New
#11
Sub Styler, all those services are stared and on automatic, and yes it is a wireless connection.
Vista King, here are the reports.
RogueKiller V8.6.3 _x64_ [Jul 17 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : Forum
Website : RogueKiller download
Blog : tigzy-RK
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Valued Customer [Admin rights]
Mode : Scan -- Date : 07/23/2013 20:07:25
| ARK || FAK || MBR |
¤¤¤ Bad processes : 0 ¤¤¤
¤¤¤ Registry Entries : 7 ¤¤¤
[HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ POL] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ POL] HKLM\[...]\System : EnableLUA (0) -> FOUND
[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
¤¤¤ Scheduled tasks : 0 ¤¤¤
¤¤¤ Startup Entries : 0 ¤¤¤
¤¤¤ Web browsers : 0 ¤¤¤
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
¤¤¤ External Hives: ¤¤¤
-> D:\windows\system32\config\SYSTEM
C:\WINDOWS\system32
C:\Documents and Settings\admin\Start Menu\Programs\Startup
-> D:\windows\system32\config\SOFTWARE
C:\WINDOWS\system32
C:\Documents and Settings\admin\Start Menu\Programs\Startup
-> D:\windows\system32\config\SECURITY
C:\WINDOWS\system32
C:\Documents and Settings\admin\Start Menu\Programs\Startup
-> D:\windows\system32\config\SAM
C:\WINDOWS\system32
C:\Documents and Settings\admin\Start Menu\Programs\Startup
-> D:\windows\system32\config\DEFAULT
C:\WINDOWS\system32
C:\Documents and Settings\admin\Start Menu\Programs\Startup
-> D:\Documents and Settings\admin\NTUSER.DAT
C:\WINDOWS\system32
C:\Documents and Settings\admin\Start Menu\Programs\Startup
-> D:\Documents and Settings\Default User\NTUSER.DAT
C:\WINDOWS\system32
C:\Documents and Settings\Default User\Start Menu\Programs\Startup
-> D:\Documents and Settings\LocalService\NTUSER.DAT
C:\WINDOWS\system32
C:\Documents and Settings\LocalService\Start Menu\Programs\Startup
-> D:\Documents and Settings\NetworkService\NTUSER.DAT
C:\WINDOWS\system32
C:\Documents and Settings\NetworkService\Start Menu\Programs\Startup
¤¤¤ Infection : ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
-->
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: WDC WD5000AACS-00ZUB0 ATA Device +++++
--- User ---
[MBR] cd01f429b1a2a97a19156ebd24b54e47
[BSP] 74f95ecd75d6134fa92b92501358e137 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 476929 Mo
User = LL1 ... OK!
User = LL2 ... OK!
+++++ PhysicalDrive1: WDC WD5000AACS-00ZUB0 ATA Device +++++
--- User ---
[MBR] d50818d3848495abb9f986a95572b046
[BSP] f6e0f72e6d3cdee5da45a2d50cd7e7b7 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 57139 Mo
User = LL1 ... OK!
User = LL2 ... OK!
+++++ PhysicalDrive2: WDC WD5000AACS-00ZUB0 ATA Device +++++
--- User ---
[MBR] 9fa41364d4d4cd075a2a57843612e7fe
[BSP] 2b7b47ab5581a2cc3d7072269d740597 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2760 | Size: 29924 Mo
User = LL1 ... OK!
Error reading LL2 MBR!
Finished : << RKreport[0]_S_07232013_200725.txt >>
Farbar Service Scanner Version: 13-07-2013
Ran by Valued Customer (administrator) on 23-07-2013 at 20:09:28
Running from "E:\Storage"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Connection Status:
==============
Attempt to access Local Host IP returned error: Localhost is blocked: Other errors
LAN connected.
Attempt to access Google IP returned error. Other errors
Attempt to access Google.com returned error: Other errors
Attempt to access Yahoo.com returned error: Other errors
Windows Firewall:
=============
Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\Standard Profile]
"EnableFirewall"=DWORD:0
System Restore:
============
System Restore Disabled Policy:
========================
Action Center:
============
Windows Update:
============
Windows Autoupdate Disabled Policy:
============================
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.
Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
Other Services:
==============
File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
**** End of log ****