Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with New Virus-Please help!


  • Please log in to reply
23 replies to this topic

#1 johnsherry

johnsherry

  • Members
  • 59 posts
  • OFFLINE
  •  
  • Local time:07:00 AM

Posted 17 January 2013 - 11:01 AM

I need your help once again as this is the second time I have sought assistance here. Thank you in advance for the wonderful service you provide!

John

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,199 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:00 AM

Posted 17 January 2013 - 11:06 AM

Hello and welcome back.. Lets try this

MiniToolBox
Please download MiniToolBox, save it to your desktop and run it.Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



Please download Rkill by Grinler and save it to your desktop.Link 1
Link 2
  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista, right-click on it and Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
  • If the tool does not run from any of the links provided, please let me know.
Do not reboot the computer, you will need to run the application again.



Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results.


Please download Malwarebytes Anti-Malware Posted Image and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When the scan is complete, click OK, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

-- Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, use Malwarebytes Chameleon and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).




I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image
      icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

NOTE:Sometimes if ESET finds no infections it will not create a log.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 johnsherry

johnsherry
  • Topic Starter

  • Members
  • 59 posts
  • OFFLINE
  •  
  • Local time:07:00 AM

Posted 17 January 2013 - 11:09 AM

Thank you for the quick response! I appreciate it. I will post logs here when they are completed.

Thanks,

John

#4 johnsherry

johnsherry
  • Topic Starter

  • Members
  • 59 posts
  • OFFLINE
  •  
  • Local time:07:00 AM

Posted 17 January 2013 - 11:14 AM

MiniToolBox by Farbar Version:10-01-2013
Ran by johnsherry (administrator) on 17-01-2013 at 10:11:50
Running from "C:\Users\johnsherry\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BCFZFRGO"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

# ::1 localhost

========================= IP Configuration: ================================

DW1501 Wireless-N WLAN Half-Mini Card = Wireless Network Connection (Connected)
Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
Broadcom Virtual Wireless Adapter = Local Area Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : johnsherry-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 1C-65-9D-23-25-15
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom Virtual Wireless Adapter
Physical Address. . . . . . . . . : 1C-65-9D-23-25-15
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : DW1501 Wireless-N WLAN Half-Mini Card
Physical Address. . . . . . . . . : 1C-65-9D-23-25-15
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2602:30b:82d5:ddd9:d99:1ce9:690f:3797(Preferred)
Temporary IPv6 Address. . . . . . : 2602:30b:82d5:ddd9:a4d1:dca8:734b:61bd(Preferred)
Link-local IPv6 Address . . . . . : fe80::d99:1ce9:690f:3797%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.201(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, January 15, 2013 3:30:00 PM
Lease Expires . . . . . . . . . . : Friday, January 18, 2013 7:34:22 AM
Default Gateway . . . . . . . . . : fe80::224e:7fff:fe68:20d3%12
192.168.1.254
DHCP Server . . . . . . . . . . . : 192.168.1.254
DHCPv6 IAID . . . . . . . . . . . : 236742045
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-04-EC-A0-84-2B-2B-7F-CD-3B
DNS Servers . . . . . . . . . . . : 192.168.1.254
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : gateway.2wire.net
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 84-2B-2B-7F-CD-3B
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{B4CD476F-0892-458F-B568-6218E8FDCA47}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{B80EB3A7-A801-4F07-9B26-ACCD107EC982}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.gateway.2wire.net:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{699AF974-89A7-429F-A37B-49679A2112F0}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: dslrouter
Address: 192.168.1.254

Name: google.com
Addresses: 2607:f8b0:4002:c01::65
173.194.37.33
173.194.37.34
173.194.37.35
173.194.37.36
173.194.37.37
173.194.37.38
173.194.37.39
173.194.37.40
173.194.37.41
173.194.37.46
173.194.37.32


Pinging google.com [2607:f8b0:4002:c01::65] with 32 bytes of data:
Reply from 2607:f8b0:4002:c01::65: time=70ms
Reply from 2607:f8b0:4002:c01::65: time=61ms

Ping statistics for 2607:f8b0:4002:c01::65:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 61ms, Maximum = 70ms, Average = 65ms
Server: dslrouter
Address: 192.168.1.254

Name: yahoo.com
Addresses: 206.190.36.45
98.138.253.109
98.139.183.24


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=158ms TTL=41
Reply from 98.139.183.24: bytes=32 time=168ms TTL=41

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 158ms, Maximum = 168ms, Average = 163ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
15...1c 65 9d 23 25 15 ......Microsoft Virtual WiFi Miniport Adapter
13...1c 65 9d 23 25 15 ......Broadcom Virtual Wireless Adapter
12...1c 65 9d 23 25 15 ......DW1501 Wireless-N WLAN Half-Mini Card
10...84 2b 2b 7f cd 3b ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
11...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
16...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.201 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.201 281
192.168.1.201 255.255.255.255 On-link 192.168.1.201 281
192.168.1.255 255.255.255.255 On-link 192.168.1.201 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.201 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.201 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
12 281 ::/0 fe80::224e:7fff:fe68:20d3
1 306 ::1/128 On-link
12 33 2602:30b:82d5:ddd9::/64 On-link
12 281 2602:30b:82d5:ddd9:d99:1ce9:690f:3797/128
On-link
12 281 2602:30b:82d5:ddd9:a4d1:dca8:734b:61bd/128
On-link
12 281 fe80::/64 On-link
12 281 fe80::d99:1ce9:690f:3797/128
On-link
1 306 ff00::/8 On-link
12 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/17/2013 07:34:30 AM) (Source: Bonjour Service) (User: )
Description: mDNSCoreMachineSleep: mDNS_Unlock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)

Error: (01/17/2013 07:34:30 AM) (Source: Bonjour Service) (User: )
Description: mDNSCoreMachineSleep: mDNS_Lock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)

Error: (01/17/2013 05:22:45 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (01/17/2013 05:21:27 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/17/2013 05:13:00 AM) (Source: Bonjour Service) (User: )
Description: mDNSCoreMachineSleep: mDNS_Unlock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)

Error: (01/17/2013 05:13:00 AM) (Source: Bonjour Service) (User: )
Description: mDNSCoreMachineSleep: mDNS_Lock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)

Error: (01/16/2013 03:48:29 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/16/2013 03:42:21 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/16/2013 03:34:09 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/16/2013 01:26:17 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreMachineSleep: mDNS_Unlock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)


System errors:
=============
Error: (01/17/2013 09:39:37 AM) (Source: Service Control Manager) (User: )
Description: The McAfee Personal Firewall Service service depends the following service: MpsSvc. This service might not be installed.

Error: (01/17/2013 09:39:36 AM) (Source: Service Control Manager) (User: )
Description: The McAfee Personal Firewall Service service depends the following service: MpsSvc. This service might not be installed.

Error: (01/17/2013 07:47:41 AM) (Source: Service Control Manager) (User: )
Description: The McAfee Personal Firewall Service service depends the following service: MpsSvc. This service might not be installed.

Error: (01/17/2013 07:47:40 AM) (Source: Service Control Manager) (User: )
Description: The McAfee Personal Firewall Service service depends the following service: MpsSvc. This service might not be installed.

Error: (01/17/2013 07:34:47 AM) (Source: Service Control Manager) (User: )
Description: The McAfee Personal Firewall Service service depends the following service: MpsSvc. This service might not be installed.

Error: (01/17/2013 07:34:47 AM) (Source: Service Control Manager) (User: )
Description: The McAfee Personal Firewall Service service depends the following service: MpsSvc. This service might not be installed.

Error: (01/17/2013 07:34:28 AM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (01/17/2013 07:34:28 AM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (01/17/2013 07:34:20 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (01/17/2013 05:02:15 AM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891


Microsoft Office Sessions:
=========================
Error: (01/17/2013 07:34:30 AM) (Source: Bonjour Service)(User: )
Description: mDNSCoreMachineSleep: mDNS_Unlock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)

Error: (01/17/2013 07:34:30 AM) (Source: Bonjour Service)(User: )
Description: mDNSCoreMachineSleep: mDNS_Lock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)

Error: (01/17/2013 05:22:45 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (01/17/2013 05:21:27 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Program Files (x86)\Cozi Express\CoziExpress.exe

Error: (01/17/2013 05:13:00 AM) (Source: Bonjour Service)(User: )
Description: mDNSCoreMachineSleep: mDNS_Unlock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)

Error: (01/17/2013 05:13:00 AM) (Source: Bonjour Service)(User: )
Description: mDNSCoreMachineSleep: mDNS_Lock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)

Error: (01/16/2013 03:48:29 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\johnsherry\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X6QH1Q21\esetsmartinstaller_enu[1].exe

Error: (01/16/2013 03:42:21 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\johnsherry\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6GMUIMIV\esetsmartinstaller_enu[1].exe

Error: (01/16/2013 03:34:09 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\johnsherry\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J4Q0I5QG\esetsmartinstaller_enu[1].exe

Error: (01/16/2013 01:26:17 PM) (Source: Bonjour Service)(User: )
Description: mDNSCoreMachineSleep: mDNS_Unlock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)


CodeIntegrity Errors:
===================================
Date: 2013-01-15 12:48:24.021
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\McAfee\VSCore\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-01-15 12:48:24.005
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\McAfee\VSCore\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-01-15 12:48:24.005
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\McAfee\VSCore\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-01-14 22:09:30.798
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\McAfee\VSCore\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-01-14 22:09:30.782
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\McAfee\VSCore\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-01-14 22:09:30.767
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\McAfee\VSCore\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-01-06 00:00:36.486
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\McAfee\VSCoreOld\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-01-06 00:00:36.158
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\McAfee\VSCoreOld\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-01-06 00:00:36.126
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\McAfee\VSCoreOld\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-01-06 00:00:36.064
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\McAfee\VSCoreOld\mfeelamk.sys because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

64 Bit HP CIO Components Installer (Version: 7.2.8)
Adobe AIR (Version: 2.5.1.17730)
Adobe Flash Player 11 ActiveX (Version: 11.5.502.146)
Adobe Flash Player 11 Plugin (Version: 11.5.502.146)
Adobe Photoshop Elements 8.0 (Version: 8.0)
Adobe Reader X (10.1.5) (Version: 10.1.5)
Adobe Shockwave Player 11.6 (Version: 11.6.1.629)
Apple Application Support (Version: 2.1.5)
Apple Mobile Device Support (Version: 3.4.1.2)
Apple Software Update (Version: 2.1.3.127)
ArcSoft Print Creations - Album Page
ArcSoft Print Creations - Funhouse
ArcSoft Print Creations - Greeting Card
ArcSoft Print Creations - Photo Book
ArcSoft Print Creations - Photo Calendar
ArcSoft Print Creations - Scrapbook
ArcSoft Print Creations - Slimline Card
ArcSoft Print Creations (Version: 2.8.255.384)
ATI Catalyst Control Center (Version: 2.010.0619.2308)
Bing Bar (Version: 7.0.609.0)
Bing Maps 3D (Version: 4.0.903.16005)
Bonjour (Version: 3.0.0.2)
BufferChm (Version: 130.0.331.000)
C309g-m (Version: 130.0.396.000)
CANON iMAGE GATEWAY MyCamera Download Plugin (Version: 3.1.0.1)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (Version: 1.8.0.1)
Canon Internet Library for ZoomBrowser EX (Version: 1.7.0.1)
Canon MOV Decoder (Version: 1.7.0.6)
Canon MOV Encoder (Version: 1.5.0.3)
Canon MovieEdit Task for ZoomBrowser EX (Version: 3.6.0.5)
Canon Utilities ZoomBrowser EX (Version: 6.6.0.23)
Canon ZoomBrowser EX Memory Card Utility (Version: 1.4.0.4)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2010.0619.2309.39726)
Catalyst Control Center Graphics Previews Vista (Version: 2010.0619.2309.39726)
Catalyst Control Center InstallProxy (Version: 2010.0619.2309.39726)
Catalyst Control Center Localization All (Version: 2010.0619.2309.39726)
ccc-core-static (Version: 2010.0619.2309.39726)
ccc-utility64 (Version: 2010.0619.2309.39726)
CCC Help Chinese Standard (Version: 2010.0619.2308.39726)
CCC Help Chinese Traditional (Version: 2010.0619.2308.39726)
CCC Help Czech (Version: 2010.0619.2308.39726)
CCC Help Danish (Version: 2010.0619.2308.39726)
CCC Help Dutch (Version: 2010.0619.2308.39726)
CCC Help English (Version: 2010.0619.2308.39726)
CCC Help Finnish (Version: 2010.0619.2308.39726)
CCC Help French (Version: 2010.0619.2308.39726)
CCC Help German (Version: 2010.0619.2308.39726)
CCC Help Greek (Version: 2010.0619.2308.39726)
CCC Help Hungarian (Version: 2010.0619.2308.39726)
CCC Help Italian (Version: 2010.0619.2308.39726)
CCC Help Japanese (Version: 2010.0619.2308.39726)
CCC Help Korean (Version: 2010.0619.2308.39726)
CCC Help Norwegian (Version: 2010.0619.2308.39726)
CCC Help Polish (Version: 2010.0619.2308.39726)
CCC Help Portuguese (Version: 2010.0619.2308.39726)
CCC Help Russian (Version: 2010.0619.2308.39726)
CCC Help Spanish (Version: 2010.0619.2308.39726)
CCC Help Swedish (Version: 2010.0619.2308.39726)
CCC Help Thai (Version: 2010.0619.2308.39726)
CCC Help Turkish (Version: 2010.0619.2308.39726)
CCScore (Version: 8.02.0000.0001)
CIR Tool Kit (Version: 2.2.2010.714)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
CMP Grade 8
CMP Transformation Tool
Coupon Printer for Windows (Version: 5.0.0.1)
Cozi (Version: 1.0.4323.24051)
CyberLink YouPaint (Version: 1.2.1721)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell Communications (Support Software) (Version: 1.0.09094)
Dell DataSafe Local Backup - Support Software
Dell DataSafe Local Backup (Version: 9.4.51)
Dell DataSafe Online (Version: 1.2.0011)
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell MusicStage (Version: 1.6.225.0)
Dell PhotoStage (Version: 1.0.0.50)
Dell Stage (Version: 1.7.209.0)
Dell Touch Software Suite Games (Version: 1.2.6.0)
Dell TouchCam (Version: 1.1.1615)
Dell VideoStage (Version: 1.0.0.0630)
DellOSD (Version: 1.1.2)
Destinations (Version: 130.0.0.0)
DeviceDiscovery (Version: 130.0.372.000)
Digital Voice Editor 3 (Version: 3.3.01.11240)
DW WLAN Card Utility (Version: 5.60.48.35)
ESET Online Scanner v3
ESSBrwr (Version: 8.02.0000.0001)
ESSCDBK (Version: 8.02.0000.0001)
ESScore (Version: 8.02.0000.0001)
ESSgui (Version: 8.02.0000.0001)
ESSini (Version: 8.02.0000.0001)
ESSPCD (Version: 8.02.0000.0001)
ESSPDock (Version: 6.03.0001.0004)
ESSTOOLS (Version: 5.00.0000.0004)
essvatgt (Version: 8.00.0000.0001)
Google Chrome (Version: 24.0.1312.52)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3607.2246)
Google Update Helper (Version: 1.3.21.123)
GoToAssist Corporate (Version: 9.1.0.615)
GPBaseService2 (Version: 130.0.371.000)
HP Customer Participation Program 13.0 (Version: 13.0)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP Photosmart Premium C309g-m All-In-One Driver Software 13.0 Rel .6 (Version: 13.0)
HP Print Projects 1.0 (Version: 1.0)
HP Smart Web Printing 4.5 (Version: 4.5)
HP Solution Center 13.0 (Version: 13.0)
HP Update (Version: 5.003.001.001)
HPDiagnosticAlert (Version: 1.00.0000)
HPPhotoGadget (Version: 130.0.282.000)
hpPrintProjects (Version: 130.0.303.000)
HPProductAssistant (Version: 130.0.371.000)
HPSSupply (Version: 130.0.371.000)
hpWLPGInstaller (Version: 130.0.303.000)
iTunes (Version: 10.4.0.80)
Java 7 Update 7 (Version: 7.0.70)
Java Auto Updater (Version: 2.1.9.0)
JavaFX 2.1.1 (Version: 2.1.1)
Junk Mail filter update (Version: 15.4.3502.0922)
Kodak EasyShare software
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
MarketResearch (Version: 130.0.374.000)
McAfee Internet Security (Version: 12.1.253)
McAfee Online Backup (Version: 1.16.4.0)
McAfee Security Scan Plus (Version: 2.0.189.1)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Home and Student 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Touch Pack for Windows 7 (Version: 1.0.40517.00)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.58299)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft XNA Framework Redistributable 3.0 (Version: 3.0.11010.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Multimedia Card Reader (Version: 1.1.1817.91)
NCLEX-RN 3500 - Individual Version
netbrdg (Version: 7.01.0000.0001)
Network64 (Version: 130.0.572.000)
Network64 (Version: 140.0.221.000)
OfotoXMI (Version: 8.02.1000.0001)
PS_AIO_06_C309g-m_SW_Min (Version: 130.0.396.000)
QuickTime (Version: 7.70.80.34)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer
Realtek High Definition Audio Driver (Version: 6.0.1.6141)
RealUpgrade 1.1 (Version: 1.1.0)
Roxio Burn (Version: 1.01)
Scan (Version: 13.0.0.0)
SFR (Version: 8.01.0000.0001)
Shared C Run-time for x64 (Version: 10.0.0)
SHASTA (Version: 7.01.0000.0001)
Shop for HP Supplies (Version: 13.0)
skin0001 (Version: 8.02.0000.0001)
Skins (Version: 2010.0619.2309.39726)
SKINXSDK (Version: 8.02.0000.0001)
Skype Toolbars (Version: 1.0.4036)
Skype™ 5.10 (Version: 5.10.116)
SmartWebPrinting (Version: 130.0.373.000)
SolutionCenter (Version: 130.0.373.000)
staticcr (Version: 8.02.0000.0001)
Status (Version: 130.0.373.000)
StickyNotes (Version: 1.3.20.0)
SUPERAntiSpyware (Version: 5.5.1016)
swMSM (Version: 12.0.0.1)
Toolbox (Version: 130.0.648.000)
TrayApp (Version: 130.0.376.000)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
VPRINTOL (Version: 8.02.0000.0001)
WebReg (Version: 130.0.132.017)
Windows Driver Package - Acer, Inc (androidusb) USB (04/07/2011 1.0.0010.00000) (Version: 04/07/2011 1.0.0010.00000)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WIRELESS (Version: 8.02.0000.0001)
YouTube Downloader 3.3

========================= Devices: ================================

Name: Photosmart Premium C309g-m
Description: Photosmart Premium C309g-m
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


========================= Memory info: ===================================

Percentage of memory in use: 48%
Total physical RAM: 3835.95 MB
Available physical RAM: 1989.21 MB
Total Pagefile: 7670.08 MB
Available Pagefile: 3938.1 MB
Total Virtual: 4095.88 MB
Available Virtual: 3964.03 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:683.95 GB) (Free:585.08 GB) NTFS
3 Drive e: (USB20FD) (Removable) (Total:15.22 GB) (Free:15.22 GB) FAT32

========================= Users: ========================================

User accounts for \\JOHNSHERRY-PC

Administrator Guest johnsherry


**** End of log ****

#5 johnsherry

johnsherry
  • Topic Starter

  • Members
  • 59 posts
  • OFFLINE
  •  
  • Local time:07:00 AM

Posted 17 January 2013 - 11:19 AM

Rkill 2.4.6 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 01/17/2013 10:17:20 AM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Users\johnsherry\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X6QH1Q21\aswMBR[1].exe (PID: 8744) [UP-HEUR]

1 proccess terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

* Windows Firewall Authorization Driver (mpsdrv) is not Running.
Startup Type set to: Manual

* BFE [Missing Service]
* iphlpsvc [Missing Service]
* MpsSvc [Missing Service]
* WinDefend [Missing Service]
* wscsvc [Missing Service]

* SharedAccess [Missing ImagePath]

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 01/17/2013 10:17:41 AM
Execution time: 0 hours(s), 0 minute(s), and 20 seconds(s)

Edited by johnsherry, 17 January 2013 - 11:22 AM.


#6 johnsherry

johnsherry
  • Topic Starter

  • Members
  • 59 posts
  • OFFLINE
  •  
  • Local time:07:00 AM

Posted 17 January 2013 - 11:24 AM

15:47:05.0119 9408 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
15:47:05.0712 9408 ============================================================
15:47:05.0712 9408 Current date / time: 2013/01/16 15:47:05.0712
15:47:05.0712 9408 SystemInfo:
15:47:05.0712 9408
15:47:05.0712 9408 OS Version: 6.1.7601 ServicePack: 1.0
15:47:05.0712 9408 Product type: Workstation
15:47:05.0712 9408 ComputerName: JOHNSHERRY-PC
15:47:05.0712 9408 UserName: johnsherry
15:47:05.0712 9408 Windows directory: C:\Windows
15:47:05.0712 9408 System windows directory: C:\Windows
15:47:05.0712 9408 Running under WOW64
15:47:05.0712 9408 Processor architecture: Intel x64
15:47:05.0712 9408 Number of processors: 2
15:47:05.0712 9408 Page size: 0x1000
15:47:05.0712 9408 Boot type: Normal boot
15:47:05.0712 9408 ============================================================
15:47:07.0365 9408 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:47:07.0428 9408 Drive \Device\Harddisk1\DR1 - Size: 0x3CF0F0000 (15.24 Gb), SectorSize: 0x200, Cylinders: 0x7C4, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:47:07.0428 9408 ============================================================
15:47:07.0428 9408 \Device\Harddisk0\DR0:
15:47:07.0428 9408 MBR partitions:
15:47:07.0428 9408 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x1D4C000
15:47:07.0428 9408 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D5F9C5, BlocksNum 0x557E652B
15:47:07.0428 9408 \Device\Harddisk1\DR1:
15:47:07.0443 9408 MBR partitions:
15:47:07.0443 9408 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0xDB0, BlocksNum 0x1E779D0
15:47:07.0443 9408 ============================================================
15:47:07.0459 9408 C: <-> \Device\Harddisk0\DR0\Partition2
15:47:07.0459 9408 ============================================================
15:47:07.0459 9408 Initialize success
15:47:07.0459 9408 ============================================================
09:20:27.0706 5020 ============================================================
09:20:27.0722 5020 Scan started
09:20:27.0722 5020 Mode: Manual;
09:20:27.0722 5020 ============================================================
09:20:28.0377 5020 ================ Scan system memory ========================
09:20:28.0377 5020 System memory - ok
09:20:28.0377 5020 ================ Scan services =============================
09:20:28.0424 5020 [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
09:20:28.0424 5020 !SASCORE - ok
09:20:28.0689 5020 0170431358366657mcinstcleanup - ok
09:20:28.0751 5020 1394ohci - ok
09:20:28.0829 5020 ACDaemon - ok
09:20:28.0845 5020 ACPI - ok
09:20:28.0861 5020 AcpiPmi - ok
09:20:28.0907 5020 [ 765FE0463E711E5A68AC7B69538ED922 ] AdobeActiveFileMonitor8.0 c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
09:20:28.0923 5020 AdobeActiveFileMonitor8.0 - ok
09:20:28.0970 5020 AdobeARMservice - ok
09:20:29.0063 5020 AdobeFlashPlayerUpdateSvc - ok
09:20:29.0095 5020 adp94xx - ok
09:20:29.0110 5020 adpahci - ok
09:20:29.0110 5020 adpu320 - ok
09:20:29.0141 5020 AeLookupSvc - ok
09:20:29.0157 5020 AFD - ok
09:20:29.0173 5020 agp440 - ok
09:20:29.0188 5020 ALG - ok
09:20:29.0188 5020 aliide - ok
09:20:29.0204 5020 AMD External Events Utility - ok
09:20:29.0204 5020 amdide - ok
09:20:29.0219 5020 AmdK8 - ok
09:20:29.0219 5020 amdkmdag - ok
09:20:29.0235 5020 amdkmdap - ok
09:20:29.0235 5020 AmdPPM - ok
09:20:29.0251 5020 amdsata - ok
09:20:29.0266 5020 amdsbs - ok
09:20:29.0282 5020 amdxata - ok
09:20:29.0297 5020 androidusb - ok
09:20:29.0313 5020 AppID - ok
09:20:29.0313 5020 AppIDSvc - ok
09:20:29.0329 5020 Appinfo - ok
09:20:29.0375 5020 [ 20F6F19FE9E753F2780DC2FA083AD597 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
09:20:29.0391 5020 Apple Mobile Device - ok
09:20:29.0391 5020 arc - ok
09:20:29.0407 5020 arcsas - ok
09:20:29.0422 5020 AsyncMac - ok
09:20:29.0438 5020 atapi - ok
09:20:29.0438 5020 AtiPcie - ok
09:20:29.0469 5020 AudioEndpointBuilder - ok
09:20:29.0469 5020 AudioSrv - ok
09:20:29.0485 5020 AxInstSV - ok
09:20:29.0485 5020 b06bdrv - ok
09:20:29.0500 5020 b57nd60a - ok
09:20:29.0531 5020 BBSvc - ok
09:20:29.0563 5020 BCM42RLY - ok
09:20:29.0578 5020 BCM43XX - ok
09:20:29.0594 5020 BcmVWL - ok
09:20:29.0594 5020 BDESVC - ok
09:20:29.0609 5020 Beep - ok
09:20:29.0641 5020 BITS - ok
09:20:29.0641 5020 blbdrive - ok
09:20:29.0687 5020 [ 1C87705CCB2F60172B0FC86B5D82F00D ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
09:20:29.0687 5020 Bonjour Service - ok
09:20:29.0703 5020 bowser - ok
09:20:29.0719 5020 BrFiltLo - ok
09:20:29.0734 5020 BrFiltUp - ok
09:20:29.0734 5020 Browser - ok
09:20:29.0750 5020 Brserid - ok
09:20:29.0765 5020 BrSerWdm - ok
09:20:29.0765 5020 BrUsbMdm - ok
09:20:29.0781 5020 BrUsbSer - ok
09:20:29.0797 5020 BTHMODEM - ok
09:20:29.0797 5020 bthserv - ok
09:20:29.0828 5020 cdfs - ok
09:20:29.0828 5020 cdrom - ok
09:20:29.0843 5020 CertPropSvc - ok
09:20:29.0921 5020 cfwids - ok
09:20:29.0921 5020 circlass - ok
09:20:29.0937 5020 CLFS - ok
09:20:29.0984 5020 clr_optimization_v2.0.50727_32 - ok
09:20:30.0015 5020 clr_optimization_v2.0.50727_64 - ok
09:20:30.0031 5020 clr_optimization_v4.0.30319_32 - ok
09:20:30.0062 5020 clr_optimization_v4.0.30319_64 - ok
09:20:30.0077 5020 CmBatt - ok
09:20:30.0077 5020 cmdide - ok
09:20:30.0093 5020 CNG - ok
09:20:30.0093 5020 Compbatt - ok
09:20:30.0109 5020 CompositeBus - ok
09:20:30.0124 5020 COMSysApp - ok
09:20:30.0140 5020 crcdisk - ok
09:20:30.0140 5020 CryptSvc - ok
09:20:30.0155 5020 DcomLaunch - ok
09:20:30.0171 5020 defragsvc - ok
09:20:30.0233 5020 DellOSDservice - ok
09:20:30.0233 5020 DfsC - ok
09:20:30.0233 5020 Dhcp - ok
09:20:30.0249 5020 discache - ok
09:20:30.0280 5020 Disk - ok
09:20:30.0280 5020 Dnscache - ok
09:20:30.0296 5020 dot3svc - ok
09:20:30.0296 5020 Dot4 - ok
09:20:30.0311 5020 Dot4Print - ok
09:20:30.0311 5020 dot4usb - ok
09:20:30.0327 5020 DPS - ok
09:20:30.0343 5020 drmkaud - ok
09:20:30.0343 5020 DXGKrnl - ok
09:20:30.0358 5020 EapHost - ok
09:20:30.0374 5020 ebdrv - ok
09:20:30.0374 5020 EFS - ok
09:20:30.0405 5020 ehRecvr - ok
09:20:30.0405 5020 ehSched - ok
09:20:30.0421 5020 elxstor - ok
09:20:30.0436 5020 ErrDev - ok
09:20:30.0467 5020 EventSystem - ok
09:20:30.0467 5020 exfat - ok
09:20:30.0483 5020 fastfat - ok
09:20:30.0483 5020 Fax - ok
09:20:30.0499 5020 fdc - ok
09:20:30.0499 5020 fdPHost - ok
09:20:30.0514 5020 FDResPub - ok
09:20:30.0530 5020 FileInfo - ok
09:20:30.0530 5020 Filetrace - ok
09:20:30.0561 5020 FLEXnet Licensing Service - ok
09:20:30.0577 5020 flpydisk - ok
09:20:30.0577 5020 FltMgr - ok
09:20:30.0592 5020 FontCache - ok
09:20:30.0608 5020 FontCache3.0.0.0 - ok
09:20:30.0623 5020 FsDepends - ok
09:20:30.0623 5020 Fs_Rec - ok
09:20:30.0639 5020 fvevol - ok
09:20:30.0639 5020 gagp30kx - ok
09:20:30.0655 5020 GEARAspiWDM - ok
09:20:30.0701 5020 GoToAssist - ok
09:20:30.0701 5020 gpsvc - ok
09:20:30.0764 5020 gupdate - ok
09:20:30.0764 5020 gupdatem - ok
09:20:30.0779 5020 gusvc - ok
09:20:30.0779 5020 hcw85cir - ok
09:20:30.0795 5020 HDAudBus - ok
09:20:30.0811 5020 HidBatt - ok
09:20:30.0811 5020 HidBth - ok
09:20:30.0842 5020 HidIr - ok
09:20:30.0842 5020 hidserv - ok
09:20:30.0857 5020 HidUsb - ok
09:20:30.0889 5020 HipShieldK - ok
09:20:30.0889 5020 hkmsvc - ok
09:20:30.0904 5020 HomeGroupListener - ok
09:20:30.0904 5020 HomeGroupProvider - ok
09:20:30.0951 5020 HomeNetSvc - ok
09:20:30.0967 5020 hpqcxs08 - ok
09:20:30.0998 5020 hpqddsvc - ok
09:20:31.0013 5020 HpSAMD - ok
09:20:31.0045 5020 HPSLPSVC - ok
09:20:31.0060 5020 HTTP - ok
09:20:31.0076 5020 hwpolicy - ok
09:20:31.0076 5020 i8042prt - ok
09:20:31.0091 5020 iaStorV - ok
09:20:31.0107 5020 idsvc - ok
09:20:31.0107 5020 iirsp - ok
09:20:31.0123 5020 IKEEXT - ok
09:20:31.0138 5020 IntcAzAudAddService - ok
09:20:31.0154 5020 intelide - ok
09:20:31.0154 5020 intelppm - ok
09:20:31.0169 5020 IPBusEnum - ok
09:20:31.0185 5020 IpFilterDriver - ok
09:20:31.0185 5020 IPMIDRV - ok
09:20:31.0201 5020 IPNAT - ok
09:20:31.0216 5020 iPod Service - ok
09:20:31.0232 5020 IRENUM - ok
09:20:31.0232 5020 isapnp - ok
09:20:31.0247 5020 iScsiPrt - ok
09:20:31.0247 5020 kbdclass - ok
09:20:31.0263 5020 kbdhid - ok
09:20:31.0279 5020 KeyIso - ok
09:20:31.0279 5020 KSecDD - ok
09:20:31.0294 5020 KSecPkg - ok
09:20:31.0294 5020 ksthunk - ok
09:20:31.0310 5020 KtmRm - ok
09:20:31.0325 5020 LanmanServer - ok
09:20:31.0341 5020 LanmanWorkstation - ok
09:20:31.0357 5020 lltdio - ok
09:20:31.0357 5020 lltdsvc - ok
09:20:31.0372 5020 lmhosts - ok
09:20:31.0388 5020 LSI_FC - ok
09:20:31.0388 5020 LSI_SAS - ok
09:20:31.0403 5020 LSI_SAS2 - ok
09:20:31.0419 5020 LSI_SCSI - ok
09:20:31.0419 5020 luafv - ok
09:20:31.0466 5020 McAfee SiteAdvisor Service - ok
09:20:31.0481 5020 McComponentHostService - ok
09:20:31.0497 5020 McMPFSvc - ok
09:20:31.0497 5020 McNaiAnn - ok
09:20:31.0544 5020 McODS - ok
09:20:31.0544 5020 mcpltsvc - ok
09:20:31.0559 5020 McProxy - ok
09:20:31.0559 5020 Mcx2Svc - ok
09:20:31.0575 5020 megasas - ok
09:20:31.0575 5020 MegaSR - ok
09:20:31.0622 5020 mfeapfk - ok
09:20:31.0637 5020 mfeavfk - ok
09:20:31.0653 5020 mfeavfk01 - ok
09:20:31.0684 5020 mfecore - ok
09:20:31.0700 5020 mfefire - ok
09:20:31.0715 5020 mfefirek - ok
09:20:31.0747 5020 [ 62E4C929A4DB48616B1B90143B48C948 ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
09:20:31.0762 5020 mfehidk - ok
09:20:31.0762 5020 mfencbdc - ok
09:20:31.0778 5020 mfencrk - ok
09:20:31.0809 5020 mfevtp - ok
09:20:31.0825 5020 mfewfpk - ok
09:20:31.0840 5020 MMCSS - ok
09:20:31.0871 5020 MOBKbackup - ok
09:20:31.0887 5020 MOBKFilter - ok
09:20:31.0887 5020 Modem - ok
09:20:31.0903 5020 monitor - ok
09:20:31.0918 5020 mouclass - ok
09:20:31.0934 5020 mouhid - ok
09:20:31.0934 5020 mountmgr - ok
09:20:31.0949 5020 mpio - ok
09:20:31.0965 5020 mpsdrv - ok
09:20:31.0965 5020 MRxDAV - ok
09:20:31.0981 5020 mrxsmb - ok
09:20:31.0981 5020 mrxsmb10 - ok
09:20:31.0996 5020 mrxsmb20 - ok
09:20:31.0996 5020 msahci - ok
09:20:32.0012 5020 msdsm - ok
09:20:32.0012 5020 MSDTC - ok
09:20:32.0059 5020 Msfs - ok
09:20:32.0059 5020 mshidkmdf - ok
09:20:32.0074 5020 msisadrv - ok
09:20:32.0105 5020 MSiSCSI - ok
09:20:32.0105 5020 msiserver - ok
09:20:32.0137 5020 MSK80Service - ok
09:20:32.0152 5020 MSKSSRV - ok
09:20:32.0152 5020 MSPCLOCK - ok
09:20:32.0168 5020 MSPQM - ok
09:20:32.0183 5020 MsRPC - ok
09:20:32.0199 5020 mssmbios - ok
09:20:32.0199 5020 MSTEE - ok
09:20:32.0215 5020 MTConfig - ok
09:20:32.0230 5020 Mup - ok
09:20:32.0230 5020 napagent - ok
09:20:32.0246 5020 NativeWifiP - ok
09:20:32.0246 5020 NDIS - ok
09:20:32.0261 5020 NdisCap - ok
09:20:32.0277 5020 NdisTapi - ok
09:20:32.0293 5020 Ndisuio - ok
09:20:32.0308 5020 NdisWan - ok
09:20:32.0308 5020 NDProxy - ok
09:20:32.0339 5020 Net Driver HPZ12 - ok
09:20:32.0339 5020 NetBIOS - ok
09:20:32.0355 5020 NetBT - ok
09:20:32.0355 5020 Netlogon - ok
09:20:32.0371 5020 Netman - ok
09:20:32.0386 5020 netprofm - ok
09:20:32.0386 5020 NetTcpPortSharing - ok
09:20:32.0402 5020 nfrd960 - ok
09:20:32.0402 5020 NlaSvc - ok
09:20:32.0417 5020 Npfs - ok
09:20:32.0417 5020 nsi - ok
09:20:32.0433 5020 nsiproxy - ok
09:20:32.0449 5020 Ntfs - ok
09:20:32.0449 5020 Null - ok
09:20:32.0464 5020 nuviocir - ok
09:20:32.0464 5020 nvraid - ok
09:20:32.0480 5020 nvstor - ok
09:20:32.0480 5020 nv_agp - ok
09:20:32.0495 5020 ohci1394 - ok
09:20:32.0527 5020 ose - ok
09:20:32.0573 5020 osppsvc - ok
09:20:32.0605 5020 p2pimsvc - ok
09:20:32.0605 5020 p2psvc - ok
09:20:32.0620 5020 Parport - ok
09:20:32.0620 5020 partmgr - ok
09:20:32.0636 5020 PcaSvc - ok
09:20:32.0636 5020 pci - ok
09:20:32.0651 5020 pciide - ok
09:20:32.0651 5020 pcmcia - ok
09:20:32.0683 5020 pcw - ok
09:20:32.0683 5020 PEAUTH - ok
09:20:32.0761 5020 PerfHost - ok
09:20:32.0792 5020 pla - ok
09:20:32.0823 5020 PlugPlay - ok
09:20:32.0839 5020 Pml Driver HPZ12 - ok
09:20:32.0854 5020 PNRPAutoReg - ok
09:20:32.0854 5020 PNRPsvc - ok
09:20:32.0870 5020 PolicyAgent - ok
09:20:32.0885 5020 Power - ok
09:20:32.0885 5020 PptpMiniport - ok
09:20:32.0901 5020 Processor - ok
09:20:32.0901 5020 ProfSvc - ok
09:20:32.0917 5020 ProtectedStorage - ok
09:20:32.0917 5020 Psched - ok
09:20:32.0932 5020 PxHlpa64 - ok
09:20:32.0948 5020 ql2300 - ok
09:20:32.0948 5020 ql40xx - ok
09:20:32.0963 5020 QWAVE - ok
09:20:32.0963 5020 QWAVEdrv - ok
09:20:32.0979 5020 RasAcd - ok
09:20:32.0995 5020 RasAgileVpn - ok
09:20:32.0995 5020 RasAuto - ok
09:20:33.0010 5020 Rasl2tp - ok
09:20:33.0010 5020 RasMan - ok
09:20:33.0057 5020 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
09:20:33.0057 5020 RasPppoe - ok
09:20:33.0057 5020 RasSstp - ok
09:20:33.0073 5020 rdbss - ok
09:20:33.0073 5020 rdpbus - ok
09:20:33.0088 5020 RDPCDD - ok
09:20:33.0104 5020 RDPENCDD - ok
09:20:33.0119 5020 RDPREFMP - ok
09:20:33.0119 5020 RDPWD - ok
09:20:33.0135 5020 rdyboost - ok
09:20:33.0151 5020 RemoteAccess - ok
09:20:33.0151 5020 RemoteRegistry - ok
09:20:33.0151 5020 RpcEptMapper - ok
09:20:33.0166 5020 RpcLocator - ok
09:20:33.0182 5020 RpcSs - ok
09:20:33.0182 5020 rspndr - ok
09:20:33.0197 5020 RTL8167 - ok
09:20:33.0197 5020 SamSs - ok
09:20:33.0244 5020 SASDIFSV - ok
09:20:33.0244 5020 SASKUTIL - ok
09:20:33.0260 5020 sbp2port - ok
09:20:33.0260 5020 SCardSvr - ok
09:20:33.0275 5020 scfilter - ok
09:20:33.0275 5020 Schedule - ok
09:20:33.0291 5020 SCPolicySvc - ok
09:20:33.0291 5020 SDRSVC - ok
09:20:33.0353 5020 SeaPort - ok
09:20:33.0369 5020 secdrv - ok
09:20:33.0369 5020 seclogon - ok
09:20:33.0385 5020 SENS - ok
09:20:33.0385 5020 SensrSvc - ok
09:20:33.0400 5020 Serenum - ok
09:20:33.0431 5020 Serial - ok
09:20:33.0431 5020 sermouse - ok
09:20:33.0447 5020 SessionEnv - ok
09:20:33.0463 5020 sffdisk - ok
09:20:33.0478 5020 sffp_mmc - ok
09:20:33.0478 5020 sffp_sd - ok
09:20:33.0494 5020 sfloppy - ok
09:20:33.0525 5020 [ 38F88F0DF46C4D42125EF721ABD7F6B9 ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
09:20:33.0541 5020 SftService - ok
09:20:33.0556 5020 ShellHWDetection - ok
09:20:33.0556 5020 SiSRaid2 - ok
09:20:33.0572 5020 SiSRaid4 - ok
09:20:33.0587 5020 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
09:20:33.0634 5020 SkypeUpdate - ok
09:20:33.0634 5020 Smb - ok
09:20:33.0665 5020 SNMPTRAP - ok
09:20:33.0665 5020 spldr - ok
09:20:33.0681 5020 Spooler - ok
09:20:33.0681 5020 sppsvc - ok
09:20:33.0697 5020 sppuinotify - ok
09:20:33.0743 5020 [ D630B6F2E8379B6F10DC16E82A426552 ] sprtsvc_DellComms C:\Program Files (x86)\Dell\DellComms\bin\sprtsvc.exe
09:20:33.0743 5020 sprtsvc_DellComms - ok
09:20:33.0759 5020 srv - ok
09:20:33.0775 5020 srv2 - ok
09:20:33.0775 5020 srvnet - ok
09:20:33.0790 5020 SSDPSRV - ok
09:20:33.0790 5020 SstpSvc - ok
09:20:33.0806 5020 stexstor - ok
09:20:33.0806 5020 StillCam - ok
09:20:33.0821 5020 stisvc - ok
09:20:33.0837 5020 swenum - ok
09:20:33.0837 5020 swprv - ok
09:20:33.0853 5020 SysMain - ok
09:20:33.0853 5020 TabletInputService - ok
09:20:33.0868 5020 TapiSrv - ok
09:20:33.0868 5020 TBS - ok
09:20:33.0884 5020 Tcpip - ok
09:20:33.0884 5020 TCPIP6 - ok
09:20:33.0899 5020 tcpipreg - ok
09:20:33.0915 5020 TDPIPE - ok
09:20:33.0931 5020 TDTCP - ok
09:20:33.0931 5020 tdx - ok
09:20:33.0946 5020 TermDD - ok
09:20:33.0946 5020 TermService - ok
09:20:33.0962 5020 Themes - ok
09:20:33.0977 5020 THREADORDER - ok
09:20:33.0993 5020 TrkWks - ok
09:20:34.0024 5020 TrustedInstaller - ok
09:20:34.0040 5020 tssecsrv - ok
09:20:34.0040 5020 TsUsbFlt - ok
09:20:34.0055 5020 tunnel - ok
09:20:34.0071 5020 uagp35 - ok
09:20:34.0087 5020 udfs - ok
09:20:34.0102 5020 UI0Detect - ok
09:20:34.0102 5020 uliagpkx - ok
09:20:34.0118 5020 umbus - ok
09:20:34.0133 5020 UmPass - ok
09:20:34.0133 5020 upnphost - ok
09:20:34.0149 5020 usbccgp - ok
09:20:34.0149 5020 usbcir - ok
09:20:34.0165 5020 usbehci - ok
09:20:34.0165 5020 usbhub - ok
09:20:34.0180 5020 usbohci - ok
09:20:34.0196 5020 usbprint - ok
09:20:34.0196 5020 usbscan - ok
09:20:34.0211 5020 USBSTOR - ok
09:20:34.0211 5020 usbuhci - ok
09:20:34.0227 5020 usbvideo - ok
09:20:34.0243 5020 UxSms - ok
09:20:34.0243 5020 VaultSvc - ok
09:20:34.0258 5020 vdrvroot - ok
09:20:34.0274 5020 vds - ok
09:20:34.0274 5020 vga - ok
09:20:34.0289 5020 VgaSave - ok
09:20:34.0305 5020 vhdmp - ok
09:20:34.0305 5020 viaide - ok
09:20:34.0321 5020 volmgr - ok
09:20:34.0321 5020 volmgrx - ok
09:20:34.0336 5020 volsnap - ok
09:20:34.0336 5020 vsmraid - ok
09:20:34.0352 5020 VSS - ok
09:20:34.0352 5020 vwifibus - ok
09:20:34.0367 5020 vwififlt - ok
09:20:34.0383 5020 vwifimp - ok
09:20:34.0383 5020 W32Time - ok
09:20:34.0399 5020 WacomPen - ok
09:20:34.0414 5020 WANARP - ok
09:20:34.0414 5020 Wanarpv6 - ok
09:20:34.0445 5020 WatAdminSvc - ok
09:20:34.0461 5020 wbengine - ok
09:20:34.0461 5020 WbioSrvc - ok
09:20:34.0477 5020 wcncsvc - ok
09:20:34.0477 5020 WcsPlugInService - ok
09:20:34.0492 5020 Wd - ok
09:20:34.0492 5020 Wdf01000 - ok
09:20:34.0508 5020 WdiServiceHost - ok
09:20:34.0508 5020 WdiSystemHost - ok
09:20:34.0523 5020 WebClient - ok
09:20:34.0539 5020 Wecsvc - ok
09:20:34.0539 5020 wercplsupport - ok
09:20:34.0555 5020 WerSvc - ok
09:20:34.0555 5020 WfpLwf - ok
09:20:34.0570 5020 WimFltr - ok
09:20:34.0586 5020 WIMMount - ok
09:20:34.0586 5020 WinHttpAutoProxySvc - ok
09:20:34.0617 5020 Winmgmt - ok
09:20:34.0633 5020 WinRM - ok
09:20:34.0648 5020 WinUsb - ok
09:20:34.0664 5020 Wlansvc - ok
09:20:34.0711 5020 wlidsvc - ok
09:20:34.0758 5020 wltrysvc - ok
09:20:34.0774 5020 WmiAcpi - ok
09:20:34.0790 5020 wmiApSrv - ok
09:20:34.0805 5020 WMPNetworkSvc - ok
09:20:34.0805 5020 WPCSvc - ok
09:20:34.0821 5020 WPDBusEnum - ok
09:20:34.0821 5020 ws2ifsl - ok
09:20:34.0836 5020 WSDPrintDevice - ok
09:20:34.0852 5020 WSearch - ok
09:20:34.0868 5020 wuauserv - ok
09:20:34.0868 5020 WudfPf - ok
09:20:34.0883 5020 WUDFRd - ok
09:20:34.0899 5020 wudfsvc - ok
09:20:34.0899 5020 WwanSvc - ok
09:20:34.0930 5020 ================ Scan global ===============================
09:20:34.0977 5020 [Global] - ok
09:20:34.0977 5020 ================ Scan MBR ==================================
09:20:34.0992 5020 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
09:20:35.0164 5020 \Device\Harddisk0\DR0 - ok
09:20:35.0180 5020 ================ Scan VBR ==================================
09:20:35.0180 5020 [ 24D53E231BDC14B19ADD9640495D5DE8 ] \Device\Harddisk0\DR0\Partition1
09:20:35.0180 5020 \Device\Harddisk0\DR0\Partition1 - ok
09:20:35.0195 5020 [ 9BAF9211AB169B56C6B4FD75FB4BDF66 ] \Device\Harddisk0\DR0\Partition2
09:20:35.0195 5020 \Device\Harddisk0\DR0\Partition2 - ok
09:20:35.0211 5020 ============================================================
09:20:35.0211 5020 Scan finished
09:20:35.0211 5020 ============================================================
09:20:35.0226 5236 Detected object count: 0
09:20:35.0226 5236 Actual detected object count: 0
10:22:26.0681 4624 ============================================================
10:22:26.0681 4624 Scan started
10:22:26.0681 4624 Mode: Manual;
10:22:26.0681 4624 ============================================================
10:22:27.0463 4624 ================ Scan system memory ========================
10:22:27.0463 4624 System memory - ok
10:22:27.0479 4624 ================ Scan services =============================
10:22:27.0588 4624 [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
10:22:27.0635 4624 !SASCORE - ok
10:22:27.0869 4624 0170431358366657mcinstcleanup - ok
10:22:27.0964 4624 1394ohci - ok
10:22:28.0044 4624 ACDaemon - ok
10:22:28.0054 4624 ACPI - ok
10:22:28.0054 4624 AcpiPmi - ok
10:22:28.0104 4624 [ 765FE0463E711E5A68AC7B69538ED922 ] AdobeActiveFileMonitor8.0 c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
10:22:28.0114 4624 AdobeActiveFileMonitor8.0 - ok
10:22:28.0150 4624 AdobeARMservice - ok
10:22:28.0244 4624 AdobeFlashPlayerUpdateSvc - ok
10:22:28.0244 4624 adp94xx - ok
10:22:28.0259 4624 adpahci - ok
10:22:28.0259 4624 adpu320 - ok
10:22:28.0337 4624 AeLookupSvc - ok
10:22:28.0353 4624 AFD - ok
10:22:28.0368 4624 agp440 - ok
10:22:28.0368 4624 ALG - ok
10:22:28.0384 4624 aliide - ok
10:22:28.0400 4624 AMD External Events Utility - ok
10:22:28.0400 4624 amdide - ok
10:22:28.0415 4624 AmdK8 - ok
10:22:28.0415 4624 amdkmdag - ok
10:22:28.0431 4624 amdkmdap - ok
10:22:28.0431 4624 AmdPPM - ok
10:22:28.0446 4624 amdsata - ok
10:22:28.0446 4624 amdsbs - ok
10:22:28.0462 4624 amdxata - ok
10:22:28.0462 4624 androidusb - ok
10:22:28.0478 4624 AppID - ok
10:22:28.0478 4624 AppIDSvc - ok
10:22:28.0493 4624 Appinfo - ok
10:22:28.0571 4624 [ 20F6F19FE9E753F2780DC2FA083AD597 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:22:28.0571 4624 Apple Mobile Device - ok
10:22:28.0587 4624 arc - ok
10:22:28.0602 4624 arcsas - ok
10:22:28.0618 4624 AsyncMac - ok
10:22:28.0618 4624 atapi - ok
10:22:28.0634 4624 AtiPcie - ok
10:22:28.0634 4624 AudioEndpointBuilder - ok
10:22:28.0649 4624 AudioSrv - ok
10:22:28.0665 4624 AxInstSV - ok
10:22:28.0665 4624 b06bdrv - ok
10:22:28.0680 4624 b57nd60a - ok
10:22:28.0712 4624 BBSvc - ok
10:22:28.0712 4624 BCM42RLY - ok
10:22:28.0727 4624 BCM43XX - ok
10:22:28.0727 4624 BcmVWL - ok
10:22:28.0743 4624 BDESVC - ok
10:22:28.0743 4624 Beep - ok
10:22:28.0790 4624 BITS - ok
10:22:28.0790 4624 blbdrive - ok
10:22:28.0821 4624 [ 1C87705CCB2F60172B0FC86B5D82F00D ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
10:22:28.0821 4624 Bonjour Service - ok
10:22:28.0836 4624 bowser - ok
10:22:28.0836 4624 BrFiltLo - ok
10:22:28.0852 4624 BrFiltUp - ok
10:22:28.0868 4624 Browser - ok
10:22:28.0868 4624 Brserid - ok
10:22:28.0868 4624 BrSerWdm - ok
10:22:28.0883 4624 BrUsbMdm - ok
10:22:28.0899 4624 BrUsbSer - ok
10:22:28.0899 4624 BTHMODEM - ok
10:22:28.0914 4624 bthserv - ok
10:22:28.0914 4624 cdfs - ok
10:22:28.0930 4624 cdrom - ok
10:22:28.0946 4624 CertPropSvc - ok
10:22:28.0977 4624 cfwids - ok
10:22:28.0977 4624 circlass - ok
10:22:28.0992 4624 CLFS - ok
10:22:29.0039 4624 clr_optimization_v2.0.50727_32 - ok
10:22:29.0070 4624 clr_optimization_v2.0.50727_64 - ok
10:22:29.0086 4624 clr_optimization_v4.0.30319_32 - ok
10:22:29.0102 4624 clr_optimization_v4.0.30319_64 - ok
10:22:29.0102 4624 CmBatt - ok
10:22:29.0102 4624 cmdide - ok
10:22:29.0117 4624 CNG - ok
10:22:29.0133 4624 Compbatt - ok
10:22:29.0133 4624 CompositeBus - ok
10:22:29.0148 4624 COMSysApp - ok
10:22:29.0148 4624 crcdisk - ok
10:22:29.0180 4624 CryptSvc - ok
10:22:29.0195 4624 DcomLaunch - ok
10:22:29.0195 4624 defragsvc - ok
10:22:29.0258 4624 DellOSDservice - ok
10:22:29.0273 4624 DfsC - ok
10:22:29.0273 4624 Dhcp - ok
10:22:29.0289 4624 discache - ok
10:22:29.0304 4624 Disk - ok
10:22:29.0320 4624 Dnscache - ok
10:22:29.0336 4624 dot3svc - ok
10:22:29.0336 4624 Dot4 - ok
10:22:29.0351 4624 Dot4Print - ok
10:22:29.0351 4624 dot4usb - ok
10:22:29.0367 4624 DPS - ok
10:22:29.0367 4624 drmkaud - ok
10:22:29.0382 4624 DXGKrnl - ok
10:22:29.0398 4624 EapHost - ok
10:22:29.0398 4624 ebdrv - ok
10:22:29.0414 4624 EFS - ok
10:22:29.0445 4624 ehRecvr - ok
10:22:29.0460 4624 ehSched - ok
10:22:29.0460 4624 elxstor - ok
10:22:29.0476 4624 ErrDev - ok
10:22:29.0507 4624 EventSystem - ok
10:22:29.0507 4624 exfat - ok
10:22:29.0523 4624 fastfat - ok
10:22:29.0523 4624 Fax - ok
10:22:29.0538 4624 fdc - ok
10:22:29.0538 4624 fdPHost - ok
10:22:29.0554 4624 FDResPub - ok
10:22:29.0554 4624 FileInfo - ok
10:22:29.0570 4624 Filetrace - ok
10:22:29.0601 4624 FLEXnet Licensing Service - ok
10:22:29.0616 4624 flpydisk - ok
10:22:29.0616 4624 FltMgr - ok
10:22:29.0632 4624 FontCache - ok
10:22:29.0632 4624 FontCache3.0.0.0 - ok
10:22:29.0648 4624 FsDepends - ok
10:22:29.0648 4624 Fs_Rec - ok
10:22:29.0663 4624 fvevol - ok
10:22:29.0663 4624 gagp30kx - ok
10:22:29.0679 4624 GEARAspiWDM - ok
10:22:29.0710 4624 GoToAssist - ok
10:22:29.0710 4624 gpsvc - ok
10:22:29.0757 4624 gupdate - ok
10:22:29.0772 4624 gupdatem - ok
10:22:29.0804 4624 gusvc - ok
10:22:29.0804 4624 hcw85cir - ok
10:22:29.0819 4624 HDAudBus - ok
10:22:29.0819 4624 HidBatt - ok
10:22:29.0835 4624 HidBth - ok
10:22:29.0835 4624 HidIr - ok
10:22:29.0850 4624 hidserv - ok
10:22:29.0850 4624 HidUsb - ok
10:22:29.0913 4624 HipShieldK - ok
10:22:29.0928 4624 hkmsvc - ok
10:22:29.0928 4624 HomeGroupListener - ok
10:22:29.0944 4624 HomeGroupProvider - ok
10:22:29.0991 4624 HomeNetSvc - ok
10:22:30.0006 4624 hpqcxs08 - ok
10:22:30.0006 4624 hpqddsvc - ok
10:22:30.0022 4624 HpSAMD - ok
10:22:30.0038 4624 HPSLPSVC - ok
10:22:30.0038 4624 HTTP - ok
10:22:30.0053 4624 hwpolicy - ok
10:22:30.0053 4624 i8042prt - ok
10:22:30.0069 4624 iaStorV - ok
10:22:30.0084 4624 idsvc - ok
10:22:30.0084 4624 iirsp - ok
10:22:30.0100 4624 IKEEXT - ok
10:22:30.0116 4624 IntcAzAudAddService - ok
10:22:30.0116 4624 intelide - ok
10:22:30.0131 4624 intelppm - ok
10:22:30.0131 4624 IPBusEnum - ok
10:22:30.0147 4624 IpFilterDriver - ok
10:22:30.0147 4624 IPMIDRV - ok
10:22:30.0162 4624 IPNAT - ok
10:22:30.0178 4624 iPod Service - ok
10:22:30.0194 4624 IRENUM - ok
10:22:30.0209 4624 isapnp - ok
10:22:30.0225 4624 iScsiPrt - ok
10:22:30.0240 4624 kbdclass - ok
10:22:30.0256 4624 kbdhid - ok
10:22:30.0272 4624 KeyIso - ok
10:22:30.0272 4624 KSecDD - ok
10:22:30.0287 4624 KSecPkg - ok
10:22:30.0303 4624 ksthunk - ok
10:22:30.0318 4624 KtmRm - ok
10:22:30.0334 4624 LanmanServer - ok
10:22:30.0334 4624 LanmanWorkstation - ok
10:22:30.0350 4624 lltdio - ok
10:22:30.0365 4624 lltdsvc - ok
10:22:30.0365 4624 lmhosts - ok
10:22:30.0381 4624 LSI_FC - ok
10:22:30.0381 4624 LSI_SAS - ok
10:22:30.0396 4624 LSI_SAS2 - ok
10:22:30.0412 4624 LSI_SCSI - ok
10:22:30.0412 4624 luafv - ok
10:22:30.0443 4624 McAfee SiteAdvisor Service - ok
10:22:30.0459 4624 McComponentHostService - ok
10:22:30.0459 4624 McMPFSvc - ok
10:22:30.0474 4624 McNaiAnn - ok
10:22:30.0521 4624 McODS - ok
10:22:30.0521 4624 mcpltsvc - ok
10:22:30.0537 4624 McProxy - ok
10:22:30.0537 4624 Mcx2Svc - ok
10:22:30.0552 4624 megasas - ok
10:22:30.0552 4624 MegaSR - ok
10:22:30.0568 4624 mfeapfk - ok
10:22:30.0568 4624 mfeavfk - ok
10:22:30.0584 4624 mfeavfk01 - ok
10:22:30.0615 4624 mfecore - ok
10:22:30.0630 4624 mfefire - ok
10:22:30.0630 4624 mfefirek - ok
10:22:30.0662 4624 [ 62E4C929A4DB48616B1B90143B48C948 ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
10:22:30.0677 4624 mfehidk - ok
10:22:30.0677 4624 mfencbdc - ok
10:22:30.0693 4624 mfencrk - ok
10:22:30.0708 4624 mfevtp - ok
10:22:30.0724 4624 mfewfpk - ok
10:22:30.0724 4624 MMCSS - ok
10:22:30.0755 4624 MOBKbackup - ok
10:22:30.0771 4624 MOBKFilter - ok
10:22:30.0786 4624 Modem - ok
10:22:30.0786 4624 monitor - ok
10:22:30.0802 4624 mouclass - ok
10:22:30.0802 4624 mouhid - ok
10:22:30.0833 4624 mountmgr - ok
10:22:30.0833 4624 mpio - ok
10:22:30.0849 4624 mpsdrv - ok
10:22:30.0864 4624 MRxDAV - ok
10:22:30.0864 4624 mrxsmb - ok
10:22:30.0880 4624 mrxsmb10 - ok
10:22:30.0880 4624 mrxsmb20 - ok
10:22:30.0896 4624 msahci - ok
10:22:30.0896 4624 msdsm - ok
10:22:30.0911 4624 MSDTC - ok
10:22:30.0927 4624 Msfs - ok
10:22:30.0927 4624 mshidkmdf - ok
10:22:30.0942 4624 msisadrv - ok
10:22:30.0942 4624 MSiSCSI - ok
10:22:30.0958 4624 msiserver - ok
10:22:30.0974 4624 MSK80Service - ok
10:22:30.0974 4624 MSKSSRV - ok
10:22:30.0989 4624 MSPCLOCK - ok
10:22:30.0989 4624 MSPQM - ok
10:22:31.0005 4624 MsRPC - ok
10:22:31.0020 4624 mssmbios - ok
10:22:31.0020 4624 MSTEE - ok
10:22:31.0036 4624 MTConfig - ok
10:22:31.0036 4624 Mup - ok
10:22:31.0052 4624 napagent - ok
10:22:31.0052 4624 NativeWifiP - ok
10:22:31.0067 4624 NDIS - ok
10:22:31.0067 4624 NdisCap - ok
10:22:31.0083 4624 NdisTapi - ok
10:22:31.0083 4624 Ndisuio - ok
10:22:31.0098 4624 NdisWan - ok
10:22:31.0098 4624 NDProxy - ok
10:22:31.0114 4624 Net Driver HPZ12 - ok
10:22:31.0130 4624 NetBIOS - ok
10:22:31.0130 4624 NetBT - ok
10:22:31.0145 4624 Netlogon - ok
10:22:31.0161 4624 Netman - ok
10:22:31.0161 4624 netprofm - ok
10:22:31.0176 4624 NetTcpPortSharing - ok
10:22:31.0176 4624 nfrd960 - ok
10:22:31.0192 4624 NlaSvc - ok
10:22:31.0192 4624 Npfs - ok
10:22:31.0208 4624 nsi - ok
10:22:31.0223 4624 nsiproxy - ok
10:22:31.0223 4624 Ntfs - ok
10:22:31.0239 4624 Null - ok
10:22:31.0239 4624 nuviocir - ok
10:22:31.0254 4624 nvraid - ok
10:22:31.0270 4624 nvstor - ok
10:22:31.0270 4624 nv_agp - ok
10:22:31.0270 4624 ohci1394 - ok
10:22:31.0317 4624 ose - ok
10:22:31.0348 4624 osppsvc - ok
10:22:31.0364 4624 p2pimsvc - ok
10:22:31.0364 4624 p2psvc - ok
10:22:31.0379 4624 Parport - ok
10:22:31.0395 4624 partmgr - ok
10:22:31.0395 4624 PcaSvc - ok
10:22:31.0410 4624 pci - ok
10:22:31.0410 4624 pciide - ok
10:22:31.0426 4624 pcmcia - ok
10:22:31.0426 4624 pcw - ok
10:22:31.0442 4624 PEAUTH - ok
10:22:31.0504 4624 PerfHost - ok
10:22:31.0520 4624 pla - ok
10:22:31.0535 4624 PlugPlay - ok
10:22:31.0535 4624 Pml Driver HPZ12 - ok
10:22:31.0551 4624 PNRPAutoReg - ok
10:22:31.0551 4624 PNRPsvc - ok
10:22:31.0566 4624 PolicyAgent - ok
10:22:31.0582 4624 Power - ok
10:22:31.0582 4624 PptpMiniport - ok
10:22:31.0598 4624 Processor - ok
10:22:31.0598 4624 ProfSvc - ok
10:22:31.0613 4624 ProtectedStorage - ok
10:22:31.0629 4624 Psched - ok
10:22:31.0644 4624 PxHlpa64 - ok
10:22:31.0644 4624 ql2300 - ok
10:22:31.0660 4624 ql40xx - ok
10:22:31.0660 4624 QWAVE - ok
10:22:31.0676 4624 QWAVEdrv - ok
10:22:31.0676 4624 RasAcd - ok
10:22:31.0691 4624 RasAgileVpn - ok
10:22:31.0707 4624 RasAuto - ok
10:22:31.0707 4624 Rasl2tp - ok
10:22:31.0722 4624 RasMan - ok
10:22:31.0738 4624 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
10:22:31.0738 4624 RasPppoe - ok
10:22:31.0754 4624 RasSstp - ok
10:22:31.0754 4624 rdbss - ok
10:22:31.0769 4624 rdpbus - ok
10:22:31.0769 4624 RDPCDD - ok
10:22:31.0785 4624 RDPENCDD - ok
10:22:31.0800 4624 RDPREFMP - ok
10:22:31.0800 4624 RDPWD - ok
10:22:31.0816 4624 rdyboost - ok
10:22:31.0832 4624 RemoteAccess - ok
10:22:31.0832 4624 RemoteRegistry - ok
10:22:31.0847 4624 RpcEptMapper - ok
10:22:31.0847 4624 RpcLocator - ok
10:22:31.0863 4624 RpcSs - ok
10:22:31.0863 4624 rspndr - ok
10:22:31.0894 4624 RTL8167 - ok
10:22:31.0894 4624 SamSs - ok
10:22:31.0925 4624 SASDIFSV - ok
10:22:31.0941 4624 SASKUTIL - ok
10:22:31.0941 4624 sbp2port - ok
10:22:31.0956 4624 SCardSvr - ok
10:22:31.0956 4624 scfilter - ok
10:22:31.0972 4624 Schedule - ok
10:22:31.0988 4624 SCPolicySvc - ok
10:22:31.0988 4624 SDRSVC - ok
10:22:32.0034 4624 SeaPort - ok
10:22:32.0034 4624 secdrv - ok
10:22:32.0050 4624 seclogon - ok
10:22:32.0066 4624 SENS - ok
10:22:32.0066 4624 SensrSvc - ok
10:22:32.0081 4624 Serenum - ok
10:22:32.0081 4624 Serial - ok
10:22:32.0097 4624 sermouse - ok
10:22:32.0112 4624 SessionEnv - ok
10:22:32.0128 4624 sffdisk - ok
10:22:32.0128 4624 sffp_mmc - ok
10:22:32.0144 4624 sffp_sd - ok
10:22:32.0144 4624 sfloppy - ok
10:22:32.0190 4624 [ 38F88F0DF46C4D42125EF721ABD7F6B9 ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
10:22:32.0206 4624 SftService - ok
10:22:32.0206 4624 ShellHWDetection - ok
10:22:32.0222 4624 SiSRaid2 - ok
10:22:32.0222 4624 SiSRaid4 - ok
10:22:32.0253 4624 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
10:22:32.0253 4624 SkypeUpdate - ok
10:22:32.0253 4624 Smb - ok
10:22:32.0284 4624 SNMPTRAP - ok
10:22:32.0284 4624 spldr - ok
10:22:32.0300 4624 Spooler - ok
10:22:32.0300 4624 sppsvc - ok
10:22:32.0315 4624 sppuinotify - ok
10:22:32.0346 4624 [ D630B6F2E8379B6F10DC16E82A426552 ] sprtsvc_DellComms C:\Program Files (x86)\Dell\DellComms\bin\sprtsvc.exe
10:22:32.0346 4624 sprtsvc_DellComms - ok
10:22:32.0362 4624 srv - ok
10:22:32.0378 4624 srv2 - ok
10:22:32.0393 4624 srvnet - ok
10:22:32.0393 4624 SSDPSRV - ok
10:22:32.0409 4624 SstpSvc - ok
10:22:32.0409 4624 stexstor - ok
10:22:32.0424 4624 StillCam - ok
10:22:32.0424 4624 stisvc - ok
10:22:32.0440 4624 swenum - ok
10:22:32.0440 4624 swprv - ok
10:22:32.0456 4624 SysMain - ok
10:22:32.0456 4624 TabletInputService - ok
10:22:32.0471 4624 TapiSrv - ok
10:22:32.0487 4624 TBS - ok
10:22:32.0487 4624 Tcpip - ok
10:22:32.0502 4624 TCPIP6 - ok
10:22:32.0502 4624 tcpipreg - ok
10:22:32.0518 4624 TDPIPE - ok
10:22:32.0534 4624 TDTCP - ok
10:22:32.0534 4624 tdx - ok
10:22:32.0549 4624 TermDD - ok
10:22:32.0549 4624 TermService - ok
10:22:32.0565 4624 Themes - ok
10:22:32.0565 4624 THREADORDER - ok
10:22:32.0580 4624 TrkWks - ok
10:22:32.0596 4624 TrustedInstaller - ok
10:22:32.0627 4624 tssecsrv - ok
10:22:32.0643 4624 TsUsbFlt - ok
10:22:32.0658 4624 tunnel - ok
10:22:32.0658 4624 uagp35 - ok
10:22:32.0674 4624 udfs - ok
10:22:32.0690 4624 UI0Detect - ok
10:22:32.0690 4624 uliagpkx - ok
10:22:32.0705 4624 umbus - ok
10:22:32.0705 4624 UmPass - ok
10:22:32.0721 4624 upnphost - ok
10:22:32.0736 4624 usbccgp - ok
10:22:32.0736 4624 usbcir - ok
10:22:32.0752 4624 usbehci - ok
10:22:32.0752 4624 usbhub - ok
10:22:32.0768 4624 usbohci - ok
10:22:32.0768 4624 usbprint - ok
10:22:32.0783 4624 usbscan - ok
10:22:32.0783 4624 USBSTOR - ok
10:22:32.0799 4624 usbuhci - ok
10:22:32.0799 4624 usbvideo - ok
10:22:32.0814 4624 UxSms - ok
10:22:32.0830 4624 VaultSvc - ok
10:22:32.0830 4624 vdrvroot - ok
10:22:32.0846 4624 vds - ok
10:22:32.0846 4624 vga - ok
10:22:32.0861 4624 VgaSave - ok
10:22:32.0861 4624 vhdmp - ok
10:22:32.0877 4624 viaide - ok
10:22:32.0877 4624 volmgr - ok
10:22:32.0892 4624 volmgrx - ok
10:22:32.0908 4624 volsnap - ok
10:22:32.0908 4624 vsmraid - ok
10:22:32.0924 4624 VSS - ok
10:22:32.0924 4624 vwifibus - ok
10:22:32.0939 4624 vwififlt - ok
10:22:32.0955 4624 vwifimp - ok
10:22:32.0955 4624 W32Time - ok
10:22:32.0970 4624 WacomPen - ok
10:22:32.0970 4624 WANARP - ok
10:22:32.0986 4624 Wanarpv6 - ok
10:22:33.0002 4624 WatAdminSvc - ok
10:22:33.0002 4624 wbengine - ok
10:22:33.0017 4624 WbioSrvc - ok
10:22:33.0033 4624 wcncsvc - ok
10:22:33.0033 4624 WcsPlugInService - ok
10:22:33.0048 4624 Wd - ok
10:22:33.0048 4624 Wdf01000 - ok
10:22:33.0064 4624 WdiServiceHost - ok
10:22:33.0064 4624 WdiSystemHost - ok
10:22:33.0080 4624 WebClient - ok
10:22:33.0080 4624 Wecsvc - ok
10:22:33.0095 4624 wercplsupport - ok
10:22:33.0111 4624 WerSvc - ok
10:22:33.0111 4624 WfpLwf - ok
10:22:33.0126 4624 WimFltr - ok
10:22:33.0126 4624 WIMMount - ok
10:22:33.0142 4624 WinHttpAutoProxySvc - ok
10:22:33.0189 4624 Winmgmt - ok
10:22:33.0204 4624 WinRM - ok
10:22:33.0220 4624 WinUsb - ok
10:22:33.0220 4624 Wlansvc - ok
10:22:33.0267 4624 wlidsvc - ok
10:22:33.0298 4624 wltrysvc - ok
10:22:33.0314 4624 WmiAcpi - ok
10:22:33.0345 4624 wmiApSrv - ok
10:22:33.0360 4624 WMPNetworkSvc - ok
10:22:33.0360 4624 WPCSvc - ok
10:22:33.0376 4624 WPDBusEnum - ok
10:22:33.0376 4624 ws2ifsl - ok
10:22:33.0392 4624 WSDPrintDevice - ok
10:22:33.0392 4624 WSearch - ok
10:22:33.0407 4624 wuauserv - ok
10:22:33.0423 4624 WudfPf - ok
10:22:33.0423 4624 WUDFRd - ok
10:22:33.0438 4624 wudfsvc - ok
10:22:33.0454 4624 WwanSvc - ok
10:22:33.0470 4624 ================ Scan global ===============================
10:22:33.0501 4624 [Global] - ok
10:22:33.0501 4624 ================ Scan MBR ==================================
10:22:33.0516 4624 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
10:22:33.0735 4624 \Device\Harddisk0\DR0 - ok
10:22:33.0735 4624 ================ Scan VBR ==================================
10:22:33.0735 4624 [ 24D53E231BDC14B19ADD9640495D5DE8 ] \Device\Harddisk0\DR0\Partition1
10:22:33.0735 4624 \Device\Harddisk0\DR0\Partition1 - ok
10:22:33.0750 4624 [ 9BAF9211AB169B56C6B4FD75FB4BDF66 ] \Device\Harddisk0\DR0\Partition2
10:22:33.0750 4624 \Device\Harddisk0\DR0\Partition2 - ok
10:22:33.0766 4624 ============================================================
10:22:33.0766 4624 Scan finished
10:22:33.0766 4624 ============================================================
10:22:33.0782 10076 Detected object count: 0
10:22:33.0782 10076 Actual detected object count: 0
10:23:41.0034 4748 ============================================================
10:23:41.0034 4748 Scan started
10:23:41.0034 4748 Mode: Manual; TDLFS;
10:23:41.0034 4748 ============================================================
10:23:41.0409 4748 ================ Scan system memory ========================
10:23:41.0409 4748 System memory - ok
10:23:41.0409 4748 ================ Scan services =============================
10:23:41.0456 4748 [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
10:23:41.0471 4748 !SASCORE - ok
10:23:41.0721 4748 0170431358366657mcinstcleanup - ok
10:23:41.0768 4748 1394ohci - ok
10:23:41.0846 4748 ACDaemon - ok
10:23:41.0861 4748 ACPI - ok
10:23:41.0861 4748 AcpiPmi - ok
10:23:41.0924 4748 [ 765FE0463E711E5A68AC7B69538ED922 ] AdobeActiveFileMonitor8.0 c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
10:23:41.0924 4748 AdobeActiveFileMonitor8.0 - ok
10:23:41.0939 4748 AdobeARMservice - ok
10:23:41.0986 4748 AdobeFlashPlayerUpdateSvc - ok
10:23:42.0002 4748 adp94xx - ok
10:23:42.0002 4748 adpahci - ok
10:23:42.0017 4748 adpu320 - ok
10:23:42.0048 4748 AeLookupSvc - ok
10:23:42.0048 4748 AFD - ok
10:23:42.0064 4748 agp440 - ok
10:23:42.0064 4748 ALG - ok
10:23:42.0080 4748 aliide - ok
10:23:42.0080 4748 AMD External Events Utility - ok
10:23:42.0095 4748 amdide - ok
10:23:42.0095 4748 AmdK8 - ok
10:23:42.0111 4748 amdkmdag - ok
10:23:42.0111 4748 amdkmdap - ok
10:23:42.0126 4748 AmdPPM - ok
10:23:42.0126 4748 amdsata - ok
10:23:42.0142 4748 amdsbs - ok
10:23:42.0158 4748 amdxata - ok
10:23:42.0158 4748 androidusb - ok
10:23:42.0158 4748 AppID - ok
10:23:42.0173 4748 AppIDSvc - ok
10:23:42.0173 4748 Appinfo - ok
10:23:42.0236 4748 [ 20F6F19FE9E753F2780DC2FA083AD597 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:23:42.0236 4748 Apple Mobile Device - ok
10:23:42.0236 4748 arc - ok
10:23:42.0251 4748 arcsas - ok
10:23:42.0251 4748 AsyncMac - ok
10:23:42.0267 4748 atapi - ok
10:23:42.0282 4748 AtiPcie - ok
10:23:42.0282 4748 AudioEndpointBuilder - ok
10:23:42.0298 4748 AudioSrv - ok
10:23:42.0298 4748 AxInstSV - ok
10:23:42.0314 4748 b06bdrv - ok
10:23:42.0314 4748 b57nd60a - ok
10:23:42.0360 4748 BBSvc - ok
10:23:42.0360 4748 BCM42RLY - ok
10:23:42.0376 4748 BCM43XX - ok
10:23:42.0392 4748 BcmVWL - ok
10:23:42.0392 4748 BDESVC - ok
10:23:42.0392 4748 Beep - ok
10:23:42.0423 4748 BITS - ok
10:23:42.0423 4748 blbdrive - ok
10:23:42.0470 4748 [ 1C87705CCB2F60172B0FC86B5D82F00D ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
10:23:42.0470 4748 Bonjour Service - ok
10:23:42.0485 4748 bowser - ok
10:23:42.0501 4748 BrFiltLo - ok
10:23:42.0501 4748 BrFiltUp - ok
10:23:42.0516 4748 Browser - ok
10:23:42.0516 4748 Brserid - ok
10:23:42.0532 4748 BrSerWdm - ok
10:23:42.0532 4748 BrUsbMdm - ok
10:23:42.0548 4748 BrUsbSer - ok
10:23:42.0548 4748 BTHMODEM - ok
10:23:42.0563 4748 bthserv - ok
10:23:42.0563 4748 cdfs - ok
10:23:42.0579 4748 cdrom - ok
10:23:42.0594 4748 CertPropSvc - ok
10:23:42.0610 4748 cfwids - ok
10:23:42.0610 4748 circlass - ok
10:23:42.0626 4748 CLFS - ok
10:23:42.0672 4748 clr_optimization_v2.0.50727_32 - ok
10:23:42.0704 4748 clr_optimization_v2.0.50727_64 - ok
10:23:42.0719 4748 clr_optimization_v4.0.30319_32 - ok
10:23:42.0719 4748 clr_optimization_v4.0.30319_64 - ok
10:23:42.0735 4748 CmBatt - ok
10:23:42.0735 4748 cmdide - ok
10:23:42.0750 4748 CNG - ok
10:23:42.0750 4748 Compbatt - ok
10:23:42.0766 4748 CompositeBus - ok
10:23:42.0766 4748 COMSysApp - ok
10:23:42.0782 4748 crcdisk - ok
10:23:42.0813 4748 CryptSvc - ok
10:23:42.0828 4748 DcomLaunch - ok
10:23:42.0828 4748 defragsvc - ok
10:23:42.0891 4748 DellOSDservice - ok
10:23:42.0906 4748 DfsC - ok
10:23:42.0922 4748 Dhcp - ok
10:23:42.0922 4748 discache - ok
10:23:42.0938 4748 Disk - ok
10:23:42.0953 4748 Dnscache - ok
10:23:42.0953 4748 dot3svc - ok
10:23:42.0969 4748 Dot4 - ok
10:23:42.0969 4748 Dot4Print - ok
10:23:42.0984 4748 dot4usb - ok
10:23:42.0984 4748 DPS - ok
10:23:43.0000 4748 drmkaud - ok
10:23:43.0000 4748 DXGKrnl - ok
10:23:43.0016 4748 EapHost - ok
10:23:43.0031 4748 ebdrv - ok
10:23:43.0031 4748 EFS - ok
10:23:43.0062 4748 ehRecvr - ok
10:23:43.0062 4748 ehSched - ok
10:23:43.0078 4748 elxstor - ok
10:23:43.0078 4748 ErrDev - ok
10:23:43.0094 4748 EventSystem - ok
10:23:43.0109 4748 exfat - ok
10:23:43.0109 4748 fastfat - ok
10:23:43.0125 4748 Fax - ok
10:23:43.0125 4748 fdc - ok
10:23:43.0140 4748 fdPHost - ok
10:23:43.0140 4748 FDResPub - ok
10:23:43.0140 4748 FileInfo - ok
10:23:43.0156 4748 Filetrace - ok
10:23:43.0187 4748 FLEXnet Licensing Service - ok
10:23:43.0203 4748 flpydisk - ok
10:23:43.0203 4748 FltMgr - ok
10:23:43.0218 4748 FontCache - ok
10:23:43.0234 4748 FontCache3.0.0.0 - ok
10:23:43.0250 4748 FsDepends - ok
10:23:43.0250 4748 Fs_Rec - ok
10:23:43.0265 4748 fvevol - ok
10:23:43.0265 4748 gagp30kx - ok
10:23:43.0281 4748 GEARAspiWDM - ok
10:23:43.0296 4748 GoToAssist - ok
10:23:43.0296 4748 gpsvc - ok
10:23:43.0359 4748 gupdate - ok
10:23:43.0359 4748 gupdatem - ok
10:23:43.0374 4748 gusvc - ok
10:23:43.0390 4748 hcw85cir - ok
10:23:43.0406 4748 HDAudBus - ok
10:23:43.0406 4748 HidBatt - ok
10:23:43.0421 4748 HidBth - ok
10:23:43.0421 4748 HidIr - ok
10:23:43.0437 4748 hidserv - ok
10:23:43.0437 4748 HidUsb - ok
10:23:43.0452 4748 HipShieldK - ok
10:23:43.0452 4748 hkmsvc - ok
10:23:43.0468 4748 HomeGroupListener - ok
10:23:43.0484 4748 HomeGroupProvider - ok
10:23:43.0530 4748 HomeNetSvc - ok
10:23:43.0546 4748 hpqcxs08 - ok
10:23:43.0546 4748 hpqddsvc - ok
10:23:43.0546 4748 HpSAMD - ok
10:23:43.0562 4748 HPSLPSVC - ok
10:23:43.0562 4748 HTTP - ok
10:23:43.0577 4748 hwpolicy - ok
10:23:43.0577 4748 i8042prt - ok
10:23:43.0593 4748 iaStorV - ok
10:23:43.0608 4748 idsvc - ok
10:23:43.0624 4748 iirsp - ok
10:23:43.0640 4748 IKEEXT - ok
10:23:43.0655 4748 IntcAzAudAddService - ok
10:23:43.0655 4748 intelide - ok
10:23:43.0671 4748 intelppm - ok
10:23:43.0671 4748 IPBusEnum - ok
10:23:43.0686 4748 IpFilterDriver - ok
10:23:43.0686 4748 IPMIDRV - ok
10:23:43.0702 4748 IPNAT - ok
10:23:43.0718 4748 iPod Service - ok
10:23:43.0733 4748 IRENUM - ok
10:23:43.0733 4748 isapnp - ok
10:23:43.0733 4748 iScsiPrt - ok
10:23:43.0749 4748 kbdclass - ok
10:23:43.0764 4748 kbdhid - ok
10:23:43.0764 4748 KeyIso - ok
10:23:43.0780 4748 KSecDD - ok
10:23:43.0780 4748 KSecPkg - ok
10:23:43.0796 4748 ksthunk - ok
10:23:43.0796 4748 KtmRm - ok
10:23:43.0811 4748 LanmanServer - ok
10:23:43.0811 4748 LanmanWorkstation - ok
10:23:43.0827 4748 lltdio - ok
10:23:43.0827 4748 lltdsvc - ok
10:23:43.0842 4748 lmhosts - ok
10:23:43.0858 4748 LSI_FC - ok
10:23:43.0858 4748 LSI_SAS - ok
10:23:43.0874 4748 LSI_SAS2 - ok
10:23:43.0874 4748 LSI_SCSI - ok
10:23:43.0889 4748 luafv - ok
10:23:43.0920 4748 McAfee SiteAdvisor Service - ok
10:23:43.0936 4748 McComponentHostService - ok
10:23:43.0936 4748 McMPFSvc - ok
10:23:43.0936 4748 McNaiAnn - ok
10:23:43.0983 4748 McODS - ok
10:23:43.0983 4748 mcpltsvc - ok
10:23:43.0998 4748 McProxy - ok
10:23:43.0998 4748 Mcx2Svc - ok
10:23:44.0014 4748 megasas - ok
10:23:44.0014 4748 MegaSR - ok
10:23:44.0030 4748 mfeapfk - ok
10:23:44.0030 4748 mfeavfk - ok
10:23:44.0045 4748 mfeavfk01 - ok
10:23:44.0061 4748 mfecore - ok
10:23:44.0092 4748 mfefire - ok
10:23:44.0092 4748 mfefirek - ok
10:23:44.0123 4748 [ 62E4C929A4DB48616B1B90143B48C948 ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
10:23:44.0139 4748 mfehidk - ok
10:23:44.0139 4748 mfencbdc - ok
10:23:44.0154 4748 mfencrk - ok
10:23:44.0170 4748 mfevtp - ok
10:23:44.0186 4748 mfewfpk - ok
10:23:44.0186 4748 MMCSS - ok
10:23:44.0217 4748 MOBKbackup - ok
10:23:44.0217 4748 MOBKFilter - ok
10:23:44.0217 4748 Modem - ok
10:23:44.0232 4748 monitor - ok
10:23:44.0232 4748 mouclass - ok
10:23:44.0248 4748 mouhid - ok
10:23:44.0248 4748 mountmgr - ok
10:23:44.0264 4748 mpio - ok
10:23:44.0264 4748 mpsdrv - ok
10:23:44.0279 4748 MRxDAV - ok
10:23:44.0279 4748 mrxsmb - ok
10:23:44.0295 4748 mrxsmb10 - ok
10:23:44.0295 4748 mrxsmb20 - ok
10:23:44.0310 4748 msahci - ok
10:23:44.0310 4748 msdsm - ok
10:23:44.0326 4748 MSDTC - ok
10:23:44.0342 4748 Msfs - ok
10:23:44.0342 4748 mshidkmdf - ok
10:23:44.0357 4748 msisadrv - ok
10:23:44.0373 4748 MSiSCSI - ok
10:23:44.0373 4748 msiserver - ok
10:23:44.0373 4748 MSK80Service - ok
10:23:44.0388 4748 MSKSSRV - ok
10:23:44.0388 4748 MSPCLOCK - ok
10:23:44.0404 4748 MSPQM - ok
10:23:44.0404 4748 MsRPC - ok
10:23:44.0420 4748 mssmbios - ok
10:23:44.0435 4748 MSTEE - ok
10:23:44.0435 4748 MTConfig - ok
10:23:44.0451 4748 Mup - ok
10:23:44.0451 4748 napagent - ok
10:23:44.0466 4748 NativeWifiP - ok
10:23:44.0466 4748 NDIS - ok
10:23:44.0482 4748 NdisCap - ok
10:23:44.0482 4748 NdisTapi - ok
10:23:44.0498 4748 Ndisuio - ok
10:23:44.0498 4748 NdisWan - ok
10:23:44.0513 4748 NDProxy - ok
10:23:44.0529 4748 Net Driver HPZ12 - ok
10:23:44.0529 4748 NetBIOS - ok
10:23:44.0544 4748 NetBT - ok
10:23:44.0544 4748 Netlogon - ok
10:23:44.0560 4748 Netman - ok
10:23:44.0560 4748 netprofm - ok
10:23:44.0560 4748 NetTcpPortSharing - ok
10:23:44.0576 4748 nfrd960 - ok
10:23:44.0591 4748 NlaSvc - ok
10:23:44.0591 4748 Npfs - ok
10:23:44.0607 4748 nsi - ok
10:23:44.0607 4748 nsiproxy - ok
10:23:44.0622 4748 Ntfs - ok
10:23:44.0622 4748 Null - ok
10:23:44.0638 4748 nuviocir - ok
10:23:44.0638 4748 nvraid - ok
10:23:44.0654 4748 nvstor - ok
10:23:44.0654 4748 nv_agp - ok
10:23:44.0669 4748 ohci1394 - ok
10:23:44.0700 4748 ose - ok
10:23:44.0732 4748 osppsvc - ok
10:23:44.0747 4748 p2pimsvc - ok
10:23:44.0763 4748 p2psvc - ok
10:23:44.0778 4748 Parport - ok
10:23:44.0778 4748 partmgr - ok
10:23:44.0794 4748 PcaSvc - ok
10:23:44.0794 4748 pci - ok
10:23:44.0810 4748 pciide - ok
10:23:44.0810 4748 pcmcia - ok
10:23:44.0825 4748 pcw - ok
10:23:44.0825 4748 PEAUTH - ok
10:23:44.0888 4748 PerfHost - ok
10:23:44.0903 4748 pla - ok
10:23:44.0903 4748 PlugPlay - ok
10:23:44.0919 4748 Pml Driver HPZ12 - ok
10:23:44.0934 4748 PNRPAutoReg - ok
10:23:44.0934 4748 PNRPsvc - ok
10:23:44.0950 4748 PolicyAgent - ok
10:23:44.0950 4748 Power - ok
10:23:44.0966 4748 PptpMiniport - ok
10:23:44.0966 4748 Processor - ok
10:23:44.0981 4748 ProfSvc - ok
10:23:44.0981 4748 ProtectedStorage - ok
10:23:44.0997 4748 Psched - ok
10:23:44.0997 4748 PxHlpa64 - ok
10:23:45.0012 4748 ql2300 - ok
10:23:45.0012 4748 ql40xx - ok
10:23:45.0028 4748 QWAVE - ok
10:23:45.0028 4748 QWAVEdrv - ok
10:23:45.0044 4748 RasAcd - ok
10:23:45.0059 4748 RasAgileVpn - ok
10:23:45.0059 4748 RasAuto - ok
10:23:45.0075 4748 Rasl2tp - ok
10:23:45.0090 4748 RasMan - ok
10:23:45.0106 4748 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
10:23:45.0106 4748 RasPppoe - ok
10:23:45.0106 4748 RasSstp - ok
10:23:45.0122 4748 rdbss - ok
10:23:45.0122 4748 rdpbus - ok
10:23:45.0137 4748 RDPCDD - ok
10:23:45.0153 4748 RDPENCDD - ok
10:23:45.0153 4748 RDPREFMP - ok
10:23:45.0168 4748 RDPWD - ok
10:23:45.0168 4748 rdyboost - ok
10:23:45.0184 4748 RemoteAccess - ok
10:23:45.0184 4748 RemoteRegistry - ok
10:23:45.0200 4748 RpcEptMapper - ok
10:23:45.0200 4748 RpcLocator - ok
10:23:45.0215 4748 RpcSs - ok
10:23:45.0215 4748 rspndr - ok
10:23:45.0231 4748 RTL8167 - ok
10:23:45.0231 4748 SamSs - ok
10:23:45.0262 4748 SASDIFSV - ok
10:23:45.0278 4748 SASKUTIL - ok
10:23:45.0278 4748 sbp2port - ok
10:23:45.0293 4748 SCardSvr - ok
10:23:45.0309 4748 scfilter - ok
10:23:45.0309 4748 Schedule - ok
10:23:45.0324 4748 SCPolicySvc - ok
10:23:45.0324 4748 SDRSVC - ok
10:23:45.0387 4748 SeaPort - ok
10:23:45.0387 4748 secdrv - ok
10:23:45.0402 4748 seclogon - ok
10:23:45.0418 4748 SENS - ok
10:23:45.0418 4748 SensrSvc - ok
10:23:45.0434 4748 Serenum - ok
10:23:45.0434 4748 Serial - ok
10:23:45.0449 4748 sermouse - ok
10:23:45.0465 4748 SessionEnv - ok
10:23:45.0480 4748 sffdisk - ok
10:23:45.0480 4748 sffp_mmc - ok
10:23:45.0480 4748 sffp_sd - ok
10:23:45.0496 4748 sfloppy - ok
10:23:45.0543 4748 [ 38F88F0DF46C4D42125EF721ABD7F6B9 ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
10:23:45.0558 4748 SftService - ok
10:23:45.0558 4748 ShellHWDetection - ok
10:23:45.0574 4748 SiSRaid2 - ok
10:23:45.0574 4748 SiSRaid4 - ok
10:23:45.0605 4748 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
10:23:45.0605 4748 SkypeUpdate - ok
10:23:45.0605 4748 Smb - ok
10:23:45.0621 4748 SNMPTRAP - ok
10:23:45.0636 4748 spldr - ok
10:23:45.0636 4748 Spooler - ok
10:23:45.0652 4748 sppsvc - ok
10:23:45.0652 4748 sppuinotify - ok
10:23:45.0683 4748 [ D630B6F2E8379B6F10DC16E82A426552 ] sprtsvc_DellComms C:\Program Files (x86)\Dell\DellComms\bin\sprtsvc.exe
10:23:45.0699 4748 sprtsvc_DellComms - ok
10:23:45.0699 4748 srv - ok
10:23:45.0714 4748 srv2 - ok
10:23:45.0714 4748 srvnet - ok
10:23:45.0730 4748 SSDPSRV - ok
10:23:45.0730 4748 SstpSvc - ok
10:23:45.0746 4748 stexstor - ok
10:23:45.0746 4748 StillCam - ok
10:23:45.0761 4748 stisvc - ok
10:23:45.0761 4748 swenum - ok
10:23:45.0777 4748 swprv - ok
10:23:45.0777 4748 SysMain - ok
10:23:45.0792 4748 TabletInputService - ok
10:23:45.0792 4748 TapiSrv - ok
10:23:45.0808 4748 TBS - ok
10:23:45.0808 4748 Tcpip - ok
10:23:45.0824 4748 TCPIP6 - ok
10:23:45.0839 4748 tcpipreg - ok
10:23:45.0839 4748 TDPIPE - ok
10:23:45.0855 4748 TDTCP - ok
10:23:45.0870 4748 tdx - ok
10:23:45.0870 4748 TermDD - ok
10:23:45.0870 4748 TermService - ok
10:23:45.0886 4748 Themes - ok
10:23:45.0902 4748 THREADORDER - ok
10:23:45.0917 4748 TrkWks - ok
10:23:45.0948 4748 TrustedInstaller - ok
10:23:45.0964 4748 tssecsrv - ok
10:23:45.0964 4748 TsUsbFlt - ok
10:23:45.0980 4748 tunnel - ok
10:23:45.0980 4748 uagp35 - ok
10:23:45.0995 4748 udfs - ok
10:23:46.0011 4748 UI0Detect - ok
10:23:46.0011 4748 uliagpkx - ok
10:23:46.0026 4748 umbus - ok
10:23:46.0026 4748 UmPass - ok
10:23:46.0042 4748 upnphost - ok
10:23:46.0042 4748 usbccgp - ok
10:23:46.0058 4748 usbcir - ok
10:23:46.0058 4748 usbehci - ok
10:23:46.0073 4748 usbhub - ok
10:23:46.0089 4748 usbohci - ok
10:23:46.0089 4748 usbprint - ok
10:23:46.0104 4748 usbscan - ok
10:23:46.0104 4748 USBSTOR - ok
10:23:46.0120 4748 usbuhci - ok
10:23:46.0120 4748 usbvideo - ok
10:23:46.0136 4748 UxSms - ok
10:23:46.0136 4748 VaultSvc - ok
10:23:46.0151 4748 vdrvroot - ok
10:23:46.0151 4748 vds - ok
10:23:46.0167 4748 vga - ok
10:23:46.0167 4748 VgaSave - ok
10:23:46.0182 4748 vhdmp - ok
10:23:46.0198 4748 viaide - ok
10:23:46.0198 4748 volmgr - ok
10:23:46.0214 4748 volmgrx - ok
10:23:46.0214 4748 volsnap - ok
10:23:46.0229 4748 vsmraid - ok
10:23:46.0229 4748 VSS - ok
10:23:46.0245 4748 vwifibus - ok
10:23:46.0245 4748 vwififlt - ok
10:23:46.0260 4748 vwifimp - ok
10:23:46.0260 4748 W32Time - ok
10:23:46.0276 4748 WacomPen - ok
10:23:46.0276 4748 WANARP - ok
10:23:46.0292 4748 Wanarpv6 - ok
10:23:46.0307 4748 WatAdminSvc - ok
10:23:46.0323 4748 wbengine - ok
10:23:46.0323 4748 WbioSrvc - ok
10:23:46.0338 4748 wcncsvc - ok
10:23:46.0338 4748 WcsPlugInService - ok
10:23:46.0354 4748 Wd - ok
10:23:46.0354 4748 Wdf01000 - ok
10:23:46.0370 4748 WdiServiceHost - ok
10:23:46.0370 4748 WdiSystemHost - ok
10:23:46.0385 4748 WebClient - ok
10:23:46.0401 4748 Wecsvc - ok
10:23:46.0401 4748 wercplsupport - ok
10:23:46.0416 4748 WerSvc - ok
10:23:46.0416 4748 WfpLwf - ok
10:23:46.0432 4748 WimFltr - ok
10:23:46.0432 4748 WIMMount - ok
10:23:46.0448 4748 WinHttpAutoProxySvc - ok
10:23:46.0463 4748 Winmgmt - ok
10:23:46.0479 4748 WinRM - ok
10:23:46.0494 4748 WinUsb - ok
10:23:46.0494 4748 Wlansvc - ok
10:23:46.0526 4748 wlidsvc - ok
10:23:46.0557 4748 wltrysvc - ok
10:23:46.0572 4748 WmiAcpi - ok
10:23:46.0588 4748 wmiApSrv - ok
10:23:46.0604 4748 WMPNetworkSvc - ok
10:23:46.0619 4748 WPCSvc - ok
10:23:46.0619 4748 WPDBusEnum - ok
10:23:46.0635 4748 ws2ifsl - ok
10:23:46.0635 4748 WSDPrintDevice - ok
10:23:46.0650 4748 WSearch - ok
10:23:46.0650 4748 wuauserv - ok
10:23:46.0666 4748 WudfPf - ok
10:23:46.0666 4748 WUDFRd - ok
10:23:46.0682 4748 wudfsvc - ok
10:23:46.0697 4748 WwanSvc - ok
10:23:46.0713 4748 ================ Scan global ===============================
10:23:46.0760 4748 [Global] - ok
10:23:46.0760 4748 ================ Scan MBR ==================================
10:23:46.0775 4748 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
10:23:46.0994 4748 \Device\Harddisk0\DR0 - ok
10:23:47.0009 4748 ================ Scan VBR ==================================
10:23:47.0025 4748 [ 24D53E231BDC14B19ADD9640495D5DE8 ] \Device\Harddisk0\DR0\Partition1
10:23:47.0025 4748 \Device\Harddisk0\DR0\Partition1 - ok
10:23:47.0072 4748 [ 9BAF9211AB169B56C6B4FD75FB4BDF66 ] \Device\Harddisk0\DR0\Partition2
10:23:47.0072 4748 \Device\Harddisk0\DR0\Partition2 - ok
10:23:47.0087 4748 ============================================================
10:23:47.0087 4748 Scan finished
10:23:47.0087 4748 ============================================================
10:23:47.0118 8796 Detected object count: 0
10:23:47.0118 8796 Actual detected object count: 0

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.01.15.12

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
johnsherry :: JOHNSHERRY-PC [administrator]

1/17/2013 10:27:24 AM
mbam-log-2013-01-17 (10-27-24).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 224196
Time elapsed: 13 minute(s), 12 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 2
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|Load (PUM.UserWLoad) -> Data: C:\Users\JOHNSH~1\LOCALS~1\Temp\msaaxoaa.com -> Delete on reboot.
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|Load (Trojan.Ransom) -> Data: C:\Users\JOHNSH~1\LOCALS~1\Temp\msaaxoaa.com -> Delete on reboot.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.01.15.12

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
johnsherry :: JOHNSHERRY-PC [administrator]

1/17/2013 10:27:24 AM
mbam-log-2013-01-17 (10-27-24).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 224196
Time elapsed: 13 minute(s), 12 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 2
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|Load (PUM.UserWLoad) -> Data: C:\Users\JOHNSH~1\LOCALS~1\Temp\msaaxoaa.com -> Delete on reboot.
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|Load (Trojan.Ransom) -> Data: C:\Users\JOHNSH~1\LOCALS~1\Temp\msaaxoaa.com -> Delete on reboot.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

ESET Log

C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\UpdateWorkingDirectory\DSL\Components\DSUpdate\hstart.exe a variant of Win32/HiddenStart.A application cleaned by deleting - quarantined
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\UpdateWorkingDirectory\DSL\hstart.exe a variant of Win32/HiddenStart.A application cleaned by deleting - quarantined
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe a variant of Win32/HiddenStart.A application cleaned by deleting - quarantined
C:\Program Files (x86)\Dell DataSafe Local Backup\hstart.exe a variant of Win32/HiddenStart.A application cleaned by deleting - quarantined
C:\Users\johnsherry\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58\54108a3a-52506898 a variant of Java/Exploit.CVE-2013-0422.K trojan deleted - quarantined

Edited by johnsherry, 17 January 2013 - 07:34 PM.


#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,199 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:00 AM

Posted 17 January 2013 - 09:56 PM

Hello, please uninstall this and reboot. Then install this Windows Offline Java Installer (64-bit)

I am asking someone to come here as there are several issues to fix.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,698 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:05:00 AM

Posted 17 January 2013 - 11:27 PM

boopme asked me to take a look here...

Please download Farbar Service Scanner Download Link and run it on the computer with the issue.
  • Make sure the following options are checked:

    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#9 johnsherry

johnsherry
  • Topic Starter

  • Members
  • 59 posts
  • OFFLINE
  •  
  • Local time:07:00 AM

Posted 18 January 2013 - 07:40 AM

I removed the old JAVA programs and installed the one from the link. Here is the scan.

Thanks!

John


Farbar Service Scanner Version: 16-01-2013
Ran by johnsherry (administrator) on 18-01-2013 at 06:38:05
Running from "C:\Users\johnsherry\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6GMUIMIV"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============
Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.
Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist.
Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to retrieve ServiceDll of SharedAccess. The value does not exist.
Checking Start type of iphlpsvc: ATTENTION!=====> Unable to open iphlpsvc registry key. The service key does not exist.
Checking ImagePath of iphlpsvc: ATTENTION!=====> Unable to open iphlpsvc registry key. The service key does not exist.
Checking ServiceDll of iphlpsvc: ATTENTION!=====> Unable to open iphlpsvc registry key. The service key does not exist.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#10 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,698 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:05:00 AM

Posted 18 January 2013 - 04:33 PM

We have several registry keys missing.

Download Windows Repair (all in one) from this site

Install the program then run it.

Go to Step 2 and allow it to run CheckDisk by clicking on Do It button:

Posted Image



Once that is done then go to Step 3 and allow it to run System File Check by clicking on Do It button:

Posted Image


Go to Step 4 and under "System Restore" click on Create button:

Posted Image


Go to Start Repairs tab and click Start button.

Posted Image


Please ensure that ONLY items seen in the image below are ticked as indicated (they're all checked by default):

Posted Image

Click on box next to the Restart System when Finished. Then click on Start.

Post new FSS log.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#11 johnsherry

johnsherry
  • Topic Starter

  • Members
  • 59 posts
  • OFFLINE
  •  
  • Local time:07:00 AM

Posted 19 January 2013 - 09:45 AM

Thanks,

It will be a while before I can post results.

John

#12 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,698 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:05:00 AM

Posted 19 January 2013 - 12:10 PM

Posted Image

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#13 johnsherry

johnsherry
  • Topic Starter

  • Members
  • 59 posts
  • OFFLINE
  •  
  • Local time:07:00 AM

Posted 19 January 2013 - 06:01 PM

The Coolest BC Computer

I ran the Windows Repair from Tweaking.com. Here is the latest FSS Log:

Thanks!

John


Farbar Service Scanner Version: 16-01-2013
Ran by johnsherry (administrator) on 19-01-2013 at 16:57:15
Running from "C:\Users\johnsherry\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J4Q0I5QG"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============
Checking Start type of iphlpsvc: ATTENTION!=====> Unable to open iphlpsvc registry key. The service key does not exist.
Checking ImagePath of iphlpsvc: ATTENTION!=====> Unable to open iphlpsvc registry key. The service key does not exist.
Checking ServiceDll of iphlpsvc: ATTENTION!=====> Unable to open iphlpsvc registry key. The service key does not exist.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#14 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,698 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:05:00 AM

Posted 19 January 2013 - 06:49 PM

We still have couple registry keys missing.

Following steps involve registry editing. Please create new restore point before proceeding!!!
How to:
XP - http://support.microsoft.com/kb/948247
Vista and Seven - http://www.howtogeek.com/howto/windows-vista/create-a-restore-point-for-windows-vistas-system-restore/


Download iphlpsvc.reg file from here: http://download.bleepingcomputer.com/win-services/7/iphlpsvc.reg
Download WinDefend.reg file from here: http://download.bleepingcomputer.com/win-services/7/WinDefend.reg

Double click on iphlpsvc.reg file and confirm the prompt.
Double click on WinDefend.reg file and confirm the prompt.

Restart computer.
Post new FSS log.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#15 johnsherry

johnsherry
  • Topic Starter

  • Members
  • 59 posts
  • OFFLINE
  •  
  • Local time:07:00 AM

Posted 19 January 2013 - 07:40 PM

Here is the log. I checked out your website-very nice! Will you advise me how to activate Windows Defender?



Farbar Service Scanner Version: 16-01-2013
Ran by johnsherry (administrator) on 19-01-2013 at 18:38:38
Running from "C:\Users\johnsherry\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X6QH1Q21"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend: "%ProgramFiles(x86)%\Windows Defender\mpsvc.dll".


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users