Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

PUP virus problem


  • Please log in to reply
6 replies to this topic

#1 Missie-000

Missie-000

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:12:15 PM

Posted 11 August 2013 - 12:18 PM

Hi,  I am new to the site and would be be very greatful if someone could assist me in getting rid of a recurring virus problem.

 

I ran a routine NOD32 scan which if I remember correctly didn't find anything, then ran Malware Bytes which did. Everytime I run Malware bytes it keeps finding new PUP viruses so if someone could please have a look at the issue for me.

 

Thank you



BC AdBot (Login to Remove)

 


#2 GodfatherKing

GodfatherKing

  • Members
  • 587 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:15 PM

Posted 11 August 2013 - 01:35 PM

:welcome:

 

:step1: Post the MBAM-log. 

 

Also run these:

 

:step2: Running TDSSKiller to obtain log

 

Note: Don't cure or delete a threat, but choose skip for all instead.

  • Please download TDSSKiller from here and save it to your Desktop
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters

tds2.jpg

  • In the Additional options: Check Detect TDLFS file system
  • Click Start Scan and allow the scan process to run.
  • Choose for all threats to Skip for all of them.
  • Click Continue
  • Please post the TDSSKiller.[Version]_[Date]_[Time]_log.txt found in your root directory (typically c:\)

===================================================

 

:step3: ESET Online Scanner

 

Note: If your AV is blocking Eset online scanner, please temporarily disable your AV.

 

I'd like us to scan your machine with ESET OnlineScan This process may may take several hours, that is normal.

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and » UNCHECK "Remove found threats" <== Important
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Copy and paste the information in your next reply. (If no malware was found you will not be presented with a log).
  • Click the Back button.
  • Click the Finish button.

===================================================


Edited by GodfatherKing, 11 August 2013 - 01:36 PM.

If you have received help from me and I don't have respond to you for almost >= 3 days, send me a Private Message.  :hello:


#3 Missie-000

Missie-000
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:12:15 PM

Posted 11 August 2013 - 03:51 PM

Thank you, logs as requested

 

 

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.08.10.01

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Les :: LAPTOP [administrator]

11/08/2013 11:32:17
mbam-log-2013-08-11 (11-32-17).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 328098
Time elapsed: 1 hour(s), 30 minute(s), 41 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 3
C:\RECYCLER\S-1-5-21-547980803-4181646062-50412295-1007\Dc13.exe (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
C:\RECYCLER\S-1-5-21-547980803-4181646062-50412295-1007\Dc47\frostwire-5.5.3.windows.exe (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{1605CC6F-795C-4DDC-8550-0794EA694375}\RP618\A0754247.exe (PUP.Optional.AskToolbar) -> Quarantined and deleted successfully.

(end)
 

ESET threats found

 

C:\Documents and Settings\Les\Desktop\Programs\FreeYouTubeToMP3Converter.exe    a variant of Win32/Bundled.Toolbar.Ask application
C:\Documents and Settings\Les\Desktop\Programs\Dreamweaver MX\keygen.exe    a variant of Win32/Keygen.CY application
C:\Documents and Settings\Les\Desktop\Programs\PDFXVwer\PDFXVwer.exe    a variant of Win32/Bundled.Toolbar.Ask application

 

 

 

20:26:29.0234 12152  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
20:26:29.0640 12152  ============================================================
20:26:29.0640 12152  Current date / time: 2013/08/11 20:26:29.0640
20:26:29.0640 12152  SystemInfo:
20:26:29.0640 12152  
20:26:29.0640 12152  OS Version: 5.1.2600 ServicePack: 3.0
20:26:29.0640 12152  Product type: Workstation
20:26:29.0640 12152  ComputerName: LAPTOP
20:26:29.0640 12152  UserName: Les
20:26:29.0640 12152  Windows directory: C:\WINDOWS
20:26:29.0640 12152  System windows directory: C:\WINDOWS
20:26:29.0640 12152  Processor architecture: Intel x86
20:26:29.0640 12152  Number of processors: 2
20:26:29.0640 12152  Page size: 0x1000
20:26:29.0640 12152  Boot type: Normal boot
20:26:29.0640 12152  ============================================================
20:26:30.0703 12152  Drive \Device\Harddisk0\DR0 - Size: 0x174A446000 (93.16 Gb), SectorSize: 0x200, Cylinders: 0x2F81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:26:30.0718 12152  ============================================================
20:26:30.0718 12152  \Device\Harddisk0\DR0:
20:26:30.0734 12152  MBR partitions:
20:26:30.0734 12152  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xBA50E02
20:26:30.0734 12152  ============================================================
20:26:30.0781 12152  C: <-> \Device\Harddisk0\DR0\Partition1
20:26:30.0781 12152  ============================================================
20:26:30.0781 12152  Initialize success
20:26:30.0781 12152  ============================================================
20:27:03.0109 14600  ============================================================
20:27:03.0109 14600  Scan started
20:27:03.0109 14600  Mode: Manual; TDLFS;
20:27:03.0109 14600  ============================================================
20:27:05.0156 14600  ================ Scan system memory ========================
20:27:05.0171 14600  System memory - ok
20:27:05.0171 14600  ================ Scan services =============================
20:27:05.0906 14600  Abiosdsk - ok
20:27:05.0906 14600  abp480n5 - ok
20:27:05.0984 14600  [ 8FD99680A539792A30E97944FDAECF17 ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
20:27:06.0000 14600  ACPI - ok
20:27:06.0062 14600  [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC          C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
20:27:06.0125 14600  ACPIEC - ok
20:27:06.0328 14600  [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:27:06.0343 14600  AdobeFlashPlayerUpdateSvc - ok
20:27:06.0359 14600  adpu160m - ok
20:27:06.0406 14600  [ 8BED39E3C35D6A489438B8141717A557 ] aec             C:\WINDOWS\system32\drivers\aec.sys
20:27:06.0421 14600  aec - ok
20:27:06.0468 14600  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
20:27:06.0468 14600  AFD - ok
20:27:06.0484 14600  Aha154x - ok
20:27:06.0484 14600  aic78u2 - ok
20:27:06.0500 14600  aic78xx - ok
20:27:06.0546 14600  [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
20:27:06.0546 14600  Alerter - ok
20:27:06.0562 14600  [ 8C515081584A38AA007909CD02020B3D ] ALG             C:\WINDOWS\System32\alg.exe
20:27:06.0562 14600  ALG - ok
20:27:06.0562 14600  AliIde - ok
20:27:06.0578 14600  amsint - ok
20:27:06.0578 14600  AppMgmt - ok
20:27:06.0656 14600  [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394         C:\WINDOWS\system32\DRIVERS\arp1394.sys
20:27:06.0656 14600  Arp1394 - ok
20:27:06.0656 14600  asc - ok
20:27:06.0671 14600  asc3350p - ok
20:27:06.0671 14600  asc3550 - ok
20:27:06.0859 14600  [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
20:27:06.0875 14600  aspnet_state - ok
20:27:06.0937 14600  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
20:27:06.0953 14600  AsyncMac - ok
20:27:06.0984 14600  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
20:27:06.0984 14600  atapi - ok
20:27:06.0984 14600  Atdisk - ok
20:27:07.0015 14600  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
20:27:07.0031 14600  Atmarpc - ok
20:27:07.0062 14600  [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
20:27:07.0093 14600  AudioSrv - ok
20:27:07.0140 14600  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
20:27:07.0140 14600  audstub - ok
20:27:07.0203 14600  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
20:27:07.0234 14600  Beep - ok
20:27:07.0343 14600  [ 574738F61FCA2935F5265DC4E5691314 ] BITS            C:\WINDOWS\system32\qmgr.dll
20:27:07.0453 14600  BITS - ok
20:27:07.0515 14600  [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser         C:\WINDOWS\System32\browser.dll
20:27:07.0515 14600  Browser - ok
20:27:07.0609 14600  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
20:27:07.0609 14600  cbidf2k - ok
20:27:07.0656 14600  [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE        C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
20:27:07.0671 14600  CCDECODE - ok
20:27:07.0671 14600  cd20xrnt - ok
20:27:07.0734 14600  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
20:27:07.0734 14600  Cdaudio - ok
20:27:07.0812 14600  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
20:27:07.0828 14600  Cdfs - ok
20:27:07.0875 14600  [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
20:27:07.0875 14600  Cdrom - ok
20:27:07.0890 14600  Changer - ok
20:27:07.0921 14600  [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc           C:\WINDOWS\system32\cisvc.exe
20:27:07.0937 14600  CiSvc - ok
20:27:07.0953 14600  [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
20:27:07.0984 14600  ClipSrv - ok
20:27:08.0046 14600  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:27:08.0046 14600  clr_optimization_v2.0.50727_32 - ok
20:27:08.0062 14600  [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt          C:\WINDOWS\system32\DRIVERS\CmBatt.sys
20:27:08.0078 14600  CmBatt - ok
20:27:08.0093 14600  CmdIde - ok
20:27:08.0109 14600  [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt        C:\WINDOWS\system32\DRIVERS\compbatt.sys
20:27:08.0109 14600  Compbatt - ok
20:27:08.0125 14600  COMSysApp - ok
20:27:08.0140 14600  Cpqarray - ok
20:27:08.0203 14600  [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
20:27:08.0203 14600  CryptSvc - ok
20:27:08.0296 14600  [ CB6FF7012BB5D59D7C12350DB795CE1F ] ctxusbm         C:\WINDOWS\system32\DRIVERS\ctxusbm.sys
20:27:08.0343 14600  ctxusbm - ok
20:27:08.0359 14600  dac2w2k - ok
20:27:08.0359 14600  dac960nt - ok
20:27:08.0453 14600  [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
20:27:08.0484 14600  DcomLaunch - ok
20:27:08.0546 14600  [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
20:27:08.0546 14600  Dhcp - ok
20:27:08.0562 14600  [ 044452051F3E02E7963599FC8F4F3E25 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
20:27:08.0562 14600  Disk - ok
20:27:08.0562 14600  dmadmin - ok
20:27:08.0781 14600  [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
20:27:08.0890 14600  dmboot - ok
20:27:08.0953 14600  [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
20:27:08.0968 14600  dmio - ok
20:27:09.0000 14600  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
20:27:09.0031 14600  dmload - ok
20:27:09.0078 14600  [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver        C:\WINDOWS\System32\dmserver.dll
20:27:09.0078 14600  dmserver - ok
20:27:09.0109 14600  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
20:27:09.0125 14600  DMusic - ok
20:27:09.0187 14600  [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
20:27:09.0218 14600  Dnscache - ok
20:27:09.0296 14600  [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
20:27:09.0296 14600  Dot3svc - ok
20:27:09.0296 14600  dpti2o - ok
20:27:09.0359 14600  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
20:27:09.0359 14600  drmkaud - ok
20:27:09.0437 14600  [ 59D9E5DBCFEF1E0E3DBAC1B55C718F2D ] eamon           C:\WINDOWS\system32\DRIVERS\eamon.sys
20:27:09.0468 14600  eamon - ok
20:27:09.0500 14600  [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost         C:\WINDOWS\System32\eapsvc.dll
20:27:09.0515 14600  EapHost - ok
20:27:09.0546 14600  [ 3BD67A869964BF57266CBBD1DCA38C6A ] ehdrv           C:\WINDOWS\system32\DRIVERS\ehdrv.sys
20:27:09.0578 14600  ehdrv - ok
20:27:09.0765 14600  [ 96FC9AD2C1B008424093F5367CA1AE3E ] EhttpSrv        C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
20:27:09.0796 14600  EhttpSrv - ok
20:27:10.0031 14600  [ D543E7E8BCAE3F5D256335EEE809ADF5 ] ekrn            C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
20:27:10.0187 14600  ekrn - ok
20:27:10.0265 14600  [ AA0AF2830FC14FFD7E80611614ECAC74 ] epfwtdir        C:\WINDOWS\system32\DRIVERS\epfwtdir.sys
20:27:10.0296 14600  epfwtdir - ok
20:27:10.0406 14600  [ ABDD5AD016AFFD34AD40E944CE94BF59 ] EpsonBidirectionalService C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
20:27:10.0421 14600  EpsonBidirectionalService - ok
20:27:10.0468 14600  [ BC93B4A066477954555966D77FEC9ECB ] ERSvc           C:\WINDOWS\System32\ersvc.dll
20:27:10.0484 14600  ERSvc - ok
20:27:10.0546 14600  [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog        C:\WINDOWS\system32\services.exe
20:27:10.0562 14600  Eventlog - ok
20:27:10.0656 14600  [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem     C:\WINDOWS\system32\es.dll
20:27:10.0703 14600  EventSystem - ok
20:27:10.0750 14600  [ 38D332A6D56AF32635675F132548343E ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
20:27:10.0750 14600  Fastfat - ok
20:27:10.0812 14600  [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
20:27:10.0828 14600  FastUserSwitchingCompatibility - ok
20:27:10.0937 14600  [ E97D6A8684466DF94FF3BC24FB787A07 ] Fax             C:\WINDOWS\system32\fxssvc.exe
20:27:11.0015 14600  Fax - ok
20:27:11.0093 14600  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc             C:\WINDOWS\system32\drivers\Fdc.sys
20:27:11.0109 14600  Fdc - ok
20:27:11.0171 14600  [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
20:27:11.0187 14600  Fips - ok
20:27:11.0328 14600  [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
20:27:11.0421 14600  FLEXnet Licensing Service - ok
20:27:11.0421 14600  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys
20:27:11.0421 14600  Flpydisk - ok
20:27:11.0515 14600  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
20:27:11.0515 14600  FltMgr - ok
20:27:11.0687 14600  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
20:27:11.0687 14600  FontCache3.0.0.0 - ok
20:27:11.0734 14600  [ 790A4CA68F44BE35967B3DF61F3E4675 ] FsUsbExDisk     C:\WINDOWS\system32\FsUsbExDisk.SYS
20:27:11.0750 14600  FsUsbExDisk - ok
20:27:11.0796 14600  [ D3F9205CC4CB07553F2F9472C767EA87 ] FsUsbExService  C:\WINDOWS\system32\FsUsbExService.Exe
20:27:11.0812 14600  FsUsbExService - ok
20:27:11.0875 14600  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:27:11.0875 14600  Fs_Rec - ok
20:27:11.0906 14600  [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
20:27:11.0921 14600  Ftdisk - ok
20:27:11.0984 14600  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
20:27:12.0015 14600  Gpc - ok
20:27:12.0109 14600  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
20:27:12.0140 14600  gupdate - ok
20:27:12.0140 14600  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
20:27:12.0156 14600  gupdatem - ok
20:27:12.0203 14600  [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
20:27:12.0203 14600  HDAudBus - ok
20:27:12.0312 14600  [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
20:27:12.0312 14600  helpsvc - ok
20:27:12.0390 14600  [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ         C:\WINDOWS\System32\hidserv.dll
20:27:12.0406 14600  HidServ - ok
20:27:12.0468 14600  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
20:27:12.0468 14600  HidUsb - ok
20:27:12.0515 14600  [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
20:27:12.0531 14600  hkmsvc - ok
20:27:12.0546 14600  hpn - ok
20:27:12.0656 14600  [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
20:27:12.0718 14600  HTTP - ok
20:27:12.0765 14600  [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
20:27:12.0765 14600  HTTPFilter - ok
20:27:12.0781 14600  i2omgmt - ok
20:27:12.0781 14600  i2omp - ok
20:27:12.0812 14600  [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
20:27:12.0812 14600  i8042prt - ok
20:27:13.0000 14600  [ 0F0194C4B635C10C3F785E4FEE52D641 ] ialm            C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
20:27:13.0156 14600  ialm - ok
20:27:13.0343 14600  [ 309C4D86D989FB1FCF64BD30DC81C51B ] iaStor          C:\WINDOWS\system32\drivers\iaStor.sys
20:27:13.0343 14600  iaStor - ok
20:27:13.0500 14600  [ 6F95324909B502E2651442C1548AB12F ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
20:27:13.0531 14600  IDriverT - ok
20:27:13.0750 14600  [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc           c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:27:13.0906 14600  idsvc - ok
20:27:13.0937 14600  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
20:27:13.0937 14600  Imapi - ok
20:27:14.0046 14600  [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService    C:\WINDOWS\system32\imapi.exe
20:27:14.0062 14600  ImapiService - ok
20:27:14.0062 14600  ini910u - ok
20:27:14.0531 14600  [ 71AE838A88B07268D732F596FC17CED5 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
20:27:15.0140 14600  IntcAzAudAddService - ok
20:27:15.0234 14600  [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde        C:\WINDOWS\system32\DRIVERS\intelide.sys
20:27:15.0234 14600  IntelIde - ok
20:27:15.0296 14600  [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
20:27:15.0296 14600  intelppm - ok
20:27:15.0328 14600  [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys
20:27:15.0328 14600  Ip6Fw - ok
20:27:15.0375 14600  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:27:15.0375 14600  IpFilterDriver - ok
20:27:15.0406 14600  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
20:27:15.0406 14600  IpInIp - ok
20:27:15.0453 14600  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
20:27:15.0453 14600  IpNat - ok
20:27:15.0500 14600  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
20:27:15.0500 14600  IPSec - ok
20:27:15.0531 14600  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
20:27:15.0531 14600  IRENUM - ok
20:27:15.0562 14600  [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
20:27:15.0562 14600  isapnp - ok
20:27:15.0812 14600  [ 9ECF00E19736054E019C532AED8228FC ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
20:27:15.0812 14600  JavaQuickStarterService - ok
20:27:15.0890 14600  [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
20:27:15.0890 14600  Kbdclass - ok
20:27:15.0953 14600  [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
20:27:15.0953 14600  kbdhid - ok
20:27:15.0968 14600  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
20:27:15.0984 14600  kmixer - ok
20:27:16.0062 14600  [ B467646C54CC746128904E1654C750C1 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
20:27:16.0093 14600  KSecDD - ok
20:27:16.0156 14600  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
20:27:16.0156 14600  lanmanserver - ok
20:27:16.0234 14600  [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
20:27:16.0250 14600  lanmanworkstation - ok
20:27:16.0265 14600  Lbd - ok
20:27:16.0281 14600  lbrtfdc - ok
20:27:16.0312 14600  [ A7DB739AE99A796D91580147E919CC59 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
20:27:16.0343 14600  LmHosts - ok
20:27:16.0343 14600  massfilter - ok
20:27:16.0406 14600  [ 0DB7527DB188C7D967A37BB51BBF3963 ] MBAMSwissArmy   C:\WINDOWS\system32\drivers\mbamswissarmy.sys
20:27:16.0421 14600  MBAMSwissArmy - ok
20:27:16.0593 14600  [ 11F714F85530A2BD134074DC30E99FCA ] MDM             C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
20:27:16.0625 14600  MDM - ok
20:27:16.0687 14600  [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
20:27:16.0703 14600  Messenger - ok
20:27:16.0781 14600  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
20:27:16.0796 14600  mnmdd - ok
20:27:16.0843 14600  [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
20:27:16.0859 14600  mnmsrvc - ok
20:27:16.0937 14600  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
20:27:16.0937 14600  Modem - ok
20:27:16.0953 14600  [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
20:27:16.0968 14600  Mouclass - ok
20:27:17.0031 14600  [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
20:27:17.0031 14600  mouhid - ok
20:27:17.0046 14600  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
20:27:17.0046 14600  MountMgr - ok
20:27:17.0156 14600  [ 528A5C2570F468155A1B3CF0A2FF5EBD ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
20:27:17.0171 14600  MozillaMaintenance - ok
20:27:17.0187 14600  mraid35x - ok
20:27:17.0234 14600  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
20:27:17.0234 14600  MRxDAV - ok
20:27:17.0359 14600  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:27:17.0421 14600  MRxSmb - ok
20:27:17.0453 14600  [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
20:27:17.0468 14600  MSDTC - ok
20:27:17.0468 14600  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
20:27:17.0468 14600  Msfs - ok
20:27:17.0484 14600  MSIServer - ok
20:27:17.0515 14600  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:27:17.0515 14600  MSKSSRV - ok
20:27:17.0531 14600  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:27:17.0546 14600  MSPCLOCK - ok
20:27:17.0578 14600  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
20:27:17.0609 14600  MSPQM - ok
20:27:17.0656 14600  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
20:27:17.0656 14600  mssmbios - ok
20:27:17.0703 14600  [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
20:27:17.0703 14600  MSTEE - ok
20:27:17.0734 14600  [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
20:27:17.0750 14600  Mup - ok
20:27:17.0812 14600  [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC        C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
20:27:17.0828 14600  NABTSFEC - ok
20:27:17.0875 14600  [ E6D35F3AA51A65EB35C1F2340154A25E ] nafx            C:\WINDOWS\system32\drivers\ufepdphs.sys
20:27:17.0890 14600  nafx - ok
20:27:17.0937 14600  [ 0102140028FAD045756796E1C685D695 ] napagent        C:\WINDOWS\System32\qagentrt.dll
20:27:17.0953 14600  napagent - ok
20:27:18.0078 14600  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
20:27:18.0078 14600  NDIS - ok
20:27:18.0109 14600  [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP          C:\WINDOWS\system32\DRIVERS\NdisIP.sys
20:27:18.0109 14600  NdisIP - ok
20:27:18.0187 14600  [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:27:18.0203 14600  NdisTapi - ok
20:27:18.0234 14600  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:27:18.0250 14600  Ndisuio - ok
20:27:18.0296 14600  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:27:18.0312 14600  NdisWan - ok
20:27:18.0359 14600  [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
20:27:18.0375 14600  NDProxy - ok
20:27:18.0406 14600  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
20:27:18.0437 14600  NetBIOS - ok
20:27:18.0500 14600  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
20:27:18.0531 14600  NetBT - ok
20:27:18.0609 14600  [ B857BA82860D7FF85AE29B095645563B ] NetDDE          C:\WINDOWS\system32\netdde.exe
20:27:18.0609 14600  NetDDE - ok
20:27:18.0640 14600  [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
20:27:18.0640 14600  NetDDEdsdm - ok
20:27:18.0703 14600  [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon        C:\WINDOWS\system32\lsass.exe
20:27:18.0734 14600  Netlogon - ok
20:27:18.0781 14600  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman          C:\WINDOWS\System32\netman.dll
20:27:18.0781 14600  Netman - ok
20:27:18.0875 14600  [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:27:18.0875 14600  NetTcpPortSharing - ok
20:27:18.0953 14600  [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394         C:\WINDOWS\system32\DRIVERS\nic1394.sys
20:27:18.0953 14600  NIC1394 - ok
20:27:19.0125 14600  [ 943337D786A56729263071623BBB9DE5 ] Nla             C:\WINDOWS\System32\mswsock.dll
20:27:19.0171 14600  Nla - ok
20:27:19.0187 14600  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
20:27:19.0187 14600  Npfs - ok
20:27:19.0328 14600  [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
20:27:19.0375 14600  Ntfs - ok
20:27:19.0406 14600  [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
20:27:19.0406 14600  NtLmSsp - ok
20:27:19.0484 14600  [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
20:27:19.0515 14600  NtmsSvc - ok
20:27:19.0578 14600  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
20:27:19.0593 14600  Null - ok
20:27:19.0640 14600  [ 0344AA9113DC16EEC379F4652020849D ] nvatabus        C:\WINDOWS\system32\drivers\nvatabus.sys
20:27:19.0687 14600  nvatabus - ok
20:27:19.0703 14600  [ A4F2A29B9D40F9FFBBB54E56CE483797 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
20:27:19.0703 14600  nvraid - ok
20:27:19.0781 14600  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
20:27:19.0796 14600  NwlnkFlt - ok
20:27:19.0828 14600  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
20:27:19.0843 14600  NwlnkFwd - ok
20:27:19.0906 14600  [ E8CEB4094828FD742C8FA4BAE76BF301 ] O2Flash         C:\WINDOWS\system32\o2flash.exe
20:27:19.0921 14600  O2Flash - ok
20:27:19.0953 14600  [ 9BE9AFAF92F5F46D109694BBE33C3BDA ] O2MDRDR         C:\WINDOWS\system32\DRIVERS\o2media.sys
20:27:19.0984 14600  O2MDRDR - ok
20:27:19.0984 14600  [ 12A6D826A1A27818170552F2495A567A ] O2SDRDR         C:\WINDOWS\system32\DRIVERS\o2sd.sys
20:27:20.0000 14600  O2SDRDR - ok
20:27:20.0140 14600  [ E54AA592A65F317390EEE386A8821692 ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:27:20.0187 14600  odserv - ok
20:27:20.0250 14600  [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394        C:\WINDOWS\system32\DRIVERS\ohci1394.sys
20:27:20.0265 14600  ohci1394 - ok
20:27:20.0328 14600  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:27:20.0359 14600  ose - ok
20:27:20.0406 14600  [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport         C:\WINDOWS\system32\drivers\Parport.sys
20:27:20.0421 14600  Parport - ok
20:27:20.0468 14600  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
20:27:20.0484 14600  PartMgr - ok
20:27:20.0515 14600  [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
20:27:20.0531 14600  ParVdm - ok
20:27:20.0609 14600  [ 175CC28DCF819F78CAA3FBD44AD9E52A ] pccsmcfd        C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
20:27:20.0640 14600  pccsmcfd - ok
20:27:20.0640 14600  [ A219903CCF74233761D92BEF471A07B1 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
20:27:20.0656 14600  PCI - ok
20:27:20.0656 14600  PCIDump - ok
20:27:20.0703 14600  [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
20:27:20.0734 14600  PCIIde - ok
20:27:20.0796 14600  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
20:27:20.0796 14600  Pcmcia - ok
20:27:20.0796 14600  PDCOMP - ok
20:27:20.0812 14600  PDFRAME - ok
20:27:20.0828 14600  PDRELI - ok
20:27:20.0828 14600  PDRFRAME - ok
20:27:20.0843 14600  perc2 - ok
20:27:20.0843 14600  perc2hib - ok
20:27:20.0937 14600  [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay        C:\WINDOWS\system32\services.exe
20:27:20.0937 14600  PlugPlay - ok
20:27:20.0953 14600  [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
20:27:20.0953 14600  PolicyAgent - ok
20:27:21.0031 14600  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
20:27:21.0046 14600  PptpMiniport - ok
20:27:21.0046 14600  [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
20:27:21.0062 14600  ProtectedStorage - ok
20:27:21.0093 14600  [ 09298EC810B07E5D582CB3A3F9255424 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
20:27:21.0093 14600  PSched - ok
20:27:21.0156 14600  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
20:27:21.0171 14600  Ptilink - ok
20:27:21.0171 14600  ql1080 - ok
20:27:21.0187 14600  Ql10wnt - ok
20:27:21.0187 14600  ql12160 - ok
20:27:21.0203 14600  ql1240 - ok
20:27:21.0203 14600  ql1280 - ok
20:27:21.0453 14600  [ D8D25770F45E0D71E33C3D970175ECB4 ] RapportCerberus_53984 C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\53984\RapportCerberus32_53984.sys
20:27:21.0468 14600  RapportCerberus_53984 - ok
20:27:21.0531 14600  [ 18AE540C5D8A14251919B01AF852C7B1 ] RapportEI       C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys
20:27:21.0546 14600  RapportEI - ok
20:27:21.0640 14600  [ B8F00C9755520A0F8AB01F0AADE8B64E ] RapportKELL     C:\WINDOWS\system32\Drivers\RapportKELL.sys
20:27:21.0656 14600  RapportKELL - ok
20:27:21.0750 14600  [ 71FE1AAF8CEEE80D64EA6ED2AFBB103D ] RapportMgmtService C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
20:27:21.0859 14600  RapportMgmtService - ok
20:27:21.0890 14600  [ 17F52BA36F48F76425C5CFA0FB96167D ] RapportPG       C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys
20:27:21.0906 14600  RapportPG - ok
20:27:21.0968 14600  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:27:21.0968 14600  RasAcd - ok
20:27:22.0046 14600  [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
20:27:22.0046 14600  RasAuto - ok
20:27:22.0078 14600  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:27:22.0078 14600  Rasl2tp - ok
20:27:22.0187 14600  [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan          C:\WINDOWS\System32\rasmans.dll
20:27:22.0203 14600  RasMan - ok
20:27:22.0218 14600  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:27:22.0218 14600  RasPppoe - ok
20:27:22.0218 14600  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
20:27:22.0218 14600  Raspti - ok
20:27:22.0281 14600  [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:27:22.0281 14600  Rdbss - ok
20:27:22.0343 14600  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
20:27:22.0343 14600  RDPCDD - ok
20:27:22.0453 14600  [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
20:27:22.0468 14600  RDPWD - ok
20:27:22.0515 14600  [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
20:27:22.0531 14600  RDSessMgr - ok
20:27:22.0562 14600  [ F828DD7E1419B6653894A8F97A0094C5 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
20:27:22.0562 14600  redbook - ok
20:27:22.0625 14600  [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
20:27:22.0640 14600  RemoteAccess - ok
20:27:22.0703 14600  [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator      C:\WINDOWS\system32\locator.exe
20:27:22.0703 14600  RpcLocator - ok
20:27:22.0812 14600  [ 6B27A5C03DFB94B4245739065431322C ] RpcSs           C:\WINDOWS\System32\rpcss.dll
20:27:22.0812 14600  RpcSs - ok
20:27:22.0890 14600  [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP            C:\WINDOWS\system32\rsvp.exe
20:27:22.0890 14600  RSVP - ok
20:27:23.0250 14600  [ 8E34400FFC7D647946D9C820678775AF ] RTL8023xp       C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
20:27:23.0296 14600  RTL8023xp - ok
20:27:23.0375 14600  [ D507C1400284176573224903819FFDA3 ] rtl8139         C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
20:27:23.0406 14600  rtl8139 - ok
20:27:23.0437 14600  [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs           C:\WINDOWS\system32\lsass.exe
20:27:23.0437 14600  SamSs - ok
20:27:23.0546 14600  [ A3281AEC37E0720A2BC28034C2DF2A56 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
20:27:23.0578 14600  SASDIFSV - ok
20:27:23.0593 14600  [ 7CE61C25C159F50F9EAF6D77FC83FA35 ] SASENUM         C:\Program Files\SUPERAntiSpyware\SASENUM.SYS
20:27:23.0625 14600  SASENUM - ok
20:27:23.0656 14600  [ 61DB0D0756A99506207FD724E3692B25 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys
20:27:23.0687 14600  SASKUTIL - ok
20:27:23.0750 14600  [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
20:27:23.0781 14600  SCardSvr - ok
20:27:23.0843 14600  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule        C:\WINDOWS\system32\schedsvc.dll
20:27:23.0859 14600  Schedule - ok
20:27:23.0906 14600  [ 8D04819A3CE51B9EB47E5689B44D43C4 ] sdbus           C:\WINDOWS\system32\DRIVERS\sdbus.sys
20:27:23.0906 14600  sdbus - ok
20:27:23.0968 14600  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
20:27:23.0968 14600  Secdrv - ok
20:27:23.0984 14600  [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon        C:\WINDOWS\System32\seclogon.dll
20:27:24.0000 14600  seclogon - ok
20:27:24.0015 14600  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS            C:\WINDOWS\system32\sens.dll
20:27:24.0015 14600  SENS - ok
20:27:24.0031 14600  [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial          C:\WINDOWS\system32\drivers\Serial.sys
20:27:24.0046 14600  Serial - ok
20:27:24.0234 14600  [ 9D38320BB32230349379DF5DDBBF7FCE ] ServiceLayer    c:\Program Files\PC Connectivity Solution\ServiceLayer.exe
20:27:24.0250 14600  ServiceLayer - ok
20:27:24.0312 14600  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
20:27:24.0312 14600  Sfloppy - ok
20:27:24.0406 14600  [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
20:27:24.0453 14600  SharedAccess - ok
20:27:24.0500 14600  [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
20:27:24.0500 14600  ShellHWDetection - ok
20:27:24.0515 14600  Simbad - ok
20:27:24.0593 14600  [ B8A2F8DCDC75F19962D975727F393920 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
20:27:24.0593 14600  SiSRaid2 - ok
20:27:24.0671 14600  [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP            C:\WINDOWS\system32\DRIVERS\SLIP.sys
20:27:24.0687 14600  SLIP - ok
20:27:24.0812 14600  [ CE2E9D6B8C26C38779581CFF1F14B65B ] smserial        C:\WINDOWS\system32\DRIVERS\smserial.sys
20:27:24.0921 14600  smserial - ok
20:27:25.0015 14600  [ 6DB1737F710860C1685BFACE72798535 ] snpstd2         C:\WINDOWS\system32\DRIVERS\snpstd2.sys
20:27:25.0031 14600  snpstd2 - ok
20:27:25.0031 14600  Sparrow - ok
20:27:25.0046 14600  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
20:27:25.0046 14600  splitter - ok
20:27:25.0125 14600  [ 60784F891563FB1B767F70117FC2428F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
20:27:25.0125 14600  Spooler - ok
20:27:25.0187 14600  [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
20:27:25.0203 14600  sr - ok
20:27:25.0312 14600  [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice       C:\WINDOWS\system32\srsvc.dll
20:27:25.0312 14600  srservice - ok
20:27:25.0390 14600  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
20:27:25.0515 14600  Srv - ok
20:27:25.0562 14600  [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
20:27:25.0578 14600  SSDPSRV - ok
20:27:25.0640 14600  [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv          C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
20:27:25.0640 14600  ssmdrv - ok
20:27:25.0718 14600  [ DF5C19F053EFF7F8BA25D73AEA899656 ] ssm_bus         C:\WINDOWS\system32\DRIVERS\ssm_bus.sys
20:27:25.0718 14600  ssm_bus - ok
20:27:25.0781 14600  [ 5347169FA449EABC4D0728AE39FAB926 ] ssm_mdfl        C:\WINDOWS\system32\DRIVERS\ssm_mdfl.sys
20:27:25.0781 14600  ssm_mdfl - ok
20:27:25.0843 14600  [ 7AAE23DD105EED15C4F45FC269FA42A9 ] ssm_mdm         C:\WINDOWS\system32\DRIVERS\ssm_mdm.sys
20:27:25.0859 14600  ssm_mdm - ok
20:27:25.0906 14600  [ EAA66218CD39F5BB1B4853A78C67C787 ] ss_bbus         C:\WINDOWS\system32\DRIVERS\ss_bbus.sys
20:27:25.0937 14600  ss_bbus - ok
20:27:25.0984 14600  [ 91765F99914ED8693D8BC76524F21581 ] ss_bmdfl        C:\WINDOWS\system32\DRIVERS\ss_bmdfl.sys
20:27:26.0000 14600  ss_bmdfl - ok
20:27:26.0062 14600  [ 840E7B738B03C10EE91D9B7D3D6EFF15 ] ss_bmdm         C:\WINDOWS\system32\DRIVERS\ss_bmdm.sys
20:27:26.0078 14600  ss_bmdm - ok
20:27:26.0171 14600  [ 306521935042FC0A6988D528643619B3 ] StarOpen        C:\WINDOWS\system32\drivers\StarOpen.sys
20:27:26.0171 14600  StarOpen - ok
20:27:26.0296 14600  [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
20:27:26.0343 14600  stisvc - ok
20:27:26.0390 14600  [ 77813007BA6265C4B6098187E6ED79D2 ] streamip        C:\WINDOWS\system32\DRIVERS\StreamIP.sys
20:27:26.0406 14600  streamip - ok
20:27:26.0484 14600  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
20:27:26.0484 14600  swenum - ok
20:27:26.0500 14600  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
20:27:26.0515 14600  swmidi - ok
20:27:26.0515 14600  SwPrv - ok
20:27:26.0531 14600  symc810 - ok
20:27:26.0546 14600  symc8xx - ok
20:27:26.0562 14600  sym_hi - ok
20:27:26.0562 14600  sym_u3 - ok
20:27:26.0593 14600  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
20:27:26.0609 14600  sysaudio - ok
20:27:26.0671 14600  [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
20:27:26.0671 14600  SysmonLog - ok
20:27:27.0062 14600  [ 7855D6371E72EDCE0C4148AC79674DD4 ] TabletServiceWacom C:\WINDOWS\system32\Wacom_Tablet.exe
20:27:27.0187 14600  TabletServiceWacom - ok
20:27:27.0281 14600  [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
20:27:27.0296 14600  TapiSrv - ok
20:27:27.0468 14600  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:27:27.0578 14600  Tcpip - ok
20:27:27.0718 14600  [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
20:27:27.0734 14600  TDPIPE - ok
20:27:27.0765 14600  [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
20:27:27.0765 14600  TDTCP - ok
20:27:27.0796 14600  [ 88155247177638048422893737429D9E ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
20:27:27.0796 14600  TermDD - ok
20:27:27.0828 14600  [ FF3477C03BE7201C294C35F684B3479F ] TermService     C:\WINDOWS\System32\termsrv.dll
20:27:27.0843 14600  TermService - ok
20:27:27.0906 14600  [ 99BC0B50F511924348BE19C7C7313BBF ] Themes          C:\WINDOWS\System32\shsvcs.dll
20:27:27.0906 14600  Themes - ok
20:27:27.0921 14600  TosIde - ok
20:27:27.0968 14600  [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks          C:\WINDOWS\system32\trkwks.dll
20:27:27.0984 14600  TrkWks - ok
20:27:28.0031 14600  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
20:27:28.0031 14600  Udfs - ok
20:27:28.0046 14600  ultra - ok
20:27:28.0125 14600  [ AB0A7CA90D9E3D6A193905DC1715DED0 ] UMWdf           C:\WINDOWS\system32\wdfmgr.exe
20:27:28.0156 14600  UMWdf - ok
20:27:28.0250 14600  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
20:27:28.0328 14600  Update - ok
20:27:28.0375 14600  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost        C:\WINDOWS\System32\upnphost.dll
20:27:28.0390 14600  upnphost - ok
20:27:28.0406 14600  [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS             C:\WINDOWS\System32\ups.exe
20:27:28.0406 14600  UPS - ok
20:27:28.0500 14600  [ E919708DB44ED8543A7C017953148330 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
20:27:28.0500 14600  usbaudio - ok
20:27:28.0546 14600  [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
20:27:28.0562 14600  usbccgp - ok
20:27:28.0593 14600  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
20:27:28.0593 14600  usbehci - ok
20:27:28.0625 14600  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
20:27:28.0640 14600  usbhub - ok
20:27:28.0703 14600  [ A717C8721046828520C9EDF31288FC00 ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
20:27:28.0734 14600  usbprint - ok
20:27:28.0796 14600  [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
20:27:28.0828 14600  usbscan - ok
20:27:28.0859 14600  [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
20:27:28.0859 14600  USBSTOR - ok
20:27:28.0875 14600  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
20:27:28.0921 14600  usbuhci - ok
20:27:28.0968 14600  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
20:27:28.0984 14600  VgaSave - ok
20:27:29.0000 14600  ViaIde - ok
20:27:29.0078 14600  [ FBF18F9F5FB852C2976723587B44F346 ] viamraid        C:\WINDOWS\system32\drivers\viamraid.sys
20:27:29.0093 14600  viamraid - ok
20:27:29.0109 14600  [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
20:27:29.0125 14600  VolSnap - ok
20:27:29.0203 14600  [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS             C:\WINDOWS\System32\vssvc.exe
20:27:29.0250 14600  VSS - ok
20:27:29.0328 14600  [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time         C:\WINDOWS\system32\w32time.dll
20:27:29.0343 14600  W32Time - ok
20:27:29.0562 14600  [ B1F126E7E28877106D60E6FF3998D033 ] w39n51          C:\WINDOWS\system32\DRIVERS\w39n51.sys
20:27:29.0640 14600  w39n51 - ok
20:27:29.0703 14600  [ 427A8BC96F16C40DF81C2D2F4EDD32DD ] wacommousefilter C:\WINDOWS\system32\DRIVERS\wacommousefilter.sys
20:27:29.0718 14600  wacommousefilter - ok
20:27:29.0765 14600  [ 73E6F16A1F187D71FB26AF308551E54A ] wacomvhid       C:\WINDOWS\system32\DRIVERS\wacomvhid.sys
20:27:29.0765 14600  wacomvhid - ok
20:27:29.0781 14600  [ 889459833432B161CB99CFDF84A1A9BB ] WacomVKHid      C:\WINDOWS\system32\DRIVERS\WacomVKHid.sys
20:27:29.0812 14600  WacomVKHid - ok
20:27:29.0875 14600  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:27:29.0875 14600  Wanarp - ok
20:27:29.0875 14600  WDICA - ok
20:27:29.0906 14600  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
20:27:29.0921 14600  wdmaud - ok
20:27:29.0984 14600  [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient       C:\WINDOWS\System32\webclnt.dll
20:27:30.0000 14600  WebClient - ok
20:27:30.0125 14600  [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
20:27:30.0140 14600  winmgmt - ok
20:27:30.0203 14600  [ 140EF97B64F560FD78643CAE2CDAD838 ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
20:27:30.0203 14600  WmdmPmSN - ok
20:27:30.0265 14600  [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
20:27:30.0265 14600  WmiApSrv - ok
20:27:30.0343 14600  [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
20:27:30.0359 14600  wscsvc - ok
20:27:30.0375 14600  [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC        C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
20:27:30.0406 14600  WSTCODEC - ok
20:27:30.0421 14600  [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
20:27:30.0468 14600  wuauserv - ok
20:27:30.0562 14600  [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
20:27:30.0578 14600  WZCSVC - ok
20:27:30.0625 14600  [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
20:27:30.0625 14600  xmlprov - ok
20:27:30.0671 14600  [ E6D35F3AA51A65EB35C1F2340154A25E ] ytomfqd         C:\WINDOWS\system32\drivers\jkmqcf.sys
20:27:30.0703 14600  ytomfqd - ok
20:27:30.0734 14600  ZTEusbmdm6k - ok
20:27:30.0734 14600  ZTEusbnmea - ok
20:27:30.0750 14600  ZTEusbser6k - ok
20:27:30.0765 14600  ================ Scan global ===============================
20:27:30.0828 14600  [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
20:27:30.0921 14600  [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
20:27:30.0968 14600  [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
20:27:31.0000 14600  [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
20:27:31.0000 14600  [Global] - ok
20:27:31.0000 14600  ================ Scan MBR ==================================
20:27:31.0046 14600  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
20:27:31.0718 14600  \Device\Harddisk0\DR0 - ok
20:27:31.0718 14600  ================ Scan VBR ==================================
20:27:31.0718 14600  [ 11CCF4D5B738DEE0C30A5017591459E0 ] \Device\Harddisk0\DR0\Partition1
20:27:31.0718 14600  \Device\Harddisk0\DR0\Partition1 - ok
20:27:31.0734 14600  ============================================================
20:27:31.0734 14600  Scan finished
20:27:31.0734 14600  ============================================================
20:27:31.0750 14580  Detected object count: 0
20:27:31.0750 14580  Actual detected object count: 0
20:27:38.0843 10084  Deinitialize success
 

 

 



#4 GodfatherKing

GodfatherKing

  • Members
  • 587 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:15 PM

Posted 12 August 2013 - 03:06 AM

:step1: Repeat the MBAM scan and now it must be clean.


If you have received help from me and I don't have respond to you for almost >= 3 days, send me a Private Message.  :hello:


#5 Missie-000

Missie-000
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:12:15 PM

Posted 12 August 2013 - 05:57 AM

Hi ,

      Repeated MBAM,  and it didn't find anything, and thank you for your assistance in resolving this issue



#6 GodfatherKing

GodfatherKing

  • Members
  • 587 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:15 PM

Posted 12 August 2013 - 06:02 AM

:step1: My advice is to keep your computer up to date with Windows Updates, Java and Adobe Reader and Flash Player.

 

:step2: Use WOT to inspect sites if they are safe or not :http://www.mywot.com/

 

:step3: A good working AntiVirus is also important. I personally advice Avast free or Avira. MSE it's detection is not so great.

 

:step4: Let's check how good your security is:

 

Download Security Check from here or here and save it to your Desktop.

  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2 SecurityCheck may produce some false warning(s), so leave the results reading to me.


If you have received help from me and I don't have respond to you for almost >= 3 days, send me a Private Message.  :hello:


#7 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,281 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:08:15 AM

Posted 12 August 2013 - 07:37 AM

FYI Missie-000: PUP detection means a "Potentially Unwanted Program". PUP is a very broad threat category which can encompass any number of different programs to include those which are benign as well as malicious. PUPs in and of themselves are not always bad...many are generally known, non-malicious but unwanted software. PUPs are considered unwanted because they can cause undesirable system performance or other problems and are sometimes installed without the user's consent since they are often included when downloading legitimate programs. This is what Malwarebytes has to say: What are the 'PUP' detections, are they threats and should they be deleted?.

In the past, Malwarebytes Anti-Malware detected only PUPs that were considered mostly harmful and deceiving but they revised their policy, taking a more aggressive approach to include PUPs that most users found annoying or misleading. However, PUPs may be defined somewhat differently by various security vendors.

You should be more concerned as to what the Eset scan detected:

C:\Documents and Settings\Les\Desktop\Programs\Dreamweaver MX\keygen.exe...a variant of Win32/Keygen.CY application

The practice of using keygens, hacking toolscracking tools, warez, torrents or any pirated software is not only considered illegal activity but it is a serious security risk.

Cracking applications are used for illegally breaking (cracking) various copy-protection and registration techniques used in commercial software. These programs may be distributed via Web sites, Usenet, and P2P networks.
TrendMicro Warning

...warez and crack web pages are being used by cybercriminals as download sites for malware related to VIRUT and VIRUX. Searches for serial numbers, cracks, and even antivirus products like Trend Micro yield malcodes that come in the form of executables or self-extracting files...quick links in these sites also lead to malicious files. Ads and banners are also infection vectors...
Keygen and Crack Sites Distribute VIRUX and FakeAV

...warez/piracy sites ranked the highest in downloading spyware...just opening the web page usually sets off an exploit, never mind actually downloading anything. And by the time the malware is finished downloading, often the machine is trashed and rendered useless.
University of Washington spyware study

...One of the most aggressive and intrusive of all bad websites on the Internet are serial, warez, software cracking type sites...they sneak malware onto your system...Where do trojan viruses originate? One of the biggest malware distributors on the Internet are serial/warez/code cracking sites.
Bad Web Sites: Malware

...a staggering 59% of the key generators and crack tools downloaded from P2P networks represent a security liability since they contain malicious and unwanted code. "25% of the Web sites we accessed offering counterfeit product keys, pirated software, key generators or crack tools attempted to install either malicious software or potentially unwanted software. A significant number of these Web sites attempted to install malicious or unwanted code...In addition to the peer-to-peer networks, 11% of the key generators and crack tools downloaded from Web sites were also plagued by malicious and unwanted software.
Microsoft Reveals the Risks of Using Pirated XP and Office
Whatever You Do, Do Not Download Windows 7 Via Torrent Sites

When you use these kind of programs, be forewarned that some of the worst types of malware infections can be contracted and spread by visiting crack, keygen, warez and other pirated software sites. In many cases, those sites are infested with a smörgåsbord of malware and an increasing source of system infection. Those who attempt to get software for free can end up with a computer system so badly damaged that recovery is not possible and it cannot be repaired. When that happens there is nothing you can do besides reformatting and reinstalling the OS.

I strongly recommend that you remove all cracks and keygens immediately to reduce the risk of infection/reinfection. If not, then we are just wasting time trying to clean your system. Further, other tools used during the disinfection process may detect crack and keygens so they need to be removed.

Using these types of programs or the websites visited to get them is almost a guaranteed way to get yourself infected!!

I recommend you do as GFK has instructed so he can check your system for other vulnerabilities.
 

 


.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users