Jump to content

smclynch

Members
 View Profile  See their activity

  • Posts

    14

  • Joined

  • Last visited

Reputation

0 Neutral
  1. smclynch
    HI MrC! I'm sorry I failed to get back to you. I had another hard drive do I built a new system on that and eventually when I have some time in the next couple of weeks I'll get back to the old one and see if I can finish getting it up and running. I had been screwing around with the other one for 3 days and had to get some work done. You can close this and I will eventually get back to it. We are in the middle of our busiest time and I couldn't afford to be without my computer for any longer. Thank you very much for all your help!
  2. smclynch
    RogueKiller V7.6.6 [08/10/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Blog: http://tigzyrk.blogspot.com Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User: test [Admin rights] Mode: Scan -- Date: 08/17/2012 17:02:45 ¤¤¤ Bad processes: 0 ¤¤¤ ¤¤¤ Registry Entries: 4 ¤¤¤ [HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND [HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND [HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ [ZeroAccess][FOLDER] L : c:\windows\installer\{8df58ccc-a273-3e0a-3f6b-5c13835ced7c}\L --> FOUND ¤¤¤ Driver: [NOT LOADED] ¤¤¤ ¤¤¤ Infection : ZeroAccess|Root.MBR ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ 127.0.0.1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: +++++ --- User --- [MBR] 516e59a3c19ed0af962b5d87c38484cb [bSP] 0fd5eb6cdcc7dbd7ca0f2a6f47595e91 : Windows Vista/7 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 1419282 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2906896384 | Size: 11415 Mo User = LL1 ... OK! User != LL2 ... KO! --- LL2 --- [MBR] ce30e4de42a1f9f33eea4cb1de288ec7 [bSP] 374d5d41f67396ab9410749132ef7821 : Windows 7 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 217933824 | Size: 300 Mo +++++ PhysicalDrive1: +++++ --- User --- [MBR] 192502d7364cafe4d4ea613600b3995a [bSP] 7a15a999f4476a9da05dfc27fc496ae1 : MBR Code unknown Partition table: 0 - [XXXXXX] UNKNOWN (0x72) [VISIBLE] Offset (sectors): 778135908 | Size: 557377 Mo 1 - [XXXXXX] UNKNOWN (0x65) [VISIBLE] Offset (sectors): 168689522 | Size: 945326 Mo 2 - [XXXXXX] UNKNOWN (0x79) [VISIBLE] Offset (sectors): 1869881465 | Size: 945326 Mo 3 - [XXXXXX] UNKNOWN (0x0d) [VISIBLE] Offset (sectors): 0 | Size: 1775989 Mo User = LL1 ... OK! Error reading LL2 MBR! +++++ PhysicalDrive2: +++++ Error reading User MBR! User = LL1 ... OK! Error reading LL2 MBR! +++++ PhysicalDrive3: +++++ --- User --- [MBR] 8a0a54d6a641cd311b18d3b5c51ad58c [bSP] df4f83c1f72e36823a12b0dfc7617313 : MBR Code unknown Partition table: 0 - [ACTIVE] FAT32 (0x0b) [VISIBLE] Offset (sectors): 442 | Size: 7629 Mo User = LL1 ... OK! Error reading LL2 MBR! +++++ PhysicalDrive4: +++++ Error reading User MBR! User = LL1 ... OK! Error reading LL2 MBR! Finished : << RKreport[2].txt >> RKreport[1].txt ; RKreport[2].txt
  3. smclynch
    Malwarebytes Anti-Malware (Trial) 1.62.0.1300 www.malwarebytes.org Database version: v2012.08.13.04 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 test :: SMCLYNCH-HP [administrator] Protection: Disabled 8/17/2012 4:57:10 PM mbam-log-2012-08-17 (16-57-10).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 255223 Time elapsed: 3 minute(s), 34 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)
  4. smclynch
    Error is the MBAM database is missing or corrupt.
  5. smclynch
    I am still not able to get MBAM updated. No internet access on the machine. I downloaded the new rules file to the directory but that didn't work either. Any ideas?
  6. smclynch
    ComboFix 12-08-17.01 - test 08/17/2012 12:29:30.1.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.16127.13033 [GMT -4:00] Running from: c:\users\test\Desktop\VIRUS REMOVAL\ComboFix.exe AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892} FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9} SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Created a new restore point . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . C:\install.exe c:\users\Public\desktop(2914).ini c:\users\smclynch\AppData\Local\Microsoft\Windows\Temporary Internet Files\{01DDE22C-7501-49B7-B841-66C52A1F3E9B}.xps c:\users\smclynch\AppData\Local\Microsoft\Windows\Temporary Internet Files\{268645DB-2B1B-4E4C-A0A7-89A84646F93F}.xps c:\users\smclynch\AppData\Local\Microsoft\Windows\Temporary Internet Files\{46523736-8AD4-405F-BCA8-DD3517953CDA}.xps c:\users\smclynch\AppData\Local\Microsoft\Windows\Temporary Internet Files\{ADFDC3EF-43D0-4DDD-BCF3-F4C79AC82C3D}.xps c:\windows\SysWow64\DEBUG.log c:\windows\TEMP\jna6384224721186585912.dll . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Service_DDService . . ((((((((((((((((((((((((( Files Created from 2012-07-17 to 2012-08-17 ))))))))))))))))))))))))))))))) . . 2012-08-17 14:12 . 2012-07-03 17:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-08-17 11:12 . 2012-08-17 11:12 -------- d-----w- C:\$WINDOWS.~BT 2012-08-17 02:46 . 2012-08-17 02:46 -------- d-----w- c:\users\smclynch\AppData\Local\McAfee Anti-Theft 2012-08-16 18:29 . 2012-08-17 04:30 -------- d-----w- C:\WIN 7 2012-08-16 14:21 . 2012-08-16 14:21 -------- d-----w- c:\users\smclynch\AppData\Roaming\PC Cleaners 2012-08-16 14:21 . 2012-08-16 14:21 -------- d-----w- c:\users\smclynch\AppData\Roaming\PCPro 2012-08-16 14:21 . 2012-08-16 14:21 -------- d-----w- c:\program files (x86)\PC Cleaners 2012-08-16 14:21 . 2012-08-16 14:21 -------- d-----w- c:\programdata\PC1Data 2012-08-16 11:59 . 2012-08-16 11:59 -------- d-----w- c:\users\smclynch\AppData\Roaming\SUPERAntiSpyware.com 2012-08-16 11:59 . 2012-08-17 04:31 -------- d-----w- c:\program files\SUPERAntiSpyware 2012-08-16 11:59 . 2012-08-16 11:59 -------- d-----w- c:\programdata\SUPERAntiSpyware.com 2012-08-16 11:19 . 2012-08-17 04:31 -------- d-----w- c:\program files\HitmanPro 2012-08-16 11:18 . 2012-08-16 11:18 -------- d-----w- c:\programdata\HitmanPro 2012-08-16 02:41 . 2012-08-16 02:41 -------- d-----w- c:\users\smclynch\AppData\Local\Diagnostics 2012-08-16 02:13 . 2012-08-16 02:13 -------- d-----w- c:\users\smclynch\AppData\Roaming\Malwarebytes 2012-08-16 02:13 . 2012-08-16 02:13 -------- d-----w- c:\programdata\Malwarebytes 2012-08-16 02:13 . 2012-08-17 14:17 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2012-08-07 02:02 . 2010-04-14 00:10 66040 ----a-w- c:\windows\system32\drivers\MOBK.sys 2012-08-07 02:02 . 2012-04-20 20:40 196440 ----a-w- c:\windows\system32\drivers\HipShieldK.sys 2012-08-07 02:02 . 2012-08-17 05:57 -------- d-----w- c:\program files (x86)\McAfee Online Backup 2012-08-07 02:02 . 2012-06-15 16:04 73096 ----a-w- c:\windows\system32\drivers\McPvDrv.sys 2012-08-07 02:01 . 2012-06-22 11:37 10288 ----a-w- c:\windows\system32\drivers\mfeclnk.sys 2012-08-07 02:01 . 2012-06-22 11:40 69672 ----a-w- c:\windows\system32\drivers\cfwids.sys 2012-08-07 02:01 . 2012-06-22 11:36 106112 ----a-w- c:\windows\system32\drivers\mferkdet.sys 2012-08-07 02:01 . 2012-06-22 11:35 513456 ----a-w- c:\windows\system32\drivers\mfefirek.sys 2012-08-07 02:01 . 2012-06-22 11:34 300392 ----a-w- c:\windows\system32\drivers\mfeavfk.sys 2012-08-07 02:01 . 2012-08-17 05:58 -------- d-----w- c:\program files\Common Files\McAfee 2012-08-07 01:34 . 2012-06-22 11:38 177144 ----a-w- c:\windows\system32\mfevtps.exe 2012-08-06 22:33 . 2012-08-17 05:57 -------- d-----w- c:\program files (x86)\Common Files\McAfee 2012-08-06 22:33 . 2012-08-17 05:58 -------- d-----w- c:\program files\McAfee 2012-08-06 22:33 . 2012-08-17 05:57 -------- d-----w- c:\program files (x86)\McAfee 2012-08-06 22:02 . 2012-08-17 06:00 -------- d-----w- c:\users\test 2012-08-06 21:59 . 2012-08-17 05:57 -------- d-----w- C:\mfe 2012-08-06 21:49 . 2012-08-17 02:46 -------- d-----w- c:\programdata\McAfee 2012-08-06 21:06 . 2012-05-04 11:00 366592 ----a-w- c:\windows\system32\qdvd.dll 2012-08-06 21:06 . 2012-05-04 09:59 514560 ----a-w- c:\windows\SysWow64\qdvd.dll 2012-08-06 20:51 . 2012-08-06 20:51 -------- d-----w- c:\programdata\Citrix 2012-08-06 20:37 . 2012-08-17 05:59 -------- d-----w- c:\users\smclynch\AppData\Local\Citrix 2012-08-06 19:30 . 2012-08-06 20:01 -------- d-----w- c:\users\bclynch 2012-08-06 16:11 . 2012-08-06 16:11 -------- d-s---w- c:\windows\SysWow64\Microsoft 2012-08-06 02:12 . 2012-08-06 02:12 -------- d-----w- c:\program files (x86)\Citrix 2012-08-06 02:12 . 2012-08-06 16:03 -------- d-----w- c:\users\smclynch\AppData\Local\Deployment 2012-08-06 02:12 . 2012-08-06 02:12 -------- d-----w- c:\users\smclynch\AppData\Local\Apps 2012-08-06 01:16 . 2012-08-06 01:16 -------- d-----w- c:\users\smclynch\AppData\Roaming\McAfee 2012-08-06 00:33 . 2012-08-06 02:22 -------- d-----w- c:\program files (x86)\GridinSoft Trojan Killer 2012-08-05 23:21 . 2012-08-16 13:29 -------- d-----w- c:\program files (x86)\stinger 2012-07-27 14:04 . 2012-07-27 14:04 -------- d-----w- c:\programdata\Nuance . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-08-17 16:42 . 2011-07-17 02:51 62134624 ----a-w- c:\windows\system32\MRT.exe 2012-08-15 04:37 . 2012-05-02 19:33 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-08-15 04:37 . 2011-07-27 17:15 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-06-22 11:38 . 2012-06-22 11:38 335784 ----a-w- c:\windows\system32\drivers\mfewfpk.sys 2012-06-22 11:36 . 2012-06-22 11:36 752672 ----a-w- c:\windows\system32\drivers\mfehidk.sys 2012-06-22 11:34 . 2012-06-22 11:34 169320 ----a-w- c:\windows\system32\drivers\mfeapfk.sys 2012-06-12 03:08 . 2012-07-12 07:07 3148800 ----a-w- c:\windows\system32\win32k.sys 2012-06-09 05:43 . 2012-07-11 09:48 14172672 ----a-w- c:\windows\system32\shell32.dll 2012-06-06 12:49 . 2012-06-06 12:49 1070152 ----a-w- c:\windows\SysWow64\MSCOMCTL.OCX 2012-06-06 06:06 . 2012-07-11 09:48 2004480 ----a-w- c:\windows\system32\msxml6.dll 2012-06-06 06:06 . 2012-07-11 09:48 1881600 ----a-w- c:\windows\system32\msxml3.dll 2012-06-06 06:02 . 2012-07-11 09:47 1133568 ----a-w- c:\windows\system32\cdosys.dll 2012-06-06 05:05 . 2012-07-11 09:48 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll 2012-06-06 05:05 . 2012-07-11 09:48 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll 2012-06-06 05:03 . 2012-07-11 09:47 805376 ----a-w- c:\windows\SysWow64\cdosys.dll 2012-06-05 09:52 . 2012-06-05 09:52 1694992 ----a-w- c:\windows\SysWow64\VBA6.DLL 2012-06-05 09:52 . 2012-06-05 09:52 741008 ----a-w- c:\windows\SysWow64\SPR32D30.DLL 2012-06-02 22:19 . 2012-06-22 22:44 38424 ----a-w- c:\windows\system32\wups.dll 2012-06-02 22:19 . 2012-06-22 22:45 2428952 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-02 22:19 . 2012-06-22 22:45 57880 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-02 22:19 . 2012-06-22 22:45 44056 ----a-w- c:\windows\system32\wups2.dll 2012-06-02 22:19 . 2012-06-22 22:44 701976 ----a-w- c:\windows\system32\wuapi.dll 2012-06-02 22:15 . 2012-06-22 22:45 2622464 ----a-w- c:\windows\system32\wucltux.dll 2012-06-02 22:15 . 2012-06-22 22:44 99840 ----a-w- c:\windows\system32\wudriver.dll 2012-06-02 19:19 . 2012-06-22 22:43 186752 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-02 19:15 . 2012-06-22 22:43 36864 ----a-w- c:\windows\system32\wuapp.exe 2012-06-02 12:49 . 2012-07-12 07:02 17807360 ----a-w- c:\windows\system32\mshtml.dll 2012-06-02 12:17 . 2012-07-12 07:02 10924032 ----a-w- c:\windows\system32\ieframe.dll 2012-06-02 12:12 . 2012-07-12 07:02 2311680 ----a-w- c:\windows\system32\jscript9.dll 2012-06-02 12:05 . 2012-07-12 07:02 1346048 ----a-w- c:\windows\system32\urlmon.dll 2012-06-02 12:05 . 2012-07-12 07:02 1392128 ----a-w- c:\windows\system32\wininet.dll 2012-06-02 12:04 . 2012-07-12 07:02 1494528 ----a-w- c:\windows\system32\inetcpl.cpl 2012-06-02 12:04 . 2012-07-12 07:02 237056 ----a-w- c:\windows\system32\url.dll 2012-06-02 12:03 . 2012-07-12 07:02 85504 ----a-w- c:\windows\system32\jsproxy.dll 2012-06-02 12:01 . 2012-07-12 07:02 173056 ----a-w- c:\windows\system32\ieUnatt.exe 2012-06-02 12:00 . 2012-07-12 07:02 818688 ----a-w- c:\windows\system32\jscript.dll 2012-06-02 11:59 . 2012-07-12 07:02 2144768 ----a-w- c:\windows\system32\iertutil.dll 2012-06-02 11:57 . 2012-07-12 07:02 96768 ----a-w- c:\windows\system32\mshtmled.dll 2012-06-02 11:57 . 2012-07-12 07:02 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2012-06-02 11:54 . 2012-07-12 07:02 248320 ----a-w- c:\windows\system32\ieui.dll 2012-06-02 08:33 . 2012-07-12 07:02 1800192 ----a-w- c:\windows\SysWow64\jscript9.dll 2012-06-02 08:25 . 2012-07-12 07:02 1129472 ----a-w- c:\windows\SysWow64\wininet.dll 2012-06-02 08:25 . 2012-07-12 07:02 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl 2012-06-02 08:20 . 2012-07-12 07:02 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe 2012-06-02 08:16 . 2012-07-12 07:02 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb 2012-06-02 05:50 . 2012-07-11 09:47 458704 ----a-w- c:\windows\system32\drivers\cng.sys 2012-06-02 05:48 . 2012-07-11 09:47 95600 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2012-06-02 05:48 . 2012-07-11 09:47 151920 ----a-w- c:\windows\system32\drivers\ksecpkg.sys 2012-06-02 05:45 . 2012-07-11 09:47 340992 ----a-w- c:\windows\system32\schannel.dll 2012-06-02 05:44 . 2012-07-11 09:47 307200 ----a-w- c:\windows\system32\ncrypt.dll 2012-06-02 04:40 . 2012-07-11 09:47 22016 ----a-w- c:\windows\SysWow64\secur32.dll 2012-06-02 04:40 . 2012-07-11 09:47 225280 ----a-w- c:\windows\SysWow64\schannel.dll 2012-06-02 04:39 . 2012-07-11 09:47 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll 2012-06-02 04:34 . 2012-07-11 09:47 96768 ----a-w- c:\windows\SysWow64\sspicli.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 94208 ----a-w- c:\users\smclynch\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 94208 ----a-w- c:\users\smclynch\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 94208 ----a-w- c:\users\smclynch\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 94208 ----a-w- c:\users\smclynch\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-07-16 39408] "DDAssist"="c:\program files (x86)\Drobo\Drobo Dashboard\DDAssist.exe" [2012-01-19 370536] "HP Officejet Pro 8600 (NET)"="c:\program files\hp\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe" [2011-09-09 2676584] "HP Officejet Pro 8600 (NET) A38340CDC9F47CCBF3F7BB3C1EC46A0C39C8CDBD3626A9B9E3EFA7EB"="c:\program files\hp\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe" [2011-09-09 2676584] "Facebook Update"="c:\users\smclynch\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-07-11 138096] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Google Desktop Search"="c:\program files (x86)\Google\Google Desktop Search\GoogleDesktop.exe" [2011-07-17 30192] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-31 59280] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] "PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2011-02-08 567320] "HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-03-24 49208] "HSS server"="c:\hssv3\HSSserver.exe" [2012-02-04 413184] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-10-13 343168] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-19 421888] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-06-07 421776] "Intuit SyncManager"="c:\program files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe" [2012-06-05 2215768] "mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2012-06-22 1527896] "Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ CrashPlan Tray.lnk - c:\program files\CrashPlan\CrashPlanTray.exe [2012-3-15 217088] Intuit Data Protect.lnk - c:\program files (x86)\Common Files\Intuit\DataProtect\IntuitDataProtect.exe [2012-6-5 5982040] MozyPro Status.lnk - c:\program files\MozyPro\mozyprostat.exe [2012-7-12 6271880] QuickBooks Update Agent.lnk - c:\program files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe [2012-6-5 1176464] QuickBooks_Standard_21.lnk - c:\program files (x86)\Intuit\QuickBooks 2010\QBW32.EXE [2012-6-5 1181584] Spyder3Utility.lnk - c:\program files (x86)\Datacolor\Spyder3Pro\Utility\Spyder3Utility.exe [2010-7-26 7667970] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\progra~2\Google\GOOGLE~3\GoogleDesktopNetwork3.dll . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-07-16 136176] R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072] R2 MOBKbackup;McAfee Online Backup;c:\program files (x86)\McAfee Online Backup\MOBKbackup.exe [2010-04-14 231224] R2 mozyprobackup;MozyPro Backup Service;c:\program files\MozyPro\mozyprobackup.exe [2011-07-27 53528] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-15 250056] R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-07-16 1038088] R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072] R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [2011-07-17 30192] R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-07-16 136176] R3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys [2012-04-20 196440] R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2012-06-22 106112] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184] R3 Spyder3;Datacolor Spyder3;c:\windows\system32\DRIVERS\Spyder3.sys [2010-03-31 15360] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736] R3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\DRIVERS\wacmoumonitor.sys [2010-11-02 13312] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-07-17 1255736] R3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184] S0 amd_sata;amd_sata;c:\windows\system32\drivers\amd_sata.sys [2010-11-04 75904] S0 amd_xata;amd_xata;c:\windows\system32\drivers\amd_xata.sys [2010-11-04 38016] S0 McPvDrv;McPvDrv Driver;c:\windows\system32\drivers\McPvDrv.sys [2012-06-15 73096] S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2012-06-22 335784] S1 MOBKFilter;MOBKFilter;c:\windows\system32\DRIVERS\MOBK.sys [2010-04-14 66040] S1 mozyproFilter;mozyproFilter;c:\windows\system32\DRIVERS\mozypro.sys [2011-07-27 66552] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-05-11 203264] S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-10-13 361984] S2 AODDriver4.01;AODDriver4.01;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2011-06-24 55424] S2 CrashPlanService;CrashPlan Backup Service;c:\program files\CrashPlan\CrashPlanService.exe [2012-03-16 222720] S2 FlipShareServer;FlipShare Server;c:\program files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe [2011-05-06 1085440] S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168] S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944] S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-05-11 200728] S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-05-11 200728] S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-05-11 200728] S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2012-06-22 218320] S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2012-06-22 177144] S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe [2011-02-08 818712] S2 QBVSS;QBIDPService;c:\program files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe [2012-06-05 1248256] S2 RoxioNow Service;RoxioNow Service;c:\program files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-11-26 399344] S2 TabletServiceWacom;TabletServiceWacom;c:\program files\Tablet\Wacom\Wacom_Tablet.exe [2010-11-15 5716848] S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136] S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-05-11 6790656] S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-05-11 221184] S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-05-15 231440] S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2012-06-22 69672] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904] S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2012-06-22 513456] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-12-28 412776] S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\drivers\usbfilter.sys [2009-12-22 38456] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - MBAMPROTECTOR *Deregistered* - mfeavfk01 . Contents of the 'Scheduled Tasks' folder . 2012-08-17 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-02 04:37] . 2012-08-14 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1422239534-3733838403-1340072957-1000Core.job - c:\users\smclynch\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-03-07 21:13] . 2012-08-17 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1422239534-3733838403-1340072957-1000UA.job - c:\users\smclynch\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-03-07 21:13] . 2012-08-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-07-16 02:14] . 2012-08-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-07-16 02:14] . 2012-08-17 c:\windows\Tasks\HPCeeScheduleForsmclynch.job - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 97792 ----a-w- c:\users\smclynch\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 97792 ----a-w- c:\users\smclynch\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 97792 ----a-w- c:\users\smclynch\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 97792 ----a-w- c:\users\smclynch\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK] @="{3c3f3c1a-9153-7c05-f938-622e7003894d}" [HKEY_CLASSES_ROOT\CLSID\{3c3f3c1a-9153-7c05-f938-622e7003894d}] 2010-04-14 00:11 3816248 ----a-w- c:\program files (x86)\McAfee Online Backup\MOBKshell.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK2] @="{e6ea1d7d-144e-b977-98c4-84c53c1a69d0}" [HKEY_CLASSES_ROOT\CLSID\{e6ea1d7d-144e-b977-98c4-84c53c1a69d0}] 2010-04-14 00:11 3816248 ----a-w- c:\program files (x86)\McAfee Online Backup\MOBKshell.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK3] @="{b4caf489-1eec-c617-49ad-8d7088598c06}" [HKEY_CLASSES_ROOT\CLSID\{b4caf489-1eec-c617-49ad-8d7088598c06}] 2010-04-14 00:11 3816248 ----a-w- c:\program files (x86)\McAfee Online Backup\MOBKshell.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\mozypro] @="{71B8CED8-5D67-4f57-89B1-F64CE6302A1E}" [HKEY_CLASSES_ROOT\CLSID\{71B8CED8-5D67-4f57-89B1-F64CE6302A1E}] 2012-07-12 16:30 6301064 ----a-w- c:\program files\MozyPro\mozyproshell.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\mozypro2] @="{CBAFE103-79DA-46ca-BD9A-63CBF6282882}" [HKEY_CLASSES_ROOT\CLSID\{CBAFE103-79DA-46ca-BD9A-63CBF6282882}] 2012-07-12 16:30 6301064 ----a-w- c:\program files\MozyPro\mozyproshell.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\mozypro3] @="{8B99EA55-1AFF-4539-80A0-A71C6011CD84}" [HKEY_CLASSES_ROOT\CLSID\{8B99EA55-1AFF-4539-80A0-A71C6011CD84}] 2012-07-12 16:30 6301064 ----a-w- c:\program files\MozyPro\mozyproshell.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "combofix"="c:\combofix\CF14227.3XE" [2010-11-21 345088] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x0 . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com/ uLocal Page = c:\windows\system32\blank.htm uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 mLocal Page = c:\windows\system32\blank.htm uInternet Settings,ProxyOverride = *.local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s Trusted Zone: sorbs.net\www.secure Trusted Zone: utopiapercherons.com\www TCP: DhcpNameServer = 167.206.251.129 167.206.251.130 192.168.1.1 Handler: intu-help-qb5 - {867FCB77-9823-4cd6-8210-D85F968D466F} - c:\program files (x86)\Intuit\QuickBooks 2010\HelpAsyncPluggableProtocol.dll DPF: {7F245E01-651F-48E5-8A85-4752EC65E4ED} - hxxp://192.168.1.143/Cisco210Viewer.cab . - - - - ORPHANS REMOVED - - - - . Toolbar-Locked - (no file) AddRemove-{6F44AF95-3CDE-4513-AD3F-6D45F17BF324} - c:\program files (x86)\InstallShield Installation Information\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}\setup.exe AddRemove-ExposureManager - c:\windows\system32\javaws.exe AddRemove-ProlabExpress ROES - c:\windows\system32\javaws.exe AddRemove-ROES.whcc - c:\windows\system32\javaws.exe AddRemove-Simply Color Lab ROES - c:\windows\system32\javaws.exe . . . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\pdfcDispatcher] "ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\McAfee] "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\ . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\program files (x86)\Flip Video\FlipShare\FlipShareService.exe c:\windows\SysWOW64\rundll32.exe c:\program files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe c:\users\smclynch\AppData\Roaming\Dropbox\bin\Dropbox.exe . ************************************************************************** . Completion time: 2012-08-17 13:05:26 - machine was rebooted ComboFix-quarantined-files.txt 2012-08-17 17:05 . Pre-Run: 1,166,082,486,272 bytes free Post-Run: 1,174,186,471,424 bytes free . - - End Of File - - 3719A4182EF8F32487BB2A0BF7EEDC5B
  7. smclynch
    disregard... Appears to still be running.
  8. smclynch
    Strange, I was running Combofix, left the room, came back and there is a black screen with a cursor. Is this normal or did I miss disabling a malware program?
  9. smclynch
    11:58:28.0360 2040 TDSS rootkit removing tool 2.8.6.0 Aug 13 2012 17:24:05 11:58:28.0376 2040 ============================================================ 11:58:28.0376 2040 Current date / time: 2012/08/17 11:58:28.0376 11:58:28.0376 2040 SystemInfo: 11:58:28.0376 2040 11:58:28.0376 2040 OS Version: 6.1.7601 ServicePack: 1.0 11:58:28.0376 2040 Product type: Workstation 11:58:28.0376 2040 ComputerName: SMCLYNCH-HP 11:58:28.0376 2040 UserName: test 11:58:28.0376 2040 Windows directory: C:\Windows 11:58:28.0376 2040 System windows directory: C:\Windows 11:58:28.0376 2040 Running under WOW64 11:58:28.0376 2040 Processor architecture: Intel x64 11:58:28.0376 2040 Number of processors: 4 11:58:28.0376 2040 Page size: 0x1000 11:58:28.0376 2040 Boot type: Normal boot 11:58:28.0376 2040 ============================================================ 11:58:29.0561 2040 Drive \Device\Harddisk0\DR0 - Size: 0x15D50F66000 (1397.27 Gb), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 11:58:29.0577 2040 Drive \Device\Harddisk1\DR13 - Size: 0x3C200000 (0.94 Gb), SectorSize: 0x200, Cylinders: 0x7A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W' 11:58:29.0577 2040 Drive \Device\Harddisk4\DR4 - Size: 0x1DCD80000 (7.45 Gb), SectorSize: 0x200, Cylinders: 0x3CC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W' 11:58:29.0592 2040 ============================================================ 11:58:29.0592 2040 \Device\Harddisk0\DR0: 11:58:29.0592 2040 MBR partitions: 11:58:29.0592 2040 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 11:58:29.0592 2040 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xAD409000 11:58:29.0592 2040 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xAD43B800, BlocksNum 0x164B800 11:58:29.0592 2040 \Device\Harddisk1\DR13: 11:58:29.0592 2040 MBR partitions: 11:58:29.0592 2040 \Device\Harddisk4\DR4: 11:58:29.0592 2040 MBR partitions: 11:58:29.0592 2040 \Device\Harddisk4\DR4\Partition1: MBR, Type 0xB, StartLBA 0x1BA, BlocksNum 0xEE6A46 11:58:29.0592 2040 ============================================================ 11:58:29.0655 2040 C: <-> \Device\Harddisk0\DR0\Partition2 11:58:29.0702 2040 D: <-> \Device\Harddisk0\DR0\Partition3 11:58:29.0702 2040 ============================================================ 11:58:29.0702 2040 Initialize success 11:58:29.0702 2040 ============================================================ 11:59:00.0402 4252 ============================================================ 11:59:00.0402 4252 Scan started 11:59:00.0402 4252 Mode: Manual; SigCheck; TDLFS; 11:59:00.0402 4252 ============================================================ 11:59:02.0118 4252 ================ Scan services ============================= 11:59:02.0493 4252 [ a87d604aea360176311474c87a63bb88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 11:59:02.0664 4252 1394ohci - ok 11:59:02.0742 4252 [ d81d9e70b8a6dd14d42d7b4efa65d5f2 ] ACPI C:\Windows\system32\drivers\ACPI.sys 11:59:02.0774 4252 ACPI - ok 11:59:02.0820 4252 [ 99f8e788246d495ce3794d7e7821d2ca ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 11:59:02.0867 4252 AcpiPmi - ok 11:59:02.0898 4252 [ 2f0683fd2df1d92e891caca14b45a8c1 ] adfs C:\Windows\system32\drivers\adfs.sys 11:59:02.0945 4252 adfs - ok 11:59:03.0101 4252 [ 62b7936f9036dd6ed36e6a7efa805dc0 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 11:59:03.0101 4252 AdobeARMservice - ok 11:59:03.0257 4252 [ a9d3b95e8466bd58eeb8a1154654e162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 11:59:03.0288 4252 AdobeFlashPlayerUpdateSvc - ok 11:59:03.0335 4252 [ 2f6b34b83843f0c5118b63ac634f5bf4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 11:59:03.0366 4252 adp94xx - ok 11:59:03.0366 4252 [ 597f78224ee9224ea1a13d6350ced962 ] adpahci C:\Windows\system32\drivers\adpahci.sys 11:59:03.0382 4252 adpahci - ok 11:59:03.0413 4252 [ e109549c90f62fb570b9540c4b148e54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 11:59:03.0429 4252 adpu320 - ok 11:59:03.0491 4252 [ 4b78b431f225fd8624c5655cb1de7b61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 11:59:03.0647 4252 AeLookupSvc - ok 11:59:03.0663 4252 [ 1c7857b62de5994a75b054a9fd4c3825 ] AFD C:\Windows\system32\drivers\afd.sys 11:59:03.0694 4252 AFD - ok 11:59:03.0725 4252 [ 608c14dba7299d8cb6ed035a68a15799 ] agp440 C:\Windows\system32\drivers\agp440.sys 11:59:03.0756 4252 agp440 - ok 11:59:03.0756 4252 [ 3290d6946b5e30e70414990574883ddb ] ALG C:\Windows\System32\alg.exe 11:59:03.0772 4252 ALG - ok 11:59:03.0834 4252 [ 5812713a477a3ad7363c7438ca2ee038 ] aliide C:\Windows\system32\drivers\aliide.sys 11:59:03.0881 4252 aliide - ok 11:59:03.0944 4252 [ ca0d6c1390f4b3baf2a0a69d1a7f8332 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe 11:59:03.0975 4252 AMD External Events Utility - ok 11:59:04.0053 4252 AMD FUEL Service - ok 11:59:04.0084 4252 [ 1ff8b4431c353ce385c875f194924c0c ] amdide C:\Windows\system32\drivers\amdide.sys 11:59:04.0100 4252 amdide - ok 11:59:04.0100 4252 [ 6a2eeb0c4133b20773bb3dd0b7b377b4 ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys 11:59:04.0115 4252 amdiox64 - ok 11:59:04.0193 4252 [ 7024f087cff1833a806193ef9d22cda9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 11:59:04.0224 4252 AmdK8 - ok 11:59:04.0427 4252 [ 75e4baca583ae02c11e9ac8747e2abe0 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys 11:59:04.0505 4252 amdkmdag - ok 11:59:04.0505 4252 [ b765cf4b32f347be747b21ae22641025 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys 11:59:04.0521 4252 amdkmdap - ok 11:59:04.0536 4252 [ 1e56388b3fe0d031c44144eb8c4d6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys 11:59:04.0552 4252 AmdPPM - ok 11:59:04.0599 4252 [ d4121ae6d0c0e7e13aa221aa57ef2d49 ] amdsata C:\Windows\system32\drivers\amdsata.sys 11:59:04.0630 4252 amdsata - ok 11:59:04.0692 4252 [ f67f933e79241ed32ff46a4f29b5120b ] amdsbs C:\Windows\system32\drivers\amdsbs.sys 11:59:04.0724 4252 amdsbs - ok 11:59:04.0739 4252 [ 540daf1cea6094886d72126fd7c33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys 11:59:04.0755 4252 amdxata - ok 11:59:04.0755 4252 [ caee7c1afc9f1c9ee8dd11acd18d22e7 ] amd_sata C:\Windows\system32\drivers\amd_sata.sys 11:59:04.0770 4252 amd_sata - ok 11:59:04.0786 4252 [ 23726116b4fbcc84fc45b95157c08f5f ] amd_xata C:\Windows\system32\drivers\amd_xata.sys 11:59:04.0802 4252 amd_xata - ok 11:59:04.0833 4252 [ f312fad7dbd49ed21a194ac71b497832 ] AODDriver4.01 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys 11:59:04.0848 4252 AODDriver4.01 - ok 11:59:04.0911 4252 [ 89a69c3f2f319b43379399547526d952 ] AppID C:\Windows\system32\drivers\appid.sys 11:59:05.0426 4252 AppID - ok 11:59:05.0441 4252 [ 0bc381a15355a3982216f7172f545de1 ] AppIDSvc C:\Windows\System32\appidsvc.dll 11:59:05.0472 4252 AppIDSvc - ok 11:59:05.0550 4252 [ f401929ee0cc92bfe7f15161ca535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 11:59:05.0566 4252 Apple Mobile Device - ok 11:59:05.0597 4252 [ c484f8ceb1717c540242531db7845c4e ] arc C:\Windows\system32\drivers\arc.sys 11:59:05.0628 4252 arc - ok 11:59:05.0644 4252 [ 019af6924aefe7839f61c830227fe79c ] arcsas C:\Windows\system32\drivers\arcsas.sys 11:59:05.0660 4252 arcsas - ok 11:59:05.0816 4252 [ 9217d874131ae6ff8f642f124f00a555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 11:59:05.0847 4252 aspnet_state - ok 11:59:05.0862 4252 [ 769765ce2cc62867468cea93969b2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 11:59:05.0894 4252 AsyncMac - ok 11:59:05.0925 4252 [ 02062c0b390b7729edc9e69c680a6f3c ] atapi C:\Windows\system32\drivers\atapi.sys 11:59:05.0940 4252 atapi - ok 11:59:05.0972 4252 [ 7d89b0c443f6068e5b27aa3b972069ff ] athr C:\Windows\system32\DRIVERS\athrx.sys 11:59:06.0018 4252 athr - ok 11:59:06.0050 4252 [ dbb487d09f56c674430ac454fd8bcab9 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys 11:59:06.0065 4252 AtiHDAudioService - ok 11:59:06.0096 4252 [ e82e61f46d1336447f4deff8c074f13e ] AtiPcie C:\Windows\system32\drivers\AtiPcie64.sys 11:59:06.0112 4252 AtiPcie - ok 11:59:06.0143 4252 [ f23fef6d569fce88671949894a8becf1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 11:59:06.0174 4252 AudioEndpointBuilder - ok 11:59:06.0190 4252 [ f23fef6d569fce88671949894a8becf1 ] AudioSrv C:\Windows\System32\Audiosrv.dll 11:59:06.0221 4252 AudioSrv - ok 11:59:06.0268 4252 [ 3e5b191307609f7514148c6832bb0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys 11:59:06.0346 4252 b06bdrv - ok 11:59:06.0346 4252 [ b5ace6968304a3900eeb1ebfd9622df2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 11:59:06.0377 4252 b57nd60a - ok 11:59:06.0424 4252 [ fde360167101b4e45a96f939f388aeb0 ] BDESVC C:\Windows\System32\bdesvc.dll 11:59:06.0440 4252 BDESVC - ok 11:59:06.0440 4252 [ 16a47ce2decc9b099349a5f840654746 ] Beep C:\Windows\system32\drivers\Beep.sys 11:59:06.0471 4252 Beep - ok 11:59:06.0518 4252 [ 82974d6a2fd19445cc5171fc378668a4 ] BFE C:\Windows\System32\bfe.dll 11:59:06.0549 4252 BFE - ok 11:59:06.0596 4252 [ 1ea7969e3271cbc59e1730697dc74682 ] BITS C:\Windows\System32\qmgr.dll 11:59:06.0689 4252 BITS - ok 11:59:06.0720 4252 [ 61583ee3c3a17003c4acd0475646b4d3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys 11:59:06.0736 4252 blbdrive - ok 11:59:06.0814 4252 [ ebbcd5dfbb1de70e8f4af8fa59e401fd ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 11:59:06.0830 4252 Bonjour Service - ok 11:59:06.0876 4252 [ 6c02a83164f5cc0a262f4199f0871cf5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 11:59:06.0923 4252 bowser - ok 11:59:06.0939 4252 [ f09eee9edc320b5e1501f749fde686c8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys 11:59:06.0970 4252 BrFiltLo - ok 11:59:06.0986 4252 [ b114d3098e9bdb8bea8b053685831be6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys 11:59:07.0001 4252 BrFiltUp - ok 11:59:07.0032 4252 [ 8ef0d5c41ec907751b8429162b1239ed ] Browser C:\Windows\System32\browser.dll 11:59:07.0079 4252 Browser - ok 11:59:07.0110 4252 [ 43bea8d483bf1870f018e2d02e06a5bd ] Brserid C:\Windows\System32\Drivers\Brserid.sys 11:59:07.0142 4252 Brserid - ok 11:59:07.0173 4252 [ a6eca2151b08a09caceca35c07f05b42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 11:59:07.0251 4252 BrSerWdm - ok 11:59:07.0282 4252 [ b79968002c277e869cf38bd22cd61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 11:59:07.0298 4252 BrUsbMdm - ok 11:59:07.0329 4252 [ a87528880231c54e75ea7a44943b38bf ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 11:59:07.0344 4252 BrUsbSer - ok 11:59:07.0360 4252 [ 9da669f11d1f894ab4eb69bf546a42e8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys 11:59:07.0376 4252 BTHMODEM - ok 11:59:07.0407 4252 [ 95f9c2976059462cbbf227f7aab10de9 ] bthserv C:\Windows\system32\bthserv.dll 11:59:07.0454 4252 bthserv - ok 11:59:07.0485 4252 [ b8bd2bb284668c84865658c77574381a ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 11:59:07.0578 4252 cdfs - ok 11:59:07.0781 4252 [ f036ce71586e93d94dab220d7bdf4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys 11:59:07.0812 4252 cdrom - ok 11:59:07.0875 4252 [ f17d1d393bbc69c5322fbfafaca28c7f ] CertPropSvc C:\Windows\System32\certprop.dll 11:59:07.0937 4252 CertPropSvc - ok 11:59:07.0968 4252 [ 45b5a89dc41577282e5bf41b1165ea71 ] cfwids C:\Windows\system32\drivers\cfwids.sys 11:59:08.0000 4252 cfwids - ok 11:59:08.0015 4252 [ d7cd5c4e1b71fa62050515314cfb52cf ] circlass C:\Windows\system32\drivers\circlass.sys 11:59:08.0031 4252 circlass - ok 11:59:08.0062 4252 [ fe1ec06f2253f691fe36217c592a0206 ] CLFS C:\Windows\system32\CLFS.sys 11:59:08.0078 4252 CLFS - ok 11:59:08.0140 4252 [ d88040f816fda31c3b466f0fa0918f29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 11:59:08.0140 4252 clr_optimization_v2.0.50727_32 - ok 11:59:08.0218 4252 [ d1ceea2b47cb998321c579651ce3e4f8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 11:59:08.0218 4252 clr_optimization_v2.0.50727_64 - ok 11:59:08.0312 4252 [ c5a75eb48e2344abdc162bda79e16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 11:59:08.0358 4252 clr_optimization_v4.0.30319_32 - ok 11:59:08.0390 4252 [ c6f9af94dcd58122a4d7e89db6bed29d ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 11:59:08.0405 4252 clr_optimization_v4.0.30319_64 - ok 11:59:08.0436 4252 [ 0840155d0bddf1190f84a663c284bd33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys 11:59:08.0499 4252 CmBatt - ok 11:59:08.0514 4252 [ e19d3f095812725d88f9001985b94edd ] cmdide C:\Windows\system32\drivers\cmdide.sys 11:59:08.0530 4252 cmdide - ok 11:59:08.0561 4252 [ 9ac4f97c2d3e93367e2148ea940cd2cd ] CNG C:\Windows\system32\Drivers\cng.sys 11:59:08.0592 4252 CNG - ok 11:59:08.0624 4252 [ 102de219c3f61415f964c88e9085ad14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys 11:59:08.0655 4252 Compbatt - ok 11:59:08.0686 4252 [ 03edb043586cceba243d689bdda370a8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys 11:59:08.0702 4252 CompositeBus - ok 11:59:08.0702 4252 COMSysApp - ok 11:59:08.0780 4252 [ 2b406d0615b82dc9c5aa6d217224e0b9 ] CrashPlanService C:\Program Files\CrashPlan\CrashPlanService.exe 11:59:08.0811 4252 CrashPlanService ( UnsignedFile.Multi.Generic ) - warning 11:59:08.0811 4252 CrashPlanService - detected UnsignedFile.Multi.Generic (1) 11:59:08.0826 4252 [ 1c827878a998c18847245fe1f34ee597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 11:59:08.0842 4252 crcdisk - ok 11:59:08.0889 4252 [ 4f5414602e2544a4554d95517948b705 ] CryptSvc C:\Windows\system32\cryptsvc.dll 11:59:08.0967 4252 CryptSvc - ok 11:59:09.0014 4252 [ 5c627d1b1138676c0a7ab2c2c190d123 ] DcomLaunch C:\Windows\system32\rpcss.dll 11:59:09.0092 4252 DcomLaunch - ok 11:59:09.0216 4252 [ 0dbe490bb9b95ae97afcff6c6f689edd ] DDService C:\Program Files (x86)\Drobo\Drobo Dashboard\DDService.exe 11:59:09.0263 4252 DDService - ok 11:59:09.0310 4252 [ 3cec7631a84943677aa8fa8ee5b6b43d ] defragsvc C:\Windows\System32\defragsvc.dll 11:59:09.0372 4252 defragsvc - ok 11:59:09.0404 4252 [ 9bb2ef44eaa163b29c4a4587887a0fe4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 11:59:09.0450 4252 DfsC - ok 11:59:09.0497 4252 [ 43d808f5d9e1a18e5eeb5ebc83969e4e ] Dhcp C:\Windows\system32\dhcpcore.dll 11:59:09.0544 4252 Dhcp - ok 11:59:09.0560 4252 [ 13096b05847ec78f0977f2c0f79e9ab3 ] discache C:\Windows\system32\drivers\discache.sys 11:59:09.0591 4252 discache - ok 11:59:09.0606 4252 [ 9819eee8b5ea3784ec4af3b137a5244c ] Disk C:\Windows\system32\drivers\disk.sys 11:59:09.0622 4252 Disk - ok 11:59:09.0669 4252 [ 16835866aaa693c7d7fceba8fff706e4 ] Dnscache C:\Windows\System32\dnsrslvr.dll 11:59:09.0747 4252 Dnscache - ok 11:59:09.0762 4252 [ b1fb3ddca0fdf408750d5843591afbc6 ] dot3svc C:\Windows\System32\dot3svc.dll 11:59:09.0825 4252 dot3svc - ok 11:59:09.0825 4252 [ b26f4f737e8f9df4f31af6cf31d05820 ] DPS C:\Windows\system32\dps.dll 11:59:09.0856 4252 DPS - ok 11:59:09.0856 4252 [ 9b19f34400d24df84c858a421c205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 11:59:09.0872 4252 drmkaud - ok 11:59:09.0887 4252 [ f5bee30450e18e6b83a5012c100616fd ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 11:59:09.0903 4252 DXGKrnl - ok 11:59:09.0950 4252 [ e2dda8726da9cb5b2c4000c9018a9633 ] EapHost C:\Windows\System32\eapsvc.dll 11:59:09.0996 4252 EapHost - ok 11:59:10.0090 4252 [ dc5d737f51be844d8c82c695eb17372f ] ebdrv C:\Windows\system32\drivers\evbda.sys 11:59:10.0137 4252 ebdrv - ok 11:59:10.0184 4252 [ c118a82cd78818c29ab228366ebf81c3 ] EFS C:\Windows\System32\lsass.exe 11:59:10.0230 4252 EFS - ok 11:59:10.0324 4252 [ c4002b6b41975f057d98c439030cea07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 11:59:10.0371 4252 ehRecvr - ok 11:59:10.0433 4252 [ 4705e8ef9934482c5bb488ce28afc681 ] ehSched C:\Windows\ehome\ehsched.exe 11:59:10.0480 4252 ehSched - ok 11:59:10.0496 4252 [ 0e5da5369a0fcaea12456dd852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys 11:59:10.0527 4252 elxstor - ok 11:59:10.0542 4252 [ 34a3c54752046e79a126e15c51db409b ] ErrDev C:\Windows\system32\drivers\errdev.sys 11:59:10.0589 4252 ErrDev - ok 11:59:10.0636 4252 [ 4166f82be4d24938977dd1746be9b8a0 ] EventSystem C:\Windows\system32\es.dll 11:59:10.0698 4252 EventSystem - ok 11:59:10.0745 4252 [ a510c654ec00c1e9bdd91eeb3a59823b ] exfat C:\Windows\system32\drivers\exfat.sys 11:59:10.0808 4252 exfat - ok 11:59:10.0808 4252 [ 0adc83218b66a6db380c330836f3e36d ] fastfat C:\Windows\system32\drivers\fastfat.sys 11:59:10.0839 4252 fastfat - ok 11:59:10.0901 4252 [ dbefd454f8318a0ef691fdd2eaab44eb ] Fax C:\Windows\system32\fxssvc.exe 11:59:10.0948 4252 Fax - ok 11:59:10.0995 4252 [ d765d19cd8ef61f650c384f62fac00ab ] fdc C:\Windows\system32\drivers\fdc.sys 11:59:11.0057 4252 fdc - ok 11:59:11.0088 4252 [ 0438cab2e03f4fb61455a7956026fe86 ] fdPHost C:\Windows\system32\fdPHost.dll 11:59:11.0135 4252 fdPHost - ok 11:59:11.0135 4252 [ 802496cb59a30349f9a6dd22d6947644 ] FDResPub C:\Windows\system32\fdrespub.dll 11:59:11.0166 4252 FDResPub - ok 11:59:11.0198 4252 [ 655661be46b5f5f3fd454e2c3095b930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 11:59:11.0213 4252 FileInfo - ok 11:59:11.0213 4252 [ 5f671ab5bc87eea04ec38a6cd5962a47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 11:59:11.0244 4252 Filetrace - ok 11:59:11.0322 4252 [ 1f63900e2eb00101b9aca2b7a870704e ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe 11:59:11.0354 4252 FLEXnet Licensing Service - ok 11:59:11.0432 4252 [ 1c3fb052a0bb72edaed90785c34d6eed ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe 11:59:11.0447 4252 FLEXnet Licensing Service 64 - ok 11:59:11.0588 4252 [ b8602c90d3c427d8a86ce60437615cf5 ] FlipShare Service C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe 11:59:11.0619 4252 FlipShare Service - ok 11:59:11.0697 4252 [ ac5fb7094f31534594cae48306972cbd ] FlipShareServer C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe 11:59:11.0759 4252 FlipShareServer ( UnsignedFile.Multi.Generic ) - warning 11:59:11.0759 4252 FlipShareServer - detected UnsignedFile.Multi.Generic (1) 11:59:11.0806 4252 [ c172a0f53008eaeb8ea33fe10e177af5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys 11:59:11.0837 4252 flpydisk - ok 11:59:11.0837 4252 [ da6b67270fd9db3697b20fce94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 11:59:11.0853 4252 FltMgr - ok 11:59:11.0915 4252 [ a8b7f3818ab65695e3a0bb3279f6dce6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 11:59:11.0946 4252 FontCache3.0.0.0 - ok 11:59:11.0946 4252 [ d43703496149971890703b4b1b723eac ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 11:59:11.0978 4252 FsDepends - ok 11:59:12.0009 4252 [ 6bd9295cc032dd3077c671fccf579a7b ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 11:59:12.0040 4252 Fs_Rec - ok 11:59:12.0087 4252 [ 1f7b25b858fa27015169fe95e54108ed ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 11:59:12.0102 4252 fvevol - ok 11:59:12.0134 4252 [ 8c778d335c9d272cfd3298ab02abe3b6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 11:59:12.0149 4252 gagp30kx - ok 11:59:12.0212 4252 [ c403c5db49a0f9aaf4f2128edc0106d8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe 11:59:12.0227 4252 GamesAppService - ok 11:59:12.0243 4252 [ e403aacf8c7bb11375122d2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 11:59:12.0258 4252 GEARAspiWDM - ok 11:59:12.0352 4252 [ 9f5f2f0fb0a7f5aa9f16b9a7b6dad89f ] GoogleDesktopManager-051210-111108 C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe 11:59:12.0383 4252 GoogleDesktopManager-051210-111108 - ok 11:59:12.0446 4252 [ 8f6ae606eb0cc884ee12c41948424422 ] GoToAssist C:\Program Files (x86)\Citrix\GoToAssist\615\g2aservice.exe 11:59:12.0492 4252 GoToAssist - ok 11:59:12.0555 4252 [ 277bbc7e1aa1ee957f573a10eca7ef3a ] gpsvc C:\Windows\System32\gpsvc.dll 11:59:12.0617 4252 gpsvc - ok 11:59:12.0680 4252 [ f02a533f517eb38333cb12a9e8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 11:59:12.0711 4252 gupdate - ok 11:59:12.0726 4252 [ f02a533f517eb38333cb12a9e8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 11:59:12.0742 4252 gupdatem - ok 11:59:12.0836 4252 [ 5d4bc124faae6730ac002cdb67bf1a1c ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe 11:59:12.0867 4252 gusvc - ok 11:59:12.0914 4252 [ f2523ef6460fc42405b12248338ab2f0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 11:59:12.0992 4252 hcw85cir - ok 11:59:13.0023 4252 [ 975761c778e33cd22498059b91e7373a ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 11:59:13.0070 4252 HdAudAddService - ok 11:59:13.0070 4252 [ 97bfed39b6b79eb12cddbfeed51f56bb ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 11:59:13.0085 4252 HDAudBus - ok 11:59:13.0116 4252 [ 78e86380454a7b10a5eb255dc44a355f ] HidBatt C:\Windows\system32\drivers\HidBatt.sys 11:59:13.0132 4252 HidBatt - ok 11:59:13.0148 4252 [ 7fd2a313f7afe5c4dab14798c48dd104 ] HidBth C:\Windows\system32\drivers\hidbth.sys 11:59:13.0210 4252 HidBth - ok 11:59:13.0272 4252 [ 0a77d29f311b88cfae3b13f9c1a73825 ] HidIr C:\Windows\system32\drivers\hidir.sys 11:59:13.0319 4252 HidIr - ok 11:59:13.0319 4252 [ bd9eb3958f213f96b97b1d897dee006d ] hidserv C:\Windows\system32\hidserv.dll 11:59:13.0366 4252 hidserv - ok 11:59:13.0382 4252 [ 9592090a7e2b61cd582b612b6df70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 11:59:13.0397 4252 HidUsb - ok 11:59:13.0397 4252 [ a894fb2cae6a29f5d9c8eda47b074623 ] HipShieldK C:\Windows\system32\drivers\HipShieldK.sys 11:59:13.0413 4252 HipShieldK - ok 11:59:13.0460 4252 [ 387e72e739e15e3d37907a86d9ff98e2 ] hkmsvc C:\Windows\system32\kmsvc.dll 11:59:13.0506 4252 hkmsvc - ok 11:59:13.0538 4252 [ efdfb3dd38a4376f93e7985173813abd ] HomeGroupListener C:\Windows\system32\ListSvc.dll 11:59:13.0584 4252 HomeGroupListener - ok 11:59:13.0616 4252 [ 908acb1f594274965a53926b10c81e89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 11:59:13.0662 4252 HomeGroupProvider - ok 11:59:13.0740 4252 [ 13bb1114451c63bfb41ba7daa4d70a29 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe 11:59:13.0772 4252 HP Support Assistant Service - ok 11:59:13.0881 4252 [ 6a181452d4e240b8ecc7614b9a19bde9 ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe 11:59:13.0928 4252 HPClientSvc - ok 11:59:13.0974 4252 [ bcc4a8b2e2e902f52e7f2e7d8e125765 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe 11:59:14.0006 4252 HPDrvMntSvc.exe - ok 11:59:14.0037 4252 [ ec9739a46f1f83c6e52a7a4697f44a65 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe 11:59:14.0068 4252 hpqwmiex - ok 11:59:14.0099 4252 [ 39d2abcd392f3d8a6dce7b60ae7b8efc ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 11:59:14.0146 4252 HpSAMD - ok 11:59:14.0146 4252 [ 0ea7de1acb728dd5a369fd742d6eee28 ] HTTP C:\Windows\system32\drivers\HTTP.sys 11:59:14.0208 4252 HTTP - ok 11:59:14.0208 4252 [ a5462bd6884960c9dc85ed49d34ff392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 11:59:14.0224 4252 hwpolicy - ok 11:59:14.0271 4252 [ fa55c73d4affa7ee23ac4be53b4592d3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys 11:59:14.0302 4252 i8042prt - ok 11:59:14.0349 4252 [ aaaf44db3bd0b9d1fb6969b23ecc8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 11:59:14.0380 4252 iaStorV - ok 11:59:14.0427 4252 [ 5988fc40f8db5b0739cd1e3a5d0d78bd ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 11:59:14.0458 4252 idsvc - ok 11:59:14.0614 4252 [ a87261ef1546325b559374f5689cf5bc ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys 11:59:14.0708 4252 igfx - ok 11:59:14.0739 4252 [ 5c18831c61933628f5bb0ea2675b9d21 ] iirsp C:\Windows\system32\drivers\iirsp.sys 11:59:14.0754 4252 iirsp - ok 11:59:14.0801 4252 [ fcd84c381e0140af901e58d48882d26b ] IKEEXT C:\Windows\System32\ikeext.dll 11:59:14.0879 4252 IKEEXT - ok 11:59:15.0004 4252 [ 589b94a9b73a0e819ff873743a480834 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys 11:59:15.0051 4252 IntcAzAudAddService - ok 11:59:15.0082 4252 [ f00f20e70c6ec3aa366910083a0518aa ] intelide C:\Windows\system32\drivers\intelide.sys 11:59:15.0082 4252 intelide - ok 11:59:15.0129 4252 [ ada036632c664caa754079041cf1f8c1 ] intelppm C:\Windows\system32\drivers\intelppm.sys 11:59:15.0207 4252 intelppm - ok 11:59:15.0238 4252 [ c9f0e1bd74365a8771590e9008d22ab6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 11:59:15.0285 4252 IpFilterDriver - ok 11:59:15.0316 4252 [ a34a587fffd45fa649fba6d03784d257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 11:59:15.0347 4252 iphlpsvc - ok 11:59:15.0378 4252 [ 0fc1aea580957aa8817b8f305d18ca3a ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 11:59:15.0425 4252 IPMIDRV - ok 11:59:15.0425 4252 [ af9b39a7e7b6caa203b3862582e9f2d0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys 11:59:15.0472 4252 IPNAT - ok 11:59:15.0566 4252 [ a9ab99ee7d39725eafec82732d2b3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 11:59:15.0612 4252 iPod Service - ok 11:59:15.0628 4252 [ 3abf5e7213eb28966d55d58b515d5ce9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 11:59:15.0690 4252 IRENUM - ok 11:59:15.0706 4252 [ 2f7b28dc3e1183e5eb418df55c204f38 ] isapnp C:\Windows\system32\drivers\isapnp.sys 11:59:15.0722 4252 isapnp - ok 11:59:15.0768 4252 [ d931d7309deb2317035b07c9f9e6b0bd ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys 11:59:15.0800 4252 iScsiPrt - ok 11:59:15.0831 4252 [ bc02336f1cba7dcc7d1213bb588a68a5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 11:59:15.0862 4252 kbdclass - ok 11:59:15.0893 4252 [ 0705eff5b42a9db58548eec3b26bb484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 11:59:15.0909 4252 kbdhid - ok 11:59:15.0940 4252 [ c118a82cd78818c29ab228366ebf81c3 ] KeyIso C:\Windows\system32\lsass.exe 11:59:15.0971 4252 KeyIso - ok 11:59:16.0002 4252 [ 97a7070aea4c058b6418519e869a63b4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 11:59:16.0018 4252 KSecDD - ok 11:59:16.0080 4252 [ 26c43a7c2862447ec59deda188d1da07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 11:59:16.0127 4252 KSecPkg - ok 11:59:16.0127 4252 [ 6869281e78cb31a43e969f06b57347c4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 11:59:16.0205 4252 ksthunk - ok 11:59:16.0236 4252 [ 6ab66e16aa859232f64deb66887a8c9c ] KtmRm C:\Windows\system32\msdtckrm.dll 11:59:16.0314 4252 KtmRm - ok 11:59:16.0361 4252 [ d9f42719019740baa6d1c6d536cbdaa6 ] LanmanServer C:\Windows\system32\srvsvc.dll 11:59:16.0392 4252 LanmanServer - ok 11:59:16.0424 4252 [ 851a1382eed3e3a7476db004f4ee3e1a ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 11:59:16.0455 4252 LanmanWorkstation - ok 11:59:16.0455 4252 [ 1538831cf8ad2979a04c423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 11:59:16.0502 4252 lltdio - ok 11:59:16.0548 4252 [ c1185803384ab3feed115f79f109427f ] lltdsvc C:\Windows\System32\lltdsvc.dll 11:59:16.0595 4252 lltdsvc - ok 11:59:16.0642 4252 [ f993a32249b66c9d622ea5592a8b76b8 ] lmhosts C:\Windows\System32\lmhsvc.dll 11:59:16.0658 4252 lmhosts - ok 11:59:16.0720 4252 [ 1a93e54eb0ece102495a51266dcdb6a6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 11:59:16.0720 4252 LSI_FC - ok 11:59:16.0751 4252 [ 1047184a9fdc8bdbff857175875ee810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 11:59:16.0767 4252 LSI_SAS - ok 11:59:16.0782 4252 [ 30f5c0de1ee8b5bc9306c1f0e4a75f93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys 11:59:16.0798 4252 LSI_SAS2 - ok 11:59:16.0814 4252 [ 0504eacaff0d3c8aed161c4b0d369d4a ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 11:59:16.0829 4252 LSI_SCSI - ok 11:59:16.0829 4252 [ 43d0f98e1d56ccddb0d5254cff7b356e ] luafv C:\Windows\system32\drivers\luafv.sys 11:59:16.0860 4252 luafv - ok 11:59:16.0954 4252 [ c121367d21599367f2adb9c11b7babaa ] McAfee SiteAdvisor Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe 11:59:16.0985 4252 McAfee SiteAdvisor Service - ok 11:59:17.0001 4252 [ c121367d21599367f2adb9c11b7babaa ] McMPFSvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe 11:59:17.0016 4252 McMPFSvc - ok 11:59:17.0016 4252 [ c121367d21599367f2adb9c11b7babaa ] mcmscsvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe 11:59:17.0032 4252 mcmscsvc - ok 11:59:17.0032 4252 [ c121367d21599367f2adb9c11b7babaa ] McNaiAnn C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe 11:59:17.0048 4252 McNaiAnn - ok 11:59:17.0048 4252 [ c121367d21599367f2adb9c11b7babaa ] McNASvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe 11:59:17.0063 4252 McNASvc - ok 11:59:17.0141 4252 [ 3fcd6f2c6d8502402b716143bd57bcba ] McODS C:\Program Files\McAfee\VirusScan\mcods.exe 11:59:17.0172 4252 McODS - ok 11:59:17.0188 4252 [ c121367d21599367f2adb9c11b7babaa ] McProxy C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe 11:59:17.0204 4252 McProxy - ok 11:59:17.0219 4252 [ 837072909ad6e3fba4b0c9334fdad580 ] McPvDrv C:\Windows\system32\drivers\McPvDrv.sys 11:59:17.0235 4252 McPvDrv - ok 11:59:17.0297 4252 [ 4dec9b5bedaa97b1ff6a3923e1c4f58a ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe 11:59:17.0328 4252 McShield - ok 11:59:17.0360 4252 [ 0be09cd858abf9df6ed259d57a1a1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 11:59:17.0375 4252 Mcx2Svc - ok 11:59:17.0406 4252 [ a55805f747c6edb6a9080d7c633bd0f4 ] megasas C:\Windows\system32\drivers\megasas.sys 11:59:17.0422 4252 megasas - ok 11:59:17.0438 4252 [ baf74ce0072480c3b6b7c13b2a94d6b3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys 11:59:17.0453 4252 MegaSR - ok 11:59:17.0469 4252 [ b574522827d94126c03975fd53f0b26b ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys 11:59:17.0484 4252 mfeapfk - ok 11:59:17.0484 4252 [ b393753ece9a9e2307cb1984acf3da9d ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys 11:59:17.0500 4252 mfeavfk - ok 11:59:17.0500 4252 mfeavfk01 - ok 11:59:17.0516 4252 [ 97c398750c8e80a48eb63999546f796e ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe 11:59:17.0516 4252 mfefire - ok 11:59:17.0531 4252 [ c52a1abf03dd219375ea0f6a8be941c3 ] mfefirek C:\Windows\system32\drivers\mfefirek.sys 11:59:17.0547 4252 mfefirek - ok 11:59:17.0594 4252 [ 7092a6c6158fc4f5aa39ebeb9d5af03d ] mfehidk C:\Windows\system32\drivers\mfehidk.sys 11:59:17.0672 4252 mfehidk - ok 11:59:17.0672 4252 [ d2a941c82a0a9227cd6f47ad40a40f69 ] mferkdet C:\Windows\system32\drivers\mferkdet.sys 11:59:17.0687 4252 mferkdet - ok 11:59:17.0781 4252 [ 04d48692eff181da46dd8ea8be9ffb2b ] mfevtp C:\Windows\system32\mfevtps.exe 11:59:17.0812 4252 mfevtp - ok 11:59:17.0828 4252 [ 1631e2da6c4b47d97eca94842836592e ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys 11:59:17.0843 4252 mfewfpk - ok 11:59:17.0874 4252 [ e40e80d0304a73e8d269f7141d77250b ] MMCSS C:\Windows\system32\mmcss.dll 11:59:17.0921 4252 MMCSS - ok 11:59:17.0999 4252 [ 8cc001c65c31633171991fa72a551d43 ] MOBKbackup C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe 11:59:18.0046 4252 MOBKbackup - ok 11:59:18.0046 4252 [ 3800c23d0d90c59aafcdefdc82b5c4af ] MOBKFilter C:\Windows\system32\DRIVERS\MOBK.sys 11:59:18.0093 4252 MOBKFilter - ok 11:59:18.0124 4252 [ 800ba92f7010378b09f9ed9270f07137 ] Modem C:\Windows\system32\drivers\modem.sys 11:59:18.0218 4252 Modem - ok 11:59:18.0218 4252 [ b03d591dc7da45ece20b3b467e6aadaa ] monitor C:\Windows\system32\DRIVERS\monitor.sys 11:59:18.0233 4252 monitor - ok 11:59:18.0264 4252 [ 7d27ea49f3c1f687d357e77a470aea99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 11:59:18.0296 4252 mouclass - ok 11:59:18.0327 4252 [ d3bf052c40b0c4166d9fd86a4288c1e6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 11:59:18.0374 4252 mouhid - ok 11:59:18.0374 4252 [ 32e7a3d591d671a6df2db515a5cbe0fa ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 11:59:18.0389 4252 mountmgr - ok 11:59:18.0452 4252 [ 689dda2f964c5227ded85fe3afb9f356 ] mozyprobackup C:\Program Files\MozyPro\mozyprobackup.exe 11:59:18.0483 4252 mozyprobackup - ok 11:59:18.0483 4252 [ 792e9d1d6160df481dea44d8171b8e25 ] mozyproFilter C:\Windows\system32\DRIVERS\mozypro.sys 11:59:18.0498 4252 mozyproFilter - ok 11:59:18.0545 4252 [ a44b420d30bd56e145d6a2bc8768ec58 ] mpio C:\Windows\system32\drivers\mpio.sys 11:59:18.0576 4252 mpio - ok 11:59:18.0576 4252 [ 6c38c9e45ae0ea2fa5e551f2ed5e978f ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 11:59:18.0608 4252 mpsdrv - ok 11:59:18.0639 4252 [ 54ffc9c8898113ace189d4aa7199d2c1 ] MpsSvc C:\Windows\system32\mpssvc.dll 11:59:18.0701 4252 MpsSvc - ok 11:59:18.0732 4252 [ dc722758b8261e1abafd31a3c0a66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 11:59:18.0764 4252 MRxDAV - ok 11:59:18.0826 4252 [ a5d9106a73dc88564c825d317cac68ac ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 11:59:18.0888 4252 mrxsmb - ok 11:59:18.0920 4252 [ d711b3c1d5f42c0c2415687be09fc163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 11:59:18.0935 4252 mrxsmb10 - ok 11:59:18.0966 4252 [ 9423e9d355c8d303e76b8cfbd8a5c30c ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 11:59:18.0982 4252 mrxsmb20 - ok 11:59:18.0982 4252 [ c25f0bafa182cbca2dd3c851c2e75796 ] msahci C:\Windows\system32\drivers\msahci.sys 11:59:18.0998 4252 msahci - ok 11:59:19.0013 4252 [ db801a638d011b9633829eb6f663c900 ] msdsm C:\Windows\system32\drivers\msdsm.sys 11:59:19.0029 4252 msdsm - ok 11:59:19.0044 4252 [ de0ece52236cfa3ed2dbfc03f28253a8 ] MSDTC C:\Windows\System32\msdtc.exe 11:59:19.0107 4252 MSDTC - ok 11:59:19.0138 4252 [ aa3fb40e17ce1388fa1bedab50ea8f96 ] Msfs C:\Windows\system32\drivers\Msfs.sys 11:59:19.0185 4252 Msfs - ok 11:59:19.0200 4252 [ f9d215a46a8b9753f61767fa72a20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 11:59:19.0247 4252 mshidkmdf - ok 11:59:19.0278 4252 [ d916874bbd4f8b07bfb7fa9b3ccae29d ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 11:59:19.0294 4252 msisadrv - ok 11:59:19.0325 4252 [ 808e98ff49b155c522e6400953177b08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 11:59:19.0434 4252 MSiSCSI - ok 11:59:19.0450 4252 msiserver - ok 11:59:19.0466 4252 [ c121367d21599367f2adb9c11b7babaa ] MSK80Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe 11:59:19.0497 4252 MSK80Service - ok 11:59:19.0497 4252 [ 49ccf2c4fea34ffad8b1b59d49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 11:59:19.0544 4252 MSKSSRV - ok 11:59:19.0544 4252 [ bdd71ace35a232104ddd349ee70e1ab3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 11:59:19.0575 4252 MSPCLOCK - ok 11:59:19.0590 4252 [ 4ed981241db27c3383d72092b618a1d0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 11:59:19.0622 4252 MSPQM - ok 11:59:19.0622 4252 [ 759a9eeb0fa9ed79da1fb7d4ef78866d ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 11:59:19.0637 4252 MsRPC - ok 11:59:19.0668 4252 [ 0eed230e37515a0eaee3c2e1bc97b288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys 11:59:19.0684 4252 mssmbios - ok 11:59:19.0684 4252 [ 2e66f9ecb30b4221a318c92ac2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 11:59:19.0715 4252 MSTEE - ok 11:59:19.0731 4252 [ 7ea404308934e675bffde8edf0757bcd ] MTConfig C:\Windows\system32\drivers\MTConfig.sys 11:59:19.0746 4252 MTConfig - ok 11:59:19.0746 4252 [ f9a18612fd3526fe473c1bda678d61c8 ] Mup C:\Windows\system32\Drivers\mup.sys 11:59:19.0762 4252 Mup - ok 11:59:19.0793 4252 [ 582ac6d9873e31dfa28a4547270862dd ] napagent C:\Windows\system32\qagentRT.dll 11:59:19.0840 4252 napagent - ok 11:59:19.0871 4252 [ 1ea3749c4114db3e3161156ffffa6b33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 11:59:19.0887 4252 NativeWifiP - ok 11:59:19.0918 4252 [ 79b47fd40d9a817e932f9d26fac0a81c ] NDIS C:\Windows\system32\drivers\ndis.sys 11:59:19.0934 4252 NDIS - ok 11:59:19.0949 4252 [ 9f9a1f53aad7da4d6fef5bb73ab811ac ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 11:59:19.0980 4252 NdisCap - ok 11:59:20.0012 4252 [ 30639c932d9fef22b31268fe25a1b6e5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 11:59:20.0074 4252 NdisTapi - ok 11:59:20.0074 4252 [ 136185f9fb2cc61e573e676aa5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 11:59:20.0105 4252 Ndisuio - ok 11:59:20.0105 4252 [ 53f7305169863f0a2bddc49e116c2e11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 11:59:20.0168 4252 NdisWan - ok 11:59:20.0168 4252 [ 015c0d8e0e0421b4cfd48cffe2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 11:59:20.0199 4252 NDProxy - ok 11:59:20.0199 4252 [ 86743d9f5d2b1048062b14b1d84501c4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 11:59:20.0230 4252 NetBIOS - ok 11:59:20.0261 4252 [ 09594d1089c523423b32a4229263f068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 11:59:20.0292 4252 NetBT - ok 11:59:20.0355 4252 [ c118a82cd78818c29ab228366ebf81c3 ] Netlogon C:\Windows\system32\lsass.exe 11:59:20.0386 4252 Netlogon - ok 11:59:20.0433 4252 [ d22cd77d4f0d63d1169bb35911bff12d ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 11:59:20.0448 4252 NetMsmqActivator - ok 11:59:20.0448 4252 [ d22cd77d4f0d63d1169bb35911bff12d ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 11:59:20.0464 4252 NetPipeActivator - ok 11:59:20.0464 4252 [ d22cd77d4f0d63d1169bb35911bff12d ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 11:59:20.0480 4252 NetTcpActivator - ok 11:59:20.0480 4252 [ d22cd77d4f0d63d1169bb35911bff12d ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 11:59:20.0495 4252 NetTcpPortSharing - ok 11:59:20.0526 4252 [ 77889813be4d166cdab78ddba990da92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 11:59:20.0558 4252 nfrd960 - ok 11:59:20.0589 4252 [ 1ee99a89cc788ada662441d1e9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll 11:59:20.0651 4252 NlaSvc - ok 11:59:20.0667 4252 [ 1e4c4ab5c9b8dd13179bbdc75a2a01f7 ] Npfs C:\Windows\system32\drivers\Npfs.sys 11:59:20.0698 4252 Npfs - ok 11:59:20.0698 4252 [ e7f5ae18af4168178a642a9247c63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 11:59:20.0729 4252 nsiproxy - ok 11:59:20.0745 4252 [ a2f74975097f52a00745f9637451fdd8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 11:59:20.0776 4252 Ntfs - ok 11:59:20.0792 4252 [ 9899284589f75fa8724ff3d16aed75c1 ] Null C:\Windows\system32\drivers\Null.sys 11:59:20.0823 4252 Null - ok 11:59:20.0885 4252 [ 0a92cb65770442ed0dc44834632f66ad ] nvraid C:\Windows\system32\drivers\nvraid.sys 11:59:20.0901 4252 nvraid - ok 11:59:20.0963 4252 [ dab0e87525c10052bf65f06152f37e4a ] nvstor C:\Windows\system32\drivers\nvstor.sys 11:59:20.0994 4252 nvstor - ok 11:59:21.0041 4252 [ 270d7cd42d6e3979f6dd0146650f0e05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 11:59:21.0072 4252 nv_agp - ok 11:59:21.0104 4252 [ 3589478e4b22ce21b41fa1bfc0b8b8a0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 11:59:21.0119 4252 ohci1394 - ok 11:59:21.0244 4252 [ 9d10f99a6712e28f8acd5641e3a7ea6b ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 11:59:21.0275 4252 ose - ok 11:59:21.0494 4252 [ 61bffb5f57ad12f83ab64b7181829b34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 11:59:21.0556 4252 osppsvc - ok 11:59:21.0587 4252 [ 3eac4455472cc2c97107b5291e0dcafe ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 11:59:21.0634 4252 p2pimsvc - ok 11:59:21.0681 4252 [ 927463ecb02179f88e4b9a17568c63c3 ] p2psvc C:\Windows\system32\p2psvc.dll 11:59:21.0696 4252 p2psvc - ok 11:59:21.0712 4252 [ 0086431c29c35be1dbc43f52cc273887 ] Parport C:\Windows\system32\drivers\parport.sys 11:59:21.0728 4252 Parport - ok 11:59:21.0759 4252 [ e9766131eeade40a27dc27d2d68fba9c ] partmgr C:\Windows\system32\drivers\partmgr.sys 11:59:21.0790 4252 partmgr - ok 11:59:21.0806 4252 [ 3aeaa8b561e63452c655dc0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll 11:59:21.0868 4252 PcaSvc - ok 11:59:21.0946 4252 [ 94575c0571d1462a0f70bde6bd6ee6b3 ] pci C:\Windows\system32\drivers\pci.sys 11:59:21.0962 4252 pci - ok 11:59:21.0993 4252 [ b5b8b5ef2e5cb34df8dcf8831e3534fa ] pciide C:\Windows\system32\drivers\pciide.sys 11:59:21.0993 4252 pciide - ok 11:59:22.0008 4252 [ b2e81d4e87ce48589f98cb8c05b01f2f ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 11:59:22.0024 4252 pcmcia - ok 11:59:22.0040 4252 [ d6b9c2e1a11a3a4b26a182ffef18f603 ] pcw C:\Windows\system32\drivers\pcw.sys 11:59:22.0055 4252 pcw - ok 11:59:22.0087 4252 pdfcDispatcher - ok 11:59:22.0102 4252 [ 68769c3356b3be5d1c732c97b9a80d6e ] PEAUTH C:\Windows\system32\drivers\peauth.sys 11:59:22.0149 4252 PEAUTH - ok 11:59:22.0258 4252 [ e495e408c93141e8fc72dc0c6046ddfa ] PerfHost C:\Windows\SysWow64\perfhost.exe 11:59:22.0321 4252 PerfHost - ok 11:59:22.0383 4252 [ c7cf6a6e137463219e1259e3f0f0dd6c ] pla C:\Windows\system32\pla.dll 11:59:22.0430 4252 pla - ok 11:59:22.0445 4252 [ 7195581cec9bb7d12abe54036acc2e38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 11:59:22.0477 4252 PNRPAutoReg - ok 11:59:22.0508 4252 [ 4f15d75adf6156bf56eced6d4a55c389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 11:59:22.0555 4252 PolicyAgent - ok 11:59:22.0601 4252 [ 6ba9d927dded70bd1a9caded45f8b184 ] Power C:\Windows\system32\umpo.dll 11:59:22.0726 4252 Power - ok 11:59:22.0742 4252 [ f92a2c41117a11a00be01ca01a7fcde9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 11:59:22.0789 4252 PptpMiniport - ok 11:59:22.0820 4252 [ 0d922e23c041efb1c3fac2a6f943c9bf ] Processor C:\Windows\system32\drivers\processr.sys 11:59:22.0882 4252 Processor - ok 11:59:22.0929 4252 [ 53e83f1f6cf9d62f32801cf66d8352a8 ] ProfSvc C:\Windows\system32\profsvc.dll 11:59:22.0991 4252 ProfSvc - ok 11:59:23.0007 4252 [ c118a82cd78818c29ab228366ebf81c3 ] ProtectedStorage C:\Windows\system32\lsass.exe 11:59:23.0023 4252 ProtectedStorage - ok 11:59:23.0069 4252 [ 0557cf5a2556bd58e26384169d72438d ] Psched C:\Windows\system32\DRIVERS\pacer.sys 11:59:23.0101 4252 Psched - ok 11:59:23.0241 4252 [ 291e76c02c0994e4e6f1f97a4bcf6c0e ] QBCFMonitorService C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe 11:59:23.0272 4252 QBCFMonitorService ( UnsignedFile.Multi.Generic ) - warning 11:59:23.0272 4252 QBCFMonitorService - detected UnsignedFile.Multi.Generic (1) 11:59:23.0366 4252 [ 6bee1814470dc12fa20c53dfc3c97ebb ] QBFCService C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe 11:59:23.0397 4252 QBFCService ( UnsignedFile.Multi.Generic ) - warning 11:59:23.0397 4252 QBFCService - detected UnsignedFile.Multi.Generic (1) 11:59:23.0506 4252 [ 556ef21a96d296357d7ba075095e0a0a ] QBVSS C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe 11:59:23.0569 4252 QBVSS ( UnsignedFile.Multi.Generic ) - warning 11:59:23.0569 4252 QBVSS - detected UnsignedFile.Multi.Generic (1) 11:59:23.0647 4252 [ a53a15a11ebfd21077463ee2c7afeef0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys 11:59:23.0678 4252 ql2300 - ok 11:59:23.0693 4252 [ 4f6d12b51de1aaeff7dc58c4d75423c8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 11:59:23.0709 4252 ql40xx - ok 11:59:23.0725 4252 [ 76707bb36430888d9ce9d705398adb6c ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 11:59:23.0740 4252 QWAVEdrv - ok 11:59:23.0740 4252 [ 5a0da8ad5762fa2d91678a8a01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 11:59:23.0771 4252 RasAcd - ok 11:59:23.0803 4252 [ 7ecff9b22276b73f43a99a15a6094e90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 11:59:23.0849 4252 RasAgileVpn - ok 11:59:23.0881 4252 [ 8f26510c5383b8dbe976de1cd00fc8c7 ] RasAuto C:\Windows\System32\rasauto.dll 11:59:23.0912 4252 RasAuto - ok 11:59:23.0912 4252 [ 471815800ae33e6f1c32fb1b97c490ca ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 11:59:24.0005 4252 Rasl2tp - ok 11:59:24.0005 4252 [ 855c9b1cd4756c5e9a2aa58a15f58c25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 11:59:24.0037 4252 RasPppoe - ok 11:59:24.0037 4252 [ e8b1e447b008d07ff47d016c2b0eeecb ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 11:59:24.0068 4252 RasSstp - ok 11:59:24.0083 4252 [ 77f665941019a1594d887a74f301fa2f ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 11:59:24.0115 4252 rdbss - ok 11:59:24.0146 4252 [ 302da2a0539f2cf54d7c6cc30c1f2d8d ] rdpbus C:\Windows\system32\drivers\rdpbus.sys 11:59:24.0161 4252 rdpbus - ok 11:59:24.0208 4252 [ cea6cc257fc9b7715f1c2b4849286d24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 11:59:24.0271 4252 RDPCDD - ok 11:59:24.0271 4252 [ bb5971a4f00659529a5c44831af22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 11:59:24.0333 4252 RDPENCDD - ok 11:59:24.0333 4252 [ 216f3fa57533d98e1f74ded70113177a ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 11:59:24.0364 4252 RDPREFMP - ok 11:59:24.0380 4252 [ e61608aa35e98999af9aaeeea6114b0a ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 11:59:24.0442 4252 RDPWD - ok 11:59:24.0458 4252 [ 34ed295fa0121c241bfef24764fc4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 11:59:24.0473 4252 rdyboost - ok 11:59:24.0505 4252 [ 254fb7a22d74e5511c73a3f6d802f192 ] RemoteAccess C:\Windows\System32\mprdim.dll 11:59:24.0598 4252 RemoteAccess - ok 11:59:24.0629 4252 [ e4d94f24081440b5fc5aa556c7c62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll 11:59:24.0661 4252 RemoteRegistry - ok 11:59:24.0754 4252 [ 085d18c71ab2611a3d61528132b6501e ] RoxioNow Service C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe 11:59:24.0785 4252 RoxioNow Service - ok 11:59:24.0817 4252 [ e4dc58cf7b3ea515ae917ff0d402a7bb ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 11:59:24.0848 4252 RpcEptMapper - ok 11:59:24.0863 4252 [ d5ba242d4cf8e384db90e6a8ed850b8c ] RpcLocator C:\Windows\system32\locator.exe 11:59:24.0879 4252 RpcLocator - ok 11:59:24.0895 4252 [ 5c627d1b1138676c0a7ab2c2c190d123 ] RpcSs C:\Windows\system32\rpcss.dll 11:59:24.0926 4252 RpcSs - ok 11:59:24.0941 4252 [ ddc86e4f8e7456261e637e3552e804ff ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 11:59:24.0973 4252 rspndr - ok 11:59:25.0004 4252 [ afc12dfa4c7b089673ad67402ca19edb ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys 11:59:25.0035 4252 RTL8167 - ok 11:59:25.0066 4252 [ c118a82cd78818c29ab228366ebf81c3 ] SamSs C:\Windows\system32\lsass.exe 11:59:25.0082 4252 SamSs - ok 11:59:25.0097 4252 [ ac03af3329579fffb455aa2daabbe22b ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 11:59:25.0113 4252 sbp2port - ok 11:59:25.0144 4252 [ 9b7395789e3791a3b6d000fe6f8b131e ] SCardSvr C:\Windows\System32\SCardSvr.dll 11:59:25.0175 4252 SCardSvr - ok 11:59:25.0175 4252 [ 253f38d0d7074c02ff8deb9836c97d2b ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 11:59:25.0222 4252 scfilter - ok 11:59:25.0222 4252 [ 262f6592c3299c005fd6bec90fc4463a ] Schedule C:\Windows\system32\schedsvc.dll 11:59:25.0269 4252 Schedule - ok 11:59:25.0316 4252 [ f17d1d393bbc69c5322fbfafaca28c7f ] SCPolicySvc C:\Windows\System32\certprop.dll 11:59:25.0347 4252 SCPolicySvc - ok 11:59:25.0378 4252 [ 6ea4234dc55346e0709560fe7c2c1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll 11:59:25.0409 4252 SDRSVC - ok 11:59:25.0425 4252 [ 3ea8a16169c26afbeb544e0e48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys 11:59:25.0456 4252 secdrv - ok 11:59:25.0487 4252 [ cb624c0035412af0debec78c41f5ca1b ] Serenum C:\Windows\system32\drivers\serenum.sys 11:59:25.0503 4252 Serenum - ok 11:59:25.0550 4252 [ c1d8e28b2c2adfaec4ba89e9fda69bd6 ] Serial C:\Windows\system32\drivers\serial.sys 11:59:25.0565 4252 Serial - ok 11:59:25.0597 4252 [ 1c545a7d0691cc4a027396535691c3e3 ] sermouse C:\Windows\system32\drivers\sermouse.sys 11:59:25.0612 4252 sermouse - ok 11:59:25.0659 4252 [ a554811bcd09279536440c964ae35bbf ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 11:59:25.0675 4252 sffdisk - ok 11:59:25.0690 4252 [ ff414f0baefeba59bc6c04b3db0b87bf ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 11:59:25.0706 4252 sffp_mmc - ok 11:59:25.0706 4252 [ dd85b78243a19b59f0637dcf284da63c ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 11:59:25.0737 4252 sffp_sd - ok 11:59:25.0784 4252 [ a9d601643a1647211a1ee2ec4e433ff4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 11:59:25.0831 4252 sfloppy - ok 11:59:25.0877 4252 [ b95f6501a2f8b2e78c697fec401970ce ] SharedAccess C:\Windows\System32\ipnathlp.dll 11:59:25.0940 4252 SharedAccess - ok 11:59:25.0955 4252 [ aaf932b4011d14052955d4b212a4da8d ] ShellHWDetection C:\Windows\System32\shsvcs.dll 11:59:26.0002 4252 ShellHWDetection - ok 11:59:26.0033 4252 [ 843caf1e5fde1ffd5ff768f23a51e2e1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys 11:59:26.0049 4252 SiSRaid2 - ok 11:59:26.0065 4252 [ 6a6c106d42e9ffff8b9fcb4f754f6da4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 11:59:26.0065 4252 SiSRaid4 - ok 11:59:26.0111 4252 [ 548260a7b8654e024dc30bf8a7c5baa4 ] Smb C:\Windows\system32\DRIVERS\smb.sys 11:59:26.0143 4252 Smb - ok 11:59:26.0267 4252 [ 6313f223e817cc09aa41811daa7f541d ] SNMPTRAP C:\Windows\System32\snmptrap.exe 11:59:26.0361 4252 SNMPTRAP - ok 11:59:26.0423 4252 [ b9e31e5cacdfe584f34f730a677803f9 ] spldr C:\Windows\system32\drivers\spldr.sys 11:59:26.0439 4252 spldr - ok 11:59:26.0470 4252 [ b96c17b5dc1424d56eea3a99e97428cd ] Spooler C:\Windows\System32\spoolsv.exe 11:59:26.0501 4252 Spooler - ok 11:59:26.0564 4252 [ e17e0188bb90fae42d83e98707efa59c ] sppsvc C:\Windows\system32\sppsvc.exe 11:59:26.0642 4252 sppsvc - ok 11:59:26.0689 4252 [ d8b882c520fc83547e22014ff5ec66d7 ] Spyder3 C:\Windows\system32\DRIVERS\Spyder3.sys 11:59:26.0751 4252 Spyder3 - ok 11:59:26.0767 4252 [ 441fba48bff01fdb9d5969ebc1838f0b ] srv C:\Windows\system32\DRIVERS\srv.sys 11:59:26.0798 4252 srv - ok 11:59:26.0845 4252 [ b4adebbf5e3677cce9651e0f01f7cc28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 11:59:26.0860 4252 srv2 - ok 11:59:26.0891 4252 [ 27e461f0be5bff5fc737328f749538c3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 11:59:26.0891 4252 srvnet - ok 11:59:26.0923 4252 [ 51b52fbd583cde8aa9ba62b8b4298f33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 11:59:26.0954 4252 SSDPSRV - ok 11:59:26.0954 4252 [ ab7aebf58dad8daab7a6c45e6a8885cb ] SstpSvc C:\Windows\system32\sstpsvc.dll 11:59:26.0985 4252 SstpSvc - ok 11:59:27.0001 4252 [ f3817967ed533d08327dc73bc4d5542a ] stexstor C:\Windows\system32\drivers\stexstor.sys 11:59:27.0016 4252 stexstor - ok 11:59:27.0047 4252 [ decacb6921ded1a38642642685d77dac ] StillCam C:\Windows\system32\DRIVERS\serscan.sys 11:59:27.0063 4252 StillCam - ok 11:59:27.0125 4252 [ 8dd52e8e6128f4b2da92ce27402871c1 ] stisvc C:\Windows\System32\wiaservc.dll 11:59:27.0172 4252 stisvc - ok 11:59:27.0188 4252 [ d01ec09b6711a5f8e7e6564a4d0fbc90 ] swenum C:\Windows\system32\drivers\swenum.sys 11:59:27.0203 4252 swenum - ok 11:59:27.0235 4252 [ e08e46fdd841b7184194011ca1955a0b ] swprv C:\Windows\System32\swprv.dll 11:59:27.0266 4252 swprv - ok 11:59:27.0266 4252 [ e3c61fd7b7c2557e1f1b0b4cec713585 ] TabletInputService C:\Windows\System32\TabSvc.dll 11:59:27.0328 4252 TabletInputService - ok 11:59:27.0578 4252 [ 191394b308bd7fedb4ebb4f7f04c1339 ] TabletServiceWacom C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe 11:59:27.0656 4252 TabletServiceWacom - ok 11:59:27.0656 4252 [ 40f0849f65d13ee87b9a9ae3c1dd6823 ] TapiSrv C:\Windows\System32\tapisrv.dll 11:59:27.0703 4252 TapiSrv - ok 11:59:27.0718 4252 [ 1be03ac720f4d302ea01d40f588162f6 ] TBS C:\Windows\System32\tbssvc.dll 11:59:27.0749 4252 TBS - ok 11:59:27.0812 4252 [ acb82bda8f46c84f465c1afa517dc4b9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 11:59:27.0874 4252 Tcpip - ok 11:59:27.0952 4252 [ acb82bda8f46c84f465c1afa517dc4b9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 11:59:27.0999 4252 TCPIP6 - ok 11:59:27.0999 4252 [ df687e3d8836bfb04fcc0615bf15a519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 11:59:28.0077 4252 tcpipreg - ok 11:59:28.0108 4252 [ 3371d21011695b16333a3934340c4e7c ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 11:59:28.0155 4252 TDPIPE - ok 11:59:28.0202 4252 [ 51c5eceb1cdee2468a1748be550cfbc8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 11:59:28.0249 4252 TDTCP - ok 11:59:28.0249 4252 [ ddad5a7ab24d8b65f8d724f5c20fd806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 11:59:28.0280 4252 tdx - ok 11:59:28.0327 4252 [ 561e7e1f06895d78de991e01dd0fb6e5 ] TermDD C:\Windows\system32\drivers\termdd.sys 11:59:28.0358 4252 TermDD - ok 11:59:28.0405 4252 [ 2e648163254233755035b46dd7b89123 ] TermService C:\Windows\System32\termsrv.dll 11:59:28.0483 4252 TermService - ok 11:59:28.0483 4252 [ f0344071948d1a1fa732231785a0664c ] Themes C:\Windows\system32\themeservice.dll 11:59:28.0498 4252 Themes - ok 11:59:28.0529 4252 [ e40e80d0304a73e8d269f7141d77250b ] THREADORDER C:\Windows\system32\mmcss.dll 11:59:28.0561 4252 THREADORDER - ok 11:59:28.0576 4252 [ 7e7afd841694f6ac397e99d75cead49d ] TrkWks C:\Windows\System32\trkwks.dll 11:59:28.0623 4252 TrkWks - ok 11:59:28.0701 4252 [ 773212b2aaa24c1e31f10246b15b276c ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 11:59:28.0779 4252 TrustedInstaller - ok 11:59:28.0795 4252 [ ce18b2cdfc837c99e5fae9ca6cba5d30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 11:59:28.0826 4252 tssecsrv - ok 11:59:28.0826 4252 [ d11c783e3ef9a3c52c0ebe83cc5000e9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 11:59:28.0841 4252 TsUsbFlt - ok 11:59:28.0873 4252 [ 9cc2ccae8a84820eaecb886d477cbcb8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys 11:59:28.0888 4252 TsUsbGD - ok 11:59:28.0935 4252 [ 3566a8daafa27af944f5d705eaa64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 11:59:29.0013 4252 tunnel - ok 11:59:29.0044 4252 [ b4dd609bd7e282bfc683cec7eaaaad67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys 11:59:29.0060 4252 uagp35 - ok 11:59:29.0075 4252 [ ff4232a1a64012baa1fd97c7b67df593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 11:59:29.0122 4252 udfs - ok 11:59:29.0153 4252 [ 3cbdec8d06b9968aba702eba076364a1 ] UI0Detect C:\Windows\system32\UI0Detect.exe 11:59:29.0169 4252 UI0Detect - ok 11:59:29.0231 4252 [ 4bfe1bc28391222894cbf1e7d0e42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 11:59:29.0263 4252 uliagpkx - ok 11:59:29.0278 4252 [ dc54a574663a895c8763af0fa1ff7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys 11:59:29.0294 4252 umbus - ok 11:59:29.0325 4252 [ b2e8e8cb557b156da5493bbddcc1474d ] UmPass C:\Windows\system32\drivers\umpass.sys 11:59:29.0341 4252 UmPass - ok 11:59:29.0403 4252 [ fb251567f41bc61988b26731dec19e4b ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys 11:59:29.0465 4252 USBAAPL64 - ok 11:59:29.0465 4252 [ 6f1a3157a1c89435352ceb543cdb359c ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 11:59:29.0481 4252 usbccgp - ok 11:59:29.0512 4252 [ af0892a803fdda7492f595368e3b68e7 ] usbcir C:\Windows\system32\drivers\usbcir.sys 11:59:29.0543 4252 usbcir - ok 11:59:29.0559 4252 [ c025055fe7b87701eb042095df1a2d7b ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 11:59:29.0575 4252 usbehci - ok 11:59:29.0575 4252 [ 2c780746dc44a28fe67004dc58173f05 ] usbfilter C:\Windows\system32\drivers\usbfilter.sys 11:59:29.0590 4252 usbfilter - ok 11:59:29.0590 4252 [ 287c6c9410b111b68b52ca298f7b8c24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 11:59:29.0606 4252 usbhub - ok 11:59:29.0606 4252 [ 9840fc418b4cbd632d3d0a667a725c31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys 11:59:29.0621 4252 usbohci - ok 11:59:29.0684 4252 [ 73188f58fb384e75c4063d29413cee3d ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 11:59:29.0715 4252 usbprint - ok 11:59:29.0777 4252 [ aaa2513c8aed8b54b189fd0c6b1634c0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys 11:59:29.0809 4252 usbscan - ok 11:59:29.0824 4252 [ fed648b01349a3c8395a5169db5fb7d6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 11:59:29.0840 4252 USBSTOR - ok 11:59:29.0871 4252 [ 62069a34518bcf9c1fd9e74b3f6db7cd ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 11:59:29.0887 4252 usbuhci - ok 11:59:29.0902 4252 [ edbb23cbcf2cdf727d64ff9b51a6070e ] UxSms C:\Windows\System32\uxsms.dll 11:59:29.0933 4252 UxSms - ok 11:59:29.0949 4252 [ c118a82cd78818c29ab228366ebf81c3 ] VaultSvc C:\Windows\system32\lsass.exe 11:59:29.0965 4252 VaultSvc - ok 11:59:29.0965 4252 [ c5c876ccfc083ff3b128f933823e87bd ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 11:59:29.0980 4252 vdrvroot - ok 11:59:29.0996 4252 [ 8d6b481601d01a456e75c3210f1830be ] vds C:\Windows\System32\vds.exe 11:59:30.0027 4252 vds - ok 11:59:30.0043 4252 [ da4da3f5e02943c2dc8c6ed875de68dd ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 11:59:30.0058 4252 vga - ok 11:59:30.0074 4252 [ 53e92a310193cb3c03bea963de7d9cfc ] VgaSave C:\Windows\System32\drivers\vga.sys 11:59:30.0121 4252 VgaSave - ok 11:59:30.0121 4252 [ 2ce2df28c83aeaf30084e1b1eb253cbb ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 11:59:30.0136 4252 vhdmp - ok 11:59:30.0167 4252 [ e5689d93ffe4e5d66c0178761240dd54 ] viaide C:\Windows\system32\drivers\viaide.sys 11:59:30.0199 4252 viaide - ok 11:59:30.0199 4252 [ d2aafd421940f640b407aefaaebd91b0 ] volmgr C:\Windows\system32\drivers\volmgr.sys 11:59:30.0230 4252 volmgr - ok 11:59:30.0261 4252 [ a255814907c89be58b79ef2f189b843b ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 11:59:30.0277 4252 volmgrx - ok 11:59:30.0277 4252 [ 0d08d2f3b3ff84e433346669b5e0f639 ] volsnap C:\Windows\system32\drivers\volsnap.sys 11:59:30.0292 4252 volsnap - ok 11:59:30.0339 4252 [ 5e2016ea6ebaca03c04feac5f330d997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 11:59:30.0370 4252 vsmraid - ok 11:59:30.0417 4252 [ b60ba0bc31b0cb414593e169f6f21cc2 ] VSS C:\Windows\system32\vssvc.exe 11:59:30.0464 4252 VSS - ok 11:59:30.0464 4252 [ 36d4720b72b5c5d9cb2b9c29e9df67a1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys 11:59:30.0495 4252 vwifibus - ok 11:59:30.0495 4252 [ 6a3d66263414ff0d6fa754c646612f3f ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys 11:59:30.0511 4252 vwififlt - ok 11:59:30.0542 4252 [ 6a638fc4bfddc4d9b186c28c91bd1a01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys 11:59:30.0557 4252 vwifimp - ok 11:59:30.0557 4252 [ 1c9d80cc3849b3788048078c26486e1a ] W32Time C:\Windows\system32\w32time.dll 11:59:30.0589 4252 W32Time - ok 11:59:30.0635 4252 [ fe75777289278a4941fe6139e82b3bd9 ] wacmoumonitor C:\Windows\system32\DRIVERS\wacmoumonitor.sys 11:59:30.0682 4252 wacmoumonitor - ok 11:59:30.0713 4252 [ e04d43c7d1641e95d35cae6086c7e350 ] wacommousefilter C:\Windows\system32\DRIVERS\wacommousefilter.sys 11:59:30.0729 4252 wacommousefilter - ok 11:59:30.0745 4252 [ 4e9440f4f152a7b944cb1663d3935a3e ] WacomPen C:\Windows\system32\drivers\wacompen.sys 11:59:30.0776 4252 WacomPen - ok 11:59:30.0807 4252 [ ec1ceb237e365330c1fcfc4876aa0ac0 ] wacomvhid C:\Windows\system32\DRIVERS\wacomvhid.sys 11:59:30.0823 4252 wacomvhid - ok 11:59:30.0838 4252 [ 356afd78a6ed4457169241ac3965230c ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 11:59:30.0901 4252 WANARP - ok 11:59:30.0916 4252 [ 356afd78a6ed4457169241ac3965230c ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 11:59:30.0932 4252 Wanarpv6 - ok 11:59:31.0025 4252 [ 3cec96de223e49eaae3651fcf8faea6c ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe 11:59:31.0057 4252 WatAdminSvc - ok 11:59:31.0103 4252 [ 78f4e7f5c56cb9716238eb57da4b6a75 ] wbengine C:\Windows\system32\wbengine.exe 11:59:31.0150 4252 wbengine - ok 11:59:31.0166 4252 [ 3aa101e8edab2db4131333f4325c76a3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 11:59:31.0181 4252 WbioSrvc - ok 11:59:31.0228 4252 [ 72889e16ff12ba0f235467d6091b17dc ] Wd C:\Windows\system32\drivers\wd.sys 11:59:31.0228 4252 Wd - ok 11:59:31.0244 4252 [ 441bd2d7b4f98134c3a4f9fa570fd250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 11:59:31.0259 4252 Wdf01000 - ok 11:59:31.0275 4252 [ bf1fc3f79b863c914687a737c2f3d681 ] WdiServiceHost C:\Windows\system32\wdi.dll 11:59:31.0369 4252 WdiServiceHost - ok 11:59:31.0369 4252 [ bf1fc3f79b863c914687a737c2f3d681 ] WdiSystemHost C:\Windows\system32\wdi.dll 11:59:31.0400 4252 WdiSystemHost - ok 11:59:31.0431 4252 [ c749025a679c5103e575e3b48e092c43 ] Wecsvc C:\Windows\system32\wecsvc.dll 11:59:31.0462 4252 Wecsvc - ok 11:59:31.0509 4252 [ 7e591867422dc788b9e5bd337a669a08 ] wercplsupport C:\Windows\System32\wercplsupport.dll 11:59:31.0556 4252 wercplsupport - ok 11:59:31.0618 4252 [ 6d137963730144698cbd10f202e9f251 ] WerSvc C:\Windows\System32\WerSvc.dll 11:59:31.0712 4252 WerSvc - ok 11:59:31.0712 4252 [ 611b23304bf067451a9fdee01fbdd725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 11:59:31.0759 4252 WfpLwf - ok 11:59:31.0759 4252 [ 05ecaec3e4529a7153b3136ceb49f0ec ] WIMMount C:\Windows\system32\drivers\wimmount.sys 11:59:31.0774 4252 WIMMount - ok 11:59:31.0852 4252 [ 19b07e7e8915d701225da41cb3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 11:59:31.0899 4252 Winmgmt - ok 11:59:31.0946 4252 [ bcb1310604aa415c4508708975b3931e ] WinRM C:\Windows\system32\WsmSvc.dll 11:59:31.0993 4252 WinRM - ok 11:59:32.0071 4252 [ fe88b288356e7b47b74b13372add906d ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 11:59:32.0102 4252 WinUsb - ok 11:59:32.0164 4252 [ 4fada86e62f18a1b2f42ba18ae24e6aa ] Wlansvc C:\Windows\System32\wlansvc.dll 11:59:32.0195 4252 Wlansvc - ok 11:59:32.0305 4252 [ 06c8fa1cf39de6a735b54d906ba791c6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 11:59:32.0336 4252 wlcrasvc - ok 11:59:32.0476 4252 [ 7e47c328fc4768cb8beafbcfafa70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 11:59:32.0523 4252 wlidsvc - ok 11:59:32.0554 4252 [ f6ff8944478594d0e414d3f048f0d778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 11:59:32.0570 4252 WmiAcpi - ok 11:59:32.0585 4252 [ 38b84c94c5a8af291adfea478ae54f93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 11:59:32.0617 4252 wmiApSrv - ok 11:59:32.0663 4252 WMPNetworkSvc - ok 11:59:32.0710 4252 [ 96c6e7100d724c69fcf9e7bf590d1dca ] WPCSvc C:\Windows\System32\wpcsvc.dll 11:59:32.0757 4252 WPCSvc - ok 11:59:32.0773 4252 [ 6bcc1d7d2fd2453957c5479a32364e52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 11:59:32.0804 4252 ws2ifsl - ok 11:59:32.0835 4252 [ e8b1fe6669397d1772d8196df0e57a9e ] wscsvc C:\Windows\System32\wscsvc.dll 11:59:32.0866 4252 wscsvc - ok 11:59:32.0913 4252 [ 8d918b1db190a4d9b1753a66fa8c96e8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys 11:59:32.0929 4252 WSDPrintDevice - ok 11:59:32.0929 4252 WSearch - ok 11:59:32.0944 4252 [ d3381dc54c34d79b22cee0d65ba91b7c ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 11:59:33.0038 4252 WudfPf - ok 11:59:33.0116 4252 [ cf8d590be3373029d57af80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 11:59:33.0209 4252 WUDFRd - ok 11:59:33.0241 4252 [ 7a95c95b6c4cf292d689106bcae49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 11:59:33.0256 4252 wudfsvc - ok 11:59:33.0303 4252 ================ Scan global =============================== 11:59:33.0350 4252 (ba0cd8c393e8c9f83354106093832c7b) C:\Windows\system32\basesrv.dll 11:59:33.0397 4252 (eb6a48cc998e1090e44e8e7f1009a640) C:\Windows\system32\winsrv.dll 11:59:33.0412 4252 (eb6a48cc998e1090e44e8e7f1009a640) C:\Windows\system32\winsrv.dll 11:59:33.0443 4252 (d6160f9d869ba3af0b787f971db56368) C:\Windows\system32\sxssrv.dll 11:59:33.0475 4252 (24acb7e5be595468e3b9aa488b9b4fcb) C:\Windows\system32\services.exe 11:59:33.0475 4252 [Global] - ok 11:59:33.0475 4252 ================ Scan MBR ================================== 11:59:33.0506 4252 MBR (0x1B8) (91b7214470f1f82e8edf02bdd2ec0688) \Device\Harddisk0\DR0 11:59:33.0724 4252 \Device\Harddisk0\DR0 - ok 11:59:33.0740 4252 MBR (0x1B8) (59dd35ba8d1c42b69259174d56ec6d74) \Device\Harddisk1\DR13 11:59:36.0142 4252 \Device\Harddisk1\DR13 - ok 11:59:36.0158 4252 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk4\DR4 11:59:36.0376 4252 \Device\Harddisk4\DR4 - ok 11:59:36.0376 4252 ================ Scan VBR ================================== 11:59:36.0376 4252 Boot (0x1200) (8efa4dc11d75952a0b88ac4593dfc2d4) \Device\Harddisk0\DR0\Partition1 11:59:36.0392 4252 \Device\Harddisk0\DR0\Partition1 - ok 11:59:36.0407 4252 Boot (0x1200) (81007ba21327d90262346aa9887ab7f6) \Device\Harddisk0\DR0\Partition2 11:59:36.0407 4252 \Device\Harddisk0\DR0\Partition2 - ok 11:59:36.0439 4252 Boot (0x1200) (200b28294124c410ff1b142dca9615c1) \Device\Harddisk0\DR0\Partition3 11:59:36.0439 4252 \Device\Harddisk0\DR0\Partition3 - ok 11:59:36.0454 4252 Boot (0x1200) (f8cf7a9e0571ec0782006a530501cd8a) \Device\Harddisk4\DR4\Partition1 11:59:36.0454 4252 \Device\Harddisk4\DR4\Partition1 - ok 11:59:36.0454 4252 ============================================================ 11:59:36.0454 4252 Scan finished 11:59:36.0454 4252 ============================================================ 11:59:36.0470 4808 Detected object count: 5 11:59:36.0470 4808 Actual detected object count: 5 12:00:03.0645 4808 CrashPlanService ( UnsignedFile.Multi.Generic ) - skipped by user 12:00:03.0645 4808 CrashPlanService ( UnsignedFile.Multi.Generic ) - User select action: Skip 12:00:03.0645 4808 FlipShareServer ( UnsignedFile.Multi.Generic ) - skipped by user 12:00:03.0645 4808 FlipShareServer ( UnsignedFile.Multi.Generic ) - User select action: Skip 12:00:03.0661 4808 QBCFMonitorService ( UnsignedFile.Multi.Generic ) - skipped by user 12:00:03.0661 4808 QBCFMonitorService ( UnsignedFile.Multi.Generic ) - User select action: Skip 12:00:03.0661 4808 QBFCService ( UnsignedFile.Multi.Generic ) - skipped by user 12:00:03.0661 4808 QBFCService ( UnsignedFile.Multi.Generic ) - User select action: Skip 12:00:03.0661 4808 QBVSS ( UnsignedFile.Multi.Generic ) - skipped by user 12:00:03.0661 4808 QBVSS ( UnsignedFile.Multi.Generic ) - User select action: Skip
  10. smclynch
    RogueKiller V7.6.6 [08/10/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Blog: http://tigzyrk.blogspot.com Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User: test [Admin rights] Mode: Scan -- Date: 08/17/2012 10:28:59 ¤¤¤ Bad processes: 0 ¤¤¤ ¤¤¤ Registry Entries: 4 ¤¤¤ [HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND [HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND [HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ [ZeroAccess][FOLDER] L : c:\windows\installer\{8df58ccc-a273-3e0a-3f6b-5c13835ced7c}\L --> FOUND ¤¤¤ Driver: [NOT LOADED] ¤¤¤ ¤¤¤ Infection : ZeroAccess|Root.MBR ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: +++++ --- User --- [MBR] 516e59a3c19ed0af962b5d87c38484cb [bSP] 0fd5eb6cdcc7dbd7ca0f2a6f47595e91 : Windows Vista/7 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 1419282 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2906896384 | Size: 11415 Mo User = LL1 ... OK! User != LL2 ... KO! --- LL2 --- [MBR] ce30e4de42a1f9f33eea4cb1de288ec7 [bSP] 374d5d41f67396ab9410749132ef7821 : Windows 7 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 217933824 | Size: 300 Mo +++++ PhysicalDrive4: +++++ --- User --- [MBR] 8a0a54d6a641cd311b18d3b5c51ad58c [bSP] df4f83c1f72e36823a12b0dfc7617313 : MBR Code unknown Partition table: 0 - [ACTIVE] FAT32 (0x0b) [VISIBLE] Offset (sectors): 442 | Size: 7629 Mo User = LL1 ... OK! Error reading LL2 MBR! Finished : << RKreport[1].txt >> RKreport[1].txt
  11. smclynch
    . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 7/15/2011 10:04:30 PM System Uptime: 8/17/2012 7:07:26 AM (3 hours ago) . Motherboard: FOXCONN | | 2AB1 Processor: AMD Phenom II X4 840T Processor | CPU 1 | 2900/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 1386 GiB total, 1086.317 GiB free. D: is FIXED (NTFS) - 11 GiB total, 1.362 GiB free. E: is CDROM () G: is Removable H: is Removable I: is Removable J: is Removable L: is FIXED (NTFS) - 1863 GiB total, 333.824 GiB free. M: is Removable N: is Removable . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP114: 8/14/2012 4:03:59 AM - Scheduled Checkpoint RP115: 8/15/2012 10:37:41 AM - Windows Update RP116: 8/15/2012 1:59:36 PM - Configured Microsoft Office Home and Business 2010 RP117: 8/15/2012 5:07:50 PM - Restore Operation . ==== Installed Programs ====================== . Adobe AIR Adobe Anchor Service CS4 Adobe Bridge CS4 Adobe CMaps CS4 Adobe Color - Photoshop Specific CS4 Adobe Color EU Extra Settings CS4 Adobe Color JA Extra Settings CS4 Adobe Color NA Recommended Settings CS4 Adobe Color Video Profiles CS CS4 Adobe CSI CS4 Adobe Default Language CS4 Adobe Device Central CS4 Adobe Drive CS4 Adobe ExtendScript Toolkit CS4 Adobe Extension Manager CS4 Adobe Flash Player 11 ActiveX Adobe Fonts All Adobe Linguistics CS4 Adobe Media Player Adobe Output Module Adobe PDF Library Files CS4 Adobe Photoshop CS4 Adobe Photoshop CS4 Support Adobe Reader X (10.1.3) Adobe Search for Help Adobe Service Manager Extension Adobe Setup Adobe Type Support CS4 Adobe Update Manager CS4 Adobe WinSoft Linguistics Plugin Adobe XMP Panels CS4 AdobeColorCommonSetCMYK AdobeColorCommonSetRGB Agatha Christie - Peril at End House AMD VISION Engine Control Center AnswerWorks 5.0 English Runtime Apple Application Support Apple Software Update Avery Wizard 4.0 Bejeweled 2 Deluxe Bejeweled 3 Blackhawk Striker 2 Blasterball 3 Blio Bounce Symphony Build-a-lot 2 Cake Mania Capture One 6.3 Catalyst Control Center - Branding Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy Catalyst Control Center Localization All CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish Chuzzle Deluxe Cisco Video Monitoring System Connect Constant Contact QuickImport v2 for Outlook D3DX10 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition Diner Dash 2 Restaurant Rescue Dora's World Adventure Drobo Dashboard Facebook Messenger 2.1.4590.0 Farm Frenzy FATE - The Traitor Soul FlipShare Google Chrome Google Desktop Google Toolbar for Internet Explorer Google Update Helper GoToAssist Corporate Hewlett-Packard ACLM.NET v1.1.2.0 HP Customer Experience Enhancements HP FWUpdateEDO2 HP Games HP LinkUp HP MediaSmart/TouchSmart Netflix HP MovieStore HP Odometer HP Officejet Pro 8600 Help HP Product Detection HP Setup HP Setup Manager HP Support Assistant HP Support Information HP Update HSS V3 - Horse Show Software Hulu Desktop HydraVision I.R.I.S. OCR Java Auto Updater Java 6 Update 30 Junk Mail filter update Kobo kuler LabelPrint Mah Jong Medley Malwarebytes Anti-Malware version 1.62.0.1300 McAfee Online Backup McAfee Total Protection McAfee Virtual Technician Memorex exPressit Label Design Studio Mesh Runtime Microsoft .NET Framework 4 Multi-Targeting Pack Microsoft Camera Codec Pack Microsoft Expression Blend 3 SDK Microsoft Expression Blend 4 Microsoft Expression Blend SDK for .NET 4 Microsoft Expression Blend SDK for Silverlight 4 Microsoft Expression Design 3 Microsoft Expression Design 4 Microsoft Expression Encoder 3 Microsoft Expression Encoder 4 Microsoft Expression Encoder 4 Screen Capture Codec Microsoft Expression Studio 4 Microsoft Expression Web 3 Microsoft Expression Web 3 SP1 Microsoft Expression Web 4 Microsoft Expression Web 4 Service Pack 2 Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Home and Business 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Single Image 2010 Microsoft Office Word MUI (English) 2010 Microsoft Outlook Social Connector Provider for Facebook 32-bit Microsoft Silverlight Microsoft Silverlight 3 SDK Microsoft Silverlight 4 SDK Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Microsoft WSE 3.0 Runtime MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 4.0 SP2 Parser and SDK Mystery P.I. - Stolen in San Francisco Namco All-Stars PAC-MAN NEF Codec Opanda IExif 2.3 Opanda PowerExif 1.2 Professional Trial PDF Complete Corporate Edition PDF Settings CS4 Penguins! Photoshop Camera Raw Plants vs. Zombies - Game of the Year PlayReady PC Runtime x86 Poker Superstars III Polar Bowler Polar Golfer Portrait Professional 10.6 Power2Go PressReader QuickBooks QuickBooks Pro 2012 Quicken 2011 QuickTime Realtek High Definition Audio Driver Recovery Manager Remote Graphics Receiver RescuePRO 3.5 RoxioNow Player Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Extended (KB2416472) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition Security Update for Microsoft Expression Design 3 (KB2667727) Security Update for Microsoft Expression Design 4 (KB2667730) Security Update for Microsoft InfoPath 2010 (KB2553322) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2598039) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition Security Update for Microsoft SharePoint Workspace 2010 (KB2566445) Security Update for Microsoft Visio Viewer 2010 (KB2597981) 32-Bit Edition Slingo Supreme SmartFTP Client Setup Files 4.0 (x64) (remove only) Spyder3Pro Suite Shared Configuration CS4 Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2473228) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Update for Microsoft Office 2010 (KB2494150) Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition Update Installer for WildTangent Games App Virtual Villagers 4 - The Tree of Life WebTablet IE Plugin WebTablet Netscape Plugin Wheel of Fortune 2 WildTangent Games App (HP Games) Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources WPF Toolkit February 2010 (Version 3.5.50211.1) Xilisoft DVD to iPod Converter Zinio Reader 4 Zuma Deluxe . ==== Event Viewer Messages From Past Week ======== . 8/17/2012 7:55:02 AM, Error: Service Control Manager [7023] - The WebClient service terminated with the following error: The system cannot find the file specified. 8/17/2012 7:45:10 AM, Error: Service Control Manager [7003] - The Virtual Disk service depends the following service: PlugPlay. This service might not be installed. 8/17/2012 7:39:23 AM, Error: Service Control Manager [7003] - The COM+ System Application service depends the following service: SENS. This service might not be installed. 8/17/2012 7:31:27 AM, Error: Service Control Manager [7003] - The Telephony service depends the following service: PlugPlay. This service might not be installed. 8/17/2012 7:31:27 AM, Error: Service Control Manager [7003] - The Internet Connection Sharing (ICS) service depends the following service: Netman. This service might not be installed. 8/17/2012 7:31:27 AM, Error: Service Control Manager [7001] - The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error: The dependency service does not exist or has been marked for deletion. 8/17/2012 7:30:53 AM, Error: Service Control Manager [7023] - The Function Discovery Resource Publication service terminated with the following error: %%-2147024882 8/17/2012 7:30:53 AM, Error: Service Control Manager [7003] - The HomeGroup Provider service depends the following service: netprofm. This service might not be installed. 8/17/2012 7:30:42 AM, Error: Service Control Manager [7024] - The HomeGroup Listener service terminated with service-specific error %%-2147023143. 8/17/2012 7:29:44 AM, Error: Service Control Manager [7023] - The Credential Manager service terminated with the following error: The service has not been started. 8/17/2012 7:28:10 AM, Error: Microsoft-Windows-TBS [16392] - An error occurred while starting the TBS. The error code was 0x8007000d. 8/17/2012 7:27:23 AM, Error: Service Control Manager [7023] - The Windows Media Center Scheduler Service service terminated with the following error: %%-2147023834 8/17/2012 7:26:40 AM, Error: Service Control Manager [7023] - The Windows Defender service terminated with the following error: The system cannot find the file specified. 8/17/2012 7:26:29 AM, Error: Service Control Manager [7003] - The Windows Driver Foundation - User-mode Driver Framework service depends the following service: PlugPlay. This service might not be installed. 8/17/2012 7:26:29 AM, Error: Service Control Manager [7001] - The Windows Biometric Service service depends on the Windows Driver Foundation - User-mode Driver Framework service which failed to start because of the following error: The dependency service does not exist or has been marked for deletion. 8/17/2012 7:15:32 AM, Error: Service Control Manager [7034] - The Microsoft iSCSI Initiator Service service terminated unexpectedly. It has done this 4 time(s). 8/17/2012 7:15:32 AM, Error: Service Control Manager [7023] - The Microsoft iSCSI Initiator Service service terminated with the following error: %%-536870366 8/17/2012 7:15:32 AM, Error: MSiSCSI [123] - Error 0xe0000222 in installing Microsoft iSCSI initiator driver. 8/17/2012 7:14:58 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1075" attempting to start the service vds with arguments "" in order to run the server: {7D1933CB-86F6-4A98-8628-01BE94C9A575} 8/17/2012 7:13:58 AM, Error: Microsoft-Windows-WMPNSS-Service [14338] - A new media server was not initialized because CoCreateInstance(CLSID_UPnPRegistrar) encountered error '0x80070424'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly. 8/17/2012 7:13:58 AM, Error: Microsoft-Windows-WMPNSS-Service [14333] - Service 'WMPNetworkSvc' did not start correctly due to error '0x80070424'. Restart your computer, and then try to restart the service. 8/17/2012 7:13:50 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the McAfee Online Backup service to connect. 8/17/2012 7:13:50 AM, Error: Service Control Manager [7000] - The McAfee Online Backup service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 8/17/2012 7:12:30 AM, Error: Service Control Manager [7034] - The Microsoft iSCSI Initiator Service service terminated unexpectedly. It has done this 3 time(s). 8/17/2012 7:10:32 AM, Error: Service Control Manager [7031] - The Microsoft iSCSI Initiator Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service. 8/17/2012 7:10:29 AM, Error: Service Control Manager [7031] - The Microsoft iSCSI Initiator Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 8/17/2012 7:10:29 AM, Error: Service Control Manager [7022] - The Drobo Dashboard Service service hung on starting. 8/17/2012 7:09:09 AM, Error: Service Control Manager [7023] - The Power service terminated with the following error: The service has not been started. 8/17/2012 7:08:39 AM, Error: Service Control Manager [7003] - The Network Location Awareness service depends the following service: NSI. This service might not be installed. 8/17/2012 7:08:36 AM, Error: Service Control Manager [7003] - The IP Helper service depends the following service: NSI. This service might not be installed. 8/17/2012 7:08:07 AM, Error: Service Control Manager [7024] - The Windows Firewall service terminated with service-specific error The parameter is incorrect.. 8/17/2012 7:07:58 AM, Error: Service Control Manager [7003] - The Tablet PC Input Service service depends the following service: PlugPlay. This service might not be installed. 8/17/2012 7:07:58 AM, Error: Service Control Manager [7003] - The DHCP Client service depends the following service: NSI. This service might not be installed. 8/17/2012 7:07:55 AM, Error: Service Control Manager [7003] - The Windows Audio Endpoint Builder service depends the following service: PlugPlay. This service might not be installed. 8/17/2012 7:07:55 AM, Error: Service Control Manager [7001] - The Windows Audio service depends on the Windows Audio Endpoint Builder service which failed to start because of the following error: The dependency service does not exist or has been marked for deletion. 8/17/2012 7:03:56 AM, Error: Service Control Manager [7043] - The AMD FUEL Service service did not shut down properly after receiving a preshutdown control. 8/17/2012 7:03:22 AM, Error: Service Control Manager [7043] - The Group Policy Client service did not shut down properly after receiving a preshutdown control. 8/17/2012 10:15:45 AM, Error: Service Control Manager [7023] - The Server service terminated with the following error: The service has not been started. 8/17/2012 10:15:45 AM, Error: Service Control Manager [7003] - The Workstation service depends the following service: NSI. This service might not be installed. 8/17/2012 10:15:45 AM, Error: Service Control Manager [7003] - The DNS Client service depends the following service: NSI. This service might not be installed. 8/17/2012 10:15:45 AM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Workstation service which failed to start because of the following error: The dependency service does not exist or has been marked for deletion. 8/17/2012 10:15:43 AM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The service has not been started. 8/16/2012 7:17:20 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache MOBKFilter mozyproFilter spldr Wanarpv6 8/16/2012 2:36:22 PM, Error: Service Control Manager [7034] - The McAfee Application Installer Cleanup (0273591345074288) service terminated unexpectedly. It has done this 1 time(s). 8/16/2012 2:32:27 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 8/16/2012 2:29:29 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {D3DCB472-7261-43CE-924B-0704BD730D5F} 8/16/2012 2:29:29 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF} 8/16/2012 2:29:14 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 8/16/2012 2:29:08 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 8/16/2012 2:28:57 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 8/16/2012 2:28:46 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. 8/16/2012 2:28:44 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache MOBKFilter mozyproFilter SASDIFSV SASKUTIL spldr Wanarpv6 8/15/2012 8:26:07 AM, Error: Schannel [36888] - The following fatal alert was generated: 10. The internal error state is 10. 8/15/2012 6:41:34 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1075" attempting to start the service COMSysApp with arguments "" in order to run the server: {ECABAFBC-7F19-11D2-978E-0000F8757E2A} 8/15/2012 6:41:30 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1075" attempting to start the service COMSysApp with arguments "" in order to run the server: {182C40F0-32E4-11D0-818B-00A0C9231C29} 8/15/2012 6:03:22 PM, Error: Service Control Manager [7034] - The CrashPlan Backup Service service terminated unexpectedly. It has done this 1 time(s). 8/15/2012 5:59:20 PM, Error: Ntfs [137] - The default transaction resource manager on volume J: encountered a non-retryable error and could not start. The data contains the error code. 8/15/2012 4:49:23 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service McAfee SiteAdvisor Service with arguments "" in order to run the server: {5A90F5EE-16B8-4C2A-81B3-FD5329BA477C} 8/15/2012 4:48:41 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service McNaiAnn with arguments "" in order to run the server: {395633B1-EED9-4DFC-B67F-9788B51C9F06} 8/15/2012 4:41:11 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service McNaiAnn with arguments "" in order to run the server: {DC7EF8E1-824F-4110-AB43-1604DA9B4F40} 8/15/2012 11:34:48 AM, Error: Service Control Manager [7024] - The Disk Defragmenter service terminated with service-specific error %%-2147023834. 8/15/2012 10:40:17 AM, Error: Service Control Manager [7034] - The McAfee Scanner service terminated unexpectedly. It has done this 1 time(s). 8/15/2012 10:40:01 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error: An instance of the service is already running. 8/15/2012 10:39:46 AM, Error: Service Control Manager [7043] - The Windows Update service did not shut down properly after receiving a preshutdown control. 8/15/2012 10:39:00 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Background Intelligent Transfer Service service, but this action failed with the following error: An instance of the service is already running. 8/15/2012 10:38:00 PM, Error: Service Control Manager [7031] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 8/15/2012 10:38:00 PM, Error: Service Control Manager [7031] - The User Profile Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 8/15/2012 10:38:00 PM, Error: Service Control Manager [7031] - The Themes service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 8/15/2012 10:38:00 PM, Error: Service Control Manager [7031] - The Task Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 8/15/2012 10:38:00 PM, Error: Service Control Manager [7031] - The Shell Hardware Detection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 8/15/2012 10:38:00 PM, Error: Service Control Manager [7031] - The Multimedia Class Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 8/15/2012 10:38:00 PM, Error: Service Control Manager [7031] - The IKE and AuthIP IPsec Keying Modules service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 8/15/2012 10:38:00 PM, Error: Service Control Manager [7031] - The Group Policy Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 8/15/2012 10:38:00 PM, Error: Service Control Manager [7031] - The Extensible Authentication Protocol service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 8/15/2012 10:38:00 PM, Error: Service Control Manager [7031] - The Background Intelligent Transfer Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 8/15/2012 10:38:00 PM, Error: Service Control Manager [7031] - The Application Experience service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 8/15/2012 10:35:18 AM, Error: Service Control Manager [7000] - The WinHTTP Web Proxy Auto-Discovery Service service failed to start due to the following error: The system cannot find the path specified. 8/11/2012 6:20:28 PM, Error: Service Control Manager [7023] - The Remote Access Connection Manager service terminated with the following error: The system cannot find the file specified. . ==== End Of File ===========================
  12. smclynch
    . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 Run by test at 10:21:36 on 2012-08-17 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.16127.13730 [GMT -4:00] . AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892} SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\CrashPlan\CrashPlanService.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files (x86)\Drobo\Drobo Dashboard\DDService.exe C:\Windows\system32\svchost.exe -k LocalService C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe C:\Windows\system32\mfevtps.exe C:\Program Files (x86)\PDF Complete\pdfsvc.exe C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\SearchIndexer.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe C:\Windows\system32\svchost.exe -k SDRSVC C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Windows\System32\alg.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe C:\Windows\system32\locator.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\CrashPlan\CrashPlanTray.exe C:\Program Files\MozyPro\mozyprostat.exe C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe C:\Program Files (x86)\Intuit\QuickBooks 2010\QBW32.EXE C:\Program Files (x86)\Datacolor\Spyder3Pro\Utility\Spyder3Utility.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe C:\HSSV3\HSSserver.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files\McAfee.com\Agent\mcagent.exe C:\Program Files\McAfee\MAT\McPvTray.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe . ============== Pseudo HJT Report =============== . mWinlogon: Userinit=userinit.exe BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" mRun: [Google Desktop Search] "C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe" /startup mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe mRun: [<NO NAME>] mRun: [HSS server] C:\HSSV3\HSSserver.exe mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe startup mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\CRASHP~1.LNK - C:\Program Files (x86)\CrashPlan\CrashPlanTray.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\INTUIT~1.LNK - C:\Program Files (x86)\Common Files\Intuit\DataProtect\IntuitDataProtect.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MOZYPR~1.LNK - C:\Program Files (x86)\MozyPro\mozyprostat.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\QUICKB~2.LNK - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\QUICKB~1.LNK - C:\Program Files (x86)\Intuit\QuickBooks 2010\QBW32.EXE StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SPYDER~1.LNK - C:\Program Files (x86)\Datacolor\Spyder3Pro\Utility\Spyder3Utility.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.6.0.cab DPF: {7F245E01-651F-48E5-8A85-4752EC65E4ED} - hxxp://192.168.1.143/Cisco210Viewer.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab DPF: {9E065E4A-BD9D-4547-8F90-985DC62A5591} - hxxp://69.118.90.25:1024/PlayerPT.cab DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab TCP: DhcpNameServer = 167.206.251.129 167.206.251.130 192.168.1.1 TCP: Interfaces\{7AB6380B-A23A-4C3D-93A5-263328F69883} : DhcpNameServer = 167.206.251.129 167.206.251.130 192.168.1.1 TCP: Interfaces\{7AB6380B-A23A-4C3D-93A5-263328F69883}\C697E63686 : DhcpNameServer = 167.206.251.130 167.206.251.129 TCP: Interfaces\{7AB6380B-A23A-4C3D-93A5-263328F69883}\F6074796D657D677966696 : DhcpNameServer = 10.240.205.161 10.240.205.162 Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\McAfee\MSC\McSnIePl.dll Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll Handler: intu-help-qb5 - {867FCB77-9823-4cd6-8210-D85F968D466F} - C:\Program Files (x86)\Intuit\QuickBooks 2010\HelpAsyncPluggableProtocol.dll Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\System32\mscoree.dll Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll AppInit_DLLs: C:\PROGRA~2\Google\GOOGLE~3\GO36F4~1.DLL BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO-X64: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL BHO-X64: URLRedirectionBHO - No File BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB-X64: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll mRun-x64: [Google Desktop Search] "C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe" /startup mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun-x64: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe mRun-x64: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe mRun-x64: [(Default)] mRun-x64: [HSS server] C:\HSSV3\HSSserver.exe mRun-x64: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun-x64: [intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe startup mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey mRunOnce-x64: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent IE-X64: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe AppInit_DLLs-X64: C:\PROGRA~2\Google\GOOGLE~3\GO36F4~1.DLL . ============= SERVICES / DRIVERS =============== . R0 amd_sata;amd_sata;C:\Windows\system32\drivers\amd_sata.sys --> C:\Windows\system32\drivers\amd_sata.sys [?] R0 amd_xata;amd_xata;C:\Windows\system32\drivers\amd_xata.sys --> C:\Windows\system32\drivers\amd_xata.sys [?] R0 McPvDrv;McPvDrv Driver;C:\Windows\system32\drivers\McPvDrv.sys --> C:\Windows\system32\drivers\McPvDrv.sys [?] R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?] R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?] R1 MOBKFilter;MOBKFilter;C:\Windows\system32\DRIVERS\MOBK.sys --> C:\Windows\system32\DRIVERS\MOBK.sys [?] R1 mozyproFilter;mozyproFilter;C:\Windows\system32\DRIVERS\mozypro.sys --> C:\Windows\system32\DRIVERS\mozypro.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?] R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-10-13 361984] R2 AODDriver4.01;AODDriver4.01;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2011-6-24 55424] R2 CrashPlanService;CrashPlan Backup Service;C:\Program Files\CrashPlan\CrashPlanService.exe [2012-3-15 222720] R2 DDService;Drobo Dashboard Service;C:\Program Files (x86)\Drobo\Drobo Dashboard\DDService.exe [2012-1-18 1259376] R2 FlipShareServer;FlipShare Server;C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe [2011-5-6 1085440] R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-9-9 86072] R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168] R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-3-28 94264] R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-8-6 200728] R2 McShield;McAfee McShield;C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [2012-8-6 237920] R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2012-8-6 218320] R2 mfevtp;McAfee Validation Trust Protection Service;"C:\Windows\system32\mfevtps.exe" --> C:\Windows\system32\mfevtps.exe [?] R2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-6-8 818712] R2 QBVSS;QBIDPService;C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe [2012-6-5 1248256] R2 RoxioNow Service;RoxioNow Service;C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-11-26 399344] R2 TabletServiceWacom;TabletServiceWacom;C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe [2011-7-17 5716848] R3 amdiox64;AMD IO Driver;C:\Windows\system32\DRIVERS\amdiox64.sys --> C:\Windows\system32\DRIVERS\amdiox64.sys [?] R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?] R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?] R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?] R3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?] R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?] R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?] R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\drivers\usbfilter.sys --> C:\Windows\system32\drivers\usbfilter.sys [?] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-7-15 136176] S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-8-6 200728] S2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-8-6 200728] S2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-8-6 200728] S2 MOBKbackup;McAfee Online Backup;C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe [2010-4-13 231224] S2 mozyprobackup;MozyPro Backup Service;C:\Program Files\MozyPro\mozyprobackup.exe [2011-7-27 53528] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-5-2 250056] S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-7-16 1038088] S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072] S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [2011-7-16 30192] S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-7-15 136176] S3 HipShieldK;McAfee Inc. HipShieldK;C:\Windows\system32\drivers\HipShieldK.sys --> C:\Windows\system32\drivers\HipShieldK.sys [?] S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?] S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184] S3 Spyder3;Datacolor Spyder3;C:\Windows\system32\DRIVERS\Spyder3.sys --> C:\Windows\system32\DRIVERS\Spyder3.sys [?] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?] S3 wacmoumonitor;Wacom Mode Helper;C:\Windows\system32\DRIVERS\wacmoumonitor.sys --> C:\Windows\system32\DRIVERS\wacmoumonitor.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S3 WSDPrintDevice;WSD Print Support via UMB;C:\Windows\system32\DRIVERS\WSDPrint.sys --> C:\Windows\system32\DRIVERS\WSDPrint.sys [?] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== Created Last 30 ================ . 2012-08-17 14:16:20 -------- d-----w- C:\Users\test\AppData\Roaming\Malwarebytes 2012-08-17 14:12:41 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-08-17 11:12:42 -------- d-----w- C:\$WINDOWS.~BT 2012-08-17 11:12:13 -------- d-----w- C:\Users\test\AppData\Local\McAfee Anti-Theft 2012-08-16 18:29:47 -------- d-----w- C:\WIN 7 2012-08-16 14:21:13 -------- d-----w- C:\ProgramData\PC1Data 2012-08-16 14:21:13 -------- d-----w- C:\Program Files (x86)\PC Cleaners 2012-08-16 11:59:48 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com 2012-08-16 11:59:48 -------- d-----w- C:\Program Files\SUPERAntiSpyware 2012-08-16 11:19:54 -------- d-----w- C:\Program Files\HitmanPro 2012-08-16 11:18:55 -------- d-----w- C:\ProgramData\HitmanPro 2012-08-16 02:13:09 -------- d-----w- C:\ProgramData\Malwarebytes 2012-08-16 02:13:08 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2012-08-15 22:49:32 -------- d-----w- C:\Users\test\AppData\Local\ElevatedDiagnostics 2012-08-07 02:02:47 -------- d-----w- C:\Program Files (x86)\McAfeeMOBK 2012-08-07 02:02:36 66040 ----a-w- C:\Windows\System32\drivers\MOBK.sys 2012-08-07 02:02:34 196440 ----a-w- C:\Windows\System32\drivers\HipShieldK.sys 2012-08-07 02:02:33 -------- d-----w- C:\Program Files (x86)\McAfee Online Backup 2012-08-07 02:02:14 73096 ----a-w- C:\Windows\System32\drivers\McPvDrv.sys 2012-08-07 02:01:58 -------- d-----w- C:\Program Files (x86)\McAfee.com 2012-08-07 02:01:49 10288 ----a-w- C:\Windows\System32\drivers\mfeclnk.sys 2012-08-07 02:01:31 69672 ----a-w- C:\Windows\System32\drivers\cfwids.sys 2012-08-07 02:01:31 513456 ----a-w- C:\Windows\System32\drivers\mfefirek.sys 2012-08-07 02:01:31 300392 ----a-w- C:\Windows\System32\drivers\mfeavfk.sys 2012-08-07 02:01:31 106112 ----a-w- C:\Windows\System32\drivers\mferkdet.sys 2012-08-07 02:01:16 -------- d-----w- C:\Program Files\Common Files\McAfee 2012-08-07 01:34:19 177144 ----a-w- C:\Windows\System32\mfevtps.exe 2012-08-06 22:37:19 -------- d-----w- C:\Users\test\AppData\Roaming\McAfee 2012-08-06 22:33:19 -------- d-----w- C:\Program Files (x86)\Common Files\McAfee 2012-08-06 22:33:17 -------- d-----w- C:\Program Files\McAfee.com 2012-08-06 22:33:17 -------- d-----w- C:\Program Files\McAfee 2012-08-06 22:33:15 -------- d-----w- C:\Program Files (x86)\McAfee 2012-08-06 22:04:32 -------- d-----w- C:\Users\test\AppData\Local\AMD 2012-08-06 22:04:28 -------- d-----w- C:\Users\test\AppData\Local\ATI 2012-08-06 22:03:48 -------- d-----w- C:\Users\test\AppData\Local\PDFC 2012-08-06 22:03:48 -------- d-----w- C:\Users\test\AppData\Local\Datacolor 2012-08-06 22:03:47 -------- d-----w- C:\Users\test\AppData\Local\Intuit 2012-08-06 22:03:15 -------- d-----w- C:\Users\test\AppData\Local\Google 2012-08-06 22:03:02 -------- d-----w- C:\Users\test\AppData\Roaming\WTablet 2012-08-06 21:59:35 -------- d-----w- C:\mfe 2012-08-06 21:06:58 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll 2012-08-06 21:06:58 366592 ----a-w- C:\Windows\System32\qdvd.dll 2012-08-06 20:51:33 -------- d-----w- C:\ProgramData\Citrix 2012-08-06 16:11:18 -------- d-s---w- C:\Windows\SysWow64\Microsoft 2012-08-06 02:12:23 -------- d-----w- C:\Program Files (x86)\Citrix 2012-08-06 00:33:41 -------- d-----w- C:\Program Files (x86)\GridinSoft Trojan Killer 2012-08-05 23:21:35 -------- d-----w- C:\Program Files (x86)\stinger 2012-07-27 14:04:08 -------- d-----w- C:\ProgramData\Nuance . ==================== Find3M ==================== . 2012-08-15 04:37:10 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-08-15 04:37:10 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-06-22 11:38:16 335784 ----a-w- C:\Windows\System32\drivers\mfewfpk.sys 2012-06-22 11:36:12 752672 ----a-w- C:\Windows\System32\drivers\mfehidk.sys 2012-06-22 11:34:00 169320 ----a-w- C:\Windows\System32\drivers\mfeapfk.sys 2012-06-12 03:08:36 3148800 ----a-w- C:\Windows\System32\win32k.sys 2012-06-06 06:06:16 2004480 ----a-w- C:\Windows\System32\msxml6.dll 2012-06-06 06:06:16 1881600 ----a-w- C:\Windows\System32\msxml3.dll 2012-06-06 06:02:54 1133568 ----a-w- C:\Windows\System32\cdosys.dll 2012-06-06 05:05:52 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll 2012-06-06 05:05:52 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll 2012-06-06 05:03:06 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll 2012-06-05 09:52:54 1694992 ----a-w- C:\Windows\SysWow64\VBA6.DLL 2012-06-05 09:52:32 741008 ----a-w- C:\Windows\SysWow64\SPR32D30.DLL 2012-06-02 22:15:31 2622464 ----a-w- C:\Windows\System32\wucltux.dll 2012-06-02 22:15:08 99840 ----a-w- C:\Windows\System32\wudriver.dll 2012-06-02 19:19:42 186752 ----a-w- C:\Windows\System32\wuwebv.dll 2012-06-02 19:15:12 36864 ----a-w- C:\Windows\System32\wuapp.exe 2012-06-02 12:12:17 2311680 ----a-w- C:\Windows\System32\jscript9.dll 2012-06-02 12:05:28 1392128 ----a-w- C:\Windows\System32\wininet.dll 2012-06-02 12:04:50 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2012-06-02 12:01:40 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2012-06-02 11:57:08 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2012-06-02 08:33:25 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll 2012-06-02 08:25:08 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-06-02 08:25:03 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2012-06-02 08:20:33 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2012-06-02 08:16:52 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-06-02 05:50:10 458704 ----a-w- C:\Windows\System32\drivers\cng.sys 2012-06-02 05:48:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys 2012-06-02 05:48:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2012-06-02 05:45:31 340992 ----a-w- C:\Windows\System32\schannel.dll 2012-06-02 05:44:21 307200 ----a-w- C:\Windows\System32\ncrypt.dll 2012-06-02 04:40:42 22016 ----a-w- C:\Windows\SysWow64\secur32.dll 2012-06-02 04:40:39 225280 ----a-w- C:\Windows\SysWow64\schannel.dll 2012-06-02 04:39:10 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll 2012-06-02 04:34:09 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll . ============= FINISH: 10:22:17.14 ===============
  13. smclynch
    Thank you for your help in advance! How do I update Malwarebytes without an internet connection? I tried copying the rules.ref file to the directory where mbam is located however the system is still saying it is outdated 45 days. Thank you again!
  14. smclynch
    After windows critical updates installed 8/15 I now have this issue: no internet access and receiving the specified service does not exist as an installed service. This machine was infected last week with Live Security Platinum virus. Thought the virus was removed until these updates were installed and the machine rebooted. McAfee was running and had up to date definitions at the time of infection and was shut down. Got everything back up and running until the critical update was installed. Tried a system restore which did not resolve anything. Here is the FSS log: Farbar Service Scanner Version: 06-08-2012 Ran by test (administrator) on 17-08-2012 at 08:22:38 Running from "J:\" Microsoft Windows 7 Home Premium Service Pack 1 (X64) Boot Mode: Normal **************************************************************** Internet Services: ============ Dnscache Service is not running. Checking service configuration: The start type of Dnscache service is OK. The ImagePath of Dnscache service is OK. The ServiceDll of Dnscache service is OK. Dhcp Service is not running. Checking service configuration: The start type of Dhcp service is OK. The ImagePath of Dhcp service is OK. The ServiceDll of Dhcp service is OK. Nsi Service is not running. Checking service configuration: Checking Start type: ATTENTION!=====> Unable to open Nsi registry key. The service key does not exist. Checking ImagePath: ATTENTION!=====> Unable to open Nsi registry key. The service key does not exist. Checking ServiceDll: ATTENTION!=====> Unable to open Nsi registry key. The service key does not exist. Connection Status: ============== Attempt to access Local Host IP returned error: Localhost is blocked: Other errors LAN connected. Attempt to access Google IP returned error: Other errors Attempt to access Google.com returned error: Other errors Attempt to access Yahoo IP returned error: Other errors Attempt to access Yahoo.com returned error: Other errors Windows Firewall: ============= MpsSvc Service is not running. Checking service configuration: The start type of MpsSvc service is OK. The ImagePath of MpsSvc service is OK. The ServiceDll of MpsSvc service is OK. Firewall Disabled Policy: ================== System Restore: ============ System Restore Disabled Policy: ======================== Action Center: ============ Windows Update: ============ wuauserv Service is not running. Checking service configuration: Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist. Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist. Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist. Windows Autoupdate Disabled Policy: ============================ Windows Defender: ============== WinDefend Service is not running. Checking service configuration: The start type of WinDefend service is set to Demand. The default start type is Auto. The ImagePath of WinDefend service is OK. Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist. Windows Defender Disabled Policy: ========================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender] "DisableAntiSpyware"=DWORD:1 PlugPlay Service is not running. Checking service configuration: Checking Start type: ATTENTION!=====> Unable to open PlugPlay registry key. The service key does not exist. Checking ImagePath: ATTENTION!=====> Unable to open PlugPlay registry key. The service key does not exist. Other Services: ============== File Check: ======== C:\Windows\System32\nsisvc.dll => MD5 is legit C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit C:\Windows\System32\dhcpcore.dll => MD5 is legit C:\Windows\System32\drivers\afd.sys => MD5 is legit C:\Windows\System32\drivers\tdx.sys => MD5 is legit C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit C:\Windows\System32\dnsrslvr.dll => MD5 is legit C:\Windows\System32\mpssvc.dll => MD5 is legit C:\Windows\System32\bfe.dll => MD5 is legit C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit C:\Windows\System32\SDRSVC.dll => MD5 is legit C:\Windows\System32\vssvc.exe => MD5 is legit C:\Windows\System32\wscsvc.dll => MD5 is legit C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit C:\Windows\System32\wuaueng.dll => MD5 is legit C:\Windows\System32\qmgr.dll => MD5 is legit C:\Windows\System32\es.dll => MD5 is legit C:\Windows\System32\cryptsvc.dll => MD5 is legit C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit **** End of log ****
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.