Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Security Sheild back


  • Please log in to reply
11 replies to this topic

#1 grumps3

grumps3

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:12:34 AM

Posted 29 February 2012 - 03:35 PM

Hi there
I have on my vista 64 machine the nasty Security Sheild.
In the past we had the older version named system tool on a windows 7 machine and a xp machine which was removed following the instructions on this site.
system tool removal
These instructions are not shifting this variant from my pc, and strangely even malwarebytes is not detecting anything amiss, but when I reboot after scanning and replacing the host file (both in safemode with networking) this horrible virus/trojan is there again.
I am either doing something wrong in the removal process or its a nastier job then before
Any help appreciated.

Edit: Moved topic from Vista to the more appropriate forum. ~ Animal

BC AdBot (Login to Remove)

 


#2 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:12:34 AM

Posted 29 February 2012 - 03:56 PM

Can you post the logs from the scans you have done?

#3 grumps3

grumps3
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:12:34 AM

Posted 01 March 2012 - 04:12 AM

Sorry for putting my OP in the wrong area and thank you for getting back to me.
A little update

Inbetween my OP and your reply I downloaded and ran a hitmanpro one off scan in safe mode.
This picked up all sorts of wierd and nsfw website cookies.
I also managed to get a MSE scan started and ran that. (it returned a zero infections found)
Rebooted and then ran malwarebytes,glary utilities scans, and finally another full MSE scan.

The logs for malware have been overwritten and I can not locate where MSE stores the scan results.
I am hoping the system is now clean ??
Regards

#4 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:12:34 AM

Posted 01 March 2012 - 07:55 AM

the logs should not be over written as each log is time stamped.

MSE should have a history tab.

#5 grumps3

grumps3
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:12:34 AM

Posted 01 March 2012 - 12:37 PM

Thanks again cryptodan
Of course your correct, the malware logs are not overwritten. Im sure I had a message pop up asking me if I wanted to overwrite when I went to shut the programme down.
Also under the MSE history tab there are no saved log details at all, unlike on my laptop where there is a log of stuff caught and removed.

Would you still like me to send the 3 malware logs despite there being nothing detected?

Regards

#6 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:12:34 AM

Posted 01 March 2012 - 12:45 PM

yes I would

#7 grumps3

grumps3
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:12:34 AM

Posted 01 March 2012 - 01:09 PM

Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Database version: v2012.02.26.04

Windows Vista Service Pack 2 x64 NTFS (Safe Mode/Networking)
Internet Explorer 9.0.8112.16421
teflon :: TEFLON-PC [administrator]

29/02/2012 16:07:15
mbam-log-2012-02-29 (16-07-15).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 467727
Time elapsed: 51 minute(s), 31 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Database version: v2012.02.26.04

Windows Vista Service Pack 2 x64 NTFS (Safe Mode/Networking)
Internet Explorer 9.0.8112.16421
teflon :: TEFLON-PC [administrator]

29/02/2012 17:24:22
mbam-log-2012-02-29 (17-24-22).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 467779
Time elapsed: 50 minute(s), 46 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Database version: v2012.02.26.04

Windows Vista Service Pack 2 x64 NTFS (Safe Mode/Networking)
Internet Explorer 9.0.8112.16421
teflon :: TEFLON-PC [administrator]

29/02/2012 18:45:50
mbam-log-2012-02-29 (18-45-50).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 448241
Time elapsed: 48 minute(s), 47 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#8 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:12:34 AM

Posted 01 March 2012 - 03:30 PM

Lets go ahead and try TDSS Killer. Once you have executed the program please navigate to c:\ to locate the logs it will begin with tdss*. If you are prompted to fix anything, then PLEASE DO NOT FIX ANYTHING. If you fix something it could brick your computer meaning it would become inoperable.

#9 grumps3

grumps3
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:12:34 AM

Posted 02 March 2012 - 05:02 AM

here is the log

09:58:07.0312 4276 TDSS rootkit removing tool 2.7.17.0 Feb 29 2012 14:02:24
09:58:09.0313 4276 ============================================================
09:58:09.0313 4276 Current date / time: 2012/03/02 09:58:09.0313
09:58:09.0313 4276 SystemInfo:
09:58:09.0313 4276
09:58:09.0313 4276 OS Version: 6.0.6002 ServicePack: 2.0
09:58:09.0313 4276 Product type: Workstation
09:58:09.0313 4276 ComputerName: TEFLON-PC
09:58:09.0313 4276 UserName: teflon
09:58:09.0313 4276 Windows directory: C:\Windows
09:58:09.0313 4276 System windows directory: C:\Windows
09:58:09.0313 4276 Running under WOW64
09:58:09.0313 4276 Processor architecture: Intel x64
09:58:09.0313 4276 Number of processors: 2
09:58:09.0313 4276 Page size: 0x1000
09:58:09.0313 4276 Boot type: Normal boot
09:58:09.0313 4276 ============================================================
09:58:09.0690 4276 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:58:09.0705 4276 \Device\Harddisk0\DR0:
09:58:09.0706 4276 MBR used
09:58:09.0706 4276 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1E00800, BlocksNum 0x11850000
09:58:09.0706 4276 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x13650822, BlocksNum 0x11DDCE9F
09:58:09.0793 4276 Initialize success
09:58:09.0793 4276 ============================================================
09:58:15.0029 1468 ============================================================
09:58:15.0029 1468 Scan started
09:58:15.0029 1468 Mode: Manual;
09:58:15.0029 1468 ============================================================
09:58:15.0475 1468 ACPI (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys
09:58:15.0478 1468 ACPI - ok
09:58:15.0566 1468 adp94xx (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys
09:58:15.0582 1468 adp94xx - ok
09:58:15.0654 1468 adpahci (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys
09:58:15.0660 1468 adpahci - ok
09:58:15.0728 1468 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys
09:58:15.0731 1468 adpu160m - ok
09:58:15.0806 1468 adpu320 (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys
09:58:15.0809 1468 adpu320 - ok
09:58:15.0897 1468 AFD (c4f6ce6087760ad70960c9eb130e7943) C:\Windows\system32\drivers\afd.sys
09:58:15.0915 1468 AFD - ok
09:58:15.0952 1468 agp440 (f6f6793b7f17b550ecfdbd3b229173f7) C:\Windows\system32\drivers\agp440.sys
09:58:15.0954 1468 agp440 - ok
09:58:15.0972 1468 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys
09:58:15.0974 1468 aic78xx - ok
09:58:16.0001 1468 aliide (157d0898d4b73f075ce9fa26b482df98) C:\Windows\system32\drivers\aliide.sys
09:58:16.0002 1468 aliide - ok
09:58:16.0019 1468 amdide (970fa5059e61e30d25307b99903e991e) C:\Windows\system32\drivers\amdide.sys
09:58:16.0026 1468 amdide - ok
09:58:16.0056 1468 AmdK8 (cdc3632a3a5ea4dbb83e46076a3165a1) C:\Windows\system32\drivers\amdk8.sys
09:58:16.0057 1468 AmdK8 - ok
09:58:16.0134 1468 AmdLLD64 (f5761675da9d15d7ae0e40907a8f4404) C:\Windows\system32\DRIVERS\AmdLLD64.sys
09:58:16.0135 1468 AmdLLD64 - ok
09:58:16.0186 1468 arc (ba8417d4765f3988ff921f30f630e303) C:\Windows\system32\drivers\arc.sys
09:58:16.0188 1468 arc - ok
09:58:16.0238 1468 arcsas (9d41c435619733b34cc16a511e644b11) C:\Windows\system32\drivers\arcsas.sys
09:58:16.0240 1468 arcsas - ok
09:58:16.0281 1468 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys
09:58:16.0282 1468 AsyncMac - ok
09:58:16.0324 1468 atapi (e68d9b3a3905619732f7fe039466a623) C:\Windows\system32\drivers\atapi.sys
09:58:16.0325 1468 atapi - ok
09:58:16.0372 1468 ati2mpad (a9fa2a0fba4295fb5a70fdf15f83339c) C:\Windows\system32\DRIVERS\ati2mpad.sys
09:58:16.0377 1468 ati2mpad - ok
09:58:16.0419 1468 blbdrive (79feeb40056683f8f61398d81dda65d2) C:\Windows\system32\drivers\blbdrive.sys
09:58:16.0421 1468 blbdrive - ok
09:58:16.0485 1468 bowser (2348447a80920b2493a9b582a23e81e1) C:\Windows\system32\DRIVERS\bowser.sys
09:58:16.0487 1468 bowser - ok
09:58:16.0508 1468 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys
09:58:16.0509 1468 BrFiltLo - ok
09:58:16.0547 1468 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys
09:58:16.0548 1468 BrFiltUp - ok
09:58:16.0575 1468 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys
09:58:16.0577 1468 Brserid - ok
09:58:16.0593 1468 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys
09:58:16.0595 1468 BrSerWdm - ok
09:58:16.0614 1468 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys
09:58:16.0615 1468 BrUsbMdm - ok
09:58:16.0636 1468 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys
09:58:16.0637 1468 BrUsbSer - ok
09:58:16.0663 1468 BTHMODEM (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys
09:58:16.0664 1468 BTHMODEM - ok
09:58:16.0687 1468 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys
09:58:16.0692 1468 cdfs - ok
09:58:16.0727 1468 cdrom (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys
09:58:16.0729 1468 cdrom - ok
09:58:16.0765 1468 circlass (02ea568d498bbdd4ba55bf3fce34d456) C:\Windows\system32\drivers\circlass.sys
09:58:16.0767 1468 circlass - ok
09:58:16.0821 1468 CLFS (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys
09:58:16.0825 1468 CLFS - ok
09:58:16.0878 1468 cmdide (e5d5499a1c50a54b5161296b6afe6192) C:\Windows\system32\drivers\cmdide.sys
09:58:16.0879 1468 cmdide - ok
09:58:16.0892 1468 Compbatt (7fb8ad01db0eabe60c8a861531a8f431) C:\Windows\system32\drivers\compbatt.sys
09:58:16.0893 1468 Compbatt - ok
09:58:16.0914 1468 crcdisk (a8585b6412253803ce8efcbd6d6dc15c) C:\Windows\system32\drivers\crcdisk.sys
09:58:16.0915 1468 crcdisk - ok
09:58:16.0953 1468 DfsC (8b722ba35205c71e7951cdc4cdbade19) C:\Windows\system32\Drivers\dfsc.sys
09:58:16.0954 1468 DfsC - ok
09:58:16.0979 1468 disk (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys
09:58:16.0980 1468 disk - ok
09:58:17.0018 1468 Dot4 (74c02b1717740c3b8039539e23e4b53f) C:\Windows\system32\DRIVERS\Dot4.sys
09:58:17.0020 1468 Dot4 - ok
09:58:17.0051 1468 Dot4Print (08321d1860235bf42cf2854234337aea) C:\Windows\system32\DRIVERS\Dot4Prt.sys
09:58:17.0052 1468 Dot4Print - ok
09:58:17.0080 1468 dot4usb (4adccf0124f2b6911d3786a5d0e779e5) C:\Windows\system32\DRIVERS\dot4usb.sys
09:58:17.0081 1468 dot4usb - ok
09:58:17.0139 1468 drmkaud (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys
09:58:17.0140 1468 drmkaud - ok
09:58:17.0193 1468 DXGKrnl (b8e554e502d5123bc111f99d6a2181b4) C:\Windows\System32\drivers\dxgkrnl.sys
09:58:17.0198 1468 DXGKrnl - ok
09:58:17.0235 1468 E1G60 (264cee7b031a9d6c827f3d0cb031f2fe) C:\Windows\system32\DRIVERS\E1G6032E.sys
09:58:17.0237 1468 E1G60 - ok
09:58:17.0301 1468 Ecache (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys
09:58:17.0302 1468 Ecache - ok
09:58:17.0372 1468 elxstor (c4636d6e10469404ab5308d9fd45ed07) C:\Windows\system32\drivers\elxstor.sys
09:58:17.0377 1468 elxstor - ok
09:58:17.0406 1468 ErrDev (bc3a58e938bb277e46bf4b3003b01abd) C:\Windows\system32\drivers\errdev.sys
09:58:17.0406 1468 ErrDev - ok
09:58:17.0464 1468 exfat (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys
09:58:17.0468 1468 exfat - ok
09:58:17.0517 1468 fastfat (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys
09:58:17.0519 1468 fastfat - ok
09:58:17.0546 1468 fdc (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys
09:58:17.0546 1468 fdc - ok
09:58:17.0573 1468 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys
09:58:17.0574 1468 FileInfo - ok
09:58:17.0601 1468 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys
09:58:17.0602 1468 Filetrace - ok
09:58:17.0618 1468 flpydisk (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
09:58:17.0619 1468 flpydisk - ok
09:58:17.0661 1468 FltMgr (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys
09:58:17.0664 1468 FltMgr - ok
09:58:17.0680 1468 Fs_Rec (29d99e860a1ca0a03c6a733fdd0da703) C:\Windows\system32\drivers\Fs_Rec.sys
09:58:17.0687 1468 Fs_Rec - ok
09:58:17.0711 1468 FTDIBUS (7442bca60ed46cc31c2f39728bbdd9ad) C:\Windows\system32\drivers\ftdibus.sys
09:58:17.0713 1468 FTDIBUS - ok
09:58:17.0749 1468 FTSER2K (121af3148cdda212cffbc4f6240699c2) C:\Windows\system32\drivers\ftser2k.sys
09:58:17.0751 1468 FTSER2K - ok
09:58:17.0781 1468 gagp30kx (c8e416668d3dc2be3d4fe4c79224997f) C:\Windows\system32\drivers\gagp30kx.sys
09:58:17.0783 1468 gagp30kx - ok
09:58:17.0816 1468 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
09:58:17.0817 1468 GEARAspiWDM - ok
09:58:17.0880 1468 HdAudAddService (df45f8142dc6df9d18c39b3effbd0409) C:\Windows\system32\drivers\HdAudio.sys
09:58:17.0884 1468 HdAudAddService - ok
09:58:17.0938 1468 HDAudBus (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys
09:58:17.0953 1468 HDAudBus - ok
09:58:17.0969 1468 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys
09:58:17.0970 1468 HidBth - ok
09:58:17.0988 1468 HidIr (4e77a77e2c986e8f88f996bb3e1ad829) C:\Windows\system32\drivers\hidir.sys
09:58:17.0990 1468 HidIr - ok
09:58:18.0046 1468 HidUsb (443bdd2d30bb4f00795c797e2cf99edf) C:\Windows\system32\DRIVERS\hidusb.sys
09:58:18.0047 1468 HidUsb - ok
09:58:18.0078 1468 HpCISSs (d7109a1e6bd2dfdbcba72a6bc626a13b) C:\Windows\system32\drivers\hpcisss.sys
09:58:18.0080 1468 HpCISSs - ok
09:58:18.0129 1468 HTTP (098f1e4e5c9cb5b0063a959063631610) C:\Windows\system32\drivers\HTTP.sys
09:58:18.0147 1468 HTTP - ok
09:58:18.0178 1468 i2omp (da94c854cea5fac549d4e1f6e88349e8) C:\Windows\system32\drivers\i2omp.sys
09:58:18.0180 1468 i2omp - ok
09:58:18.0204 1468 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys
09:58:18.0205 1468 i8042prt - ok
09:58:18.0233 1468 iaStorV (3e3bf3627d886736d0b4e90054f929f6) C:\Windows\system32\drivers\iastorv.sys
09:58:18.0237 1468 iaStorV - ok
09:58:18.0262 1468 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys
09:58:18.0263 1468 iirsp - ok
09:58:18.0318 1468 int15 (8c7fa71cb1ebcd3ede8958d27b1bf0b4) C:\Windows\SysWOW64\drivers\int15_64.sys
09:58:18.0319 1468 int15 - ok
09:58:18.0383 1468 IntcAzAudAddService (023eb98945069178c21b324b880ad787) C:\Windows\system32\drivers\RTKVHD64.sys
09:58:18.0392 1468 IntcAzAudAddService - ok
09:58:18.0418 1468 intelide (df797a12176f11b2d301c5b234bb200e) C:\Windows\system32\drivers\intelide.sys
09:58:18.0419 1468 intelide - ok
09:58:18.0444 1468 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys
09:58:18.0446 1468 intelppm - ok
09:58:18.0485 1468 IpFilterDriver (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:58:18.0487 1468 IpFilterDriver - ok
09:58:18.0498 1468 IpInIp - ok
09:58:18.0523 1468 IPMIDRV (9c2ee2e6e5a7203bfae15c299475ec67) C:\Windows\system32\drivers\ipmidrv.sys
09:58:18.0525 1468 IPMIDRV - ok
09:58:18.0545 1468 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys
09:58:18.0547 1468 IPNAT - ok
09:58:18.0570 1468 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys
09:58:18.0571 1468 IRENUM - ok
09:58:18.0582 1468 isapnp (0672bfcedc6fc468a2b0500d81437f4f) C:\Windows\system32\drivers\isapnp.sys
09:58:18.0584 1468 isapnp - ok
09:58:18.0625 1468 iScsiPrt (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys
09:58:18.0627 1468 iScsiPrt - ok
09:58:18.0649 1468 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys
09:58:18.0650 1468 iteatapi - ok
09:58:18.0678 1468 ITEIO.SYS (25d0dacc04eada6dcbc0b1e46f309759) c:\Windows\System32\drivers\ITEIO.sys
09:58:18.0687 1468 ITEIO.SYS - ok
09:58:18.0714 1468 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys
09:58:18.0715 1468 iteraid - ok
09:58:18.0755 1468 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys
09:58:18.0756 1468 kbdclass - ok
09:58:18.0795 1468 kbdhid (dbdf75d51464fbc47d0104ec3d572c05) C:\Windows\system32\DRIVERS\kbdhid.sys
09:58:18.0796 1468 kbdhid - ok
09:58:18.0853 1468 KSecDD (2758d174604f597bbc8a217ff667913d) C:\Windows\system32\Drivers\ksecdd.sys
09:58:18.0869 1468 KSecDD - ok
09:58:18.0879 1468 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys
09:58:18.0880 1468 ksthunk - ok
09:58:18.0929 1468 Lbd (3c46290f7a5d45ba6ef32c248e22aa69) C:\Windows\system32\DRIVERS\Lbd.sys
09:58:18.0930 1468 Lbd - ok
09:58:18.0964 1468 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys
09:58:18.0965 1468 lltdio - ok
09:58:18.0997 1468 LSI_FC (acbe1af32d3123e330a07bfbc5ec4a9b) C:\Windows\system32\drivers\lsi_fc.sys
09:58:18.0999 1468 LSI_FC - ok
09:58:19.0047 1468 LSI_SAS (799ffb2fc4729fa46d2157c0065b3525) C:\Windows\system32\drivers\lsi_sas.sys
09:58:19.0049 1468 LSI_SAS - ok
09:58:19.0070 1468 LSI_SCSI (f445ff1daad8a226366bfaf42551226b) C:\Windows\system32\drivers\lsi_scsi.sys
09:58:19.0072 1468 LSI_SCSI - ok
09:58:19.0094 1468 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys
09:58:19.0096 1468 luafv - ok
09:58:19.0125 1468 megasas (5c5cd6aaced32fb26c3fb34b3dcf972f) C:\Windows\system32\drivers\megasas.sys
09:58:19.0126 1468 megasas - ok
09:58:19.0154 1468 MegaSR (859bc2436b076c77c159ed694acfe8f8) C:\Windows\system32\drivers\megasr.sys
09:58:19.0170 1468 MegaSR - ok
09:58:19.0195 1468 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys
09:58:19.0196 1468 Modem - ok
09:58:19.0220 1468 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys
09:58:19.0221 1468 monitor - ok
09:58:19.0234 1468 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys
09:58:19.0235 1468 mouclass - ok
09:58:19.0251 1468 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys
09:58:19.0252 1468 mouhid - ok
09:58:19.0268 1468 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys
09:58:19.0269 1468 MountMgr - ok
09:58:19.0333 1468 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys
09:58:19.0334 1468 MpFilter - ok
09:58:19.0359 1468 mpio (f8276eb8698142884498a528dfea8478) C:\Windows\system32\drivers\mpio.sys
09:58:19.0361 1468 mpio - ok
09:58:19.0381 1468 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys
09:58:19.0382 1468 MpNWMon - ok
09:58:19.0405 1468 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys
09:58:19.0406 1468 mpsdrv - ok
09:58:19.0433 1468 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys
09:58:19.0434 1468 Mraid35x - ok
09:58:19.0477 1468 MRxDAV (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys
09:58:19.0479 1468 MRxDAV - ok
09:58:19.0501 1468 mrxsmb (1485811b320ff8c7edad1caebb1c6c2b) C:\Windows\system32\DRIVERS\mrxsmb.sys
09:58:19.0502 1468 mrxsmb - ok
09:58:19.0530 1468 mrxsmb10 (3b929a60c833fc615fd97fba82bc7632) C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:58:19.0534 1468 mrxsmb10 - ok
09:58:19.0543 1468 mrxsmb20 (c64ab3e1f53b4f5b5bb6d796b2d7bec3) C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:58:19.0545 1468 mrxsmb20 - ok
09:58:19.0563 1468 msahci (1ac860612b85d8e85ee257d372e39f4d) C:\Windows\system32\drivers\msahci.sys
09:58:19.0564 1468 msahci - ok
09:58:19.0582 1468 msdsm (264bbb4aaf312a485f0e44b65a6b7202) C:\Windows\system32\drivers\msdsm.sys
09:58:19.0585 1468 msdsm - ok
09:58:19.0615 1468 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys
09:58:19.0616 1468 Msfs - ok
09:58:19.0630 1468 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys
09:58:19.0631 1468 msisadrv - ok
09:58:19.0656 1468 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys
09:58:19.0657 1468 MSKSSRV - ok
09:58:19.0679 1468 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys
09:58:19.0680 1468 MSPCLOCK - ok
09:58:19.0700 1468 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys
09:58:19.0701 1468 MSPQM - ok
09:58:19.0769 1468 MsRPC (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys
09:58:19.0773 1468 MsRPC - ok
09:58:19.0798 1468 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys
09:58:19.0799 1468 mssmbios - ok
09:58:19.0817 1468 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys
09:58:19.0818 1468 MSTEE - ok
09:58:19.0838 1468 Mup (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys
09:58:19.0839 1468 Mup - ok
09:58:19.0882 1468 NativeWifiP (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys
09:58:19.0885 1468 NativeWifiP - ok
09:58:19.0934 1468 NDIS (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys
09:58:19.0951 1468 NDIS - ok
09:58:19.0976 1468 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys
09:58:19.0977 1468 NdisTapi - ok
09:58:19.0994 1468 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys
09:58:19.0995 1468 Ndisuio - ok
09:58:20.0036 1468 NdisWan (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys
09:58:20.0038 1468 NdisWan - ok
09:58:20.0051 1468 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys
09:58:20.0052 1468 NDProxy - ok
09:58:20.0068 1468 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys
09:58:20.0069 1468 NetBIOS - ok
09:58:20.0115 1468 netbt (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys
09:58:20.0119 1468 netbt - ok
09:58:20.0154 1468 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys
09:58:20.0155 1468 nfrd960 - ok
09:58:20.0203 1468 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
09:58:20.0204 1468 NisDrv - ok
09:58:20.0234 1468 Npfs (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys
09:58:20.0235 1468 Npfs - ok
09:58:20.0265 1468 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys
09:58:20.0266 1468 nsiproxy - ok
09:58:20.0335 1468 Ntfs (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys
09:58:20.0360 1468 Ntfs - ok
09:58:20.0382 1468 NTIDrvr (7d397449aaf52b0e7c79b64f6ad4473e) C:\Windows\system32\Drivers\NTIDrvr.sys
09:58:20.0392 1468 NTIDrvr - ok
09:58:20.0409 1468 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys
09:58:20.0410 1468 Null - ok
09:58:20.0449 1468 NVENETFD (98350606682594521d56eccb5d01ecf7) C:\Windows\system32\DRIVERS\nvmfdx64.sys
09:58:20.0460 1468 NVENETFD - ok
09:58:20.0482 1468 NVHDA (6e022d5f44cd8b029cf799807bb31269) C:\Windows\system32\drivers\nvhda64v.sys
09:58:20.0484 1468 NVHDA - ok
09:58:20.0751 1468 nvlddmkm (e55cab397f77d5208db18a78b1b7c0d5) C:\Windows\system32\DRIVERS\nvlddmkm.sys
09:58:20.0849 1468 nvlddmkm - ok
09:58:20.0874 1468 nvraid (2c040b7ada5b06f6facadac8514aa034) C:\Windows\system32\drivers\nvraid.sys
09:58:20.0876 1468 nvraid - ok
09:58:20.0893 1468 nvstor (f7ea0fe82842d05eda3efdd376dbfdba) C:\Windows\system32\drivers\nvstor.sys
09:58:20.0894 1468 nvstor - ok
09:58:20.0913 1468 nvstor64 (581286807b5832503fd700a3217b589f) C:\Windows\system32\DRIVERS\nvstor64.sys
09:58:20.0914 1468 nvstor64 - ok
09:58:20.0944 1468 nv_agp (19067ca93075ef4823e3938a686f532f) C:\Windows\system32\drivers\nv_agp.sys
09:58:20.0946 1468 nv_agp - ok
09:58:20.0954 1468 NwlnkFlt - ok
09:58:20.0963 1468 NwlnkFwd - ok
09:58:21.0006 1468 ohci1394 (b5b1ce65ac15bbd11c0619e3ef7cfc28) C:\Windows\system32\DRIVERS\ohci1394.sys
09:58:21.0007 1468 ohci1394 - ok
09:58:21.0036 1468 Parport (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\drivers\parport.sys
09:58:21.0038 1468 Parport - ok
09:58:21.0075 1468 partmgr (f9b5eda4c17a2be7663f064dbf0fe254) C:\Windows\system32\drivers\partmgr.sys
09:58:21.0076 1468 partmgr - ok
09:58:21.0092 1468 pci (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys
09:58:21.0094 1468 pci - ok
09:58:21.0105 1468 pciide (2657f6c0b78c36d95034be109336e382) C:\Windows\system32\drivers\pciide.sys
09:58:21.0105 1468 pciide - ok
09:58:21.0128 1468 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys
09:58:21.0131 1468 pcmcia - ok
09:58:21.0168 1468 pcouffin (af7ce12c4f3dc8cb2b07685c916bbcfe) C:\Windows\system32\Drivers\pcouffin.sys
09:58:21.0170 1468 pcouffin - ok
09:58:21.0199 1468 Pcouffin64 (a7a134de374e91d931ba211556293b1b) C:\Windows\system32\Drivers\pcouffin64a.sys
09:58:21.0210 1468 Pcouffin64 - ok
09:58:21.0239 1468 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys
09:58:21.0256 1468 PEAUTH - ok
09:58:21.0316 1468 pnarp (f1965ae69fdb4c6d9ffeceb2c12f7898) C:\Windows\system32\DRIVERS\pnarp.sys
09:58:21.0317 1468 pnarp - ok
09:58:21.0369 1468 PptpMiniport (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys
09:58:21.0371 1468 PptpMiniport - ok
09:58:21.0395 1468 Processor (5080e59ecee0bc923f14018803aa7a01) C:\Windows\system32\drivers\processr.sys
09:58:21.0396 1468 Processor - ok
09:58:21.0442 1468 PSched (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys
09:58:21.0443 1468 PSched - ok
09:58:21.0459 1468 PSDFilter (2cfd31d41cde75328acaeee2d4f4b836) C:\Windows\system32\DRIVERS\psdfilter.sys
09:58:21.0459 1468 PSDFilter - ok
09:58:21.0473 1468 PSDNServ (51a585f999672d8bb07f22ae12b40846) C:\Windows\system32\DRIVERS\PSDNServ.sys
09:58:21.0474 1468 PSDNServ - ok
09:58:21.0491 1468 psdvdisk (db50d3f5c31b1a848b04f7f2a6ff2709) C:\Windows\system32\DRIVERS\PSDVdisk.sys
09:58:21.0492 1468 psdvdisk - ok
09:58:21.0534 1468 purendis (ec7333fc339fc6a1f9bb3e50ad9b13c6) C:\Windows\system32\DRIVERS\purendis.sys
09:58:21.0535 1468 purendis - ok
09:58:21.0576 1468 ql2300 (0b83f4e681062f3839be2ec1d98fd94a) C:\Windows\system32\drivers\ql2300.sys
09:58:21.0601 1468 ql2300 - ok
09:58:21.0623 1468 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys
09:58:21.0625 1468 ql40xx - ok
09:58:21.0654 1468 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys
09:58:21.0655 1468 QWAVEdrv - ok
09:58:21.0672 1468 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys
09:58:21.0673 1468 RasAcd - ok
09:58:21.0717 1468 Rasl2tp (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys
09:58:21.0719 1468 Rasl2tp - ok
09:58:21.0768 1468 RasPppoe (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys
09:58:21.0769 1468 RasPppoe - ok
09:58:21.0809 1468 RasSstp (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys
09:58:21.0810 1468 RasSstp - ok
09:58:21.0859 1468 rdbss (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys
09:58:21.0862 1468 rdbss - ok
09:58:21.0887 1468 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys
09:58:21.0888 1468 RDPCDD - ok
09:58:21.0915 1468 rdpdr (c045d1fb111c28df0d1be8d4bda22c06) C:\Windows\system32\drivers\rdpdr.sys
09:58:21.0920 1468 rdpdr - ok
09:58:21.0930 1468 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys
09:58:21.0935 1468 RDPENCDD - ok
09:58:21.0965 1468 RDPWD (b1d741c87cea8d7282146366cc9c3f81) C:\Windows\system32\drivers\RDPWD.sys
09:58:21.0969 1468 RDPWD - ok
09:58:22.0033 1468 RimUsb (5790bca445cc40df8b38c2c48608aac2) C:\Windows\system32\Drivers\RimUsb_AMD64.sys
09:58:22.0034 1468 RimUsb - ok
09:58:22.0064 1468 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys
09:58:22.0066 1468 rspndr - ok
09:58:22.0092 1468 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys
09:58:22.0095 1468 sbp2port - ok
09:58:22.0132 1468 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
09:58:22.0134 1468 secdrv - ok
09:58:22.0158 1468 Serenum (2449316316411d65bd2c761a6ffb2ce2) C:\Windows\system32\DRIVERS\serenum.sys
09:58:22.0159 1468 Serenum - ok
09:58:22.0179 1468 Serial (4b438170be2fc8e0bd35ee87a960f84f) C:\Windows\system32\DRIVERS\serial.sys
09:58:22.0181 1468 Serial - ok
09:58:22.0199 1468 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys
09:58:22.0201 1468 sermouse - ok
09:58:22.0231 1468 sffdisk (14d4b4465193a87c127933978e8c4106) C:\Windows\system32\drivers\sffdisk.sys
09:58:22.0232 1468 sffdisk - ok
09:58:22.0243 1468 sffp_mmc (7073aee3f82f3d598e3825962aa98ab2) C:\Windows\system32\drivers\sffp_mmc.sys
09:58:22.0245 1468 sffp_mmc - ok
09:58:22.0262 1468 sffp_sd (35e59ebe4a01a0532ed67975161c7b82) C:\Windows\system32\drivers\sffp_sd.sys
09:58:22.0263 1468 sffp_sd - ok
09:58:22.0285 1468 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys
09:58:22.0287 1468 sfloppy - ok
09:58:22.0344 1468 SiSRaid2 (7a5de502aeb719d4594c6471060a78b3) C:\Windows\system32\drivers\sisraid2.sys
09:58:22.0346 1468 SiSRaid2 - ok
09:58:22.0360 1468 SiSRaid4 (3a2f769fab9582bc720e11ea1dfb184d) C:\Windows\system32\drivers\sisraid4.sys
09:58:22.0362 1468 SiSRaid4 - ok
09:58:22.0417 1468 Smb (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys
09:58:22.0419 1468 Smb - ok
09:58:22.0474 1468 spldr (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys
09:58:22.0474 1468 spldr - ok
09:58:22.0518 1468 sptd (602884696850c86434530790b110e8eb) C:\Windows\system32\Drivers\sptd.sys
09:58:22.0518 1468 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850c86434530790b110e8eb
09:58:22.0520 1468 sptd ( LockedFile.Multi.Generic ) - warning
09:58:22.0520 1468 sptd - detected LockedFile.Multi.Generic (1)
09:58:22.0557 1468 srv (880a57fccb571ebd063d4dd50e93e46d) C:\Windows\system32\DRIVERS\srv.sys
09:58:22.0561 1468 srv - ok
09:58:22.0591 1468 srv2 (a1ad14a6d7a37891fffeca35ebbb0730) C:\Windows\system32\DRIVERS\srv2.sys
09:58:22.0593 1468 srv2 - ok
09:58:22.0619 1468 srvnet (4bed62f4fa4d8300973f1151f4c4d8a7) C:\Windows\system32\DRIVERS\srvnet.sys
09:58:22.0621 1468 srvnet - ok
09:58:22.0673 1468 ss_bus (d21ff3592daee244ee8376830a672b52) C:\Windows\system32\DRIVERS\ss_bus.sys
09:58:22.0675 1468 ss_bus - ok
09:58:22.0731 1468 ss_mdfl (451db3d10e6112e06b4506d4a7becec1) C:\Windows\system32\DRIVERS\ss_mdfl.sys
09:58:22.0732 1468 ss_mdfl - ok
09:58:22.0767 1468 ss_mdm (ef40c8a268a5263a0ef48fed8e57cbed) C:\Windows\system32\DRIVERS\ss_mdm.sys
09:58:22.0770 1468 ss_mdm - ok
09:58:22.0821 1468 StillCam (14b4db4381e4a55f570d8bb699b791d6) C:\Windows\system32\DRIVERS\serscan.sys
09:58:22.0822 1468 StillCam - ok
09:58:22.0854 1468 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys
09:58:22.0855 1468 swenum - ok
09:58:22.0877 1468 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys
09:58:22.0879 1468 Symc8xx - ok
09:58:22.0909 1468 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys
09:58:22.0910 1468 Sym_hi - ok
09:58:22.0927 1468 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys
09:58:22.0928 1468 Sym_u3 - ok
09:58:23.0020 1468 Tcpip (73bed5067ed53a9df05fa8eab42578d0) C:\Windows\system32\drivers\tcpip.sys
09:58:23.0045 1468 Tcpip - ok
09:58:23.0092 1468 Tcpip6 (73bed5067ed53a9df05fa8eab42578d0) C:\Windows\system32\DRIVERS\tcpip.sys
09:58:23.0103 1468 Tcpip6 - ok
09:58:23.0146 1468 tcpipreg (848f87c604b5e674602498cb51067db6) C:\Windows\system32\drivers\tcpipreg.sys
09:58:23.0148 1468 tcpipreg - ok
09:58:23.0170 1468 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys
09:58:23.0171 1468 TDPIPE - ok
09:58:23.0217 1468 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys
09:58:23.0218 1468 TDTCP - ok
09:58:23.0258 1468 tdx (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys
09:58:23.0259 1468 tdx - ok
09:58:23.0303 1468 TermDD (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys
09:58:23.0304 1468 TermDD - ok
09:58:23.0337 1468 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys
09:58:23.0338 1468 tssecsrv - ok
09:58:23.0370 1468 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys
09:58:23.0371 1468 tunmp - ok
09:58:23.0423 1468 tunnel (30a9b3f45ad081bffc3bcaa9c812b609) C:\Windows\system32\DRIVERS\tunnel.sys
09:58:23.0424 1468 tunnel - ok
09:58:23.0456 1468 uagp35 (fec266ef401966311744bd0f359f7f56) C:\Windows\system32\drivers\uagp35.sys
09:58:23.0458 1468 uagp35 - ok
09:58:23.0483 1468 UBHelper (00c8ce31657624a125fdb90efd554371) C:\Windows\system32\drivers\UBHelper.sys
09:58:23.0484 1468 UBHelper - ok
09:58:23.0531 1468 udfs (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys
09:58:23.0535 1468 udfs - ok
09:58:23.0564 1468 uliagpkx (4ec9447ac3ab462647f60e547208ca00) C:\Windows\system32\drivers\uliagpkx.sys
09:58:23.0565 1468 uliagpkx - ok
09:58:23.0589 1468 uliahci (697f0446134cdc8f99e69306184fbbb4) C:\Windows\system32\drivers\uliahci.sys
09:58:23.0593 1468 uliahci - ok
09:58:23.0613 1468 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys
09:58:23.0616 1468 UlSata - ok
09:58:23.0635 1468 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys
09:58:23.0638 1468 ulsata2 - ok
09:58:23.0657 1468 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys
09:58:23.0658 1468 umbus - ok
09:58:23.0697 1468 usbaudio (c6ba890de6e41857fbe84175519cae7d) C:\Windows\system32\drivers\usbaudio.sys
09:58:23.0699 1468 usbaudio - ok
09:58:23.0731 1468 usbccgp (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys
09:58:23.0733 1468 usbccgp - ok
09:58:23.0753 1468 usbcir (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys
09:58:23.0754 1468 usbcir - ok
09:58:23.0796 1468 usbehci (827e44de934a736ea31e91d353eb126f) C:\Windows\system32\DRIVERS\usbehci.sys
09:58:23.0797 1468 usbehci - ok
09:58:23.0812 1468 usbhub (bb35cd80a2ececfadc73569b3d70c7d1) C:\Windows\system32\DRIVERS\usbhub.sys
09:58:23.0816 1468 usbhub - ok
09:58:23.0833 1468 usbohci (e406b003a354776d317762694956b0fc) C:\Windows\system32\DRIVERS\usbohci.sys
09:58:23.0834 1468 usbohci - ok
09:58:23.0871 1468 usbprint (28b693b6d31e7b9332c1bdcefef228c1) C:\Windows\system32\DRIVERS\usbprint.sys
09:58:23.0872 1468 usbprint - ok
09:58:23.0923 1468 usbscan (ea0bf666868964fbe8cb10e50c97b9f1) C:\Windows\system32\DRIVERS\usbscan.sys
09:58:23.0925 1468 usbscan - ok
09:58:23.0969 1468 USBSTOR (b854c1558fca0c269a38663e8b59b581) C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:58:23.0971 1468 USBSTOR - ok
09:58:24.0004 1468 usbuhci (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys
09:58:24.0005 1468 usbuhci - ok
09:58:24.0238 1468 vga (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys
09:58:24.0239 1468 vga - ok
09:58:24.0355 1468 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys
09:58:24.0356 1468 VgaSave - ok
09:58:24.0384 1468 viaide (8294b6c3fdb6c33f24e150de647ecdaa) C:\Windows\system32\drivers\viaide.sys
09:58:24.0385 1468 viaide - ok
09:58:24.0420 1468 volmgr (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys
09:58:24.0421 1468 volmgr - ok
09:58:24.0513 1468 volmgrx (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys
09:58:24.0521 1468 volmgrx - ok
09:58:24.0627 1468 volsnap (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys
09:58:24.0631 1468 volsnap - ok
09:58:24.0683 1468 vsdatant (f3099c3d724816493df8bbc5168f81cd) C:\Windows\system32\DRIVERS\vsdatant.sys
09:58:24.0687 1468 vsdatant - ok
09:58:24.0698 1468 vsdatant7 - ok
09:58:24.0729 1468 vsmraid (a68f455ed2673835209318dd61bfbb0e) C:\Windows\system32\drivers\vsmraid.sys
09:58:24.0732 1468 vsmraid - ok
09:58:24.0759 1468 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys
09:58:24.0760 1468 WacomPen - ok
09:58:24.0822 1468 Wanarp (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
09:58:24.0824 1468 Wanarp - ok
09:58:24.0829 1468 Wanarpv6 (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
09:58:24.0830 1468 Wanarpv6 - ok
09:58:24.0863 1468 Wd (0c17a0816f65b89e362e682ad5e7266e) C:\Windows\system32\drivers\wd.sys
09:58:24.0864 1468 Wd - ok
09:58:24.0897 1468 Wdf01000 (d02e7e4567da1e7582fbf6a91144b0df) C:\Windows\system32\drivers\Wdf01000.sys
09:58:24.0914 1468 Wdf01000 - ok
09:58:25.0003 1468 WmiAcpi (e18aebaaa5a773fe11aa2c70f65320f5) C:\Windows\system32\DRIVERS\wmiacpi.sys
09:58:25.0004 1468 WmiAcpi - ok
09:58:25.0084 1468 WpdUsb (5e2401b3fc1089c90e081291357371a9) C:\Windows\system32\DRIVERS\wpdusb.sys
09:58:25.0086 1468 WpdUsb - ok
09:58:25.0121 1468 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys
09:58:25.0122 1468 ws2ifsl - ok
09:58:25.0156 1468 WSDPrintDevice (de5f5212ab34221dd1618b5fefe8db6c) C:\Windows\system32\DRIVERS\WSDPrint.sys
09:58:25.0157 1468 WSDPrintDevice - ok
09:58:25.0191 1468 WUDFRd (501a65252617b495c0f1832f908d54d8) C:\Windows\system32\DRIVERS\WUDFRd.sys
09:58:25.0193 1468 WUDFRd - ok
09:58:25.0243 1468 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} (177590b0d2f8be513626bb8c8d6e6a08) C:\Program Files (x86)\Acer Arcade Live\Acer PlayMovie\000.fcl
09:58:25.0244 1468 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} - ok
09:58:25.0266 1468 MBR (0x1B8) (ef932eaa6ef4c94e66a7f6ceec7eb422) \Device\Harddisk0\DR0
09:58:27.0303 1468 \Device\Harddisk0\DR0 - ok
09:58:27.0319 1468 Boot (0x1200) (a49ef2c4ffefa05600f0a27165263afa) \Device\Harddisk0\DR0\Partition0
09:58:27.0320 1468 \Device\Harddisk0\DR0\Partition0 - ok
09:58:27.0336 1468 Boot (0x1200) (4b78ceffadc7e1ff42d05796454a13c6) \Device\Harddisk0\DR0\Partition1
09:58:27.0337 1468 \Device\Harddisk0\DR0\Partition1 - ok
09:58:27.0337 1468 ============================================================
09:58:27.0337 1468 Scan finished
09:58:27.0337 1468 ============================================================
09:58:27.0348 3400 Detected object count: 1
09:58:27.0348 3400 Actual detected object count: 1
09:58:52.0658 3400 sptd ( LockedFile.Multi.Generic ) - skipped by user
09:58:52.0659 3400 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
09:59:03.0842 3264 Deinitialize success

#10 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:12:34 AM

Posted 02 March 2012 - 06:05 AM

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

#11 grumps3

grumps3
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:12:34 AM

Posted 02 March 2012 - 06:18 AM

MiniToolBox by Farbar Version: 18-01-2012
Ran by teflon (administrator) on 02-03-2012 at 11:11:57
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================

NVIDIA nForce 10/100/1000 Mbps Ethernet = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : teflon-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : home

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : NVIDIA nForce 10/100/1000 Mbps Ethernet
Physical Address. . . . . . . . . : 00-21-97-64-CF-C5
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::205f:69b5:922b:3efd%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.71(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : 02 March 2012 09:09:41
Lease Expires . . . . . . . . . . : 03 March 2012 09:09:40
Default Gateway . . . . . . . . . : 192.168.1.254
DHCP Server . . . . . . . . . . . : 192.168.1.254
DHCPv6 IAID . . . . . . . . . . . : 218111632
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-0C-BD-C4-3D-00-21-97-64-CF-C5
DNS Servers . . . . . . . . . . . : 192.168.1.254
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 6:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : isatap.home
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.1.254

Name: google.com
Addresses: 173.194.41.110
173.194.41.101
173.194.41.103
173.194.41.102
173.194.41.105
173.194.41.98
173.194.41.96
173.194.41.97
173.194.41.99
173.194.41.100
173.194.41.104



Pinging google.com [173.194.41.99] with 32 bytes of data:

Reply from 173.194.41.99: bytes=32 time=47ms TTL=52

Reply from 173.194.41.99: bytes=32 time=30ms TTL=52



Ping statistics for 173.194.41.99:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 30ms, Maximum = 47ms, Average = 38ms

Server: api.home
Address: 192.168.1.254

Name: yahoo.com
Addresses: 209.191.122.70
98.139.127.62
98.139.183.24



Pinging yahoo.com [98.139.127.62] with 32 bytes of data:

Reply from 98.139.127.62: bytes=32 time=290ms TTL=44

Reply from 98.139.127.62: bytes=32 time=348ms TTL=44



Ping statistics for 98.139.127.62:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 290ms, Maximum = 348ms, Average = 319ms

Server: api.home
Address: 192.168.1.254

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:

Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time=11ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 11ms, Average = 5ms

===========================================================================
Interface List
10 ...00 21 97 64 cf c5 ...... NVIDIA nForce 10/100/1000 Mbps Ethernet
1 ........................... Software Loopback Interface 1
12 ...00 00 00 00 00 00 00 e0 isatap.home
11 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.71 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.71 276
192.168.1.71 255.255.255.255 On-link 192.168.1.71 276
192.168.1.255 255.255.255.255 On-link 192.168.1.71 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.71 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.71 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
10 276 fe80::/64 On-link
10 276 fe80::205f:69b5:922b:3efd/128
On-link
1 306 ff00::/8 On-link
10 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None

========================= Event log errors: ===============================

Application errors:
==================
Error: (03/01/2012 10:02:52 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Details:
AddWin32ServiceFiles: Unable to back up image of service getPlusHelper since QueryServiceConfig API failed

System Error:
The system cannot find the file specified.

Error: (03/01/2012 05:25:37 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Details:
AddWin32ServiceFiles: Unable to back up image of service getPlusHelper since QueryServiceConfig API failed

System Error:
The system cannot find the file specified.

Error: (02/29/2012 10:03:42 PM) (Source: Application Hang) (User: )
Description: The program MSASCui.exe version 1.1.1600.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: fd0
Start Time: 01ccf72dbe839df0
Termination Time: 0

Error: (02/29/2012 09:33:19 PM) (Source: EventSystem) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (02/29/2012 07:54:51 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Details:
AddWin32ServiceFiles: Unable to back up image of service getPlusHelper since QueryServiceConfig API failed

System Error:
The system cannot find the file specified.

Error: (02/29/2012 06:36:19 PM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 0.0.0.0, time stamp 0x4d334d98, faulting module iexplore.exe, version 0.0.0.0, time stamp 0x4d334d98, exception code 0x40000015, fault offset 0x0008cb40,
process id 0x464, application start time 0xiexplore.exe0.

Error: (02/29/2012 06:35:38 PM) (Source: Microsoft Security Client Setup) (User: teflon)teflon
Description: HRESULT:0x8004FF11
Description:Can’t install Microsoft Security Essentials on a computer running in safe mode. Your computer is currently running in safe mode. To install Security Essentials, your computer must be running in normal mode. Please restart your computer in normal mode, and then try to run the Security Essentials Setup Wizard again. Error code:0x8004FF11.

Error: (02/29/2012 06:34:04 PM) (Source: EventSystem) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (02/29/2012 05:16:06 PM) (Source: EventSystem) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (02/29/2012 04:05:12 PM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 0.0.0.0, time stamp 0x4d334d98, faulting module iexplore.exe, version 0.0.0.0, time stamp 0x4d334d98, exception code 0x40000015, fault offset 0x0008cb40,
process id 0x1e8, application start time 0xiexplore.exe0.


System errors:
=============
Error: (03/02/2012 09:11:18 AM) (Source: Service Control Manager) (User: )
Description: Lavasoft Ad-Aware Service%%3

Error: (03/02/2012 09:10:02 AM) (Source: Microsoft Antimalware) (User: )
Description: %%860 Real-Time Protection feature has encountered an error and failed.

Feature: %%835

Error Code: 0x80004005

Error description: Unspecified error

Reason: %%842

Error: (03/02/2012 09:09:54 AM) (Source: Print) (User: SYSTEM)
Description: The print spooler failed to share printer HP Deskjet 3050 J610 series with shared resource name HPDeskjet3~7. Error 2114. The printer cannot be used by others on the network.

Error: (03/01/2012 05:09:52 PM) (Source: nvstor64) (User: )
Description: A parity error was detected on \Device\RaidPort0.

Error: (02/29/2012 09:57:59 PM) (Source: Microsoft Antimalware) (User: )
Description: %%860 Real-Time Protection feature has encountered an error and failed.

Feature: %%835

Error Code: 0x80004005

Error description: Unspecified error

Reason: %%842

Error: (02/29/2012 09:57:50 PM) (Source: Service Control Manager) (User: )
Description: Lavasoft Ad-Aware Service%%3

Error: (02/29/2012 09:57:33 PM) (Source: Print) (User: SYSTEM)
Description: The print spooler failed to share printer HP Deskjet 3050 J610 series with shared resource name HPDeskjet3~7. Error 2114. The printer cannot be used by others on the network.

Error: (02/29/2012 09:33:31 PM) (Source: Service Control Manager) (User: )
Description: i8042prt
MpFilter
spldr
sptd
Wanarpv6

Error: (02/29/2012 09:33:31 PM) (Source: Service Control Manager) (User: )
Description: Windows Media Center Extender ServiceFunction Discovery Provider Host%%1068

Error: (02/29/2012 09:33:31 PM) (Source: Service Control Manager) (User: )
Description: PnP-X IP Bus EnumeratorFunction Discovery Provider Host%%1068


Microsoft Office Sessions:
=========================
Error: (03/01/2012 10:02:52 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: Details:
AddWin32ServiceFiles: Unable to back up image of service getPlusHelper since QueryServiceConfig API failed

System Error:
The system cannot find the file specified.

Error: (03/01/2012 05:25:37 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: Details:
AddWin32ServiceFiles: Unable to back up image of service getPlusHelper since QueryServiceConfig API failed

System Error:
The system cannot find the file specified.

Error: (02/29/2012 10:03:42 PM) (Source: Application Hang)(User: )
Description: MSASCui.exe1.1.1600.0fd001ccf72dbe839df00

Error: (02/29/2012 09:33:19 PM) (Source: EventSystem)(User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (02/29/2012 07:54:51 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: Details:
AddWin32ServiceFiles: Unable to back up image of service getPlusHelper since QueryServiceConfig API failed

System Error:
The system cannot find the file specified.

Error: (02/29/2012 06:36:19 PM) (Source: Application Error)(User: )
Description: iexplore.exe0.0.0.04d334d98iexplore.exe0.0.0.04d334d98400000150008cb4046401ccf711067fdcbb

Error: (02/29/2012 06:35:38 PM) (Source: Microsoft Security Client Setup)(User: teflon)teflon
Description: HRESULT:0x8004FF11
Description:Can’t install Microsoft Security Essentials on a computer running in safe mode. Your computer is currently running in safe mode. To install Security Essentials, your computer must be running in normal mode. Please restart your computer in normal mode, and then try to run the Security Essentials Setup Wizard again. Error code:0x8004FF11.

Error: (02/29/2012 06:34:04 PM) (Source: EventSystem)(User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (02/29/2012 05:16:06 PM) (Source: EventSystem)(User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (02/29/2012 04:05:12 PM) (Source: Application Error)(User: )
Description: iexplore.exe0.0.0.04d334d98iexplore.exe0.0.0.04d334d98400000150008cb401e801ccf6fbea778510


=========================== Installed Programs ============================

64 Bit HP CIO Components Installer (Version: 2.2.5)
Adobe Flash Player 11 Plugin 64-bit (Version: 11.1.102.55)
Adobe Photoshop Lightroom 2.1 64-bit (Version: 2.1.1)
Apple Mobile Device Support (Version: 3.0.1.3)
CCleaner (Version: 3.14)
HitmanPro 3.6 (Version: 3.6.0.146)
HP Deskjet 3050 J610 series Basic Device Software (Version: 22.0.334.0)
HP Deskjet 3050 J610 series Product Improvement Study (Version: 22.0.334.0)
iTunes (Version: 9.1.1.12)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Antimalware (Version: 3.0.8402.2)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Security Client (Version: 2.1.1116.0)
Microsoft Security Essentials (Version: 2.1.1116.0)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
NVIDIA Control Panel 275.33 (Version: 275.33)
NVIDIA Display Control Panel (Version: 6.14.12.5896)
NVIDIA Drivers (Version: 1.10.62.40)
NVIDIA Graphics Driver 275.33 (Version: 275.33)
NVIDIA Install Application (Version: 2.275.78.0)
NVIDIA Update 1.3.5 (Version: 1.3.5)
NVIDIA Update Components (Version: 1.3.5)
PE585QAEncoder-64 (Version: 6.00.1918)
PVSonyDll (Version: 1.00.0001)
SAMSUNG USB Driver for Mobile Phones (Version: 1.4.2.2)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live MIME IFilter (Version: 15.4.3502.0922)

========================= Memory info: ===================================

Percentage of memory in use: 38%
Total physical RAM: 4094.32 MB
Available physical RAM: 2519.8 MB
Total Pagefile: 8405.89 MB
Available Pagefile: 6620.37 MB
Total Virtual: 4095.88 MB
Available Virtual: 3996.67 MB

========================= Partitions: =====================================

1 Drive c: (ACER) (Fixed) (Total:140.16 GB) (Free:2.42 GB) NTFS
2 Drive d: (DATA) (Fixed) (Total:142.93 GB) (Free:16.33 GB) NTFS

========================= Users: ========================================

User accounts for \\TEFLON-PC

Administrator editted Guest
Jenny Mark teflon
UpdatusUser


**** End of log ****

Edited by grumps3, 02 March 2012 - 06:58 AM.


#12 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:12:34 AM

Posted 02 March 2012 - 02:33 PM

Please follow the instructions in ==>Malware Removal and Log Section Preparation Guide<==.

Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include the link to this topic in your new topic and a description of your computer issues and what you have done to resolve them.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

Once you have created the new topic, please reply back here with a link to the new topic.

Most importantly please be patient till you get a reply to your topic. If you receive a reply from the HelpBot, then please follow the instructions outlined in the helpbot's post.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users