Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

malware infection


  • Please log in to reply
12 replies to this topic

#1 flymanmt

flymanmt

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:06:44 PM

Posted 01 February 2013 - 01:00 PM

I believe I have been infected with malware on registry, and have no idea what to do. I tried to scan an image on my printer and it will not scan so that leads me to believe the malware issue. Can someone please help me :wacko: .

Edit: Moved topic from Virus, Trojan, Spyware, and Malware Removal Logs to the more appropriate forum, due to the absence of any malware logs included in the topic.

Roger

Edited by rotor123, 01 February 2013 - 01:08 PM.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:44 PM

Posted 01 February 2013 - 01:10 PM

Hello, lets get look.


MiniToolBox
Please download MiniToolBox, save it to your desktop and run it.Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

>>>

Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

>>>

ADW Cleaner

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

>>>>

I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image
      icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

NOTE:Sometimes if ESET finds no infections it will not create a log.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 flymanmt

flymanmt
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:06:44 PM

Posted 01 February 2013 - 01:18 PM

Do I just copy and paste the result of the minitool box or how do I put it on here as an attachment?

#4 flymanmt

flymanmt
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:06:44 PM

Posted 01 February 2013 - 01:47 PM

MiniToolBox by Farbar Version:10-01-2013
Ran by Long (administrator) on 01-02-2013 at 12:14:31
Running from "C:\Users\Long\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5BENIG4X"
Windows Vista ™ Business Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================

Broadcom NetXtreme 57xx Gigabit Controller = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : 8FSN2F1
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom NetXtreme 57xx Gigabit Controller
Physical Address. . . . . . . . . : 00-1A-A0-A5-2F-08
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::a942:e901:2f48:b47c%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.100(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Friday, January 18, 2013 10:16:51 PM
Lease Expires . . . . . . . . . . : Friday, February 01, 2013 1:17:41 PM
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 234887840
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-A8-7A-7F-00-1A-A0-A5-2F-08
DNS Servers . . . . . . . . . . . : 192.168.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 7:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:1050:2ab:3f57:ff9b(Preferred)
Link-local IPv6 Address . . . . . : fe80::1050:2ab:3f57:ff9b%11(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 6TO4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{F7A50C5F-9E21-448A-9B3A-0DEC0E11E6EF}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 192.168.0.1

Name: google.com
Addresses: 2001:4860:4002:801::1008
74.125.225.230
74.125.225.231
74.125.225.232
74.125.225.233
74.125.225.238
74.125.225.224
74.125.225.225
74.125.225.226
74.125.225.227
74.125.225.228
74.125.225.229



Pinging google.com [173.194.46.9] with 32 bytes of data:

Reply from 173.194.46.9: bytes=32 time=14ms TTL=52

Reply from 173.194.46.9: bytes=32 time=15ms TTL=52



Ping statistics for 173.194.46.9:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 14ms, Maximum = 15ms, Average = 14ms

Server: UnKnown
Address: 192.168.0.1

Name: yahoo.com
Addresses: 98.139.183.24
206.190.36.45
98.138.253.109



Pinging yahoo.com [206.190.36.45] with 32 bytes of data:

Reply from 206.190.36.45: bytes=32 time=125ms TTL=48

Reply from 206.190.36.45: bytes=32 time=97ms TTL=48



Ping statistics for 206.190.36.45:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 97ms, Maximum = 125ms, Average = 111ms



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
10 ...00 1a a0 a5 2f 08 ...... Broadcom NetXtreme 57xx Gigabit Controller
1 ........................... Software Loopback Interface 1
11 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
12 ...00 00 00 00 00 00 00 e0 6TO4 Adapter
13 ...00 00 00 00 00 00 00 e0 isatap.{F7A50C5F-9E21-448A-9B3A-0DEC0E11E6EF}
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.100 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.100 276
192.168.0.100 255.255.255.255 On-link 192.168.0.100 276
192.168.0.255 255.255.255.255 On-link 192.168.0.100 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.100 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.100 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
11 18 ::/0 On-link
1 306 ::1/128 On-link
11 18 2001::/32 On-link
11 266 2001:0:9d38:6ab8:1050:2ab:3f57:ff9b/128
On-link
10 276 fe80::/64 On-link
11 266 fe80::/64 On-link
11 266 fe80::1050:2ab:3f57:ff9b/128
On-link
10 276 fe80::a942:e901:2f48:b47c/128
On-link
1 306 ff00::/8 On-link
11 266 ff00::/8 On-link
10 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [19968] (Microsoft Corporation)
Catalog9 01 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [260384] (Avira Operations GmbH & Co. KG)
Catalog9 02 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [260384] (Avira Operations GmbH & Co. KG)
Catalog9 03 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [260384] (Avira Operations GmbH & Co. KG)
Catalog9 04 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [260384] (Avira Operations GmbH & Co. KG)
Catalog9 05 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [260384] (Avira Operations GmbH & Co. KG)
Catalog9 06 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [260384] (Avira Operations GmbH & Co. KG)
Catalog9 07 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [260384] (Avira Operations GmbH & Co. KG)
Catalog9 08 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [260384] (Avira Operations GmbH & Co. KG)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 29 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [260384] (Avira Operations GmbH & Co. KG)

========================= Event log errors: ===============================

Application errors:
==================
Error: (02/01/2013 11:14:21 AM) (Source: Application Hang) (User: )
Description: The program bfgclient.exe version 3.0.1.60 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: 1588
Start Time: 01ce009f82cbfdd0
Termination Time: 5

Error: (01/31/2013 09:48:30 PM) (Source: Application Error) (User: )
Description: Faulting application Updater.exe, version 1.1.3.6, time stamp 0x510445cc, faulting module Updater.exe, version 1.1.3.6, time stamp 0x510445cc, exception code 0xc0000005, fault offset 0x00002517,
process id 0x15d0, application start time 0xUpdater.exe0.

Error: (01/29/2013 07:53:20 PM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 9.0.8112.16457, time stamp 0x50a2f9e3, faulting module ntdll.dll, version 6.0.6002.18541, time stamp 0x4ec3e3d5, exception code 0xc0000005, fault offset 0x000665c9,
process id 0x5fc, application start time 0xiexplore.exe0.

Error: (01/20/2013 05:35:40 AM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 9.0.8112.16457, time stamp 0x50a2f9e3, faulting module ntdll.dll, version 6.0.6002.18541, time stamp 0x4ec3e3d5, exception code 0xc0000005, fault offset 0x000665c9,
process id 0x210, application start time 0xiexplore.exe0.

Error: (01/18/2013 10:17:08 PM) (Source: Windows Search Service) (User: )
Description: The application cannot be initialized.

Context: Windows Application


Details:
The registry value cannot be read because the configuration is invalid. Recreate the content index configuration by removing the content index. (0x80040d03)

Error: (01/18/2013 10:17:08 PM) (Source: Windows Search Service) (User: )
Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog


Details:
The registry value cannot be read because the configuration is invalid. Recreate the content index configuration by removing the content index. (0x80040d03)

Error: (01/18/2013 10:17:04 PM) (Source: Windows Search Service) (User: )
Description: The gatherer is unable to read the registry DocIdMapFile.

Context: Application, SystemIndex Catalog


Details:
The system cannot find the file specified. (0x80070002)

Error: (01/13/2013 08:25:04 PM) (Source: Windows Search Service) (User: )
Description: The application cannot be initialized.

Context: Windows Application


Details:
The registry value cannot be read because the configuration is invalid. Recreate the content index configuration by removing the content index. (0x80040d03)

Error: (01/13/2013 08:25:04 PM) (Source: Windows Search Service) (User: )
Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog


Details:
The registry value cannot be read because the configuration is invalid. Recreate the content index configuration by removing the content index. (0x80040d03)

Error: (01/13/2013 08:24:56 PM) (Source: Windows Search Service) (User: )
Description: The gatherer is unable to read the registry DocIdMapFile.

Context: Application, SystemIndex Catalog


Details:
The system cannot find the file specified. (0x80070002)


System errors:
=============
Error: (01/28/2013 06:41:01 PM) (Source: Print) (User: 8FSN2F1)
Description: The document http://www.sciencedaily.com/articles/c/climate.htm, owned by Long, failed to print on printer Canon MP210 series Printer. Try to print the document again, or restart the print spooler.
Data type: NT EMF 1.008. Size of the spool file in bytes: 5627680. Number of bytes printed: 4685100. Total number of pages in the document: 3. Number of pages printed: 0. Client computer: \\8FSN2F1. Win32 error code returned by the print processor: http://www.sciencedaily.com/articles/c/climate.htm0. http://www.sciencedaily.com/articles/c/climate.htm1

Error: (01/28/2013 06:39:22 PM) (Source: Print) (User: 8FSN2F1)
Description: The document http://www.sciencedaily.com/articles/c/climate_model.htm, owned by Long, failed to print on printer Canon MP210 series Printer. Try to print the document again, or restart the print spooler.
Data type: NT EMF 1.008. Size of the spool file in bytes: 1114112. Number of bytes printed: 828024. Total number of pages in the document: 2. Number of pages printed: 0. Client computer: \\8FSN2F1. Win32 error code returned by the print processor: http://www.sciencedaily.com/articles/c/climate_model.htm0. http://www.sciencedaily.com/articles/c/climate_model.htm1

Error: (01/28/2013 06:38:34 PM) (Source: Print) (User: 8FSN2F1)
Description: The document http://www.sciencedaily.com/articles/c/climate_model.htm, owned by Long, failed to print on printer Canon MP210 series Printer. Try to print the document again, or restart the print spooler.
Data type: NT EMF 1.008. Size of the spool file in bytes: 1114112. Number of bytes printed: 828024. Total number of pages in the document: 2. Number of pages printed: 0. Client computer: \\8FSN2F1. Win32 error code returned by the print processor: http://www.sciencedaily.com/articles/c/climate_model.htm0. http://www.sciencedaily.com/articles/c/climate_model.htm1

Error: (01/28/2013 06:37:51 PM) (Source: Print) (User: 8FSN2F1)
Description: The document http://www.sciencedaily.com/articles/c/climate_model.htm, owned by Long, failed to print on printer Canon MP210 series Printer. Try to print the document again, or restart the print spooler.
Data type: NT EMF 1.008. Size of the spool file in bytes: 1114112. Number of bytes printed: 828024. Total number of pages in the document: 2. Number of pages printed: 0. Client computer: \\8FSN2F1. Win32 error code returned by the print processor: http://www.sciencedaily.com/articles/c/climate_model.htm0. http://www.sciencedaily.com/articles/c/climate_model.htm1

Error: (01/28/2013 06:35:57 PM) (Source: Print) (User: 8FSN2F1)
Description: The document http://www.sciencedaily.com/articles/c/climate_model.htm, owned by Long, failed to print on printer Canon MP210 series Printer. Try to print the document again, or restart the print spooler.
Data type: NT EMF 1.008. Size of the spool file in bytes: 836772. Number of bytes printed: 826400. Total number of pages in the document: 2. Number of pages printed: 0. Client computer: \\8FSN2F1. Win32 error code returned by the print processor: http://www.sciencedaily.com/articles/c/climate_model.htm0. http://www.sciencedaily.com/articles/c/climate_model.htm1

Error: (01/18/2013 10:18:32 PM) (Source: Service Control Manager) (User: )
Description: 1Restart the serviceWindows Search%%1056

Error: (01/18/2013 10:18:32 PM) (Source: Service Control Manager) (User: )
Description: Windows Search%%1053

Error: (01/18/2013 10:18:32 PM) (Source: Service Control Manager) (User: )
Description: 30000Windows Search

Error: (01/18/2013 10:18:32 PM) (Source: Service Control Manager) (User: )
Description: Windows Search1300001Restart the service

Error: (01/18/2013 10:18:32 PM) (Source: Service Control Manager) (User: )
Description: Windows Search2147749155 (0x80040D23)


Microsoft Office Sessions:
=========================
Error: (02/01/2013 11:14:21 AM) (Source: Application Hang)(User: )
Description: bfgclient.exe3.0.1.60158801ce009f82cbfdd05

Error: (01/31/2013 09:48:30 PM) (Source: Application Error)(User: )
Description: Updater.exe1.1.3.6510445ccUpdater.exe1.1.3.6510445ccc00000050000251715d001ce002eca178e00

Error: (01/29/2013 07:53:20 PM) (Source: Application Error)(User: )
Description: iexplore.exe9.0.8112.1645750a2f9e3ntdll.dll6.0.6002.185414ec3e3d5c0000005000665c95fc01cdfe75ed628d20

Error: (01/20/2013 05:35:40 AM) (Source: Application Error)(User: )
Description: iexplore.exe9.0.8112.1645750a2f9e3ntdll.dll6.0.6002.185414ec3e3d5c0000005000665c921001cdf7017f0f9cd0

Error: (01/18/2013 10:17:08 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application


Details:
The registry value cannot be read because the configuration is invalid. Recreate the content index configuration by removing the content index. (0x80040d03)

Error: (01/18/2013 10:17:08 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog


Details:
The registry value cannot be read because the configuration is invalid. Recreate the content index configuration by removing the content index. (0x80040d03)

Error: (01/18/2013 10:17:04 PM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog


Details:
The system cannot find the file specified. (0x80070002)
DocIdMapFile

Error: (01/13/2013 08:25:04 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application


Details:
The registry value cannot be read because the configuration is invalid. Recreate the content index configuration by removing the content index. (0x80040d03)

Error: (01/13/2013 08:25:04 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog


Details:
The registry value cannot be read because the configuration is invalid. Recreate the content index configuration by removing the content index. (0x80040d03)

Error: (01/13/2013 08:24:56 PM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog


Details:
The system cannot find the file specified. (0x80070002)
DocIdMapFile


=========================== Installed Programs ============================

Adobe Flash Player 11 ActiveX (Version: 11.5.502.146)
Adobe Flash Player 11 Plugin (Version: 11.5.502.146)
Adobe Reader X (10.1.5) (Version: 10.1.5)
Avira Antivirus Premium (Version: 13.0.0.2890)
Big Fish Games: Game Manager (Version: 3.0.1.60)
CCleaner (Version: 3.26)
Download Updater (AOL Inc.)
Flash Player Pro V5.4
Free Window Registry Repair
Graboid Video 3.58 (Version: 3.58)
Graboid Video 3.58 Setup (Version: 3.5.8)
Java 7 Update 11 (Version: 7.0.110)
Java Auto Updater (Version: 2.1.9.0)
K-Lite Mega Codec Pack 8.9.5 (Version: 8.9.5)
LibreOffice 3.6 (Version: 3.6.4.3)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft VC9 runtime libraries (Version: 2.0.0)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Photo Explosion (Version: 4.0.0.12)
Pure Hidden
Software Version Updater (Version: 1.1.3.6)
SoundMAX (Version: 6.10.1.7265)
Strongvault Online Backup (Version: 5.0.2.34)
System Requirements Lab CYRI (Version: 4.5.1.0)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
VLC media player 1.0.1 (Version: 1.0.1)
Yahoo! Software Update
Yahoo! Toolbar

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 57%
Total physical RAM: 2036.88 MB
Available physical RAM: 859.66 MB
Total Pagefile: 4323.05 MB
Available Pagefile: 2739.21 MB
Total Virtual: 2047.88 MB
Available Virtual: 1950.23 MB

========================= Partitions: =====================================

1 Drive c: (OSDisk) (Fixed) (Total:74.5 GB) (Free:40.87 GB) NTFS

========================= Users: ========================================

User accounts for \\8FSN2F1

Administrator Guest Long

========================= Minidump Files ==================================

No minidump file found

========================= Restore Points ==================================

22-01-2013 06:00:01 Scheduled Checkpoint
22-01-2013 07:44:28 Windows Update
23-01-2013 06:00:04 Scheduled Checkpoint
24-01-2013 06:00:02 Scheduled Checkpoint
25-01-2013 06:00:03 Scheduled Checkpoint
26-01-2013 06:01:48 Scheduled Checkpoint
27-01-2013 06:05:11 Scheduled Checkpoint
28-01-2013 06:00:04 Scheduled Checkpoint
29-01-2013 06:00:04 Scheduled Checkpoint
29-01-2013 07:44:33 Windows Update
30-01-2013 07:16:42 Scheduled Checkpoint
31-01-2013 06:00:05 Scheduled Checkpoint
01-02-2013 06:00:04 Scheduled Checkpoint

**** End of log ****

#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:44 PM

Posted 01 February 2013 - 08:09 PM

Post the other 2 logs when you can.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 flymanmt

flymanmt
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:06:44 PM

Posted 04 February 2013 - 02:35 PM

12:38:25.0943 1088 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
12:38:26.0633 1088 ============================================================
12:38:26.0633 1088 Current date / time: 2013/02/01 12:38:26.0633
12:38:26.0633 1088 SystemInfo:
12:38:26.0633 1088
12:38:26.0633 1088 OS Version: 6.0.6002 ServicePack: 2.0
12:38:26.0633 1088 Product type: Workstation
12:38:26.0633 1088 ComputerName: 8FSN2F1
12:38:26.0634 1088 UserName: Long
12:38:26.0634 1088 Windows directory: C:\Windows
12:38:26.0634 1088 System windows directory: C:\Windows
12:38:26.0634 1088 Processor architecture: Intel x86
12:38:26.0634 1088 Number of processors: 2
12:38:26.0634 1088 Page size: 0x1000
12:38:26.0634 1088 Boot type: Normal boot
12:38:26.0634 1088 ============================================================
12:38:27.0458 1088 Drive \Device\Harddisk0\DR0 - Size: 0x12A05F2000 (74.51 Gb), SectorSize: 0x200, Cylinders: 0x25FE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
12:38:27.0460 1088 ============================================================
12:38:27.0460 1088 \Device\Harddisk0\DR0:
12:38:27.0460 1088 MBR partitions:
12:38:27.0460 1088 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x9501800
12:38:27.0460 1088 ============================================================
12:38:27.0482 1088 C: <-> \Device\Harddisk0\DR0\Partition1
12:38:27.0482 1088 ============================================================
12:38:27.0482 1088 Initialize success
12:38:27.0482 1088 ============================================================
12:38:50.0374 5184 ============================================================
12:38:50.0374 5184 Scan started
12:38:50.0374 5184 Mode: Manual;
12:38:50.0374 5184 ============================================================
12:38:51.0568 5184 ================ Scan system memory ========================
12:38:51.0569 5184 System memory - ok
12:38:51.0569 5184 ================ Scan services =============================
12:38:51.0699 5184 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
12:38:51.0704 5184 ACPI - ok
12:38:51.0745 5184 [ 3D1A93075C03F6840C0C0AF5B9CA289C ] ADIHdAudAddService C:\Windows\system32\drivers\ADIHdAud.sys
12:38:51.0752 5184 ADIHdAudAddService - ok
12:38:51.0827 5184 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
12:38:51.0829 5184 AdobeARMservice - ok
12:38:51.0864 5184 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
12:38:51.0866 5184 AdobeFlashPlayerUpdateSvc - ok
12:38:51.0906 5184 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
12:38:51.0912 5184 adp94xx - ok
12:38:51.0931 5184 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
12:38:51.0936 5184 adpahci - ok
12:38:51.0962 5184 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
12:38:51.0965 5184 adpu160m - ok
12:38:51.0994 5184 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
12:38:51.0998 5184 adpu320 - ok
12:38:52.0033 5184 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:38:52.0034 5184 AeLookupSvc - ok
12:38:52.0069 5184 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
12:38:52.0074 5184 AFD - ok
12:38:52.0103 5184 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
12:38:52.0106 5184 agp440 - ok
12:38:52.0147 5184 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
12:38:52.0150 5184 aic78xx - ok
12:38:52.0171 5184 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
12:38:52.0173 5184 ALG - ok
12:38:52.0193 5184 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
12:38:52.0195 5184 aliide - ok
12:38:52.0229 5184 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
12:38:52.0232 5184 amdagp - ok
12:38:52.0252 5184 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
12:38:52.0253 5184 amdide - ok
12:38:52.0287 5184 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
12:38:52.0289 5184 AmdK7 - ok
12:38:52.0302 5184 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
12:38:52.0305 5184 AmdK8 - ok
12:38:52.0373 5184 [ 05EBF798D6A8AB74B4923E49B5681741 ] AntiVirMailService C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
12:38:52.0380 5184 AntiVirMailService - ok
12:38:52.0414 5184 [ EC974E0B4C5290E695F4D99A3571864B ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
12:38:52.0416 5184 AntiVirSchedulerService - ok
12:38:52.0445 5184 [ 0CA64AC331DA61CCE0FD2C8FBA129F30 ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
12:38:52.0447 5184 AntiVirService - ok
12:38:52.0490 5184 [ 18BF884CB5B2F3B36EB82A1A2D00E934 ] AntiVirWebService C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
12:38:52.0508 5184 AntiVirWebService - ok
12:38:52.0544 5184 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
12:38:52.0545 5184 Appinfo - ok
12:38:52.0576 5184 [ 0FE769CAE5855B53C90E23F85E7E89FF ] AppMgmt C:\Windows\System32\appmgmts.dll
12:38:52.0579 5184 AppMgmt - ok
12:38:52.0609 5184 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
12:38:52.0612 5184 arc - ok
12:38:52.0623 5184 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
12:38:52.0626 5184 arcsas - ok
12:38:52.0717 5184 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
12:38:52.0719 5184 aspnet_state - ok
12:38:52.0741 5184 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:38:52.0746 5184 AsyncMac - ok
12:38:52.0773 5184 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
12:38:52.0773 5184 atapi - ok
12:38:52.0801 5184 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:38:52.0806 5184 AudioEndpointBuilder - ok
12:38:52.0814 5184 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
12:38:52.0817 5184 Audiosrv - ok
12:38:52.0856 5184 [ D57E60FF40E858B653C404605BBDD6FC ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
12:38:52.0859 5184 avgntflt - ok
12:38:52.0889 5184 [ 0189056DDBF23C7DEF09D2B5999C5405 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
12:38:52.0893 5184 avipbb - ok
12:38:52.0933 5184 [ 5BE9B023D7917E6B51FC402DE06819B4 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
12:38:52.0935 5184 avkmgr - ok
12:38:52.0975 5184 [ 502F1C30BD50B32D00CE4DCAECC3D3C7 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
12:38:52.0979 5184 b57nd60x - ok
12:38:53.0021 5184 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
12:38:53.0023 5184 Beep - ok
12:38:53.0072 5184 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
12:38:53.0077 5184 BFE - ok
12:38:53.0120 5184 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll
12:38:53.0145 5184 BITS - ok
12:38:53.0163 5184 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
12:38:53.0165 5184 blbdrive - ok
12:38:53.0201 5184 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:38:53.0204 5184 bowser - ok
12:38:53.0222 5184 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
12:38:53.0223 5184 BrFiltLo - ok
12:38:53.0237 5184 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
12:38:53.0238 5184 BrFiltUp - ok
12:38:53.0261 5184 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
12:38:53.0264 5184 Browser - ok
12:38:53.0292 5184 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
12:38:53.0295 5184 Brserid - ok
12:38:53.0313 5184 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
12:38:53.0316 5184 BrSerWdm - ok
12:38:53.0337 5184 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
12:38:53.0339 5184 BrUsbMdm - ok
12:38:53.0351 5184 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
12:38:53.0353 5184 BrUsbSer - ok
12:38:53.0385 5184 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
12:38:53.0388 5184 BTHMODEM - ok
12:38:53.0414 5184 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:38:53.0416 5184 cdfs - ok
12:38:53.0438 5184 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
12:38:53.0441 5184 cdrom - ok
12:38:53.0469 5184 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
12:38:53.0471 5184 CertPropSvc - ok
12:38:53.0494 5184 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys
12:38:53.0496 5184 circlass - ok
12:38:53.0524 5184 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
12:38:53.0529 5184 CLFS - ok
12:38:53.0576 5184 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:38:53.0579 5184 clr_optimization_v2.0.50727_32 - ok
12:38:53.0606 5184 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:38:53.0609 5184 clr_optimization_v4.0.30319_32 - ok
12:38:53.0638 5184 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:38:53.0639 5184 cmdide - ok
12:38:53.0659 5184 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\drivers\compbatt.sys
12:38:53.0661 5184 Compbatt - ok
12:38:53.0667 5184 COMSysApp - ok
12:38:53.0687 5184 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
12:38:53.0689 5184 crcdisk - ok
12:38:53.0714 5184 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
12:38:53.0716 5184 Crusoe - ok
12:38:53.0755 5184 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:38:53.0758 5184 CryptSvc - ok
12:38:53.0778 5184 [ 9BDB2E89BE8D0EF37B1F25C3D3FC192C ] CSC C:\Windows\system32\drivers\csc.sys
12:38:53.0785 5184 CSC - ok
12:38:53.0821 5184 [ 0A2095F92F6AE4FE6484D911B0C21E95 ] CscService C:\Windows\System32\cscsvc.dll
12:38:53.0830 5184 CscService - ok
12:38:53.0870 5184 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
12:38:53.0881 5184 DcomLaunch - ok
12:38:53.0915 5184 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:38:53.0917 5184 DfsC - ok
12:38:53.0972 5184 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
12:38:54.0013 5184 DFSR - ok
12:38:54.0044 5184 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
12:38:54.0048 5184 Dhcp - ok
12:38:54.0065 5184 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
12:38:54.0067 5184 disk - ok
12:38:54.0090 5184 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:38:54.0093 5184 Dnscache - ok
12:38:54.0119 5184 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
12:38:54.0121 5184 dot3svc - ok
12:38:54.0143 5184 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
12:38:54.0146 5184 DPS - ok
12:38:54.0177 5184 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:38:54.0178 5184 drmkaud - ok
12:38:54.0216 5184 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:38:54.0233 5184 DXGKrnl - ok
12:38:54.0282 5184 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
12:38:54.0285 5184 E1G60 - ok
12:38:54.0323 5184 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
12:38:54.0325 5184 EapHost - ok
12:38:54.0339 5184 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
12:38:54.0343 5184 Ecache - ok
12:38:54.0381 5184 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
12:38:54.0412 5184 elxstor - ok
12:38:54.0448 5184 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
12:38:54.0457 5184 EMDMgmt - ok
12:38:54.0484 5184 [ A81AB23EDDB4693612014D87367D014C ] ErrDev C:\Windows\system32\drivers\errdev.sys
12:38:54.0486 5184 ErrDev - ok
12:38:54.0518 5184 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
12:38:54.0524 5184 EventSystem - ok
12:38:54.0550 5184 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
12:38:54.0553 5184 exfat - ok
12:38:54.0571 5184 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:38:54.0575 5184 fastfat - ok
12:38:54.0612 5184 [ DFBA0F60FA301E5B1BFB1403A93EE23E ] Fax C:\Windows\system32\fxssvc.exe
12:38:54.0629 5184 Fax - ok
12:38:54.0657 5184 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
12:38:54.0659 5184 fdc - ok
12:38:54.0687 5184 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
12:38:54.0689 5184 fdPHost - ok
12:38:54.0701 5184 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
12:38:54.0704 5184 FDResPub - ok
12:38:54.0719 5184 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:38:54.0721 5184 FileInfo - ok
12:38:54.0738 5184 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:38:54.0740 5184 Filetrace - ok
12:38:54.0756 5184 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
12:38:54.0758 5184 flpydisk - ok
12:38:54.0779 5184 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:38:54.0783 5184 FltMgr - ok
12:38:54.0826 5184 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
12:38:54.0868 5184 FontCache - ok
12:38:54.0915 5184 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
12:38:54.0917 5184 FontCache3.0.0.0 - ok
12:38:54.0938 5184 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:38:54.0940 5184 Fs_Rec - ok
12:38:54.0962 5184 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
12:38:54.0964 5184 gagp30kx - ok
12:38:55.0007 5184 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
12:38:55.0017 5184 gpsvc - ok
12:38:55.0064 5184 [ 3F90E001369A07243763BD5A523D8722 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:38:55.0069 5184 HdAudAddService - ok
12:38:55.0110 5184 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
12:38:55.0119 5184 HDAudBus - ok
12:38:55.0143 5184 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
12:38:55.0145 5184 HidBth - ok
12:38:55.0161 5184 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
12:38:55.0163 5184 HidIr - ok
12:38:55.0185 5184 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll
12:38:55.0188 5184 hidserv - ok
12:38:55.0196 5184 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
12:38:55.0197 5184 HidUsb - ok
12:38:55.0224 5184 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
12:38:55.0227 5184 hkmsvc - ok
12:38:55.0249 5184 [ 7EBEC5EB56B90ED65A8BBD91464E5CFB ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
12:38:55.0252 5184 HpCISSs - ok
12:38:55.0291 5184 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:38:55.0298 5184 HTTP - ok
12:38:55.0315 5184 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
12:38:55.0317 5184 i2omp - ok
12:38:55.0354 5184 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
12:38:55.0356 5184 i8042prt - ok
12:38:55.0382 5184 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
12:38:55.0387 5184 iaStorV - ok
12:38:55.0433 5184 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:38:55.0459 5184 idsvc - ok
12:38:55.0510 5184 [ 5F43E40C46D98E5E1E7D8A77D7BBF738 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
12:38:55.0543 5184 igfx - ok
12:38:55.0562 5184 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
12:38:55.0564 5184 iirsp - ok
12:38:55.0605 5184 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
12:38:55.0622 5184 IKEEXT - ok
12:38:55.0638 5184 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
12:38:55.0640 5184 intelide - ok
12:38:55.0650 5184 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:38:55.0652 5184 intelppm - ok
12:38:55.0672 5184 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:38:55.0674 5184 IPBusEnum - ok
12:38:55.0694 5184 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:38:55.0696 5184 IpFilterDriver - ok
12:38:55.0735 5184 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
12:38:55.0740 5184 iphlpsvc - ok
12:38:55.0746 5184 IpInIp - ok
12:38:55.0774 5184 [ 4B9C0F4D4A3ACC535F9771039ECD6365 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
12:38:55.0776 5184 IPMIDRV - ok
12:38:55.0792 5184 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
12:38:55.0795 5184 IPNAT - ok
12:38:55.0817 5184 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:38:55.0819 5184 IRENUM - ok
12:38:55.0841 5184 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:38:55.0843 5184 isapnp - ok
12:38:55.0866 5184 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
12:38:55.0870 5184 iScsiPrt - ok
12:38:55.0895 5184 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
12:38:55.0897 5184 iteatapi - ok
12:38:55.0917 5184 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
12:38:55.0919 5184 iteraid - ok
12:38:55.0936 5184 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
12:38:55.0938 5184 kbdclass - ok
12:38:55.0953 5184 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
12:38:55.0955 5184 kbdhid - ok
12:38:55.0979 5184 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
12:38:55.0981 5184 KeyIso - ok
12:38:56.0020 5184 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:38:56.0028 5184 KSecDD - ok
12:38:56.0072 5184 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
12:38:56.0089 5184 KtmRm - ok
12:38:56.0122 5184 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll
12:38:56.0127 5184 LanmanServer - ok
12:38:56.0147 5184 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:38:56.0153 5184 LanmanWorkstation - ok
12:38:56.0183 5184 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:38:56.0185 5184 lltdio - ok
12:38:56.0209 5184 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:38:56.0214 5184 lltdsvc - ok
12:38:56.0237 5184 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:38:56.0239 5184 lmhosts - ok
12:38:56.0267 5184 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
12:38:56.0270 5184 LSI_FC - ok
12:38:56.0282 5184 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
12:38:56.0285 5184 LSI_SAS - ok
12:38:56.0325 5184 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
12:38:56.0352 5184 LSI_SCSI - ok
12:38:56.0366 5184 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
12:38:56.0369 5184 luafv - ok
12:38:56.0392 5184 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
12:38:56.0394 5184 megasas - ok
12:38:56.0416 5184 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
12:38:56.0424 5184 MegaSR - ok
12:38:56.0450 5184 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
12:38:56.0453 5184 MMCSS - ok
12:38:56.0475 5184 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
12:38:56.0477 5184 Modem - ok
12:38:56.0506 5184 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:38:56.0508 5184 monitor - ok
12:38:56.0520 5184 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
12:38:56.0522 5184 mouclass - ok
12:38:56.0547 5184 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:38:56.0549 5184 mouhid - ok
12:38:56.0558 5184 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
12:38:56.0560 5184 MountMgr - ok
12:38:56.0600 5184 [ 5DA347912FD3AF24D7BFB3DE519D4BD0 ] mpio C:\Windows\system32\drivers\mpio.sys
12:38:56.0603 5184 mpio - ok
12:38:56.0620 5184 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:38:56.0622 5184 mpsdrv - ok
12:38:56.0658 5184 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
12:38:56.0667 5184 MpsSvc - ok
12:38:56.0683 5184 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
12:38:56.0686 5184 Mraid35x - ok
12:38:56.0693 5184 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:38:56.0697 5184 MRxDAV - ok
12:38:56.0722 5184 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:38:56.0725 5184 mrxsmb - ok
12:38:56.0738 5184 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:38:56.0743 5184 mrxsmb10 - ok
12:38:56.0750 5184 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:38:56.0754 5184 mrxsmb20 - ok
12:38:56.0773 5184 [ 5457DCFA7C0DA43522F4D9D4049C1472 ] msahci C:\Windows\system32\drivers\msahci.sys
12:38:56.0775 5184 msahci - ok
12:38:56.0797 5184 [ 2C563AEF15B8D0014C36C5F27742AC7B ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:38:56.0801 5184 msdsm - ok
12:38:56.0821 5184 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
12:38:56.0825 5184 MSDTC - ok
12:38:56.0853 5184 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:38:56.0855 5184 Msfs - ok
12:38:56.0870 5184 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:38:56.0872 5184 msisadrv - ok
12:38:56.0898 5184 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:38:56.0902 5184 MSiSCSI - ok
12:38:56.0907 5184 msiserver - ok
12:38:56.0953 5184 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:38:56.0955 5184 MSKSSRV - ok
12:38:56.0986 5184 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:38:56.0988 5184 MSPCLOCK - ok
12:38:57.0014 5184 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:38:57.0016 5184 MSPQM - ok
12:38:57.0034 5184 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:38:57.0039 5184 MsRPC - ok
12:38:57.0050 5184 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
12:38:57.0052 5184 mssmbios - ok
12:38:57.0076 5184 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:38:57.0077 5184 MSTEE - ok
12:38:57.0097 5184 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
12:38:57.0099 5184 Mup - ok
12:38:57.0132 5184 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
12:38:57.0140 5184 napagent - ok
12:38:57.0170 5184 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:38:57.0174 5184 NativeWifiP - ok
12:38:57.0213 5184 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
12:38:57.0231 5184 NDIS - ok
12:38:57.0244 5184 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:38:57.0246 5184 NdisTapi - ok
12:38:57.0270 5184 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:38:57.0271 5184 Ndisuio - ok
12:38:57.0295 5184 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:38:57.0298 5184 NdisWan - ok
12:38:57.0308 5184 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:38:57.0311 5184 NDProxy - ok
12:38:57.0319 5184 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:38:57.0321 5184 NetBIOS - ok
12:38:57.0337 5184 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
12:38:57.0341 5184 netbt - ok
12:38:57.0353 5184 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
12:38:57.0355 5184 Netlogon - ok
12:38:57.0384 5184 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
12:38:57.0403 5184 Netman - ok
12:38:57.0443 5184 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
12:38:57.0446 5184 NetMsmqActivator - ok
12:38:57.0454 5184 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
12:38:57.0456 5184 NetPipeActivator - ok
12:38:57.0478 5184 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
12:38:57.0485 5184 netprofm - ok
12:38:57.0510 5184 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
12:38:57.0511 5184 NetTcpActivator - ok
12:38:57.0517 5184 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
12:38:57.0520 5184 NetTcpPortSharing - ok
12:38:57.0558 5184 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
12:38:57.0560 5184 nfrd960 - ok
12:38:57.0579 5184 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
12:38:57.0584 5184 NlaSvc - ok
12:38:57.0598 5184 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:38:57.0599 5184 Npfs - ok
12:38:57.0633 5184 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
12:38:57.0636 5184 nsi - ok
12:38:57.0650 5184 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:38:57.0655 5184 nsiproxy - ok
12:38:57.0690 5184 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:38:57.0715 5184 Ntfs - ok
12:38:57.0730 5184 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
12:38:57.0732 5184 ntrigdigi - ok
12:38:57.0748 5184 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
12:38:57.0749 5184 Null - ok
12:38:57.0776 5184 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:38:57.0779 5184 nvraid - ok
12:38:57.0798 5184 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:38:57.0800 5184 nvstor - ok
12:38:57.0813 5184 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:38:57.0816 5184 nv_agp - ok
12:38:57.0823 5184 NwlnkFlt - ok
12:38:57.0830 5184 NwlnkFwd - ok
12:38:57.0856 5184 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
12:38:57.0858 5184 ohci1394 - ok
12:38:57.0907 5184 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
12:38:57.0914 5184 p2pimsvc - ok
12:38:57.0939 5184 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
12:38:57.0946 5184 p2psvc - ok
12:38:57.0979 5184 [ 8A79FDF04A73428597E2CAF9D0D67850 ] Parport C:\Windows\system32\DRIVERS\parport.sys
12:38:57.0982 5184 Parport - ok
12:38:58.0008 5184 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:38:58.0010 5184 partmgr - ok
12:38:58.0016 5184 [ 6C580025C81CAF3AE9E3617C22CAD00E ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
12:38:58.0020 5184 Parvdm - ok
12:38:58.0034 5184 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
12:38:58.0038 5184 PcaSvc - ok
12:38:58.0061 5184 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
12:38:58.0065 5184 pci - ok
12:38:58.0077 5184 [ 1636D43F10416AEB483BC6001097B26C ] pciide C:\Windows\system32\drivers\pciide.sys
12:38:58.0079 5184 pciide - ok
12:38:58.0099 5184 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
12:38:58.0103 5184 pcmcia - ok
12:38:58.0142 5184 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:38:58.0167 5184 PEAUTH - ok
12:38:58.0242 5184 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
12:38:58.0277 5184 pla - ok
12:38:58.0308 5184 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:38:58.0325 5184 PlugPlay - ok
12:38:58.0347 5184 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
12:38:58.0354 5184 PNRPAutoReg - ok
12:38:58.0380 5184 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
12:38:58.0387 5184 PNRPsvc - ok
12:38:58.0415 5184 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:38:58.0423 5184 PolicyAgent - ok
12:38:58.0460 5184 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:38:58.0462 5184 PptpMiniport - ok
12:38:58.0485 5184 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys
12:38:58.0487 5184 Processor - ok
12:38:58.0513 5184 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
12:38:58.0518 5184 ProfSvc - ok
12:38:58.0528 5184 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
12:38:58.0530 5184 ProtectedStorage - ok
12:38:58.0543 5184 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
12:38:58.0545 5184 PSched - ok
12:38:58.0584 5184 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
12:38:58.0610 5184 ql2300 - ok
12:38:58.0634 5184 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
12:38:58.0637 5184 ql40xx - ok
12:38:58.0660 5184 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
12:38:58.0665 5184 QWAVE - ok
12:38:58.0675 5184 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:38:58.0677 5184 QWAVEdrv - ok
12:38:58.0686 5184 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:38:58.0688 5184 RasAcd - ok
12:38:58.0718 5184 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
12:38:58.0723 5184 RasAuto - ok
12:38:58.0738 5184 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:38:58.0741 5184 Rasl2tp - ok
12:38:58.0759 5184 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
12:38:58.0765 5184 RasMan - ok
12:38:58.0781 5184 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:38:58.0784 5184 RasPppoe - ok
12:38:58.0797 5184 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:38:58.0800 5184 RasSstp - ok
12:38:58.0829 5184 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:38:58.0834 5184 rdbss - ok
12:38:58.0840 5184 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:38:58.0842 5184 RDPCDD - ok
12:38:58.0864 5184 [ 943B18305EAE3935598A9B4A3D560B4C ] rdpdr C:\Windows\system32\DRIVERS\rdpdr.sys
12:38:58.0869 5184 rdpdr - ok
12:38:58.0875 5184 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:38:58.0877 5184 RDPENCDD - ok
12:38:58.0910 5184 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:38:58.0914 5184 RDPWD - ok
12:38:58.0954 5184 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
12:38:58.0958 5184 RemoteAccess - ok
12:38:58.0984 5184 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:38:58.0989 5184 RemoteRegistry - ok
12:38:58.0999 5184 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
12:38:59.0002 5184 RpcLocator - ok
12:38:59.0026 5184 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
12:38:59.0033 5184 RpcSs - ok
12:38:59.0057 5184 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:38:59.0059 5184 rspndr - ok
12:38:59.0069 5184 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
12:38:59.0071 5184 SamSs - ok
12:38:59.0086 5184 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:38:59.0089 5184 sbp2port - ok
12:38:59.0116 5184 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:38:59.0119 5184 SCardSvr - ok
12:38:59.0162 5184 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
12:38:59.0179 5184 Schedule - ok
12:38:59.0191 5184 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
12:38:59.0193 5184 SCPolicySvc - ok
12:38:59.0209 5184 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:38:59.0214 5184 SDRSVC - ok
12:38:59.0225 5184 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:38:59.0227 5184 secdrv - ok
12:38:59.0241 5184 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
12:38:59.0244 5184 seclogon - ok
12:38:59.0249 5184 SenFiltService - ok
12:38:59.0274 5184 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
12:38:59.0278 5184 SENS - ok
12:38:59.0291 5184 [ CE9EC966638EF0B10B864DDEDF62A099 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
12:38:59.0293 5184 Serenum - ok
12:38:59.0324 5184 [ 6D663022DB3E7058907784AE14B69898 ] Serial C:\Windows\system32\DRIVERS\serial.sys
12:38:59.0326 5184 Serial - ok
12:38:59.0356 5184 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
12:38:59.0358 5184 sermouse - ok
12:38:59.0390 5184 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
12:38:59.0395 5184 SessionEnv - ok
12:38:59.0415 5184 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:38:59.0416 5184 sffdisk - ok
12:38:59.0437 5184 [ E5EAFE85815BD89095FEF3144A09AB68 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:38:59.0439 5184 sffp_mmc - ok
12:38:59.0449 5184 [ 9F66A46C55D6F1CCABC79BB7AFCCC545 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:38:59.0450 5184 sffp_sd - ok
12:38:59.0473 5184 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
12:38:59.0474 5184 sfloppy - ok
12:38:59.0505 5184 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:38:59.0509 5184 SharedAccess - ok
12:38:59.0541 5184 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:38:59.0547 5184 ShellHWDetection - ok
12:38:59.0568 5184 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
12:38:59.0571 5184 sisagp - ok
12:38:59.0587 5184 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
12:38:59.0589 5184 SiSRaid2 - ok
12:38:59.0607 5184 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
12:38:59.0610 5184 SiSRaid4 - ok
12:38:59.0711 5184 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
12:38:59.0786 5184 slsvc - ok
12:38:59.0858 5184 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
12:38:59.0863 5184 SLUINotify - ok
12:38:59.0897 5184 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:38:59.0900 5184 Smb - ok
12:38:59.0919 5184 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:38:59.0922 5184 SNMPTRAP - ok
12:38:59.0936 5184 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
12:38:59.0938 5184 spldr - ok
12:38:59.0965 5184 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
12:38:59.0969 5184 Spooler - ok
12:38:59.0998 5184 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
12:39:00.0004 5184 srv - ok
12:39:00.0028 5184 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:39:00.0032 5184 srv2 - ok
12:39:00.0061 5184 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:39:00.0064 5184 srvnet - ok
12:39:00.0086 5184 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:39:00.0092 5184 SSDPSRV - ok
12:39:00.0111 5184 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys
12:39:00.0113 5184 ssmdrv - ok
12:39:00.0142 5184 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:39:00.0150 5184 SstpSvc - ok
12:39:00.0178 5184 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
12:39:00.0195 5184 stisvc - ok
12:39:00.0222 5184 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
12:39:00.0224 5184 swenum - ok
12:39:00.0241 5184 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
12:39:00.0249 5184 swprv - ok
12:39:00.0266 5184 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
12:39:00.0268 5184 Symc8xx - ok
12:39:00.0280 5184 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
12:39:00.0282 5184 Sym_hi - ok
12:39:00.0298 5184 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
12:39:00.0300 5184 Sym_u3 - ok
12:39:00.0330 5184 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
12:39:00.0341 5184 SysMain - ok
12:39:00.0367 5184 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:39:00.0372 5184 TabletInputService - ok
12:39:00.0393 5184 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
12:39:00.0402 5184 TapiSrv - ok
12:39:00.0417 5184 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
12:39:00.0421 5184 TBS - ok
12:39:00.0462 5184 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:39:00.0488 5184 Tcpip - ok
12:39:00.0521 5184 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
12:39:00.0529 5184 Tcpip6 - ok
12:39:00.0561 5184 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:39:00.0563 5184 tcpipreg - ok
12:39:00.0596 5184 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:39:00.0598 5184 TDPIPE - ok
12:39:00.0617 5184 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:39:00.0620 5184 TDTCP - ok
12:39:00.0641 5184 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:39:00.0644 5184 tdx - ok
12:39:00.0654 5184 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
12:39:00.0656 5184 TermDD - ok
12:39:00.0688 5184 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
12:39:00.0706 5184 TermService - ok
12:39:00.0723 5184 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
12:39:00.0728 5184 Themes - ok
12:39:00.0748 5184 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
12:39:00.0751 5184 THREADORDER - ok
12:39:00.0766 5184 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
12:39:00.0771 5184 TrkWks - ok
12:39:00.0803 5184 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:39:00.0804 5184 TrustedInstaller - ok
12:39:00.0837 5184 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:39:00.0839 5184 tssecsrv - ok
12:39:00.0855 5184 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
12:39:00.0856 5184 tunmp - ok
12:39:00.0881 5184 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:39:00.0883 5184 tunnel - ok
12:39:00.0904 5184 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
12:39:00.0906 5184 uagp35 - ok
12:39:00.0925 5184 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:39:00.0929 5184 udfs - ok
12:39:00.0962 5184 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:39:00.0966 5184 UI0Detect - ok
12:39:00.0985 5184 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:39:00.0988 5184 uliagpkx - ok
12:39:01.0013 5184 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
12:39:01.0018 5184 uliahci - ok
12:39:01.0039 5184 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
12:39:01.0042 5184 UlSata - ok
12:39:01.0058 5184 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
12:39:01.0061 5184 ulsata2 - ok
12:39:01.0086 5184 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
12:39:01.0088 5184 umbus - ok
12:39:01.0107 5184 [ 8A66360F38F81E960E2367B428CBD5D9 ] UmRdpService C:\Windows\System32\umrdp.dll
12:39:01.0113 5184 UmRdpService - ok
12:39:01.0129 5184 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
12:39:01.0138 5184 upnphost - ok
12:39:01.0153 5184 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:39:01.0156 5184 usbccgp - ok
12:39:01.0175 5184 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:39:01.0177 5184 usbcir - ok
12:39:01.0211 5184 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
12:39:01.0213 5184 usbehci - ok
12:39:01.0228 5184 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:39:01.0232 5184 usbhub - ok
12:39:01.0252 5184 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
12:39:01.0254 5184 usbohci - ok
12:39:01.0283 5184 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
12:39:01.0284 5184 usbprint - ok
12:39:01.0319 5184 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
12:39:01.0320 5184 usbscan - ok
12:39:01.0333 5184 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:39:01.0336 5184 USBSTOR - ok
12:39:01.0356 5184 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
12:39:01.0358 5184 usbuhci - ok
12:39:01.0381 5184 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
12:39:01.0384 5184 UxSms - ok
12:39:01.0405 5184 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
12:39:01.0418 5184 vds - ok
12:39:01.0431 5184 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:39:01.0433 5184 vga - ok
12:39:01.0441 5184 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
12:39:01.0443 5184 VgaSave - ok
12:39:01.0465 5184 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
12:39:01.0468 5184 viaagp - ok
12:39:01.0479 5184 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
12:39:01.0481 5184 ViaC7 - ok
12:39:01.0500 5184 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
12:39:01.0502 5184 viaide - ok
12:39:01.0522 5184 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:39:01.0524 5184 volmgr - ok
12:39:01.0540 5184 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:39:01.0546 5184 volmgrx - ok
12:39:01.0563 5184 [ 786DB5771F05EF300390399F626BF30A ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:39:01.0566 5184 volsnap - ok
12:39:01.0600 5184 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
12:39:01.0604 5184 vsmraid - ok
12:39:01.0651 5184 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
12:39:01.0662 5184 VSS - ok
12:39:01.0678 5184 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
12:39:01.0685 5184 W32Time - ok
12:39:01.0705 5184 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
12:39:01.0707 5184 WacomPen - ok
12:39:01.0727 5184 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
12:39:01.0729 5184 Wanarp - ok
12:39:01.0744 5184 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:39:01.0745 5184 Wanarpv6 - ok
12:39:01.0772 5184 [ 20B23332885DFB93FE0185362EE811E9 ] wbengine C:\Windows\system32\wbengine.exe
12:39:01.0796 5184 wbengine - ok
12:39:01.0833 5184 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:39:01.0842 5184 wcncsvc - ok
12:39:01.0856 5184 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:39:01.0860 5184 WcsPlugInService - ok
12:39:01.0889 5184 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
12:39:01.0891 5184 Wd - ok
12:39:01.0927 5184 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:39:01.0944 5184 Wdf01000 - ok
12:39:01.0963 5184 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:39:01.0968 5184 WdiServiceHost - ok
12:39:01.0979 5184 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:39:01.0984 5184 WdiSystemHost - ok
12:39:02.0003 5184 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
12:39:02.0010 5184 WebClient - ok
12:39:02.0036 5184 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:39:02.0041 5184 Wecsvc - ok
12:39:02.0051 5184 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:39:02.0055 5184 wercplsupport - ok
12:39:02.0066 5184 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
12:39:02.0074 5184 WerSvc - ok
12:39:02.0126 5184 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
12:39:02.0130 5184 WinDefend - ok
12:39:02.0140 5184 WinHttpAutoProxySvc - ok
12:39:02.0189 5184 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:39:02.0192 5184 Winmgmt - ok
12:39:02.0239 5184 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
12:39:02.0274 5184 WinRM - ok
12:39:02.0319 5184 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
12:39:02.0326 5184 Wlansvc - ok
12:39:02.0353 5184 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
12:39:02.0355 5184 WmiAcpi - ok
12:39:02.0382 5184 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:39:02.0385 5184 wmiApSrv - ok
12:39:02.0438 5184 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
12:39:02.0457 5184 WMPNetworkSvc - ok
12:39:02.0492 5184 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:39:02.0497 5184 WPDBusEnum - ok
12:39:02.0517 5184 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
12:39:02.0519 5184 WpdUsb - ok
12:39:02.0576 5184 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
12:39:02.0593 5184 WPFFontCache_v0400 - ok
12:39:02.0621 5184 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:39:02.0622 5184 ws2ifsl - ok
12:39:02.0651 5184 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\System32\wscsvc.dll
12:39:02.0655 5184 wscsvc - ok
12:39:02.0663 5184 WSearch - ok
12:39:02.0737 5184 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
12:39:02.0779 5184 wuauserv - ok
12:39:02.0811 5184 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
12:39:02.0813 5184 WudfPf - ok
12:39:02.0829 5184 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:39:02.0835 5184 WUDFRd - ok
12:39:02.0865 5184 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:39:02.0870 5184 wudfsvc - ok
12:39:02.0921 5184 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
12:39:02.0939 5184 YahooAUService - ok
12:39:02.0948 5184 ================ Scan global ===============================
12:39:02.0970 5184 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
12:39:03.0008 5184 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
12:39:03.0033 5184 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
12:39:03.0072 5184 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
12:39:03.0080 5184 [Global] - ok
12:39:03.0084 5184 ================ Scan MBR ==================================
12:39:03.0101 5184 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
12:39:03.0293 5184 \Device\Harddisk0\DR0 - ok
12:39:03.0294 5184 ================ Scan VBR ==================================
12:39:03.0297 5184 [ A6662159A2BEA5B302704D08A97867ED ] \Device\Harddisk0\DR0\Partition1
12:39:03.0302 5184 \Device\Harddisk0\DR0\Partition1 - ok
12:39:03.0302 5184 ============================================================
12:39:03.0302 5184 Scan finished
12:39:03.0302 5184 ============================================================
12:39:03.0314 2208 Detected object count: 0
12:39:03.0314 2208 Actual detected object count: 0
12:39:30.0688 0216 Deinitialize success

#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:44 PM

Posted 04 February 2013 - 08:07 PM

After ESET
In Control Panel remove this .. Java 7 Update 11 (Version: 7.0.110)
Reboot then go HERE
Install ,4th up from bottom.. Windows x86 Offline 30.05 MB jre-7u13-windows-i586.exe
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 flymanmt

flymanmt
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:06:44 PM

Posted 10 February 2013 - 03:41 PM

Well I ran the Eset program and it did find four infections but I was not able to save anything alls it did was remove then closed so I was unable to save any logs from it.  Then I removed Jaba 7 and installed the Windows x86 offline.  Is there anything else that I need to do?



#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:44 PM

Posted 10 February 2013 - 04:47 PM

I missed this Update to Adobe Reader XI

 

Is it running well now?


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 flymanmt

flymanmt
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:06:44 PM

Posted 11 February 2013 - 08:17 AM

Whats the best thing to do to keep from getting the malware? Does it have the ability to make a printer stop using the scanner capability or is that malfunction of the printer?



#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:44 PM

Posted 11 February 2013 - 11:45 AM

The ESET Online Scanner saves a log file after running, which can be examined or sent in to ESET for further analysis. The path to the log file is "C:\Program Files\ESET\EsetOnlineScanner\log.txt". You can view this file by navigating to the directory and double-clicking it in Windows Explorer, or by copying and pasting the path specification above (including the quotation marks) into the Start > Run dialog box from the Start Menu on the desktop.
 

 

Only if it infected a printer file and the file was removed,but we did not see the ADW or ESET logs.

 

 

 

 

If there are no more problems or signs of infection, you should Create a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been saved in System Restore. Since this is a protected directory your tools cannot access to delete these files, they sometimes can reinfect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.

The easiest and safest way to do this is:

  • Go to Start > Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
  • Then use Disk Cleanup to remove all but the most recently created Restore Point.
  • Go to Start > Run and type: Cleanmgr
  • Click "Ok". Disk Cleanup will scan your files for several minutes, then open.
  • Click the "More Options" tab, then click the "Clean up" button under System Restore.
  • Click Ok. You will be prompted with "Are you sure you want to delete all but the most recent restore point?"
  • Click Yes, then click Ok.
  • Click Yes again when prompted with "Are you sure you want to perform these actions?"
  • Disk Cleanup will remove the files and close automatically.
Vista Users can refer to these links: Create a New Restore Point and Disk Cleanup.

Tips to protect yourself against malware and reduce the potential for re-infection:


? Avoid gaming sites, pirated software, cracking tools, [url="http://wiki.answers.com/Q/What_is_a_keygen"]keygens[/url], and peer-to-peer[/b] (P2P) file sharing programs. They are a security risk which can make your computer susceptible to a smörgåsbord of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites. Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users. The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications. Read P2P Software User Advisories and Risks of File-Sharing Technology.

? Keeping Autorun enabled on USB and other removable drives has become a significant security risk due to the increasing number of malware variants that can infect them and transfer the infection to your computer. To learn more about this risk, please read:


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#12 flymanmt

flymanmt
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:06:44 PM

Posted 11 February 2013 - 05:21 PM

So I do have a question about being on-line what about like Facebook and friends post click on this to view what ever can that be malicious or is facebook scan stuff as it is put on? Or even the games that facebook has are those bad or are you more like talking about downloading games from sites like spin top or others like that?



#13 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:44 PM

Posted 11 February 2013 - 10:13 PM

 Facebook and friends post click on this to view

This can be dangerous.. People post links to many things and sometimes they have never clicked it themselves.

 

See Detecting and Avoiding Dangerous Facebook Applications

 

Most if the FB games are virus safe but you have tio agree to allow some spyware apps. You see this when you agrre to ACCEPT terms of use.

Therefore you need to run a spyware tool after playing. This is the same for most free game sites. The ADWCleaner log will show many of these.


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users