - ok
21:51:24.0147 6032 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe
21:51:24.0147 6032 VaultSvc - ok
21:51:24.0209 6032 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\windows\system32\drivers\vdrvroot.sys
21:51:24.0209 6032 vdrvroot - ok
21:51:24.0287 6032 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\windows\System32\vds.exe
21:51:24.0303 6032 vds - ok
21:51:24.0350 6032 vga (17c408214ea61696cec9c66e388b14f3) C:\windows\system32\DRIVERS\vgapnp.sys
21:51:24.0350 6032 vga - ok
21:51:24.0381 6032 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\windows\System32\drivers\vga.sys
21:51:24.0381 6032 VgaSave - ok
21:51:24.0443 6032 vhdmp (5461686cca2fda57b024547733ab42e3) C:\windows\system32\drivers\vhdmp.sys
21:51:24.0443 6032 vhdmp - ok
21:51:24.0490 6032 viaagp (c829317a37b4bea8f39735d4b076e923) C:\windows\system32\drivers\viaagp.sys
21:51:24.0490 6032 viaagp - ok
21:51:24.0537 6032 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\windows\system32\DRIVERS\viac7.sys
21:51:24.0537 6032 ViaC7 - ok
21:51:24.0599 6032 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\windows\system32\drivers\viaide.sys
21:51:24.0599 6032 viaide - ok
21:51:24.0646 6032 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\windows\system32\drivers\volmgr.sys
21:51:24.0646 6032 volmgr - ok
21:51:24.0693 6032 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\windows\system32\drivers\volmgrx.sys
21:51:24.0708 6032 volmgrx - ok
21:51:24.0771 6032 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\windows\system32\drivers\volsnap.sys
21:51:24.0771 6032 volsnap - ok
21:51:24.0833 6032 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\windows\system32\DRIVERS\vsmraid.sys
21:51:24.0833 6032 vsmraid - ok
21:51:24.0942 6032 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\windows\system32\vssvc.exe
21:51:24.0958 6032 VSS - ok
21:51:24.0989 6032 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\windows\system32\DRIVERS\vwifibus.sys
21:51:24.0989 6032 vwifibus - ok
21:51:25.0052 6032 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\windows\system32\DRIVERS\vwififlt.sys
21:51:25.0052 6032 vwififlt - ok
21:51:25.0098 6032 vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) C:\windows\system32\DRIVERS\vwifimp.sys
21:51:25.0098 6032 vwifimp - ok
21:51:25.0161 6032 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\windows\system32\w32time.dll
21:51:25.0176 6032 W32Time - ok
21:51:25.0223 6032 WacomPen (de3721e89c653aa281428c8a69745d90) C:\windows\system32\DRIVERS\wacompen.sys
21:51:25.0223 6032 WacomPen - ok
21:51:25.0286 6032 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\windows\system32\DRIVERS\wanarp.sys
21:51:25.0286 6032 WANARP - ok
21:51:25.0301 6032 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\windows\system32\DRIVERS\wanarp.sys
21:51:25.0301 6032 Wanarpv6 - ok
21:51:25.0442 6032 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\windows\system32\Wat\WatAdminSvc.exe
21:51:25.0457 6032 WatAdminSvc - ok
21:51:25.0660 6032 wbengine (691e3285e53dca558e1a84667f13e15a) C:\windows\system32\wbengine.exe
21:51:25.0676 6032 wbengine - ok
21:51:25.0738 6032 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\windows\System32\wbiosrvc.dll
21:51:25.0738 6032 WbioSrvc - ok
21:51:25.0800 6032 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\windows\System32\wcncsvc.dll
21:51:25.0816 6032 wcncsvc - ok
21:51:25.0863 6032 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\windows\System32\WcsPlugInService.dll
21:51:25.0863 6032 WcsPlugInService - ok
21:51:25.0925 6032 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\windows\system32\DRIVERS\wd.sys
21:51:25.0925 6032 Wd - ok
21:51:25.0988 6032 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\windows\system32\drivers\Wdf01000.sys
21:51:25.0988 6032 Wdf01000 - ok
21:51:26.0034 6032 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\windows\system32\wdi.dll
21:51:26.0050 6032 WdiServiceHost - ok
21:51:26.0066 6032 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\windows\system32\wdi.dll
21:51:26.0081 6032 WdiSystemHost - ok
21:51:26.0128 6032 WebClient (a9d880f97530d5b8fee278923349929d) C:\windows\System32\webclnt.dll
21:51:26.0144 6032 WebClient - ok
21:51:26.0190 6032 Wecsvc (760f0afe937a77cff27153206534f275) C:\windows\system32\wecsvc.dll
21:51:26.0206 6032 Wecsvc - ok
21:51:26.0237 6032 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\windows\System32\wercplsupport.dll
21:51:26.0253 6032 wercplsupport - ok
21:51:26.0300 6032 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\windows\System32\WerSvc.dll
21:51:26.0315 6032 WerSvc - ok
21:51:26.0346 6032 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\windows\system32\DRIVERS\wfplwf.sys
21:51:26.0346 6032 WfpLwf - ok
21:51:26.0393 6032 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\windows\system32\drivers\wimmount.sys
21:51:26.0393 6032 WIMMount - ok
21:51:26.0409 6032 WinHttpAutoProxySvc - ok
21:51:26.0487 6032 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\windows\system32\wbem\WMIsvc.dll
21:51:26.0502 6032 Winmgmt - ok
21:51:26.0612 6032 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\windows\system32\WsmSvc.dll
21:51:26.0627 6032 WinRM - ok
21:51:26.0736 6032 WinUSB (a67e5f9a400f3bd1be3d80613b45f708) C:\windows\system32\DRIVERS\WinUSB.sys
21:51:26.0736 6032 WinUSB - ok
21:51:26.0846 6032 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\windows\System32\wlansvc.dll
21:51:26.0861 6032 Wlansvc - ok
21:51:27.0080 6032 wlidsvc (0a70f4022ec2e14c159efc4f69aa2477) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:51:27.0095 6032 wlidsvc - ok
21:51:27.0267 6032 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\windows\system32\drivers\wmiacpi.sys
21:51:27.0267 6032 WmiAcpi - ok
21:51:27.0345 6032 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\windows\system32\wbem\WmiApSrv.exe
21:51:27.0345 6032 wmiApSrv - ok
21:51:27.0516 6032 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
21:51:27.0532 6032 WMPNetworkSvc - ok
21:51:27.0657 6032 WMZuneComm (017695393afffed8de58abd1b085be6d) c:\Program Files\Zune\WMZuneComm.exe
21:51:27.0672 6032 WMZuneComm - ok
21:51:27.0782 6032 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\windows\System32\wpcsvc.dll
21:51:27.0797 6032 WPCSvc - ok
21:51:27.0844 6032 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\windows\system32\wpdbusenum.dll
21:51:27.0844 6032 WPDBusEnum - ok
21:51:27.0922 6032 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\windows\system32\drivers\ws2ifsl.sys
21:51:27.0922 6032 ws2ifsl - ok
21:51:27.0969 6032 WSDPrintDevice (553f6ccd7c58eb98d4a8fbdaf283d7a9) C:\windows\system32\DRIVERS\WSDPrint.sys
21:51:27.0969 6032 WSDPrintDevice - ok
21:51:28.0000 6032 WSearch - ok
21:51:28.0156 6032 wuauserv (fc3ec24fce372c89423e015a2ac1a31e) C:\windows\system32\wuaueng.dll
21:51:28.0187 6032 wuauserv - ok
21:51:28.0359 6032 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\windows\system32\drivers\WudfPf.sys
21:51:28.0374 6032 WudfPf - ok
21:51:28.0437 6032 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\windows\system32\DRIVERS\WUDFRd.sys
21:51:28.0452 6032 WUDFRd - ok
21:51:28.0499 6032 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\windows\System32\WUDFSvc.dll
21:51:28.0515 6032 wudfsvc - ok
21:51:28.0577 6032 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\windows\System32\wwansvc.dll
21:51:28.0577 6032 WwanSvc - ok
21:51:29.0061 6032 ZuneNetworkSvc (1076df9ade4e13ea3bf39d2165aeb903) c:\Program Files\Zune\ZuneNss.exe
21:51:29.0123 6032 ZuneNetworkSvc - ok
21:51:29.0279 6032 ZuneWlanCfgSvc (de1cdb333a402b279f04d627122fa08e) c:\Program Files\Zune\ZuneWlanCfgSvc.exe
21:51:29.0295 6032 ZuneWlanCfgSvc - ok
21:51:29.0357 6032 MBR (0x1B8) (5b5e648d12fcadc244c1ec30318e1eb9) \Device\Harddisk0\DR0
21:51:30.0418 6032 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
21:51:30.0418 6032 \Device\Harddisk0\DR0 - detected TDSS File System (1)
21:51:30.0465 6032 Boot (0x1200) (3e2d8ff930a548fe6bfa83167efb82c4) \Device\Harddisk0\DR0\Partition0
21:51:30.0465 6032 \Device\Harddisk0\DR0\Partition0 - ok
21:51:30.0480 6032 ============================================================
21:51:30.0480 6032 Scan finished
21:51:30.0480 6032 ============================================================
21:51:30.0496 1032 Detected object count: 1
21:51:30.0496 1032 Actual detected object count: 1
21:52:28.0138 1032 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
21:52:28.0138 1032 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

Here is the aswMBR log:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-24 21:56:48
-----------------------------
21:56:48.705 OS Version: Windows 6.1.7601 Service Pack 1
21:56:48.705 Number of processors: 1 586 0x301
21:56:48.705 ComputerName: LMC2010-PC UserName: LMC2010
21:56:50.545 Initialize success
21:56:51.185 AVAST engine defs: 12072401
21:57:07.737 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1
21:57:07.737 Disk 0 Vendor: TOSHIBA_MK2555GSX FG001M Size: 238475MB BusType: 11
21:57:07.830 Disk 0 MBR read successfully
21:57:07.846 Disk 0 MBR scan
21:57:07.846 Disk 0 Windows VISTA default MBR code
21:57:07.861 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 1500 MB offset 2048
21:57:07.893 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 228693 MB offset 3074048
21:57:07.924 Disk 0 Partition 3 00 17 Hidd HPFS/NTFS NTFS 8281 MB offset 471437312
21:57:08.002 Disk 0 scanning sectors +488396800
21:57:08.095 Disk 0 scanning C:\windows\system32\drivers
21:57:26.737 Service scanning
21:58:18.826 Modules scanning
21:58:43.833 Disk 0 trace - called modules:
21:58:44.394 ntkrnlpa.exe CLASSPNP.SYS disk.sys ataport.SYS halmacpi.dll PCIIDEX.SYS msahci.sys dxgkrnl.sys atikmdag.sys dxgmms1.sys tcpip.sys NETIO.SYS amdppm.sys
21:58:44.410 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85c43030]
21:58:44.425 3 CLASSPNP.SYS[839c859e] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-1[0x85c47030]
21:58:45.174 AVAST engine scan C:\windows
21:58:47.795 AVAST engine scan C:\windows\system32
22:02:04.012 AVAST engine scan C:\windows\system32\drivers
22:02:22.264 AVAST engine scan C:\Users\LMC2010
22:09:47.036 AVAST engine scan C:\ProgramData
22:12:52.442 Scan finished successfully
22:22:34.728 Disk 0 MBR has been saved successfully to "C:\Users\LMC2010\Desktop\MBR.dat"
22:22:34.744 The log file has been saved successfully to "C:\Users\LMC2010\Desktop\aswMBR.txt"


The ESET log:

C:\TDSSKiller_Quarantine\19.07.2012_22.13.53\mbr0000\tdlfs0000\tsk0001.dta Win32/Olmarik.AYI trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\19.07.2012_22.13.53\mbr0000\tdlfs0000\tsk0002.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\19.07.2012_22.13.53\mbr0000\tdlfs0000\tsk0003.dta Win32/Olmarik.AYH trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\19.07.2012_22.13.53\mbr0000\tdlfs0000\tsk0004.dta Win64/Olmarik.AL trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\19.07.2012_22.13.53\mbr0000\tdlfs0000\tsk0005.dta a variant of Win32/Rootkit.Kryptik.NH trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\19.07.2012_22.13.53\mbr0000\tdlfs0000\tsk0006.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\19.07.2012_22.13.53\mbr0000\tdlfs0000\tsk0010.dta Win32/Olmarik.AFK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\19.07.2012_22.13.53\mbr0000\tdlfs0000\tsk0011.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\19.07.2012_22.13.53\mbr0000\tdlfs0000\tsk0014.dta Win32/Olmarik.AYI trojan cleaned by deleting - quarantined

Thank you for the help so far. Ready for the next step.

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:56 PM

Posted 24 July 2012 - 11:20 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#5 Domo!

Domo!
  • Topic Starter

  • Members
  • 174 posts
  • OFFLINE
  •  
  • Local time:10:56 AM

Posted 25 July 2012 - 02:13 PM

Hello again, all new scans finished.

MalwareBytes:

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.07.24.12

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
LMC2010 :: LMC2010-PC [administrator]

7/25/2012 1:09:11 PM
mbam-log-2012-07-25 (13-09-11).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 193279
Time elapsed: 9 minute(s), 30 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

Mini Toolbox:

MiniToolBox by Farbar Version: 23-07-2012
Ran by LMC2010 (administrator) on 25-07-2012 at 12:47:34
Microsoft Windows 7 Home Premium Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek RTL8187SE Wireless LAN PCIE Network Adapter = Wireless Network Connection (Connected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : LMC2010-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek RTL8187SE Wireless LAN PCIE Network Adapter
Physical Address. . . . . . . . . : 70-1A-04-B8-D3-2A
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::7020:13dc:51f9:557b%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.98(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Wednesday, July 25, 2012 12:45:46 PM
Lease Expires . . . . . . . . . . : Thursday, July 26, 2012 12:45:46 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 242227716
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-DF-B4-D2-70-5A-B6-6D-E0-99
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : 70-5A-B6-6D-E0-99
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{58E0B69C-98E4-4FE9-AF98-6C4D80316C02}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{9A2C832A-3E88-42DB-8D70-FFA7F014AFC6}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{E88DF6BE-BEF3-4757-B5C5-1780D14385C7}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 192.168.1.1

Name: google.com
Addresses: 2607:f8b0:4006:800::1007
74.125.228.40
74.125.228.34
74.125.228.36
74.125.228.39
74.125.228.38
74.125.228.46
74.125.228.33
74.125.228.35
74.125.228.41
74.125.228.37
74.125.228.32


Pinging google.com [74.125.226.199] with 32 bytes of data:
Reply from 74.125.226.199: bytes=32 time=17ms TTL=55
Reply from 74.125.226.199: bytes=32 time=11ms TTL=55

Ping statistics for 74.125.226.199:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 11ms, Maximum = 17ms, Average = 14ms
Server: UnKnown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 72.30.38.140
98.139.183.24
209.191.122.70


Pinging yahoo.com [209.191.122.70] with 32 bytes of data:
Reply from 209.191.122.70: bytes=32 time=64ms TTL=50
Reply from 209.191.122.70: bytes=32 time=68ms TTL=50

Ping statistics for 209.191.122.70:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 64ms, Maximum = 68ms, Average = 66ms
Server: UnKnown
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
12...70 1a 04 b8 d3 2a ......Realtek RTL8187SE Wireless LAN PCIE Network Adapter
10...70 5a b6 6d e0 99 ......Realtek PCIe FE Family Controller
1...........................Software Loopback Interface 1
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.98 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.98 281
192.168.1.98 255.255.255.255 On-link 192.168.1.98 281
192.168.1.255 255.255.255.255 On-link 192.168.1.98 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.98 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.98 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
12 281 fe80::/64 On-link
12 281 fe80::7020:13dc:51f9:557b/128
On-link
1 306 ff00::/8 On-link
12 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 08 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 mswsock.dll [File Not found] ()
Catalog9 02 mswsock.dll [File Not found] ()
Catalog9 03 mswsock.dll [File Not found] ()
Catalog9 04 mswsock.dll [File Not found] ()
Catalog9 05 mswsock.dll [File Not found] ()
Catalog9 06 mswsock.dll [File Not found] ()
Catalog9 07 mswsock.dll [File Not found] ()
Catalog9 08 mswsock.dll [File Not found] ()
Catalog9 09 mswsock.dll [File Not found] ()
Catalog9 10 mswsock.dll [File Not found] ()
Catalog9 11 mswsock.dll [File Not found] ()
Catalog9 12 mswsock.dll [File Not found] ()
Catalog9 13 mswsock.dll [File Not found] ()
Catalog9 14 mswsock.dll [File Not found] ()
Catalog9 15 mswsock.dll [File Not found] ()
Catalog9 16 mswsock.dll [File Not found] ()
Catalog9 17 mswsock.dll [File Not found] ()
Catalog9 18 mswsock.dll [File Not found] ()
Catalog9 19 mswsock.dll [File Not found] ()
Catalog9 20 mswsock.dll [File Not found] ()
Catalog9 21 mswsock.dll [File Not found] ()
Catalog9 22 mswsock.dll [File Not found] ()
Catalog9 23 mswsock.dll [File Not found] ()
Catalog9 24 mswsock.dll [File Not found] ()
Catalog9 25 mswsock.dll [File Not found] ()
Catalog9 26 mswsock.dll [File Not found] ()
Catalog9 27 mswsock.dll [File Not found] ()
Catalog9 28 mswsock.dll [File Not found] ()
Catalog9 29 mswsock.dll [File Not found] ()
Catalog9 30 mswsock.dll [File Not found] ()
Catalog9 31 mswsock.dll [File Not found] ()
Catalog9 32 mswsock.dll [File Not found] ()

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/25/2012 03:34:38 AM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 9.0.8112.16447 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: ea4

Start Time: 01cd6a36a1478d83

Termination Time: 62

Application Path: C:\Program Files\Internet Explorer\iexplore.exe

Report Id:

Error: (07/24/2012 09:45:54 PM) (Source: Windows Backup) (User: )
Description: The backup did not complete because of an error writing to the backup location G:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).

Error: (07/22/2012 05:50:03 PM) (Source: CVHSVC) (User: )
Description: Information only.
(Patch task for {90140011-0062-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

Error: (07/20/2012 05:20:07 PM) (Source: Windows Search Service) (User: )
Description: The index cannot be initialized.

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (07/20/2012 05:20:07 PM) (Source: Windows Search Service) (User: )
Description: The application cannot be initialized.

Context: Windows Application

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (07/20/2012 05:20:07 PM) (Source: Windows Search Service) (User: )
Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (07/20/2012 05:20:07 PM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
Element not found. (HRESULT : 0x80070490) (0x80070490)

Error: (07/20/2012 05:20:06 PM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (07/20/2012 05:20:06 PM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service cannot load the property store information.

Context: Windows Application, SystemIndex Catalog

Details:
The content index database is corrupt. (HRESULT : 0xc0041800) (0xc0041800)

Error: (07/20/2012 05:20:06 PM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)


System errors:
=============
Error: (07/25/2012 00:45:31 PM) (Source: atikmdag) (User: )
Description: Display is not active

Error: (07/25/2012 02:07:41 AM) (Source: atikmdag) (User: )
Description: Display is not active

Error: (07/24/2012 09:45:27 PM) (Source: atikmdag) (User: )
Description: Display is not active

Error: (07/24/2012 09:45:25 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IPBusEnum service.

Error: (07/24/2012 07:54:22 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (07/24/2012 07:53:13 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (07/24/2012 07:53:11 PM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

Error: (07/24/2012 07:53:10 PM) (Source: Service Control Manager) (User: )
Description: The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

Error: (07/24/2012 07:52:54 PM) (Source: atikmdag) (User: )
Description: Display is not active

Error: (07/24/2012 07:52:54 PM) (Source: atikmdag) (User: )
Description: CPLIB :: General - Invalid Parameter


Microsoft Office Sessions:
=========================
Error: (09/18/2010 02:37:44 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 142593 seconds with 660 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
32 Bit HP CIO Components Installer (Version: 7.1.8)
4660_4680_Help (Version: 1.00.0000)
Acrobat.com (Version: 2.0.0)
Acrobat.com (Version: 2.0.0.0)
Adobe AIR (Version: 1.5.3.9130)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.265)
Adobe Flash Player 11 Plugin (Version: 11.3.300.265)
Adobe Reader 9.4.5 (Version: 9.4.5)
Amazon Unbox Video (Version: 2.1.0.124)
Apple Application Support (Version: 1.2.1)
Apple Software Update (Version: 2.1.1.116)
ATI Catalyst Install Manager (Version: 3.0.732.0)
avast! Free Antivirus (Version: 6.0.1367.0)
BlackBerry Desktop Software 6.0 (Version: 6.0.0.40)
BlackBerry USB Drivers (Version: 2.00.0005)
bpd_scan (Version: 3.00.0000)
BPDSoftware (Version: 50.0.165.000)
BPDSoftware_Ini (Version: 1.00.0000)
Brownstone Equation Editor 5 (Version: 5.2)
BufferChm (Version: 130.0.331.000)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2009.0729.2238.38827)
Catalyst Control Center Graphics Full Existing (Version: 2009.0729.2238.38827)
Catalyst Control Center Graphics Full New (Version: 2009.0729.2238.38827)
Catalyst Control Center Graphics Light (Version: 2009.0729.2238.38827)
Catalyst Control Center Graphics Previews Common (Version: 2009.0729.2238.38827)
Catalyst Control Center Graphics Previews Vista (Version: 2009.0729.2238.38827)
Catalyst Control Center InstallProxy (Version: 2009.0729.2238.38827)
Catalyst Control Center Localization All (Version: 2009.0729.2238.38827)
ccc-core-static (Version: 2009.0729.2238.38827)
ccc-utility (Version: 2009.0729.2238.38827)
CCC Help Chinese Standard (Version: 2009.0729.2237.38827)
CCC Help Chinese Traditional (Version: 2009.0729.2237.38827)
CCC Help Czech (Version: 2009.0729.2237.38827)
CCC Help Danish (Version: 2009.0729.2237.38827)
CCC Help Dutch (Version: 2009.0729.2237.38827)
CCC Help English (Version: 2009.0729.2237.38827)
CCC Help Finnish (Version: 2009.0729.2237.38827)
CCC Help French (Version: 2009.0729.2237.38827)
CCC Help German (Version: 2009.0729.2237.38827)
CCC Help Greek (Version: 2009.0729.2237.38827)
CCC Help Hungarian (Version: 2009.0729.2237.38827)
CCC Help Italian (Version: 2009.0729.2237.38827)
CCC Help Japanese (Version: 2009.0729.2237.38827)
CCC Help Korean (Version: 2009.0729.2237.38827)
CCC Help Norwegian (Version: 2009.0729.2237.38827)
CCC Help Polish (Version: 2009.0729.2237.38827)
CCC Help Portuguese (Version: 2009.0729.2237.38827)
CCC Help Russian (Version: 2009.0729.2237.38827)
CCC Help Spanish (Version: 2009.0729.2237.38827)
CCC Help Swedish (Version: 2009.0729.2237.38827)
CCC Help Thai (Version: 2009.0729.2237.38827)
CCC Help Turkish (Version: 2009.0729.2237.38827)
CCleaner (Version: 3.20)
Chuzzle Deluxe
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
D3DX10 (Version: 15.4.2368.0902)
Destinations (Version: 140.0.77.000)
DeviceDiscovery (Version: 130.0.465.000)
DocMgr (Version: 130.0.000.000)
DocProc (Version: 13.0.0.0)
Elf Bowling 7 (Version: 1.1.0.0)
ESET Online Scanner v3
Fax (Version: 130.0.418.000)
Google Talk Plugin (Version: 3.2.4.8431)
GoToMeeting 4.5.0.457
GPBaseService2 (Version: 130.0.371.000)
Hewlett-Packard ACLM.NET v1.1.0.0 (Version: 1.00.0000)
High Roller (Version: 1.1.0.0)
HP Customer Participation Program 13.0 (Version: 13.0)
HP Document Manager 2.0 (Version: 2.0)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP OfficeJet J4600 All-In-One Series (Version: 13.0)
HP Photosmart Essential 3.5 (Version: 3.5)
HP Product Detection (Version: 11.14.0001)
HP Smart Web Printing 4.60 (Version: 4.60)
HP Solution Center 13.0 (Version: 13.0)
HP Update (Version: 5.003.001.001)
HPDiagnosticAlert (Version: 1.00.0000)
HPPhotoSmartDiscLabelContent1 (Version: 2.04.0000)
HPPhotosmartEssential (Version: 2.04.0000)
HPProductAssistant (Version: 130.0.371.000)
Internet Transporter - NCP Link (Version: 3.2.1)
J4680 (Version: 50.0.165.000)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 29 (Version: 6.0.290)
Junk Mail filter update (Version: 15.4.3502.0922)
Label@Once 1.0 (Version: 1.0)
LightScribe Applications (Version: 1.18.15.1)
LightScribe System Software (Version: 1.18.24.1)
LightScribe Template Labeler (Version: 1.18.22.2)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
MarketResearch (Version: 130.0.374.000)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Home and Business 2010 - English (Version: 14.0.5128.5002)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Professional 2007 (Version: 12.0.6612.1000)
Microsoft Office Professional 2007 Trial (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Suite Activation Assistant (Version: 2.9)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Works (Version: 9.7.0621)
Mobipocket Reader 6.2 (Version: 6.2.608)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MyToshiba (Version: 2.2.0.3)
NCP Internet Transporter (Version: 3.2.2)
Network (Version: 130.0.579.000)
NetZero Launcher (Version: 2.01)
Norton Internet Security (Version: 16.7.0.30)
OCR Software by I.R.I.S. 13.0 (Version: 13.0)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
PlayReady PC Runtime x86 (Version: 1.3.0)
ProductContext (Version: 50.0.165.000)
Quickbooks Financial Center (Version: 2.02)
QuickTime (Version: 7.66.71.0)
Realtek 8136 8168 8169 Ethernet Driver (Version: 1.00.0005)
Realtek High Definition Audio Driver (Version: 6.0.1.5904)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30101)
Realtek WLAN Driver (Version: 2.00.0006)
Revo Uninstaller 1.94 (Version: 1.94)
Safari (Version: 5.31.22.7)
SAMSUNG USB Driver for Mobile Phones (Version: 1.3.1900.0)
Scan (Version: 140.0.80.000)
Skype Launcher (Version: 2.01)
Skype Toolbars (Version: 5.0.4137)
Skype™ 5.0 (Version: 5.0.156)
Slingo Quest (Version: 1.1.0.0)
SmartWebPrinting (Version: 140.0.186.000)
SolutionCenter (Version: 130.0.373.000)
Status (Version: 130.0.469.000)
Synaptics Pointing Device Driver (Version: 13.2.6.1)
Toolbox (Version: 130.0.648.000)
Toshiba Application and Driver Installer (Version: 9.0.0.9)
TOSHIBA Assist (Version: 2.01.11)
TOSHIBA ConfigFree (Version: 8.0.21)
TOSHIBA Disc Creator (Version: 2.1.0.1)
TOSHIBA DVD PLAYER (Version: 3.01.0.07-A)
TOSHIBA Extended Tiles for Windows Mobility Center (Version: 1.01.00)
TOSHIBA Flash Cards Support Utility (Version: 1.63.0.4C)
TOSHIBA Hardware Setup (Version: 1.63.0.11C)
TOSHIBA HDD/SSD Alert (Version: 3.1.0.2)
Toshiba Online Backup (Version: 1.2.0.35)
Toshiba Quality Application (Version: 1.001.0000)
TOSHIBA Recovery Media Creator (Version: 2.1.0.2)
TOSHIBA Service Station (Version: 2.2.9)
TOSHIBA Speech System Applications (Version: 1.00.2518)
TOSHIBA Speech System SR Engine(U.S.) Version1.0
TOSHIBA Speech System TTS Engine(U.S.) Version1.0
TOSHIBA Supervisor Password (Version: 1.63.0.6C)
TOSHIBA Value Added Package (Version: 1.2.25)
ToshibaRegistration (Version: 1.0.3)
TrayApp (Version: 130.0.422.000)
Tutor
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687310) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Utility Common Driver (Version: 1.0.50.26C)
Verizon Wireless Software Utility Application for Android - Samsung (Version: 1.11.0305)
VZAccess Manager (Version: 7.2.9.1)
WebEx
WebReg (Version: 130.0.132.017)
WildTangent Games (Version: 1.0.0.89)
Windows Driver Package - FTDI CDM Driver Package (10/22/2009 2.06.00) (Version: 10/22/2009 2.06.00)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Mobile Device Updater Component (Version: 04.08.2345.00)
WorldWinner Games (Version: 1.9.0.23)
Zune (Version: 04.08.2345.00)
Zune Language Pack (CHS) (Version: 04.08.2345.00)
Zune Language Pack (CHT) (Version: 04.08.2345.00)
Zune Language Pack (CSY) (Version: 04.08.2345.00)
Zune Language Pack (DAN) (Version: 04.08.2345.00)
Zune Language Pack (DEU) (Version: 04.08.2345.00)
Zune Language Pack (ELL) (Version: 04.08.2345.00)
Zune Language Pack (ESP) (Version: 04.08.2345.00)
Zune Language Pack (FIN) (Version: 04.08.2345.00)
Zune Language Pack (FRA) (Version: 04.08.2345.00)
Zune Language Pack (HUN) (Version: 04.08.2345.00)
Zune Language Pack (IND) (Version: 04.08.2345.00)
Zune Language Pack (ITA) (Version: 04.08.2345.00)
Zune Language Pack (JPN) (Version: 04.08.2345.00)
Zune Language Pack (KOR) (Version: 04.08.2345.00)
Zune Language Pack (MSL) (Version: 04.08.2345.00)
Zune Language Pack (NLD) (Version: 04.08.2345.00)
Zune Language Pack (NOR) (Version: 04.08.2345.00)
Zune Language Pack (PLK) (Version: 04.08.2345.00)
Zune Language Pack (PTB) (Version: 04.08.2345.00)
Zune Language Pack (PTG) (Version: 04.08.2345.00)
Zune Language Pack (RUS) (Version: 04.08.2345.00)
Zune Language Pack (SVE) (Version: 04.08.2345.00)

========================= Memory info: ===================================

Percentage of memory in use: 63%
Total physical RAM: 1790.42 MB
Available physical RAM: 647.89 MB
Total Pagefile: 3580.84 MB
Available Pagefile: 2005.65 MB
Total Virtual: 2047.88 MB
Available Virtual: 1938.3 MB

========================= Partitions: =====================================

1 Drive c: (TI103196W0D) (Fixed) (Total:223.33 GB) (Free:170.17 GB) NTFS
2 Drive d: (My Disc) (CDROM) (Total:0.04 GB) (Free:0 GB) CDFS

========================= Users: ========================================

User accounts for \\LMC2010-PC

Administrator Guest LMC2010


**** End of log ****

FSS:

Farbar Service Scanner Version: 22-07-2012
Ran by LMC2010 (administrator) on 25-07-2012 at 12:49:12
Running from "C:\Users\LMC2010\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.


Firewall Disabled Policy:
==================
ATTENTION!=====> Unable to open HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile. The key does not exist.
ATTENTION!=====> Unable to open HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile. The key does not exist.


System Restore:
============

System Restore Disabled Policy:
========================


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Other Services:
==============

sharedaccess Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of sharedaccess. The value does not exist.
Checking ImagePath: ATTENTION!=====> Unable to retrieve ImagePath of sharedaccess. The value does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open sharedaccess registry key. The service key does not exist.


File Check:
========
C:\windows\system32\nsisvc.dll => MD5 is legit
C:\windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\windows\system32\dhcpcore.dll => MD5 is legit
C:\windows\system32\Drivers\afd.sys => MD5 is legit
C:\windows\system32\Drivers\tdx.sys => MD5 is legit
C:\windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\windows\system32\dnsrslvr.dll => MD5 is legit
C:\windows\system32\mpssvc.dll => MD5 is legit
C:\windows\system32\bfe.dll => MD5 is legit
C:\windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\windows\system32\SDRSVC.dll => MD5 is legit
C:\windows\system32\vssvc.exe => MD5 is legit
C:\windows\system32\wuaueng.dll => MD5 is legit
C:\windows\system32\qmgr.dll => MD5 is legit
C:\windows\system32\es.dll => MD5 is legit
C:\windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\windows\system32\ipnathlp.dll => MD5 is legit
C:\windows\system32\svchost.exe => MD5 is legit
C:\windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

Adware Cleaner:

# AdwCleaner v1.703 - Logfile created 07/25/2012 at 14:59:38
# Updated 20/07/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (32 bits)
# User : LMC2010 - LMC2010-PC
# Running from : C:\Users\LMC2010\Downloads\adwcleaner (1).exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Users\LMC2010\AppData\Local\Ilivid Player
Folder Deleted : C:\Users\LMC2010\AppData\Local\Temp\boost_interprocess
Folder Deleted : C:\Users\LMC2010\AppData\LocalLow\BabylonToolbar
Folder Deleted : C:\Users\LMC2010\AppData\LocalLow\searchquband
Folder Deleted : C:\Users\LMC2010\AppData\Roaming\Babylon
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\Program Files\BabylonToolbar

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\searchqutoolbar
Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\IGearSettings
Key Deleted : HKLM\SOFTWARE\Babylon
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\IMsiDe1egate.Application.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220022442279}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{33333333-3333-3333-3333-330033443379}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066446679}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{77777777-7777-7777-7777-770077447779}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43B7-BEA3-87217BDA7406}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43B7-BEA3-87217BDA7406}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{D3D233D5-9F6D-436C-B6C7-E63F77503B30}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - SearchAssistant] = hxxp://toolbar.inbox.com/search/ie.aspx?tbid=80171 --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - CustomizeSearch] = hxxp://toolbar.inbox.com/help/sa_customize.aspx?tbid=80171 --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://toolbar.inbox.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=%tb_id&%language --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://toolbar.inbox.com/search/ie.aspx?tbid=80171 --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - CustomizeSearch] = hxxp://toolbar.inbox.com/help/sa_customize.aspx?tbid=80171 --> hxxp://www.google.com

*************************

AdwCleaner[S1].txt - [276 octets] - [25/07/2012 12:50:18]
AdwCleaner[S2].txt - [5526 octets] - [25/07/2012 14:59:38]

########## EOF - C:\AdwCleaner[S2].txt - [5654 octets] ##########

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:56 PM

Posted 25 July 2012 - 02:17 PM

Create a restore point before trying this

Download

MpsSvc
BFE
wscsvc
defender
Sharedaccess


Launch them ,click YES when you get UAC prompt

restart the PC


Download

Windows repair tool

Extract and launch the Repair_Windows.exe file

Click on Start repairs tab-click on Start

check mark following options alone

Reset registry permissions
Repair WMI
Repair Windows Firewall.
Remove Policies Set By Infections
Repair Winsock & DNS Cache
Repair hosts


Checkmark Restart System When Finished option
click the Start button

System should restart after repair

Post the FSS log

#7 Domo!

Domo!
  • Topic Starter

  • Members
  • 174 posts
  • OFFLINE
  •  
  • Local time:10:56 AM

Posted 25 July 2012 - 07:14 PM

The steps have been followed with no hiccups and here if the FSS log:

Farbar Service Scanner Version: 22-07-2012
Ran by LMC2010 (administrator) on 25-07-2012 at 20:12:19
Running from "C:\Users\LMC2010\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============

sharedaccess Service is not running. Checking service configuration:
The start type of sharedaccess service is set to Auto
The ImagePath of sharedaccess service is OK.
The ServiceDll of sharedaccess service is OK.


File Check:
========
C:\windows\system32\nsisvc.dll => MD5 is legit
C:\windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\windows\system32\dhcpcore.dll => MD5 is legit
C:\windows\system32\Drivers\afd.sys => MD5 is legit
C:\windows\system32\Drivers\tdx.sys => MD5 is legit
C:\windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\windows\system32\dnsrslvr.dll => MD5 is legit
C:\windows\system32\mpssvc.dll => MD5 is legit
C:\windows\system32\bfe.dll => MD5 is legit
C:\windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\windows\system32\SDRSVC.dll => MD5 is legit
C:\windows\system32\vssvc.exe => MD5 is legit
C:\windows\system32\wscsvc.dll => MD5 is legit
C:\windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\windows\system32\wuaueng.dll => MD5 is legit
C:\windows\system32\qmgr.dll => MD5 is legit
C:\windows\system32\es.dll => MD5 is legit
C:\windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\windows\system32\ipnathlp.dll => MD5 is legit
C:\windows\system32\svchost.exe => MD5 is legit
C:\windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

Edited by Domo!, 25 July 2012 - 07:14 PM.


#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:56 PM

Posted 25 July 2012 - 07:15 PM

Any current issues?

#9 Domo!

Domo!
  • Topic Starter

  • Members
  • 174 posts
  • OFFLINE
  •  
  • Local time:10:56 AM

Posted 25 July 2012 - 07:24 PM

None so far, should I try the firewall again?

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:56 PM

Posted 25 July 2012 - 07:26 PM

Firewall looks good

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

update your flash player

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#11 Domo!

Domo!
  • Topic Starter

  • Members
  • 174 posts
  • OFFLINE
  •  
  • Local time:10:56 AM

Posted 25 July 2012 - 07:45 PM

All is well on the system. Thanks so much for all of the help.

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:56 PM

Posted 25 July 2012 - 07:48 PM

You're most welcome :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users