Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

can't access my firewall!


  • Please log in to reply
71 replies to this topic

#1 javi408

javi408

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:01:32 PM

Posted 24 July 2012 - 07:48 PM

Hi all, i am having a problem accessing my firewall on my windows xp.I had ad live platinum virus and got rid of it but now have no access to my windows firewall. " Windows Firewall settings cannot be displayed because the associated service is not running. do you want to start windows firewll/ internet/connection sharing (ics) service? i clicked yes...windows cannot start the windows firewall/internet connection sharing ics service. what the hell di i do? im running MICROSOFT WINDOWS XP HOME EDITION
SERVICE PACK 3
THANKS HOPE TO HEAR SOMETH9NG SOON!


Mod Edit: Moved from XP to Am I Infected - Hamluis.

Edited by hamluis, 24 July 2012 - 08:19 PM.
removed misplaced mangled code


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:32 PM

Posted 24 July 2012 - 08:41 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 javi408

javi408
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:01:32 PM

Posted 25 July 2012 - 09:31 AM


Hi thanks for the reply! the eset online scanner requires internet access? i dont have that on the on the infected computer. I cant access fire wall but by network connection is connected but not firewalled.. Im using laptop to fix other comp but here are the other logs :)....

06:57:39.0562 3500 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
06:57:39.0593 3500 ============================================================
06:57:39.0593 3500 Current date / time: 2012/07/25 06:57:39.0593
06:57:39.0593 3500 SystemInfo:
06:57:39.0593 3500
06:57:39.0593 3500 OS Version: 5.1.2600 ServicePack: 3.0
06:57:39.0593 3500 Product type: Workstation
06:57:39.0593 3500 ComputerName: CONZUMEL
06:57:39.0593 3500 UserName: Javier Rojas
06:57:39.0593 3500 Windows directory: C:\WINDOWS
06:57:39.0593 3500 System windows directory: C:\WINDOWS
06:57:39.0593 3500 Processor architecture: Intel x86
06:57:39.0593 3500 Number of processors: 2
06:57:39.0593 3500 Page size: 0x1000
06:57:39.0593 3500 Boot type: Normal boot
06:57:39.0593 3500 ============================================================
06:57:40.0437 3500 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
06:57:40.0437 3500 Drive \Device\Harddisk1\DR4 - Size: 0xEE500000 (3.72 Gb), SectorSize: 0x200, Cylinders: 0x1E6, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
06:57:40.0453 3500 ============================================================
06:57:40.0453 3500 \Device\Harddisk0\DR0:
06:57:40.0453 3500 MBR partitions:
06:57:40.0453 3500 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0xB856F, BlocksNum 0x53C3F0F7
06:57:40.0453 3500 \Device\Harddisk1\DR4:
06:57:40.0453 3500 MBR partitions:
06:57:40.0453 3500 \Device\Harddisk1\DR4\Partition0: MBR, Type 0xB, StartLBA 0x2000, BlocksNum 0x76FC00
06:57:40.0453 3500 ============================================================
06:57:40.0500 3500 C: <-> \Device\Harddisk0\DR0\Partition0
06:57:40.0500 3500 ============================================================
06:57:40.0500 3500 Initialize success
06:57:40.0500 3500 ============================================================
06:58:01.0062 1968 ============================================================
06:58:01.0062 1968 Scan started
06:58:01.0062 1968 Mode: Manual; TDLFS;
06:58:01.0062 1968 ============================================================
06:58:01.0203 1968 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
06:58:01.0203 1968 !SASCORE - ok
06:58:01.0312 1968 A3AB (21af8e9c727c6d7643ad497268f55bf1) C:\WINDOWS\system32\DRIVERS\A3AB.sys
06:58:01.0312 1968 A3AB - ok
06:58:01.0328 1968 Abiosdsk - ok
06:58:01.0359 1968 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
06:58:01.0359 1968 abp480n5 - ok
06:58:01.0390 1968 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
06:58:01.0390 1968 ACPI - ok
06:58:01.0421 1968 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
06:58:01.0421 1968 ACPIEC - ok
06:58:01.0484 1968 AcrSch2Svc (83dd7039708363dcac034697ac69d716) C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
06:58:01.0484 1968 AcrSch2Svc - ok
06:58:01.0546 1968 AdobeActiveFileMonitor7.0 (3fd8dc2c9735c2aa70155102cfb93eda) C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
06:58:01.0546 1968 AdobeActiveFileMonitor7.0 - ok
06:58:01.0625 1968 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
06:58:01.0640 1968 AdobeFlashPlayerUpdateSvc - ok
06:58:01.0656 1968 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
06:58:01.0671 1968 adpu160m - ok
06:58:01.0687 1968 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
06:58:01.0687 1968 aec - ok
06:58:01.0687 1968 afcdp (ae5ffc3fd72681f3f7e80318df9aa2d8) C:\WINDOWS\system32\DRIVERS\afcdp.sys
06:58:01.0687 1968 afcdp - ok
06:58:01.0812 1968 afcdpsrv (b2b2f4ab4fa782d0cebf98fe0b7e6288) C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
06:58:01.0843 1968 afcdpsrv - ok
06:58:01.0875 1968 AFD - ok
06:58:01.0890 1968 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
06:58:01.0906 1968 agp440 - ok
06:58:01.0906 1968 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
06:58:01.0906 1968 agpCPQ - ok
06:58:01.0921 1968 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
06:58:01.0921 1968 Aha154x - ok
06:58:01.0921 1968 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
06:58:01.0921 1968 aic78u2 - ok
06:58:01.0937 1968 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
06:58:01.0937 1968 aic78xx - ok
06:58:01.0953 1968 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
06:58:01.0953 1968 Alerter - ok
06:58:01.0968 1968 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
06:58:01.0984 1968 ALG - ok
06:58:02.0000 1968 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
06:58:02.0000 1968 AliIde - ok
06:58:02.0015 1968 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
06:58:02.0015 1968 alim1541 - ok
06:58:02.0015 1968 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
06:58:02.0031 1968 amdagp - ok
06:58:02.0031 1968 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
06:58:02.0031 1968 amsint - ok
06:58:02.0046 1968 AndNetDiag (b9348779da1fd0bb8b955810acd012c3) C:\WINDOWS\system32\DRIVERS\lgandnetdiag.sys
06:58:02.0046 1968 AndNetDiag - ok
06:58:02.0062 1968 ANDNetModem (5e874c8724caef8bdefc5c17510b266b) C:\WINDOWS\system32\DRIVERS\lgandnetmodem.sys
06:58:02.0062 1968 ANDNetModem - ok
06:58:02.0078 1968 andnetndis (f98394c1739bd8de322f81f8bd867bae) C:\WINDOWS\system32\DRIVERS\lgandnetndis.sys
06:58:02.0078 1968 andnetndis - ok
06:58:02.0093 1968 ANIO (920298c7aef97d8168d219d35975d295) C:\WINDOWS\system32\ANIO.SYS
06:58:02.0187 1968 ANIO - ok
06:58:02.0218 1968 ANIWZCSdService (aa3d68f26b2a27f660afc46039b061a4) C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
06:58:02.0218 1968 ANIWZCSdService - ok
06:58:02.0218 1968 AppMgmt - ok
06:58:02.0250 1968 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
06:58:02.0250 1968 asc - ok
06:58:02.0250 1968 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
06:58:02.0250 1968 asc3350p - ok
06:58:02.0265 1968 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
06:58:02.0265 1968 asc3550 - ok
06:58:02.0328 1968 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
06:58:02.0375 1968 aspnet_state - ok
06:58:02.0406 1968 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
06:58:02.0406 1968 AsyncMac - ok
06:58:02.0421 1968 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
06:58:02.0421 1968 atapi - ok
06:58:02.0421 1968 Atdisk - ok
06:58:02.0453 1968 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
06:58:02.0453 1968 Atmarpc - ok
06:58:02.0484 1968 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
06:58:02.0484 1968 AudioSrv - ok
06:58:02.0484 1968 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
06:58:02.0500 1968 audstub - ok
06:58:02.0531 1968 BASFND (3d87b0484be1093c6614062701f375c5) C:\Program Files\Broadcom\BACS\BASFND.sys
06:58:02.0531 1968 BASFND - ok
06:58:02.0546 1968 bcm4sbxp (78e7b52da292fa90bad2f887bbf22159) C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
06:58:02.0546 1968 bcm4sbxp - ok
06:58:02.0562 1968 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
06:58:02.0562 1968 Beep - ok
06:58:02.0578 1968 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
06:58:02.0593 1968 Browser - ok
06:58:02.0609 1968 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
06:58:02.0609 1968 cbidf - ok
06:58:02.0609 1968 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
06:58:02.0609 1968 cbidf2k - ok
06:58:02.0625 1968 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
06:58:02.0625 1968 cd20xrnt - ok
06:58:02.0640 1968 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
06:58:02.0656 1968 Cdaudio - ok
06:58:02.0656 1968 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
06:58:02.0656 1968 Cdfs - ok
06:58:02.0671 1968 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
06:58:02.0687 1968 Cdrom - ok
06:58:02.0703 1968 cfwids (1c7b1e36f3ced9e4b0b13385e627fe8b) C:\WINDOWS\system32\drivers\cfwids.sys
06:58:02.0703 1968 cfwids - ok
06:58:02.0718 1968 Changer - ok
06:58:02.0718 1968 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
06:58:02.0734 1968 CiSvc - ok
06:58:02.0734 1968 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
06:58:02.0750 1968 ClipSrv - ok
06:58:02.0750 1968 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
06:58:02.0843 1968 clr_optimization_v2.0.50727_32 - ok
06:58:02.0859 1968 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
06:58:02.0859 1968 CmdIde - ok
06:58:02.0875 1968 COMSysApp - ok
06:58:02.0890 1968 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
06:58:02.0890 1968 Cpqarray - ok
06:58:02.0906 1968 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
06:58:02.0906 1968 CryptSvc - ok
06:58:02.0937 1968 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
06:58:02.0937 1968 dac2w2k - ok
06:58:02.0937 1968 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
06:58:02.0937 1968 dac960nt - ok
06:58:02.0984 1968 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
06:58:03.0000 1968 DcomLaunch - ok
06:58:03.0015 1968 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
06:58:03.0031 1968 Dhcp - ok
06:58:03.0046 1968 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
06:58:03.0046 1968 Disk - ok
06:58:03.0046 1968 dmadmin - ok
06:58:03.0093 1968 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
06:58:03.0109 1968 dmboot - ok
06:58:03.0125 1968 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
06:58:03.0140 1968 dmio - ok
06:58:03.0140 1968 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
06:58:03.0156 1968 dmload - ok
06:58:03.0171 1968 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
06:58:03.0171 1968 dmserver - ok
06:58:03.0187 1968 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
06:58:03.0187 1968 DMusic - ok
06:58:03.0218 1968 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
06:58:03.0218 1968 Dnscache - ok
06:58:03.0234 1968 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
06:58:03.0234 1968 Dot3svc - ok
06:58:03.0265 1968 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
06:58:03.0265 1968 dpti2o - ok
06:58:03.0265 1968 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
06:58:03.0265 1968 drmkaud - ok
06:58:03.0296 1968 DSproct - ok
06:58:03.0312 1968 E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys
06:58:03.0328 1968 E100B - ok
06:58:03.0343 1968 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
06:58:03.0343 1968 EapHost - ok
06:58:03.0359 1968 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
06:58:03.0375 1968 ERSvc - ok
06:58:03.0406 1968 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
06:58:03.0406 1968 Eventlog - ok
06:58:03.0437 1968 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
06:58:03.0437 1968 EventSystem - ok
06:58:03.0468 1968 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
06:58:03.0468 1968 Fastfat - ok
06:58:03.0500 1968 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
06:58:03.0562 1968 FastUserSwitchingCompatibility - ok
06:58:03.0593 1968 Fax (e97d6a8684466df94ff3bc24fb787a07) C:\WINDOWS\system32\fxssvc.exe
06:58:03.0593 1968 Fax - ok
06:58:03.0609 1968 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
06:58:03.0625 1968 Fdc - ok
06:58:03.0625 1968 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
06:58:03.0640 1968 Fips - ok
06:58:03.0687 1968 FLEXnet Licensing Service (f76d04f7413b07daa029f6520b64b4e8) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
06:58:03.0703 1968 FLEXnet Licensing Service - ok
06:58:03.0718 1968 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
06:58:03.0718 1968 Flpydisk - ok
06:58:03.0734 1968 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
06:58:03.0734 1968 FltMgr - ok
06:58:03.0828 1968 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
06:58:03.0828 1968 FontCache3.0.0.0 - ok
06:58:03.0906 1968 FreeAgentGoNext Service (c0504d5561d4e3872bcba47531e2763b) C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
06:58:03.0906 1968 FreeAgentGoNext Service - ok
06:58:03.0937 1968 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
06:58:03.0937 1968 Fs_Rec - ok
06:58:03.0968 1968 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
06:58:03.0968 1968 Ftdisk - ok
06:58:04.0000 1968 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
06:58:04.0000 1968 Gpc - ok
06:58:04.0015 1968 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
06:58:04.0015 1968 HDAudBus - ok
06:58:04.0046 1968 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
06:58:04.0046 1968 helpsvc - ok
06:58:04.0062 1968 HidServ - ok
06:58:04.0078 1968 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
06:58:04.0078 1968 HidUsb - ok
06:58:04.0093 1968 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
06:58:04.0109 1968 hkmsvc - ok
06:58:04.0125 1968 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
06:58:04.0125 1968 hpn - ok
06:58:04.0171 1968 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
06:58:04.0171 1968 HTTP - ok
06:58:04.0203 1968 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
06:58:04.0218 1968 HTTPFilter - ok
06:58:04.0234 1968 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
06:58:04.0234 1968 i2omgmt - ok
06:58:04.0250 1968 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
06:58:04.0265 1968 i2omp - ok
06:58:04.0265 1968 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
06:58:04.0265 1968 i8042prt - ok
06:58:04.0375 1968 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
06:58:04.0390 1968 idsvc - ok
06:58:04.0484 1968 IJPLMSVC (ad5df6f4fbbc798636edc66bfec7d0de) C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
06:58:04.0484 1968 IJPLMSVC - ok
06:58:04.0515 1968 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
06:58:04.0515 1968 Imapi - ok
06:58:04.0531 1968 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
06:58:04.0546 1968 ImapiService - ok
06:58:04.0578 1968 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
06:58:04.0578 1968 ini910u - ok
06:58:04.0593 1968 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
06:58:04.0609 1968 IntelIde - ok
06:58:04.0625 1968 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
06:58:04.0625 1968 intelppm - ok
06:58:04.0640 1968 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
06:58:04.0640 1968 Ip6Fw - ok
06:58:04.0656 1968 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
06:58:04.0656 1968 IpFilterDriver - ok
06:58:04.0687 1968 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
06:58:04.0687 1968 IpInIp - ok
06:58:04.0703 1968 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
06:58:04.0718 1968 IpNat - ok
06:58:04.0734 1968 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
06:58:04.0734 1968 IPSec - ok
06:58:04.0750 1968 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
06:58:04.0750 1968 IRENUM - ok
06:58:04.0781 1968 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
06:58:04.0781 1968 isapnp - ok
06:58:04.0843 1968 JavaQuickStarterService (0a5709543986843d37a92290b7838340) C:\Program Files\Java\jre6\bin\jqs.exe
06:58:04.0843 1968 JavaQuickStarterService - ok
06:58:04.0906 1968 jswpsapi (9ba53bfbff4aa25fa2290b539f4d075b) C:\Program Files\D-Link\Wireless G WDA-1320\JSWUtil\jswpsapi.exe
06:58:04.0921 1968 jswpsapi - ok
06:58:04.0953 1968 JSWSCIMD (0c79476ceb3d497a7d0d6d828e9de4c6) C:\WINDOWS\system32\DRIVERS\jswscimd.sys
06:58:04.0953 1968 JSWSCIMD - ok
06:58:04.0968 1968 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
06:58:04.0968 1968 Kbdclass - ok
06:58:04.0968 1968 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
06:58:04.0968 1968 kbdhid - ok
06:58:04.0984 1968 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
06:58:04.0984 1968 kmixer - ok
06:58:05.0015 1968 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
06:58:05.0015 1968 KSecDD - ok
06:58:05.0031 1968 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
06:58:05.0093 1968 lanmanserver - ok
06:58:05.0125 1968 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
06:58:05.0125 1968 lanmanworkstation - ok
06:58:05.0140 1968 lbrtfdc - ok
06:58:05.0171 1968 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
06:58:05.0171 1968 LmHosts - ok
06:58:05.0187 1968 MBAMProtector (6dfe7f2e8e8a337263aa5c92a215f161) C:\WINDOWS\system32\drivers\mbam.sys
06:58:05.0187 1968 MBAMProtector - ok
06:58:05.0234 1968 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
06:58:05.0250 1968 MBAMService - ok
06:58:05.0312 1968 McAfee SiteAdvisor Service (aac3b33ba020d2af530d694a5a920180) C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
06:58:05.0328 1968 McAfee SiteAdvisor Service - ok
06:58:05.0359 1968 McMPFSvc (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
06:58:05.0359 1968 McMPFSvc - ok
06:58:05.0359 1968 mcmscsvc (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
06:58:05.0375 1968 mcmscsvc - ok
06:58:05.0375 1968 McNaiAnn (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
06:58:05.0375 1968 McNaiAnn - ok
06:58:05.0375 1968 McNASvc (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
06:58:05.0390 1968 McNASvc - ok
06:58:05.0421 1968 McODS (135aa9e9e7047b7dc1f753205d421a26) C:\Program Files\McAfee\VirusScan\mcods.exe
06:58:05.0421 1968 McODS - ok
06:58:05.0437 1968 McProxy (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
06:58:05.0437 1968 McProxy - ok
06:58:05.0468 1968 McShield (593fa4c378818ece76ba64a11ad56cf2) C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
06:58:05.0484 1968 McShield - ok
06:58:05.0546 1968 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
06:58:05.0562 1968 Messenger - ok
06:58:05.0593 1968 mfeapfk (43c31bdf404a6d7a7ac1bfd5ead2a566) C:\WINDOWS\system32\drivers\mfeapfk.sys
06:58:05.0593 1968 mfeapfk - ok
06:58:05.0640 1968 mfeavfk (c1dc5f42d3367f33b6451be78b38bd46) C:\WINDOWS\system32\drivers\mfeavfk.sys
06:58:05.0640 1968 mfeavfk - ok
06:58:05.0640 1968 mfeavfk01 - ok
06:58:05.0656 1968 mfebopk (0435c43f4c2be01b84868ad2a906397b) C:\WINDOWS\system32\drivers\mfebopk.sys
06:58:05.0656 1968 mfebopk - ok
06:58:05.0703 1968 mfefire (7e1f8b1bdc8240f08bd358b3a466c005) C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
06:58:05.0703 1968 mfefire - ok
06:58:05.0718 1968 mfefirek (4ea6ff90015424517843e931448e00f1) C:\WINDOWS\system32\drivers\mfefirek.sys
06:58:05.0718 1968 mfefirek - ok
06:58:05.0765 1968 mfehidk (d1e998748ba24a731106611d535c6bbf) C:\WINDOWS\system32\drivers\mfehidk.sys
06:58:05.0765 1968 mfehidk - ok
06:58:05.0781 1968 mfendisk (26c76d10ed650e6492800d6f081ecfba) C:\WINDOWS\system32\DRIVERS\mfendisk.sys
06:58:05.0781 1968 mfendisk - ok
06:58:05.0796 1968 mfendiskmp (26c76d10ed650e6492800d6f081ecfba) C:\WINDOWS\system32\DRIVERS\mfendisk.sys
06:58:05.0796 1968 mfendiskmp - ok
06:58:05.0812 1968 mferkdet (f454a13377f0a006d20a8c14a753c432) C:\WINDOWS\system32\drivers\mferkdet.sys
06:58:05.0812 1968 mferkdet - ok
06:58:05.0843 1968 mfetdi2k (070d3faf2eac417c59d8674a8752f7a6) C:\WINDOWS\system32\drivers\mfetdi2k.sys
06:58:05.0843 1968 mfetdi2k - ok
06:58:05.0859 1968 mfevtp (b10c4efd40810c08f4b44df2efcb54f7) C:\WINDOWS\system32\mfevtps.exe
06:58:05.0859 1968 mfevtp - ok
06:58:05.0875 1968 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
06:58:05.0875 1968 mnmdd - ok
06:58:05.0906 1968 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
06:58:05.0906 1968 mnmsrvc - ok
06:58:05.0937 1968 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
06:58:05.0937 1968 Modem - ok
06:58:05.0953 1968 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
06:58:05.0953 1968 Mouclass - ok
06:58:05.0968 1968 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
06:58:05.0968 1968 mouhid - ok
06:58:05.0984 1968 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
06:58:05.0984 1968 MountMgr - ok
06:58:06.0000 1968 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
06:58:06.0000 1968 mraid35x - ok
06:58:06.0015 1968 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
06:58:06.0031 1968 MRxDAV - ok
06:58:06.0062 1968 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
06:58:06.0078 1968 MRxSmb - ok
06:58:06.0093 1968 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
06:58:06.0093 1968 Msfs - ok
06:58:06.0093 1968 MSIServer - ok
06:58:06.0109 1968 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
06:58:06.0109 1968 MSKSSRV - ok
06:58:06.0125 1968 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
06:58:06.0125 1968 MSPCLOCK - ok
06:58:06.0140 1968 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
06:58:06.0140 1968 MSPQM - ok
06:58:06.0156 1968 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
06:58:06.0156 1968 mssmbios - ok
06:58:06.0171 1968 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
06:58:06.0171 1968 Mup - ok
06:58:06.0218 1968 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
06:58:06.0234 1968 napagent - ok
06:58:06.0250 1968 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
06:58:06.0265 1968 NDIS - ok
06:58:06.0281 1968 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
06:58:06.0281 1968 NdisTapi - ok
06:58:06.0312 1968 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
06:58:06.0312 1968 Ndisuio - ok
06:58:06.0328 1968 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
06:58:06.0328 1968 NdisWan - ok
06:58:06.0343 1968 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
06:58:06.0421 1968 NDProxy - ok
06:58:06.0531 1968 Nero BackItUp Scheduler 3 (6d4028d458eaaa1782099750790dc8c9) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
06:58:06.0531 1968 Nero BackItUp Scheduler 3 - ok
06:58:06.0546 1968 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
06:58:06.0546 1968 NetBIOS - ok
06:58:06.0578 1968 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
06:58:06.0578 1968 NetBT - ok
06:58:06.0609 1968 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
06:58:06.0609 1968 NetDDE - ok
06:58:06.0609 1968 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
06:58:06.0609 1968 NetDDEdsdm - ok
06:58:06.0640 1968 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
06:58:06.0640 1968 Netlogon - ok
06:58:06.0656 1968 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
06:58:06.0671 1968 Netman - ok
06:58:06.0765 1968 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
06:58:06.0765 1968 NetTcpPortSharing - ok
06:58:06.0796 1968 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
06:58:06.0796 1968 Nla - ok
06:58:06.0890 1968 NMIndexingService (1bef5464c06f4af0c704378824c52adb) C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
06:58:06.0890 1968 NMIndexingService - ok
06:58:06.0906 1968 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
06:58:06.0906 1968 Npfs - ok
06:58:06.0937 1968 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
06:58:06.0968 1968 Ntfs - ok
06:58:06.0984 1968 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
06:58:06.0984 1968 NtLmSsp - ok
06:58:07.0015 1968 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
06:58:07.0031 1968 NtmsSvc - ok
06:58:07.0046 1968 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
06:58:07.0062 1968 Null - ok
06:58:07.0171 1968 nv (15a6306a0b958bf60f09688d0ee70479) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
06:58:07.0265 1968 nv - ok
06:58:07.0312 1968 nvata (ef9941593b2e9b436f64a87ddb570d1a) C:\WINDOWS\system32\drivers\nvata.sys
06:58:07.0312 1968 nvata - ok
06:58:07.0343 1968 NVSvc (986d6666e076afd2b60acafd5b01a00f) C:\WINDOWS\system32\nvsvc32.exe
06:58:07.0343 1968 NVSvc - ok
06:58:07.0375 1968 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
06:58:07.0375 1968 NwlnkFlt - ok
06:58:07.0375 1968 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
06:58:07.0375 1968 NwlnkFwd - ok
06:58:07.0406 1968 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
06:58:07.0406 1968 Parport - ok
06:58:07.0421 1968 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
06:58:07.0421 1968 PartMgr - ok
06:58:07.0437 1968 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
06:58:07.0437 1968 ParVdm - ok
06:58:07.0437 1968 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
06:58:07.0437 1968 PCI - ok
06:58:07.0453 1968 PCIDump - ok
06:58:07.0453 1968 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
06:58:07.0453 1968 PCIIde - ok
06:58:07.0468 1968 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
06:58:07.0484 1968 Pcmcia - ok
06:58:07.0484 1968 PDCOMP - ok
06:58:07.0500 1968 PDFRAME - ok
06:58:07.0500 1968 PDRELI - ok
06:58:07.0515 1968 PDRFRAME - ok
06:58:07.0515 1968 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
06:58:07.0531 1968 perc2 - ok
06:58:07.0546 1968 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
06:58:07.0546 1968 perc2hib - ok
06:58:07.0578 1968 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
06:58:07.0578 1968 PlugPlay - ok
06:58:07.0609 1968 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
06:58:07.0609 1968 PolicyAgent - ok
06:58:07.0640 1968 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
06:58:07.0640 1968 PptpMiniport - ok
06:58:07.0656 1968 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
06:58:07.0656 1968 Processor - ok
06:58:07.0656 1968 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
06:58:07.0656 1968 ProtectedStorage - ok
06:58:07.0671 1968 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
06:58:07.0671 1968 PSched - ok
06:58:07.0687 1968 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
06:58:07.0687 1968 Ptilink - ok
06:58:07.0718 1968 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys
06:58:07.0718 1968 PxHelp20 - ok
06:58:07.0734 1968 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
06:58:07.0734 1968 ql1080 - ok
06:58:07.0750 1968 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
06:58:07.0750 1968 Ql10wnt - ok
06:58:07.0750 1968 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
06:58:07.0765 1968 ql12160 - ok
06:58:07.0765 1968 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
06:58:07.0765 1968 ql1240 - ok
06:58:07.0765 1968 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
06:58:07.0781 1968 ql1280 - ok
06:58:07.0796 1968 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
06:58:07.0796 1968 RasAcd - ok
06:58:07.0812 1968 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
06:58:07.0828 1968 RasAuto - ok
06:58:07.0843 1968 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
06:58:07.0859 1968 Rasl2tp - ok
06:58:07.0875 1968 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
06:58:07.0890 1968 RasMan - ok
06:58:07.0890 1968 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
06:58:07.0890 1968 RasPppoe - ok
06:58:07.0906 1968 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
06:58:07.0906 1968 Raspti - ok
06:58:07.0921 1968 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
06:58:07.0921 1968 Rdbss - ok
06:58:07.0937 1968 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
06:58:07.0937 1968 RDPCDD - ok
06:58:07.0968 1968 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
06:58:07.0968 1968 rdpdr - ok
06:58:08.0000 1968 RDPWD (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys
06:58:08.0187 1968 RDPWD - ok
06:58:08.0203 1968 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
06:58:08.0218 1968 RDSessMgr - ok
06:58:08.0250 1968 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
06:58:08.0250 1968 redbook - ok
06:58:08.0265 1968 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
06:58:08.0281 1968 RemoteAccess - ok
06:58:08.0296 1968 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
06:58:08.0296 1968 RpcLocator - ok
06:58:08.0328 1968 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
06:58:08.0343 1968 RpcSs - ok
06:58:08.0359 1968 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
06:58:08.0359 1968 RSVP - ok
06:58:08.0390 1968 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
06:58:08.0390 1968 SamSs - ok
06:58:08.0453 1968 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
06:58:08.0531 1968 SASDIFSV - ok
06:58:08.0531 1968 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
06:58:08.0609 1968 SASKUTIL - ok
06:58:08.0625 1968 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
06:58:08.0625 1968 SCardSvr - ok
06:58:08.0640 1968 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
06:58:08.0656 1968 Schedule - ok
06:58:08.0687 1968 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
06:58:08.0687 1968 Secdrv - ok
06:58:08.0718 1968 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
06:58:08.0718 1968 seclogon - ok
06:58:08.0718 1968 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
06:58:08.0734 1968 SENS - ok
06:58:08.0750 1968 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
06:58:08.0750 1968 serenum - ok
06:58:08.0765 1968 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
06:58:08.0765 1968 Serial - ok
06:58:08.0796 1968 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
06:58:08.0796 1968 Sfloppy - ok
06:58:08.0828 1968 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
06:58:08.0828 1968 SharedAccess - ok
06:58:08.0859 1968 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
06:58:08.0859 1968 ShellHWDetection - ok
06:58:08.0875 1968 Simbad - ok
06:58:08.0890 1968 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
06:58:08.0890 1968 sisagp - ok
06:58:08.0921 1968 snapman (1dd89a51c441a1df5ca1dea28be0b589) C:\WINDOWS\system32\DRIVERS\snapman.sys
06:58:08.0921 1968 snapman - ok
06:58:08.0953 1968 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
06:58:08.0953 1968 Sparrow - ok
06:58:08.0968 1968 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
06:58:08.0984 1968 splitter - ok
06:58:09.0000 1968 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
06:58:09.0000 1968 Spooler - ok
06:58:09.0015 1968 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
06:58:09.0015 1968 sr - ok
06:58:09.0031 1968 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
06:58:09.0031 1968 srservice - ok
06:58:09.0046 1968 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
06:58:09.0062 1968 Srv - ok
06:58:09.0078 1968 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
06:58:09.0093 1968 SSDPSRV - ok
06:58:09.0156 1968 STHDA (8990440e4b2a7ca5a56a1833b03741fd) C:\WINDOWS\system32\drivers\sthda.sys
06:58:09.0156 1968 STHDA - ok
06:58:09.0187 1968 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
06:58:09.0218 1968 stisvc - ok
06:58:09.0265 1968 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
06:58:09.0265 1968 swenum - ok
06:58:09.0281 1968 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
06:58:09.0281 1968 swmidi - ok
06:58:09.0296 1968 SwPrv - ok
06:58:09.0328 1968 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
06:58:09.0328 1968 symc810 - ok
06:58:09.0328 1968 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
06:58:09.0328 1968 symc8xx - ok
06:58:09.0328 1968 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
06:58:09.0343 1968 sym_hi - ok
06:58:09.0343 1968 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
06:58:09.0343 1968 sym_u3 - ok
06:58:09.0359 1968 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
06:58:09.0375 1968 sysaudio - ok
06:58:09.0375 1968 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
06:58:09.0390 1968 SysmonLog - ok
06:58:09.0406 1968 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
06:58:09.0421 1968 TapiSrv - ok
06:58:09.0453 1968 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
06:58:09.0468 1968 Tcpip - ok
06:58:09.0484 1968 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
06:58:09.0484 1968 TDPIPE - ok
06:58:09.0546 1968 tdrpman258 (8de3e45000ba8c9ebb16737d3f83e216) C:\WINDOWS\system32\DRIVERS\tdrpm258.sys
06:58:09.0578 1968 tdrpman258 - ok
06:58:09.0609 1968 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
06:58:09.0609 1968 TDTCP - ok
06:58:09.0640 1968 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
06:58:09.0640 1968 TermDD - ok
06:58:09.0656 1968 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
06:58:09.0671 1968 TermService - ok
06:58:09.0703 1968 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
06:58:09.0703 1968 Themes - ok
06:58:09.0734 1968 tifsfilter (b84b82c0cbeb1b0d7eb7a946bade5830) C:\WINDOWS\system32\DRIVERS\tifsfilt.sys
06:58:09.0750 1968 tifsfilter - ok
06:58:09.0765 1968 timounter (a34d7024bb7140ec785c86bc065d4f60) C:\WINDOWS\system32\DRIVERS\timntr.sys
06:58:09.0781 1968 timounter - ok
06:58:09.0812 1968 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
06:58:09.0812 1968 TosIde - ok
06:58:09.0843 1968 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
06:58:09.0843 1968 TrkWks - ok
06:58:09.0875 1968 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
06:58:09.0890 1968 Udfs - ok
06:58:09.0906 1968 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
06:58:09.0906 1968 ultra - ok
06:58:09.0921 1968 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
06:58:09.0921 1968 Update - ok
06:58:09.0937 1968 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
06:58:09.0953 1968 upnphost - ok
06:58:09.0968 1968 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
06:58:09.0968 1968 UPS - ok
06:58:10.0000 1968 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
06:58:10.0000 1968 usbccgp - ok
06:58:10.0015 1968 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
06:58:10.0015 1968 usbehci - ok
06:58:10.0031 1968 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
06:58:10.0031 1968 usbhub - ok
06:58:10.0078 1968 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
06:58:10.0078 1968 usbohci - ok
06:58:10.0093 1968 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
06:58:10.0093 1968 usbprint - ok
06:58:10.0109 1968 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
06:58:10.0109 1968 usbscan - ok
06:58:10.0140 1968 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
06:58:10.0140 1968 USBSTOR - ok
06:58:10.0156 1968 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
06:58:10.0156 1968 usbuhci - ok
06:58:10.0171 1968 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
06:58:10.0187 1968 VgaSave - ok
06:58:10.0203 1968 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
06:58:10.0203 1968 viaagp - ok
06:58:10.0218 1968 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
06:58:10.0218 1968 ViaIde - ok
06:58:10.0234 1968 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
06:58:10.0234 1968 VolSnap - ok
06:58:10.0250 1968 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
06:58:10.0265 1968 VSS - ok
06:58:10.0281 1968 w32time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
06:58:10.0296 1968 w32time - ok
06:58:10.0312 1968 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
06:58:10.0312 1968 Wanarp - ok
06:58:10.0312 1968 WDICA - ok
06:58:10.0328 1968 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
06:58:10.0328 1968 wdmaud - ok
06:58:10.0359 1968 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
06:58:10.0359 1968 WebClient - ok
06:58:10.0437 1968 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
06:58:10.0437 1968 winmgmt - ok
06:58:10.0468 1968 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
06:58:10.0484 1968 WmdmPmSN - ok
06:58:10.0500 1968 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
06:58:10.0500 1968 WmiApSrv - ok
06:58:10.0593 1968 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe
06:58:10.0625 1968 WMPNetworkSvc - ok
06:58:10.0640 1968 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\Drivers\wpdusb.sys
06:58:10.0640 1968 WpdUsb - ok
06:58:10.0671 1968 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
06:58:10.0671 1968 wscsvc - ok
06:58:10.0703 1968 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
06:58:10.0718 1968 wuauserv - ok
06:58:10.0750 1968 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
06:58:10.0750 1968 WudfPf - ok
06:58:10.0781 1968 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
06:58:10.0781 1968 WudfRd - ok
06:58:10.0796 1968 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
06:58:10.0796 1968 WudfSvc - ok
06:58:10.0843 1968 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
06:58:10.0859 1968 WZCSVC - ok
06:58:10.0875 1968 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
06:58:10.0890 1968 xmlprov - ok
06:58:10.0906 1968 MBR (0x1B8) (91722e6bc3a2b40ff00222dca4a3db3e) \Device\Harddisk0\DR0
06:58:11.0250 1968 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
06:58:11.0250 1968 \Device\Harddisk0\DR0 - detected TDSS File System (1)
06:58:11.0250 1968 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR4
06:58:15.0156 1968 \Device\Harddisk1\DR4 - ok
06:58:15.0156 1968 Boot (0x1200) (ab3edb0404dd5e6a8bc06055c9eb070e) \Device\Harddisk0\DR0\Partition0
06:58:15.0156 1968 \Device\Harddisk0\DR0\Partition0 - ok
06:58:15.0171 1968 Boot (0x1200) (e086a2dc9788810f1f3ec348c5c9f30d) \Device\Harddisk1\DR4\Partition0
06:58:15.0171 1968 \Device\Harddisk1\DR4\Partition0 - ok
06:58:15.0171 1968 ============================================================
06:58:15.0171 1968 Scan finished
06:58:15.0171 1968 ============================================================
06:58:15.0187 2668 Detected object count: 1
06:58:15.0187 2668 Actual detected object count: 1
06:58:33.0515 2668 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
06:58:33.0515 2668 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
06:59:24.0593 2680 Deinitialize success


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-25 06:59:47
-----------------------------
06:59:47.609 OS Version: Windows 5.1.2600 Service Pack 3
06:59:47.609 Number of processors: 2 586 0x6B01
06:59:47.609 ComputerName: CONZUMEL UserName:
06:59:48.500 Initialize success
06:59:57.671 AVAST engine download error: 0
07:01:37.812 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000006d
07:01:37.812 Disk 0 Vendor: ST3750640AS 3.AAE Size: 715404MB BusType: 3
07:01:37.828 Disk 0 MBR read successfully
07:01:37.828 Disk 0 MBR scan
07:01:37.828 Disk 0 unknown MBR code
07:01:37.828 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 368 MB offset 63
07:01:37.828 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 686206 MB offset 755055
07:01:37.859 Disk 0 Partition 3 00 DB CP/M / CTOS Dell 8.0 28827 MB offset 1406105190
07:01:37.859 Disk 0 scanning sectors +1465144065
07:01:37.921 Disk 0 scanning C:\WINDOWS\system32\drivers
07:01:43.546 Service scanning
07:01:50.859 Modules scanning
07:01:53.906 Disk 0 trace - called modules:
07:01:53.921 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll nvata.sys
07:01:53.921 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a965ab8]
07:01:53.937 3 CLASSPNP.SYS[ba0e8fd7] -> nt!IofCallDriver -> \Device\0000006f[0x8a855e10]
07:01:53.937 5 ACPI.sys[b9f7f620] -> nt!IofCallDriver -> \Device\0000006d[0x8a853030]
07:01:53.937 Scan finished successfully
07:02:25.500 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Javier Rojas\Desktop\LOGS FOR VIRUS\MBR.dat"
07:02:25.500 The log file has been saved successfully to "C:\Documents and Settings\Javier Rojas\Desktop\LOGS FOR VIRUS\aswMBR.txt"


waiting for further instructions...

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:32 PM

Posted 25 July 2012 - 09:33 AM

Hi thanks for the reply! the eset online scanner requires internet access? i dont have that on the on the infected computer.


Lets try to restore it

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

#5 javi408

javi408
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:01:32 PM

Posted 25 July 2012 - 10:01 AM

Farbar Service Scanner Version: 22-07-2012
Ran by Javier Rojas (administrator) on 25-07-2012 at 07:56:37
Running from "C:\Documents and Settings\Javier Rojas\Desktop\fix reg for comp programs"
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============
Dnscache Service is not running. Checking service configuration:
The start type of Dnscache service is OK.
The ImagePath of Dnscache service is OK.
The ServiceDll of Dnscache service is OK.

Dhcp Service is not running. Checking service configuration:
The start type of Dhcp service is OK.
The ImagePath of Dhcp service is OK.
The ServiceDll of Dhcp service is OK.

afd Service is not running. Checking service configuration:
The start type of afd service is OK.
The ImagePath of afd service is OK.

Tcpip Service is not running. Checking service configuration:
The start type of Tcpip service is OK.
The ImagePath of Tcpip service is OK.


Connection Status:
==============
Attempt to access Local Host IP returned error: Localhost is blocked: Other errors
There is no connection to network.
Attempt to access Google IP returned error: Other errors
Attempt to access Google.com returned error: Other errors
Attempt to access Yahoo IP returned error: Other errors
Attempt to access Yahoo.com returned error: Other errors


Windows Firewall:
=============
sharedaccess Service is not running. Checking service configuration:
The start type of sharedaccess service is OK.
The ImagePath of sharedaccess service is OK.
The ServiceDll of sharedaccess service is OK.


Firewall Disabled Policy:
==================
ATTENTION!=====> Unable to retrieve HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\\EnableFirewall value. The value does not exist.
ATTENTION!=====> Unable to retrieve HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\EnableFirewall value. The value does not exist.


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv: "C:\WINDOWS\system32\wuauserv.dll".

BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.


Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit

ATTENTION!=====> C:\WINDOWS\system32\Drivers\afd.sys FILE IS MISSING AND SHOULD BE RESTORED.

C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
Gpc(6) IPSec(5) JSWSCIMD(9) mfetdi2k(8) NetBT(6) PSched(7) Tcpip(3)
0x09000000040000000100000002000000030000000800000005000000060000000700000009000000
ATTENTION!=====> IpSec Tag value should be 4.

**** End of log ****

Thanks for helping me!

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:32 PM

Posted 25 July 2012 - 10:08 AM

Launch FSS again and type

afd.sys
in search BOX and click on search files

Post the generated log

Edited by narenxp, 25 July 2012 - 10:09 AM.


#7 javi408

javi408
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:01:32 PM

Posted 25 July 2012 - 10:24 AM

Farbar Service Scanner Version: 22-07-2012
Ran by Javier Rojas (administrator) on 25-07-2012 at 08:13:44
Microsoft Windows XP Home Edition Service Pack 3 (X86)

************************************************
======== Search: "afd.sys" =========

C:\WINDOWS\system32\dllcache\afd.sys
[2008-06-20 04:40] - [2011-08-17 06:49] - 0138496 ____N (Microsoft Corporation) 1E44BC1E83D8FD2305F8D452DB109CF9

C:\WINDOWS\ServicePackFiles\i386\afd.sys
[2008-04-13 12:19] - [2008-04-13 12:19] - 0138112 ____N (Microsoft Corporation) 322D0E36693D6E24A2398BEE62A268CD

C:\WINDOWS\$NtUninstallKB956803_0$\afd.sys
[2010-08-19 05:32] - [2008-06-20 03:44] - 0138368 ____C (Microsoft Corporation) 944CA435BFCFC82CC1ED9E3A7D731AA9

C:\WINDOWS\$NtUninstallKB956803$\afd.sys
[2010-08-19 15:39] - [2008-06-20 04:40] - 0138496 ____C (Microsoft Corporation) E3049B90FE06F3F740B7CFDA44995E2C

C:\WINDOWS\$NtUninstallKB951748_0$\afd.sys
[2010-08-19 05:27] - [2004-08-04 03:00] - 0138496 ____C (Microsoft Corporation) 5AC495F4CB807B2B98AD2AD591E6D92E

C:\WINDOWS\$NtUninstallKB951748$\afd.sys
[2010-08-19 15:38] - [2008-04-13 12:19] - 0138112 ____C (Microsoft Corporation) 322D0E36693D6E24A2398BEE62A268CD

C:\WINDOWS\$NtUninstallKB2592799$\afd.sys
[2011-12-27 14:20] - [2008-10-16 07:43] - 0138496 ____C (Microsoft Corporation) 7618D5218F2A614672EC61A80D854A37

C:\WINDOWS\$NtUninstallKB2509553$\afd.sys
[2011-12-27 14:16] - [2008-08-14 03:04] - 0138496 ____C (Microsoft Corporation) 7E775010EF291DA96AD17CA4B17137D7

C:\WINDOWS\$NtServicePackUninstall$\afd.sys
[2010-08-19 15:29] - [2008-08-14 02:51] - 0138368 ____C (Microsoft Corporation) 55E6E1C51B6D30E54335750955453702

C:\WINDOWS\$hf_mig$\KB956803\SP3QFE\afd.sys
[2010-08-18 22:24] - [2008-08-14 03:34] - 0138496 ____A (Microsoft Corporation) 4D43E74F2A1239D53929B82600F1971C

C:\WINDOWS\$hf_mig$\KB956803\SP3GDR\afd.sys
[2010-08-18 22:24] - [2008-08-14 03:04] - 0138496 ____A (Microsoft Corporation) 7E775010EF291DA96AD17CA4B17137D7

C:\WINDOWS\$hf_mig$\KB956803\SP2QFE\afd.sys
[2010-08-18 22:24] - [2008-08-14 02:48] - 0138368 ____A (Microsoft Corporation) 6A0397376853E604DE8E1E7A87FC08AC

C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\afd.sys
[2008-06-20 04:48] - [2008-06-20 04:48] - 0138496 ____A (Microsoft Corporation) D6EE6014241D034E63C49A50CB2B442A

C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\afd.sys
[2008-06-20 04:40] - [2008-06-20 04:40] - 0138496 ____A (Microsoft Corporation) E3049B90FE06F3F740B7CFDA44995E2C

C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\afd.sys
[2008-06-20 03:44] - [2008-06-20 03:44] - 0138368 ____A (Microsoft Corporation) D99DDFFB33DEACDCF20717CB520379F6

C:\WINDOWS\$hf_mig$\KB2592799\SP3QFE\afd.sys
[2011-12-27 14:07] - [2011-08-17 06:41] - 0138496 ____A (Microsoft Corporation) F6B7B1ECD7B41736BDB6FF4B092BCB79

C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\afd.sys
[2008-10-16 08:07] - [2008-10-16 08:07] - 0138496 ___AC (Microsoft Corporation) 38D7B715504DA4741DF35E3594FE2099

C:\i386\afd.sys
[2010-08-18 19:54] - [2004-08-04 03:00] - 0138496 ____A (Microsoft Corporation) 5AC495F4CB807B2B98AD2AD591E6D92E

C:\Documents and Settings\Javier Rojas\My Documents\afd.sys
[2012-07-23 17:41] - [2008-04-13 12:19] - 0138112 ____A (Microsoft Corporation) 322D0E36693D6E24A2398BEE62A268CD

====== End Of Search ======

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:32 PM

Posted 25 July 2012 - 10:38 AM

Copy this file

C:\WINDOWS\ServicePackFiles\i386\afd.sys

Paste it in

C:\windows\system32\drivers folder

Restart the PC,and check your browser

Post the new FSS log

Edited by narenxp, 25 July 2012 - 10:38 AM.


#9 javi408

javi408
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:01:32 PM

Posted 25 July 2012 - 11:10 AM

Farbar Service Scanner Version: 22-07-2012
Ran by Javier Rojas (administrator) on 25-07-2012 at 08:56:25
Running from "C:\Documents and Settings\Javier Rojas\Desktop\fix reg for comp programs"
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============
Dnscache Service is not running. Checking service configuration:
The start type of Dnscache service is OK.
The ImagePath of Dnscache service is OK.
The ServiceDll of Dnscache service is OK.

Dhcp Service is not running. Checking service configuration:
The start type of Dhcp service is OK.
The ImagePath of Dhcp service is OK.
The ServiceDll of Dhcp service is OK.

Tcpip Service is not running. Checking service configuration:
The start type of Tcpip service is OK.
The ImagePath of Tcpip service is OK.


Connection Status:
==============
Attempt to access Local Host IP returned error: Localhost is blocked: Other errors
There is no connection to network.
Attempt to access Google IP returned error: Other errors
Attempt to access Google.com returned error: Other errors
Attempt to access Yahoo IP returned error: Other errors
Attempt to access Yahoo.com returned error: Other errors


Windows Firewall:
=============
sharedaccess Service is not running. Checking service configuration:
The start type of sharedaccess service is OK.
The ImagePath of sharedaccess service is OK.
The ServiceDll of sharedaccess service is OK.


Firewall Disabled Policy:
==================
ATTENTION!=====> Unable to retrieve HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\\EnableFirewall value. The value does not exist.
ATTENTION!=====> Unable to retrieve HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\EnableFirewall value. The value does not exist.


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
Gpc(6) IPSec(5) JSWSCIMD(9) mfetdi2k(8) NetBT(6) PSched(7) Tcpip(3)
0x09000000040000000100000002000000030000000800000005000000060000000700000009000000
ATTENTION!=====> IpSec Tag value should be 4.

**** End of log ****

i copied n paste a file from i386 but it didn't say adf.sys it only said afd. is that still the right file? thats the only file there. so i went ahead copied and paste to the drivers folder anyway..

Edited by javi408, 25 July 2012 - 11:11 AM.


#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:32 PM

Posted 25 July 2012 - 02:07 PM

i copied n paste a file from i386 but it didn't say adf.sys it only said afd.


I didnt say adf,i said afd.sys


Download

Winsock fix

Launch it ,Click on FIX

Restart your PC after it gets completed

Check your browser.If that doesnt work try this


PLEASE create a restore point before trying this

Please copy the entire contents of the codebox below into Notepad:


REGEDIT4

[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Winsock]

[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2]





Open a notepad ,copy the script,save it as

Filename:winsock.reg
save as type:All files


Launch it and click YES to add it to registry

After that, Reboot your computer.

After the restart,

Go to Network Connections
Right click on your normal connection icon, and choose Properties
Click the Install button
Choose Protocol then click Add
Click Have disk
In the drop down box, type in: C:\WINDOWS\INF and click OK
In the next dialog, click Internet Protocol (TCP/IP) then click OK
Click Close to leave the properties box

After that, restart your computer and see if you can browse now.

Post the NEW FSS log

Good luck

#11 javi408

javi408
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:01:32 PM

Posted 25 July 2012 - 02:08 PM

I noticed in regisrty editor HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\AFD... i only have 001,003,004 of the controlset...and i noticed i dont have the ADF file in any of them.. could this be the problem?

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:32 PM

Posted 25 July 2012 - 02:10 PM

I noticed in regisrty editor HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\AFD... i only have 001,003,004 of the controlset...and i noticed i dont have the ADF file in any of them.. could this be the problem?


what is ADF?

Please follow my instructions

#13 javi408

javi408
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:01:32 PM

Posted 25 July 2012 - 02:58 PM

I meant AFD. HKEY_LOCAL_MACHINE\SYSTEM\CONTROLSET003\SERVICES\__? there is no AFD file... also there is no controlset002, is there suppossed to be one?

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:32 PM

Posted 25 July 2012 - 03:41 PM

I meant AFD. HKEY_LOCAL_MACHINE\SYSTEM\CONTROLSET003\SERVICES\__? there is no AFD file... also there is no controlset002, is there suppossed to be one?


Ignore it

Follow my previous isntructions

#15 javi408

javi408
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:01:32 PM

Posted 25 July 2012 - 07:26 PM

Dude you are awesome! iam able to access my windows firewall but still not displaying webpage :( but i know we are close..

Farbar Service Scanner Version: 22-07-2012
Ran by Javier Rojas (administrator) on 25-07-2012 at 17:18:11
Running from "C:\Documents and Settings\Javier Rojas\Desktop\fix reg for comp programs"
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Attempt to access Google.com returned error: Other errors
Yahoo IP is accessible.
Attempt to access Yahoo.com returned error: Other errors


Windows Firewall:
=============

Firewall Disabled Policy:
==================
ATTENTION!=====> Unable to retrieve HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\\EnableFirewall value. The value does not exist.


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
Gpc(6) IPSec(5) JSWSCIMD(9) mfetdi2k(8) NetBT(6) PSched(7) Tcpip(3)
0x09000000050000000400000001000000020000000300000008000000060000000700000009000000
IpSec Tag value is correct.

**** End of log ****


thanks for your help!very much appreciated...hopefully udont quit after this lol




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users