Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows security center will not start!


  • Please log in to reply
12 replies to this topic

#1 Dragonitex

Dragonitex

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:02:56 AM

Posted 04 September 2012 - 10:11 AM

Hi all,

I've ready many posts about this problem but none of the solutions work for me so I'm making a thread to make sure I get the perfect solution.

What I'm trying to do is portforward WITHOUT using the router, however when I go to Start>Control panel>Windows Firewall it says "The Windows Firewall service is not running." I then go to Start and type this in "C:\Windows\System32\wscui.cpl" to open up windows security center, this is also off. I click "Turn on now" and a message pops up saying "The Security Center service can't be started.". I go to Start>Services as the other guides have told me to do and neither "Windows Firewall" or "Security center" are in the services list..

Please can somebody find me a solution it would be much appreciated!

Edited by Dragonitex, 04 September 2012 - 01:22 PM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:56 PM

Posted 04 September 2012 - 10:15 AM

Lets make sure system is clean before fixing services


Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 Dragonitex

Dragonitex
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:02:56 AM

Posted 04 September 2012 - 01:19 PM

I am unable to post files.. However I will post the log.

16:21:56.0874 5664 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
16:21:58.0594 5664 ============================================================
16:21:58.0594 5664 Current date / time: 2012/09/04 16:21:58.0594
16:21:58.0594 5664 SystemInfo:
16:21:58.0594 5664
16:21:58.0594 5664 OS Version: 6.0.6002 ServicePack: 2.0
16:21:58.0594 5664 Product type: Workstation
16:21:58.0595 5664 ComputerName: KIDZ-PC
16:21:58.0595 5664 UserName: Tom
16:21:58.0595 5664 Windows directory: C:\Windows
16:21:58.0595 5664 System windows directory: C:\Windows
16:21:58.0595 5664 Processor architecture: Intel x86
16:21:58.0595 5664 Number of processors: 2
16:21:58.0595 5664 Page size: 0x1000
16:21:58.0595 5664 Boot type: Normal boot
16:21:58.0595 5664 ============================================================
16:22:01.0635 5664 Drive \Device\Harddisk0\DR0 - Size: 0x2540BE4000 (149.01 Gb), SectorSize: 0x200, Cylinders: 0x4BFC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
16:22:01.0637 5664 ============================================================
16:22:01.0637 5664 \Device\Harddisk0\DR0:
16:22:01.0637 5664 MBR partitions:
16:22:01.0637 5664 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1F800, BlocksNum 0x1400000
16:22:01.0637 5664 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x141F800, BlocksNum 0x115E5800
16:22:01.0637 5664 ============================================================
16:22:01.0669 5664 C: <-> \Device\Harddisk0\DR0\Partition2
16:22:01.0694 5664 D: <-> \Device\Harddisk0\DR0\Partition1
16:22:01.0694 5664 ============================================================
16:22:01.0694 5664 Initialize success
16:22:01.0694 5664 ============================================================
16:22:31.0036 4672 ============================================================
16:22:31.0036 4672 Scan started
16:22:31.0036 4672 Mode: Manual; TDLFS;
16:22:31.0036 4672 ============================================================
16:22:35.0866 4672 ================ Scan system memory ========================
16:22:35.0866 4672 System memory - ok
16:22:35.0867 4672 ================ Scan services =============================
16:22:36.0048 4672 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
16:22:36.0053 4672 ACPI - ok
16:22:36.0134 4672 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
16:22:36.0139 4672 AdobeFlashPlayerUpdateSvc - ok
16:22:36.0187 4672 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
16:22:36.0198 4672 adp94xx - ok
16:22:36.0280 4672 [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci C:\Windows\system32\drivers\adpahci.sys
16:22:36.0288 4672 adpahci - ok
16:22:36.0314 4672 [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
16:22:36.0323 4672 adpu160m - ok
16:22:36.0350 4672 [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320 C:\Windows\system32\drivers\adpu320.sys
16:22:36.0359 4672 adpu320 - ok
16:22:36.0420 4672 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:22:36.0422 4672 AeLookupSvc - ok
16:22:36.0469 4672 [ 330A1E4DF07C2E29949ED8631CD8828E ] AERTFilters C:\Windows\system32\AERTSrv.exe
16:22:36.0607 4672 AERTFilters - ok
16:22:36.0653 4672 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
16:22:36.0982 4672 AFD - ok
16:22:37.0046 4672 [ 8B10CE1C1F9F1D47E4DEB1A547A00CD4 ] agp440 C:\Windows\system32\drivers\agp440.sys
16:22:37.0142 4672 agp440 - ok
16:22:37.0182 4672 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
16:22:37.0189 4672 aic78xx - ok
16:22:37.0233 4672 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
16:22:37.0236 4672 ALG - ok
16:22:37.0269 4672 [ 5C42A992E68724D2CD3DDB4FC3B0409F ] aliide C:\Windows\system32\drivers\aliide.sys
16:22:37.0453 4672 aliide - ok
16:22:37.0503 4672 [ 848F27E5B27C1C253F6CEFDC1A5D8F21 ] amdagp C:\Windows\system32\drivers\amdagp.sys
16:22:37.0632 4672 amdagp - ok
16:22:37.0674 4672 [ 849DFACDDE533DA5D1810F0CAF84EB19 ] amdide C:\Windows\system32\drivers\amdide.sys
16:22:37.0854 4672 amdide - ok
16:22:37.0899 4672 [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
16:22:37.0906 4672 AmdK7 - ok
16:22:37.0922 4672 [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
16:22:37.0930 4672 AmdK8 - ok
16:22:37.0997 4672 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
16:22:37.0999 4672 Appinfo - ok
16:22:38.0039 4672 [ 5F673180268BB1FDB69C99B6619FE379 ] arc C:\Windows\system32\drivers\arc.sys
16:22:38.0045 4672 arc - ok
16:22:38.0077 4672 [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas C:\Windows\system32\drivers\arcsas.sys
16:22:38.0083 4672 arcsas - ok
16:22:38.0134 4672 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:22:38.0136 4672 AsyncMac - ok
16:22:38.0177 4672 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
16:22:38.0178 4672 atapi - ok
16:22:38.0257 4672 [ 46BFAE60C542585770D1EE3C4CBE57DC ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
16:22:38.0275 4672 Ati External Event Utility - ok
16:22:38.0409 4672 [ 641449667853591A5A12CD9D0621FBA5 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
16:22:38.0508 4672 atikmdag - ok
16:22:38.0587 4672 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:22:38.0593 4672 AudioEndpointBuilder - ok
16:22:38.0603 4672 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
16:22:38.0607 4672 Audiosrv - ok
16:22:38.0656 4672 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
16:22:38.0659 4672 Beep - ok
16:22:38.0698 4672 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
16:22:38.0705 4672 BFE - ok
16:22:38.0713 4672 blbdrive - ok
16:22:38.0769 4672 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:22:38.0857 4672 bowser - ok
16:22:38.0915 4672 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
16:22:38.0924 4672 BrFiltLo - ok
16:22:38.0949 4672 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
16:22:38.0958 4672 BrFiltUp - ok
16:22:38.0989 4672 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
16:22:38.0999 4672 Browser - ok
16:22:39.0024 4672 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
16:22:39.0035 4672 Brserid - ok
16:22:39.0061 4672 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
16:22:39.0072 4672 BrSerWdm - ok
16:22:39.0095 4672 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
16:22:39.0099 4672 BrUsbMdm - ok
16:22:39.0126 4672 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
16:22:39.0134 4672 BrUsbSer - ok
16:22:39.0157 4672 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
16:22:39.0164 4672 BTHMODEM - ok
16:22:39.0209 4672 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:22:39.0212 4672 cdfs - ok
16:22:39.0273 4672 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
16:22:39.0283 4672 cdrom - ok
16:22:39.0336 4672 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
16:22:39.0338 4672 CertPropSvc - ok
16:22:39.0401 4672 [ 1C7B1E36F3CED9E4B0B13385E627FE8B ] cfwids C:\Windows\system32\drivers\cfwids.sys
16:22:39.0616 4672 cfwids - ok
16:22:39.0663 4672 [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass C:\Windows\system32\drivers\circlass.sys
16:22:39.0668 4672 circlass - ok
16:22:39.0716 4672 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
16:22:39.0726 4672 CLFS - ok
16:22:39.0784 4672 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:22:39.0790 4672 clr_optimization_v2.0.50727_32 - ok
16:22:39.0853 4672 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:22:39.0950 4672 clr_optimization_v4.0.30319_32 - ok
16:22:39.0972 4672 [ DE11A06E187756ECB86CFA82DAC40FF7 ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:22:40.0139 4672 cmdide - ok
16:22:40.0190 4672 [ 82B8C91D327CFECF76CB58716F7D4997 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
16:22:40.0197 4672 Compbatt - ok
16:22:40.0203 4672 COMSysApp - ok
16:22:40.0226 4672 [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
16:22:40.0230 4672 crcdisk - ok
16:22:40.0236 4672 [ 22A7F883508176489F559EE745B5BF5D ] Crusoe C:\Windows\system32\drivers\crusoe.sys
16:22:40.0240 4672 Crusoe - ok
16:22:40.0284 4672 [ 75C6A297E364014840B48ECCD7525E30 ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:22:40.0288 4672 CryptSvc - ok
16:22:40.0377 4672 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
16:22:40.0387 4672 DcomLaunch - ok
16:22:40.0417 4672 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:22:40.0540 4672 DfsC - ok
16:22:40.0624 4672 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
16:22:40.0664 4672 DFSR - ok
16:22:40.0740 4672 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
16:22:40.0746 4672 Dhcp - ok
16:22:40.0807 4672 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
16:22:40.0816 4672 disk - ok
16:22:40.0874 4672 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:22:40.0933 4672 Dnscache - ok
16:22:40.0971 4672 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
16:22:40.0976 4672 dot3svc - ok
16:22:41.0028 4672 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
16:22:41.0032 4672 DPS - ok
16:22:41.0086 4672 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:22:41.0094 4672 drmkaud - ok
16:22:41.0200 4672 [ 245F62A2AA67F4A61F10174BF1017327 ] DSBrokerService C:\Program Files\DellSupport\brkrsvc.exe
16:22:41.0281 4672 DSBrokerService - ok
16:22:41.0314 4672 [ 413F2D5F9D802688242C23B38F767ECB ] DSproct C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
16:22:41.0429 4672 DSproct - ok
16:22:41.0463 4672 [ DFEABB7CFFFADEA4A912AB95BDC3177A ] dsunidrv C:\Windows\system32\DRIVERS\dsunidrv.sys
16:22:41.0472 4672 dsunidrv - ok
16:22:41.0507 4672 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:22:41.0516 4672 DXGKrnl - ok
16:22:41.0587 4672 [ 04944F4FC4F0477185F5D26AE0DDB90E ] e1express C:\Windows\system32\DRIVERS\e1e6032.sys
16:22:41.0602 4672 e1express - ok
16:22:41.0661 4672 [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
16:22:41.0668 4672 E1G60 - ok
16:22:41.0700 4672 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
16:22:41.0707 4672 EapHost - ok
16:22:41.0739 4672 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
16:22:41.0748 4672 Ecache - ok
16:22:41.0783 4672 [ E8F3F21A71720C84BCF423B80028359F ] elxstor C:\Windows\system32\drivers\elxstor.sys
16:22:41.0792 4672 elxstor - ok
16:22:41.0849 4672 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
16:22:41.0862 4672 EMDMgmt - ok
16:22:41.0913 4672 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
16:22:41.0919 4672 EventSystem - ok
16:22:41.0952 4672 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
16:22:41.0958 4672 exfat - ok
16:22:41.0984 4672 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:22:41.0992 4672 fastfat - ok
16:22:42.0035 4672 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
16:22:42.0041 4672 fdc - ok
16:22:42.0091 4672 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
16:22:42.0096 4672 fdPHost - ok
16:22:42.0119 4672 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
16:22:42.0121 4672 FDResPub - ok
16:22:42.0170 4672 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:22:42.0174 4672 FileInfo - ok
16:22:42.0207 4672 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:22:42.0210 4672 Filetrace - ok
16:22:42.0257 4672 [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
16:22:42.0267 4672 flpydisk - ok
16:22:42.0310 4672 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:22:42.0318 4672 FltMgr - ok
16:22:42.0395 4672 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
16:22:42.0411 4672 FontCache - ok
16:22:42.0472 4672 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
16:22:42.0481 4672 FontCache3.0.0.0 - ok
16:22:42.0523 4672 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:22:42.0633 4672 Fs_Rec - ok
16:22:42.0664 4672 [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
16:22:42.0669 4672 gagp30kx - ok
16:22:42.0695 4672 getPlusHelper - ok
16:22:42.0761 4672 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
16:22:42.0787 4672 gpsvc - ok
16:22:42.0877 4672 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
16:22:42.0879 4672 gupdate - ok
16:22:42.0893 4672 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
16:22:42.0895 4672 gupdatem - ok
16:22:42.0964 4672 [ 3F90E001369A07243763BD5A523D8722 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:22:42.0975 4672 HdAudAddService - ok
16:22:43.0035 4672 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
16:22:43.0061 4672 HDAudBus - ok
16:22:43.0106 4672 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
16:22:43.0113 4672 HidBth - ok
16:22:43.0122 4672 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
16:22:43.0135 4672 HidIr - ok
16:22:43.0183 4672 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll
16:22:43.0186 4672 hidserv - ok
16:22:43.0212 4672 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
16:22:43.0219 4672 HidUsb - ok
16:22:43.0249 4672 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:22:43.0255 4672 hkmsvc - ok
16:22:43.0275 4672 [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
16:22:43.0283 4672 HpCISSs - ok
16:22:43.0328 4672 [ 0EEECA26C8D4BDE2A4664DB058A81937 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:22:43.0354 4672 HTTP - ok
16:22:43.0380 4672 [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp C:\Windows\system32\drivers\i2omp.sys
16:22:43.0386 4672 i2omp - ok
16:22:43.0453 4672 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
16:22:43.0462 4672 i8042prt - ok
16:22:43.0494 4672 [ 997E8F5939F2D12CD9F2E6B395724C16 ] iaStor C:\Windows\system32\drivers\iastor.sys
16:22:43.0607 4672 iaStor - ok
16:22:43.0650 4672 [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
16:22:43.0658 4672 iaStorV - ok
16:22:43.0732 4672 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
16:22:43.0768 4672 IDriverT - ok
16:22:43.0844 4672 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
16:22:43.0878 4672 idsvc - ok
16:22:43.0900 4672 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
16:22:43.0907 4672 iirsp - ok
16:22:43.0960 4672 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
16:22:43.0976 4672 IKEEXT - ok
16:22:44.0060 4672 [ F8F53C5449F15B23D4C61D51D2701DA8 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
16:22:44.0213 4672 IntcAzAudAddService - ok
16:22:44.0265 4672 [ 1B16626BEAE3A52E611FC681CD796F86 ] intelide C:\Windows\system32\DRIVERS\intelide.sys
16:22:44.0465 4672 intelide - ok
16:22:44.0560 4672 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:22:44.0587 4672 intelppm - ok
16:22:44.0655 4672 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:22:44.0680 4672 IPBusEnum - ok
16:22:44.0727 4672 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:22:44.0734 4672 IpFilterDriver - ok
16:22:44.0741 4672 IpInIp - ok
16:22:44.0779 4672 [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
16:22:44.0797 4672 IPMIDRV - ok
16:22:44.0839 4672 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
16:22:44.0845 4672 IPNAT - ok
16:22:44.0879 4672 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:22:44.0887 4672 IRENUM - ok
16:22:44.0961 4672 [ 2F8ECE2699E7E2070545E9B0960A8ED2 ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:22:45.0185 4672 isapnp - ok
16:22:45.0230 4672 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
16:22:45.0263 4672 iScsiPrt - ok
16:22:45.0326 4672 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
16:22:45.0352 4672 iteatapi - ok
16:22:45.0397 4672 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
16:22:45.0453 4672 iteraid - ok
16:22:45.0504 4672 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
16:22:45.0517 4672 kbdclass - ok
16:22:45.0594 4672 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
16:22:45.0618 4672 kbdhid - ok
16:22:45.0685 4672 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
16:22:45.0704 4672 KeyIso - ok
16:22:45.0821 4672 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:22:46.0103 4672 KSecDD - ok
16:22:46.0238 4672 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
16:22:46.0396 4672 KtmRm - ok
16:22:46.0463 4672 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll
16:22:46.0532 4672 LanmanServer - ok
16:22:46.0585 4672 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:22:46.0593 4672 LanmanWorkstation - ok
16:22:46.0631 4672 [ A1043645D16915DF12A6F2E049922A18 ] LexBceS C:\Windows\System32\LEXBCES.EXE
16:22:46.0931 4672 LexBceS - ok
16:22:46.0963 4672 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:22:46.0970 4672 lltdio - ok
16:22:47.0013 4672 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:22:47.0022 4672 lltdsvc - ok
16:22:47.0050 4672 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:22:47.0058 4672 lmhosts - ok
16:22:47.0110 4672 [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
16:22:47.0125 4672 LSI_FC - ok
16:22:47.0132 4672 [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
16:22:47.0141 4672 LSI_SAS - ok
16:22:47.0172 4672 [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
16:22:47.0178 4672 LSI_SCSI - ok
16:22:47.0211 4672 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
16:22:47.0216 4672 luafv - ok
16:22:47.0275 4672 [ F7E15F2FE7790733DF86E95A76556389 ] LVUSBSta C:\Windows\system32\drivers\LVUSBSta.sys
16:22:47.0405 4672 LVUSBSta - ok
16:22:47.0514 4672 [ 92D03DC19EAE9D0A86735705E374FDAD ] LVUVC C:\Windows\system32\DRIVERS\lvuvc.sys
16:22:47.0702 4672 LVUVC - ok
16:22:47.0813 4672 [ 7E6932EEDA54C8EAF7DC6C2225261B85 ] McAfee SiteAdvisor Service C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
16:22:47.0817 4672 McAfee SiteAdvisor Service - ok
16:22:47.0825 4672 [ 7E6932EEDA54C8EAF7DC6C2225261B85 ] McMPFSvc C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
16:22:47.0828 4672 McMPFSvc - ok
16:22:47.0838 4672 [ 7E6932EEDA54C8EAF7DC6C2225261B85 ] mcmscsvc C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
16:22:47.0840 4672 mcmscsvc - ok
16:22:47.0848 4672 [ 7E6932EEDA54C8EAF7DC6C2225261B85 ] McNaiAnn C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
16:22:47.0850 4672 McNaiAnn - ok
16:22:47.0896 4672 [ 7E6932EEDA54C8EAF7DC6C2225261B85 ] McNASvc C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
16:22:47.0898 4672 McNASvc - ok
16:22:48.0038 4672 [ B3CD9ADE1C2665124CA34125B331B0B4 ] McODS C:\Program Files\McAfee\VirusScan\mcods.exe
16:22:48.0045 4672 McODS - ok
16:22:48.0053 4672 [ 7E6932EEDA54C8EAF7DC6C2225261B85 ] McProxy C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
16:22:48.0055 4672 McProxy - ok
16:22:48.0125 4672 [ 593FA4C378818ECE76BA64A11AD56CF2 ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
16:22:48.0129 4672 McShield - ok
16:22:48.0173 4672 [ D153B14FC6598EAE8422A2037553ADCE ] megasas C:\Windows\system32\drivers\megasas.sys
16:22:48.0181 4672 megasas - ok
16:22:48.0224 4672 [ 43C31BDF404A6D7A7AC1BFD5EAD2A566 ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys
16:22:48.0347 4672 mfeapfk - ok
16:22:48.0395 4672 [ C1DC5F42D3367F33B6451BE78B38BD46 ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
16:22:48.0493 4672 mfeavfk - ok
16:22:48.0543 4672 mfeavfk01 - ok
16:22:48.0582 4672 mfeavfk02 - ok
16:22:48.0624 4672 [ 0435C43F4C2BE01B84868AD2A906397B ] mfebopk C:\Windows\system32\drivers\mfebopk.sys
16:22:48.0740 4672 mfebopk - ok
16:22:48.0773 4672 [ 7E1F8B1BDC8240F08BD358B3A466C005 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
16:22:48.0777 4672 mfefire - ok
16:22:48.0835 4672 [ 4EA6FF90015424517843E931448E00F1 ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
16:22:48.0960 4672 mfefirek - ok
16:22:49.0006 4672 [ D1E998748BA24A731106611D535C6BBF ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
16:22:49.0232 4672 mfehidk - ok
16:22:49.0277 4672 [ AC04A618AEF3DE0FCE91C766F9E069DA ] mfenlfk C:\Windows\system32\DRIVERS\mfenlfk.sys
16:22:49.0378 4672 mfenlfk - ok
16:22:49.0399 4672 [ F454A13377F0A006D20A8C14A753C432 ] mferkdet C:\Windows\system32\drivers\mferkdet.sys
16:22:49.0479 4672 mferkdet - ok
16:22:49.0523 4672 [ B10C4EFD40810C08F4B44DF2EFCB54F7 ] mfevtp C:\Windows\system32\mfevtps.exe
16:22:49.0528 4672 mfevtp - ok
16:22:49.0589 4672 [ F284337AEDB7483DF8A5FA840647E2B0 ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
16:22:49.0672 4672 mfewfpk - ok
16:22:49.0710 4672 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
16:22:49.0717 4672 MMCSS - ok
16:22:49.0748 4672 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
16:22:49.0755 4672 Modem - ok
16:22:49.0781 4672 [ 7446E104A5FE5987CA9E4983FBAC4F97 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:22:49.0783 4672 monitor - ok
16:22:49.0810 4672 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
16:22:49.0814 4672 mouclass - ok
16:22:49.0823 4672 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:22:49.0829 4672 mouhid - ok
16:22:49.0862 4672 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
16:22:49.0866 4672 MountMgr - ok
16:22:49.0923 4672 [ E8D79312373F254DC13F3965BDB3D521 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
16:22:49.0992 4672 MozillaMaintenance - ok
16:22:50.0028 4672 [ 583A41F26278D9E0EA548163D6139397 ] mpio C:\Windows\system32\drivers\mpio.sys
16:22:50.0032 4672 mpio - ok
16:22:50.0079 4672 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:22:50.0086 4672 mpsdrv - ok
16:22:50.0171 4672 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
16:22:50.0187 4672 MpsSvc - ok
16:22:50.0226 4672 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
16:22:50.0234 4672 Mraid35x - ok
16:22:50.0250 4672 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:22:50.0256 4672 MRxDAV - ok
16:22:50.0293 4672 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:22:50.0409 4672 mrxsmb - ok
16:22:50.0435 4672 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:22:50.0570 4672 mrxsmb10 - ok
16:22:50.0604 4672 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:22:50.0738 4672 mrxsmb20 - ok
16:22:50.0766 4672 [ 0D1C042188FFE61A702A9DF5944DE5BA ] msahci C:\Windows\system32\drivers\msahci.sys
16:22:50.0907 4672 msahci - ok
16:22:50.0953 4672 [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm C:\Windows\system32\drivers\msdsm.sys
16:22:50.0961 4672 msdsm - ok
16:22:50.0998 4672 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
16:22:51.0008 4672 MSDTC - ok
16:22:51.0038 4672 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:22:51.0044 4672 Msfs - ok
16:22:51.0094 4672 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:22:51.0096 4672 msisadrv - ok
16:22:51.0146 4672 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:22:51.0158 4672 MSiSCSI - ok
16:22:51.0165 4672 msiserver - ok
16:22:51.0195 4672 [ 7E6932EEDA54C8EAF7DC6C2225261B85 ] MSK80Service C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
16:22:51.0198 4672 MSK80Service - ok
16:22:51.0226 4672 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:22:51.0235 4672 MSKSSRV - ok
16:22:51.0276 4672 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:22:51.0280 4672 MSPCLOCK - ok
16:22:51.0300 4672 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:22:51.0305 4672 MSPQM - ok
16:22:51.0337 4672 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:22:51.0347 4672 MsRPC - ok
16:22:51.0391 4672 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
16:22:51.0397 4672 mssmbios - ok
16:22:51.0417 4672 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:22:51.0425 4672 MSTEE - ok
16:22:51.0459 4672 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
16:22:51.0465 4672 Mup - ok
16:22:51.0518 4672 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
16:22:51.0528 4672 napagent - ok
16:22:51.0566 4672 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:22:51.0576 4672 NativeWifiP - ok
16:22:51.0637 4672 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
16:22:51.0662 4672 NDIS - ok
16:22:51.0693 4672 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:22:51.0696 4672 NdisTapi - ok
16:22:51.0735 4672 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:22:51.0745 4672 Ndisuio - ok
16:22:51.0789 4672 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:22:51.0800 4672 NdisWan - ok
16:22:51.0847 4672 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:22:51.0852 4672 NDProxy - ok
16:22:51.0866 4672 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:22:51.0877 4672 NetBIOS - ok
16:22:51.0915 4672 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
16:22:51.0922 4672 netbt - ok
16:22:51.0940 4672 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
16:22:51.0943 4672 Netlogon - ok
16:22:51.0971 4672 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
16:22:51.0978 4672 Netman - ok
16:22:52.0013 4672 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
16:22:52.0022 4672 netprofm - ok
16:22:52.0079 4672 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:22:52.0084 4672 NetTcpPortSharing - ok
16:22:52.0137 4672 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
16:22:52.0144 4672 nfrd960 - ok
16:22:52.0178 4672 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
16:22:52.0184 4672 NlaSvc - ok
16:22:52.0234 4672 [ B15E0180C43D8B5219196D76878CC2DD ] NPF C:\Windows\system32\drivers\npf.sys
16:22:52.0245 4672 NPF - ok
16:22:52.0294 4672 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:22:52.0297 4672 Npfs - ok
16:22:52.0313 4672 npggsvc - ok
16:22:52.0353 4672 [ 9131FE60ADFAB595C8DA53AD6A06AA31 ] NPPTNT2 C:\Windows\system32\npptNT2.sys
16:22:52.0415 4672 NPPTNT2 - ok
16:22:52.0439 4672 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
16:22:52.0442 4672 nsi - ok
16:22:52.0470 4672 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:22:52.0473 4672 nsiproxy - ok
16:22:52.0534 4672 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:22:52.0593 4672 Ntfs - ok
16:22:52.0636 4672 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
16:22:52.0643 4672 ntrigdigi - ok
16:22:52.0666 4672 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
16:22:52.0672 4672 Null - ok
16:22:52.0696 4672 [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:22:52.0702 4672 nvraid - ok
16:22:52.0707 4672 [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:22:52.0716 4672 nvstor - ok
16:22:52.0748 4672 [ 055081FD5076401C1EE1BCAB08D81911 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:22:52.0835 4672 nv_agp - ok
16:22:52.0840 4672 NwlnkFlt - ok
16:22:52.0847 4672 NwlnkFwd - ok
16:22:52.0864 4672 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
16:22:52.0870 4672 ohci1394 - ok
16:22:52.0931 4672 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
16:22:52.0942 4672 p2pimsvc - ok
16:22:52.0972 4672 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
16:22:52.0979 4672 p2psvc - ok
16:22:53.0001 4672 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
16:22:53.0006 4672 Parport - ok
16:22:53.0039 4672 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:22:53.0231 4672 partmgr - ok
16:22:53.0276 4672 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
16:22:53.0284 4672 Parvdm - ok
16:22:53.0329 4672 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
16:22:53.0334 4672 PcaSvc - ok
16:22:53.0368 4672 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
16:22:53.0373 4672 pci - ok
16:22:53.0420 4672 [ 1636D43F10416AEB483BC6001097B26C ] pciide C:\Windows\system32\drivers\pciide.sys
16:22:53.0427 4672 pciide - ok
16:22:53.0462 4672 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
16:22:53.0472 4672 pcmcia - ok
16:22:53.0528 4672 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:22:53.0592 4672 PEAUTH - ok
16:22:53.0697 4672 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
16:22:53.0738 4672 pla - ok
16:22:53.0773 4672 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:22:53.0782 4672 PlugPlay - ok
16:22:53.0815 4672 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
16:22:53.0825 4672 PNRPAutoReg - ok
16:22:53.0857 4672 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
16:22:53.0868 4672 PNRPsvc - ok
16:22:53.0894 4672 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:22:53.0910 4672 PolicyAgent - ok
16:22:53.0947 4672 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:22:53.0957 4672 PptpMiniport - ok
16:22:53.0981 4672 [ 0E3CEF5D28B40CF273281D620C50700A ] Processor C:\Windows\system32\drivers\processr.sys
16:22:53.0989 4672 Processor - ok
16:22:54.0015 4672 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
16:22:54.0022 4672 ProfSvc - ok
16:22:54.0048 4672 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
16:22:54.0051 4672 ProtectedStorage - ok
16:22:54.0089 4672 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
16:22:54.0099 4672 PSched - ok
16:22:54.0143 4672 [ FEFFCFDC528764A04C8ED63D5FA6E711 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
16:22:54.0239 4672 PxHelp20 - ok
16:22:54.0305 4672 [ CCDAC889326317792480C0A67156A1EC ] ql2300 C:\Windows\system32\drivers\ql2300.sys
16:22:54.0354 4672 ql2300 - ok
16:22:54.0362 4672 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
16:22:54.0367 4672 ql40xx - ok
16:22:54.0402 4672 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
16:22:54.0410 4672 QWAVE - ok
16:22:54.0439 4672 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:22:54.0444 4672 QWAVEdrv - ok
16:22:54.0553 4672 [ 641449667853591A5A12CD9D0621FBA5 ] R300 C:\Windows\system32\DRIVERS\atikmdag.sys
16:22:54.0571 4672 R300 - ok
16:22:54.0608 4672 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:22:54.0613 4672 RasAcd - ok
16:22:54.0643 4672 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
16:22:54.0648 4672 RasAuto - ok
16:22:54.0700 4672 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:22:54.0707 4672 Rasl2tp - ok
16:22:54.0740 4672 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
16:22:54.0747 4672 RasMan - ok
16:22:54.0789 4672 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:22:54.0793 4672 RasPppoe - ok
16:22:54.0835 4672 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:22:54.0845 4672 RasSstp - ok
16:22:54.0879 4672 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:22:54.0893 4672 rdbss - ok
16:22:54.0915 4672 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:22:54.0919 4672 RDPCDD - ok
16:22:54.0960 4672 [ 0245418224CFA77BF4B41C2FE0622258 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
16:22:55.0053 4672 rdpdr - ok
16:22:55.0073 4672 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:22:55.0081 4672 RDPENCDD - ok
16:22:55.0116 4672 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:22:55.0309 4672 RDPWD - ok
16:22:55.0362 4672 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:22:55.0367 4672 RemoteAccess - ok
16:22:55.0396 4672 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:22:55.0401 4672 RemoteRegistry - ok
16:22:55.0476 4672 [ EBCDE8B48FADC6479D96A56D0A432160 ] RoxMediaDB9 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
16:22:55.0606 4672 RoxMediaDB9 - ok
16:22:55.0641 4672 [ AB2B1DE1C8F31EFCE2384B14B3DC4260 ] RoxWatch9 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
16:22:55.0740 4672 RoxWatch9 - ok
16:22:55.0770 4672 [ 9ED13880478F14900A5840FF048D174C ] rpcapd C:\Program Files\WinPcap\rpcapd.exe
16:22:55.0841 4672 rpcapd - ok
16:22:55.0861 4672 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
16:22:55.0863 4672 RpcLocator - ok
16:22:55.0902 4672 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
16:22:55.0909 4672 RpcSs - ok
16:22:55.0950 4672 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:22:55.0956 4672 rspndr - ok
16:22:55.0972 4672 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
16:22:55.0974 4672 SamSs - ok
16:22:56.0007 4672 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:22:56.0015 4672 sbp2port - ok
16:22:56.0057 4672 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:22:56.0062 4672 SCardSvr - ok
16:22:56.0104 4672 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
16:22:56.0139 4672 Schedule - ok
16:22:56.0178 4672 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
16:22:56.0179 4672 SCPolicySvc - ok
16:22:56.0222 4672 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:22:56.0228 4672 SDRSVC - ok
16:22:56.0257 4672 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:22:56.0272 4672 secdrv - ok
16:22:56.0310 4672 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
16:22:56.0315 4672 seclogon - ok
16:22:56.0348 4672 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
16:22:56.0368 4672 SENS - ok
16:22:56.0388 4672 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
16:22:56.0395 4672 Serenum - ok
16:22:56.0405 4672 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
16:22:56.0416 4672 Serial - ok
16:22:56.0457 4672 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
16:22:56.0462 4672 sermouse - ok
16:22:56.0501 4672 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
16:22:56.0508 4672 SessionEnv - ok
16:22:56.0515 4672 [ 103B79418DA647736EE95645F305F68A ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
16:22:56.0522 4672 sffdisk - ok
16:22:56.0529 4672 [ 8FD08A310645FE872EEEC6E08C6BF3EE ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:22:56.0538 4672 sffp_mmc - ok
16:22:56.0545 4672 [ 9CFA05FCFCB7124E69CFC812B72F9614 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
16:22:56.0551 4672 sffp_sd - ok
16:22:56.0558 4672 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
16:22:56.0566 4672 sfloppy - ok
16:22:56.0615 4672 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:22:56.0624 4672 ShellHWDetection - ok
16:22:56.0656 4672 [ 08072B2FB92477FC813271A84B3A8698 ] sisagp C:\Windows\system32\drivers\sisagp.sys
16:22:56.0760 4672 sisagp - ok
16:22:56.0766 4672 [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
16:22:56.0773 4672 SiSRaid2 - ok
16:22:56.0825 4672 [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
16:22:56.0832 4672 SiSRaid4 - ok
16:22:57.0002 4672 [ 0F97E7A47A52F4A36969F0FC319654C2 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
16:22:57.0268 4672 Skype C2C Service - ok
16:22:57.0339 4672 [ A37740568718F245E818D0C5575B9AA9 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
16:22:57.0342 4672 SkypeUpdate - ok
16:22:57.0473 4672 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
16:22:57.0579 4672 slsvc - ok
16:22:57.0618 4672 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
16:22:57.0624 4672 SLUINotify - ok
16:22:57.0671 4672 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:22:57.0676 4672 Smb - ok
16:22:57.0727 4672 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:22:57.0732 4672 SNMPTRAP - ok
16:22:57.0770 4672 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
16:22:57.0778 4672 spldr - ok
16:22:57.0820 4672 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
16:22:57.0827 4672 Spooler - ok
16:22:57.0849 4672 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
16:22:57.0993 4672 srv - ok
16:22:58.0021 4672 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:22:58.0136 4672 srv2 - ok
16:22:58.0163 4672 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:22:58.0225 4672 srvnet - ok
16:22:58.0256 4672 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:22:58.0275 4672 SSDPSRV - ok
16:22:58.0380 4672 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:22:58.0385 4672 SstpSvc - ok
16:22:58.0398 4672 Steam Client Service - ok
16:22:58.0434 4672 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
16:22:58.0447 4672 stisvc - ok
16:22:58.0495 4672 [ 51778FD315C9882F1CBD932743E62A72 ] stllssvr C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
16:22:58.0619 4672 stllssvr - ok
16:22:58.0647 4672 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
16:22:58.0652 4672 swenum - ok
16:22:58.0697 4672 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
16:22:58.0708 4672 swprv - ok
16:22:58.0736 4672 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
16:22:58.0744 4672 Symc8xx - ok
16:22:58.0771 4672 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
16:22:58.0777 4672 Sym_hi - ok
16:22:58.0804 4672 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
16:22:58.0811 4672 Sym_u3 - ok
16:22:58.0850 4672 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
16:22:58.0867 4672 SysMain - ok
16:22:58.0889 4672 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:22:58.0896 4672 TabletInputService - ok
16:22:58.0924 4672 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
16:22:58.0933 4672 TapiSrv - ok
16:22:58.0957 4672 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
16:22:58.0962 4672 TBS - ok
16:22:59.0022 4672 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:22:59.0205 4672 Tcpip - ok
16:22:59.0262 4672 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
16:22:59.0269 4672 Tcpip6 - ok
16:22:59.0300 4672 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:22:59.0306 4672 tcpipreg - ok
16:22:59.0343 4672 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:22:59.0348 4672 TDPIPE - ok
16:22:59.0394 4672 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:22:59.0400 4672 TDTCP - ok
16:22:59.0440 4672 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:22:59.0446 4672 tdx - ok
16:22:59.0748 4672 [ 2BBB318EA9F34FDC508CEA4AAB98D770 ] TeamViewer7 C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
16:22:59.0963 4672 TeamViewer7 - ok
16:23:00.0010 4672 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
16:23:00.0020 4672 TermDD - ok
16:23:00.0053 4672 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
16:23:00.0079 4672 TermService - ok
16:23:00.0097 4672 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
16:23:00.0103 4672 Themes - ok
16:23:00.0130 4672 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
16:23:00.0139 4672 THREADORDER - ok
16:23:00.0171 4672 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
16:23:00.0178 4672 TrkWks - ok
16:23:00.0224 4672 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:23:00.0226 4672 TrustedInstaller - ok
16:23:00.0261 4672 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:23:00.0270 4672 tssecsrv - ok
16:23:00.0325 4672 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
16:23:00.0332 4672 tunmp - ok
16:23:00.0353 4672 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:23:00.0363 4672 tunnel - ok
16:23:00.0417 4672 [ C3ADE15414120033A36C0F293D4A4121 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
16:23:00.0426 4672 uagp35 - ok
16:23:00.0466 4672 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:23:00.0480 4672 udfs - ok
16:23:00.0530 4672 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:23:00.0536 4672 UI0Detect - ok
16:23:00.0570 4672 [ 6D72EF05921ABDF59FC45C7EBFE7E8DD ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:23:00.0680 4672 uliagpkx - ok
16:23:00.0719 4672 [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci C:\Windows\system32\drivers\uliahci.sys
16:23:00.0732 4672 uliahci - ok
16:23:00.0763 4672 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
16:23:00.0773 4672 UlSata - ok
16:23:00.0781 4672 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
16:23:00.0790 4672 ulsata2 - ok
16:23:00.0829 4672 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
16:23:00.0837 4672 umbus - ok
16:23:00.0876 4672 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
16:23:00.0893 4672 upnphost - ok
16:23:00.0966 4672 [ 32DB9517628FF0D070682AAB61E688F0 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
16:23:00.0973 4672 usbaudio - ok
16:23:01.0018 4672 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:23:01.0025 4672 usbccgp - ok
16:23:01.0057 4672 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
16:23:01.0064 4672 usbcir - ok
16:23:01.0109 4672 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
16:23:01.0114 4672 usbehci - ok
16:23:01.0143 4672 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:23:01.0150 4672 usbhub - ok
16:23:01.0157 4672 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
16:23:01.0161 4672 usbohci - ok
16:23:01.0193 4672 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
16:23:01.0200 4672 usbprint - ok
16:23:01.0225 4672 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:23:01.0230 4672 USBSTOR - ok
16:23:01.0267 4672 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
16:23:01.0272 4672 usbuhci - ok
16:23:01.0323 4672 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
16:23:01.0329 4672 UxSms - ok
16:23:01.0384 4672 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
16:23:01.0401 4672 vds - ok
16:23:01.0443 4672 [ 7D92BE0028ECDEDEC74617009084B5EF ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:23:01.0452 4672 vga - ok
16:23:01.0494 4672 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
16:23:01.0504 4672 VgaSave - ok
16:23:01.0532 4672 [ D5929A28BDFF4367A12CAF06AF901971 ] viaagp C:\Windows\system32\drivers\viaagp.sys
16:23:01.0620 4672 viaagp - ok
16:23:01.0627 4672 [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
16:23:01.0633 4672 ViaC7 - ok
16:23:01.0671 4672 [ C0ACE9D0F5A5EE0B00F58345947A57FC ] viaide C:\Windows\system32\drivers\viaide.sys
16:23:01.0813 4672 viaide - ok
16:23:01.0844 4672 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:23:01.0851 4672 volmgr - ok
16:23:01.0903 4672 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:23:01.0911 4672 volmgrx - ok
16:23:01.0953 4672 [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:23:01.0961 4672 volsnap - ok
16:23:01.0978 4672 [ D984439746D42B30FC65A4C3546C6829 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
16:23:01.0985 4672 vsmraid - ok
16:23:02.0053 4672 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
16:23:02.0103 4672 VSS - ok
16:23:02.0156 4672 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
16:23:02.0164 4672 W32Time - ok
16:23:02.0188 4672 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
16:23:02.0191 4672 WacomPen - ok
16:23:02.0244 4672 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
16:23:02.0252 4672 Wanarp - ok
16:23:02.0256 4672 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:23:02.0263 4672 Wanarpv6 - ok
16:23:02.0302 4672 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:23:02.0311 4672 wcncsvc - ok
16:23:02.0346 4672 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:23:02.0354 4672 WcsPlugInService - ok
16:23:02.0393 4672 [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd C:\Windows\system32\drivers\wd.sys
16:23:02.0399 4672 Wd - ok
16:23:02.0442 4672 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:23:02.0458 4672 Wdf01000 - ok
16:23:02.0494 4672 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:23:02.0499 4672 WdiServiceHost - ok
16:23:02.0505 4672 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:23:02.0509 4672 WdiSystemHost - ok
16:23:02.0540 4672 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
16:23:02.0547 4672 WebClient - ok
16:23:02.0603 4672 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:23:02.0609 4672 Wecsvc - ok
16:23:02.0625 4672 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:23:02.0631 4672 wercplsupport - ok
16:23:02.0667 4672 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
16:23:02.0675 4672 WerSvc - ok
16:23:02.0685 4672 WinHttpAutoProxySvc - ok
16:23:02.0756 4672 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:23:02.0760 4672 Winmgmt - ok
16:23:02.0818 4672 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
16:23:02.0851 4672 WinRM - ok
16:23:02.0899 4672 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
16:23:02.0914 4672 Wlansvc - ok
16:23:02.0944 4672 [ 701A9F884A294327E9141D73746EE279 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
16:23:02.0951 4672 WmiAcpi - ok
16:23:02.0996 4672 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:23:02.0999 4672 wmiApSrv - ok
16:23:03.0075 4672 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
16:23:03.0095 4672 WMPNetworkSvc - ok
16:23:03.0130 4672 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:23:03.0138 4672 WPCSvc - ok
16:23:03.0177 4672 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:23:03.0184 4672 WPDBusEnum - ok
16:23:03.0220 4672 [ 0CEC23084B51B8288099EB710224E955 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
16:23:03.0229 4672 WpdUsb - ok
16:23:03.0336 4672 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
16:23:03.0371 4672 WPFFontCache_v0400 - ok
16:23:03.0406 4672 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:23:03.0411 4672 ws2ifsl - ok
16:23:03.0471 4672 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\System32\wscsvc.dll
16:23:03.0485 4672 wscsvc - ok
16:23:03.0491 4672 WSearch - ok
16:23:03.0541 4672 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:23:03.0550 4672 WUDFRd - ok
16:23:03.0576 4672 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:23:03.0590 4672 wudfsvc - ok
16:23:03.0599 4672 ================ Scan global ===============================
16:23:03.0611 4672 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
16:23:03.0655 4672 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
16:23:03.0681 4672 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
16:23:03.0723 4672 [ 329CF3C97CE4C19375C8ABCABAE258B0 ] C:\Windows\system32\services.exe
16:23:03.0740 4672 [Global] - ok
16:23:03.0740 4672 ================ Scan MBR ==================================
16:23:03.0754 4672 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
16:23:03.0996 4672 \Device\Harddisk0\DR0 - ok
16:23:03.0997 4672 ================ Scan VBR ==================================
16:23:04.0029 4672 [ D10D434E4FDC277A8C5CE59E89449D35 ] \Device\Harddisk0\DR0\Partition1
16:23:04.0031 4672 \Device\Harddisk0\DR0\Partition1 - ok
16:23:04.0035 4672 [ CE3E301C3283ABDC9833014518BFB145 ] \Device\Harddisk0\DR0\Partition2
16:23:04.0038 4672 \Device\Harddisk0\DR0\Partition2 - ok
16:23:04.0039 4672 ============================================================
16:23:04.0039 4672 Scan finished
16:23:04.0039 4672 ============================================================
16:23:04.0060 4792 Detected object count: 0
16:23:04.0060 4792 Actual detected object count: 0
16:25:09.0666 5720 Deinitialize success


That is the TDSSKiller log.


C:\Users\Grown Up\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9TMJECVH\hypercam[1].exe Win32/Somoto application cleaned by deleting - quarantined
C:\Users\Grown Up\AppData\Local\Temp\HyperCam.exe Win32/Somoto application cleaned by deleting - quarantined
C:\Users\Tom\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\GBR2CZU3\73604620[1].htm HTML/Iframe.B.Gen virus deleted - quarantined
C:\Users\Tom\AppData\Local\Temp\YontooSetup-S.exe Win32/Adware.Yontoo application cleaned by deleting - quarantined
C:\Users\Tom\AppData\Local\{D3E3664A-D83C-11E1-8270-B8AC6F996F26}\chrome\content\browser.xul JS/Redirector.NIQ trojan cleaned by deleting - quarantined




That is the ESET log.



I cannot post the aswMBR log as it corrupted.

Edited by Dragonitex, 04 September 2012 - 01:22 PM.


#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:56 PM

Posted 04 September 2012 - 01:29 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#5 Dragonitex

Dragonitex
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:02:56 AM

Posted 04 September 2012 - 01:32 PM

I got a clean MBAM scan first time, this is the mini toolbox result:


MiniToolBox by Farbar Version: 23-07-2012
Ran by Tom (administrator) on 04-09-2012 at 20:11:51
Microsoft® Windows Vista™ Home Basic Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================

Intel® 82562V-2 10/100 Network Connection = Local Area Connection (Connected)
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [19968] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/04/2012 08:11:26 PM) (Source: Application Error) (User: )
Description: Faulting application mbam.exe, version 1.62.0.87, time stamp 0x4fc6d5ba, faulting module ntdll.dll, version 6.0.6002.18541, time stamp 0x4ec3e3d5, exception code 0xc0000005, fault offset 0x00067db0,
process id 0x16b0, application start time 0xmbam.exe0.

Error: (09/04/2012 03:17:25 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Details:
AddWin32ServiceFiles: Unable to back up image of service getPlusHelper since QueryServiceConfig API failed

System Error:
The system cannot find the file specified.

Error: (09/04/2012 11:15:35 AM) (Source: EventSystem) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (09/03/2012 07:57:51 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Details:
AddWin32ServiceFiles: Unable to back up image of service getPlusHelper since QueryServiceConfig API failed

System Error:
The system cannot find the file specified.

Error: (09/03/2012 07:54:39 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Details:
AddWin32ServiceFiles: Unable to back up image of service getPlusHelper since QueryServiceConfig API failed

System Error:
The system cannot find the file specified.

Error: (09/03/2012 10:51:47 AM) (Source: Windows Search Service) (User: )
Description: The entry <C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\MCAFEE\MCAFEE INTERNET SECURITY.LNK> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (09/03/2012 10:51:47 AM) (Source: Windows Search Service) (User: )
Description: The entry <C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\MCAFEE\MCAFEE INTERNET SECURITY.LNK> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (08/30/2012 08:07:29 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 9.0.8112.16447 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: 10bc
Start Time: 01cd86a97eca40af
Termination Time: 25

Error: (08/28/2012 09:08:27 AM) (Source: Windows Search Service) (User: )
Description: The entry <C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\MCAFEE\MCAFEE INTERNET SECURITY.LNK> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (08/28/2012 09:08:27 AM) (Source: Windows Search Service) (User: )
Description: The entry <C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\MCAFEE\MCAFEE INTERNET SECURITY.LNK> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)


System errors:
=============
Error: (09/04/2012 01:30:39 PM) (Source: DCOM) (User: )
Description: {3A185DDE-E020-4985-A8F2-E27CDC4A0F3A}

Error: (09/04/2012 01:28:40 PM) (Source: WMPNetworkSvc) (User: )
Description: WMPNetworkSvc0x80070424

Error: (09/04/2012 01:14:03 PM) (Source: Service Control Manager) (User: )
Description: Computer Browser%%1060

Error: (09/04/2012 01:14:03 PM) (Source: Service Control Manager) (User: )
Description: Print SpoolerLexBce Server%%1058

Error: (09/04/2012 01:08:24 PM) (Source: DCOM) (User: )
Description: 1084McNaiAnn{395633B1-EED9-4DFC-B67F-9788B51C9F06}

Error: (09/04/2012 11:45:14 AM) (Source: DCOM) (User: )
Description: 1084SkypeUpdate/ComService{CC957078-B838-47C4-A7CF-626E7A82FC58}

Error: (09/04/2012 11:17:55 AM) (Source: DCOM) (User: )
Description: 1084McNaiAnn{DC7EF8E1-824F-4110-AB43-1604DA9B4F40}

Error: (09/04/2012 11:16:17 AM) (Source: Service Control Manager) (User: )
Description: spldr
Wanarpv6

Error: (09/04/2012 11:16:17 AM) (Source: Service Control Manager) (User: )
Description: Computer BrowserServer%%1068

Error: (09/04/2012 11:16:17 AM) (Source: Service Control Manager) (User: )
Description: Print SpoolerLexBce Server%%1058


Microsoft Office Sessions:
=========================
Error: (09/04/2012 08:11:26 PM) (Source: Application Error)(User: )
Description: mbam.exe1.62.0.874fc6d5bantdll.dll6.0.6002.185414ec3e3d5c000000500067db016b001cd8acbb96f0562

Error: (09/04/2012 03:17:25 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: Details:
AddWin32ServiceFiles: Unable to back up image of service getPlusHelper since QueryServiceConfig API failed

System Error:
The system cannot find the file specified.

Error: (09/04/2012 11:15:35 AM) (Source: EventSystem)(User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (09/03/2012 07:57:51 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: Details:
AddWin32ServiceFiles: Unable to back up image of service getPlusHelper since QueryServiceConfig API failed

System Error:
The system cannot find the file specified.

Error: (09/03/2012 07:54:39 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: Details:
AddWin32ServiceFiles: Unable to back up image of service getPlusHelper since QueryServiceConfig API failed

System Error:
The system cannot find the file specified.

Error: (09/03/2012 10:51:47 AM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\MCAFEE\MCAFEE INTERNET SECURITY.LNK

Error: (09/03/2012 10:51:47 AM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\MCAFEE\MCAFEE INTERNET SECURITY.LNK

Error: (08/30/2012 08:07:29 PM) (Source: Application Hang)(User: )
Description: iexplore.exe9.0.8112.1644710bc01cd86a97eca40af25

Error: (08/28/2012 09:08:27 AM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\MCAFEE\MCAFEE INTERNET SECURITY.LNK

Error: (08/28/2012 09:08:27 AM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\MCAFEE\MCAFEE INTERNET SECURITY.LNK


=========================== Installed Programs ============================


========================= Memory info: ===================================

Percentage of memory in use: 62%
Total physical RAM: 3069.45 MB
Available physical RAM: 1160.18 MB
Total Pagefile: 6389.17 MB
Available Pagefile: 4192.53 MB
Total Virtual: 2047.88 MB
Available Virtual: 1946.26 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:138.95 GB) (Free:1.27 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:10 GB) (Free:6.11 GB) NTFS

========================= Users: ========================================

**** End of log ****









This is the FSS log:












Farbar Service Scanner Version: 06-08-2012
Ran by Tom (administrator) on 04-09-2012 at 20:17:27
Running from

"C:\Users\Tom\AppData\Local\Microsoft\Windows\Temporary Internet

Files\Content.IE5\1K3JL8Z2"
Microsoft® Windows Vista™ Home Basic Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
The start type of MpsSvc service is OK.
The ImagePath of MpsSvc service is OK.
The ServiceDll of MpsSvc service is OK.


Firewall Disabled Policy:
==================


System Restore:
============
SDRSVC Service is not running. Checking service configuration:
The start type of SDRSVC service is OK.
The ImagePath of SDRSVC service is OK.
The ServiceDll of SDRSVC service is OK.

VSS Service is not running. Checking service configuration:
The start type of VSS service is OK.
The ImagePath of VSS service is OK.


System Restore Disabled Policy:
========================


Security Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv

registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv

registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv

registry key. The service key does not exist.

BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open BITS registry

key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open BITS

registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry

key. The service key does not exist.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend

registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend

registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend

registry key. The service key does not exist.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1

RpcSs Service is not running. Checking service configuration:
The start type of RpcSs service is OK.
The ImagePath of RpcSs service is OK.
The ServiceDll of RpcSs service is OK.


Other Services:
==============
Checking Start type of SharedAccess: ATTENTION!=====> Unable to

retrieve start type of SharedAccess. The value does not exist.
Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to

retrieve ImagePath of SharedAccess. The value does not exist.
Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to

open SharedAccess registry key. The service key does not exist.


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll
[2009-10-23 19:35] - [2008-01-19 08:34] - 0288256 ____A (Microsoft

Corporation) E1499BD0FF76B1B2FBBF1AF339D91165

C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****



And finally the adware cleaner log:

# AdwCleaner v2.000 - Logfile created 09/04/2012 at 20:30:53
# Updated 30/08/2012 by Xplode
# Operating system : Windows Vista ™ Home Basic Service Pack 2 (32 bits)
# User : Tom - KIDZ-PC
# Boot Mode : Normal
# Running from : C:\Users\Tom\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OONOCQI6\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Program Files\SweetIM
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\SweetIM
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\Users\Grown Up\AppData\LocalLow\Toolbar4
Folder Deleted : C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Folder Deleted : C:\Users\Tom\AppData\LocalLow\SweetIM
Folder Deleted : C:\Users\Tom\AppData\LocalLow\Toolbar4

***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\SweetIm
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
Key Deleted : HKLM\SOFTWARE\Classes\sim-packages
Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\Software\SweetIm
Key Deleted : HKLM\Software\Tarma Installer
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SweetIM]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Restored : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

-\\ Mozilla Firefox v15.0 (en-US)

Profile name : default
File : C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\flsqceli.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [7596 octets] - [04/09/2012 20:30:53]

########## EOF - C:\AdwCleaner[S1].txt - [7656 octets] ##########

Edited by Dragonitex, 04 September 2012 - 02:47 PM.


#6 Dragonitex

Dragonitex
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:02:56 AM

Posted 04 September 2012 - 02:51 PM

--NOTE--

After looking into my services after doing all these scans (look at first post where I went) Windows Firewall and Security Center have now appeared! Unfortunately, Security Center is having some problems :(.

If I right click on Security Center and go to properties it says the following message "Configuration Manager: The specified device instance handle does not correspond to a present device."

However upon clicking OK the properties pop up which I suppose is a good sign.

After going to Start and searching "Windows Firewall" and opening it, it is still off and I have not a clue how to turn it on. I click "Turn Windows Firewall on or off" and a pop up says "Windows Firewall settings cannot be displayed because the associated service is not running. Do you want to start the Windows Firewall service?" I click "Yes" and a pop-up says "Windows cannot start the Windows Firewall service.".


Help!

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:56 PM

Posted 04 September 2012 - 02:56 PM

Do not run any fixes on your own.

Download

Windows repair tool

Extract and launch the Repair_Windows.exe file

Click on Start repairs tab-click on Start

check mark following options alone

Reset registry permissions
reset file permissions
Repair WMI
Repair Windows Firewall.
Remove Policies Set By Infections
Repair Winsock & DNS Cache


Checkmark Restart System When Finished option
click the Start button

System should restart after repair

Post the new FSS log

download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here

#8 Dragonitex

Dragonitex
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:02:56 AM

Posted 04 September 2012 - 03:31 PM

After running the windows repair tool my firewall now works. Do I still need to run RKill?

By the way thanks <3 really really appreciated.

I'll be on tomorrow to check!

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:56 PM

Posted 04 September 2012 - 03:38 PM

Please post FSS and RKILL logs

#10 Dragonitex

Dragonitex
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:02:56 AM

Posted 04 September 2012 - 04:05 PM

-from phone- where can I find the new fss log? It did not make a new one on the desktop or replace current one.

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:56 PM

Posted 04 September 2012 - 04:33 PM

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

#12 Dragonitex

Dragonitex
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:02:56 AM

Posted 05 September 2012 - 04:47 AM

This was posted by you

"Download

Windows repair tool

Extract and launch the Repair_Windows.exe file

Click on Start repairs tab-click on Start

check mark following options alone

Reset registry permissions
reset file permissions
Repair WMI
Repair Windows Firewall.
Remove Policies Set By Infections
Repair Winsock & DNS Cache


Checkmark Restart System When Finished option
click the Start button

System should restart after repair

Post the new FSS log"




I did not get a FSS log from the windows repair tool.

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:56 PM

Posted 05 September 2012 - 08:11 AM

Check my previous instructions




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users