Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Possible malware issue?


  • Please log in to reply
9 replies to this topic

#1 Samie8183

Samie8183

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:08 PM

Posted 07 July 2012 - 07:07 PM

I was advised to come here and see if I could get help. I have a little cell phone looking ad that pops up in the left hand corner of my browser while online. Sometimes it even re-directs my surfing to go to a site shown in the cellphone. I've downloaded Malwarebyte and it doesn't detect anything. Please help tell me how to get rid of this thing.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:08 PM

Posted 07 July 2012 - 07:08 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)



Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 Samie8183

Samie8183
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:08 PM

Posted 07 July 2012 - 07:19 PM

Here it is....


19:16:45.0935 7596 TDSS rootkit removing tool 2.7.44.0 Jul 2 2012 20:01:08
19:16:46.0646 7596 ============================================================
19:16:46.0646 7596 Current date / time: 2012/07/07 19:16:46.0646
19:16:46.0646 7596 SystemInfo:
19:16:46.0646 7596
19:16:46.0646 7596 OS Version: 6.1.7601 ServicePack: 1.0
19:16:46.0646 7596 Product type: Workstation
19:16:46.0646 7596 ComputerName: SAMIE-HP
19:16:46.0647 7596 UserName: Samie
19:16:46.0647 7596 Windows directory: C:\Windows
19:16:46.0647 7596 System windows directory: C:\Windows
19:16:46.0647 7596 Running under WOW64
19:16:46.0647 7596 Processor architecture: Intel x64
19:16:46.0647 7596 Number of processors: 2
19:16:46.0647 7596 Page size: 0x1000
19:16:46.0647 7596 Boot type: Normal boot
19:16:46.0647 7596 ============================================================
19:16:47.0773 7596 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:16:47.0805 7596 ============================================================
19:16:47.0805 7596 \Device\Harddisk0\DR0:
19:16:47.0805 7596 MBR partitions:
19:16:47.0805 7596 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
19:16:47.0805 7596 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x49038000
19:16:47.0805 7596 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x4906A800, BlocksNum 0x17ED000
19:16:47.0805 7596 ============================================================
19:16:47.0834 7596 C: <-> \Device\Harddisk0\DR0\Partition1
19:16:47.0886 7596 D: <-> \Device\Harddisk0\DR0\Partition2
19:16:47.0886 7596 ============================================================
19:16:47.0886 7596 Initialize success
19:16:47.0886 7596 ============================================================
19:17:45.0556 7852 ============================================================
19:17:45.0556 7852 Scan started
19:17:45.0556 7852 Mode: Manual; TDLFS;
19:17:45.0556 7852 ============================================================
19:17:46.0028 7852 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
19:17:46.0033 7852 1394ohci - ok
19:17:46.0075 7852 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
19:17:46.0079 7852 ACPI - ok
19:17:46.0108 7852 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
19:17:46.0109 7852 AcpiPmi - ok
19:17:46.0167 7852 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
19:17:46.0175 7852 adp94xx - ok
19:17:46.0212 7852 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
19:17:46.0220 7852 adpahci - ok
19:17:46.0245 7852 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
19:17:46.0253 7852 adpu320 - ok
19:17:46.0276 7852 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
19:17:46.0277 7852 AeLookupSvc - ok
19:17:46.0352 7852 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
19:17:46.0357 7852 AFD - ok
19:17:46.0365 7852 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
19:17:46.0367 7852 agp440 - ok
19:17:46.0397 7852 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
19:17:46.0402 7852 ALG - ok
19:17:46.0422 7852 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
19:17:46.0424 7852 aliide - ok
19:17:46.0467 7852 AMD External Events Utility (ca0d6c1390f4b3baf2a0a69d1a7f8332) C:\Windows\system32\atiesrxx.exe
19:17:46.0469 7852 AMD External Events Utility - ok
19:17:46.0539 7852 AMD FUEL Service - ok
19:17:46.0556 7852 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
19:17:46.0557 7852 amdide - ok
19:17:46.0591 7852 amdiox64 (6a2eeb0c4133b20773bb3dd0b7b377b4) C:\Windows\system32\DRIVERS\amdiox64.sys
19:17:46.0592 7852 amdiox64 - ok
19:17:46.0618 7852 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
19:17:46.0620 7852 AmdK8 - ok
19:17:47.0067 7852 amdkmdag (75e4baca583ae02c11e9ac8747e2abe0) C:\Windows\system32\DRIVERS\atikmdag.sys
19:17:47.0134 7852 amdkmdag - ok
19:17:47.0236 7852 amdkmdap (b765cf4b32f347be747b21ae22641025) C:\Windows\system32\DRIVERS\atikmpag.sys
19:17:47.0238 7852 amdkmdap - ok
19:17:47.0269 7852 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
19:17:47.0269 7852 AmdPPM - ok
19:17:47.0303 7852 amdsata (f747497a0ee5498f79b207f215b3d2d8) C:\Windows\system32\DRIVERS\amdsata.sys
19:17:47.0304 7852 amdsata - ok
19:17:47.0332 7852 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
19:17:47.0340 7852 amdsbs - ok
19:17:47.0352 7852 amdxata (2946d695e158615baaa16248e63c7adb) C:\Windows\system32\DRIVERS\amdxata.sys
19:17:47.0353 7852 amdxata - ok
19:17:47.0442 7852 AODDriver4.01 (f312fad7dbd49ed21a194ac71b497832) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
19:17:47.0442 7852 AODDriver4.01 - ok
19:17:47.0473 7852 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
19:17:47.0475 7852 AppID - ok
19:17:47.0503 7852 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
19:17:47.0504 7852 AppIDSvc - ok
19:17:47.0551 7852 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
19:17:47.0552 7852 Appinfo - ok
19:17:47.0663 7852 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:17:47.0665 7852 Apple Mobile Device - ok
19:17:47.0698 7852 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
19:17:47.0704 7852 arc - ok
19:17:47.0714 7852 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
19:17:47.0716 7852 arcsas - ok
19:17:47.0792 7852 aswFsBlk (df59b8e8df0bd2e0e303778a3806a17d) C:\Windows\system32\drivers\aswFsBlk.sys
19:17:47.0793 7852 aswFsBlk - ok
19:17:47.0869 7852 aswMonFlt (f8e6ab4f876feff69250f2e0c29ef004) C:\Windows\system32\drivers\aswMonFlt.sys
19:17:47.0869 7852 aswMonFlt - ok
19:17:47.0905 7852 aswRdr (aa92bc4bcba40ca3aa3ffd1be24f0c09) C:\Windows\System32\Drivers\aswrdr2.sys
19:17:47.0906 7852 aswRdr - ok
19:17:48.0014 7852 aswSnx (f06e230e1e8ca9437a6474b7b551cd37) C:\Windows\system32\drivers\aswSnx.sys
19:17:48.0020 7852 aswSnx - ok
19:17:48.0068 7852 aswSP (3610ca74a69e380424f0452dec5c1317) C:\Windows\system32\drivers\aswSP.sys
19:17:48.0070 7852 aswSP - ok
19:17:48.0080 7852 aswTdi (87de3e31cb0091d22351349869324065) C:\Windows\system32\drivers\aswTdi.sys
19:17:48.0081 7852 aswTdi - ok
19:17:48.0099 7852 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
19:17:48.0100 7852 AsyncMac - ok
19:17:48.0139 7852 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
19:17:48.0140 7852 atapi - ok
19:17:48.0184 7852 AtiPcie (e82e61f46d1336447f4deff8c074f13e) C:\Windows\system32\DRIVERS\AtiPcie64.sys
19:17:48.0184 7852 AtiPcie - ok
19:17:48.0267 7852 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
19:17:48.0279 7852 AudioEndpointBuilder - ok
19:17:48.0285 7852 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
19:17:48.0289 7852 AudioSrv - ok
19:17:48.0440 7852 avast! Antivirus (2f7c0f3e39c45e0127fb78b2f18a41f3) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
19:17:48.0441 7852 avast! Antivirus - ok
19:17:48.0494 7852 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
19:17:48.0506 7852 AxInstSV - ok
19:17:48.0561 7852 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
19:17:48.0571 7852 b06bdrv - ok
19:17:48.0604 7852 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
19:17:48.0623 7852 b57nd60a - ok
19:17:48.0793 7852 BBSvc (a2494901e7226b356b8c1005c45f1c5f) C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe
19:17:48.0795 7852 BBSvc - ok
19:17:48.0844 7852 BBUpdate (63b1cbbae4790b5bac98f01bf9449722) C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe
19:17:48.0846 7852 BBUpdate - ok
19:17:48.0875 7852 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
19:17:48.0878 7852 BDESVC - ok
19:17:48.0906 7852 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
19:17:48.0906 7852 Beep - ok
19:17:48.0999 7852 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
19:17:49.0009 7852 BFE - ok
19:17:49.0091 7852 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
19:17:49.0101 7852 BITS - ok
19:17:49.0162 7852 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
19:17:49.0164 7852 blbdrive - ok
19:17:49.0282 7852 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
19:17:49.0293 7852 Bonjour Service - ok
19:17:49.0329 7852 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
19:17:49.0331 7852 bowser - ok
19:17:49.0342 7852 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:17:49.0343 7852 BrFiltLo - ok
19:17:49.0353 7852 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:17:49.0354 7852 BrFiltUp - ok
19:17:49.0391 7852 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
19:17:49.0401 7852 Browser - ok
19:17:49.0429 7852 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
19:17:49.0439 7852 Brserid - ok
19:17:49.0456 7852 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
19:17:49.0458 7852 BrSerWdm - ok
19:17:49.0467 7852 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
19:17:49.0468 7852 BrUsbMdm - ok
19:17:49.0488 7852 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
19:17:49.0490 7852 BrUsbSer - ok
19:17:49.0506 7852 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
19:17:49.0510 7852 BTHMODEM - ok
19:17:49.0542 7852 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
19:17:49.0546 7852 bthserv - ok
19:17:49.0569 7852 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
19:17:49.0580 7852 cdfs - ok
19:17:49.0631 7852 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
19:17:49.0640 7852 cdrom - ok
19:17:49.0671 7852 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
19:17:49.0675 7852 CertPropSvc - ok
19:17:49.0758 7852 CinemaNow Service (ea3333db9ab03106eec0d6d9d487ed01) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
19:17:49.0761 7852 CinemaNow Service - ok
19:17:49.0788 7852 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
19:17:49.0789 7852 circlass - ok
19:17:49.0828 7852 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
19:17:49.0832 7852 CLFS - ok
19:17:49.0893 7852 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:17:49.0898 7852 clr_optimization_v2.0.50727_32 - ok
19:17:49.0940 7852 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:17:49.0944 7852 clr_optimization_v2.0.50727_64 - ok
19:17:50.0007 7852 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:17:50.0035 7852 clr_optimization_v4.0.30319_32 - ok
19:17:50.0065 7852 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:17:50.0075 7852 clr_optimization_v4.0.30319_64 - ok
19:17:50.0115 7852 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
19:17:50.0116 7852 CmBatt - ok
19:17:50.0142 7852 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
19:17:50.0144 7852 cmdide - ok
19:17:50.0199 7852 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
19:17:50.0203 7852 CNG - ok
19:17:50.0209 7852 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
19:17:50.0210 7852 Compbatt - ok
19:17:50.0248 7852 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
19:17:50.0249 7852 CompositeBus - ok
19:17:50.0264 7852 COMSysApp - ok
19:17:50.0279 7852 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
19:17:50.0280 7852 crcdisk - ok
19:17:50.0331 7852 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
19:17:50.0339 7852 CryptSvc - ok
19:17:50.0519 7852 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
19:17:50.0523 7852 cvhsvc - ok
19:17:50.0582 7852 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
19:17:50.0589 7852 DcomLaunch - ok
19:17:50.0635 7852 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
19:17:50.0652 7852 defragsvc - ok
19:17:50.0726 7852 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
19:17:50.0730 7852 DfsC - ok
19:17:50.0763 7852 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
19:17:50.0784 7852 Dhcp - ok
19:17:50.0809 7852 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
19:17:50.0810 7852 discache - ok
19:17:50.0835 7852 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
19:17:50.0836 7852 Disk - ok
19:17:50.0882 7852 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
19:17:50.0890 7852 Dnscache - ok
19:17:50.0938 7852 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
19:17:50.0950 7852 dot3svc - ok
19:17:50.0987 7852 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
19:17:50.0996 7852 DPS - ok
19:17:51.0013 7852 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
19:17:51.0014 7852 drmkaud - ok
19:17:51.0111 7852 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
19:17:51.0119 7852 DXGKrnl - ok
19:17:51.0150 7852 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
19:17:51.0162 7852 EapHost - ok
19:17:51.0380 7852 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
19:17:51.0412 7852 ebdrv - ok
19:17:51.0508 7852 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
19:17:51.0510 7852 EFS - ok
19:17:51.0599 7852 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
19:17:51.0611 7852 ehRecvr - ok
19:17:51.0635 7852 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
19:17:51.0646 7852 ehSched - ok
19:17:51.0725 7852 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
19:17:51.0731 7852 elxstor - ok
19:17:51.0760 7852 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
19:17:51.0761 7852 ErrDev - ok
19:17:51.0823 7852 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
19:17:51.0828 7852 EventSystem - ok
19:17:51.0860 7852 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
19:17:51.0867 7852 exfat - ok
19:17:51.0889 7852 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
19:17:51.0892 7852 fastfat - ok
19:17:51.0973 7852 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
19:17:51.0984 7852 Fax - ok
19:17:51.0998 7852 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
19:17:51.0999 7852 fdc - ok
19:17:52.0022 7852 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
19:17:52.0024 7852 fdPHost - ok
19:17:52.0035 7852 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
19:17:52.0037 7852 FDResPub - ok
19:17:52.0048 7852 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
19:17:52.0049 7852 FileInfo - ok
19:17:52.0067 7852 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
19:17:52.0068 7852 Filetrace - ok
19:17:52.0072 7852 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
19:17:52.0073 7852 flpydisk - ok
19:17:52.0117 7852 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
19:17:52.0120 7852 FltMgr - ok
19:17:52.0218 7852 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
19:17:52.0237 7852 FontCache - ok
19:17:52.0304 7852 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:17:52.0305 7852 FontCache3.0.0.0 - ok
19:17:52.0342 7852 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
19:17:52.0343 7852 FsDepends - ok
19:17:52.0357 7852 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
19:17:52.0358 7852 Fs_Rec - ok
19:17:52.0416 7852 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
19:17:52.0419 7852 fvevol - ok
19:17:52.0441 7852 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
19:17:52.0443 7852 gagp30kx - ok
19:17:52.0519 7852 GameConsoleService (551d463e4cceb5240234da6718c93a44) C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
19:17:52.0521 7852 GameConsoleService - ok
19:17:52.0558 7852 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:17:52.0559 7852 GEARAspiWDM - ok
19:17:52.0642 7852 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
19:17:52.0658 7852 gpsvc - ok
19:17:52.0754 7852 gupdate (506708142bc63daba64f2d3ad1dcd5bf) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:17:52.0755 7852 gupdate - ok
19:17:52.0760 7852 gupdatem (506708142bc63daba64f2d3ad1dcd5bf) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:17:52.0761 7852 gupdatem - ok
19:17:52.0790 7852 gusvc (c1b577b2169900f4cf7190c39f085794) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
19:17:52.0800 7852 gusvc - ok
19:17:52.0822 7852 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
19:17:52.0824 7852 hcw85cir - ok
19:17:52.0887 7852 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
19:17:52.0896 7852 HdAudAddService - ok
19:17:52.0933 7852 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
19:17:52.0934 7852 HDAudBus - ok
19:17:52.0950 7852 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
19:17:52.0951 7852 HidBatt - ok
19:17:52.0971 7852 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
19:17:52.0974 7852 HidBth - ok
19:17:52.0979 7852 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
19:17:52.0980 7852 HidIr - ok
19:17:53.0001 7852 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
19:17:53.0003 7852 hidserv - ok
19:17:53.0024 7852 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
19:17:53.0025 7852 HidUsb - ok
19:17:53.0058 7852 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
19:17:53.0070 7852 hkmsvc - ok
19:17:53.0112 7852 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
19:17:53.0117 7852 HomeGroupListener - ok
19:17:53.0167 7852 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
19:17:53.0174 7852 HomeGroupProvider - ok
19:17:53.0269 7852 HP Support Assistant Service (13bb1114451c63bfb41ba7daa4d70a29) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
19:17:53.0270 7852 HP Support Assistant Service - ok
19:17:53.0305 7852 HPDrvMntSvc.exe (bcc4a8b2e2e902f52e7f2e7d8e125765) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
19:17:53.0306 7852 HPDrvMntSvc.exe - ok
19:17:53.0382 7852 hpqwmiex (ec9739a46f1f83c6e52a7a4697f44a65) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
19:17:53.0395 7852 hpqwmiex - ok
19:17:53.0463 7852 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
19:17:53.0467 7852 HpSAMD - ok
19:17:53.0539 7852 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
19:17:53.0547 7852 HTTP - ok
19:17:53.0581 7852 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
19:17:53.0581 7852 hwpolicy - ok
19:17:53.0616 7852 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
19:17:53.0620 7852 i8042prt - ok
19:17:53.0668 7852 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
19:17:53.0680 7852 iaStorV - ok
19:17:53.0785 7852 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:17:53.0795 7852 idsvc - ok
19:17:53.0821 7852 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
19:17:53.0823 7852 iirsp - ok
19:17:53.0901 7852 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
19:17:53.0911 7852 IKEEXT - ok
19:17:54.0138 7852 IntcAzAudAddService (2b888bbdf6962e608a5e1a1d7a626adf) C:\Windows\system32\drivers\RTKVHD64.sys
19:17:54.0158 7852 IntcAzAudAddService - ok
19:17:54.0277 7852 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
19:17:54.0278 7852 intelide - ok
19:17:54.0297 7852 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
19:17:54.0299 7852 intelppm - ok
19:17:54.0334 7852 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
19:17:54.0345 7852 IPBusEnum - ok
19:17:54.0376 7852 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:17:54.0380 7852 IpFilterDriver - ok
19:17:54.0436 7852 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
19:17:54.0448 7852 iphlpsvc - ok
19:17:54.0479 7852 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
19:17:54.0483 7852 IPMIDRV - ok
19:17:54.0506 7852 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
19:17:54.0508 7852 IPNAT - ok
19:17:54.0653 7852 iPod Service (ee4c2a137c7088911a8919effc9812e7) C:\Program Files\iPod\bin\iPodService.exe
19:17:54.0673 7852 iPod Service - ok
19:17:54.0697 7852 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
19:17:54.0699 7852 IRENUM - ok
19:17:54.0709 7852 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
19:17:54.0711 7852 isapnp - ok
19:17:54.0745 7852 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
19:17:54.0757 7852 iScsiPrt - ok
19:17:54.0778 7852 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
19:17:54.0779 7852 kbdclass - ok
19:17:54.0815 7852 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
19:17:54.0816 7852 kbdhid - ok
19:17:54.0841 7852 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:17:54.0843 7852 KeyIso - ok
19:17:54.0873 7852 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
19:17:54.0874 7852 KSecDD - ok
19:17:54.0889 7852 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
19:17:54.0891 7852 KSecPkg - ok
19:17:54.0904 7852 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
19:17:54.0905 7852 ksthunk - ok
19:17:54.0953 7852 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
19:17:54.0967 7852 KtmRm - ok
19:17:55.0005 7852 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
19:17:55.0018 7852 LanmanServer - ok
19:17:55.0046 7852 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
19:17:55.0057 7852 LanmanWorkstation - ok
19:17:55.0121 7852 LightScribeService (7550d101bf49fdb1f92666a233ee36c4) c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
19:17:55.0124 7852 LightScribeService - ok
19:17:55.0165 7852 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
19:17:55.0170 7852 lltdio - ok
19:17:55.0216 7852 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
19:17:55.0231 7852 lltdsvc - ok
19:17:55.0250 7852 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
19:17:55.0253 7852 lmhosts - ok
19:17:55.0293 7852 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
19:17:55.0304 7852 LSI_FC - ok
19:17:55.0325 7852 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
19:17:55.0336 7852 LSI_SAS - ok
19:17:55.0353 7852 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:17:55.0358 7852 LSI_SAS2 - ok
19:17:55.0380 7852 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:17:55.0381 7852 LSI_SCSI - ok
19:17:55.0404 7852 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
19:17:55.0415 7852 luafv - ok
19:17:55.0418 7852 LVPr2M64 - ok
19:17:55.0422 7852 LVRS64 - ok
19:17:55.0442 7852 LVUVC64 - ok
19:17:55.0450 7852 lxcz_device - ok
19:17:55.0485 7852 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
19:17:55.0486 7852 MBAMProtector - ok
19:17:55.0584 7852 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
19:17:55.0595 7852 MBAMService - ok
19:17:55.0623 7852 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
19:17:55.0635 7852 Mcx2Svc - ok
19:17:55.0652 7852 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
19:17:55.0654 7852 megasas - ok
19:17:55.0688 7852 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
19:17:55.0699 7852 MegaSR - ok
19:17:55.0743 7852 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
19:17:55.0748 7852 MMCSS - ok
19:17:55.0767 7852 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
19:17:55.0768 7852 Modem - ok
19:17:55.0803 7852 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
19:17:55.0805 7852 monitor - ok
19:17:55.0847 7852 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
19:17:55.0849 7852 mouclass - ok
19:17:55.0871 7852 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
19:17:55.0874 7852 mouhid - ok
19:17:55.0907 7852 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
19:17:55.0908 7852 mountmgr - ok
19:17:55.0982 7852 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:17:55.0992 7852 MozillaMaintenance - ok
19:17:56.0039 7852 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
19:17:56.0046 7852 mpio - ok
19:17:56.0066 7852 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
19:17:56.0069 7852 mpsdrv - ok
19:17:56.0162 7852 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
19:17:56.0174 7852 MpsSvc - ok
19:17:56.0214 7852 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
19:17:56.0223 7852 MRxDAV - ok
19:17:56.0260 7852 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:17:56.0270 7852 mrxsmb - ok
19:17:56.0325 7852 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:17:56.0335 7852 mrxsmb10 - ok
19:17:56.0350 7852 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:17:56.0360 7852 mrxsmb20 - ok
19:17:56.0388 7852 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
19:17:56.0390 7852 msahci - ok
19:17:56.0423 7852 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
19:17:56.0432 7852 msdsm - ok
19:17:56.0470 7852 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
19:17:56.0479 7852 MSDTC - ok
19:17:56.0508 7852 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
19:17:56.0509 7852 Msfs - ok
19:17:56.0538 7852 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
19:17:56.0539 7852 mshidkmdf - ok
19:17:56.0570 7852 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
19:17:56.0571 7852 msisadrv - ok
19:17:56.0604 7852 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
19:17:56.0621 7852 MSiSCSI - ok
19:17:56.0624 7852 msiserver - ok
19:17:56.0630 7852 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
19:17:56.0632 7852 MSKSSRV - ok
19:17:56.0636 7852 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
19:17:56.0637 7852 MSPCLOCK - ok
19:17:56.0641 7852 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
19:17:56.0643 7852 MSPQM - ok
19:17:56.0686 7852 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
19:17:56.0689 7852 MsRPC - ok
19:17:56.0704 7852 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
19:17:56.0704 7852 mssmbios - ok
19:17:56.0708 7852 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
19:17:56.0709 7852 MSTEE - ok
19:17:56.0723 7852 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
19:17:56.0725 7852 MTConfig - ok
19:17:56.0740 7852 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
19:17:56.0741 7852 Mup - ok
19:17:56.0807 7852 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
19:17:56.0828 7852 napagent - ok
19:17:56.0878 7852 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
19:17:56.0892 7852 NativeWifiP - ok
19:17:56.0980 7852 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
19:17:56.0995 7852 NDIS - ok
19:17:57.0012 7852 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
19:17:57.0014 7852 NdisCap - ok
19:17:57.0041 7852 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
19:17:57.0043 7852 NdisTapi - ok
19:17:57.0086 7852 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
19:17:57.0098 7852 Ndisuio - ok
19:17:57.0137 7852 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
19:17:57.0144 7852 NdisWan - ok
19:17:57.0175 7852 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
19:17:57.0180 7852 NDProxy - ok
19:17:57.0197 7852 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
19:17:57.0199 7852 NetBIOS - ok
19:17:57.0241 7852 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
19:17:57.0245 7852 NetBT - ok
19:17:57.0274 7852 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:17:57.0277 7852 Netlogon - ok
19:17:57.0337 7852 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
19:17:57.0351 7852 Netman - ok
19:17:57.0392 7852 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
19:17:57.0408 7852 netprofm - ok
19:17:57.0462 7852 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:17:57.0473 7852 NetTcpPortSharing - ok
19:17:57.0501 7852 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
19:17:57.0503 7852 nfrd960 - ok
19:17:57.0545 7852 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
19:17:57.0554 7852 NlaSvc - ok
19:17:57.0807 7852 NOBU (5839a8027d6d324a7cd494051a96628c) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
19:17:57.0827 7852 NOBU - ok
19:17:57.0909 7852 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
19:17:57.0910 7852 Npfs - ok
19:17:57.0930 7852 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
19:17:57.0933 7852 nsi - ok
19:17:57.0940 7852 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
19:17:57.0941 7852 nsiproxy - ok
19:17:58.0070 7852 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
19:17:58.0090 7852 Ntfs - ok
19:17:58.0176 7852 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
19:17:58.0178 7852 Null - ok
19:17:58.0220 7852 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
19:17:58.0228 7852 nvraid - ok
19:17:58.0252 7852 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
19:17:58.0259 7852 nvstor - ok
19:17:58.0308 7852 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
19:17:58.0318 7852 nv_agp - ok
19:17:58.0352 7852 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
19:17:58.0356 7852 ohci1394 - ok
19:17:58.0454 7852 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:17:58.0461 7852 ose - ok
19:17:58.0868 7852 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:17:58.0924 7852 osppsvc - ok
19:17:59.0037 7852 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
19:17:59.0045 7852 p2pimsvc - ok
19:17:59.0076 7852 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
19:17:59.0087 7852 p2psvc - ok
19:17:59.0131 7852 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
19:17:59.0134 7852 Parport - ok
19:17:59.0171 7852 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
19:17:59.0172 7852 partmgr - ok
19:17:59.0196 7852 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
19:17:59.0203 7852 PcaSvc - ok
19:17:59.0245 7852 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
19:17:59.0247 7852 pci - ok
19:17:59.0277 7852 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
19:17:59.0278 7852 pciide - ok
19:17:59.0307 7852 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
19:17:59.0313 7852 pcmcia - ok
19:17:59.0331 7852 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
19:17:59.0332 7852 pcw - ok
19:17:59.0384 7852 pdfcDispatcher - ok
19:17:59.0429 7852 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
19:17:59.0438 7852 PEAUTH - ok
19:17:59.0533 7852 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
19:17:59.0535 7852 PerfHost - ok
19:17:59.0658 7852 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
19:17:59.0682 7852 pla - ok
19:17:59.0739 7852 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
19:17:59.0752 7852 PlugPlay - ok
19:17:59.0779 7852 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
19:17:59.0783 7852 PNRPAutoReg - ok
19:17:59.0820 7852 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
19:17:59.0824 7852 PNRPsvc - ok
19:17:59.0882 7852 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
19:17:59.0896 7852 PolicyAgent - ok
19:17:59.0941 7852 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
19:17:59.0949 7852 Power - ok
19:18:00.0029 7852 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
19:18:00.0041 7852 PptpMiniport - ok
19:18:00.0082 7852 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
19:18:00.0086 7852 Processor - ok
19:18:00.0128 7852 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
19:18:00.0134 7852 ProfSvc - ok
19:18:00.0157 7852 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:18:00.0159 7852 ProtectedStorage - ok
19:18:00.0200 7852 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
19:18:00.0202 7852 Psched - ok
19:18:00.0310 7852 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
19:18:00.0334 7852 ql2300 - ok
19:18:00.0420 7852 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
19:18:00.0431 7852 ql40xx - ok
19:18:00.0481 7852 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
19:18:00.0492 7852 QWAVE - ok
19:18:00.0513 7852 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
19:18:00.0515 7852 QWAVEdrv - ok
19:18:00.0528 7852 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
19:18:00.0530 7852 RasAcd - ok
19:18:00.0572 7852 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
19:18:00.0576 7852 RasAgileVpn - ok
19:18:00.0603 7852 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
19:18:00.0615 7852 RasAuto - ok
19:18:00.0662 7852 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:18:00.0678 7852 Rasl2tp - ok
19:18:00.0731 7852 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
19:18:00.0746 7852 RasMan - ok
19:18:00.0765 7852 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
19:18:00.0769 7852 RasPppoe - ok
19:18:00.0807 7852 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
19:18:00.0809 7852 RasSstp - ok
19:18:00.0849 7852 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
19:18:00.0858 7852 rdbss - ok
19:18:00.0893 7852 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
19:18:00.0894 7852 rdpbus - ok
19:18:00.0901 7852 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:18:00.0901 7852 RDPCDD - ok
19:18:00.0926 7852 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
19:18:00.0926 7852 RDPENCDD - ok
19:18:00.0944 7852 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
19:18:00.0945 7852 RDPREFMP - ok
19:18:00.0983 7852 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
19:18:00.0989 7852 RDPWD - ok
19:18:01.0027 7852 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
19:18:01.0029 7852 rdyboost - ok
19:18:01.0062 7852 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
19:18:01.0074 7852 RemoteAccess - ok
19:18:01.0102 7852 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
19:18:01.0111 7852 RemoteRegistry - ok
19:18:01.0140 7852 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
19:18:01.0143 7852 RpcEptMapper - ok
19:18:01.0163 7852 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
19:18:01.0165 7852 RpcLocator - ok
19:18:01.0225 7852 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
19:18:01.0230 7852 RpcSs - ok
19:18:01.0243 7852 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
19:18:01.0247 7852 rspndr - ok
19:18:01.0295 7852 RTL8167 (7ea8d2eb9bbfd2ab8a3117a1e96d3b3a) C:\Windows\system32\DRIVERS\Rt64win7.sys
19:18:01.0297 7852 RTL8167 - ok
19:18:01.0324 7852 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:18:01.0326 7852 SamSs - ok
19:18:01.0365 7852 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
19:18:01.0376 7852 sbp2port - ok
19:18:01.0404 7852 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
19:18:01.0411 7852 SCardSvr - ok
19:18:01.0442 7852 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
19:18:01.0443 7852 scfilter - ok
19:18:01.0519 7852 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
19:18:01.0537 7852 Schedule - ok
19:18:01.0570 7852 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
19:18:01.0571 7852 SCPolicySvc - ok
19:18:01.0596 7852 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
19:18:01.0604 7852 SDRSVC - ok
19:18:01.0655 7852 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
19:18:01.0656 7852 secdrv - ok
19:18:01.0677 7852 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
19:18:01.0680 7852 seclogon - ok
19:18:01.0701 7852 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
19:18:01.0706 7852 SENS - ok
19:18:01.0737 7852 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
19:18:01.0740 7852 SensrSvc - ok
19:18:01.0763 7852 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
19:18:01.0764 7852 Serenum - ok
19:18:01.0785 7852 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
19:18:01.0788 7852 Serial - ok
19:18:01.0819 7852 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
19:18:01.0820 7852 sermouse - ok
19:18:01.0864 7852 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
19:18:01.0882 7852 SessionEnv - ok
19:18:01.0898 7852 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
19:18:01.0900 7852 sffdisk - ok
19:18:01.0919 7852 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
19:18:01.0920 7852 sffp_mmc - ok
19:18:01.0929 7852 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
19:18:01.0930 7852 sffp_sd - ok
19:18:01.0945 7852 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
19:18:01.0946 7852 sfloppy - ok
19:18:02.0041 7852 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
19:18:02.0047 7852 Sftfs - ok
19:18:02.0147 7852 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
19:18:02.0152 7852 sftlist - ok
19:18:02.0187 7852 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
19:18:02.0189 7852 Sftplay - ok
19:18:02.0212 7852 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
19:18:02.0213 7852 Sftredir - ok
19:18:02.0244 7852 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
19:18:02.0245 7852 Sftvol - ok
19:18:02.0283 7852 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
19:18:02.0286 7852 sftvsa - ok
19:18:02.0331 7852 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
19:18:02.0338 7852 SharedAccess - ok
19:18:02.0393 7852 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
19:18:02.0406 7852 ShellHWDetection - ok
19:18:02.0431 7852 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:18:02.0433 7852 SiSRaid2 - ok
19:18:02.0450 7852 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
19:18:02.0454 7852 SiSRaid4 - ok
19:18:02.0492 7852 SkypeUpdate (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files (x86)\Skype\Updater\Updater.exe
19:18:02.0494 7852 SkypeUpdate - ok
19:18:02.0529 7852 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
19:18:02.0533 7852 Smb - ok
19:18:02.0576 7852 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
19:18:02.0579 7852 SNMPTRAP - ok
19:18:02.0588 7852 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
19:18:02.0589 7852 spldr - ok
19:18:02.0640 7852 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
19:18:02.0658 7852 Spooler - ok
19:18:02.0911 7852 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
19:18:02.0955 7852 sppsvc - ok
19:18:03.0053 7852 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
19:18:03.0058 7852 sppuinotify - ok
19:18:03.0134 7852 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
19:18:03.0142 7852 srv - ok
19:18:03.0202 7852 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
19:18:03.0213 7852 srv2 - ok
19:18:03.0231 7852 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
19:18:03.0240 7852 srvnet - ok
19:18:03.0271 7852 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
19:18:03.0294 7852 SSDPSRV - ok
19:18:03.0307 7852 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
19:18:03.0321 7852 SstpSvc - ok
19:18:03.0343 7852 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
19:18:03.0345 7852 stexstor - ok
19:18:03.0413 7852 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
19:18:03.0425 7852 stisvc - ok
19:18:03.0457 7852 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
19:18:03.0458 7852 swenum - ok
19:18:03.0496 7852 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
19:18:03.0507 7852 swprv - ok
19:18:03.0645 7852 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
19:18:03.0671 7852 SysMain - ok
19:18:03.0787 7852 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
19:18:03.0798 7852 TabletInputService - ok
19:18:03.0846 7852 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
19:18:03.0854 7852 TapiSrv - ok
19:18:03.0878 7852 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
19:18:03.0883 7852 TBS - ok
19:18:04.0025 7852 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
19:18:04.0056 7852 Tcpip - ok
19:18:04.0277 7852 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
19:18:04.0287 7852 TCPIP6 - ok
19:18:04.0388 7852 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
19:18:04.0389 7852 tcpipreg - ok
19:18:04.0420 7852 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
19:18:04.0422 7852 TDPIPE - ok
19:18:04.0452 7852 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
19:18:04.0453 7852 TDTCP - ok
19:18:04.0503 7852 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
19:18:04.0513 7852 tdx - ok
19:18:04.0544 7852 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
19:18:04.0545 7852 TermDD - ok
19:18:04.0613 7852 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
19:18:04.0626 7852 TermService - ok
19:18:04.0659 7852 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
19:18:04.0662 7852 Themes - ok
19:18:04.0693 7852 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
19:18:04.0696 7852 THREADORDER - ok
19:18:04.0710 7852 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
19:18:04.0723 7852 TrkWks - ok
19:18:04.0766 7852 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
19:18:04.0768 7852 TrustedInstaller - ok
19:18:04.0804 7852 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:18:04.0805 7852 tssecsrv - ok
19:18:04.0843 7852 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
19:18:04.0844 7852 TsUsbFlt - ok
19:18:04.0891 7852 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
19:18:04.0902 7852 tunnel - ok
19:18:04.0924 7852 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
19:18:04.0926 7852 uagp35 - ok
19:18:04.0964 7852 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
19:18:04.0972 7852 udfs - ok
19:18:04.0997 7852 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
19:18:05.0004 7852 UI0Detect - ok
19:18:05.0051 7852 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
19:18:05.0053 7852 uliagpkx - ok
19:18:05.0086 7852 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
19:18:05.0087 7852 umbus - ok
19:18:05.0099 7852 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
19:18:05.0101 7852 UmPass - ok
19:18:05.0198 7852 UMVPFSrv (67a95b9d129ed5399e7965cd09cf30e7) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
19:18:05.0201 7852 UMVPFSrv - ok
19:18:05.0264 7852 Updater Service for StartNow Toolbar (7ccf424450af71461ca5aca14fb45b72) C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe
19:18:05.0266 7852 Updater Service for StartNow Toolbar - ok
19:18:05.0302 7852 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
19:18:05.0317 7852 upnphost - ok
19:18:05.0358 7852 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
19:18:05.0360 7852 USBAAPL64 - ok
19:18:05.0395 7852 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
19:18:05.0406 7852 usbaudio - ok
19:18:05.0442 7852 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
19:18:05.0454 7852 usbccgp - ok
19:18:05.0490 7852 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
19:18:05.0501 7852 usbcir - ok
19:18:05.0518 7852 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
19:18:05.0520 7852 usbehci - ok
19:18:05.0541 7852 usbfilter (2c780746dc44a28fe67004dc58173f05) C:\Windows\system32\DRIVERS\usbfilter.sys
19:18:05.0541 7852 usbfilter - ok
19:18:05.0599 7852 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
19:18:05.0606 7852 usbhub - ok
19:18:05.0637 7852 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
19:18:05.0638 7852 usbohci - ok
19:18:05.0676 7852 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
19:18:05.0677 7852 usbprint - ok
19:18:05.0706 7852 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
19:18:05.0708 7852 usbscan - ok
19:18:05.0739 7852 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:18:05.0743 7852 USBSTOR - ok
19:18:05.0760 7852 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
19:18:05.0762 7852 usbuhci - ok
19:18:05.0787 7852 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
19:18:05.0794 7852 UxSms - ok
19:18:05.0824 7852 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:18:05.0826 7852 VaultSvc - ok
19:18:05.0870 7852 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
19:18:05.0871 7852 vdrvroot - ok
19:18:05.0929 7852 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
19:18:05.0938 7852 vds - ok
19:18:05.0948 7852 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
19:18:05.0950 7852 vga - ok
19:18:05.0961 7852 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
19:18:05.0962 7852 VgaSave - ok
19:18:06.0003 7852 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
19:18:06.0009 7852 vhdmp - ok
19:18:06.0027 7852 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
19:18:06.0029 7852 viaide - ok
19:18:06.0040 7852 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
19:18:06.0042 7852 volmgr - ok
19:18:06.0095 7852 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
19:18:06.0099 7852 volmgrx - ok
19:18:06.0124 7852 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
19:18:06.0127 7852 volsnap - ok
19:18:06.0157 7852 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
19:18:06.0167 7852 vsmraid - ok
19:18:06.0298 7852 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
19:18:06.0321 7852 VSS - ok
19:18:06.0406 7852 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
19:18:06.0407 7852 vwifibus - ok
19:18:06.0453 7852 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
19:18:06.0466 7852 W32Time - ok
19:18:06.0473 7852 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
19:18:06.0474 7852 WacomPen - ok
19:18:06.0506 7852 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:18:06.0510 7852 WANARP - ok
19:18:06.0519 7852 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:18:06.0520 7852 Wanarpv6 - ok
19:18:06.0633 7852 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
19:18:06.0660 7852 WatAdminSvc - ok
19:18:06.0787 7852 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
19:18:06.0806 7852 wbengine - ok
19:18:06.0916 7852 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
19:18:06.0923 7852 WbioSrvc - ok
19:18:06.0975 7852 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
19:18:06.0990 7852 wcncsvc - ok
19:18:07.0006 7852 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
19:18:07.0013 7852 WcsPlugInService - ok
19:18:07.0050 7852 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
19:18:07.0051 7852 Wd - ok
19:18:07.0108 7852 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
19:18:07.0115 7852 Wdf01000 - ok
19:18:07.0132 7852 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
19:18:07.0144 7852 WdiServiceHost - ok
19:18:07.0151 7852 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
19:18:07.0154 7852 WdiSystemHost - ok
19:18:07.0196 7852 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
19:18:07.0209 7852 WebClient - ok
19:18:07.0239 7852 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
19:18:07.0251 7852 Wecsvc - ok
19:18:07.0270 7852 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
19:18:07.0282 7852 wercplsupport - ok
19:18:07.0320 7852 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
19:18:07.0332 7852 WerSvc - ok
19:18:07.0366 7852 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
19:18:07.0368 7852 WfpLwf - ok
19:18:07.0391 7852 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
19:18:07.0392 7852 WIMMount - ok
19:18:07.0435 7852 WinDefend - ok
19:18:07.0446 7852 WinHttpAutoProxySvc - ok
19:18:07.0509 7852 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
19:18:07.0520 7852 Winmgmt - ok
19:18:07.0674 7852 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
19:18:07.0703 7852 WinRM - ok
19:18:07.0834 7852 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
19:18:07.0836 7852 WinUsb - ok
19:18:07.0912 7852 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
19:18:07.0933 7852 Wlansvc - ok
19:18:08.0170 7852 wlidsvc (98f138897ef4246381d197cb81846d62) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:18:08.0194 7852 wlidsvc - ok
19:18:08.0292 7852 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
19:18:08.0292 7852 WmiAcpi - ok
19:18:08.0364 7852 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
19:18:08.0376 7852 wmiApSrv - ok
19:18:08.0412 7852 WMPNetworkSvc - ok
19:18:08.0443 7852 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
19:18:08.0451 7852 WPCSvc - ok
19:18:08.0488 7852 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
19:18:08.0499 7852 WPDBusEnum - ok
19:18:08.0527 7852 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
19:18:08.0529 7852 ws2ifsl - ok
19:18:08.0551 7852 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
19:18:08.0562 7852 wscsvc - ok
19:18:08.0569 7852 WSearch - ok
19:18:08.0780 7852 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
19:18:08.0811 7852 wuauserv - ok
19:18:08.0936 7852 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
19:18:08.0945 7852 WudfPf - ok
19:18:08.0986 7852 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:18:08.0992 7852 WUDFRd - ok
19:18:09.0028 7852 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
19:18:09.0041 7852 wudfsvc - ok
19:18:09.0071 7852 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
19:18:09.0085 7852 WwanSvc - ok
19:18:09.0119 7852 MBR (0x1B8) (9401eb89d5dc20b30fbe55d047dd531b) \Device\Harddisk0\DR0
19:18:09.0480 7852 \Device\Harddisk0\DR0 - ok
19:18:09.0487 7852 Boot (0x1200) (2560817864a4f3e794630495e2781a43) \Device\Harddisk0\DR0\Partition0
19:18:09.0491 7852 \Device\Harddisk0\DR0\Partition0 - ok
19:18:09.0524 7852 Boot (0x1200) (8584f06d1b1ac996c22b78b02838c836) \Device\Harddisk0\DR0\Partition1
19:18:09.0527 7852 \Device\Harddisk0\DR0\Partition1 - ok
19:18:09.0563 7852 Boot (0x1200) (a375674e07961da86a484381c0adf63e) \Device\Harddisk0\DR0\Partition2
19:18:09.0568 7852 \Device\Harddisk0\DR0\Partition2 - ok
19:18:09.0570 7852 ============================================================
19:18:09.0570 7852 Scan finished
19:18:09.0570 7852 ============================================================
19:18:09.0597 7844 Detected object count: 0
19:18:09.0597 7844 Actual detected object count: 0

#4 Samie8183

Samie8183
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:08 PM

Posted 07 July 2012 - 07:34 PM

aswmbr...


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-07 19:20:05
-----------------------------
19:20:05.172 OS Version: Windows x64 6.1.7601 Service Pack 1
19:20:05.172 Number of processors: 2 586 0x602
19:20:05.173 ComputerName: SAMIE-HP UserName: Samie
19:20:07.713 Initialize success
19:20:07.787 AVAST engine defs: 12070701
19:20:31.845 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000053
19:20:31.846 Disk 0 Vendor: WDC_WD64 01.0 Size: 610480MB BusType: 11
19:20:31.855 Disk 0 MBR read successfully
19:20:31.857 Disk 0 MBR scan
19:20:31.860 Disk 0 unknown MBR code
19:20:31.870 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
19:20:31.883 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 598128 MB offset 206848
19:20:31.922 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 12250 MB offset 1225172992
19:20:31.954 Disk 0 scanning C:\Windows\system32\drivers
19:20:37.813 Service scanning
19:20:52.438 Modules scanning
19:20:52.449 Disk 0 trace - called modules:
19:20:52.469 ntoskrnl.exe CLASSPNP.SYS disk.sys amdxata.sys storport.sys hal.dll amdsata.sys
19:20:52.474 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004989060]
19:20:52.697 3 CLASSPNP.SYS[fffff8800161743f] -> nt!IofCallDriver -> [0xfffffa80042f8b80]
19:20:52.713 5 amdxata.sys[fffff880011627a8] -> nt!IofCallDriver -> \Device\00000053[0xfffffa8004977060]
19:20:54.090 AVAST engine scan C:\Windows
19:20:56.068 AVAST engine scan C:\Windows\system32
19:23:11.648 AVAST engine scan C:\Windows\system32\drivers
19:23:27.437 AVAST engine scan C:\Users\Samie
19:30:19.256 Disk 0 MBR has been saved successfully to "C:\Users\Samie\Desktop\MBR.dat"
19:30:19.258 The log file has been saved successfully to "C:\Users\Samie\Desktop\aswMBR.txt"

#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:08 PM

Posted 07 July 2012 - 07:47 PM

Make sure to run all the scans in normal mode

After finishing your ESET scan ,

Download

Rogue killer

right click on it and select run as administrator

Now,click on HOSTS FIX option on right side

A log should get generated after the fix ,post the log here

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log


Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Pleae post all the four logs in your next reply

good luck

#6 Samie8183

Samie8183
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:08 PM

Posted 07 July 2012 - 08:12 PM

eset has detected 12 threats so far and only 30% done. Should I have eset remove them or not?

#7 Samie8183

Samie8183
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:08 PM

Posted 07 July 2012 - 10:36 PM

C:\$RECYCLE.BIN\S-1-5-21-43207053-3993897146-2519358394-1001\$R0NN7IJ.exe probably a variant of Win32/Adware.BMPKECQ application
C:\$RECYCLE.BIN\S-1-5-21-43207053-3993897146-2519358394-1001\$RG6TW1K.exe probably a variant of Win32/Adware.BMPKECQ application
C:\$RECYCLE.BIN\S-1-5-21-43207053-3993897146-2519358394-1001\$RIZ0K4Q.exe a variant of Win32/InstallCore.D application
C:\$RECYCLE.BIN\S-1-5-21-43207053-3993897146-2519358394-1001\$RO67NB1.exe probably a variant of Win32/Adware.HFXSRJX application
C:\Program Files (x86)\StartNow Toolbar\StartNowToolbarUninstall.exe Win32/Toolbar.Zugo application
C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll a variant of Win32/Toolbar.Zugo application
C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe a variant of Win32/Toolbar.Zugo application
C:\Program Files (x86)\Yontoo Layers Runtime\YontooIEClient.dll a variant of Win32/Adware.Yontoo.A application
C:\ProgramData\Tarma Installer\{2E1037EA-038A-425F-86B9-6CD19B8497E9}\_Setupx.dll a variant of Win32/Adware.Yontoo.B application
C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll a variant of Win32/Adware.Yontoo.B application
C:\Users\All Users\Tarma Installer\{2E1037EA-038A-425F-86B9-6CD19B8497E9}\_Setupx.dll a variant of Win32/Adware.Yontoo.B application
C:\Users\All Users\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll a variant of Win32/Adware.Yontoo.B application




RogueKiller V7.6.2 [07/02/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User: Samie [Admin rights]
Mode: HOSTSFix -- Date: 07/07/2012 20:51:35

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Driver: [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
127.0.0.1 localhost
::1 localhost
68.168.222.226 www.google-analytics.com.
68.168.222.226 ad-emea.doubleclick.net.
68.168.222.226 www.statcounter.com.
108.163.215.51 www.google-analytics.com.
108.163.215.51 ad-emea.doubleclick.net.
108.163.215.51 www.statcounter.com.


¤¤¤ Resetted HOSTS: ¤¤¤
127.0.0.1 localhost

Finished : << RKreport[1].txt >>
RKreport[1].txt







Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.07.02.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Samie :: SAMIE-HP [administrator]

7/7/2012 8:54:48 PM
mbam-log-2012-07-07 (20-54-48).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 446757
Time elapsed: 51 minute(s), 8 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)







MiniToolBox by Farbar Version: 25-06-2012
Ran by Samie (administrator) on 07-07-2012 at 22:32:35
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost
127.0.0.1 localhost

========================= IP Configuration: ================================

Realtek PCIe FE Family Controller = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Samie-HP
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : 64-31-50-1F-B0-DB
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::1017:8451:f0e7:7f3f%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.15.2(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Saturday, July 07, 2012 9:31:40 AM
Lease Expires . . . . . . . . . . : Saturday, July 07, 2012 11:31:41 PM
Default Gateway . . . . . . . . . : 192.168.15.1
DHCP Server . . . . . . . . . . . : 192.168.15.1
DHCPv6 IAID . . . . . . . . . . . : 265586020
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-5B-EC-F5-D4-85-64-C4-B6-38
DNS Servers . . . . . . . . . . . : 192.168.15.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 9:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Teredo Tunneling Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:2400:21aa:b72e:4923(Preferred)
Link-local IPv6 Address . . . . . : fe80::2400:21aa:b72e:4923%10(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{F52DDE91-B398-499C-BFF2-7F7E2F36E38C}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter 6TO4 Adapter:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: mygateway1.Motorola
Address: 192.168.15.1

Name: google.com
Addresses: 2607:f8b0:4000:801::1008
74.125.227.133
74.125.227.134
74.125.227.135
74.125.227.136
74.125.227.137
74.125.227.142
74.125.227.128
74.125.227.129
74.125.227.130
74.125.227.131
74.125.227.132


Pinging google.com [74.125.227.133] with 32 bytes of data:
Reply from 74.125.227.133: bytes=32 time=35ms TTL=55
Reply from 74.125.227.133: bytes=32 time=41ms TTL=55

Ping statistics for 74.125.227.133:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 35ms, Maximum = 41ms, Average = 38ms
Server: mygateway1.Motorola
Address: 192.168.15.1

Name: yahoo.com
Addresses: 72.30.38.140
98.139.183.24
209.191.122.70


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=89ms TTL=54
Reply from 72.30.38.140: bytes=32 time=88ms TTL=54

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 88ms, Maximum = 89ms, Average = 88ms
Server: mygateway1.Motorola
Address: 192.168.15.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Request timed out.
Request timed out.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
11...64 31 50 1f b0 db ......Realtek PCIe FE Family Controller
1...........................Software Loopback Interface 1
10...00 00 00 00 00 00 00 e0 Microsoft Teredo Tunneling Adapter
14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
12...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.15.1 192.168.15.2 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.15.0 255.255.255.0 On-link 192.168.15.2 276
192.168.15.2 255.255.255.255 On-link 192.168.15.2 276
192.168.15.255 255.255.255.255 On-link 192.168.15.2 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.15.2 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.15.2 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
10 58 ::/0 On-link
1 306 ::1/128 On-link
10 58 2001::/32 On-link
10 306 2001:0:4137:9e76:2400:21aa:b72e:4923/128
On-link
11 276 fe80::/64 On-link
10 306 fe80::/64 On-link
11 276 fe80::1017:8451:f0e7:7f3f/128
On-link
10 306 fe80::2400:21aa:b72e:4923/128
On-link
1 306 ff00::/8 On-link
10 306 ff00::/8 On-link
11 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 08 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 08 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/07/2012 07:35:16 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/07/2012 07:35:06 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/14/2012 09:52:03 AM) (Source: Application Error) (User: )
Description: Faulting application name: wlmail.exe, version: 14.0.8089.726, time stamp: 0x4a6ce53d
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec49b8f
Exception code: 0xc0000374
Fault offset: 0x000ce6c3
Faulting process id: 0x4d0
Faulting application start time: 0xwlmail.exe0
Faulting application path: wlmail.exe1
Faulting module path: wlmail.exe2
Report Id: wlmail.exe3

Error: (06/13/2012 09:35:20 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (06/13/2012 09:35:03 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (06/12/2012 09:33:49 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (06/12/2012 09:33:38 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (06/11/2012 11:04:58 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (06/11/2012 11:04:52 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (06/11/2012 09:40:14 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.


System errors:
=============
Error: (07/07/2012 09:33:16 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the LightScribeService Direct Disc Labeling Service service to connect.

Error: (07/06/2012 09:09:37 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the LightScribeService Direct Disc Labeling Service service to connect.

Error: (07/06/2012 09:09:32 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AMD FUEL Service service.

Error: (07/05/2012 10:14:07 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AMD FUEL Service service.

Error: (07/05/2012 10:13:48 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the LightScribeService Direct Disc Labeling Service service to connect.

Error: (07/05/2012 10:13:37 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AMD FUEL Service service.

Error: (07/04/2012 09:38:32 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the LightScribeService Direct Disc Labeling Service service to connect.

Error: (07/03/2012 09:30:23 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the LightScribeService Direct Disc Labeling Service service to connect.

Error: (07/02/2012 05:17:29 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the LightScribeService Direct Disc Labeling Service service to connect.

Error: (07/02/2012 10:44:01 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the LightScribeService Direct Disc Labeling Service service to connect.


Microsoft Office Sessions:
=========================
Error: (07/07/2012 07:35:16 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Samie\Downloads\esetsmartinstaller_enu.exe

Error: (07/07/2012 07:35:06 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Samie\Downloads\esetsmartinstaller_enu.exe

Error: (06/14/2012 09:52:03 AM) (Source: Application Error)(User: )
Description: wlmail.exe14.0.8089.7264a6ce53dntdll.dll6.1.7601.177254ec49b8fc0000374000ce6c34d001cd4a3b4e4f4972C:\Program Files (x86)\Windows Live\Mail\wlmail.exeC:\Windows\SysWOW64\ntdll.dll808dcce7-b630-11e1-95f5-6431501fb0db

Error: (06/13/2012 09:35:20 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (06/13/2012 09:35:03 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (06/12/2012 09:33:49 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (06/12/2012 09:33:38 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (06/11/2012 11:04:58 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (06/11/2012 11:04:52 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (06/11/2012 09:40:14 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.


=========================== Installed Programs ============================

Adobe AIR (Version: 2.7.1.19610)
Adobe Flash Player 10 ActiveX (Version: 10.3.181.34)
Adobe Flash Player 11 Plugin (Version: 11.0.1.152)
Alabama Smith in the Quest of Fate
Amanda Rose: The Game of Time (Version: 1.0)
Amazon Kindle
AMD APP SDK Runtime (Version: 2.5.793.1)
AMD Catalyst Install Manager (Version: 3.0.851.0)
AMD Fuel (Version: 2011.1013.1702.28713)
AMD Problem Report Wizard (Version: 3.0.851.0)
AMD VISION Engine Control Center (Version: 2011.1013.1702.28713)
Apple Application Support (Version: 2.1.6)
Apple Mobile Device Support (Version: 4.0.0.97)
Apple Software Update (Version: 2.1.3.127)
Ares 2.1.7 (Version: 2.1.7-Build#3041)
avast! Free Antivirus (Version: 7.0.1456.0)
Behind the Reflection
Bejeweled 2 Deluxe (Version: 2.2.0.95)
Bing Bar (Version: 7.1.361.0)
Blackhawk Striker 2 (Version: 2.2.0.95)
Bonjour (Version: 3.0.0.10)
Build-a-lot 2 (Version: 2.2.0.95)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2011.1013.1702.28713)
Catalyst Control Center InstallProxy (Version: 2011.1013.1702.28713)
Catalyst Control Center Localization All (Version: 2011.1013.1702.28713)
ccc-utility64 (Version: 2011.1013.1702.28713)
CCC Help Chinese Standard (Version: 2011.1013.1701.28713)
CCC Help Chinese Traditional (Version: 2011.1013.1701.28713)
CCC Help Czech (Version: 2011.1013.1701.28713)
CCC Help Danish (Version: 2011.1013.1701.28713)
CCC Help Dutch (Version: 2011.1013.1701.28713)
CCC Help English (Version: 2011.1013.1701.28713)
CCC Help Finnish (Version: 2011.1013.1701.28713)
CCC Help French (Version: 2011.1013.1701.28713)
CCC Help German (Version: 2011.1013.1701.28713)
CCC Help Greek (Version: 2011.1013.1701.28713)
CCC Help Hungarian (Version: 2011.1013.1701.28713)
CCC Help Italian (Version: 2011.1013.1701.28713)
CCC Help Japanese (Version: 2011.1013.1701.28713)
CCC Help Korean (Version: 2011.1013.1701.28713)
CCC Help Norwegian (Version: 2011.1013.1701.28713)
CCC Help Polish (Version: 2011.1013.1701.28713)
CCC Help Portuguese (Version: 2011.1013.1701.28713)
CCC Help Russian (Version: 2011.1013.1701.28713)
CCC Help Spanish (Version: 2011.1013.1701.28713)
CCC Help Swedish (Version: 2011.1013.1701.28713)
CCC Help Thai (Version: 2011.1013.1701.28713)
CCC Help Turkish (Version: 2011.1013.1701.28713)
Chuzzle Deluxe (Version: 2.2.0.95)
CinemaNow Media Manager (Version: 1.9.1.105)
CyberLink DVD Suite Deluxe (Version: 7.0.2823)
Diner Dash 2 Restaurant Rescue (Version: 2.2.0.95)
Dora's Carnival Adventure (Version: 2.2.0.95)
DVD Menu Pack for HP MediaSmart Video (Version: 4.1.4030)
Echoes of Sorrow (Version: 1.0)
Escape Rosecliff Island (Version: 2.2.0.95)
ESET Online Scanner v3
FATE (Version: 2.2.0.95)
Final Drive Nitro (Version: 2.2.0.95)
Google Chrome (Version: 20.0.1132.47)
Google Earth Plug-in (Version: 6.2.2.6613)
Google Update Helper (Version: 1.3.21.111)
GoToMeeting 5.1.0.873 (Version: 5.1.0.873)
Heroes of Hellas 2 - Olympia (Version: 2.2.0.95)
Hewlett-Packard ACLM.NET v1.1.2.0 (Version: 1.00.0000)
HP Advisor (Version: 3.4.12850.3526)
HP Customer Experience Enhancements (Version: 6.0.1.7)
HP Game Console
HP Games (Version: 1.0.1.3)
HP MediaSmart CinemaNow 2.0 (Version: 2.0)
HP MediaSmart DVD (Version: 4.1.4229)
HP MediaSmart Music (Version: 4.1.4301)
HP MediaSmart Photo (Version: 4.1.4211)
HP MediaSmart SmartMenu (Version: 3.1.1.12)
HP MediaSmart Video (Version: 4.1.4214)
HP MediaSmart/TouchSmart Netflix (Version: 1.0.3.0)
HP Odometer (Version: 2.10.0000)
HP Product Detection (Version: 11.14.0001)
HP Setup (Version: 8.1.4186.3400)
HP Support Assistant (Version: 6.1.12.1)
HP Support Information (Version: 10.1.0002)
HP Update (Version: 5.002.003.003)
HP Vision Hardware Diagnostics (Version: 2.1.2.27173)
Hulu Desktop (Version: 0.9.13)
HydraVision (Version: 4.2.218.0)
iTunes (Version: 10.5.3.3)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 22 (Version: 6.0.220)
Java™ 6 Update 31 (Version: 6.0.310)
Jewel Quest 3 (Version: 2.2.0.95)
Jewel Quest Solitaire 2 (Version: 2.2.0.95)
Journey of Hope
Junk Mail filter update (Version: 14.0.8089.726)
Kidnapped in the City (Version: 1.0)
Kobo
LabelPrint (Version: 2.5.2823)
Lexmark 1200 Series
LightScribe System Software (Version: 1.18.15.1)
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
MarketMeSuite (Version: 3.4.5)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - English (Version: 14.0.4763.1000)
Microsoft PowerPoint Viewer (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Movie Theme Pack for HP MediaSmart Video (Version: 4.1.4030)
Mozilla Firefox 13.0.1 (x86 en-US) (Version: 13.0.1)
Mozilla Maintenance Service (Version: 13.0.1)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Mysteries of Horus (Version: 1.0)
Norton Online Backup (Version: 2.1.17869)
OpenOffice.org 3.3 (Version: 3.3.9567)
PDF Complete Special Edition (Version: 3.5.111)
Penguins! (Version: 2.2.0.95)
PhotoNow! (Version: 1.1.6904)
Picasa 3 (Version: 3.8)
Plants vs. Zombies (Version: 2.2.0.95)
PlayReady PC Runtime amd64 (Version: 1.3.0)
Poker Superstars III (Version: 2.2.0.95)
Polar Bowler (Version: 2.2.0.95)
Polar Golfer (Version: 2.2.0.95)
Power2Go (Version: 6.1.4022)
PowerDirector (Version: 8.0.2906)
PressReader (Version: 5.10.621.0)
QuickTime (Version: 7.70.80.34)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer (Version: 15.0.4)
Realtek High Definition Audio Driver (Version: 6.0.1.6132)
RealUpgrade 1.1 (Version: 1.1.0)
Recovery Manager (Version: 5.5.2926)
Roxio CinemaNow 2.0 (Version: 1.0.284)
Skype Click to Call (Version: 5.10.9560)
Skype™ 5.8 (Version: 5.8.158)
Slot Madness (Version: 11.0.0)
Socialbox (Version: 2.114.1)
Soul Journey (Version: 1.0)
Spotify (Version: 0.6.2)
StartNow Toolbar (Version: 2.3.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Virtual Families (Version: 2.2.0.95)
Virtual Villagers - The Secret City (Version: 2.2.0.95)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
Wheel of Fortune 2 (Version: 2.2.0.95)
Windows Live Call (Version: 14.0.8064.0206)
Windows Live Communications Platform (Version: 14.0.8064.206)
Windows Live Essentials (Version: 14.0.8089.0726)
Windows Live Essentials (Version: 14.0.8089.726)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows Live Mail (Version: 14.0.8089.0726)
Windows Live Messenger (Version: 14.0.8089.0726)
Windows Live Photo Gallery (Version: 14.0.8081.709)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8089.0726)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
Yahoo! Messenger
Yontoo Layers Runtime 1.10.01 (Version: 1.10.01)
Zinio Reader 4 (Version: 4.0.2811)
Zuma Deluxe (Version: 2.2.0.95)

========================= Memory info: ===================================

Percentage of memory in use: 46%
Total physical RAM: 4863.29 MB
Available physical RAM: 2604.84 MB
Total Pagefile: 9724.76 MB
Available Pagefile: 7426.36 MB
Total Virtual: 4095.88 MB
Available Virtual: 3968.74 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:584.11 GB) (Free:520.68 GB) NTFS
2 Drive d: (HP_RECOVERY) (Fixed) (Total:11.96 GB) (Free:1.46 GB) NTFS

========================= Users: ========================================

User accounts for \\SAMIE-HP

Administrator Guest Samie


**** End of log ****

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:08 PM

Posted 08 July 2012 - 01:20 AM

Allow ESET to remove the infections.I think we have removed the ad pop up.Let me know any current issues?

#9 Samie8183

Samie8183
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:08 PM

Posted 08 July 2012 - 06:24 PM

I had to do another scan in eset to delete infections and now everything is as it should be. Thank you so much!

Can I go ahead and delete all these programs now?

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:08 PM

Posted 08 July 2012 - 11:17 PM

Yes remove all the tools

Download

TFC


Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your flash player

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp


Update your antivirus frequently,do not click on suspicious links

Safe surfing :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users