Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Possible Infection


  • Please log in to reply
10 replies to this topic

#1 DrifterMiles

DrifterMiles

  • Members
  • 69 posts
  • OFFLINE
  •  
  • Local time:05:39 PM

Posted 01 January 2012 - 05:42 PM

I had that Win 7 Anti Virus trojan on my comp a week or so ago. I followed all the steps and removed it. However, since then my computer crashes periodically. Now it had done this before, but only happened once in a blue moon. Now it happens at least 2-4 times a day. I'm not sure if there is still a virus or something in my system doing this or perhaps my motherboard just needs to be replaced. I have run Malware and found nothing and have VIPRE anti-virus software and it hasn't found anything beyond tracking cookies.

Any ideas?

BC AdBot (Login to Remove)

 


#2 DrifterMiles

DrifterMiles
  • Topic Starter

  • Members
  • 69 posts
  • OFFLINE
  •  
  • Local time:05:39 PM

Posted 01 January 2012 - 05:43 PM

And by crashing I mean one of two things. It will either just completely freeze up on me or it will crash to the blue screen of death.

#3 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,569 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:39 PM

Posted 01 January 2012 - 08:03 PM

Hello,let's take another look.

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log have a name like: TDSSKiller.Version_Date_Time_log.txt.


Rerun MBAM (MalwareBytes) like this:

Open MBAM in normal mode and click Update tab, select Check for Updates,when done
click Scanner tab,select Quick scan and scan (normal mode).
After scan click Remove Selected, Post new scan log and Reboot into normal mode.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#4 DrifterMiles

DrifterMiles
  • Topic Starter

  • Members
  • 69 posts
  • OFFLINE
  •  
  • Local time:05:39 PM

Posted 01 January 2012 - 09:09 PM

Ok here are my logs...


========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

Hosts file not detected in the default directory
========================= IP Configuration: ================================

Realtek RTL8168C(P)/8111C(P) Family PCI-E Gigabit Ethernet NIC (NDIS 6.20) = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : David-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : hsd1.tn.comcast.net.

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : hsd1.tn.comcast.net.
Description . . . . . . . . . . . : Realtek RTL8168C(P)/8111C(P) Family PCI-E Gigabit Ethernet NIC (NDIS 6.20)
Physical Address. . . . . . . . . : 00-21-85-10-1A-49
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::2daa:9c3d:1df4:742c%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.100(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Sunday, January 01, 2012 4:36:05 PM
Lease Expires . . . . . . . . . . : Monday, January 02, 2012 4:36:05 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 234889605
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-1E-50-E7-00-21-85-10-1A-49
DNS Servers . . . . . . . . . . . : 68.87.68.166
68.87.74.166
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 9:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.hsd1.tn.comcast.net.:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter 6TO4 Adapter:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: cns.s3woodstock.ga.atlanta.comcast.net
Address: 68.87.68.166

Name: google.com
Addresses: 74.125.45.106
74.125.45.147
74.125.45.105
74.125.45.103
74.125.45.104
74.125.45.99


Pinging google.com [74.125.45.106] with 32 bytes of data:
Reply from 74.125.45.106: bytes=32 time=30ms TTL=55
Reply from 74.125.45.106: bytes=32 time=30ms TTL=55

Ping statistics for 74.125.45.106:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 30ms, Maximum = 30ms, Average = 30ms
Server: cns.s3woodstock.ga.atlanta.comcast.net
Address: 68.87.68.166

Name: yahoo.com
Addresses: 98.137.149.56
98.139.180.149
209.191.122.70
72.30.2.43


Pinging yahoo.com [209.191.122.70] with 32 bytes of data:
Reply from 209.191.122.70: bytes=32 time=38ms TTL=52
Reply from 209.191.122.70: bytes=32 time=39ms TTL=52

Ping statistics for 209.191.122.70:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 38ms, Maximum = 39ms, Average = 38ms
Server: cns.s3woodstock.ga.atlanta.comcast.net
Address: 68.87.68.166

DNS request timed out.
timeout was 2 seconds.
Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
11...00 21 85 10 1a 49 ......Realtek RTL8168C(P)/8111C(P) Family PCI-E Gigabit Ethernet NIC (NDIS 6.20)
1...........................Software Loopback Interface 1
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
14...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.100 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.100 276
192.168.1.100 255.255.255.255 On-link 192.168.1.100 276
192.168.1.255 255.255.255.255 On-link 192.168.1.100 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.100 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.100 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
11 276 fe80::/64 On-link
11 276 fe80::2daa:9c3d:1df4:742c/128
On-link
1 306 ff00::/8 On-link
11 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\nwprovau.dll [File Not found] ()
Catalog5 05 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 21 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 22 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 23 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 24 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 25 C:\Windows\SysWOW64\rsvpsp.dll [File Not found] ()
Catalog9 26 C:\Windows\SysWOW64\rsvpsp.dll [File Not found] ()
Catalog9 27 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 28 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 29 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 mswsock.dll [File Not found] ()
x64-Catalog5 02 mswsock.dll [File Not found] ()
x64-Catalog5 03 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [193824] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 04 mswsock.dll [File Not found] ()
x64-Catalog9 05 mswsock.dll [File Not found] ()
x64-Catalog9 06 mswsock.dll [File Not found] ()
x64-Catalog9 07 mswsock.dll [File Not found] ()
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/01/2012 08:09:59 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Multiple requestedPrivileges elements are not allowed in manifest.

Error: (12/31/2011 04:14:07 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Multiple requestedPrivileges elements are not allowed in manifest.

Error: (12/31/2011 03:29:00 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (12/31/2011 03:29:00 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (12/31/2011 03:27:45 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (12/31/2011 03:27:44 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (12/31/2011 03:27:42 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (12/31/2011 03:27:42 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (12/31/2011 03:27:36 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (12/31/2011 03:27:36 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.


System errors:
=============
Error: (01/01/2012 05:38:13 PM) (Source: Service Control Manager) (User: )
Description: The sbwtis service failed to start due to the following error:
%%1753

Error: (01/01/2012 04:37:47 PM) (Source: Service Control Manager) (User: )
Description: The sbwtis service failed to start due to the following error:
%%1753

Error: (01/01/2012 04:37:46 PM) (Source: Service Control Manager) (User: )
Description: The sbwtis service failed to start due to the following error:
%%1753

Error: (01/01/2012 04:37:43 PM) (Source: Service Control Manager) (User: )
Description: The sbwtis service failed to start due to the following error:
%%1753

Error: (01/01/2012 04:36:16 PM) (Source: Microsoft-Windows-DNS-Client) (User: NETWORK SERVICE)
Description: There was an error while attempting to read the local hosts file.

Error: (01/01/2012 04:36:09 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (01/01/2012 04:36:07 PM) (Source: Service Control Manager) (User: )
Description: The Internet Connection Sharing (ICS) service depends the following service: BFE. This service might not be installed.

Error: (01/01/2012 04:36:07 PM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

Error: (01/01/2012 04:36:06 PM) (Source: Service Control Manager) (User: )
Description: The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

Error: (01/01/2012 04:36:06 PM) (Source: Microsoft-Windows-DNS-Client) (User: NETWORK SERVICE)
Description: There was an error while attempting to read the local hosts file.


Microsoft Office Sessions:
=========================
Error: (01/01/2012 08:09:59 AM) (Source: SideBySide)(User: )
Description: C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exeC:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe2

Error: (12/31/2011 04:14:07 AM) (Source: SideBySide)(User: )
Description: C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exeC:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe2

Error: (12/31/2011 03:29:00 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (12/31/2011 03:29:00 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (12/31/2011 03:27:45 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (12/31/2011 03:27:44 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (12/31/2011 03:27:42 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (12/31/2011 03:27:42 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (12/31/2011 03:27:36 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (12/31/2011 03:27:36 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.


=========================== Installed Programs ============================

Adobe Flash Player 10 ActiveX (Version: 10.0.45.2)
Adobe Flash Player 11 Plugin 64-bit (Version: 11.1.102.55)
Adobe Reader 9.3 (Version: 9.3.0)
Age of Conan: Unchained
AIM 7
Apple Application Support (Version: 1.2.1)
Apple Mobile Device Support (Version: 3.0.1.3)
Apple Software Update (Version: 2.1.2.120)
Bandisoft MPEG-1 Decoder
Battlefield 3™ Open Beta (Version: 1.0.0.0)
Battlelog Web Plugins (Version: 0.80.0)
Bonjour (Version: 2.0.1.2)
CDBurnerXP (Version: 4.3.0.2015)
Cockatrice
Counter-Strike: Source
Counter-Strike: Source Beta
CPUID CPU-Z 1.58
DAEMON Tools Lite (Version: 4.41.3.0173)
DAEMON Tools Toolbar (Version: 1.1.7.0190)
Day of Defeat: Source
Diablo II
Diablo III Beta (Version: 0.4.0.7841)
DivX Setup (Version: 1.0.2.23)
Dota 2
Download Updater (AOL LLC)
ESN Sonar (Version: 0.70.0)
EVGA OC Scanner 1.7.3
EVGA Precision 2.0.2 (Version: 2.0.2)
Express Dictate
Express Scribe
Faxion (Version: 1.52.0)
Heroes of Newerth (Version: 1.0.0)
iTunes (Version: 9.1.1.12)
Java Auto Updater (Version: 2.0.5.1)
Java™ 6 Update 26 (Version: 6.0.260)
League of Legends (Version: 1.0020)
League of Legends (Version: 1.3)
Magic Online (Version: 3.00.0000)
Malwarebytes' Anti-Malware version 1.51.2.1300 (Version: 1.51.2.1300)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Office Professional Edition 2003 (Version: 11.0.7969.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Mozilla Firefox 8.0 (x86 en-US) (Version: 8.0)
NVIDIA 3D Vision Controller Driver (Version: 280.19)
NVIDIA 3D Vision Controller Driver 280.19 (Version: 280.19)
NVIDIA 3D Vision Driver 280.26 (Version: 280.26)
NVIDIA Control Panel 280.26 (Version: 280.26)
NVIDIA Graphics Driver 280.26 (Version: 280.26)
NVIDIA HD Audio Driver 1.2.23.3 (Version: 1.2.23.3)
NVIDIA Install Application (Version: 2.1000.25.170)
NVIDIA PhysX (Version: 9.10.0514)
NVIDIA PhysX System Software 9.10.0514 (Version: 9.10.0514)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.12.8026)
NVIDIA Update 1.4.28 (Version: 1.4.28)
NVIDIA Update Components (Version: 1.4.28)
OpenAL
Origin (Version: 8.3.7.3619)
Pando Media Booster (Version: 2.3.5.2)
Portal
PunkBuster Services (Version: 0.991)
QuickTime (Version: 7.66.71.0)
Realtek High Definition Audio Driver (Version: 6.0.1.6363)
RIFT (Version: 0.1.10)
Rosetta Stone Version 3 (Version: 3.4.5.0)
Rosetta Stone Version 3 (Version: 3.4.7.0)
Skype Click to Call (Version: 5.6.8442)
Skype™ 5.5 (Version: 5.5.124)
Star Wars: The Old Republic (Version: 1.00)
StarCraft II (Version: 1.4.1.19776)
StarCraft II Beta (Version: 0.16.0.15449)
Steam (Version: 1.0.0.0)
System Requirements Lab
System Requirements Lab (Version: 4.1.72.0)
System Requirements Lab CYRI (Version: 4.3.1.0)
Team Fortress 2
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
VC80CRTRedist - 8.0.50727.4053 (Version: 1.1.0)
Ventrilo Client (Version: 3.0.7)
VIPRE Internet Security (Version: 5.0.5074)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
World of Warcraft (Version: 4.3.0.15050)

========================= Devices: ================================

Name: sbwtis
Description: sbwtis
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: sbwtis
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


========================= Memory info: ===================================

Percentage of memory in use: 26%
Total physical RAM: 4095.16 MB
Available physical RAM: 3000.39 MB
Total Pagefile: 8188.46 MB
Available Pagefile: 7005.5 MB
Total Virtual: 4095.88 MB
Available Virtual: 3963.44 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:232.69 GB) (Free:33.05 GB) NTFS
4 Drive g: (External Drive) (Fixed) (Total:298.09 GB) (Free:51.38 GB) NTFS

========================= Users: ========================================

User accounts for \\DAVID-PC

Administrator ASPNET David
Guest UpdatusUser

========================= Minidump Files ==================================

No minidump file found

**** End of log ****



TDSKILLER:

19:51:13.0147 2688 Scan started
19:51:13.0147 2688 Mode: Manual;
19:51:13.0147 2688 ============================================================
19:51:14.0157 2688 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
19:51:14.0165 2688 1394ohci - ok
19:51:14.0216 2688 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
19:51:14.0224 2688 ACPI - ok
19:51:14.0264 2688 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
19:51:14.0269 2688 AcpiPmi - ok
19:51:14.0315 2688 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
19:51:14.0329 2688 adp94xx - ok
19:51:14.0375 2688 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
19:51:14.0383 2688 adpahci - ok
19:51:14.0408 2688 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
19:51:14.0414 2688 adpu320 - ok
19:51:14.0481 2688 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys
19:51:14.0487 2688 AFD - ok
19:51:14.0510 2688 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
19:51:14.0513 2688 agp440 - ok
19:51:14.0542 2688 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
19:51:14.0546 2688 aliide - ok
19:51:14.0571 2688 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
19:51:14.0574 2688 amdide - ok
19:51:14.0609 2688 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
19:51:14.0613 2688 AmdK8 - ok
19:51:14.0631 2688 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
19:51:14.0635 2688 AmdPPM - ok
19:51:14.0657 2688 amdsata (7a4b413614c055935567cf88a9734d38) C:\Windows\system32\DRIVERS\amdsata.sys
19:51:14.0661 2688 amdsata - ok
19:51:14.0680 2688 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
19:51:14.0686 2688 amdsbs - ok
19:51:14.0709 2688 amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\Windows\system32\DRIVERS\amdxata.sys
19:51:14.0712 2688 amdxata - ok
19:51:14.0755 2688 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
19:51:14.0759 2688 AppID - ok
19:51:14.0820 2688 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
19:51:14.0824 2688 arc - ok
19:51:14.0852 2688 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
19:51:14.0855 2688 arcsas - ok
19:51:14.0889 2688 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
19:51:14.0893 2688 AsyncMac - ok
19:51:14.0909 2688 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
19:51:14.0912 2688 atapi - ok
19:51:14.0962 2688 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
19:51:14.0980 2688 b06bdrv - ok
19:51:15.0016 2688 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
19:51:15.0023 2688 b57nd60a - ok
19:51:15.0053 2688 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
19:51:15.0055 2688 Beep - ok
19:51:15.0088 2688 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
19:51:15.0091 2688 blbdrive - ok
19:51:15.0165 2688 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
19:51:15.0169 2688 bowser - ok
19:51:15.0197 2688 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:51:15.0201 2688 BrFiltLo - ok
19:51:15.0221 2688 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:51:15.0224 2688 BrFiltUp - ok
19:51:15.0255 2688 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
19:51:15.0262 2688 Brserid - ok
19:51:15.0290 2688 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
19:51:15.0293 2688 BrSerWdm - ok
19:51:15.0313 2688 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
19:51:15.0316 2688 BrUsbMdm - ok
19:51:15.0332 2688 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
19:51:15.0336 2688 BrUsbSer - ok
19:51:15.0371 2688 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
19:51:15.0376 2688 BTHMODEM - ok
19:51:15.0408 2688 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
19:51:15.0412 2688 cdfs - ok
19:51:15.0428 2688 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
19:51:15.0434 2688 cdrom - ok
19:51:15.0463 2688 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
19:51:15.0467 2688 circlass - ok
19:51:15.0522 2688 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
19:51:15.0527 2688 CLFS - ok
19:51:15.0595 2688 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
19:51:15.0598 2688 CmBatt - ok
19:51:15.0614 2688 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
19:51:15.0617 2688 cmdide - ok
19:51:15.0650 2688 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
19:51:15.0669 2688 CNG - ok
19:51:15.0692 2688 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
19:51:15.0695 2688 Compbatt - ok
19:51:15.0724 2688 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
19:51:15.0727 2688 CompositeBus - ok
19:51:15.0772 2688 cpuz135 (262969a3fab32b9e17e63e2d17a57744) C:\Windows\system32\drivers\cpuz135_x64.sys
19:51:15.0778 2688 cpuz135 - ok
19:51:15.0801 2688 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
19:51:15.0804 2688 crcdisk - ok
19:51:15.0882 2688 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
19:51:15.0908 2688 DfsC - ok
19:51:16.0047 2688 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
19:51:16.0052 2688 discache - ok
19:51:16.0081 2688 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
19:51:16.0090 2688 Disk - ok
19:51:16.0182 2688 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
19:51:16.0187 2688 drmkaud - ok
19:51:16.0247 2688 dtsoftbus01 (d3d64cf7b2bceaa34a270f45a3fffb36) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
19:51:16.0263 2688 dtsoftbus01 - ok
19:51:16.0290 2688 dump_wmimmc - ok
19:51:16.0373 2688 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
19:51:16.0384 2688 DXGKrnl - ok
19:51:16.0511 2688 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
19:51:16.0587 2688 ebdrv - ok
19:51:16.0628 2688 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
19:51:16.0639 2688 elxstor - ok
19:51:16.0661 2688 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
19:51:16.0663 2688 ErrDev - ok
19:51:16.0708 2688 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
19:51:16.0713 2688 exfat - ok
19:51:16.0737 2688 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
19:51:16.0743 2688 fastfat - ok
19:51:16.0780 2688 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
19:51:16.0784 2688 fdc - ok
19:51:16.0814 2688 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
19:51:16.0818 2688 FileInfo - ok
19:51:16.0838 2688 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
19:51:16.0841 2688 Filetrace - ok
19:51:16.0882 2688 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
19:51:16.0885 2688 flpydisk - ok
19:51:16.0925 2688 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
19:51:16.0933 2688 FltMgr - ok
19:51:16.0960 2688 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
19:51:16.0964 2688 FsDepends - ok
19:51:16.0982 2688 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
19:51:16.0984 2688 Fs_Rec - ok
19:51:17.0045 2688 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
19:51:17.0049 2688 fvevol - ok
19:51:17.0069 2688 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
19:51:17.0073 2688 gagp30kx - ok
19:51:17.0112 2688 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:51:17.0114 2688 GEARAspiWDM - ok
19:51:17.0132 2688 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
19:51:17.0136 2688 hcw85cir - ok
19:51:17.0193 2688 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
19:51:17.0200 2688 HdAudAddService - ok
19:51:17.0236 2688 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
19:51:17.0239 2688 HDAudBus - ok
19:51:17.0262 2688 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
19:51:17.0266 2688 HidBatt - ok
19:51:17.0279 2688 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
19:51:17.0284 2688 HidBth - ok
19:51:17.0307 2688 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
19:51:17.0311 2688 HidIr - ok
19:51:17.0356 2688 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
19:51:17.0359 2688 HidUsb - ok
19:51:17.0395 2688 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
19:51:17.0401 2688 HpSAMD - ok
19:51:17.0434 2688 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
19:51:17.0441 2688 HTTP - ok
19:51:17.0456 2688 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
19:51:17.0459 2688 hwpolicy - ok
19:51:17.0495 2688 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
19:51:17.0500 2688 i8042prt - ok
19:51:17.0533 2688 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\DRIVERS\iaStorV.sys
19:51:17.0551 2688 iaStorV - ok
19:51:17.0580 2688 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
19:51:17.0584 2688 iirsp - ok
19:51:17.0690 2688 IntcAzAudAddService (26407a11d7e222afb7ce32700abbd9d1) C:\Windows\system32\drivers\RTKVHD64.sys
19:51:17.0709 2688 IntcAzAudAddService - ok
19:51:17.0759 2688 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
19:51:17.0762 2688 intelide - ok
19:51:17.0792 2688 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
19:51:17.0795 2688 intelppm - ok
19:51:17.0827 2688 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:51:17.0831 2688 IpFilterDriver - ok
19:51:17.0850 2688 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
19:51:17.0854 2688 IPMIDRV - ok
19:51:17.0889 2688 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
19:51:17.0893 2688 IPNAT - ok
19:51:17.0940 2688 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
19:51:17.0943 2688 IRENUM - ok
19:51:17.0964 2688 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
19:51:17.0968 2688 isapnp - ok
19:51:17.0989 2688 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
19:51:17.0996 2688 iScsiPrt - ok
19:51:18.0018 2688 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
19:51:18.0021 2688 kbdclass - ok
19:51:18.0052 2688 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
19:51:18.0056 2688 kbdhid - ok
19:51:18.0083 2688 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
19:51:18.0087 2688 KSecDD - ok
19:51:18.0137 2688 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys
19:51:18.0142 2688 KSecPkg - ok
19:51:18.0178 2688 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
19:51:18.0181 2688 ksthunk - ok
19:51:18.0221 2688 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
19:51:18.0225 2688 lltdio - ok
19:51:18.0264 2688 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
19:51:18.0269 2688 LSI_FC - ok
19:51:18.0292 2688 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
19:51:18.0297 2688 LSI_SAS - ok
19:51:18.0316 2688 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:51:18.0320 2688 LSI_SAS2 - ok
19:51:18.0346 2688 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:51:18.0352 2688 LSI_SCSI - ok
19:51:18.0376 2688 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
19:51:18.0381 2688 luafv - ok
19:51:18.0407 2688 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
19:51:18.0410 2688 megasas - ok
19:51:18.0441 2688 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
19:51:18.0448 2688 MegaSR - ok
19:51:18.0473 2688 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
19:51:18.0477 2688 Modem - ok
19:51:18.0505 2688 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
19:51:18.0507 2688 monitor - ok
19:51:18.0530 2688 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
19:51:18.0533 2688 mouclass - ok
19:51:18.0568 2688 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
19:51:18.0571 2688 mouhid - ok
19:51:18.0586 2688 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
19:51:18.0589 2688 mountmgr - ok
19:51:18.0611 2688 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
19:51:18.0618 2688 mpio - ok
19:51:18.0635 2688 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
19:51:18.0639 2688 mpsdrv - ok
19:51:18.0668 2688 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
19:51:18.0673 2688 MRxDAV - ok
19:51:18.0724 2688 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:51:18.0733 2688 mrxsmb - ok
19:51:18.0771 2688 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:51:18.0780 2688 mrxsmb10 - ok
19:51:18.0799 2688 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:51:18.0805 2688 mrxsmb20 - ok
19:51:18.0822 2688 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
19:51:18.0825 2688 msahci - ok
19:51:18.0845 2688 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
19:51:18.0851 2688 msdsm - ok
19:51:18.0885 2688 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
19:51:18.0887 2688 Msfs - ok
19:51:18.0902 2688 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
19:51:18.0905 2688 mshidkmdf - ok
19:51:18.0922 2688 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
19:51:18.0924 2688 msisadrv - ok
19:51:18.0961 2688 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
19:51:18.0964 2688 MSKSSRV - ok
19:51:18.0983 2688 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
19:51:18.0986 2688 MSPCLOCK - ok
19:51:18.0996 2688 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
19:51:19.0000 2688 MSPQM - ok
19:51:19.0024 2688 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
19:51:19.0032 2688 MsRPC - ok
19:51:19.0055 2688 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
19:51:19.0057 2688 mssmbios - ok
19:51:19.0069 2688 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
19:51:19.0073 2688 MSTEE - ok
19:51:19.0091 2688 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
19:51:19.0094 2688 MTConfig - ok
19:51:19.0123 2688 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
19:51:19.0126 2688 Mup - ok
19:51:19.0169 2688 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
19:51:19.0176 2688 NativeWifiP - ok
19:51:19.0217 2688 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
19:51:19.0225 2688 NDIS - ok
19:51:19.0259 2688 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
19:51:19.0262 2688 NdisCap - ok
19:51:19.0288 2688 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
19:51:19.0291 2688 NdisTapi - ok
19:51:19.0318 2688 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
19:51:19.0322 2688 Ndisuio - ok
19:51:19.0343 2688 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
19:51:19.0349 2688 NdisWan - ok
19:51:19.0385 2688 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
19:51:19.0389 2688 NDProxy - ok
19:51:19.0408 2688 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
19:51:19.0412 2688 NetBIOS - ok
19:51:19.0434 2688 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
19:51:19.0438 2688 NetBT - ok
19:51:19.0476 2688 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
19:51:19.0480 2688 nfrd960 - ok
19:51:19.0523 2688 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
19:51:19.0527 2688 Npfs - ok
19:51:19.0563 2688 NPPTNT2 - ok
19:51:19.0601 2688 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
19:51:19.0603 2688 nsiproxy - ok
19:51:19.0671 2688 Ntfs (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys
19:51:19.0719 2688 Ntfs - ok
19:51:19.0740 2688 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
19:51:19.0743 2688 Null - ok
19:51:19.0806 2688 NVHDA (960e39a54e525df58cb29193147dffa1) C:\Windows\system32\drivers\nvhda64v.sys
19:51:19.0810 2688 NVHDA - ok
19:51:20.0077 2688 nvlddmkm (cc1efea1f0ab17e59bd4b5baff3e5cb0) C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:51:20.0391 2688 nvlddmkm - ok
19:51:20.0454 2688 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\DRIVERS\nvraid.sys
19:51:20.0459 2688 nvraid - ok
19:51:20.0480 2688 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\DRIVERS\nvstor.sys
19:51:20.0486 2688 nvstor - ok
19:51:20.0543 2688 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
19:51:20.0548 2688 nv_agp - ok
19:51:20.0570 2688 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
19:51:20.0575 2688 ohci1394 - ok
19:51:20.0622 2688 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
19:51:20.0626 2688 Parport - ok
19:51:20.0640 2688 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
19:51:20.0644 2688 partmgr - ok
19:51:20.0675 2688 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
19:51:20.0683 2688 pci - ok
19:51:20.0702 2688 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
19:51:20.0704 2688 pciide - ok
19:51:20.0726 2688 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
19:51:20.0733 2688 pcmcia - ok
19:51:20.0756 2688 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
19:51:20.0759 2688 pcw - ok
19:51:20.0787 2688 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
19:51:20.0808 2688 PEAUTH - ok
19:51:20.0925 2688 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
19:51:20.0930 2688 PptpMiniport - ok
19:51:20.0957 2688 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
19:51:20.0960 2688 Processor - ok
19:51:21.0008 2688 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
19:51:21.0011 2688 Psched - ok
19:51:21.0133 2688 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
19:51:21.0322 2688 ql2300 - ok
19:51:21.0357 2688 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
19:51:21.0362 2688 ql40xx - ok
19:51:21.0382 2688 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
19:51:21.0385 2688 QWAVEdrv - ok
19:51:21.0412 2688 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
19:51:21.0416 2688 RasAcd - ok
19:51:21.0476 2688 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
19:51:21.0481 2688 RasAgileVpn - ok
19:51:21.0503 2688 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:51:21.0509 2688 Rasl2tp - ok
19:51:21.0526 2688 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
19:51:21.0532 2688 RasPppoe - ok
19:51:21.0553 2688 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
19:51:21.0557 2688 RasSstp - ok
19:51:21.0581 2688 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
19:51:21.0588 2688 rdbss - ok
19:51:21.0618 2688 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
19:51:21.0621 2688 rdpbus - ok
19:51:21.0642 2688 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:51:21.0645 2688 RDPCDD - ok
19:51:21.0663 2688 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
19:51:21.0667 2688 RDPENCDD - ok
19:51:21.0682 2688 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
19:51:21.0685 2688 RDPREFMP - ok
19:51:21.0706 2688 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
19:51:21.0712 2688 RDPWD - ok
19:51:21.0771 2688 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
19:51:21.0776 2688 rdyboost - ok
19:51:21.0825 2688 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
19:51:21.0829 2688 rspndr - ok
19:51:21.0931 2688 RTCore64 (a61979abf1750503b79f1712889a6751) C:\Program Files (x86)\EVGA Precision\RTCore64.sys
19:51:21.0936 2688 RTCore64 - ok
19:51:22.0002 2688 RTL8167 (baefee35d27a5440d35092ce10267bec) C:\Windows\system32\DRIVERS\Rt64win7.sys
19:51:22.0010 2688 RTL8167 - ok
19:51:22.0102 2688 sbapifs (1a0e1786cbfee4f4f912c69ceb512607) C:\Windows\system32\DRIVERS\sbapifs.sys
19:51:22.0107 2688 sbapifs - ok
19:51:22.0208 2688 SbFw (27cb6de3952a487e582adb4b9bc0802b) C:\Windows\system32\drivers\SbFw.sys
19:51:22.0215 2688 SbFw - ok
19:51:22.0277 2688 SBFWIMCL (513b3bfcd3c465b9820c2d05fa94e630) C:\Windows\system32\DRIVERS\sbfwim.sys
19:51:22.0284 2688 SBFWIMCL - ok
19:51:22.0319 2688 SBFWIMCLMP (513b3bfcd3c465b9820c2d05fa94e630) C:\Windows\system32\DRIVERS\SBFWIM.sys
19:51:22.0323 2688 SBFWIMCLMP - ok
19:51:22.0400 2688 SbHips (813acaaeb60241bcf1ab8041d704ef62) C:\Windows\system32\drivers\sbhips.sys
19:51:22.0406 2688 SbHips - ok
19:51:22.0450 2688 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
19:51:22.0457 2688 sbp2port - ok
19:51:22.0549 2688 SBRE (9aceb2a2362fc87a3825963e61ba9076) C:\Windows\system32\drivers\SBREdrv.sys
19:51:22.0553 2688 SBRE - ok
19:51:22.0589 2688 sbwtis (798ede29facb6f0e5ef49a3e8af3fc36) C:\Windows\system32\DRIVERS\sbwtis.sys
19:51:22.0594 2688 sbwtis - ok
19:51:22.0630 2688 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
19:51:22.0634 2688 scfilter - ok
19:51:22.0655 2688 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
19:51:22.0659 2688 secdrv - ok
19:51:22.0712 2688 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
19:51:22.0715 2688 Serenum - ok
19:51:22.0732 2688 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
19:51:22.0736 2688 Serial - ok
19:51:22.0760 2688 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
19:51:22.0763 2688 sermouse - ok
19:51:22.0800 2688 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
19:51:22.0803 2688 sffdisk - ok
19:51:22.0826 2688 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
19:51:22.0830 2688 sffp_mmc - ok
19:51:22.0848 2688 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys
19:51:22.0851 2688 sffp_sd - ok
19:51:22.0869 2688 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
19:51:22.0872 2688 sfloppy - ok
19:51:22.0910 2688 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:51:22.0914 2688 SiSRaid2 - ok
19:51:22.0934 2688 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
19:51:22.0938 2688 SiSRaid4 - ok
19:51:22.0970 2688 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
19:51:22.0975 2688 Smb - ok
19:51:23.0006 2688 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
19:51:23.0009 2688 spldr - ok
19:51:23.0067 2688 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
19:51:23.0078 2688 srv - ok
19:51:23.0106 2688 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
19:51:23.0116 2688 srv2 - ok
19:51:23.0136 2688 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
19:51:23.0142 2688 srvnet - ok
19:51:23.0179 2688 StarOpen (e57b778208c783d8debab320c16a1b82) C:\Windows\system32\drivers\StarOpen.sys
19:51:23.0182 2688 StarOpen - ok
19:51:23.0254 2688 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
19:51:23.0257 2688 stexstor - ok
19:51:23.0296 2688 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
19:51:23.0299 2688 swenum - ok
19:51:23.0422 2688 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys
19:51:23.0482 2688 Tcpip - ok
19:51:23.0580 2688 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys
19:51:23.0602 2688 TCPIP6 - ok
19:51:23.0656 2688 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
19:51:23.0660 2688 tcpipreg - ok
19:51:23.0702 2688 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
19:51:23.0705 2688 TDPIPE - ok
19:51:23.0749 2688 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
19:51:23.0752 2688 TDTCP - ok
19:51:23.0789 2688 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
19:51:23.0793 2688 tdx - ok
19:51:23.0810 2688 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
19:51:23.0812 2688 TermDD - ok
19:51:23.0852 2688 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:51:23.0855 2688 tssecsrv - ok
19:51:23.0892 2688 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
19:51:23.0897 2688 tunnel - ok
19:51:23.0923 2688 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
19:51:23.0928 2688 uagp35 - ok
19:51:23.0949 2688 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
19:51:23.0956 2688 udfs - ok
19:51:23.0986 2688 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
19:51:23.0990 2688 uliagpkx - ok
19:51:24.0019 2688 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
19:51:24.0022 2688 umbus - ok
19:51:24.0046 2688 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
19:51:24.0049 2688 UmPass - ok
19:51:24.0100 2688 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys
19:51:24.0105 2688 usbaudio - ok
19:51:24.0122 2688 usbccgp (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys
19:51:24.0127 2688 usbccgp - ok
19:51:24.0154 2688 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
19:51:24.0159 2688 usbcir - ok
19:51:24.0183 2688 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\Windows\system32\DRIVERS\usbehci.sys
19:51:24.0187 2688 usbehci - ok
19:51:24.0223 2688 usbhub (4c9042b8df86c1e8e6240c218b99b39b) C:\Windows\system32\DRIVERS\usbhub.sys
19:51:24.0231 2688 usbhub - ok
19:51:24.0252 2688 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
19:51:24.0255 2688 usbohci - ok
19:51:24.0280 2688 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
19:51:24.0283 2688 usbprint - ok
19:51:24.0300 2688 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:51:24.0303 2688 USBSTOR - ok
19:51:24.0321 2688 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
19:51:24.0325 2688 usbuhci - ok
19:51:24.0361 2688 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys
19:51:24.0367 2688 usbvideo - ok
19:51:24.0415 2688 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
19:51:24.0418 2688 vdrvroot - ok
19:51:24.0465 2688 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
19:51:24.0468 2688 vga - ok
19:51:24.0495 2688 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
19:51:24.0498 2688 VgaSave - ok
19:51:24.0522 2688 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
19:51:24.0529 2688 vhdmp - ok
19:51:24.0563 2688 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
19:51:24.0566 2688 viaide - ok
19:51:24.0601 2688 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
19:51:24.0604 2688 volmgr - ok
19:51:24.0645 2688 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
19:51:24.0650 2688 volmgrx - ok
19:51:24.0685 2688 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
19:51:24.0692 2688 volsnap - ok
19:51:24.0732 2688 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
19:51:24.0737 2688 vsmraid - ok
19:51:24.0775 2688 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
19:51:24.0778 2688 vwifibus - ok
19:51:24.0817 2688 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
19:51:24.0821 2688 WacomPen - ok
19:51:24.0858 2688 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
19:51:24.0863 2688 WANARP - ok
19:51:24.0868 2688 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
19:51:24.0871 2688 Wanarpv6 - ok
19:51:24.0908 2688 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
19:51:24.0911 2688 Wd - ok
19:51:24.0944 2688 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
19:51:24.0969 2688 Wdf01000 - ok
19:51:25.0003 2688 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
19:51:25.0005 2688 WfpLwf - ok
19:51:25.0028 2688 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
19:51:25.0031 2688 WIMMount - ok
19:51:25.0086 2688 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
19:51:25.0089 2688 WmiAcpi - ok
19:51:25.0126 2688 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
19:51:25.0129 2688 ws2ifsl - ok
19:51:25.0161 2688 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
19:51:25.0165 2688 WudfPf - ok
19:51:25.0216 2688 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:51:25.0222 2688 WUDFRd - ok
19:51:25.0256 2688 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
19:51:25.0316 2688 \Device\Harddisk0\DR0 - ok
19:51:25.0323 2688 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
19:51:25.0331 2688 \Device\Harddisk1\DR1 - ok
19:51:25.0341 2688 Boot (0x1200) (b89d8aa0a7e1fd83426305d6568425ab) \Device\Harddisk0\DR0\Partition0
19:51:25.0342 2688 \Device\Harddisk0\DR0\Partition0 - ok
19:51:25.0353 2688 Boot (0x1200) (3fae16a654c4f79ad529fc7e650e84ad) \Device\Harddisk0\DR0\Partition1
19:51:25.0354 2688 \Device\Harddisk0\DR0\Partition1 - ok
19:51:25.0358 2688 Boot (0x1200) (e956ef744c76289579da678e0ec69fe8) \Device\Harddisk1\DR1\Partition0
19:51:25.0360 2688 \Device\Harddisk1\DR1\Partition0 - ok
19:51:25.0361 2688 ============================================================
19:51:25.0361 2688 Scan finished
19:51:25.0361 2688 ============================================================
19:51:25.0374 3296 Detected object count: 0
19:51:25.0374 3296 Actual detected object count: 0
19:51:50.0177 3464 Deinitialize success



MALWAREBYTES:


Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 195807
Time elapsed: 8 minute(s), 38 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Users\David\Local Settings\Temporary Internet Files\Content.IE5\3ECWDOYF\blo50fr[1].db (Trojan.FakeMS) -> Quarantined and deleted successfully.

(end)

#5 DrifterMiles

DrifterMiles
  • Topic Starter

  • Members
  • 69 posts
  • OFFLINE
  •  
  • Local time:05:39 PM

Posted 01 January 2012 - 09:12 PM

Sorry if I posted these wrong...they seem kind of long.

Sidenote. This is the first time since I had the virus that Malware actually found something. I did the update as you had told me and it seemed to reinstall itself. The trojan I found was Trojan.FakeMS. Deleted it and computer restarted.

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,569 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:39 PM

Posted 01 January 2012 - 10:07 PM

I think your crashes are software related. This is Win7 ,yes?

We should do another malware scan and be sure.

I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Under scan settings, check Posted Image and check Remove found threats
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image


NOTE: In some instances if no malware is found there will be no log produced.


If you still crash you will have to start a Win7 topic so they can test other items.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 DrifterMiles

DrifterMiles
  • Topic Starter

  • Members
  • 69 posts
  • OFFLINE
  •  
  • Local time:05:39 PM

Posted 02 January 2012 - 05:56 AM

Alright, I'll have to do this when I get back from work today. Thanks again for your help.

#8 DrifterMiles

DrifterMiles
  • Topic Starter

  • Members
  • 69 posts
  • OFFLINE
  •  
  • Local time:05:39 PM

Posted 03 January 2012 - 09:13 AM

Do I not want to delete the quarantined files? Here is the log.

C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Default\celmdlajoohepgejihpodifklgofkedg\contentscript.js Win32/TrojanDownloader.Tracur.F trojan cleaned by deleting - quarantined
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\029B01L3\soft_be_tc[1].htm HTML/Iframe.B.Gen virus deleted - quarantined
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\19c0cee1-6825d5bd a variant of Java/Agent.DW trojan deleted - quarantined
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38\744a8ca6-6b720b1c a variant of Java/TrojanDownloader.OpenStream.NCM trojan deleted - quarantined
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\72dde66b-6d8daf9b Java/Agent.DU trojan deleted - quarantined
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\78a7dab-120eaab2 a variant of Java/Exploit.CVE-2010-4452.B trojan cleaned by deleting - quarantined
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\78a7dab-18f339b8 a variant of Java/Exploit.CVE-2010-4452.B trojan cleaned by deleting - quarantined
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\78a7dab-5e959543 a variant of Java/Exploit.CVE-2010-4452.B trojan cleaned by deleting - quarantined
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\78a7dab-6ce520b5 a variant of Java/Exploit.CVE-2010-4452.B trojan cleaned by deleting - quarantined
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\78a7dab-74d47896 a variant of Java/Exploit.CVE-2010-4452.B trojan cleaned by deleting - quarantined
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\78a7dab-76c974ce a variant of Java/Exploit.CVE-2010-4452.B trojan cleaned by deleting - quarantined
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\43b8adf4-304586e5 a variant of Java/Agent.DT trojan cleaned by deleting - quarantined
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\43b8adf4-339c51be a variant of Java/Agent.DT trojan cleaned by deleting - quarantined
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\43b8adf4-34d4623b a variant of Java/Agent.DT trojan cleaned by deleting - quarantined
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\43b8adf4-4f4b2aa4 a variant of Java/Agent.DT trojan cleaned by deleting - quarantined
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\43b8adf4-5f4a52cd a variant of Java/Agent.DT trojan cleaned by deleting - quarantined
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\43b8adf4-645ed1f6 a variant of Java/Agent.DT trojan cleaned by deleting - quarantined
G:\Program Files\Final Draft 7\Patch.exe a variant of Win32/HackTool.Patcher.A application

#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,569 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:39 PM

Posted 03 January 2012 - 10:59 AM

Hello, the now quarantined files can no longer harm the PC. They are Quarantined first as there was a chance the indected file was b]needed for the smooth operation of the PC. If things run well you may delete if you desire. Are the crashes gone.
The Tracur trojan has stolen your passwords ,please change them.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 DrifterMiles

DrifterMiles
  • Topic Starter

  • Members
  • 69 posts
  • OFFLINE
  •  
  • Local time:05:39 PM

Posted 03 January 2012 - 01:42 PM

Thanks for all your help. Computer just froze on me again, so I'm assuming it's time to get some help for Win 7?

Also I have a question about G:\Program Files\Final Draft 7\Patch.exe a variant of Win32/HackTool.Patcher.A application . This is a software program I use for writing screenplays....any reason why this came up? Did the file itself get infected?

#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,569 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:39 PM

Posted 03 January 2012 - 02:14 PM

Hello, it looks like a software issue. The Win7 people can fix that faster than I.

HackTool:Win32/Patch.A is a generic detection for a series of hacking tools intended to "patch" programs that may be evaluation copies, or unregistered versions with limited features.

The software was not bad per se. That malware exploits a weakness in the application and attaches to it. It is cleaned now. I belive the software is still functional. If not Reinstall it. Or get something else as you will need to scan (weekly??) to be sure it;s not allowing viral access.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users