Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Relatively New Laptop Slows to a Crawl


  • Please log in to reply
13 replies to this topic

#1 CmptrCnslt

CmptrCnslt

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:46 AM

Posted 10 October 2011 - 11:24 PM

I got an HPdv7 laptop at the end of Jan 2011. WinPro 7 64bt OS/intel icore7/8gb DDR3 ram/2-7200rpm 500gb HDDs. Amazing speed until 8/11/11. Stupidly dl'd iLivid video player from the web to view TV episodes.

Secretly installed toolbar that redirected all brower urls to some QAsearch on my default google chrome browser. Manually Redirected seach Option and fixed redirect problem. Removed iLivid Player in Cntl Panel but unable to find Toolbar. Browser working correctly. Installed WIndows updates. 11 were installed.

Upon reboot, Suddenly Disk Drive Error on Disk 1. Run Disk Test. Ran Test Disk 1 Failed, Disk 2 passed. Escaped, started windows. Used prior restore point but nothing available prior to 8/11. System passes smart disk check but Disk 1 still fails (3F1) quick and long tests. Able to escape & start windows. After shutdown a few times, Disk 1 error is bypassed. Been limping along but eventually system comes to a crawl.

Using Norton Internet Security Suite. Never finds virus. System eventually returns to a crawl so I go back to a prior restore point. System speeds up for a while but then back to a crawl. Ran NPE and it found Nikvm_C6F09094.sys after starting from reboot. Says it removes it but is still there whenever I rerun NPE. Something still amiss & seems to be malware rootkit issue. Backed up data. Cleaned & defragged drives. Gone through this process of "rinse & repeat" about 4 times now since August. Desperate to fix problem. Would really appreciate help asap. Life depends on about 12hr computer use daily. Thanks!

Edited by boopme, 13 October 2011 - 08:39 PM.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,323 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:46 AM

Posted 13 October 2011 - 08:43 PM

Hello,sorry we lost you.. Please pust a few logs and tell me if is any better.

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.


Next run MBAM (MalwareBytes):

Please download Malwarebytes Anti-Malware and save it to your desktop.
Download Link 1
Download Link 2MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
    For instructions with screenshots, please refer to the How to use Malwarebytes' Anti-Malware Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
  • Make sure the "Perform Quick Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  • Exit MBAM when done.
Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.

Troubleshoot Malwarebytes' Anti-Malware



Please download GMER from one of the following locations and save it to your desktop:
  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.

    Posted Image
  • GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and be sure to re-enable your anti-virus, Firewall and any other security programs you had disabled.
-- If you encounter any problems, try running GMER in safe mode.
-- If GMER crashes or keeps resulting in a BSODs, uncheck Devices on the right side before scanning
.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 CmptrCnslt

CmptrCnslt
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:46 AM

Posted 14 October 2011 - 09:09 PM

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 7950

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

10/14/2011 9:20:09 PM
mbam-log-2011-10-14 (21-20-09).txt

Scan type: Quick scan
Objects scanned: 178668
Time elapsed: 2 minute(s), 57 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
**************************************************************************************
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2011-10-14 22:03:13
Windows 6.1.7601 Service Pack 1
Running: nvkktjv1.exe

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\e02a8237dd94
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\e02a8237dd94 (not active ControlSet)

---- EOF - GMER 1.0.15 ----

#4 CmptrCnslt

CmptrCnslt
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:46 AM

Posted 14 October 2011 - 09:22 PM

First, thanks for your help!
Next, sorry but I saw this after I ran MBAM & GMER
I guess I'll run them again now.
I never saw anything scan more than just C:\

MiniToolBox by Farbar
Ran by Elise A Stiller (administrator) on 14-10-2011 at 22:13:54
Windows 7 Professional Service Pack 1 (X64)

***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================



========================= IP Configuration: ================================

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set subinterface interface=?:3 subinterface=ethernet_9 mtu=1477
add address name="Wireless Network Connection 3" address=192.168.16.2 mask=255.255.255.0


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : EliseAStiller
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : home

Wireless LAN adapter Wireless Network Connection 3:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
Physical Address. . . . . . . . . : 00-26-C7-F9-E6-BD
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 00-26-C7-F9-E6-BD
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : Intel® WiFi Link 1000 BGN
Physical Address. . . . . . . . . : 00-26-C7-F9-E6-BC
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::f5ab:419d:fe34:e2b7%14(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.3(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Friday, October 14, 2011 6:55:11 AM
Lease Expires . . . . . . . . . . : Saturday, October 15, 2011 10:04:49 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 369108679
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-23-93-39-98-4B-E1-8E-23-3D
DNS Servers . . . . . . . . . . . : 192.168.1.1
68.237.161.12
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Bluetooth Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : E0-2A-82-37-DD-94
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.home:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:40d:3736:93f1:1718(Preferred)
Link-local IPv6 Address . . . . . : fe80::40d:3736:93f1:1718%18(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 12:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{9E64F608-0144-4ABF-99EA-E838BC819BF4}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: google.com
Addresses: 74.125.226.210
74.125.226.209
74.125.226.211
74.125.226.212
74.125.226.208


Pinging google.com [74.125.226.114] with 32 bytes of data:
Reply from 74.125.226.114: bytes=32 time=10ms TTL=252
Reply from 74.125.226.114: bytes=32 time=13ms TTL=252

Ping statistics for 74.125.226.114:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 10ms, Maximum = 13ms, Average = 11ms
Server: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: yahoo.com
Addresses: 67.195.160.76
72.30.2.43
98.137.149.56
98.139.180.149
209.191.122.70


Pinging yahoo.com [72.30.2.43] with 32 bytes of data:
Reply from 72.30.2.43: bytes=32 time=104ms TTL=250
Reply from 72.30.2.43: bytes=32 time=103ms TTL=250

Ping statistics for 72.30.2.43:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 103ms, Maximum = 104ms, Average = 103ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=2ms TTL=128
Reply from 127.0.0.1: bytes=32 time=3ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 2ms, Maximum = 3ms, Average = 2ms
===========================================================================
Interface List
16...00 26 c7 f9 e6 bd ......Microsoft Virtual WiFi Miniport Adapter #2
15...00 26 c7 f9 e6 bd ......Microsoft Virtual WiFi Miniport Adapter
14...00 26 c7 f9 e6 bc ......Intel® WiFi Link 1000 BGN
13...e0 2a 82 37 dd 94 ......Bluetooth Device (Personal Area Network)
1...........................Software Loopback Interface 1
20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
18...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
11...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
38...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.3 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.3 281
192.168.1.3 255.255.255.255 On-link 192.168.1.3 281
192.168.1.255 255.255.255.255 On-link 192.168.1.3 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.3 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.3 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
18 58 ::/0 On-link
1 306 ::1/128 On-link
18 58 2001::/32 On-link
18 306 2001:0:4137:9e76:40d:3736:93f1:1718/128
On-link
14 281 fe80::/64 On-link
18 306 fe80::/64 On-link
18 306 fe80::40d:3736:93f1:1718/128
On-link
14 281 fe80::f5ab:419d:fe34:e2b7/128
On-link
1 306 ff00::/8 On-link
18 306 ff00::/8 On-link
14 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 09 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 10 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 09 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/14/2011 07:06:22 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (10/14/2011 07:03:26 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (10/13/2011 07:29:16 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (10/13/2011 07:15:15 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (10/12/2011 06:44:29 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (10/11/2011 07:45:26 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (10/10/2011 08:08:52 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (10/10/2011 06:13:56 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (10/10/2011 10:10:58 AM) (Source: Application Hang) (User: )
Description: The program iMedica.Prm.Client.exe version 9.0.1004.1203 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 18f0

Start Time: 01cc8752dcc6adc8

Termination Time: 12

Application Path: C:\Users\Elise A Stiller\AppData\Local\Apps\2.0\L3TANN0N.LGB\G9D936VN.GG7\imed...app_cabb2d6df4dda259_0009.0000_98f86faae65b2b7f\iMedica.Prm.Client.exe

Report Id: 9cf87172-f349-11e0-81e6-e02a8237dd94

Error: (10/10/2011 09:49:21 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.


System errors:
=============
Error: (10/14/2011 06:57:38 AM) (Source: Server) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{A8D346B4-99B9-45E6-AA53-3D488DF73B77} because another computer on the network has the same name. The server could not start.

Error: (10/14/2011 06:57:19 AM) (Source: Service Control Manager) (User: )
Description: The HP Wireless Assistant Service service terminated unexpectedly. It has done this 1 time(s).

Error: (10/13/2011 08:21:57 PM) (Source: DCOM) (User: )
Description: {51FA2736-5DEE-11D4-98E8-006008BF430C}

Error: (10/13/2011 07:07:16 AM) (Source: Server) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{A8D346B4-99B9-45E6-AA53-3D488DF73B77} because another computer on the network has the same name. The server could not start.

Error: (10/13/2011 07:07:02 AM) (Source: Service Control Manager) (User: )
Description: The HP Wireless Assistant Service service terminated unexpectedly. It has done this 1 time(s).

Error: (10/12/2011 06:36:25 AM) (Source: Service Control Manager) (User: )
Description: The HP Wireless Assistant Service service terminated unexpectedly. It has done this 1 time(s).

Error: (10/12/2011 06:36:25 AM) (Source: Server) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{A8D346B4-99B9-45E6-AA53-3D488DF73B77} because another computer on the network has the same name. The server could not start.

Error: (10/11/2011 07:36:46 AM) (Source: Service Control Manager) (User: )
Description: The HP Wireless Assistant Service service terminated unexpectedly. It has done this 1 time(s).

Error: (10/11/2011 07:36:37 AM) (Source: Server) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{A8D346B4-99B9-45E6-AA53-3D488DF73B77} because another computer on the network has the same name. The server could not start.

Error: (10/10/2011 08:00:46 PM) (Source: Service Control Manager) (User: )
Description: The HP Wireless Assistant Service service terminated unexpectedly. It has done this 1 time(s).


Microsoft Office Sessions:
=========================
Error: (10/14/2011 07:06:22 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (10/14/2011 07:03:26 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (10/13/2011 07:29:16 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (10/13/2011 07:15:15 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (10/12/2011 06:44:29 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (10/11/2011 07:45:26 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (10/10/2011 08:08:52 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (10/10/2011 06:13:56 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (10/10/2011 10:10:58 AM) (Source: Application Hang)(User: )
Description: iMedica.Prm.Client.exe9.0.1004.120318f001cc8752dcc6adc812C:\Users\Elise A Stiller\AppData\Local\Apps\2.0\L3TANN0N.LGB\G9D936VN.GG7\imed...app_cabb2d6df4dda259_0009.0000_98f86faae65b2b7f\iMedica.Prm.Client.exe9cf87172-f349-11e0-81e6-e02a8237dd94

Error: (10/10/2011 09:49:21 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.


=========================== Installed Programs ============================

5600 (Version: 130.0.365.000)
5600_Help (Version: 82.0.242.000)
5600Trb (Version: 82.0.242.000)
64 Bit HP CIO Components Installer (Version: 7.2.8)
Acrobat.com (Version: 1.6.65)
Adobe AIR (Version: 1.5.3.9130)
Adobe Flash Player 11 ActiveX (Version: 11.0.1.152)
Adobe Reader X (10.1.1) (Version: 10.1.1)
Adobe Shockwave Player 11.5 (Version: 11.5.7.609)
AIO_CDB_ProductContext (Version: 130.0.365.000)
AIO_CDB_Software (Version: 130.0.365.000)
AIO_Scan (Version: 130.0.421.000)
Apple Application Support (Version: 2.0.1)
Apple Mobile Device Support (Version: 3.4.1.2)
Apple Software Update (Version: 2.1.3.127)
ATI Catalyst Install Manager (Version: 3.0.778.0)
Bejeweled 2 Deluxe (Version: 2.2.0.95)
Blackhawk Striker 2 (Version: 2.2.0.95)
Bonjour (Version: 3.0.0.2)
Bricks Of Egypt (remove only)
Broadcom 2070 Bluetooth 3.0 (Version: 6.3.0.5600)
BufferChm (Version: 130.0.331.000)
Build-a-lot 2 (Version: 2.2.0.95)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2010.0621.2137.36973)
Catalyst Control Center Graphics Previews Vista (Version: 2010.0621.2137.36973)
Catalyst Control Center InstallProxy (Version: 2010.0621.2137.36973)
Catalyst Control Center Localization All (Version: 2010.0621.2137.36973)
ccc-core-static (Version: 2010.0621.2137.36973)
ccc-utility64 (Version: 2010.0621.2137.36973)
CCC Help Chinese Standard (Version: 2010.0621.2136.36973)
CCC Help Chinese Traditional (Version: 2010.0621.2136.36973)
CCC Help Czech (Version: 2010.0621.2136.36973)
CCC Help Danish (Version: 2010.0621.2136.36973)
CCC Help Dutch (Version: 2010.0621.2136.36973)
CCC Help English (Version: 2010.0621.2136.36973)
CCC Help Finnish (Version: 2010.0621.2136.36973)
CCC Help French (Version: 2010.0621.2136.36973)
CCC Help German (Version: 2010.0621.2136.36973)
CCC Help Greek (Version: 2010.0621.2136.36973)
CCC Help Hungarian (Version: 2010.0621.2136.36973)
CCC Help Italian (Version: 2010.0621.2136.36973)
CCC Help Japanese (Version: 2010.0621.2136.36973)
CCC Help Korean (Version: 2010.0621.2136.36973)
CCC Help Norwegian (Version: 2010.0621.2136.36973)
CCC Help Polish (Version: 2010.0621.2136.36973)
CCC Help Portuguese (Version: 2010.0621.2136.36973)
CCC Help Russian (Version: 2010.0621.2136.36973)
CCC Help Spanish (Version: 2010.0621.2136.36973)
CCC Help Swedish (Version: 2010.0621.2136.36973)
CCC Help Thai (Version: 2010.0621.2136.36973)
CCC Help Turkish (Version: 2010.0621.2136.36973)
Chuzzle Deluxe (Version: 2.2.0.95)
CinemaNow Media Manager (Version: 1.9.1.105)
Contents (Version: 1.6.0.286)
Copy (Version: 130.0.428.000)
Corel PaintShop Photo Pro X3 (Version: 1.00.0000)
Corel PaintShop Photo Pro X3 (Version: 1.6.1.116)
Corel VideoStudio Pro X3 (Version: 1.6.0.286)
CyberLink DVD Suite (Version: 7.0.3003)
D3DX10 (Version: 15.4.2368.0902)
Destinations (Version: 130.0.0.0)
DeviceDiscovery (Version: 130.0.465.000)
DeviceIO (Version: 1.6.0.286)
Diner Dash 2 Restaurant Rescue (Version: 2.2.0.95)
DocProc (Version: 13.0.0.0)
Dora's Carnival Adventure (Version: 2.2.0.95)
DVD Menu Pack for HP MediaSmart Video (Version: 4.1.4121)
Energy Star Digital Logo (Version: 1.0.1)
Escape Rosecliff Island (Version: 2.2.0.95)
ESU for Microsoft Windows 7 (Version: 1.0.0)
FATE (Version: 2.2.0.95)
Fax (Version: 130.0.418.000)
ffdshow [rev 2527] [2008-12-19] (Version: 1.0)
Final Drive Nitro (Version: 2.2.0.95)
GPBaseService2 (Version: 130.0.371.000)
Heroes of Hellas 2 - Olympia (Version: 2.2.0.95)
Hewlett-Packard ACLM.NET v1.1.1.0 (Version: 1.00.0000)
HP 3D DriveGuard (Version: 4.0.5.1)
HP Advisor (Version: 3.4.10262.3295)
HP Customer Experience Enhancements (Version: 6.0.1.4)
HP Customer Participation Program 13.0 (Version: 13.0)
HP Documentation (Version: 1.1.2.0)
HP DVB-T TV Tuner 8.0.64.43 (Version: 8.0.64.43)
HP Games (Version: 1.0.1.3)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP MediaSmart CinemaNow 2.0 (Version: 2.0)
HP MediaSmart DVD (Version: 4.1.4229)
HP MediaSmart Movies and TV (Version: 1.0.0.10)
HP MediaSmart Music (Version: 4.1.4215)
HP MediaSmart Photo (Version: 4.1.4211)
HP MediaSmart SmartMenu (Version: 3.1.1.12)
HP MediaSmart Video (Version: 4.1.4214)
HP MediaSmart Webcam (Version: 4.1.3024)
HP MediaSmart/TouchSmart Netflix (Version: 1.0.9.0)
HP Photo Creations (Version: 1.0.0.3611)
HP Photosmart Essential 3.5 (Version: 3.5)
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (Version: 13.0)
HP Power Manager (Version: 1.2.3)
HP Quick Launch (Version: 2.3.6)
HP Setup (Version: 8.1.4186.3400)
HP SimplePass Identity Protection (Version: 5.20.205)
HP Smart Web Printing 4.51 (Version: 4.51)
HP Software Framework (Version: 4.1.6.1)
HP Solution Center 13.0 (Version: 13.0)
HP Support Assistant (Version: 6.0.5.4)
HP Update (Version: 4.000.011.006)
HP Wireless Assistant (Version: 4.0.9.0)
HPPhotoGadget (Version: 130.0.282.000)
HPPhotoSmartDiscLabelContent1 (Version: 2.04.0000)
HPPhotosmartEssential (Version: 2.04.0000)
HPProductAssistant (Version: 130.0.371.000)
HPSSupply (Version: 130.0.371.000)
ICA (Version: 1.6.0.286)
ICA (Version: 1.6.1.116)
IDT Audio (Version: 1.0.6292.0)
Intel PROSet Wireless
Intel® Management Engine Components (Version: 6.0.0.1179)
Intel® PROSet/Wireless WiFi Software (Version: 14.00.1000)
Intel® Rapid Storage Technology (Version: 9.6.2.1001)
IPM_PSP_Pro (Version: 1.00.0000)
IPM_VS_Pro (Version: 13.0)
ISCOM (Version: 1.6.0.286)
ISCOM (Version: 1.6.1.116)
iTunes (Version: 10.4.1.10)
Java Auto Updater (Version: 2.0.5.1)
Java™ 6 Update 20 (64-bit) (Version: 6.0.200)
Java™ 6 Update 26 (Version: 6.0.260)
Jewel Quest 3 (Version: 2.2.0.95)
Jewel Quest Solitaire 2 (Version: 2.2.0.95)
Junk Mail filter update (Version: 15.4.3502.0922)
LabelPrint (Version: 2.5.2907)
LightScribe System Software (Version: 1.18.16.1)
Malwarebytes' Anti-Malware version 1.51.2.1300 (Version: 1.51.2.1300)
MarketResearch (Version: 130.0.374.000)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - English (Version: 14.0.4763.1000)
Microsoft Silverlight (Version: 4.0.60531.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
MobileMe Control Panel (Version: 3.1.6.0)
MotoHelper 2.0.24 Driver 4.7.1 (Version: 2.0.24)
MotoHelper MergeModules (Version: 1.0.0)
Motorola Mobile Drivers Installation 4.7.1 (Version: 4.7.1)
Movie Theme Pack for HP MediaSmart Video (Version: 4.1.4030)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Network64 (Version: 130.0.572.000)
Network64 (Version: 140.0.221.000)
Norton Bootable Recovery Tool Wizard (Version: 4.1.0.15)
Norton Internet Security (Version: 18.6.0.29)
Norton Online Backup (Version: 2.1.17869)
OCR Software by I.R.I.S. 13.0 (Version: 13.0)
Penguins! (Version: 2.2.0.95)
PhotoNow! (Version: 1.1.6904)
Plants vs. Zombies (Version: 2.2.0.95)
Poker Superstars III (Version: 2.2.0.95)
Polar Bowler (Version: 2.2.0.95)
Polar Golfer (Version: 2.2.0.95)
Power2Go (Version: 6.1.4204)
PowerDirector (Version: 8.0.3003)
PSPPContent (Version: 1.00.0000)
PSPPRO_DCRAW (Version: 13.0.0)
PureHD (Version: 1.6.0.286)
PX Profile Update (Version: 1.00.1.)
QuickTime (Version: 7.70.80.34)
Realtek Ethernet Controller Driver For Windows 7 (Version: 7.17.304.2010)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30111)
Recovery Manager (Version: 5.5.3023)
Roxio CinemaNow 2.0 (Version: 1.0.284)
Safari (Version: 5.34.50.0)
Scan (Version: 13.0.0.0)
Setup (Version: 1.6.0.286)
Setup (Version: 1.6.1.116)
Share (Version: 1.6.0.286)
Share64 (Version: 1.6.0.286)
Shop for HP Supplies (Version: 13.0)
Skype Toolbars (Version: 5.0.4137)
Skype™ 5.1 (Version: 5.1.104)
SmartWebPrinting (Version: 130.0.457.000)
SolutionCenter (Version: 130.0.373.000)
Status (Version: 130.0.469.000)
Synaptics Pointing Device Driver (Version: 15.2.4.4)
Times Reader (Version: 2.061)
Toolbox (Version: 130.0.648.000)
TrayApp (Version: 130.0.422.000)
UnloadSupport (Version: 11.0.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update Installer for WildTangent Games App
Validity Sensors DDK (Version: 4.1.139.0)
Verizon V CAST Media Manager
VIO (Version: 1.6.0.286)
Virtual Families (Version: 2.2.0.95)
Virtual Villagers - The Secret City (Version: 2.2.0.95)
VSClassic (Version: 1.6.0.286)
VSPro (Version: 1.6.0.286)
WeatherBug (Version: 7.0.0.7)
WebReg (Version: 130.0.132.017)
Wheel of Fortune 2 (Version: 2.2.0.95)
WildTangent Games App (HP Games) (Version: 4.0.4.15)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Family Safety (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Media Encoder 9 Series
Windows Media Encoder 9 Series (Version: 9.00.2980)
Zuma Deluxe (Version: 2.2.0.95)

========================= Memory info: ===================================

Percentage of memory in use: 30%
Total physical RAM: 8125.86 MB
Available physical RAM: 5610.56 MB
Total Pagefile: 16249.91 MB
Available Pagefile: 13506.77 MB
Total Virtual: 4095.88 MB
Available Virtual: 3981.27 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:443.44 GB) (Free:381.02 GB) NTFS
2 Drive d: (DATA) (Fixed) (Total:465.76 GB) (Free:372.03 GB) NTFS
3 Drive e: (RECOVERY) (Fixed) (Total:22.02 GB) (Free:3.21 GB) NTFS
5 Drive g: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.08 GB) FAT32

========================= Users: ========================================

User accounts for \\ELISEASTILLER

Administrator Elise A Stiller Guest

========================= Minidump Files ==================================

No minidump file found

**** End of log ****

#5 CmptrCnslt

CmptrCnslt
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:46 AM

Posted 14 October 2011 - 10:07 PM

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 7950

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

10/14/2011 10:26:43 PM
mbam-log-2011-10-14 (22-26-43).txt

Scan type: Quick scan
Objects scanned: 178777
Time elapsed: 2 minute(s), 21 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
****************************************************************************

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2011-10-14 23:05:18
Windows 6.1.7601 Service Pack 1
Running: qyot6jy2.exe


---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\e02a8237dd94
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\e02a8237dd94 (not active ControlSet)

---- EOF - GMER 1.0.15 ----
ok all rerun & posted, Thanks!

#6 CmptrCnslt

CmptrCnslt
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:46 AM

Posted 14 October 2011 - 10:15 PM

Nothing appears to have made a difference so far....

#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,323 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:46 AM

Posted 15 October 2011 - 06:12 PM

OK, run FULL MBAM scan if there are other drives.

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
Be sure to download TDSSKiller.exe (v2.6.4.0) from Kaspersky's website and not TDSSKiller.zip which appears to be an older version 2.3.2.2 of the tool.
  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.


I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Under scan settings, check Posted Image and check Remove found threats
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image


NOTE: In some instances if no malware is found there will be no log produced.



Important Note: Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.Please follow these steps to remove older version Java components and update:
  • Download the latest version of Java Runtime Environment (JRE) Version 7 and save it to your desktop.
  • Look for "Java Platform, Standard Edition".
  • Click the "Download JRE" button to the right.
  • Read the License Agreement, and then check the box that says: "Accept License Agreement".
  • From the list, select your OS and Platform (32-bit or 64-bit).
  • If a download for an Offline Installation is available, it is recommended to choose that and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
Go to Posted Image > Control Panel, double-click on Add/Remove Programs or Programs and Features in Vista/Windows 7 and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-7-windows-i586.exe to install the newest version.
  • If using Windows 7 or Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
  • When the Java Setup - Welcome window opens, click the Install > button.
  • If offered to install a Toolbar, just uncheck the box before continuing unless you want it.
  • The McAfee Security Scan Plus tool is installed by default unless you uncheck the McAfee installation box when updating Java.
Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications but it's not necessary.
To disable the JQS service if you don't want to use it:
  • Go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter.
  • Click Ok and reboot your computer.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 CmptrCnslt

CmptrCnslt
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:46 AM

Posted 21 October 2011 - 05:54 PM

Sorry it's taken me so long to post the results. It's been a bear of a work week. Thanks again for your help. I had to go back to a restore point so I downloaded all of the windows updates. They must've had a fix for the disk error message because I'm not getting that message anymore but the computer is still running at a fraction of it's normal speed. I downloaded and reran all of the software you suggested again. I followed all instructions, updated Java, quick start was not checked but only 32 bit was found(?). Here are the results for everything:

MiniToolBox

MiniToolBox by Farbar
Ran by Elise A Stiller (administrator) on 16-10-2011 at 21:28:43
Windows 7 Professional Service Pack 1 (X64)

***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================



========================= IP Configuration: ================================

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set subinterface interface=?;3 subinterface=ethernet_9 mtu=1477
add address name="Wireless Network Connection 3" address=192.168.16.2 mask=255.255.255.0


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : EliseAStiller
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : home

Wireless LAN adapter Wireless Network Connection 3:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
Physical Address. . . . . . . . . : 00-26-C7-F9-E6-BD
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 00-26-C7-F9-E6-BD
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : Intel® WiFi Link 1000 BGN
Physical Address. . . . . . . . . : 00-26-C7-F9-E6-BC
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::f5ab:419d:fe34:e2b7%14(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.3(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Sunday, October 16, 2011 8:41:38 PM
Lease Expires . . . . . . . . . . : Monday, October 17, 2011 8:41:38 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 369108679
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-23-93-39-98-4B-E1-8E-23-3D
DNS Servers . . . . . . . . . . . : 192.168.1.1
68.237.161.12
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Bluetooth Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : E0-2A-82-37-DD-94
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.home:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:3c68:16c0:93f1:1718(Preferred)
Link-local IPv6 Address . . . . . : fe80::3c68:16c0:93f1:1718%18(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 12:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: google.com
Addresses: 74.125.226.241
74.125.226.244
74.125.226.242
74.125.226.243
74.125.226.240


Pinging google.com [74.125.226.209] with 32 bytes of data:
Reply from 74.125.226.209: bytes=32 time=9ms TTL=252
Reply from 74.125.226.209: bytes=32 time=11ms TTL=252

Ping statistics for 74.125.226.209:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 9ms, Maximum = 11ms, Average = 10ms
Server: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: yahoo.com
Addresses: 98.139.180.149
209.191.122.70
67.195.160.76
72.30.2.43
98.137.149.56


Pinging yahoo.com [209.191.122.70] with 32 bytes of data:
Reply from 209.191.122.70: bytes=32 time=65ms TTL=251
Reply from 209.191.122.70: bytes=32 time=66ms TTL=251

Ping statistics for 209.191.122.70:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 65ms, Maximum = 66ms, Average = 65ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
16...00 26 c7 f9 e6 bd ......Microsoft Virtual WiFi Miniport Adapter #2
15...00 26 c7 f9 e6 bd ......Microsoft Virtual WiFi Miniport Adapter
14...00 26 c7 f9 e6 bc ......Intel® WiFi Link 1000 BGN
13...e0 2a 82 37 dd 94 ......Bluetooth Device (Personal Area Network)
1...........................Software Loopback Interface 1
20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
18...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
11...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.3 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.3 281
192.168.1.3 255.255.255.255 On-link 192.168.1.3 281
192.168.1.255 255.255.255.255 On-link 192.168.1.3 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.3 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.3 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
18 58 ::/0 On-link
1 306 ::1/128 On-link
18 58 2001::/32 On-link
18 306 2001:0:4137:9e76:3c68:16c0:93f1:1718/128
On-link
14 281 fe80::/64 On-link
18 306 fe80::/64 On-link
18 306 fe80::3c68:16c0:93f1:1718/128
On-link
14 281 fe80::f5ab:419d:fe34:e2b7/128
On-link
1 306 ff00::/8 On-link
18 306 ff00::/8 On-link
14 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 09 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 10 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 09 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/16/2011 09:23:01 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (10/16/2011 08:52:06 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (10/16/2011 08:03:36 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (10/16/2011 07:12:49 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (10/16/2011 07:12:49 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (10/16/2011 07:12:49 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (10/16/2011 07:12:49 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (10/16/2011 07:12:49 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (10/16/2011 07:12:49 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (10/16/2011 07:12:08 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.


System errors:
=============
Error: (10/16/2011 09:19:48 PM) (Source: Server) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{A8D346B4-99B9-45E6-AA53-3D488DF73B77} because another computer on the network has the same name. The server could not start.

Error: (10/16/2011 08:45:31 PM) (Source: Service Control Manager) (User: )
Description: The HP Wireless Assistant Service service terminated unexpectedly. It has done this 1 time(s).

Error: (10/16/2011 07:55:44 PM) (Source: Service Control Manager) (User: )
Description: The HP Wireless Assistant Service service terminated unexpectedly. It has done this 1 time(s).

Error: (10/16/2011 07:01:54 PM) (Source: Service Control Manager) (User: )
Description: The HP Wireless Assistant Service service terminated unexpectedly. It has done this 1 time(s).

Error: (10/16/2011 07:01:12 PM) (Source: Service Control Manager) (User: )
Description: The HP Health Check Service service failed to start due to the following error:
%%1053

Error: (10/16/2011 07:01:12 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the HP Health Check Service service to connect.

Error: (10/16/2011 06:57:38 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Listener service terminated with service-specific error %%-2147023143.

Error: (10/16/2011 06:57:18 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
BHDrvx64

Error: (10/16/2011 06:57:00 PM) (Source: Service Control Manager) (User: )
Description: The Windows Firewall service terminated with service-specific error %%5.

Error: (10/16/2011 05:54:47 PM) (Source: iaStor) (User: )
Description: The device, \Device\Ide\iaStor0, did not respond within the timeout period.


Microsoft Office Sessions:
=========================
Error: (10/16/2011 09:23:01 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (10/16/2011 08:52:06 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (10/16/2011 08:03:36 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (10/16/2011 07:12:49 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (10/16/2011 07:12:49 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (10/16/2011 07:12:49 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (10/16/2011 07:12:49 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (10/16/2011 07:12:49 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (10/16/2011 07:12:49 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (10/16/2011 07:12:08 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.


=========================== Installed Programs ============================

5600 (Version: 130.0.365.000)
5600_Help (Version: 82.0.242.000)
5600Trb (Version: 82.0.242.000)
64 Bit HP CIO Components Installer (Version: 7.2.8)
Acrobat.com (Version: 1.6.65)
ActiveCheck component for HP Active Support Library (Version: 3.0.0.3)
Adobe AIR (Version: 1.5.3.9130)
Adobe Flash Player 10 ActiveX (Version: 10.3.181.26)
Adobe Reader X (10.1.0) (Version: 10.1.0)
Adobe Shockwave Player 11.5 (Version: 11.5.7.609)
AIO_CDB_ProductContext (Version: 130.0.365.000)
AIO_CDB_Software (Version: 130.0.365.000)
AIO_Scan (Version: 130.0.421.000)
Apple Application Support (Version: 2.0.1)
Apple Mobile Device Support (Version: 3.4.1.2)
Apple Software Update (Version: 2.1.3.127)
ATI Catalyst Install Manager (Version: 3.0.778.0)
Bejeweled 2 Deluxe (Version: 2.2.0.95)
Blackhawk Striker 2 (Version: 2.2.0.95)
Bonjour (Version: 3.0.0.2)
Bricks Of Egypt (remove only)
Broadcom 2070 Bluetooth 3.0 (Version: 6.3.0.5600)
BufferChm (Version: 130.0.331.000)
Build-a-lot 2 (Version: 2.2.0.95)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2010.0621.2137.36973)
Catalyst Control Center Graphics Previews Vista (Version: 2010.0621.2137.36973)
Catalyst Control Center InstallProxy (Version: 2010.0621.2137.36973)
Catalyst Control Center Localization All (Version: 2010.0621.2137.36973)
ccc-core-static (Version: 2010.0621.2137.36973)
ccc-utility64 (Version: 2010.0621.2137.36973)
CCC Help Chinese Standard (Version: 2010.0621.2136.36973)
CCC Help Chinese Traditional (Version: 2010.0621.2136.36973)
CCC Help Czech (Version: 2010.0621.2136.36973)
CCC Help Danish (Version: 2010.0621.2136.36973)
CCC Help Dutch (Version: 2010.0621.2136.36973)
CCC Help English (Version: 2010.0621.2136.36973)
CCC Help Finnish (Version: 2010.0621.2136.36973)
CCC Help French (Version: 2010.0621.2136.36973)
CCC Help German (Version: 2010.0621.2136.36973)
CCC Help Greek (Version: 2010.0621.2136.36973)
CCC Help Hungarian (Version: 2010.0621.2136.36973)
CCC Help Italian (Version: 2010.0621.2136.36973)
CCC Help Japanese (Version: 2010.0621.2136.36973)
CCC Help Korean (Version: 2010.0621.2136.36973)
CCC Help Norwegian (Version: 2010.0621.2136.36973)
CCC Help Polish (Version: 2010.0621.2136.36973)
CCC Help Portuguese (Version: 2010.0621.2136.36973)
CCC Help Russian (Version: 2010.0621.2136.36973)
CCC Help Spanish (Version: 2010.0621.2136.36973)
CCC Help Swedish (Version: 2010.0621.2136.36973)
CCC Help Thai (Version: 2010.0621.2136.36973)
CCC Help Turkish (Version: 2010.0621.2136.36973)
Chuzzle Deluxe (Version: 2.2.0.95)
CinemaNow Media Manager (Version: 1.9.1.105)
Contents (Version: 1.6.0.286)
Copy (Version: 130.0.428.000)
Corel PaintShop Photo Pro X3 (Version: 1.00.0000)
Corel PaintShop Photo Pro X3 (Version: 1.6.1.116)
Corel VideoStudio Pro X3 (Version: 1.6.0.286)
CyberLink DVD Suite (Version: 7.0.3003)
D3DX10 (Version: 15.4.2368.0902)
Destinations (Version: 130.0.0.0)
DeviceDiscovery (Version: 130.0.465.000)
DeviceIO (Version: 1.6.0.286)
Diner Dash 2 Restaurant Rescue (Version: 2.2.0.95)
DocProc (Version: 13.0.0.0)
Dora's Carnival Adventure (Version: 2.2.0.95)
DVD Menu Pack for HP MediaSmart Video (Version: 4.1.4121)
Energy Star Digital Logo (Version: 1.0.1)
Escape Rosecliff Island (Version: 2.2.0.95)
ESU for Microsoft Windows 7 (Version: 1.0.0)
FATE (Version: 2.2.0.95)
Fax (Version: 130.0.418.000)
ffdshow [rev 2527] [2008-12-19] (Version: 1.0)
Final Drive Nitro (Version: 2.2.0.95)
GPBaseService2 (Version: 130.0.371.000)
Heroes of Hellas 2 - Olympia (Version: 2.2.0.95)
HP 3D DriveGuard (Version: 4.0.5.1)
HP Advisor (Version: 3.4.10262.3295)
HP Customer Experience Enhancements (Version: 6.0.1.4)
HP Customer Participation Program 13.0 (Version: 13.0)
HP Documentation (Version: 1.1.2.0)
HP DVB-T TV Tuner 8.0.64.43 (Version: 8.0.64.43)
HP Games (Version: 1.0.1.3)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP MediaSmart CinemaNow 2.0 (Version: 2.0)
HP MediaSmart DVD (Version: 4.1.4229)
HP MediaSmart Movies and TV (Version: 1.0.0.10)
HP MediaSmart Music (Version: 4.1.4215)
HP MediaSmart Photo (Version: 4.1.4211)
HP MediaSmart SmartMenu (Version: 3.1.1.12)
HP MediaSmart Video (Version: 4.1.4214)
HP MediaSmart Webcam (Version: 4.1.3024)
HP MediaSmart/TouchSmart Netflix (Version: 1.0.9.0)
HP Photo Creations (Version: 1.0.0.3611)
HP Photosmart Essential 3.5 (Version: 3.5)
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (Version: 13.0)
HP Power Manager (Version: 1.2.3)
HP Product Detection (Version: 10.7.9.0)
HP Quick Launch (Version: 2.3.6)
HP Setup (Version: 8.1.4186.3400)
HP SimplePass Identity Protection (Version: 5.20.205)
HP Smart Web Printing 4.51 (Version: 4.51)
HP Software Framework (Version: 4.1.8.1)
HP Solution Center 13.0 (Version: 13.0)
HP Support Assistant (Version: 6.0.5.4)
HP Update (Version: 4.000.011.006)
HP Wireless Assistant (Version: 4.0.9.0)
HPAsset component for HP Active Support Library (Version: 3.0.0.3)
HPPhotoGadget (Version: 130.0.282.000)
HPPhotoSmartDiscLabelContent1 (Version: 2.04.0000)
HPPhotosmartEssential (Version: 2.04.0000)
HPProductAssistant (Version: 130.0.371.000)
HPSSupply (Version: 130.0.371.000)
ICA (Version: 1.6.0.286)
ICA (Version: 1.6.1.116)
IDT Audio (Version: 1.0.6292.0)
Intel PROSet Wireless
Intel® Management Engine Components (Version: 6.0.0.1179)
Intel® PROSet/Wireless WiFi Software (Version: 14.00.1000)
Intel® Rapid Storage Technology (Version: 9.6.2.1001)
IPM_PSP_Pro (Version: 1.00.0000)
IPM_VS_Pro (Version: 13.0)
ISCOM (Version: 1.6.0.286)
ISCOM (Version: 1.6.1.116)
iTunes (Version: 10.4.0.80)
Java Auto Updater (Version: 2.1.5.1)
Java™ 7 (Version: 7.0.0)
Jewel Quest 3 (Version: 2.2.0.95)
Jewel Quest Solitaire 2 (Version: 2.2.0.95)
Junk Mail filter update (Version: 15.4.3502.0922)
LabelPrint (Version: 2.5.2907)
LightScribe System Software (Version: 1.18.16.1)
MarketResearch (Version: 130.0.374.000)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - English (Version: 14.0.4763.1000)
Microsoft Silverlight (Version: 4.0.60831.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
MobileMe Control Panel (Version: 3.1.6.0)
MotoHelper 2.0.24 Driver 4.7.1 (Version: 2.0.24)
MotoHelper MergeModules (Version: 1.0.0)
Motorola Mobile Drivers Installation 4.7.1 (Version: 4.7.1)
Movie Theme Pack for HP MediaSmart Video (Version: 4.1.4030)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Network64 (Version: 130.0.572.000)
Network64 (Version: 140.0.221.000)
Norton Internet Security (Version: 18.6.0.29)
Norton Online Backup (Version: 2.1.17869)
OCR Software by I.R.I.S. 13.0 (Version: 13.0)
Penguins! (Version: 2.2.0.95)
PhotoNow! (Version: 1.1.6904)
Plants vs. Zombies (Version: 2.2.0.95)
Poker Superstars III (Version: 2.2.0.95)
Polar Bowler (Version: 2.2.0.95)
Polar Golfer (Version: 2.2.0.95)
Power2Go (Version: 6.1.4204)
PowerDirector (Version: 8.0.3003)
PSPPContent (Version: 1.00.0000)
PSPPRO_DCRAW (Version: 13.0.0)
PureHD (Version: 1.6.0.286)
PX Profile Update (Version: 1.00.1.)
QuickTime (Version: 7.70.80.34)
Realtek Ethernet Controller Driver For Windows 7 (Version: 7.17.304.2010)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30111)
Recovery Manager (Version: 5.5.3023)
Roxio CinemaNow 2.0 (Version: 1.0.284)
Safari (Version: 5.34.50.0)
Scan (Version: 13.0.0.0)
Setup (Version: 1.6.0.286)
Setup (Version: 1.6.1.116)
Share (Version: 1.6.0.286)
Share64 (Version: 1.6.0.286)
Shop for HP Supplies (Version: 13.0)
Skype Toolbars (Version: 5.0.4137)
Skype™ 5.1 (Version: 5.1.104)
SmartWebPrinting (Version: 130.0.457.000)
SolutionCenter (Version: 130.0.373.000)
Status (Version: 130.0.469.000)
Synaptics Pointing Device Driver (Version: 15.2.4.4)
Times Reader (Version: 2.061)
Toolbox (Version: 130.0.648.000)
TrayApp (Version: 130.0.422.000)
UnloadSupport (Version: 11.0.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update Installer for WildTangent Games App
Validity Sensors DDK (Version: 4.1.139.0)
Verizon V CAST Media Manager
VIO (Version: 1.6.0.286)
Virtual Families (Version: 2.2.0.95)
Virtual Villagers - The Secret City (Version: 2.2.0.95)
VSClassic (Version: 1.6.0.286)
VSPro (Version: 1.6.0.286)
WeatherBug (Version: 7.0.0.7)
WebReg (Version: 130.0.132.017)
Wheel of Fortune 2 (Version: 2.2.0.95)
WildTangent Games App (HP Games) (Version: 4.0.4.15)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Family Safety (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Media Encoder 9 Series
Windows Media Encoder 9 Series (Version: 9.00.2980)
Zuma Deluxe (Version: 2.2.0.95)

========================= Memory info: ===================================

Percentage of memory in use: 25%
Total physical RAM: 8125.86 MB
Available physical RAM: 6013.26 MB
Total Pagefile: 16249.91 MB
Available Pagefile: 13927.34 MB
Total Virtual: 4095.88 MB
Available Virtual: 3980.49 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:443.44 GB) (Free:380.74 GB) NTFS
2 Drive d: (DATA) (Fixed) (Total:465.76 GB) (Free:372.03 GB) NTFS
3 Drive e: (RECOVERY) (Fixed) (Total:22.02 GB) (Free:3.21 GB) NTFS
5 Drive g: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.08 GB) FAT32

========================= Users: ========================================

User accounts for \\ELISEASTILLER

Administrator Elise A Stiller Guest

========================= Minidump Files ==================================

No minidump file found

**** End of log ****
*****************************************************************************************************************
mbam
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 7962

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

10/16/2011 10:39:51 PM
mbam-log-2011-10-16 (22-39-51).txt

Scan type: Full scan (C:\|D:\|E:\|G:\|Q:\|)
Objects scanned: 384118
Time elapsed: 1 hour(s), 2 minute(s), 6 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
*********************************************************************************************************
I thought I read that gmer was for 32 bit OS. Is that why it only lets me check off: Services/Registry/Files/ADS?
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2011-10-16 23:17:23
Windows 6.1.7601 Service Pack 1
Running: kkx0jh3x.exe


---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\e02a8237dd94
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\e02a8237dd94 (not active ControlSet)

---- EOF - GMER 1.0.15 ----
**************************************************************************************************************
tdsskiller 0 found
23:21:52.0640 6004 TDSS rootkit removing tool 2.6.9.0 Oct 14 2011 11:33:24
23:21:53.0519 6004 ============================================================
23:21:53.0519 6004 Current date / time: 2011/10/16 23:21:53.0519
23:21:53.0519 6004 SystemInfo:
23:21:53.0519 6004
23:21:53.0519 6004 OS Version: 6.1.7601 ServicePack: 1.0
23:21:53.0519 6004 Product type: Workstation
23:21:53.0520 6004 ComputerName: ELISEASTILLER
23:21:53.0520 6004 UserName: Elise A Stiller
23:21:53.0520 6004 Windows directory: C:\Windows
23:21:53.0520 6004 System windows directory: C:\Windows
23:21:53.0520 6004 Running under WOW64
23:21:53.0520 6004 Processor architecture: Intel x64
23:21:53.0520 6004 Number of processors: 8
23:21:53.0520 6004 Page size: 0x1000
23:21:53.0520 6004 Boot type: Normal boot
23:21:53.0520 6004 ============================================================
23:21:55.0213 6004 Initialize success
23:23:30.0038 2180 ============================================================
23:23:30.0039 2180 Scan started
23:23:30.0039 2180 Mode: Manual; SigCheck; TDLFS;
23:23:30.0039 2180 ============================================================
23:23:54.0730 2180 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
23:24:05.0777 2180 1394ohci - ok
23:24:12.0881 2180 Accelerometer (5c368f4b04ed2a923e6afca2d37baff5) C:\Windows\system32\DRIVERS\Accelerometer.sys
23:24:13.0085 2180 Accelerometer - ok
23:24:13.0215 2180 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
23:24:13.0255 2180 ACPI - ok
23:24:13.0295 2180 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
23:24:13.0385 2180 AcpiPmi - ok
23:24:13.0535 2180 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
23:24:13.0565 2180 adp94xx - ok
23:24:13.0615 2180 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
23:24:13.0625 2180 adpahci - ok
23:24:13.0655 2180 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
23:24:13.0665 2180 adpu320 - ok
23:24:13.0755 2180 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
23:24:13.0825 2180 AFD - ok
23:24:13.0885 2180 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
23:24:13.0895 2180 agp440 - ok
23:24:13.0995 2180 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
23:24:14.0025 2180 aliide - ok
23:24:14.0055 2180 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
23:24:14.0075 2180 amdide - ok
23:24:14.0125 2180 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
23:24:14.0235 2180 AmdK8 - ok
23:24:14.0495 2180 amdkmdag (8155ea1864d1fa8b168c46c41ed97a76) C:\Windows\system32\DRIVERS\atikmdag.sys
23:24:14.0625 2180 amdkmdag - ok
23:24:14.0725 2180 amdkmdap (4841c7af2bac05ae23955d65b4336446) C:\Windows\system32\DRIVERS\atikmpag.sys
23:24:14.0785 2180 amdkmdap - ok
23:24:14.0835 2180 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
23:24:14.0875 2180 AmdPPM - ok
23:24:14.0915 2180 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
23:24:14.0935 2180 amdsata - ok
23:24:15.0024 2180 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
23:24:15.0054 2180 amdsbs - ok
23:24:15.0078 2180 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
23:24:15.0087 2180 amdxata - ok
23:24:15.0133 2180 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
23:24:15.0284 2180 AppID - ok
23:24:15.0398 2180 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
23:24:15.0424 2180 arc - ok
23:24:15.0461 2180 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
23:24:15.0482 2180 arcsas - ok
23:24:15.0518 2180 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
23:24:15.0673 2180 AsyncMac - ok
23:24:15.0782 2180 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
23:24:15.0805 2180 atapi - ok
23:24:15.0884 2180 AtiHdmiService (2d648572ba9a610952fcafba1e119c2d) C:\Windows\system32\drivers\AtiHdmi.sys
23:24:15.0907 2180 AtiHdmiService - ok
23:24:16.0034 2180 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
23:24:16.0122 2180 b06bdrv - ok
23:24:16.0181 2180 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
23:24:16.0237 2180 b57nd60a - ok
23:24:16.0331 2180 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
23:24:16.0391 2180 Beep - ok
23:24:16.0604 2180 BHDrvx64 (9e064b36ac74fb81ad04e0074c17b6be) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\BASHDefs\20110929.001\BHDrvx64.sys
23:24:16.0637 2180 BHDrvx64 - ok
23:24:16.0724 2180 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
23:24:16.0769 2180 blbdrive - ok
23:24:16.0857 2180 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
23:24:16.0939 2180 bowser - ok
23:24:17.0025 2180 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
23:24:17.0105 2180 BrFiltLo - ok
23:24:17.0140 2180 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
23:24:17.0169 2180 BrFiltUp - ok
23:24:17.0222 2180 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
23:24:17.0309 2180 Brserid - ok
23:24:17.0382 2180 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
23:24:17.0438 2180 BrSerWdm - ok
23:24:17.0483 2180 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
23:24:17.0534 2180 BrUsbMdm - ok
23:24:17.0569 2180 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
23:24:17.0614 2180 BrUsbSer - ok
23:24:17.0719 2180 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
23:24:17.0791 2180 BthEnum - ok
23:24:17.0832 2180 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
23:24:17.0884 2180 BTHMODEM - ok
23:24:17.0921 2180 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
23:24:17.0974 2180 BthPan - ok
23:24:18.0085 2180 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
23:24:18.0166 2180 BTHPORT - ok
23:24:18.0215 2180 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
23:24:18.0260 2180 BTHUSB - ok
23:24:18.0348 2180 btwampfl (59e3510784548c6939c1b3b985c232e3) C:\Windows\system32\drivers\btwampfl.sys
23:24:18.0379 2180 btwampfl - ok
23:24:18.0403 2180 btwaudio (1872074ed0a3fb22e3f1e3197b984bfa) C:\Windows\system32\drivers\btwaudio.sys
23:24:18.0417 2180 btwaudio - ok
23:24:18.0450 2180 btwavdt (691cf076c33ab1c3a5b2fd5450300733) C:\Windows\system32\DRIVERS\btwavdt.sys
23:24:18.0465 2180 btwavdt - ok
23:24:18.0503 2180 btwl2cap (07096d2bc22ccb6cea5a532df0be8a75) C:\Windows\system32\DRIVERS\btwl2cap.sys
23:24:18.0516 2180 btwl2cap - ok
23:24:18.0536 2180 btwrchid (c9273b20dec8ce38dbce5d29de63c907) C:\Windows\system32\DRIVERS\btwrchid.sys
23:24:18.0548 2180 btwrchid - ok
23:24:18.0641 2180 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
23:24:18.0719 2180 cdfs - ok
23:24:18.0795 2180 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
23:24:18.0849 2180 cdrom - ok
23:24:18.0957 2180 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
23:24:18.0989 2180 circlass - ok
23:24:19.0026 2180 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
23:24:19.0052 2180 CLFS - ok
23:24:19.0124 2180 clwvd (9573e8c7c3b3d1625fd941841fd0859c) C:\Windows\system32\DRIVERS\clwvd.sys
23:24:19.0138 2180 clwvd - ok
23:24:19.0262 2180 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
23:24:19.0311 2180 CmBatt - ok
23:24:19.0354 2180 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
23:24:19.0378 2180 cmdide - ok
23:24:19.0441 2180 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
23:24:19.0491 2180 CNG - ok
23:24:19.0572 2180 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
23:24:19.0593 2180 Compbatt - ok
23:24:19.0657 2180 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
23:24:19.0708 2180 CompositeBus - ok
23:24:19.0798 2180 CpqDfw - ok
23:24:19.0838 2180 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
23:24:19.0862 2180 crcdisk - ok
23:24:19.0930 2180 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
23:24:20.0016 2180 CSC - ok
23:24:20.0139 2180 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
23:24:20.0208 2180 DfsC - ok
23:24:20.0247 2180 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
23:24:20.0338 2180 discache - ok
23:24:20.0406 2180 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
23:24:20.0431 2180 Disk - ok
23:24:20.0547 2180 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
23:24:20.0599 2180 Dot4 - ok
23:24:20.0665 2180 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\drivers\Dot4Prt.sys
23:24:20.0720 2180 Dot4Print - ok
23:24:20.0748 2180 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
23:24:20.0795 2180 dot4usb - ok
23:24:20.0921 2180 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
23:24:20.0974 2180 drmkaud - ok
23:24:21.0046 2180 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
23:24:21.0078 2180 DXGKrnl - ok
23:24:21.0153 2180 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
23:24:21.0219 2180 ebdrv - ok
23:24:21.0346 2180 eeCtrl (5e3a50930447f464c66032e05a4632f5) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
23:24:21.0373 2180 eeCtrl - ok
23:24:21.0505 2180 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
23:24:21.0542 2180 elxstor - ok
23:24:21.0622 2180 EraserUtilRebootDrv (dcb76ecc6b50a266fdc16e1963ab98ce) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
23:24:21.0643 2180 EraserUtilRebootDrv - ok
23:24:21.0682 2180 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
23:24:21.0729 2180 ErrDev - ok
23:24:21.0850 2180 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
23:24:21.0913 2180 exfat - ok
23:24:21.0933 2180 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
23:24:21.0989 2180 fastfat - ok
23:24:22.0028 2180 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
23:24:22.0076 2180 fdc - ok
23:24:22.0185 2180 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
23:24:22.0208 2180 FileInfo - ok
23:24:22.0218 2180 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
23:24:22.0295 2180 Filetrace - ok
23:24:22.0343 2180 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
23:24:22.0368 2180 flpydisk - ok
23:24:22.0412 2180 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
23:24:22.0432 2180 FltMgr - ok
23:24:22.0525 2180 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
23:24:22.0550 2180 FsDepends - ok
23:24:22.0605 2180 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
23:24:22.0626 2180 fssfltr - ok
23:24:22.0669 2180 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
23:24:22.0692 2180 Fs_Rec - ok
23:24:22.0736 2180 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
23:24:22.0767 2180 fvevol - ok
23:24:22.0848 2180 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
23:24:22.0873 2180 gagp30kx - ok
23:24:22.0940 2180 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
23:24:22.0957 2180 GEARAspiWDM - ok
23:24:23.0002 2180 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
23:24:23.0064 2180 hcw85cir - ok
23:24:23.0176 2180 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
23:24:23.0237 2180 HdAudAddService - ok
23:24:23.0294 2180 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
23:24:23.0349 2180 HDAudBus - ok
23:24:23.0445 2180 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
23:24:23.0467 2180 HECIx64 - ok
23:24:23.0506 2180 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
23:24:23.0550 2180 HidBatt - ok
23:24:23.0597 2180 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
23:24:23.0661 2180 HidBth - ok
23:24:23.0746 2180 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
23:24:23.0779 2180 HidIr - ok
23:24:23.0842 2180 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
23:24:23.0887 2180 HidUsb - ok
23:24:24.0015 2180 hpdskflt (4e0bec0f78096ffd6d3314b497fc49d3) C:\Windows\system32\DRIVERS\hpdskflt.sys
23:24:24.0035 2180 hpdskflt - ok
23:24:24.0110 2180 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
23:24:24.0136 2180 HpSAMD - ok
23:24:24.0274 2180 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
23:24:24.0340 2180 HTTP - ok
23:24:24.0377 2180 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
23:24:24.0389 2180 hwpolicy - ok
23:24:24.0443 2180 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
23:24:24.0469 2180 i8042prt - ok
23:24:24.0559 2180 iaStor (1384872112e8e7fd5786eceb8bddf4c9) C:\Windows\system32\DRIVERS\iaStor.sys
23:24:24.0592 2180 iaStor - ok
23:24:24.0637 2180 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
23:24:24.0660 2180 iaStorV - ok
23:24:24.0891 2180 IDSVia64 (0b97f1a640ad3d159a7b5d2164c42e50) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\IPSDefs\20111014.031_1fb\IDSvia64.sys
23:24:24.0927 2180 IDSVia64 - ok
23:24:25.0115 2180 igfx (a87261ef1546325b559374f5689cf5bc) C:\Windows\system32\DRIVERS\igdkmd64.sys
23:24:25.0218 2180 igfx - ok
23:24:25.0327 2180 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
23:24:25.0344 2180 iirsp - ok
23:24:25.0391 2180 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
23:24:25.0411 2180 intelide - ok
23:24:25.0451 2180 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
23:24:25.0504 2180 intelppm - ok
23:24:25.0615 2180 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:24:25.0692 2180 IpFilterDriver - ok
23:24:25.0745 2180 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
23:24:25.0774 2180 IPMIDRV - ok
23:24:25.0822 2180 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
23:24:25.0897 2180 IPNAT - ok
23:24:25.0999 2180 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
23:24:26.0073 2180 IRENUM - ok
23:24:26.0111 2180 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
23:24:26.0133 2180 isapnp - ok
23:24:26.0171 2180 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
23:24:26.0196 2180 iScsiPrt - ok
23:24:26.0231 2180 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
23:24:26.0242 2180 kbdclass - ok
23:24:26.0330 2180 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
23:24:26.0354 2180 kbdhid - ok
23:24:26.0382 2180 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
23:24:26.0394 2180 KSecDD - ok
23:24:26.0435 2180 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
23:24:26.0462 2180 KSecPkg - ok
23:24:26.0487 2180 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
23:24:26.0532 2180 ksthunk - ok
23:24:26.0601 2180 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
23:24:26.0675 2180 lltdio - ok
23:24:26.0777 2180 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
23:24:26.0803 2180 LSI_FC - ok
23:24:26.0847 2180 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
23:24:26.0873 2180 LSI_SAS - ok
23:24:26.0900 2180 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
23:24:26.0911 2180 LSI_SAS2 - ok
23:24:26.0939 2180 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
23:24:26.0951 2180 LSI_SCSI - ok
23:24:27.0015 2180 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
23:24:27.0078 2180 luafv - ok
23:24:27.0147 2180 MBAMProtector (23a854450dab5c9b7a42ab9be6f2e4bd) C:\Windows\system32\drivers\mbam.sys
23:24:27.0173 2180 MBAMProtector - ok
23:24:27.0373 2180 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
23:24:27.0401 2180 megasas - ok
23:24:27.0444 2180 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
23:24:27.0474 2180 MegaSR - ok
23:24:27.0509 2180 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
23:24:27.0580 2180 Modem - ok
23:24:27.0674 2180 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
23:24:27.0723 2180 monitor - ok
23:24:27.0792 2180 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
23:24:27.0817 2180 mouclass - ok
23:24:27.0854 2180 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
23:24:27.0903 2180 mouhid - ok
23:24:28.0004 2180 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
23:24:28.0030 2180 mountmgr - ok
23:24:28.0070 2180 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
23:24:28.0098 2180 mpio - ok
23:24:28.0123 2180 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
23:24:28.0171 2180 mpsdrv - ok
23:24:28.0211 2180 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
23:24:28.0298 2180 MRxDAV - ok
23:24:28.0385 2180 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
23:24:28.0453 2180 mrxsmb - ok
23:24:28.0484 2180 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:24:28.0529 2180 mrxsmb10 - ok
23:24:28.0577 2180 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:24:28.0605 2180 mrxsmb20 - ok
23:24:28.0692 2180 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
23:24:28.0716 2180 msahci - ok
23:24:28.0754 2180 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
23:24:28.0781 2180 msdsm - ok
23:24:28.0825 2180 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
23:24:28.0876 2180 Msfs - ok
23:24:28.0908 2180 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
23:24:28.0987 2180 mshidkmdf - ok
23:24:29.0043 2180 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
23:24:29.0063 2180 msisadrv - ok
23:24:29.0123 2180 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
23:24:29.0203 2180 MSKSSRV - ok
23:24:29.0243 2180 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
23:24:29.0313 2180 MSPCLOCK - ok
23:24:29.0363 2180 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
23:24:29.0453 2180 MSPQM - ok
23:24:29.0503 2180 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
23:24:29.0533 2180 MsRPC - ok
23:24:29.0588 2180 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
23:24:29.0612 2180 mssmbios - ok
23:24:29.0656 2180 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
23:24:29.0716 2180 MSTEE - ok
23:24:29.0783 2180 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
23:24:29.0836 2180 MTConfig - ok
23:24:29.0876 2180 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
23:24:29.0900 2180 Mup - ok
23:24:30.0004 2180 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
23:24:30.0064 2180 NativeWifiP - ok
23:24:30.0234 2180 NAVENG (2dbe90210de76be6e1653bb20ec70ec2) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\VirusDefs\20111016.008\ENG64.SYS
23:24:30.0260 2180 NAVENG - ok
23:24:30.0329 2180 NAVEX15 (346da70e203b8e2c850277713de8f71b) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\VirusDefs\20111016.008\EX64.SYS
23:24:30.0375 2180 NAVEX15 - ok
23:24:30.0500 2180 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
23:24:30.0546 2180 NDIS - ok
23:24:30.0578 2180 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
23:24:30.0662 2180 NdisCap - ok
23:24:30.0709 2180 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
23:24:30.0767 2180 NdisTapi - ok
23:24:30.0869 2180 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
23:24:30.0917 2180 Ndisuio - ok
23:24:30.0950 2180 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
23:24:31.0023 2180 NdisWan - ok
23:24:31.0074 2180 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
23:24:31.0145 2180 NDProxy - ok
23:24:31.0245 2180 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
23:24:31.0318 2180 NetBIOS - ok
23:24:31.0378 2180 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
23:24:31.0455 2180 NetBT - ok
23:24:31.0724 2180 NETw5s64 (24f64343f14a119308456e1ca7507b26) C:\Windows\system32\DRIVERS\NETw5s64.sys
23:24:31.0861 2180 NETw5s64 - ok
23:24:32.0046 2180 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys
23:24:32.0139 2180 netw5v64 - ok
23:24:32.0510 2180 NETwNs64 (ac69618de5bcce8747c9ab0aae1003c1) C:\Windows\system32\DRIVERS\NETwNs64.sys
23:24:32.0679 2180 NETwNs64 - ok
23:24:32.0769 2180 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
23:24:32.0789 2180 nfrd960 - ok
23:24:32.0829 2180 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
23:24:32.0899 2180 Npfs - ok
23:24:32.0929 2180 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
23:24:33.0009 2180 nsiproxy - ok
23:24:33.0089 2180 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
23:24:33.0139 2180 Ntfs - ok
23:24:33.0209 2180 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
23:24:33.0279 2180 Null - ok
23:24:33.0339 2180 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
23:24:33.0359 2180 nvraid - ok
23:24:33.0389 2180 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
23:24:33.0399 2180 nvstor - ok
23:24:33.0439 2180 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
23:24:33.0459 2180 nv_agp - ok
23:24:33.0529 2180 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
23:24:33.0579 2180 ohci1394 - ok
23:24:33.0643 2180 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
23:24:33.0663 2180 Parport - ok
23:24:33.0691 2180 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
23:24:33.0702 2180 partmgr - ok
23:24:33.0737 2180 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
23:24:33.0748 2180 pci - ok
23:24:33.0831 2180 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
23:24:33.0850 2180 pciide - ok
23:24:33.0870 2180 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
23:24:33.0892 2180 pcmcia - ok
23:24:33.0917 2180 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
23:24:33.0927 2180 pcw - ok
23:24:33.0972 2180 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
23:24:34.0056 2180 PEAUTH - ok
23:24:34.0216 2180 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
23:24:34.0265 2180 PptpMiniport - ok
23:24:34.0289 2180 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
23:24:34.0342 2180 Processor - ok
23:24:34.0409 2180 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
23:24:34.0483 2180 Psched - ok
23:24:34.0619 2180 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
23:24:34.0667 2180 ql2300 - ok
23:24:34.0687 2180 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
23:24:34.0698 2180 ql40xx - ok
23:24:34.0724 2180 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
23:24:34.0775 2180 QWAVEdrv - ok
23:24:34.0860 2180 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
23:24:34.0930 2180 RasAcd - ok
23:24:34.0982 2180 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
23:24:35.0058 2180 RasAgileVpn - ok
23:24:35.0096 2180 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
23:24:35.0172 2180 Rasl2tp - ok
23:24:35.0257 2180 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
23:24:35.0327 2180 RasPppoe - ok
23:24:35.0392 2180 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
23:24:35.0471 2180 RasSstp - ok
23:24:35.0515 2180 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
23:24:35.0563 2180 rdbss - ok
23:24:35.0660 2180 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
23:24:35.0710 2180 rdpbus - ok
23:24:35.0752 2180 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
23:24:35.0825 2180 RDPCDD - ok
23:24:35.0865 2180 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
23:24:35.0911 2180 RDPDR - ok
23:24:35.0996 2180 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
23:24:36.0074 2180 RDPENCDD - ok
23:24:36.0107 2180 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
23:24:36.0134 2180 RDPREFMP - ok
23:24:36.0163 2180 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
23:24:36.0192 2180 RDPWD - ok
23:24:36.0233 2180 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
23:24:36.0245 2180 rdyboost - ok
23:24:36.0367 2180 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
23:24:36.0425 2180 RFCOMM - ok
23:24:36.0486 2180 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
23:24:36.0548 2180 rspndr - ok
23:24:36.0649 2180 RSUSBSTOR (907c4464381b5ebdfdc60f6c7d0dedfc) C:\Windows\system32\Drivers\RtsUStor.sys
23:24:36.0665 2180 RSUSBSTOR - ok
23:24:36.0714 2180 RTL8167 (7ea8d2eb9bbfd2ab8a3117a1e96d3b3a) C:\Windows\system32\DRIVERS\Rt64win7.sys
23:24:36.0732 2180 RTL8167 - ok
23:24:36.0767 2180 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
23:24:36.0833 2180 s3cap - ok
23:24:36.0859 2180 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
23:24:36.0859 2180 sbp2port - ok
23:24:36.0963 2180 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
23:24:37.0033 2180 scfilter - ok
23:24:37.0075 2180 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
23:24:37.0108 2180 sdbus - ok
23:24:37.0167 2180 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
23:24:37.0249 2180 secdrv - ok
23:24:37.0346 2180 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
23:24:37.0386 2180 Serenum - ok
23:24:37.0430 2180 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
23:24:37.0454 2180 Serial - ok
23:24:37.0505 2180 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
23:24:37.0550 2180 sermouse - ok
23:24:37.0652 2180 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
23:24:37.0728 2180 sffdisk - ok
23:24:37.0753 2180 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
23:24:37.0791 2180 sffp_mmc - ok
23:24:37.0825 2180 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
23:24:37.0877 2180 sffp_sd - ok
23:24:37.0983 2180 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
23:24:38.0027 2180 sfloppy - ok
23:24:38.0099 2180 Sftfs (a40abfdcb75f835fdf3ce0cc64e4250d) C:\Windows\system32\DRIVERS\Sftfslh.sys
23:24:38.0136 2180 Sftfs - ok
23:24:38.0172 2180 Sftplay (411769ed1cb12d2b44217734347bdb7a) C:\Windows\system32\DRIVERS\Sftplaylh.sys
23:24:38.0184 2180 Sftplay - ok
23:24:38.0200 2180 Sftredir (a14d0df34bbb00ea94da16193d0c7957) C:\Windows\system32\DRIVERS\Sftredirlh.sys
23:24:38.0209 2180 Sftredir - ok
23:24:38.0265 2180 Sftvol (393b22addd89979eb1c60898f51c3648) C:\Windows\system32\DRIVERS\Sftvollh.sys
23:24:38.0283 2180 Sftvol - ok
23:24:38.0344 2180 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
23:24:38.0369 2180 SiSRaid2 - ok
23:24:38.0405 2180 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
23:24:38.0431 2180 SiSRaid4 - ok
23:24:38.0483 2180 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
23:24:38.0529 2180 Smb - ok
23:24:38.0606 2180 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
23:24:38.0627 2180 spldr - ok
23:24:38.0729 2180 SRTSP (90ef30c3867bcde4579c01a6d6e75a7a) C:\Windows\System32\Drivers\NISx64\1206000.01D\SRTSP64.SYS
23:24:38.0766 2180 SRTSP - ok
23:24:38.0787 2180 SRTSPX (c513e8a5e7978da49077f5484344ee1b) C:\Windows\system32\drivers\NISx64\1206000.01D\SRTSPX64.SYS
23:24:38.0795 2180 SRTSPX - ok
23:24:38.0828 2180 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
23:24:38.0884 2180 srv - ok
23:24:38.0954 2180 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
23:24:39.0013 2180 srv2 - ok
23:24:39.0072 2180 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
23:24:39.0108 2180 SrvHsfHDA - ok
23:24:39.0162 2180 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
23:24:39.0220 2180 SrvHsfV92 - ok
23:24:39.0305 2180 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
23:24:39.0338 2180 SrvHsfWinac - ok
23:24:39.0379 2180 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
23:24:39.0392 2180 srvnet - ok
23:24:39.0448 2180 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
23:24:39.0471 2180 stexstor - ok
23:24:39.0571 2180 STHDA (da40d9c9ccb9836d6abd1706935a2277) C:\Windows\system32\DRIVERS\stwrt64.sys
23:24:39.0649 2180 STHDA - ok
23:24:39.0718 2180 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
23:24:39.0742 2180 storflt - ok
23:24:39.0832 2180 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
23:24:39.0853 2180 storvsc - ok
23:24:39.0880 2180 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
23:24:39.0898 2180 swenum - ok
23:24:39.0977 2180 SymDS (6160145c7a87fc7672e8e3b886888176) C:\Windows\system32\drivers\NISx64\1206000.01D\SYMDS64.SYS
23:24:40.0017 2180 SymDS - ok
23:24:40.0069 2180 SymEFA (96aeed40d4d3521568b42027687e69e0) C:\Windows\system32\drivers\NISx64\1206000.01D\SYMEFA64.SYS
23:24:40.0114 2180 SymEFA - ok
23:24:40.0199 2180 SymEvent (21a1c2d694c3cf962d31f5e873ab3d6f) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
23:24:40.0222 2180 SymEvent - ok
23:24:40.0286 2180 SymIRON (bd0d711d8cbfcaa19ca123306eaf53a5) C:\Windows\system32\drivers\NISx64\1206000.01D\Ironx64.SYS
23:24:40.0311 2180 SymIRON - ok
23:24:40.0346 2180 SymNetS (a6adb3d83023f8daa0f7b6fda785d83b) C:\Windows\System32\Drivers\NISx64\1206000.01D\SYMNETS.SYS
23:24:40.0377 2180 SymNetS - ok
23:24:40.0520 2180 SynTP (33e6a285daa5134d8ea2247914c86c09) C:\Windows\system32\DRIVERS\SynTP.sys
23:24:40.0569 2180 SynTP - ok
23:24:40.0654 2180 Tcpip (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\drivers\tcpip.sys
23:24:40.0698 2180 Tcpip - ok
23:24:40.0808 2180 TCPIP6 (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\DRIVERS\tcpip.sys
23:24:40.0849 2180 TCPIP6 - ok
23:24:40.0888 2180 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
23:24:40.0934 2180 tcpipreg - ok
23:24:40.0968 2180 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
23:24:41.0020 2180 TDPIPE - ok
23:24:41.0030 2180 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
23:24:41.0072 2180 TDTCP - ok
23:24:41.0121 2180 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
23:24:41.0150 2180 tdx - ok
23:24:41.0258 2180 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
23:24:41.0282 2180 TermDD - ok
23:24:41.0345 2180 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
23:24:41.0411 2180 tssecsrv - ok
23:24:41.0529 2180 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
23:24:41.0601 2180 TsUsbFlt - ok
23:24:41.0661 2180 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
23:24:41.0738 2180 tunnel - ok
23:24:41.0774 2180 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
23:24:41.0784 2180 uagp35 - ok
23:24:41.0887 2180 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
23:24:41.0981 2180 udfs - ok
23:24:42.0041 2180 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
23:24:42.0065 2180 uliagpkx - ok
23:24:42.0123 2180 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
23:24:42.0170 2180 umbus - ok
23:24:42.0263 2180 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
23:24:42.0309 2180 UmPass - ok
23:24:42.0376 2180 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
23:24:42.0451 2180 usbccgp - ok
23:24:42.0552 2180 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
23:24:42.0610 2180 usbcir - ok
23:24:42.0658 2180 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
23:24:42.0708 2180 usbehci - ok
23:24:42.0810 2180 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
23:24:42.0846 2180 usbhub - ok
23:24:42.0877 2180 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
23:24:42.0922 2180 usbohci - ok
23:24:42.0977 2180 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
23:24:43.0028 2180 usbprint - ok
23:24:43.0120 2180 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
23:24:43.0178 2180 usbscan - ok
23:24:43.0232 2180 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:24:43.0288 2180 USBSTOR - ok
23:24:43.0332 2180 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
23:24:43.0379 2180 usbuhci - ok
23:24:43.0505 2180 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
23:24:43.0536 2180 usbvideo - ok
23:24:43.0559 2180 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
23:24:43.0569 2180 vdrvroot - ok
23:24:43.0623 2180 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
23:24:43.0653 2180 vga - ok
23:24:43.0673 2180 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
23:24:43.0727 2180 VgaSave - ok
23:24:43.0821 2180 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
23:24:43.0849 2180 vhdmp - ok
23:24:43.0882 2180 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
23:24:43.0891 2180 viaide - ok
23:24:43.0918 2180 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
23:24:43.0930 2180 vmbus - ok
23:24:43.0956 2180 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
23:24:43.0999 2180 VMBusHID - ok
23:24:44.0105 2180 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
23:24:44.0130 2180 volmgr - ok
23:24:44.0163 2180 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
23:24:44.0193 2180 volmgrx - ok
23:24:44.0243 2180 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
23:24:44.0257 2180 volsnap - ok
23:24:44.0299 2180 vpcbus (b4a73ca4ef9a02b9738cea9ad5fe5917) C:\Windows\system32\DRIVERS\vpchbus.sys
23:24:44.0311 2180 vpcbus - ok
23:24:44.0401 2180 vpcnfltr (e675fb2b48c54f09895482e2253b289c) C:\Windows\system32\DRIVERS\vpcnfltr.sys
23:24:44.0478 2180 vpcnfltr - ok
23:24:44.0526 2180 vpcusb (5fb42082b0d19a0268705f1dd343df20) C:\Windows\system32\DRIVERS\vpcusb.sys
23:24:44.0571 2180 vpcusb - ok
23:24:44.0638 2180 vpcvmm (207b6539799cc1c112661a9b620dd233) C:\Windows\system32\drivers\vpcvmm.sys
23:24:44.0669 2180 vpcvmm - ok
23:24:44.0768 2180 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
23:24:44.0793 2180 vsmraid - ok
23:24:44.0818 2180 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
23:24:44.0850 2180 vwifibus - ok
23:24:44.0882 2180 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
23:24:44.0940 2180 vwififlt - ok
23:24:44.0986 2180 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
23:24:45.0014 2180 vwifimp - ok
23:24:45.0109 2180 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
23:24:45.0138 2180 WacomPen - ok
23:24:45.0191 2180 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
23:24:45.0256 2180 WANARP - ok
23:24:45.0259 2180 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
23:24:45.0289 2180 Wanarpv6 - ok
23:24:45.0339 2180 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
23:24:45.0362 2180 Wd - ok
23:24:45.0446 2180 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
23:24:45.0479 2180 Wdf01000 - ok
23:24:45.0535 2180 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
23:24:45.0564 2180 WfpLwf - ok
23:24:45.0590 2180 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
23:24:45.0599 2180 WIMMount - ok
23:24:45.0669 2180 WinUSB (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUSB.sys
23:24:45.0720 2180 WinUSB - ok
23:24:45.0800 2180 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
23:24:45.0830 2180 WmiAcpi - ok
23:24:45.0900 2180 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
23:24:45.0973 2180 ws2ifsl - ok
23:24:46.0038 2180 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
23:24:46.0117 2180 WudfPf - ok
23:24:46.0211 2180 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
23:24:46.0259 2180 WUDFRd - ok
23:24:46.0325 2180 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys
23:24:46.0382 2180 yukonw7 - ok
23:24:46.0424 2180 MBR (0x1B8) (d3ea1cd8adf2491c93eafbe7dad8d80e) \Device\Harddisk0\DR0
23:24:54.0298 2180 \Device\Harddisk0\DR0 - ok
23:24:54.0298 2180 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
23:24:55.0320 2180 \Device\Harddisk1\DR1 - ok
23:24:55.0390 2180 Boot (0x1200) (7f466ded530ca83b7476c998d5303921) \Device\Harddisk0\DR0\Partition0
23:24:55.0390 2180 \Device\Harddisk0\DR0\Partition0 - ok
23:24:55.0410 2180 Boot (0x1200) (90fa7911b1c9f1c583d6ab8494841673) \Device\Harddisk0\DR0\Partition1
23:24:55.0410 2180 \Device\Harddisk0\DR0\Partition1 - ok
23:24:55.0430 2180 Boot (0x1200) (19ef6dccf2ba237cc45bea7fb3501457) \Device\Harddisk0\DR0\Partition2
23:24:55.0440 2180 \Device\Harddisk0\DR0\Partition2 - ok
23:24:55.0450 2180 Boot (0x1200) (cf97880699b72099e3c054b83e7110b6) \Device\Harddisk0\DR0\Partition3
23:24:55.0450 2180 \Device\Harddisk0\DR0\Partition3 - ok
23:24:55.0480 2180 Boot (0x1200) (ae5a8d976aa3064cc25bbc6059b2ed13) \Device\Harddisk1\DR1\Partition0
23:24:55.0480 2180 \Device\Harddisk1\DR1\Partition0 - ok
23:24:55.0480 2180 ============================================================
23:24:55.0480 2180 Scan finished
23:24:55.0480 2180 ============================================================
23:24:55.0500 6876 Detected object count: 0
23:24:55.0500 6876 Actual detected object count: 0
*************************************************************************************************************************************
eset online found 0 errors

#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,323 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:46 AM

Posted 21 October 2011 - 08:50 PM

Ok so there does not appear to be a malware at fault,that I can see.
GMER will run in 64 now. I want to run a different one though.

This item concerns me >>Description: The server could not bind to the transport \Device\NetBT
Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
Click the "Scan" button to start scan:
Posted Image

On completion of the scan click "Save log", save it to your desktop and post in your next reply:
Posted Image

NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 CmptrCnslt

CmptrCnslt
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:46 AM

Posted 21 October 2011 - 10:23 PM

aswMBR version 0.9.8.986 Copyright© 2011 AVAST Software
Run date: 2011-10-21 22:41:38
-----------------------------
22:41:38.742 OS Version: Windows x64 6.1.7601 Service Pack 1
22:41:38.742 Number of processors: 8 586 0x1E05
22:41:38.742 ComputerName: ELISEASTILLER UserName:
22:41:40.458 Initialize success
22:43:32.494 AVAST engine defs: 11102101
22:45:51.486 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
22:45:51.486 Disk 0 Vendor: TOSHIBA_ MH00 Size: 476940MB BusType: 3
22:45:51.486 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-2
22:45:51.501 Disk 1 Vendor: TOSHIBA_ MH00 Size: 476940MB BusType: 3
22:45:51.517 Disk 0 MBR read successfully
22:45:51.517 Disk 0 MBR scan
22:45:51.533 Disk 0 unknown MBR code
22:45:51.548 Service scanning
22:45:54.247 Modules scanning
22:45:54.247 Disk 0 trace - called modules:
22:45:54.278 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys iaStor.sys hal.dll
22:45:54.278 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8009bff790]
22:45:54.278 3 CLASSPNP.SYS[fffff88001a0143f] -> nt!IofCallDriver -> [0xfffffa8007cc29e0]
22:45:54.294 5 hpdskflt.sys[fffff88001d89189] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8007b34050]
22:45:55.542 AVAST engine scan C:\Windows
22:45:58.662 AVAST engine scan C:\Windows\system32
22:47:53.183 AVAST engine scan C:\Windows\system32\drivers
22:48:06.833 AVAST engine scan C:\Users\Elise A Stiller
22:51:17.964 AVAST engine scan C:\ProgramData
22:54:26.647 Scan finished successfully
22:55:37.673 Disk 0 MBR has been saved successfully to "C:\Users\Elise A Stiller\Desktop\MBR.dat"
22:55:37.673 The log file has been saved successfully to "C:\Users\Elise A Stiller\Desktop\aswMBR.txt"

There were more options on the program UI: "FixMBR", [x] Trace Disk IO Calls (which was checked) and choices for AV Scan: "Quickscan" (which I left) or "C:\", "[...]", "none".

2 Questions: 1-"Disk 0 unknown MBR code" Is that a normal response or part of the problem?
2-Should I click "FixMBR"?

And thanks for your immediate response from my last post! You guys are amazing!

#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,323 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:46 AM

Posted 22 October 2011 - 08:41 AM

Looks clean. Disk 0 unknown MBR code

If you have an OEM system. where they may have a custom/unique MBR to cater to their use of their recovery partition.

Normally if it were malicious there are other indications in the report, with other 'Unknown' entries in the report.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#12 CmptrCnslt

CmptrCnslt
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:46 AM

Posted 22 October 2011 - 10:14 AM

So, if iit's not malware, what can I do to resolve the problem of my computer slowing to a crawl? It was like lightning until I downloaded that iLivid video player & updated Windows back into August. The response time for each click is literally several seconds. I'm at my wits end.

What was your concern about 'Not being able to bind with NetworkBt'? Also, the FixMBR Button seemed to be lit to click. Is there something that would do to help? I guess the bottom line is where do I go from here to figure out what the problem is so it can be resolved? There is clearly something majorly wrong.

#13 CmptrCnslt

CmptrCnslt
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:46 AM

Posted 22 October 2011 - 09:50 PM

Spoke w/HP & they feel that the file that NPE found Rikvm_ xx is really the rootkit virus that is causing the disk error & eating up memory to slow my computer slowing to a crawl. They want me to reformat the drive & reinstall the OS. What do you think?

#14 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,323 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:46 AM

Posted 22 October 2011 - 10:03 PM

I am inclined to agree. Rootkits, backdoor Trojans, Botnets, and IRC Bots are very dangerous because they compromise system integrity by making changes that allow it to by used by the attacker for malicious purposes. Rootkits are used by Trojans to conceal its presence (hide from view) in order to prevent detection of an attacker's software and make removal more difficult. Many rootkits can hook into the Windows 32-bit kernel, and patch several APIs to hide new registry keys and files they install. They can disable your anti-virus and security tools to prevent detection and removal. Remote attackers use backdoors as a means of accessing and taking control of a computer that bypasses security mechanisms. This type of exploit allows them to steal sensitive information like passwords, personal and financial data which is send back to the hacker. To learn more about these types of infections, you can refer to:

What danger is presented by rootkits?
Rootkits and how to combat them
r00tkit Analysis: What Is A Rootkit

If your computer was used for online banking, has credit card information or other sensitive data on it, you should disconnect from the Internet until your system is cleaned. All passwords should be changed immediately to include those used for banking, email, eBay, paypal and online forums. You should consider them to be compromised and change each password using a clean computer, not the infected one. If not, an attacker may get the new passwords and transaction information. If using a router, you need to reset it with a strong logon/password so the malware cannot gain control before connect again. Banking and credit card institutions should be notified of the possible security breach. Because your computer was compromised please read:

How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?
What Should I Do If I've Become A Victim Of Identity Theft?
Identity Theft Victims Guide - What to do


Although the infection has been identified and may be removed, your PC has likely been compromised and there is no way to be sure the computer can ever be trusted again. It is dangerous and incorrect to assume the computer is secure even if the malware appears to have been removed. In some instances an infection may have caused so much damage to your system that it cannot be completely cleaned or repaired so you can never be sure that you have completely removed a rootkit. The malware may leave so many remnants behind that security tools cannot find them. Tools that claim to be able to remove rootkits cannot guarantee that all traces of it will be removed. Many experts in the security community believe that once infected with this type of malware, the best course of action is to wipe the drive clean, reformat and reinstall the OS. Please read:

When should I re-format? How should I reinstall?
Help: I Got Hacked. Now What Do I Do?
Where to draw the line? When to recommend a format and reinstall?


Should you decide not to follow that advice, we will do our best to help clean the computer of any infections but we cannot guarantee it to be trustworthy or that the removal will be successful. Some infections are difficult to remove completely because of their morphing characteristics which allows the malware to regenerate itself. Sometimes there is another hidden piece of malware which has not been detected by your security tools that protects malicious files and registry keys (which have been detected) so they cannot be permanently deleted. Disinfection will probably require the use of more powerful tools than we recommend in this forum. Before that can be done you will need you to create and post a DDS/HijackThis log for further investigation. Let me know how you wish to proceed.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users