Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Cannot turn on firewall in McAfee Internet security


  • Please log in to reply
11 replies to this topic

#1 Dandalex

Dandalex

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:56 PM

Posted 05 September 2012 - 09:08 AM

Hello
I'm using McAfee Internet security (personal firewall version 12) on Windows 7 (SP1).
The firewall is set to off and when I try to turn it on it goes immediatly back to off.

Also, I can't turn on Windows firewall either. This message appears: Windows firewall can't change some of your settings. Error code: 0x80070424

Thank you for any help.

Edit: Moved topic from AntiVirus, Firewall and Privacy Products and Protection Methods to the more appropriate forum, at the recommendation of staff. ~ Animal

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:56 PM

Posted 05 September 2012 - 09:09 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 Dandalex

Dandalex
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:56 PM

Posted 05 September 2012 - 02:00 PM

TDSSkiller:

13:21:44.0714 6368 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
13:21:44.0951 6368 ============================================================
13:21:44.0951 6368 Current date / time: 2012/09/05 13:21:44.0951
13:21:44.0951 6368 SystemInfo:
13:21:44.0951 6368
13:21:44.0951 6368 OS Version: 6.1.7601 ServicePack: 1.0
13:21:44.0951 6368 Product type: Workstation
13:21:44.0952 6368 ComputerName: D-PC
13:21:44.0952 6368 UserName: D
13:21:44.0952 6368 Windows directory: C:\Windows
13:21:44.0952 6368 System windows directory: C:\Windows
13:21:44.0952 6368 Running under WOW64
13:21:44.0952 6368 Processor architecture: Intel x64
13:21:44.0952 6368 Number of processors: 4
13:21:44.0952 6368 Page size: 0x1000
13:21:44.0952 6368 Boot type: Normal boot
13:21:44.0952 6368 ============================================================
13:21:45.0451 6368 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:21:45.0487 6368 ============================================================
13:21:45.0487 6368 \Device\Harddisk0\DR0:
13:21:45.0488 6368 MBR partitions:
13:21:45.0488 6368 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x15C3000
13:21:45.0488 6368 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x15D7000, BlocksNum 0x7312F000
13:21:45.0488 6368 ============================================================
13:21:45.0526 6368 C: <-> \Device\Harddisk0\DR0\Partition2
13:21:45.0527 6368 ============================================================
13:21:45.0527 6368 Initialize success
13:21:45.0527 6368 ============================================================
13:22:30.0512 7144 ============================================================
13:22:30.0512 7144 Scan started
13:22:30.0512 7144 Mode: Manual; TDLFS;
13:22:30.0512 7144 ============================================================
13:22:31.0023 7144 ================ Scan system memory ========================
13:22:31.0023 7144 System memory - ok
13:22:31.0024 7144 ================ Scan services =============================
13:22:31.0188 7144 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
13:22:31.0192 7144 1394ohci - ok
13:22:31.0232 7144 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
13:22:31.0237 7144 ACPI - ok
13:22:31.0278 7144 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
13:22:31.0329 7144 AcpiPmi - ok
13:22:31.0465 7144 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:22:31.0468 7144 AdobeFlashPlayerUpdateSvc - ok
13:22:31.0505 7144 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
13:22:31.0522 7144 adp94xx - ok
13:22:31.0541 7144 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
13:22:31.0557 7144 adpahci - ok
13:22:31.0569 7144 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
13:22:31.0580 7144 adpu320 - ok
13:22:31.0600 7144 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
13:22:31.0601 7144 AeLookupSvc - ok
13:22:31.0640 7144 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
13:22:31.0692 7144 AFD - ok
13:22:31.0733 7144 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
13:22:31.0740 7144 agp440 - ok
13:22:31.0752 7144 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
13:22:31.0760 7144 ALG - ok
13:22:31.0775 7144 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
13:22:31.0782 7144 aliide - ok
13:22:31.0821 7144 [ A359974EAAC83A435497C52F62A2E590 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
13:22:31.0870 7144 AMD External Events Utility - ok
13:22:31.0873 7144 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
13:22:31.0875 7144 amdide - ok
13:22:31.0889 7144 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
13:22:31.0892 7144 AmdK8 - ok
13:22:32.0048 7144 [ 60216B0E704584DE6D5A9F59E9C34C47 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
13:22:32.0251 7144 amdkmdag - ok
13:22:32.0268 7144 [ 6B4E9261B613B047A9A145F328889968 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
13:22:32.0305 7144 amdkmdap - ok
13:22:32.0315 7144 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
13:22:32.0319 7144 AmdPPM - ok
13:22:32.0331 7144 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
13:22:32.0367 7144 amdsata - ok
13:22:32.0382 7144 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
13:22:32.0388 7144 amdsbs - ok
13:22:32.0401 7144 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
13:22:32.0401 7144 amdxata - ok
13:22:32.0436 7144 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
13:22:32.0492 7144 AppID - ok
13:22:32.0501 7144 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
13:22:32.0504 7144 AppIDSvc - ok
13:22:32.0540 7144 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
13:22:32.0542 7144 Appinfo - ok
13:22:32.0628 7144 [ 3DEBBECF665DCDDE3A95D9B902010817 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:22:32.0686 7144 Apple Mobile Device - ok
13:22:32.0697 7144 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
13:22:32.0700 7144 arc - ok
13:22:32.0715 7144 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
13:22:32.0724 7144 arcsas - ok
13:22:32.0741 7144 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
13:22:32.0749 7144 AsyncMac - ok
13:22:32.0760 7144 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
13:22:32.0763 7144 atapi - ok
13:22:32.0821 7144 [ 195786ED7A26E1913A4F9799FDBC2C71 ] athr C:\Windows\system32\DRIVERS\athrx.sys
13:22:32.0896 7144 athr - ok
13:22:32.0923 7144 [ 637E0753BD6DEB8EA5314A5C357EC1A0 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
13:22:32.0977 7144 AtiHdmiService - ok
13:22:33.0017 7144 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:22:33.0026 7144 AudioEndpointBuilder - ok
13:22:33.0040 7144 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
13:22:33.0046 7144 AudioSrv - ok
13:22:33.0090 7144 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
13:22:33.0092 7144 AxInstSV - ok
13:22:33.0112 7144 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
13:22:33.0128 7144 b06bdrv - ok
13:22:33.0141 7144 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
13:22:33.0152 7144 b57nd60a - ok
13:22:33.0161 7144 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
13:22:33.0164 7144 BDESVC - ok
13:22:33.0175 7144 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
13:22:33.0181 7144 Beep - ok
13:22:33.0188 7144 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
13:22:33.0195 7144 blbdrive - ok
13:22:33.0247 7144 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:22:33.0310 7144 Bonjour Service - ok
13:22:33.0339 7144 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
13:22:33.0340 7144 bowser - ok
13:22:33.0348 7144 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:22:33.0356 7144 BrFiltLo - ok
13:22:33.0368 7144 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:22:33.0377 7144 BrFiltUp - ok
13:22:33.0408 7144 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll
13:22:33.0411 7144 Browser - ok
13:22:33.0427 7144 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
13:22:33.0440 7144 Brserid - ok
13:22:33.0451 7144 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
13:22:33.0459 7144 BrSerWdm - ok
13:22:33.0466 7144 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
13:22:33.0472 7144 BrUsbMdm - ok
13:22:33.0477 7144 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
13:22:33.0481 7144 BrUsbSer - ok
13:22:33.0490 7144 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
13:22:33.0494 7144 BTHMODEM - ok
13:22:33.0513 7144 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
13:22:33.0514 7144 bthserv - ok
13:22:33.0529 7144 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
13:22:33.0537 7144 cdfs - ok
13:22:33.0573 7144 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
13:22:33.0633 7144 cdrom - ok
13:22:33.0669 7144 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
13:22:33.0670 7144 CertPropSvc - ok
13:22:33.0705 7144 [ ED0263B2EB24F0F4E3898036FA1D28A1 ] cfwids C:\Windows\system32\drivers\cfwids.sys
13:22:33.0759 7144 cfwids - ok
13:22:33.0774 7144 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
13:22:33.0777 7144 circlass - ok
13:22:33.0789 7144 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
13:22:33.0793 7144 CLFS - ok
13:22:33.0851 7144 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:22:33.0854 7144 clr_optimization_v2.0.50727_32 - ok
13:22:33.0893 7144 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:22:33.0896 7144 clr_optimization_v2.0.50727_64 - ok
13:22:33.0970 7144 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:22:33.0973 7144 clr_optimization_v4.0.30319_32 - ok
13:22:33.0994 7144 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:22:33.0997 7144 clr_optimization_v4.0.30319_64 - ok
13:22:34.0003 7144 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
13:22:34.0010 7144 CmBatt - ok
13:22:34.0027 7144 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
13:22:34.0033 7144 cmdide - ok
13:22:34.0068 7144 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
13:22:34.0075 7144 CNG - ok
13:22:34.0081 7144 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
13:22:34.0089 7144 Compbatt - ok
13:22:34.0128 7144 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
13:22:34.0181 7144 CompositeBus - ok
13:22:34.0183 7144 COMSysApp - ok
13:22:34.0193 7144 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
13:22:34.0195 7144 crcdisk - ok
13:22:34.0231 7144 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
13:22:34.0235 7144 CryptSvc - ok
13:22:34.0271 7144 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
13:22:34.0279 7144 DcomLaunch - ok
13:22:34.0310 7144 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
13:22:34.0316 7144 defragsvc - ok
13:22:34.0339 7144 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
13:22:34.0341 7144 DfsC - ok
13:22:34.0376 7144 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
13:22:34.0381 7144 Dhcp - ok
13:22:34.0395 7144 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
13:22:34.0400 7144 discache - ok
13:22:34.0408 7144 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
13:22:34.0410 7144 Disk - ok
13:22:34.0449 7144 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
13:22:34.0498 7144 Dnscache - ok
13:22:34.0537 7144 [ 0840ABBBDF438691EE65A20040635CBE ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
13:22:34.0575 7144 DockLoginService - ok
13:22:34.0603 7144 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
13:22:34.0649 7144 dot3svc - ok
13:22:34.0699 7144 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
13:22:34.0705 7144 Dot4 - ok
13:22:34.0736 7144 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\drivers\Dot4Prt.sys
13:22:34.0781 7144 Dot4Print - ok
13:22:34.0810 7144 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
13:22:34.0814 7144 dot4usb - ok
13:22:34.0839 7144 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
13:22:34.0843 7144 DPS - ok
13:22:34.0867 7144 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
13:22:34.0875 7144 drmkaud - ok
13:22:34.0925 7144 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
13:22:34.0996 7144 DXGKrnl - ok
13:22:35.0008 7144 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
13:22:35.0009 7144 EapHost - ok
13:22:35.0072 7144 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
13:22:35.0135 7144 ebdrv - ok
13:22:35.0149 7144 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
13:22:35.0150 7144 EFS - ok
13:22:35.0219 7144 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
13:22:35.0229 7144 ehRecvr - ok
13:22:35.0253 7144 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
13:22:35.0256 7144 ehSched - ok
13:22:35.0280 7144 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
13:22:35.0296 7144 elxstor - ok
13:22:35.0326 7144 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
13:22:35.0332 7144 ErrDev - ok
13:22:35.0360 7144 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
13:22:35.0367 7144 EventSystem - ok
13:22:35.0389 7144 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
13:22:35.0401 7144 exfat - ok
13:22:35.0415 7144 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
13:22:35.0419 7144 fastfat - ok
13:22:35.0459 7144 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
13:22:35.0469 7144 Fax - ok
13:22:35.0483 7144 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
13:22:35.0487 7144 fdc - ok
13:22:35.0498 7144 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
13:22:35.0499 7144 fdPHost - ok
13:22:35.0504 7144 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
13:22:35.0505 7144 FDResPub - ok
13:22:35.0509 7144 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
13:22:35.0510 7144 FileInfo - ok
13:22:35.0527 7144 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
13:22:35.0532 7144 Filetrace - ok
13:22:35.0568 7144 [ 8669BE94F63944E4F899C3950B520241 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
13:22:35.0646 7144 FLEXnet Licensing Service - ok
13:22:35.0658 7144 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
13:22:35.0662 7144 flpydisk - ok
13:22:35.0696 7144 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
13:22:35.0700 7144 FltMgr - ok
13:22:35.0750 7144 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
13:22:35.0773 7144 FontCache - ok
13:22:35.0823 7144 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:22:35.0888 7144 FontCache3.0.0.0 - ok
13:22:35.0903 7144 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
13:22:35.0906 7144 FsDepends - ok
13:22:35.0935 7144 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
13:22:35.0985 7144 Fs_Rec - ok
13:22:36.0023 7144 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
13:22:36.0025 7144 fvevol - ok
13:22:36.0033 7144 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
13:22:36.0038 7144 gagp30kx - ok
13:22:36.0101 7144 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:22:36.0157 7144 GEARAspiWDM - ok
13:22:36.0211 7144 [ D3316F6E3C011435F36E3D6E49B3196C ] GoToAssist C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
13:22:36.0260 7144 GoToAssist - ok
13:22:36.0300 7144 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
13:22:36.0358 7144 gpsvc - ok
13:22:36.0373 7144 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
13:22:36.0375 7144 hcw85cir - ok
13:22:36.0415 7144 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
13:22:36.0418 7144 HDAudBus - ok
13:22:36.0437 7144 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
13:22:36.0490 7144 HECIx64 - ok
13:22:36.0506 7144 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
13:22:36.0509 7144 HidBatt - ok
13:22:36.0520 7144 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
13:22:36.0524 7144 HidBth - ok
13:22:36.0527 7144 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
13:22:36.0531 7144 HidIr - ok
13:22:36.0548 7144 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
13:22:36.0550 7144 hidserv - ok
13:22:36.0574 7144 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
13:22:36.0632 7144 HidUsb - ok
13:22:36.0664 7144 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
13:22:36.0665 7144 hkmsvc - ok
13:22:36.0700 7144 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:22:36.0749 7144 HomeGroupListener - ok
13:22:36.0763 7144 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:22:36.0766 7144 HomeGroupProvider - ok
13:22:36.0782 7144 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
13:22:36.0818 7144 HpSAMD - ok
13:22:36.0852 7144 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
13:22:36.0911 7144 HTTP - ok
13:22:36.0939 7144 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
13:22:36.0939 7144 hwpolicy - ok
13:22:36.0964 7144 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
13:22:36.0975 7144 i8042prt - ok
13:22:36.0996 7144 [ 631FA8935163B01FC0C02966CB3ADB92 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
13:22:37.0001 7144 iaStor - ok
13:22:37.0053 7144 [ 7493EA4DE41348F7D3EDBF9DB298F56A ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
13:22:37.0118 7144 IAStorDataMgrSvc - ok
13:22:37.0156 7144 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
13:22:37.0213 7144 iaStorV - ok
13:22:37.0255 7144 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:22:37.0264 7144 idsvc - ok
13:22:37.0284 7144 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
13:22:37.0289 7144 iirsp - ok
13:22:37.0322 7144 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
13:22:37.0334 7144 IKEEXT - ok
13:22:37.0351 7144 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
13:22:37.0386 7144 Impcd - ok
13:22:37.0443 7144 [ EE64207F2F5C20BFE5F73DB2566C4601 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
13:22:37.0531 7144 IntcAzAudAddService - ok
13:22:37.0542 7144 [ 58CF58DEE26C909BD6F977B61D246295 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
13:22:37.0589 7144 IntcDAud - ok
13:22:37.0598 7144 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
13:22:37.0600 7144 intelide - ok
13:22:37.0615 7144 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
13:22:37.0617 7144 intelppm - ok
13:22:37.0624 7144 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
13:22:37.0626 7144 IPBusEnum - ok
13:22:37.0651 7144 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:22:37.0694 7144 IpFilterDriver - ok
13:22:37.0732 7144 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
13:22:37.0780 7144 IPMIDRV - ok
13:22:37.0793 7144 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
13:22:37.0798 7144 IPNAT - ok
13:22:37.0864 7144 [ EE4C2A137C7088911A8919EFFC9812E7 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
13:22:37.0935 7144 iPod Service - ok
13:22:37.0949 7144 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
13:22:37.0951 7144 IRENUM - ok
13:22:37.0980 7144 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
13:22:37.0984 7144 isapnp - ok
13:22:38.0015 7144 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
13:22:38.0078 7144 iScsiPrt - ok
13:22:38.0098 7144 [ 9D7EA8C7215D8D4AE7BE110EEE61085D ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
13:22:38.0138 7144 k57nd60a - ok
13:22:38.0149 7144 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
13:22:38.0154 7144 kbdclass - ok
13:22:38.0192 7144 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
13:22:38.0253 7144 kbdhid - ok
13:22:38.0264 7144 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
13:22:38.0265 7144 KeyIso - ok
13:22:38.0288 7144 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
13:22:38.0290 7144 KSecDD - ok
13:22:38.0329 7144 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
13:22:38.0331 7144 KSecPkg - ok
13:22:38.0344 7144 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
13:22:38.0350 7144 ksthunk - ok
13:22:38.0371 7144 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
13:22:38.0384 7144 KtmRm - ok
13:22:38.0422 7144 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
13:22:38.0428 7144 LanmanServer - ok
13:22:38.0460 7144 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:22:38.0464 7144 LanmanWorkstation - ok
13:22:38.0493 7144 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
13:22:38.0500 7144 lltdio - ok
13:22:38.0515 7144 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
13:22:38.0527 7144 lltdsvc - ok
13:22:38.0542 7144 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
13:22:38.0545 7144 lmhosts - ok
13:22:38.0562 7144 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
13:22:38.0569 7144 LSI_FC - ok
13:22:38.0582 7144 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
13:22:38.0587 7144 LSI_SAS - ok
13:22:38.0601 7144 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:22:38.0605 7144 LSI_SAS2 - ok
13:22:38.0621 7144 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:22:38.0628 7144 LSI_SCSI - ok
13:22:38.0644 7144 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
13:22:38.0646 7144 luafv - ok
13:22:38.0654 7144 lvpopf64 - ok
13:22:38.0677 7144 LVPr2M64 - ok
13:22:38.0722 7144 [ EF2BE2F45D4F06410A3BD2A3467325B0 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
13:22:38.0776 7144 LVRS64 - ok
13:22:38.0874 7144 [ AC22F92C6078640FE8A70D662A2F3AD5 ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
13:22:39.0014 7144 LVUVC64 - ok
13:22:39.0106 7144 [ ACB01BF1A905356AB7F978C7FE852209 ] McAfee SiteAdvisor Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
13:22:39.0110 7144 McAfee SiteAdvisor Service - ok
13:22:39.0163 7144 [ F48571922079BBAB289C57BAFEFE88F3 ] McAWFwk c:\PROGRA~1\mcafee\msc\mcawfwk.exe
13:22:39.0167 7144 McAWFwk - ok
13:22:39.0191 7144 [ ACB01BF1A905356AB7F978C7FE852209 ] McMPFSvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
13:22:39.0194 7144 McMPFSvc - ok
13:22:39.0202 7144 [ ACB01BF1A905356AB7F978C7FE852209 ] mcmscsvc C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
13:22:39.0205 7144 mcmscsvc - ok
13:22:39.0213 7144 [ ACB01BF1A905356AB7F978C7FE852209 ] McNaiAnn C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
13:22:39.0215 7144 McNaiAnn - ok
13:22:39.0238 7144 [ ACB01BF1A905356AB7F978C7FE852209 ] McNASvc C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
13:22:39.0239 7144 McNASvc - ok
13:22:39.0287 7144 [ B3914A7C97A81ACB1E9BEFE07E4C387F ] McODS C:\Program Files\mcafee\VirusScan\mcods.exe
13:22:39.0294 7144 McODS - ok
13:22:39.0302 7144 [ ACB01BF1A905356AB7F978C7FE852209 ] McOobeSv C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
13:22:39.0305 7144 McOobeSv - ok
13:22:39.0318 7144 [ ACB01BF1A905356AB7F978C7FE852209 ] McProxy C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
13:22:39.0319 7144 McProxy - ok
13:22:39.0361 7144 [ 4A463D645B48BB487CA7DF12BA5D1602 ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
13:22:39.0364 7144 McShield - ok
13:22:39.0397 7144 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
13:22:39.0447 7144 Mcx2Svc - ok
13:22:39.0456 7144 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
13:22:39.0460 7144 megasas - ok
13:22:39.0471 7144 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
13:22:39.0478 7144 MegaSR - ok
13:22:39.0511 7144 [ EF3ACFB7E3F82D5F7CDE9EF5F0A4E2E2 ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys
13:22:39.0515 7144 mfeapfk - ok
13:22:39.0546 7144 [ E7A60BDB4365B561D896019B82FB7DD0 ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
13:22:39.0604 7144 mfeavfk - ok
13:22:39.0607 7144 mfeavfk01 - ok
13:22:39.0642 7144 [ C53B7ABA204D9F7E9568EC147A1485C5 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
13:22:39.0644 7144 mfefire - ok
13:22:39.0663 7144 [ 670DFFE55E2F9AB99D9169C428BCECE9 ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
13:22:39.0728 7144 mfefirek - ok
13:22:39.0758 7144 [ 1892616B7F9291FD77C3FA0A5811FE9F ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
13:22:39.0764 7144 mfehidk - ok
13:22:39.0774 7144 [ 1721261C77F6E7A9E0CB51B7D9F31B60 ] mfenlfk C:\Windows\system32\DRIVERS\mfenlfk.sys
13:22:39.0810 7144 mfenlfk - ok
13:22:39.0832 7144 [ 65776BD8029E409935B90DE30BF99526 ] mferkdet C:\Windows\system32\drivers\mferkdet.sys
13:22:39.0834 7144 mferkdet - ok
13:22:39.0868 7144 [ 8F3B3C3625E3AAA11D6D4DB8423E1721 ] mfevtp C:\Windows\system32\mfevtps.exe
13:22:39.0872 7144 mfevtp - ok
13:22:39.0882 7144 [ 4F17D8B85B903D96EF7033BB6EF50516 ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
13:22:39.0886 7144 mfewfpk - ok
13:22:39.0949 7144 Microsoft SharePoint Workspace Audit Service - ok
13:22:39.0974 7144 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
13:22:39.0977 7144 MMCSS - ok
13:22:39.0990 7144 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
13:22:39.0995 7144 Modem - ok
13:22:40.0026 7144 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
13:22:40.0028 7144 monitor - ok
13:22:40.0044 7144 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
13:22:40.0053 7144 mouclass - ok
13:22:40.0064 7144 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
13:22:40.0071 7144 mouhid - ok
13:22:40.0119 7144 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
13:22:40.0121 7144 mountmgr - ok
13:22:40.0157 7144 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
13:22:40.0212 7144 mpio - ok
13:22:40.0227 7144 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
13:22:40.0232 7144 mpsdrv - ok
13:22:40.0265 7144 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
13:22:40.0330 7144 MRxDAV - ok
13:22:40.0357 7144 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
13:22:40.0359 7144 mrxsmb - ok
13:22:40.0394 7144 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:22:40.0398 7144 mrxsmb10 - ok
13:22:40.0413 7144 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:22:40.0416 7144 mrxsmb20 - ok
13:22:40.0447 7144 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
13:22:40.0510 7144 msahci - ok
13:22:40.0540 7144 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
13:22:40.0601 7144 msdsm - ok
13:22:40.0614 7144 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
13:22:40.0620 7144 MSDTC - ok
13:22:40.0635 7144 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
13:22:40.0636 7144 Msfs - ok
13:22:40.0641 7144 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
13:22:40.0649 7144 mshidkmdf - ok
13:22:40.0659 7144 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
13:22:40.0660 7144 msisadrv - ok
13:22:40.0685 7144 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
13:22:40.0690 7144 MSiSCSI - ok
13:22:40.0692 7144 msiserver - ok
13:22:40.0706 7144 [ ACB01BF1A905356AB7F978C7FE852209 ] MSK80Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
13:22:40.0708 7144 MSK80Service - ok
13:22:40.0733 7144 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
13:22:40.0741 7144 MSKSSRV - ok
13:22:40.0760 7144 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
13:22:40.0768 7144 MSPCLOCK - ok
13:22:40.0784 7144 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
13:22:40.0788 7144 MSPQM - ok
13:22:40.0820 7144 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
13:22:40.0825 7144 MsRPC - ok
13:22:40.0860 7144 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
13:22:40.0862 7144 mssmbios - ok
13:22:40.0877 7144 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
13:22:40.0883 7144 MSTEE - ok
13:22:40.0895 7144 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
13:22:40.0901 7144 MTConfig - ok
13:22:40.0914 7144 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
13:22:40.0915 7144 Mup - ok
13:22:40.0949 7144 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
13:22:40.0958 7144 napagent - ok
13:22:40.0982 7144 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
13:22:40.0996 7144 NativeWifiP - ok
13:22:41.0030 7144 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
13:22:41.0043 7144 NDIS - ok
13:22:41.0056 7144 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
13:22:41.0061 7144 NdisCap - ok
13:22:41.0084 7144 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
13:22:41.0087 7144 NdisTapi - ok
13:22:41.0120 7144 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
13:22:41.0170 7144 Ndisuio - ok
13:22:41.0207 7144 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
13:22:41.0258 7144 NdisWan - ok
13:22:41.0292 7144 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
13:22:41.0343 7144 NDProxy - ok
13:22:41.0351 7144 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
13:22:41.0352 7144 NetBIOS - ok
13:22:41.0385 7144 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
13:22:41.0437 7144 NetBT - ok
13:22:41.0447 7144 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
13:22:41.0448 7144 Netlogon - ok
13:22:41.0469 7144 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
13:22:41.0473 7144 Netman - ok
13:22:41.0491 7144 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
13:22:41.0499 7144 netprofm - ok
13:22:41.0520 7144 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:22:41.0525 7144 NetTcpPortSharing - ok
13:22:41.0556 7144 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
13:22:41.0562 7144 nfrd960 - ok
13:22:41.0603 7144 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
13:22:41.0609 7144 NlaSvc - ok
13:22:41.0615 7144 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
13:22:41.0616 7144 Npfs - ok
13:22:41.0624 7144 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
13:22:41.0627 7144 nsi - ok
13:22:41.0632 7144 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
13:22:41.0635 7144 nsiproxy - ok
13:22:41.0691 7144 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
13:22:41.0725 7144 Ntfs - ok
13:22:41.0753 7144 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
13:22:41.0762 7144 Null - ok
13:22:41.0819 7144 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
13:22:41.0866 7144 nvraid - ok
13:22:41.0892 7144 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
13:22:41.0948 7144 nvstor - ok
13:22:41.0969 7144 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
13:22:41.0975 7144 nv_agp - ok
13:22:42.0002 7144 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
13:22:42.0011 7144 ohci1394 - ok
13:22:42.0054 7144 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:22:42.0057 7144 ose - ok
13:22:42.0173 7144 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
13:22:42.0257 7144 osppsvc - ok
13:22:42.0289 7144 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
13:22:42.0296 7144 p2pimsvc - ok
13:22:42.0311 7144 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
13:22:42.0319 7144 p2psvc - ok
13:22:42.0333 7144 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
13:22:42.0337 7144 Parport - ok
13:22:42.0370 7144 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
13:22:42.0372 7144 partmgr - ok
13:22:42.0383 7144 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
13:22:42.0388 7144 PcaSvc - ok
13:22:42.0417 7144 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
13:22:42.0420 7144 pci - ok
13:22:42.0427 7144 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
13:22:42.0435 7144 pciide - ok
13:22:42.0446 7144 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
13:22:42.0455 7144 pcmcia - ok
13:22:42.0466 7144 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
13:22:42.0467 7144 pcw - ok
13:22:42.0485 7144 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
13:22:42.0505 7144 PEAUTH - ok
13:22:42.0584 7144 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
13:22:42.0588 7144 PerfHost - ok
13:22:42.0649 7144 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
13:22:42.0700 7144 pla - ok
13:22:42.0748 7144 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
13:22:42.0757 7144 PlugPlay - ok
13:22:42.0786 7144 [ 403F8D707515A6AAE46CCC5DBFE8408C ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
13:22:42.0837 7144 Pml Driver HPZ12 - ok
13:22:42.0858 7144 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
13:22:42.0860 7144 PNRPAutoReg - ok
13:22:42.0865 7144 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
13:22:42.0867 7144 PNRPsvc - ok
13:22:42.0883 7144 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
13:22:42.0930 7144 PolicyAgent - ok
13:22:42.0948 7144 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
13:22:42.0951 7144 Power - ok
13:22:42.0983 7144 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
13:22:43.0031 7144 PptpMiniport - ok
13:22:43.0042 7144 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
13:22:43.0045 7144 Processor - ok
13:22:43.0077 7144 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
13:22:43.0083 7144 ProfSvc - ok
13:22:43.0097 7144 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
13:22:43.0099 7144 ProtectedStorage - ok
13:22:43.0136 7144 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
13:22:43.0139 7144 Psched - ok
13:22:43.0173 7144 [ 4712CC14E720ECCCC0AA16949D18AAF1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
13:22:43.0174 7144 PxHlpa64 - ok
13:22:43.0221 7144 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
13:22:43.0275 7144 ql2300 - ok
13:22:43.0293 7144 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
13:22:43.0299 7144 ql40xx - ok
13:22:43.0315 7144 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
13:22:43.0321 7144 QWAVE - ok
13:22:43.0333 7144 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
13:22:43.0342 7144 QWAVEdrv - ok
13:22:43.0355 7144 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
13:22:43.0361 7144 RasAcd - ok
13:22:43.0367 7144 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
13:22:43.0371 7144 RasAgileVpn - ok
13:22:43.0390 7144 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
13:22:43.0401 7144 RasAuto - ok
13:22:43.0429 7144 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
13:22:43.0480 7144 Rasl2tp - ok
13:22:43.0518 7144 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
13:22:43.0564 7144 RasMan - ok
13:22:43.0575 7144 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
13:22:43.0580 7144 RasPppoe - ok
13:22:43.0586 7144 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
13:22:43.0589 7144 RasSstp - ok
13:22:43.0600 7144 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
13:22:43.0602 7144 rdbss - ok
13:22:43.0612 7144 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
13:22:43.0616 7144 rdpbus - ok
13:22:43.0627 7144 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
13:22:43.0629 7144 RDPCDD - ok
13:22:43.0642 7144 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
13:22:43.0647 7144 RDPENCDD - ok
13:22:43.0655 7144 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
13:22:43.0659 7144 RDPREFMP - ok
13:22:43.0675 7144 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
13:22:43.0710 7144 RDPWD - ok
13:22:43.0750 7144 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
13:22:43.0752 7144 rdyboost - ok
13:22:43.0776 7144 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
13:22:43.0780 7144 RemoteAccess - ok
13:22:43.0808 7144 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
13:22:43.0815 7144 RemoteRegistry - ok
13:22:43.0923 7144 [ 05FC44D32A144925EAE45570029FD6E1 ] RoxMediaDB10 c:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
13:22:43.0989 7144 RoxMediaDB10 - ok
13:22:44.0000 7144 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
13:22:44.0001 7144 RpcEptMapper - ok
13:22:44.0026 7144 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
13:22:44.0034 7144 RpcLocator - ok
13:22:44.0072 7144 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
13:22:44.0079 7144 RpcSs - ok
13:22:44.0092 7144 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
13:22:44.0098 7144 rspndr - ok
13:22:44.0103 7144 RxFilter - ok
13:22:44.0202 7144 [ A440EDBE07CEC6E8FDEB1B0F4D0C5159 ] Sage Simply Accounting Transaction Manager 2012 - CDN C:\Program Files (x86)\Winsim\TransactionManager2012 - CDN\Sage_SA.TransactionManager.exe
13:22:44.0260 7144 Sage Simply Accounting Transaction Manager 2012 - CDN - ok
13:22:44.0272 7144 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
13:22:44.0273 7144 SamSs - ok
13:22:44.0304 7144 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
13:22:44.0354 7144 sbp2port - ok
13:22:44.0365 7144 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
13:22:44.0371 7144 SCardSvr - ok
13:22:44.0395 7144 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
13:22:44.0445 7144 scfilter - ok
13:22:44.0493 7144 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
13:22:44.0519 7144 Schedule - ok
13:22:44.0553 7144 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
13:22:44.0554 7144 SCPolicySvc - ok
13:22:44.0586 7144 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
13:22:44.0591 7144 SDRSVC - ok
13:22:44.0652 7144 [ 16A252022535B680046F6E34E136D378 ] SeaPort C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
13:22:44.0656 7144 SeaPort - ok
13:22:44.0681 7144 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
13:22:44.0686 7144 secdrv - ok
13:22:44.0719 7144 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
13:22:44.0763 7144 seclogon - ok
13:22:44.0780 7144 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
13:22:44.0781 7144 SENS - ok
13:22:44.0784 7144 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
13:22:44.0786 7144 SensrSvc - ok
13:22:44.0806 7144 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
13:22:44.0810 7144 Serenum - ok
13:22:44.0827 7144 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
13:22:44.0832 7144 Serial - ok
13:22:44.0870 7144 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
13:22:44.0875 7144 sermouse - ok
13:22:44.0918 7144 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
13:22:44.0923 7144 SessionEnv - ok
13:22:44.0934 7144 SessionLauncher - ok
13:22:44.0959 7144 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
13:22:44.0966 7144 sffdisk - ok
13:22:44.0980 7144 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
13:22:44.0987 7144 sffp_mmc - ok
13:22:44.0997 7144 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
13:22:45.0042 7144 sffp_sd - ok
13:22:45.0051 7144 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
13:22:45.0054 7144 sfloppy - ok
13:22:45.0100 7144 [ CF53DCCE55E500F51089774E851E7363 ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
13:22:45.0192 7144 SftService - ok
13:22:45.0212 7144 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:22:45.0216 7144 ShellHWDetection - ok
13:22:45.0262 7144 [ 8D758AD6E7B3379B55B09F2CFAD2E3EA ] Simply Accounting Database Connection Manager C:\Program Files (x86)\Winsim\ConnectionManager\SimplyConnectionManager.exe
13:22:45.0314 7144 Simply Accounting Database Connection Manager - ok
13:22:45.0336 7144 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:22:45.0340 7144 SiSRaid2 - ok
13:22:45.0347 7144 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
13:22:45.0355 7144 SiSRaid4 - ok
13:22:45.0398 7144 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
13:22:49.0661 7144 SkypeUpdate - ok
13:22:49.0674 7144 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
13:22:49.0679 7144 Smb - ok
13:22:49.0693 7144 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
13:22:49.0700 7144 SNMPTRAP - ok
13:22:49.0728 7144 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
13:22:49.0729 7144 spldr - ok
13:22:49.0742 7144 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
13:22:49.0752 7144 Spooler - ok
13:22:49.0835 7144 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
13:22:49.0900 7144 sppsvc - ok
13:22:49.0916 7144 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
13:22:49.0918 7144 sppuinotify - ok
13:22:49.0945 7144 [ D630B6F2E8379B6F10DC16E82A426552 ] sprtsvc_DellSupportCenter C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
13:22:50.0016 7144 sprtsvc_DellSupportCenter - ok
13:22:50.0053 7144 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
13:22:50.0057 7144 srv - ok
13:22:50.0077 7144 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
13:22:50.0083 7144 srv2 - ok
13:22:50.0097 7144 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
13:22:50.0099 7144 srvnet - ok
13:22:50.0114 7144 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
13:22:50.0119 7144 SSDPSRV - ok
13:22:50.0133 7144 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
13:22:50.0142 7144 SstpSvc - ok
13:22:50.0153 7144 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
13:22:50.0158 7144 stexstor - ok
13:22:50.0196 7144 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
13:22:50.0207 7144 stisvc - ok
13:22:50.0254 7144 [ FF5EB78AF7DFB68C2FB363537AAF753E ] stllssvr c:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
13:22:50.0320 7144 stllssvr - ok
13:22:50.0335 7144 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
13:22:50.0338 7144 swenum - ok
13:22:50.0365 7144 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
13:22:50.0375 7144 swprv - ok
13:22:50.0432 7144 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
13:22:50.0458 7144 SysMain - ok
13:22:50.0488 7144 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:22:50.0492 7144 TabletInputService - ok
13:22:50.0511 7144 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
13:22:50.0516 7144 TapiSrv - ok
13:22:50.0541 7144 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
13:22:50.0543 7144 TBS - ok
13:22:50.0596 7144 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
13:22:50.0627 7144 Tcpip - ok
13:22:50.0663 7144 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
13:22:50.0680 7144 TCPIP6 - ok
13:22:50.0712 7144 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
13:22:50.0763 7144 tcpipreg - ok
13:22:50.0772 7144 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
13:22:50.0776 7144 TDPIPE - ok
13:22:50.0806 7144 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
13:22:50.0857 7144 TDTCP - ok
13:22:50.0888 7144 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
13:22:50.0941 7144 tdx - ok
13:22:50.0951 7144 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
13:22:50.0979 7144 TermDD - ok
13:22:51.0016 7144 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
13:22:51.0026 7144 TermService - ok
13:22:51.0037 7144 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
13:22:51.0040 7144 Themes - ok
13:22:51.0065 7144 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
13:22:51.0067 7144 THREADORDER - ok
13:22:51.0074 7144 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
13:22:51.0081 7144 TrkWks - ok
13:22:51.0135 7144 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:22:51.0139 7144 TrustedInstaller - ok
13:22:51.0168 7144 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
13:22:51.0218 7144 tssecsrv - ok
13:22:51.0236 7144 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
13:22:51.0270 7144 TsUsbFlt - ok
13:22:51.0318 7144 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
13:22:51.0367 7144 tunnel - ok
13:22:51.0382 7144 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
13:22:51.0386 7144 uagp35 - ok
13:22:51.0409 7144 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
13:22:51.0461 7144 udfs - ok
13:22:51.0477 7144 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
13:22:51.0482 7144 UI0Detect - ok
13:22:51.0497 7144 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
13:22:51.0503 7144 uliagpkx - ok
13:22:51.0545 7144 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
13:22:51.0604 7144 umbus - ok
13:22:51.0618 7144 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
13:22:51.0620 7144 UmPass - ok
13:22:51.0639 7144 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
13:22:51.0643 7144 upnphost - ok
13:22:51.0676 7144 [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
13:22:51.0727 7144 USBAAPL64 - ok
13:22:51.0765 7144 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
13:22:51.0816 7144 usbaudio - ok
13:22:51.0828 7144 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
13:22:51.0862 7144 usbccgp - ok
13:22:51.0895 7144 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
13:22:51.0903 7144 usbcir - ok
13:22:51.0923 7144 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
13:22:51.0970 7144 usbehci - ok
13:22:51.0998 7144 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
13:22:52.0053 7144 usbhub - ok
13:22:52.0062 7144 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
13:22:52.0097 7144 usbohci - ok
13:22:52.0106 7144 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
13:22:52.0108 7144 usbprint - ok
13:22:52.0121 7144 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:22:52.0173 7144 USBSTOR - ok
13:22:52.0184 7144 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
13:22:52.0218 7144 usbuhci - ok
13:22:52.0222 7144 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
13:22:52.0224 7144 UxSms - ok
13:22:52.0228 7144 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
13:22:52.0229 7144 VaultSvc - ok
13:22:52.0241 7144 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
13:22:52.0242 7144 vdrvroot - ok
13:22:52.0259 7144 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
13:22:52.0265 7144 vds - ok
13:22:52.0280 7144 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
13:22:52.0285 7144 vga - ok
13:22:52.0303 7144 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
13:22:52.0311 7144 VgaSave - ok
13:22:52.0334 7144 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
13:22:52.0390 7144 vhdmp - ok
13:22:52.0398 7144 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
13:22:52.0401 7144 viaide - ok
13:22:52.0412 7144 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
13:22:52.0413 7144 volmgr - ok
13:22:52.0448 7144 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
13:22:52.0454 7144 volmgrx - ok
13:22:52.0467 7144 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
13:22:52.0472 7144 volsnap - ok
13:22:52.0491 7144 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
13:22:52.0501 7144 vsmraid - ok
13:22:52.0558 7144 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
13:22:52.0592 7144 VSS - ok
13:22:52.0605 7144 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
13:22:52.0609 7144 vwifibus - ok
13:22:52.0615 7144 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
13:22:52.0619 7144 vwififlt - ok
13:22:52.0650 7144 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
13:22:52.0658 7144 W32Time - ok
13:22:52.0675 7144 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
13:22:52.0681 7144 WacomPen - ok
13:22:52.0707 7144 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
13:22:52.0752 7144 WANARP - ok
13:22:52.0755 7144 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
13:22:52.0756 7144 Wanarpv6 - ok
13:22:52.0817 7144 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
13:22:52.0882 7144 WatAdminSvc - ok
13:22:52.0952 7144 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
13:22:53.0021 7144 wbengine - ok
13:22:53.0030 7144 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
13:22:53.0037 7144 WbioSrvc - ok
13:22:53.0077 7144 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
13:22:53.0085 7144 wcncsvc - ok
13:22:53.0097 7144 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:22:53.0100 7144 WcsPlugInService - ok
13:22:53.0104 7144 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
13:22:53.0110 7144 Wd - ok
13:22:53.0130 7144 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
13:22:53.0137 7144 Wdf01000 - ok
13:22:53.0148 7144 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
13:22:53.0151 7144 WdiServiceHost - ok
13:22:53.0155 7144 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
13:22:53.0157 7144 WdiSystemHost - ok
13:22:53.0193 7144 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
13:22:53.0198 7144 WebClient - ok
13:22:53.0204 7144 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
13:22:53.0215 7144 Wecsvc - ok
13:22:53.0228 7144 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
13:22:53.0231 7144 wercplsupport - ok
13:22:53.0247 7144 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
13:22:53.0249 7144 WerSvc - ok
13:22:53.0258 7144 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
13:22:53.0260 7144 WfpLwf - ok
13:22:53.0285 7144 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
13:22:53.0321 7144 WimFltr - ok
13:22:53.0340 7144 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
13:22:53.0343 7144 WIMMount - ok
13:22:53.0346 7144 WinHttpAutoProxySvc - ok
13:22:53.0377 7144 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
13:22:53.0380 7144 Winmgmt - ok
13:22:53.0540 7144 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
13:22:53.0587 7144 WinRM - ok
13:22:53.0747 7144 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
13:22:53.0749 7144 WinUsb - ok
13:22:53.0968 7144 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
13:22:53.0977 7144 Wlansvc - ok
13:22:54.0018 7144 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
13:22:54.0025 7144 WmiAcpi - ok
13:22:54.0043 7144 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
13:22:54.0053 7144 wmiApSrv - ok
13:22:54.0095 7144 WMPNetworkSvc - ok
13:22:54.0115 7144 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
13:22:54.0123 7144 WPCSvc - ok
13:22:54.0163 7144 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
13:22:54.0168 7144 WPDBusEnum - ok
13:22:54.0184 7144 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
13:22:54.0189 7144 ws2ifsl - ok
13:22:54.0195 7144 WSearch - ok
13:22:54.0235 7144 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
13:22:54.0280 7144 WudfPf - ok
13:22:54.0292 7144 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
13:22:54.0326 7144 WUDFRd - ok
13:22:54.0351 7144 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
13:22:54.0354 7144 wudfsvc - ok
13:22:54.0365 7144 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
13:22:54.0369 7144 WwanSvc - ok
13:22:54.0449 7144 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
13:22:54.0542 7144 YahooAUService - ok
13:22:54.0573 7144 [ 74983ADDCA2D9618512C088D856D6615 ] {1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7} C:\Program Files (x86)\CyberLink\PowerDVD DX\000.fcl
13:22:54.0632 7144 {1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7} - ok
13:22:54.0640 7144 ================ Scan global ===============================
13:22:54.0658 7144 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
13:22:54.0689 7144 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
13:22:54.0738 7144 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
13:22:54.0761 7144 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
13:22:54.0796 7144 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
13:22:54.0801 7144 [Global] - ok
13:22:54.0801 7144 ================ Scan MBR ==================================
13:22:54.0816 7144 [ CDB4DE4BBD714F152979DA2DCBEF57EB ] \Device\Harddisk0\DR0
13:22:55.0154 7144 \Device\Harddisk0\DR0 - ok
13:22:55.0154 7144 ================ Scan VBR ==================================
13:22:55.0158 7144 [ F06057123F73E75AC0BB27438C5E76CD ] \Device\Harddisk0\DR0\Partition1
13:22:55.0160 7144 \Device\Harddisk0\DR0\Partition1 - ok
13:22:55.0164 7144 [ 470F3A693B262792F537F5F79FA8E672 ] \Device\Harddisk0\DR0\Partition2
13:22:55.0167 7144 \Device\Harddisk0\DR0\Partition2 - ok
13:22:55.0168 7144 ============================================================
13:22:55.0168 7144 Scan finished
13:22:55.0168 7144 ============================================================
13:22:55.0183 4500 Detected object count: 0
13:22:55.0183 4500 Actual detected object count: 0


aswMBR:

I did the required steps but in the middle of the scan I get this message:
Avast!antorootkit has stopped working
I tried it twice, same message.


ESET online scanner:

No threats were found.

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:56 PM

Posted 05 September 2012 - 02:05 PM

Boot into safemode with networking and run the ASWMBR scan

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#5 Dandalex

Dandalex
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:56 PM

Posted 05 September 2012 - 04:09 PM

1) ASWMBR in safe mode


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-05 15:15:02
-----------------------------
15:15:02.019 OS Version: Windows x64 6.1.7601 Service Pack 1
15:15:02.019 Number of processors: 4 586 0x1E05
15:15:02.019 ComputerName: D-PC UserName: D
15:15:03.361 Initialze error C0000061 - driver not loaded
15:15:11.457 AVAST engine defs: 12090501
15:15:12.580 Service scanning
15:15:26.948 Modules scanning
15:15:26.948 Disk 0 trace - called modules:
15:15:26.948
15:15:28.539 AVAST engine scan C:\Windows
15:15:30.957 AVAST engine scan C:\Windows\system32
15:17:48.315 AVAST engine scan C:\Windows\system32\drivers
15:17:56.583 AVAST engine scan C:\Users\D
15:25:59.139 AVAST engine scan C:\ProgramData
15:36:59.753 Scan finished successfully
15:57:14.403 The log file has been saved successfully to "C:\Users\D\Desktop\aswMBR.txt"


2) MBAM in safe mode

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.09.05.10

Windows 7 Service Pack 1 x64 NTFS (Safe Mode/Networking)
Internet Explorer 9.0.8112.16421
D :: D-PC [administrator]

05/09/2012 4:08:20 PM
mbam-log-2012-09-05 (16-08-20).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 397337
Time elapsed: 36 minute(s), 26 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

3) minitoolbox

MiniToolBox by Farbar Version: 23-07-2012
Ran by D (administrator) on 05-09-2012 at 16:49:18
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================


127.0.0.1 support.intuitcanada.com
127.0.0.1 localhost
127.0.0.1 globalcommunities.intuit.com
127.0.0.1 activation.quicken.ca
127.0.0.1 activation.fr.quicken.ca
127.0.0.1 activation.intuit.ca
127.0.0.1 activation.quicken.ca
127.0.0.1 activation.fr.quicken.ca
127.0.0.1 activation.quicktax.ca
127.0.0.1 docs.quicktaxweb.ca
127.0.0.1 ps.intuitcanada.com
127.0.0.1 support.intuitcanada.com

========================= IP Configuration: ================================

Broadcom NetLink ™ Gigabit Ethernet = Local Area Connection (Connected)
DW1525 (802.11n) WLAN PCIe Card = Wireless Network Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add route prefix=169.254.0.0/16 interface="iftype0_0" nexthop=192.168.2.13 metric=1 publish=Yes


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : D-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : DW1525 (802.11n) WLAN PCIe Card
Physical Address. . . . . . . . . : 5C-AC-4C-55-81-08
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet
Physical Address. . . . . . . . . : 84-2B-2B-A5-EC-A6
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::556c:d990:5803:269%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.105(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : September-05-12 4:48:16 PM
Lease Expires . . . . . . . . . . : September-06-12 4:48:15 PM
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 243542827
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-47-F3-79-84-2B-2B-A5-EC-A6
DNS Servers . . . . . . . . . . . : 192.168.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{4F7F350D-4F99-4504-B728-D18D930BA532}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{68DF9AEE-AB1E-4E64-9AE2-6486AA284A96}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 192.168.0.1

Name: google.com
Addresses: 2607:f8b0:4004:802::1006
74.125.228.73
74.125.228.72
74.125.228.68
74.125.228.71
74.125.228.65
74.125.228.66
74.125.228.64
74.125.228.69
74.125.228.70
74.125.228.67
74.125.228.78


Pinging google.com [74.125.228.78] with 32 bytes of data:
Reply from 74.125.228.78: bytes=32 time=29ms TTL=53
Reply from 74.125.228.78: bytes=32 time=23ms TTL=53

Ping statistics for 74.125.228.78:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 23ms, Maximum = 29ms, Average = 26ms
Server: UnKnown
Address: 192.168.0.1

Name: yahoo.com
Addresses: 98.139.183.24
72.30.38.140
98.138.253.109


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=46ms TTL=52
Reply from 98.138.253.109: bytes=32 time=48ms TTL=52

Ping statistics for 98.138.253.109:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 46ms, Maximum = 48ms, Average = 47ms
Server: UnKnown
Address: 192.168.0.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
12...5c ac 4c 55 81 08 ......DW1525 (802.11n) WLAN PCIe Card
10...84 2b 2b a5 ec a6 ......Broadcom NetLink ™ Gigabit Ethernet
1...........................Software Loopback Interface 1
11...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
13...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
15...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.105 10
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
169.254.0.0 255.255.0.0 On-link 192.168.0.105 306
169.254.255.255 255.255.255.255 On-link 192.168.0.105 266
192.168.0.0 255.255.255.0 On-link 192.168.0.105 266
192.168.0.105 255.255.255.255 On-link 192.168.0.105 266
192.168.0.255 255.255.255.255 On-link 192.168.0.105 266
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.105 266
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.105 266
===========================================================================
Persistent Routes:
Network Address Netmask Gateway Address Metric
169.254.0.0 255.255.0.0 192.168.2.13 1
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
10 266 fe80::/64 On-link
10 266 fe80::556c:d990:5803:269/128
On-link
1 306 ff00::/8 On-link
10 266 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/05/2012 04:47:07 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1".Error in manifest or policy file "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" on line WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Please use sxstrace.exe for detailed diagnosis.

Error: (09/05/2012 04:47:07 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1".Error in manifest or policy file "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" on line WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Please use sxstrace.exe for detailed diagnosis.

Error: (09/05/2012 04:06:06 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1".Error in manifest or policy file "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" on line WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Please use sxstrace.exe for detailed diagnosis.

Error: (09/05/2012 04:02:42 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1".Error in manifest or policy file "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" on line WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Please use sxstrace.exe for detailed diagnosis.

Error: (09/05/2012 04:02:42 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1".Error in manifest or policy file "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" on line WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Please use sxstrace.exe for detailed diagnosis.

Error: (09/05/2012 03:57:34 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1".Error in manifest or policy file "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" on line WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Please use sxstrace.exe for detailed diagnosis.

Error: (09/05/2012 03:57:34 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1".Error in manifest or policy file "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" on line WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Please use sxstrace.exe for detailed diagnosis.

Error: (09/05/2012 03:11:13 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1".Error in manifest or policy file "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" on line WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Please use sxstrace.exe for detailed diagnosis.

Error: (09/05/2012 02:13:07 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1".Error in manifest or policy file "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" on line WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Please use sxstrace.exe for detailed diagnosis.

Error: (09/05/2012 01:36:16 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (09/05/2012 04:48:31 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (09/05/2012 04:48:31 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (09/05/2012 04:48:19 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
RxFilter

Error: (09/05/2012 04:48:19 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (09/05/2012 04:48:16 PM) (Source: Service Control Manager) (User: )
Description: The SessionLauncher service failed to start due to the following error:
%%2

Error: (09/05/2012 04:48:16 PM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

Error: (09/05/2012 04:48:16 PM) (Source: Service Control Manager) (User: )
Description: The McAfee Personal Firewall Service service depends the following service: MpsSvc. This service might not be installed.

Error: (09/05/2012 04:48:16 PM) (Source: Service Control Manager) (User: )
Description: The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

Error: (09/05/2012 04:11:09 PM) (Source: DCOM) (User: )
Description: 1084McNaiAnn{DC7EF8E1-824F-4110-AB43-1604DA9B4F40}

Error: (09/05/2012 04:07:14 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1068


Microsoft Office Sessions:
=========================
Error: (09/05/2012 04:47:07 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8

Error: (09/05/2012 04:47:07 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8

Error: (09/05/2012 04:06:06 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8

Error: (09/05/2012 04:02:42 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8

Error: (09/05/2012 04:02:42 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8

Error: (09/05/2012 03:57:34 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8

Error: (09/05/2012 03:57:34 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8

Error: (09/05/2012 03:11:13 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8

Error: (09/05/2012 02:13:07 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8

Error: (09/05/2012 01:36:16 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Downloads\Eset online scanner\esetsmartinstaller_enu.exe


=========================== Installed Programs ============================

Adobe Flash Player 11 ActiveX (Version: 11.3.300.271)
Adobe Flash Player 11 Plugin (Version: 11.3.300.271)
Adobe Reader 9.5.2 (Version: 9.5.2)
Apple Application Support (Version: 2.1.6)
Apple Mobile Device Support (Version: 4.0.0.97)
Apple Software Update (Version: 2.1.3.127)
ATI Catalyst Control Center (Version: 2.010.0517.1741)
Bonjour (Version: 3.0.0.10)
Camera Window (Version: 4.6.2)
Canon Camera Support Core Library (Version: 7.0.3.20)
Canon Camera Window for ZoomBrowser EX (Version: 4.6.2)
Canon Easy-PhotoPrint EX
Canon Easy-WebPrint EX
Canon IJ Network Scanner Selector EX
Canon IJ Network Tool
Canon MovieEdit Task for ZoomBrowser EX (Version: 1.1.1.41)
Canon MP Navigator EX 4.1
Canon MX880 series MP Drivers
Canon My Printer
Canon PhotoRecord (Version: 02.01.00069)
Canon RAW Image Task for ZoomBrowser EX (Version: 1.1)
Canon RemoteCapture Task for ZoomBrowser EX (Version: 1.0.3)
Canon Solution Menu EX
Canon Speed Dial Utility
Canon Utilities PhotoStitch 3.1 (Version: 3.1.13)
Canon Utilities ZoomBrowser EX (Version: 04.06.01035)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2010.0517.1742.29870)
Catalyst Control Center Graphics Previews Vista (Version: 2010.0517.1742.29870)
Catalyst Control Center InstallProxy (Version: 2010.0517.1742.29870)
Catalyst Control Center Localization All (Version: 2010.0517.1742.29870)
ccc-core-static (Version: 2010.0517.1742.29870)
ccc-utility64 (Version: 2010.0517.1742.29870)
CCC Help Chinese Standard (Version: 2010.0517.1741.29870)
CCC Help Chinese Traditional (Version: 2010.0517.1741.29870)
CCC Help Czech (Version: 2010.0517.1741.29870)
CCC Help Danish (Version: 2010.0517.1741.29870)
CCC Help Dutch (Version: 2010.0517.1741.29870)
CCC Help English (Version: 2010.0517.1741.29870)
CCC Help Finnish (Version: 2010.0517.1741.29870)
CCC Help French (Version: 2010.0517.1741.29870)
CCC Help German (Version: 2010.0517.1741.29870)
CCC Help Greek (Version: 2010.0517.1741.29870)
CCC Help Hungarian (Version: 2010.0517.1741.29870)
CCC Help Italian (Version: 2010.0517.1741.29870)
CCC Help Japanese (Version: 2010.0517.1741.29870)
CCC Help Korean (Version: 2010.0517.1741.29870)
CCC Help Norwegian (Version: 2010.0517.1741.29870)
CCC Help Polish (Version: 2010.0517.1741.29870)
CCC Help Portuguese (Version: 2010.0517.1741.29870)
CCC Help Russian (Version: 2010.0517.1741.29870)
CCC Help Spanish (Version: 2010.0517.1741.29870)
CCC Help Swedish (Version: 2010.0517.1741.29870)
CCC Help Thai (Version: 2010.0517.1741.29870)
CCC Help Turkish (Version: 2010.0517.1741.29870)
CCleaner (Version: 3.15)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell DataSafe Local Backup - Support Software
Dell DataSafe Local Backup (Version: 9.4.40)
Dell Dock (Version: 2.0)
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell Support Center (Support Software) (Version: 2.5.09100)
DirectXInstallService (Version: 9.0.2)
EMC 10 Content (Version: 1.0.035)
EMCGadgets64 (Version: 1.0.302)
ESET Online Scanner v3
GoToAssist 8.0.0.514
ImpôtRapide 2010 (Version: 1.00.0000)
ImpôtRapide 2011 (Version: 1.00.0000)
Intel® Control Center (Version: 1.2.0.1006)
Intel® Rapid Storage Technology (Version: 9.5.0.1037)
iTunes (Version: 10.5.3.3)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 20 (64-bit) (Version: 6.0.200)
Java™ 6 Update 30 (Version: 6.0.300)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
McAfee Internet Security (Version: 11.0.654)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Professionnel Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Arabic) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Dutch) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (French) 2010 (Version: 14.0.6029.1000)
Microsoft Search Enhancement Pack (Version: 3.0.133.0)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
MovieEdit Task (Version: 1.1.1.41)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Multimedia Card Reader (Version: 1.4.915.1)
MySQL Connector/ODBC 3.51 (Version: 3.51.19)
PhotoStitch (Version: 3.1.13)
PowerDVD DX (Version: 8.3.6029)
QuickTime (Version: 7.71.80.42)
RAW Image Task 1.1 (Version: 1.1)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer (Version: 15.0.4)
Realtek High Definition Audio Driver (Version: 6.0.1.5953)
RealUpgrade 1.1 (Version: 1.1.0)
RemoteCapture Task 1.0.3 (Version: 1.0.3)
Roxio Activation Module (Version: 1.0)
Roxio BackOnTrack (Version: 1.3.0)
Roxio Central Audio (Version: 3.8.0)
Roxio Central Copy (Version: 3.8.0)
Roxio Central Core (Version: 3.8.0)
Roxio Central Data (Version: 3.8.0)
Roxio Central Tools (Version: 3.8.0)
Roxio Easy CD and DVD Burning (Version: 10.3)
Roxio Easy CD and DVD Burning (Version: 10.3.106)
Roxio Express Labeler 3 (Version: 3.2.1)
Roxio File Backup (Version: 1.3.0)
Roxio Update Manager (Version: 6.0.0)
Sage Simple Comptable 2012 (Version: 19.00.4002)
Sage Simply Accounting 2012 (Version: 19.00.4002)
Skins (Version: 2010.0517.1742.29870)
Skype™ 5.10 (Version: 5.10.116)
Sonic CinePlayer Decoder Pack (Version: 4.3.0)
Spelling Dictionaries Support For Adobe Reader 9 (Version: 9.0.0)
System Requirements Lab
THX TruStudio PC (Version: 1.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
VD64Inst (Version: 1.00.0000)
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live Messenger (Version: 14.0.8117.0416)
Windows Live Movie Maker (Version: 14.0.8117.0416)
Windows Live Photo Gallery (Version: 14.0.8117.416)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Movie Maker 2.6 (Version: 2.6.4037.0)
WinRAR 4.10 (32-bit) (Version: 4.10.0)
Yahoo! Messenger
Yahoo! Software Update

========================= Memory info: ===================================

Percentage of memory in use: 18%
Total physical RAM: 8151.08 MB
Available physical RAM: 6656.19 MB
Total Pagefile: 16300.35 MB
Available Pagefile: 14532.38 MB
Total Virtual: 4095.88 MB
Available Virtual: 3960.52 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:920.59 GB) (Free:793.4 GB) NTFS

========================= Users: ========================================

User accounts for \\D-PC

Administrator D Guest


**** End of log ****

4) FSS

Farbar Service Scanner Version: 06-08-2012
Ran by D (administrator) on 05-09-2012 at 16:52:08
Running from "C:\Downloads\FSS"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.

BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============
Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.
Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist.
Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to retrieve ServiceDll of SharedAccess. The value does not exist.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

5) adaware

# AdwCleaner v2.000 - Logfile created 09/05/2012 at 17:04:32
# Updated 30/08/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : D - D-PC
# Boot Mode : Normal
# Running from : C:\Downloads\Adaware\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\ProgramData\InstallMate

***** [Registry] *****

Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Restored : [HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

*************************

AdwCleaner[S2].txt - [1336 octets] - [05/09/2012 17:04:32]

########## EOF - C:\AdwCleaner[S2].txt - [1396 octets] ##########

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:56 PM

Posted 05 September 2012 - 05:05 PM

Please run MBAM in normal mode and post the log

Run the services repair tool

http://kb.eset.com/library/ESET/KB%20Team%20Only/Malware/ServicesRepair.exe

Post the new FSS log

download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here

#7 Dandalex

Dandalex
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:56 PM

Posted 05 September 2012 - 07:40 PM

1) MBAM in normal mode

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.09.05.10

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
D :: D-PC [administrator]

05/09/2012 6:58:57 PM
mbam-log-2012-09-05 (18-58-57).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 396696
Time elapsed: 1 hour(s), 20 minute(s), 53 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

2) Services repair tool:done

3) FSS

Farbar Service Scanner Version: 06-08-2012
Ran by D (administrator) on 05-09-2012 at 20:36:22
Running from "C:\Downloads\FSS"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

4) rkill
Rkill 2.3.6 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 09/05/2012 08:38:34 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop.

* No malware services found to stop.

Checking for processes to terminate.

* No malware processes found to kill.

Checking Registry for malware related settings.

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\D\Desktop\rkill\rkill-09-05-2012-08-38-39.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks.

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

* ALERT: ZEROACCESS rootkit symptoms found!

* HKEY_CLASSES_ROOT\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InprocServer32 [ZA Reg Hijack]
* C:\Users\D\AppData\Local\{df905bf7-f6f7-5f14-781a-9326eae3eb43}\ [ZA Dir]
* C:\Users\D\AppData\Local\{df905bf7-f6f7-5f14-781a-9326eae3eb43}\@ [ZA File]
* C:\Users\D\AppData\Local\{df905bf7-f6f7-5f14-781a-9326eae3eb43}\L\ [ZA Dir]
* C:\Users\D\AppData\Local\{df905bf7-f6f7-5f14-781a-9326eae3eb43}\U\ [ZA Dir]
* C:\Windows\installer\{df905bf7-f6f7-5f14-781a-9326eae3eb43}\ [ZA Dir]
* C:\Windows\installer\{df905bf7-f6f7-5f14-781a-9326eae3eb43}\@ [ZA File]
* C:\Windows\installer\{df905bf7-f6f7-5f14-781a-9326eae3eb43}\L\ [ZA Dir]
* C:\Windows\installer\{df905bf7-f6f7-5f14-781a-9326eae3eb43}\U\ [ZA Dir]

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

* AppMgmt [Missing Service]
* CscService [Missing Service]
* PeerDistSvc [Missing Service]
* UmRdpService [Missing Service]

* atapi => \SystemRoot\system32\drivers\atapi.sys [Incorrect ImagePath]

Searching for Missing Digital Signatures:

* No issues found.

Program finished at: 09/05/2012 08:38:49 PM
Execution time: 0 hours(s), 0 minute(s), and 14 seconds(s)

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:56 PM

Posted 05 September 2012 - 07:45 PM

Press Windows+R key and type

notepad and click ok

Copy this script
Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
@=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,\
  00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,00,68,00,\
  65,00,6c,00,6c,00,33,00,32,00,2e,00,64,00,6c,00,6c,00,00,00
"ThreadingModel"="Apartment"

Click on FILE-SAVE AS

Filename:fix.reg
Save as :All files

Launch the FIX.REG

Click YES when you receive a prompt

Open your C drive

On top,click on Organize-folder and search options

Click on View tab and scroll down

Check mark Show hidden files
Uncheck Hide operating system files


Click ok,now go to

C:\Users\D\AppData\Local\{df905bf7-f6f7-5f14-781a-9326eae3eb43}
C:\Windows\installer\{df905bf7-f6f7-5f14-781a-9326eae3eb43}

delete the folders

Run RKILL again and post the new log

#9 Dandalex

Dandalex
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:56 PM

Posted 05 September 2012 - 07:58 PM

rkill:

Rkill 2.3.6 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 09/05/2012 08:57:05 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop.

* No malware services found to stop.

Checking for processes to terminate.

* No malware processes found to kill.

Checking Registry for malware related settings.

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks.

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

* AppMgmt [Missing Service]
* CscService [Missing Service]
* PeerDistSvc [Missing Service]
* UmRdpService [Missing Service]

* atapi => \SystemRoot\system32\drivers\atapi.sys [Incorrect ImagePath]

Searching for Missing Digital Signatures:

* No issues found.

Program finished at: 09/05/2012 08:57:10 PM
Execution time: 0 hours(s), 0 minute(s), and 4 seconds(s)

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:56 PM

Posted 05 September 2012 - 08:39 PM

That looks good

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your flash player

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#11 Dandalex

Dandalex
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:56 PM

Posted 06 September 2012 - 07:10 AM

Thank you so much for the help NarenXP.
Mcafee Firewall is now on.

Questions:

1) I updated to Java 7 with the link provided but when I go in the control panel/Java. It still says Java 6. Why?

2) Was my PC hijacked?

Thanks again

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:56 PM

Posted 06 September 2012 - 07:16 AM

You have some older versions.Uninstall all java versions from control panel and reinstall it

Your logs are clean but you have been previously infected by zero access which removed critical registry keys.

safe surfing :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users