Inactive Multiple Winlogons

[mcertini]

[FONT=Times New Roman]A few days ago I noted multiple Winlogons in my task manager. It was a concern to see this though I did not know if it was a problem or not. After loading Hookshark I noted that this file had multiple hardware break point hooks. I noted also today that I do not have two Winlogons running which causes me to wonder why I am not seeing this.[/FONT]

[FONT=Times New Roman]On my computer I have a custom application that was built to patch memory addresses to expand virtual memory beyond Window's allocation. I do not think this would have anything to do with a login. Does anyone out know why I would have multiple logins?[/FONT]

Edit: Attached image deleted by Bobbye as not useful.

 

[Bobbye]

I am removing the image as I have not idea what it represents. You have posted in the Virus and Malware Forum.

If you would like us to check the system for malware, please follow these steps: Preliminary Virus and Malware Removal.

NOTE: If you already have any of the scanning programs on the computer, please remove them and download the versions in these links.

When you have finished, leave the logs for review in your next reply .
NOTE: Logs must be pasted in the replies. Attached logs will not be reviewed.
=======================================
My Guidelines: please read and follow:

• Be patient. Malware cleaning takes time. I am also working with other members while I am helping you.
• Read my instructions carefully. If you don't understand or have a problem, ask me. Follow the order of the tasks I give you. Order is crucial in cleaning process.
• If you have questions, or if a program doesn't work, stop and tell me about it. Don't try to get around it yourself.
• File sharing programs should be uninstalled or disabled during the cleaning process..
• Observe these:
  [o] Don't follow directions given to someone else
  [o] Don't use any other cleaning programs or scans while I'm helping you.
  [o] Don't use a Registry cleaner or make any changes in the Registry.
  [o] Don't download and install new programs- except those I give you.

Threads are closed after 5 days if there is no reply.

 

[mcertini]

[FONT=Calibri]Malwarebytes Anti-Malware 1.61.0.1400[/FONT]
[FONT=Calibri]www.malwarebytes.org[/FONT]

[FONT=Calibri]Database version: v2012.05.29.04[/FONT]

[FONT=Calibri]Windows 7 Service Pack 1 x64 NTFS[/FONT]
[FONT=Calibri]Internet Explorer 9.0.8112.16421[/FONT]
[FONT=Calibri]MikeCertini :: MCERTINI-PC [administrator][/FONT]

[FONT=Calibri]5/29/2012 9:07[/FONT]
[FONT=Calibri]mbam-log-2012-05-29 (09-07-03).txt[/FONT]

[FONT=Calibri]Scan type: Quick scan[/FONT]
[FONT=Calibri]Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM[/FONT]
[FONT=Calibri]Scan options disabled: P2P[/FONT]
[FONT=Calibri]Objects scanned: 204069[/FONT]
[FONT=Calibri]Time elapsed: 2 minute(s), 41 second(s)[/FONT]

[FONT=Calibri]Memory Processes Detected: 0[/FONT]
[FONT=Calibri](No malicious items detected)[/FONT]

[FONT=Calibri]Memory Modules Detected: 0[/FONT]
[FONT=Calibri](No malicious items detected)[/FONT]

[FONT=Calibri]Registry Keys Detected: 0[/FONT]
[FONT=Calibri](No malicious items detected)[/FONT]

[FONT=Calibri]Registry Values Detected: 0[/FONT]
[FONT=Calibri](No malicious items detected)[/FONT]

[FONT=Calibri]Registry Data Items Detected: 0[/FONT]
[FONT=Calibri](No malicious items detected)[/FONT]

[FONT=Calibri]Folders Detected: 0[/FONT]
[FONT=Calibri](No malicious items detected)[/FONT]

[FONT=Calibri]Files Detected: 0[/FONT]
[FONT=Calibri](No malicious items detected)[/FONT]

[FONT=Calibri](end)[/FONT]

[FONT=Calibri]-----------------------------------[/FONT]

[FONT=Calibri]There was no GMER file.[/FONT]

[FONT=Calibri]-----------------------------------[/FONT]

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by MikeCertini at 9:32:51 on 2012-05-29
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.8105.6019 [GMT -7:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\mfevtps.exe
C:\Program Files\Microsoft SQL Server\100\DTS\Binn\MsDtsSrvr.exe
c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe
C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe
C:\Program Files\Microsoft SQL Server\MSAS10_50.MSSQLSERVER\OLAP\bin\msmdsrv.exe
C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
C:\Program Files\Microsoft SQL Server\MSRS10_50.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
c:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\fdhost.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE
C:\Windows\system32\conhost.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\mcafee.com\agent\mcagent.exe
C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe
C:\Program Files\Common Files\McAfee\Core\mchost.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\Wireshark\wireshark.exe
C:\Program Files\Wireshark\dumpcap.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11c_ActiveX.exe
c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
"mWinlogon: Userinit=userinit.exe,"
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120427095741.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
"TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - ""C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll"""
mRun: [<NO NAME>]
"mRun: [SunJavaUpdateSched] ""C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"""
"mRun: [mcui_exe] ""C:\Program Files\McAfee.com\Agent\mcagent.exe"" /runkey"
"mRun: [RoxWatchTray] ""C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"""
"mRun: [Desktop Disc Tool] ""C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"""
mRun: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
"mRun: [Adobe Reader Speed Launcher] ""C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"""
"mRun: [Adobe ARM] ""C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"""
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} - hxxps://oas.support.microsoft.com/ActiveX/MSDcode.cab
DPF: {682C59F5-478C-4421-9070-AD170D143B77} - hxxp://www.dell.com/support/troubleshooting/Content/Ode/pcd86.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{5F85476B-B570-4D85-9BD6-B6C03248724A} : DhcpNameServer = 192.168.0.1
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\McAfee\msc\McSnIePl.dll
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120427095741.dll
BHO-X64: scriptproxy - No File
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
"TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - ""C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll"""
mRun-x64: [(Default)]
"mRun-x64: [SunJavaUpdateSched] ""C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"""
"mRun-x64: [mcui_exe] ""C:\Program Files\McAfee.com\Agent\mcagent.exe"" /runkey"
"mRun-x64: [RoxWatchTray] ""C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"""
"mRun-x64: [Desktop Disc Tool] ""C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"""
mRun-x64: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
"mRun-x64: [Adobe Reader Speed Launcher] ""C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"""
"mRun-x64: [Adobe ARM] ""C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"""
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys --> C:\Windows\system32\DRIVERS\mfenlfk.sys [?]
R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-1-27 249936]
R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-1-27 249936]
R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-1-27 249936]
R2 McShield;McAfee McShield;C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe [2012-1-17 199272]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe [2012-1-17 210584]
"R2 mfevtp;McAfee Validation Trust Protection Service;""C:\Windows\system32\mfevtps.exe"" --> C:\Windows\system32\mfevtps.exe [?]"
R2 MsDtsServer100;SQL Server Integration Services 10.0;C:\Program Files\Microsoft SQL Server\100\DTS\Binn\MsDtsSrvr.exe [2011-6-17 210784]
R2 MSSQLFDLauncher;SQL Full-text Filter Daemon Launcher (MSSQLSERVER);C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe [2010-4-3 32096]
R2 NOBU;Dell DataSafe Online;C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe [2010-8-25 2823000]
R2 ReportServer;SQL Server Reporting Services (MSSQLSERVER);C:\Program Files\Microsoft SQL Server\MSRS10_50.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2011-6-17 2180960]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2012-1-17 1692480]
R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.EXE [2012-2-10 240408]
R3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
R3 MEIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
S2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.EXE [2012-2-10 193816]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files\Microsoft SQL Server\100\Shared\sqladhlp.exe [2010-4-3 59744]
S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]
S3 cphs;Intel(R) Content Protection HECI Service;C:\Windows\SysWOW64\IntelCpHeciSvc.exe [2012-3-19 276248]
S3 FilterMon;FilterMon;C:\Users\MikeCertini\Documents\Utilities\Kernel Filter Monitoring Tools\x86\FilterMon.sys [2009-10-20 33000]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 McAWFwk;McAfee Activation Service;C:\PROGRA~1\mcafee\msc\mcawfwk.exe [2012-1-17 224704]
S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys --> C:\Windows\system32\drivers\rdpvideominiport.sys [?]
S3 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 DellDigitalDelivery;Dell Digital Delivery Service;C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2011-10-26 162816]
S4 McOobeSv;McAfee OOBE Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-1-27 249936]
S4 RsFx0151;RsFx0151 Driver;C:\Windows\system32\DRIVERS\RsFx0151.sys --> C:\Windows\system32\DRIVERS\RsFx0151.sys [?]
.
=============== Created Last 30 ================
.
5/26/2012 1:00 -------- d-----w- C:\Users\MikeCertini\My Backup Files
5/26/2012 0:01 -------- d-----w- C:\Program Files\PC Optimizer Pro
5/25/2012 19:49 8955792 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{154079A5-EFA2-4AC4-AB97-0C62FE34E401}\mpengine.dll
5/25/2012 4:27 -------- d-----w- C:\ProgramData\Sophos
5/25/2012 4:25 -------- d-----w- C:\scss_10
5/24/2012 15:51 -------- d-----w- C:\Windows\pss
5/24/2012 4:11 8955792 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
5/15/2012 5:13 -------- d-----w- C:\Program Files (x86)\HashCalc
5/14/2012 6:01 -------- d-----w- C:\Program Files\Dell Support Center
5/14/2012 5:53 -------- d-----w- C:\Users\MikeCertini\AppData\Roaming\PCDr
5/14/2012 4:58 1732096 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL
5/14/2012 4:58 1367552 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
5/14/2012 4:58 936960 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
5/14/2012 4:58 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll
5/14/2012 4:58 1393664 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll
5/14/2012 4:58 1918320 ----a-w- C:\Windows\System32\drivers\tcpip.sys
5/14/2012 4:57 1544704 ----a-w- C:\Windows\System32\DWrite.dll
5/14/2012 4:57 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll
5/14/2012 4:57 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
5/14/2012 4:57 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
5/14/2012 4:57 3146240 ----a-w- C:\Windows\System32\win32k.sys
5/14/2012 4:57 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
5/14/2012 4:56 75120 ----a-w- C:\Windows\System32\drivers\partmgr.sys
5/14/2012 4:22 27016 ----a-w- C:\Windows\SysWow64\drivers\PROCEXP141.SYS
4/30/2012 4:57 -------- d-----w- C:\Program Files\Windows XP Mode
4/29/2012 22:41 -------- d-----r- C:\Users\MikeCertini\Virtual Machines
4/29/2012 22:36 3584 ----a-w- C:\Windows\System32\drivers\nb-NO\vpchbus.sys.mui
4/29/2012 22:35 3584 ----a-w- C:\Windows\System32\drivers\sv-SE\vpchbus.sys.mui
.
==================== Find3M ====================
.
4/4/2012 22:56 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
3/20/2012 20:11 162192 ----a-w- C:\Windows\System32\mfevtps.exe
3/20/2012 6:44 5888792 ----a-w- C:\Windows\System32\GfxUI.exe
3/20/2012 6:44 509720 ----a-w- C:\Windows\System32\igfxsrvc.exe
3/20/2012 6:44 439064 ----a-w- C:\Windows\System32\igfxpers.exe
3/20/2012 6:44 398616 ----a-w- C:\Windows\System32\hkcmd.exe
3/20/2012 6:44 276248 ----a-w- C:\Windows\SysWow64\IntelCpHeciSvc.exe
3/20/2012 6:44 250136 ----a-w- C:\Windows\System32\igfxext.exe
3/20/2012 6:44 184600 ----a-w- C:\Windows\System32\difx64.exe
3/20/2012 6:44 170264 ----a-w- C:\Windows\System32\igfxtray.exe
3/20/2012 6:42 90112 ----a-w- C:\Windows\System32\igfxCoIn_v2696.dll
3/20/2012 6:32 14745600 ----a-w- C:\Windows\System32\drivers\igdkmd64.sys
3/20/2012 6:31 8087040 ----a-w- C:\Windows\System32\igdumd64.dll
3/20/2012 6:31 79360 ----a-w- C:\Windows\System32\igdde64.dll
3/20/2012 6:26 6120960 ----a-w- C:\Windows\SysWow64\igdumd32.dll
3/20/2012 6:25 58880 ----a-w- C:\Windows\SysWow64\igdde32.dll
3/20/2012 6:22 9605632 ----a-w- C:\Windows\System32\igd10umd64.dll
3/20/2012 6:11 7795200 ----a-w- C:\Windows\SysWow64\igd10umd32.dll
3/20/2012 5:31 18137088 ----a-w- C:\Windows\System32\ig4icd64.dll
3/20/2012 5:21 13212672 ----a-w- C:\Windows\SysWow64\ig4icd32.dll
3/20/2012 5:17 28672 ----a-w- C:\Windows\System32\igfxexps.dll
3/20/2012 5:17 63488 ----a-w- C:\Windows\System32\igfxsrvc.dll
3/20/2012 5:17 110592 ----a-w- C:\Windows\System32\hccutils.dll
3/20/2012 5:17 9216 ----a-w- C:\Windows\System32\IGFXDEVLib.dll
3/20/2012 5:17 434688 ----a-w- C:\Windows\System32\igfxdev.dll
3/20/2012 5:17 172032 ----a-w- C:\Windows\System32\gfxSrvc.dll
3/20/2012 5:16 286208 ----a-w- C:\Windows\System32\igfxrenu.lrc
3/20/2012 5:16 142336 ----a-w- C:\Windows\System32\igfxdo.dll
3/20/2012 5:16 9007616 ----a-w- C:\Windows\System32\igfxress.dll
3/20/2012 5:12 25088 ----a-w- C:\Windows\SysWow64\igfxexps32.dll
3/20/2012 5:11 325120 ----a-w- C:\Windows\SysWow64\igfxdv32.dll
3/1/2012 6:46 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
3/1/2012 6:38 220672 ----a-w- C:\Windows\System32\wintrust.dll
3/1/2012 6:33 81408 ----a-w- C:\Windows\System32\imagehlp.dll
3/1/2012 6:28 5120 ----a-w- C:\Windows\System32\wmi.dll
3/1/2012 5:37 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
3/1/2012 5:33 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
3/1/2012 5:29 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
.
============= FINISH: 9:33:08.92 ===============

.
"UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG."
"IF REQUESTED, ZIP IT UP & ATTACH IT"
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume2
Install Date: 1/20/2012 5:40:06 PM
System Uptime: 5/29/2012 8:59:13 AM (1 hours ago)
.
Motherboard: Dell Inc. | | 0GDG8Y
Processor: Intel(R) Core(TM) i5-2320 CPU @ 3.00GHz | CPU 1 | 3001/100mhz
.
==== Disk Partitions =========================
.
"C: is FIXED (NTFS) - 451 GiB total, 102.589 GiB free."
D: is CDROM ()
E: is Removable
F: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP92: 5/23/2012 8:20:55 PM - Removed Debugging Tools for Windows (x64)
RP93: 5/23/2012 9:11:34 PM - Windows Update
RP94: 5/24/2012 9:25:48 PM - Installed Sophos Computer Security Scan.
RP95: 5/24/2012 9:26:28 PM - Installed Microsoft Visual C++ 2005 Redistributable
RP96: 5/24/2012 9:38:46 PM - Installed Sophos Virus Removal Tool.
RP97: 5/25/2012 7:57:43 AM - Removed Sophos Computer Security Scan.
RP98: 5/25/2012 11:38:58 AM - Removed Sophos Virus Removal Tool.
RP99: 5/25/2012 11:39:37 AM - Removed Sophos Computer Security Scan.
RP100: 5/25/2012 1:04:20 PM - Windows Update
RP101: 5/27/2012 11:06:20 AM - Removed Application Verifier (x64)
RP102: 5/27/2012 6:42:58 PM - Removed SyncUP.
RP103: 5/27/2012 6:43:40 PM - Removed SyncUP.
.
==== Installed Programs ======================
.
7-Zip 4.65
Adobe AIR
Adobe Reader X MUI
Bejeweled 2 Deluxe
Bing Bar
Bing Rewards Client Installer
Blackhawk Striker 2
Blio
Boost C++ Libraries 1.47
Bounce Symphony
Build-a-lot 2
Cake Mania
Chuzzle Deluxe
Consumer In-Home Service Agreement
Cozi
Crystal Reports Basic for Visual Studio 2008
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell DataSafe Local Backup
Dell DataSafe Local Backup - Support Software
Dell DataSafe Online
Dell Digital Delivery
Dell Getting Started Guide
Dell MusicStage
Dell PhotoStage
Dell VideoStage
Diner Dash 2 Restaurant Rescue
DirectX 9 Runtime
Dora's World Adventure
eBay
Escape Whisper Valley (TM)
Farm Frenzy
FATE
Final Drive Fury
Final Drive Nitro
FXCM MetaTrader 4
HashCalc 2.02
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)
Hotfix for Microsoft Visual Studio 2008 Professional Edition - ENU (KB971091)
Hotfix for Microsoft Visual Studio 2008 Professional Edition - ENU (KB973674)
Intel(R) Processor Graphics
Java Auto Updater
Java(TM) 6 Update 31
Jewel Quest
Jewel Quest Solitaire 2
Luxor
Malwarebytes Anti-Malware version 1.61.0.1400
McAfee SecurityCenter
MetaTrader 4.00
Microsoft .NET Compact Framework 2.0 SP2
Microsoft .NET Compact Framework 3.5
Microsoft .NET Framework 4 Multi-Targeting Pack
Microsoft Document Explorer 2008
Microsoft Office 2003 Web Components
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2010
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)
Microsoft Office Single Image 2010
Microsoft Office Visual Web Developer 2007
Microsoft Office Visual Web Developer MUI (English) 2007
Microsoft Office Word MUI (English) 2010
Microsoft Report Viewer Redistributable 2008 (KB971119)
Microsoft Report Viewer Redistributable 2008 SP1
Microsoft Silverlight
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)
Microsoft SQL Server 2005 Tools Express Edition
Microsoft SQL Server 2008 R2 Books Online
Microsoft SQL Server 2008 R2 Policies
Microsoft SQL Server Browser
Microsoft SQL Server Compact 3.5 Design Tools ENU
Microsoft SQL Server Compact 3.5 for Devices ENU
Microsoft SQL Server Compact 3.5 SP2 ENU
Microsoft SQL Server Compact 3.5 SP2 Query Tools ENU
Microsoft SQL Server Database Publishing Wizard 1.2
Microsoft SQL Server Setup Support Files (English)
Microsoft Visual C++ Compilers 2010 Standard - enu - x86
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Microsoft Visual Studio 2005 Tools for Office Runtime
Microsoft Visual Studio 2008 Professional Edition - ENU
Microsoft Visual Studio 2008 Shell (integrated mode) - ENU
Microsoft Visual Studio Tools for Applications 2.0 - ENU
Microsoft Visual Studio Web Authoring Component
Microsoft Windows Debugging Symbols
MSDN Library for Visual Studio 2008 - ENU
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Namco All-Stars PAC-MAN
Penguins!
PhotoShowExpress
Plants vs. Zombies - Game of the Year
PlayReady PC Runtime x86
Poker Superstars III
Polar Bowler
Polar Golfer
Roxio Activation Module
Roxio BackOnTrack
Roxio Burn
Roxio Creator Starter
Roxio Express Labeler 3
Samantha Swift
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2584063)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598039) 32-Bit Edition
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition
Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)
Security Update for Microsoft Visio Viewer 2010 (KB2597981) 32-Bit Edition
Skype™ 5.5
Sonic CinePlayer Decoder Pack
TrustedID
Update for 2007 Microsoft Office System (KB2284654)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft Visual Studio 2008 Professional Edition - ENU (KB972221)
Update Installer for WildTangent Games App
VC Runtimes MSI
Virtual Villagers 4 - The Tree of Life
Visual Studio 2005 Tools for Office Second Edition Runtime
Visual Studio Tools for the Office system 3.0 Runtime
"Wedding Dash - Ready, Aim, Love!"
WildTangent Games
WildTangent Games App (Dell Games)
Windows Live Mesh ActiveX Control for Remote Connections
Windows Mobile 5.0 SDK R2 for Pocket PC
Windows Mobile 5.0 SDK R2 for Smartphone
Windows SDK IntellisenseNFX
WinPcap 4.1.2
Wireshark 1.6.5
Zinio Reader 4
Zuma Deluxe
.
==== Event Viewer Messages From Past Week ========
.
"5/29/2012 9:04:00 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service."
"5/29/2012 8:59:39 AM, Error: Service Control Manager [7024] - The SQL Server Active Directory Helper service terminated with service-specific error %%-1073741724."
"5/29/2012 8:59:39 AM, Error: Service Control Manager [7024] - The SQL Active Directory Helper Service service terminated with service-specific error %%-1073741724."
"5/25/2012 5:37:34 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error ""1084"" attempting to start the service McNaiAnn with arguments """" in order to run the server: {395633B1-EED9-4DFC-B67F-9788B51C9F06}"
"5/25/2012 5:34:33 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error ""1084"" attempting to start the service McNaiAnn with arguments """" in order to run the server: {DC7EF8E1-824F-4110-AB43-1604DA9B4F40}"
"5/25/2012 5:33:09 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error ""1068"" attempting to start the service stisvc with arguments """" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}"
"5/25/2012 5:30:55 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start."
"5/25/2012 5:30:48 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error ""1068"" attempting to start the service netprofm with arguments """" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}"
"5/25/2012 5:30:48 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error ""1068"" attempting to start the service netman with arguments """" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}"
"5/25/2012 5:30:46 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error ""1084"" attempting to start the service EventSystem with arguments """" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}"
"5/25/2012 5:30:40 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error ""1084"" attempting to start the service ShellHWDetection with arguments """" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}"
"5/25/2012 5:30:31 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD CSC DfsC discache mfehidk mfenlfk NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vpcnfltr vpcvmm Wanarpv6 WfpLwf"
"5/25/2012 5:30:31 PM, Error: Service Control Manager [7001] - The McAfee Proxy Service service depends on the McAfee Firewall Core Service service which failed to start because of the following error: The dependency service or group failed to start."
"5/25/2012 5:30:30 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start."
"5/25/2012 5:30:30 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning."
"5/25/2012 5:30:30 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning."
"5/25/2012 5:30:30 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start."
"5/25/2012 5:30:30 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start."
"5/25/2012 5:30:30 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning."
"5/25/2012 5:30:30 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start."
"5/25/2012 5:30:30 PM, Error: Service Control Manager [7001] - The McAfee Validation Trust Protection Service service depends on the McAfee Inc. mfehidk service which failed to start because of the following error: A device attached to the system is not functioning."
"5/25/2012 5:30:30 PM, Error: Service Control Manager [7001] - The McAfee Personal Firewall Service service depends on the Windows Firewall service which failed to start because of the following error: The dependency service or group failed to start."
"5/25/2012 5:30:30 PM, Error: Service Control Manager [7001] - The McAfee McShield service depends on the McAfee Validation Trust Protection Service service which failed to start because of the following error: The dependency service or group failed to start."
"5/25/2012 5:30:30 PM, Error: Service Control Manager [7001] - The McAfee Firewall Core Service service depends on the McAfee Validation Trust Protection Service service which failed to start because of the following error: The dependency service or group failed to start."
"5/25/2012 5:30:30 PM, Error: Service Control Manager [7001] - The McAfee Anti-Spam Service service depends on the McAfee Firewall Core Service service which failed to start because of the following error: The dependency service or group failed to start."
"5/25/2012 5:30:30 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start."
"5/25/2012 5:30:30 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning."
"5/25/2012 5:30:30 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning."
"5/25/2012 5:14:43 PM, Error: Application Popup [1060] - \??\C:\Users\MikeCertini\Documents\Utilities\Kernel Detective\K has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver."
"5/25/2012 4:51:17 PM, Error: Service Control Manager [7000] - The FilterMon service failed to start due to the following error: Windows cannot verify the digital signature for this file. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source."
"5/25/2012 4:34:22 PM, Error: Application Popup [1060] - \??\C:\Users\MikeCertini\Documents\Utilities\SSDT_Hooks_Reveale has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver."
"5/24/2012 8:29:11 PM, Error: Service Control Manager [7034] - The Kaspersky Security Scan Service service terminated unexpectedly. It has done this 1 time(s)."
"5/24/2012 3:17:51 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD CSC DfsC discache mfehidk mfenlfk NetBIOS NetBT nsiproxy Psched rdbss SASDIFSV SASKUTIL spldr tdx vpcnfltr vpcvmm Wanarpv6 WfpLwf"
"5/22/2012 2:09:37 PM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit."
.
==== End Of File ===========================

 

[Bobbye]

What I'm seeing:
There are 7 of these processes running:
C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\***************.exe
SQL Server Express > powerful and reliable data management product that delivers rich features, data protection, and performance for embedded application clients, light Web applications, and local data stores.

There are 2 processes for Wireshark:
Wireshark is a free and open-source packet analyzer. It is used for network troubleshooting, analysis, software and communications protocol development, and education.

You're running the HashCalc: Calculator to compute message digests, checksums and HMACs for files, as well as for text and hex strings.

There are multiple errors for Services> either dependency isn't running or device (router?) isn't working.

What is your use for all this data you are managing?

 

[mcertini]

Bobbye,

Thank you for your response. I use SQL Server Express as a sandbox for learning SQL Server. I installed Wireshark so I am familiar with this. I have turned off some services that I am not familiar with. I need to clean this up and identify what is bonafide.

Mike

 

[Bobbye]

I have turned off some services that I am not familiar with. I need to clean this up and identify what is bonafide.

There are multiple errors for Services> either dependency isn't running or device (router?) isn't working.

You need to get these Services running correctly, with their Dependencies:
Always use a reference when changing Startup Type for Services. Dependencies aalso need to be deal with. I recommend using Black Viuper's site> scroll down to below the image for the Services. Changing Services usually works best in Safe Mode because of the need to have Dependencies running:

http://www.blackviper.com/service-c...dows-7-service-pack-1-service-configurations/
=====================================================
Basically you'rew telling me that you have set or know about all of the multiple entries. If tht is correct, it isn't going to help point to the multiple logons.
After you have reset the Services correctly, please go on to the following:

Please note: If you have previously run Combofix and it's still on the system, please uninstall it. Then download the current version and do the scan: Uninstall directions, if needed

• Click START> then RUN
• Now type Combofix /Uninstall in the runbox and click OK. Note the space between the X and the U, it needs to be there.

--------------------------------------

• 
  Download Combofix from HERE or HEREhttp://www.forospyware.com/sUBs/ComboFix.exe and save to the desktop
  • Double click combofix.exe
    
    & follow the prompts.
  • If prompted for Recovery Console, please allow.
  • Once installed, you should see a blue screen prompt that says:
    

    The Recovery Console was successfully installed.

  • Note: If Combofix was downloaded to a flash drive, the Recovery Console will not install- just bypass and go on.[/b]
  • Note: No query will be made if the Recovery Console is already on the system.
• Close any open browsers.
• Before you run the Combofix scan, please disable any security software you have running.
  (If you need help with this, please see HERE)
• Click on Yes, to continue scanning for malware
• If Combofix asks you to update the program, allow
• When the scan completes , a report will be generated-it will open a text window. Please paste the C:\ComboFix.txt in next reply..

Re-enable your Antivirus software.
Note 1o not mouse-click Combofix's window while it is running. That may cause it to stall.
Note 2:If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion", restart the computer.
Note 3:CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficultyand terminates prematurely, the connection can be manually restored by restarting your machine.
==================================================
To run the Eset Online Virus Scan:
If you use Internet Explorer:

1. Open the ESETOnlineScan
2. Skip to #4 to "Continue with the directions"
   
   If you are using a browser other than Internet Explorer
3. Open Eset Smart Installer
   [o] Click on the esetsmartinstaller_enu.exelink and save to the desktop.
   [o] Double click on the desktop icon to run.
   [o] After successful installation of the ESET Smart Installer, the ESET Online Scanner will be launched in a new Window
   
4. Continue with the directions.
   
5. Check 'Yes I accept terms of use.'
6. Click Start button
7. Accept any security warnings from your browser.
   
   
8. Uncheck 'Remove found threats'
9. Check 'Scan archives/
10. Leave remaining settings as is.
11. Press the Start button.
12. ESET will then download updates for itself, install itself, and begin scanning your computer. Please wait for the scan to finish.
13. When the scan completes, press List of found threats
14. Push Export of text file and save the file to your desktop using a unique name, such as ESETScan. Paste this log in your next reply.
15. Push the Back button, then Finish

NOTE: If no malware is found then no log will be produced. Let me know if this is the case.

Please leave the 2 logs in your next reply.