Jump to content

guitarion

Honorary Members
 View Profile  See their activity

  • Posts

    25

  • Joined

  • Last visited

Reputation

0 Neutral
  1. guitarion
    k i will call him. This issue was deeper than I was expecting. :/ ( was hoping for a easy resolve oh well . thank you for your help MrC you are the man!)
  2. guitarion
    its a lenovo x220 tablet pc with windows 7 enterprise. not sure how to tell if it has a recovery partition.
  3. guitarion
    Can you recommend a place to download a windows 7 recovery disk possibly free? And if so walk me through the back up of my work programs and restore them to the system?
  4. guitarion
    http://systemdiscs.com/?utm_source=neosmart&utm_medium=article&utm_campaign=Win7_Recoveryshould I pay n download a recovery disk from this site:
  5. guitarion
    I would but this is a work computer It came preloaded with windows 7. I dont have the windows 7 disk. I have a re-image drive that came with it as well as a back up drive that was used to transfer my old info to the new computer.
  6. guitarion
    Plug n play is missing? I found PNRP service but couldnt find PNP anywhere?
  7. guitarion
    around 9:15 this morning I donwloaded and started to scan the computer with it. It scanned for maybe 5 seconds before i read your post canceled the scan and removed the program from the computer.
  8. guitarion
    Do you think that this may be a registry issue?
  9. guitarion
    I almost ran it but stopped it as it was checking my system. Hope I caught it before anything happened. My main issues are the device manager and adpater settings displaying zero info. I just open a blank page nothing on it.
  10. guitarion
    I will try that program. I have noticed that my change adapter settings and device manager are blank there is no information in the boxes when they are open?
  11. guitarion
    I hope I did this right. I tried my best to disable my McAfee the webpage that shows you how to disable it wasnt applying to the McAfee service I have. Any way here is the text. ComboFix 12-08-17.03 - nietoa1 08/17/2012 16:28:03.1.4 - x86 Microsoft Windows 7 Enterprise 6.1.7601.1.1252.1.1033.18.3493.2483 [GMT -7:00] Running from: c:\users\nietoa1\Desktop\ComboFix.exe AV: McAfee VirusScan Enterprise *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637} SP: McAfee VirusScan Enterprise Antispyware Module *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . C:\Install.exe c:\programdata\Roaming c:\users\Administrator\AppData\Roaming\3VR c:\windows\system32\msMAsk32.ocx . . ((((((((((((((((((((((((( Files Created from 2012-07-17 to 2012-08-17 ))))))))))))))))))))))))))))))) . . 2012-08-16 03:39 . 2012-08-16 03:58 -------- d-----w- c:\program files\Free Window Registry Repair 2012-08-16 03:05 . 2012-08-16 03:05 -------- d--h--w- c:\windows\system32\WLANProfiles 2012-08-16 03:04 . 2012-08-16 03:04 -------- d-----w- c:\users\Public\Roaming 2012-08-16 03:04 . 2012-08-16 03:04 -------- d-----w- c:\users\Default\Roaming 2012-08-16 03:04 . 2012-08-16 03:04 -------- d-----w- c:\users\Administrator\Roaming 2012-08-16 03:04 . 2012-08-16 03:04 -------- d-----w- c:\programdata\Intel 2012-08-16 02:31 . 2012-08-16 02:31 -------- d-----w- c:\program files\ThinkPad 2012-08-16 01:36 . 2012-08-16 01:36 -------- d-----w- c:\programdata\PPR_KPI 2012-08-15 17:05 . 2012-08-15 17:05 -------- d-----w- c:\programdata\Malwarebytes 2012-08-15 16:48 . 2012-08-15 16:48 14664 ----a-w- c:\windows\stinger.sys 2012-08-15 16:47 . 2012-08-15 17:01 -------- d-----w- c:\program files\stinger 2012-08-15 15:19 . 2012-08-15 15:27 -------- d-----w- C:\TDSSKiller_Quarantine 2012-08-14 00:58 . 2012-08-17 23:29 -------- d-----w- C:\Quarantine 2012-08-14 00:57 . 2012-08-14 00:57 -------- d-----w- c:\windows\Sun 2012-08-09 00:42 . 2012-08-09 00:42 -------- d--h--w- c:\programdata\CanonIJScan 2012-08-09 00:20 . 2012-08-09 00:38 -------- d-----w- c:\program files\Canon 2012-08-09 00:20 . 2012-08-09 00:20 -------- d-----w- c:\programdata\Canon IJ Network Tool 2012-08-09 00:16 . 2012-08-09 00:16 -------- d-----w- c:\windows\system32\STRING 2012-08-09 00:16 . 2010-02-05 17:37 34816 ----a-w- c:\windows\system32\CNMNPUI.DLL 2012-08-09 00:16 . 2010-02-05 17:37 340992 ----a-w- c:\windows\system32\CNMNPPM.DLL 2012-08-08 22:59 . 2012-08-08 22:59 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help 2012-08-08 22:58 . 2012-08-08 22:58 -------- d-sh--w- c:\windows\system32\%APPDATA% 2012-08-08 02:50 . 2012-08-16 03:04 -------- d-----w- c:\users\Temp 2012-08-08 02:06 . 2012-08-08 02:06 -------- d--h--w- c:\windows\system32\CanonIJ Uninstaller Information 2012-08-08 02:05 . 2012-08-08 02:05 -------- d--h--w- c:\programdata\CanonBJ 2012-08-08 02:05 . 2010-08-25 12:00 73216 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\CNMPPA9.DLL 2012-08-08 02:05 . 2010-08-25 12:00 27648 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\CNMPDA9.DLL 2012-08-08 02:05 . 2010-08-25 12:00 290816 ----a-w- c:\windows\system32\CNMLMA9.DLL 2012-08-08 02:04 . 2010-03-19 02:25 307200 ----a-w- c:\windows\system32\CNC495L.dll 2012-08-08 02:04 . 2010-03-19 00:12 1335296 ----a-w- c:\windows\system32\CNC495C.dll 2012-08-08 02:04 . 2010-03-19 00:12 114688 ----a-w- c:\windows\system32\CNC495I.dll 2012-08-08 02:04 . 2010-03-19 00:11 106496 ----a-w- c:\windows\system32\CNC495U.dll 2012-08-08 02:04 . 2008-08-26 01:02 15872 ----a-w- c:\windows\system32\CNHMCA.dll 2012-08-07 23:17 . 2012-08-16 03:04 -------- d-----w- c:\users\nietoa1 2012-08-02 07:08 . 2012-08-02 03:14 -------- d-----w- c:\windows\Panther 2012-08-02 06:52 . 2010-07-26 22:08 51472 ----a-w- c:\windows\system32\drivers\tcusb.sys 2012-08-02 06:11 . 2012-08-16 03:04 -------- d-----w- c:\program files\Common Files\Intel 2012-08-02 06:11 . 2012-08-16 03:04 -------- d-----w- c:\program files\Intel 2012-08-02 06:11 . 2012-08-02 06:11 -------- d-----w- C:\Intel 2012-08-02 04:18 . 2012-08-02 04:17 74848 ----a-w- c:\windows\system32\MfeOtlkAddin.dll 2012-08-02 04:18 . 2012-08-02 04:17 22816 ----a-w- c:\windows\system32\MFEOtlk.dll 2012-08-02 04:18 . 2012-08-02 04:17 9344 ----a-w- c:\windows\system32\drivers\mfeclnk.sys 2012-08-02 04:18 . 2012-08-15 16:47 87656 ----a-w- c:\windows\system32\drivers\mferkdet.sys 2012-08-02 04:18 . 2012-08-02 04:17 59288 ----a-w- c:\windows\system32\drivers\mfebopk.sys 2012-08-02 04:18 . 2012-08-02 04:17 180072 ----a-w- c:\windows\system32\drivers\mfeavfk.sys 2012-08-02 04:18 . 2012-08-02 04:17 119968 ----a-w- c:\windows\system32\drivers\mfeapfk.sys 2012-08-02 04:18 . 2012-08-15 16:47 475704 ----a-w- c:\windows\system32\drivers\mfehidk.sys 2012-08-02 04:18 . 2012-08-15 16:47 159608 ----a-w- c:\windows\system32\mfevtps.exe 2012-08-02 04:18 . 2012-08-02 04:17 164840 ----a-w- c:\windows\system32\drivers\mfewfpk.sys 2012-08-02 04:17 . 2012-08-02 04:18 -------- d-----w- c:\program files\Common Files\McAfee 2012-08-02 04:17 . 2012-08-02 04:17 -------- d-----w- c:\users\Administrator\AppData\Roaming\McAfee 2012-08-02 04:16 . 2012-08-08 01:22 -------- d-----w- c:\programdata\McAfee 2012-08-02 04:16 . 2012-08-07 23:31 -------- d-----w- c:\program files\McAfee 2012-08-02 04:15 . 2012-08-02 04:15 -------- d-----w- c:\users\Default\AppData\Local\MochaSoft 2012-08-02 04:15 . 2012-08-02 04:15 -------- d-----w- c:\users\Administrator\AppData\Local\MochaSoft 2012-08-02 04:15 . 2012-08-02 04:15 -------- d-----w- c:\program files\MochaSoft 2012-08-02 04:11 . 2012-08-02 04:12 -------- d-----w- c:\windows\system32\CCM 2012-08-02 04:11 . 2012-08-02 04:11 -------- d-----w- c:\windows\ms 2012-08-02 04:11 . 2012-08-02 04:13 -------- d-----w- c:\windows\system32\ccmsetup 2012-08-02 04:10 . 2012-08-08 23:01 -------- d-----w- c:\program files\Microsoft Office Communicator 2012-08-02 04:07 . 2012-08-02 04:07 -------- d-----w- c:\programdata\Diebold, Incorporated 2012-08-02 04:07 . 2012-08-02 04:07 40960 ----a-w- c:\windows\Diebold We Won't Rest.dll 2012-08-02 04:07 . 2012-08-02 04:07 406556 ----a-w- c:\windows\Diebold We Won't Rest.scr 2012-08-02 04:07 . 2012-08-02 04:07 18192 ----a-w- c:\windows\Diebold We Won't Rest.dat 2012-08-02 04:07 . 2012-08-02 04:07 1165670 ----a-w- c:\windows\Diebold We Won't Rest.exe 2012-08-02 04:07 . 2012-08-02 04:07 40960 ----a-w- c:\windows\Diebold - We Won't Rest.dll 2012-08-02 04:07 . 2012-08-02 04:07 406556 ----a-w- c:\windows\Diebold - We Won't Rest.scr 2012-08-02 04:07 . 2012-08-02 04:07 18192 ----a-w- c:\windows\Diebold - We Won't Rest.dat 2012-08-02 04:07 . 2012-08-02 04:07 1035063 ----a-w- c:\windows\Diebold - We Won't Rest.exe 2012-08-02 04:06 . 2012-08-02 04:07 -------- d-----w- c:\program files\Diebold Protect Screensaver 2012-08-02 04:06 . 2012-08-02 04:06 -------- d-----w- c:\program files\Microsoft Office Communications Server 2007 R2 2012-08-02 04:06 . 2012-08-02 04:06 -------- d-----w- c:\program files\LaGard 2012-08-02 04:06 . 2012-08-02 04:06 -------- d-----w- c:\program files\Kaba Mas 2012-08-02 04:05 . 2012-08-02 04:05 -------- d-----w- c:\program files\Microsoft SQL Server 2012-08-02 04:05 . 2012-08-02 04:05 -------- d-----w- c:\programdata\Verint 2012-08-02 04:04 . 2012-08-02 04:04 -------- d-----w- c:\program files\ArcaTech Systems 2012-08-02 04:04 . 2012-08-02 04:04 -------- d-----w- C:\SwTool 4.0.0.1 2012-08-02 04:03 . 2008-07-29 20:40 48296 ----a-w- c:\windows\system32\drivers\aksifdh.sys 2012-08-02 04:03 . 2008-07-29 20:40 34472 ----a-w- c:\windows\system32\drivers\aksup.sys 2012-08-02 04:03 . 2010-04-30 18:48 107808 ----a-w- c:\windows\system32\iKeyUI.dll 2012-08-02 04:03 . 2010-04-30 18:48 91424 ----a-w- c:\windows\system32\iKeyAPI.dll 2012-08-02 04:03 . 2010-04-30 18:48 75040 ----a-w- c:\windows\system32\iKey2k.dll 2012-08-02 04:03 . 2010-04-30 18:48 165152 ----a-w- c:\windows\system32\iKeyDI.dll 2012-08-02 04:03 . 2012-08-02 04:03 -------- d--h--w- c:\program files\InstallShield Installation Information 2012-08-02 04:03 . 2010-04-29 14:16 21472 ----a-w- c:\windows\system32\drivers\RNBTOKEN.SYS 2012-08-02 04:03 . 2010-04-29 14:16 18080 ----a-w- c:\windows\system32\drivers\IKEYIFD.SYS 2012-08-02 04:03 . 2010-04-29 14:16 11616 ----a-w- c:\windows\system32\drivers\IKEYENUM.SYS 2012-08-02 04:03 . 2012-08-02 04:03 -------- d-----w- c:\program files\SafeNet 2012-08-02 04:02 . 2012-08-02 04:02 -------- d-----w- c:\program files\Verex IP Module Config101 2012-08-02 04:02 . 2012-08-02 04:02 -------- d-----w- c:\program files\HyperTerminal XP 2012-08-02 04:02 . 2012-08-02 04:02 -------- d-----w- c:\program files\Hirsch Snib2Config 2012-08-02 04:02 . 2012-08-02 04:02 -------- d-----w- c:\program files\ENA Process Notes 2012-08-02 04:02 . 2012-08-02 04:02 -------- d-----w- c:\program files\DeLaRue Test Tool 2012-08-02 04:02 . 2012-08-02 04:02 -------- d-----w- C:\Link 2012-08-02 04:01 . 2012-08-02 04:01 -------- d-----w- C:\GMS 2012-08-02 04:01 . 2012-08-02 04:01 -------- d-----w- c:\program files\Business Objects 2012-08-02 04:00 . 2012-08-02 04:00 -------- d-----w- c:\program files\Common Files\InstallShield 2012-08-02 03:59 . 2012-08-02 03:59 -------- d-----w- c:\program files\Common Files\MainConcept 2012-08-02 03:59 . 2012-08-02 03:59 -------- d-----w- c:\program files\3VR Security 2012-08-02 03:55 . 2012-08-02 03:58 -------- d-----w- c:\program files\TRDB 2012-08-02 03:54 . 2012-08-02 03:55 -------- d-----w- c:\program files\WKLCALLS 2012-08-02 03:54 . 2012-08-02 03:54 286720 ------w- c:\windows\Setup1.exe 2012-08-02 03:54 . 2012-08-02 03:54 73216 ----a-w- c:\windows\ST6UNST.EXE 2012-08-02 03:53 . 2012-08-02 03:53 -------- d-----w- c:\program files\Performance Profile Report 2012-08-02 03:52 . 2012-08-02 03:52 -------- d-----w- c:\program files\IMAP 2012-08-02 03:51 . 2009-07-14 01:15 126976 ----a-w- c:\windows\system32\msdart32.dll 2012-08-02 03:51 . 2011-05-13 13:05 22016 ----a-w- c:\windows\system32\MSWINSCK.oca 2012-08-02 03:51 . 2010-03-26 18:31 92160 ----a-w- c:\windows\system32\MSCAL.OCX 2012-08-02 03:51 . 2010-03-26 18:31 77824 ----a-w- c:\windows\system32\Msbind.dll 2012-08-02 03:51 . 2010-03-26 18:31 202752 ----a-w- c:\windows\system32\dblist32.ocx 2012-08-02 03:51 . 2010-03-26 18:31 147512 ----a-w- c:\windows\system32\temp.007 2012-08-02 03:51 . 2010-03-26 18:31 12288 ----a-w- c:\windows\system32\temp.008 2012-08-02 03:51 . 2012-08-02 03:51 -------- d-----w- C:\temp 2012-08-02 03:51 . 2010-03-26 18:31 16384 ----a-w- c:\windows\system32\GzipWrapper.dll 2012-08-02 03:51 . 2012-08-02 03:53 -------- d-----w- c:\program files\WAS 2012-08-02 03:50 . 2012-08-02 03:50 -------- d-----w- c:\users\Administrator\AppData\Local\Adobe 2012-08-02 03:50 . 2012-08-02 03:51 -------- d-----w- C:\TechResourceCDS 2012-08-02 03:50 . 2012-08-02 03:50 -------- d-----w- c:\program files\Common Files\Lanex Shared 2012-08-02 03:50 . 2007-02-18 22:26 1046288 ----a-w- c:\windows\system32\msjet35.dll 2012-08-02 03:50 . 2007-02-18 22:26 570128 ----a-w- c:\windows\system32\dao350.dll 2012-08-02 03:48 . 2012-08-02 03:48 -------- d-----w- C:\Opteva DLINK DEVICE DRIVER 2012-08-02 03:46 . 2012-08-02 03:46 -------- dc----w- c:\windows\system32\DRVSTORE 2012-08-02 03:46 . 2011-12-15 12:25 54552 ----a-w- c:\windows\system32\acnamfdbctl.dll 2012-08-02 03:46 . 2011-12-15 12:25 173808 ----a-w- c:\windows\system32\drivers\acnamfd.sys 2012-08-02 03:46 . 2011-12-15 12:34 39376 ----a-w- c:\windows\system32\acnamihv.dll . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-06-28 17:50 . 2012-07-11 12:34 859382 ----a-w- c:\windows\Diebold_Security.scr 2012-06-25 23:05 . 2012-06-25 23:05 3039024 ----a-w- c:\windows\system32\wlihvui.dll 2012-06-25 23:05 . 2012-06-25 23:05 2007856 ----a-w- c:\windows\system32\iwmssvc.dll 2012-06-18 07:14 . 2012-07-11 12:57 6762896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6EB28F21-C60E-48A1-B8D1-0620D5BD0F79}\mpengine.dll 2012-06-12 02:40 . 2012-07-11 13:29 2345984 ----a-w- c:\windows\system32\win32k.sys 2012-06-06 05:05 . 2012-07-11 13:04 1390080 ----a-w- c:\windows\system32\msxml6.dll 2012-06-06 05:05 . 2012-07-11 13:04 1236992 ----a-w- c:\windows\system32\msxml3.dll 2012-06-06 05:03 . 2012-07-11 13:01 805376 ----a-w- c:\windows\system32\cdosys.dll 2012-06-02 22:19 . 2012-07-11 12:33 53784 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-02 22:19 . 2012-07-11 12:33 45080 ----a-w- c:\windows\system32\wups2.dll 2012-06-02 22:19 . 2012-07-11 12:32 35864 ----a-w- c:\windows\system32\wups.dll 2012-06-02 22:19 . 2012-07-11 12:32 577048 ----a-w- c:\windows\system32\wuapi.dll 2012-06-02 22:19 . 2012-07-11 12:33 1933848 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-02 22:12 . 2012-07-11 12:33 2422272 ----a-w- c:\windows\system32\wucltux.dll 2012-06-02 22:12 . 2012-07-11 12:32 88576 ----a-w- c:\windows\system32\wudriver.dll 2012-06-02 19:19 . 2012-07-11 12:32 171904 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-02 19:12 . 2012-07-11 12:32 33792 ----a-w- c:\windows\system32\wuapp.exe 2012-06-02 04:45 . 2012-07-11 13:04 67440 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2012-06-02 04:45 . 2012-07-11 13:04 134000 ----a-w- c:\windows\system32\drivers\ksecpkg.sys 2012-06-02 04:40 . 2012-07-11 13:04 369336 ----a-w- c:\windows\system32\drivers\cng.sys 2012-06-02 04:40 . 2012-07-11 13:04 225280 ----a-w- c:\windows\system32\schannel.dll 2012-06-02 04:39 . 2012-07-11 13:04 219136 ----a-w- c:\windows\system32\ncrypt.dll 2012-05-31 16:25 . 2012-07-11 12:57 237072 ----a-w- c:\windows\system32\MpSigStub.exe . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Communicator"="KEY" [X] "McAfeeUpdaterUI"="KEY" [X] "ShStatEXE"="E" [X] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888] "Cisco AnyConnect Secure Mobility Agent for Windows"="c:\program files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" [2011-12-15 527312] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ WAS Update.lnk - c:\program files\WAS\WiseUpdt.exe [2012-8-1 166518] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) "EnableLinkedConnections"= 1 (0x1) . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoAutorun"= 1 (0x1) . [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "RestrictWelcomeCenter"= 1 (0x1) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux1"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Notification Packages REG_MULTI_SZ EpePcNp32 scecli . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-18574106-1352478796-824651971-250630\Scripts\Logon\0\0] "Script"=FwcTool.exe . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-18574106-1352478796-824651971-250630\Scripts\Logon\0\1] "Script"=FwcTool.exe . R2 PrtPort;PrtPort; [x] R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [x] R3 MEI;Intel® Management Engine Interface;c:\windows\system32\drivers\HECI.sys [x] R3 MFE_RR;MFE_RR;c:\users\nietoa1\AppData\Local\Temp\mfe_rr.sys [x] R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [x] R3 netvsc;netvsc;c:\windows\system32\DRIVERS\netvsc60.sys [x] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [x] R3 pcg_nt;pcg_nt;d:\pcg_2k.sys [x] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x] R3 Synth3dVsc;Microsoft Virtual 3D Video Transport Driver;c:\windows\system32\drivers\Synth3dVsc.sys [x] R3 SynthVid;SynthVid;c:\windows\system32\DRIVERS\VMBusVideoM.sys [x] R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x] R3 tsusbhub;Remote Deskotop USB Hub;c:\windows\system32\drivers\tsusbhub.sys [x] R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x] R3 vmmouse;VMware Pointing Device;c:\windows\system32\drivers\vmmouse.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x] S0 MfeEEAlg;MfeEEAlg; [x] S0 MfeEpeOpal;MfeEpeOpal; [x] S0 MfeEpePc;MfeEpePc; [x] S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [x] S1 acnamfd;Cisco AnyConnect Network Access Manager Filter Driver;c:\windows\system32\DRIVERS\acnamfd.sys [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x] S2 ciscod.exe;Cisco Security Service;c:\program files\Cisco\Cisco HostScan\bin\ciscod.exe [x] S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [x] S2 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [x] S2 nam;Cisco AnyConnect Network Access Manager;c:\program files\Cisco\Cisco AnyConnect Secure Mobility Client\acnamagent.exe [x] S2 namlm;Cisco AnyConnect Network Access Manager Logon Module;c:\program files\Cisco\Cisco AnyConnect Secure Mobility Client\acnamlogonagent.exe [x] S2 risdxc;risdxc;c:\windows\system32\DRIVERS\risdxc86.sys [x] S2 SACSrv;SACSrv;c:\program files\SafeNet\Authentication\SAC\x32\SACSrv.exe [x] S2 vpnagent;Cisco AnyConnect Secure Mobility Agent;c:\program files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [x] S2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x] S3 acsock;acsock;c:\windows\system32\DRIVERS\acsock.sys [x] S3 acwebsecagent;Cisco AnyConnect Web Security Agent;c:\program files\Cisco\Cisco AnyConnect Secure Mobility Client\acwebsecagent.exe [x] S3 e1cexpress;Intel® PRO/1000 PCI Express Network Connection Driver C;c:\windows\system32\DRIVERS\e1c6232.sys [x] S3 iKeyEnum;Rainbow iKey Enumerator;c:\windows\system32\DRIVERS\ikeyenum.sys [x] S3 iKeyIFD;Rainbow iKey Virtual Reader;c:\windows\system32\DRIVERS\ikeyifd.sys [x] S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x] S3 NETwNs32;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit;c:\windows\system32\DRIVERS\NETwNs32.sys [x] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - WS2IFSL *Deregistered* - mfeavfk01 . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 . . ------- Supplementary Scan ------- . uStart Page = hxxp://doc2.diebold.com IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105 Trusted Zone: dbdfxz Trusted Zone: diebold.com\secureauth Trusted Zone: diebold.com\usncclm01.ad Trusted Zone: skillport.com Trusted Zone: srvs Trusted Zone: suth.com\diebold Trusted Zone: suth.com\dieboldsurvey Trusted Zone: dbdfxz Trusted Zone: diebold.com\usncclm01.ad Trusted Zone: skillport.com Trusted Zone: srvs Trusted Zone: suth.com\diebold Trusted Zone: suth.com\dieboldsurvey TCP: DhcpNameServer = 192.168.0.1 205.171.3.25 DPF: {53A8AEF8-5503-4B78-A091-634BB68DEECE} - hxxps://secureauth.diebold.com/secureauth3/4420/SecureAuth.cab DPF: {CC679CB8-DC4B-458B-B817-D447B3B6AC31} - vpnweb.cab . - - - - ORPHANS REMOVED - - - - . Toolbar-Locked - (no file) HKLM-Run-IgfxTray - DOWS\SYSTEM32\IGFXTRAY.EXE HKLM-Run-HotKeysCmds - DOWS\SYSTEM32\HKCMD.EXE HKLM-Run-Persistence - DOWS\SYSTEM32\IGFXPERS.EXE HKLM-Run-APSDaemon - .EXE HKLM-Run-Adobe ARM - FILES\ADOBE\ARM\1.0\ADOBEARM.EXE HKLM-Run-BCSSync - C.EXE HKLM-Run-SafeNetCertMngr - ITOR.EXE HKLM-Run-DieboldProtectScrnsave - SVR.VBS HKLM-Run-MfeEpePcMonitor - ITOR.EXE ShellExecuteHooks-{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - (no file) Notify-!SASWinLogon - (no file) SafeBoot-29337598.sys SafeBoot-35808088.sys . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'lsass.exe'(664) c:\windows\system32\EpePcNp32.DLL . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\ibmpmsvc.exe c:\program files\Intel\WiFi\bin\EvtEng.exe c:\program files\McAfee\Common Framework\FrameworkService.exe c:\program files\McAfee\VirusScan Enterprise\VsTskMgr.exe c:\program files\McAfee\VirusScan Enterprise\mfeann.exe c:\windows\system32\conhost.exe c:\program files\McAfee\Common Framework\naPrdMgr.exe c:\program files\Common Files\Intel\WirelessCommon\RegSrvc.exe c:\windows\system32\taskhost.exe c:\windows\system32\CCM\CcmExec.exe c:\program files\Common Files\McAfee\SystemCore\mcshield.exe c:\windows\system32\conhost.exe c:\windows\system32\wbem\unsecapp.exe c:\windows\system32\msiexec.exe c:\program files\McAfee\VirusScan Enterprise\SHSTAT.EXE c:\windows\system32\sppsvc.exe c:\program files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe c:\windows\system32\wbem\WmiApSrv.exe . ************************************************************************** . Completion time: 2012-08-17 16:40:00 - machine was rebooted ComboFix-quarantined-files.txt 2012-08-17 23:39 . Pre-Run: 221,864,919,040 bytes free Post-Run: 221,937,004,544 bytes free . - - End Of File - - EC30C18280C6A598D59401BE1FF9BCFD
  12. guitarion
    Ok I just rebooted an turned sytem restore back on. The restore point was created successfully this time!
  13. guitarion
    Ok i just tried to create a restore point it failed. It says. " The restore point could not be created for the following reason: The creation of a shadow copy has timed out. Try this operation again. (0x81000101)
  14. guitarion
    I tried yesterday but it didnt work. Should I try again with a different restore point.
  15. guitarion
    Farbar Service Scanner Version: 06-08-2012 Ran by nietoa1 (administrator) on 16-08-2012 at 17:48:46 Running from "D:\" Microsoft Windows 7 Enterprise Service Pack 1 (X86) Boot Mode: Normal **************************************************************** Internet Services: ============ Connection Status: ============== Localhost is accessible. LAN connected. Google IP is accessible. Google.com is accessible. Yahoo IP is accessible. Yahoo.com is accessible. Windows Firewall: ============= MpsSvc Service is not running. Checking service configuration: The start type of MpsSvc service is OK. The ImagePath of MpsSvc service is OK. The ServiceDll of MpsSvc service is OK. bfe Service is not running. Checking service configuration: The start type of bfe service is OK. The ImagePath of bfe service is OK. The ServiceDll of bfe service is OK. Firewall Disabled Policy: ================== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] "EnableFirewall"=DWORD:0 System Restore: ============ System Restore Disabled Policy: ======================== Action Center: ============ Windows Update: ============ Windows Autoupdate Disabled Policy: ============================ Windows Defender: ============== WinDefend Service is not running. Checking service configuration: Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist. Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist. Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist. Windows Defender Disabled Policy: ========================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender] "DisableAntiSpyware"=DWORD:1 PlugPlay Service is not running. Checking service configuration: Checking Start type: ATTENTION!=====> Unable to open PlugPlay registry key. The service key does not exist. Checking ImagePath: ATTENTION!=====> Unable to open PlugPlay registry key. The service key does not exist. Other Services: ============== Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist. Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist. Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to open SharedAccess registry key. The service key does not exist. File Check: ======== C:\Windows\system32\nsisvc.dll => MD5 is legit C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit C:\Windows\system32\dhcpcore.dll => MD5 is legit C:\Windows\system32\Drivers\afd.sys => MD5 is legit C:\Windows\system32\Drivers\tdx.sys => MD5 is legit C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit C:\Windows\system32\dnsrslvr.dll => MD5 is legit C:\Windows\system32\mpssvc.dll => MD5 is legit C:\Windows\system32\bfe.dll => MD5 is legit C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit C:\Windows\system32\SDRSVC.dll => MD5 is legit C:\Windows\system32\vssvc.exe => MD5 is legit C:\Windows\system32\wscsvc.dll => MD5 is legit C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit C:\Windows\system32\wuaueng.dll => MD5 is legit C:\Windows\system32\qmgr.dll => MD5 is legit C:\Windows\system32\es.dll => MD5 is legit C:\Windows\system32\cryptsvc.dll => MD5 is legit C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit C:\Windows\system32\ipnathlp.dll => MD5 is legit C:\Windows\system32\svchost.exe => MD5 is legit C:\Windows\system32\rpcss.dll => MD5 is legit **** End of log ****
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.