Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Flash/Java virus


  • This topic is locked This topic is locked
6 replies to this topic

#1 Flixxel

Flixxel

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:04:59 AM

Posted 12 July 2013 - 12:07 PM

Hello there! Recently I shared a flashdrive with my sister and it happened to have infected my laptop with a spyware which is messing with every site that uses flash or java (specially youtube). Here's a screenshot of what happens when I try to access it: http://i.imgur.com/jHHqSs9.jpg?1

 

Sorry for my pc not being in English.

I have ran several antiviruses (avast, avira, avg, kaspersky, malwarebytes) but they either wont find it or will say it is removed when it is still messing my pc. I have even formatted C: and used D: as a backup but it is still infecting me to the point that Im posting this from my phone because it wont allow me to browse the typing box in this page. Im using Windows 7 Professional. Im desperatedly needing help because I cant format everything and lose important files. Thanks in advance


Edited by Flixxel, 12 July 2013 - 02:08 PM.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 62,409 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:59 AM

Posted 12 July 2013 - 12:10 PM

Are you still inserting that flash drive as it needs cleaning or formatting.

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results.



Please download AdwCleaner by Xplode onto your desktop.
Close all open programs and internet browsers.
Double click on adwcleaner.exe to run the tool.
Click on Delete.
Confirm each time with Ok.
You will be prompted to restart your computer. A text file will open after the restart.
Please post the contents of that logfile with your next reply.
You can find the logfile at C:\AdwCleaner[S1].txt as well.



Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook Have you seen..Select Real Security

#3 Flixxel

Flixxel
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:04:59 AM

Posted 12 July 2013 - 12:16 PM

No, I have formatted the flashdrive several times and scanned it and it seems to be fine.
 
Here's what MiniTooBox returned:

 


MiniToolBox by Farbar  Version: 16-06-2013
Ran by Rafael (administrator) on 12-07-2013 at 14:14:29
Running from "C:\Users\Rafael\Downloads"
Windows 7 Professional  (X86)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Configura‡Æo de IP do Windows
 
Libera‡Æo do Cache do DNS Resolver bem-sucedida.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
 
 
 
========================= IP Configuration: ================================
 
Realtek RTL8191SE Wireless LAN 802.11n PCI-E NIC = Conexão de Rede sem Fio (Connected)
 
 
# ----------------------------------
# Configura‡Æo de IPv4
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
 
 
popd
# Final da configura‡Æo IPv4
 
 
 
Configura‡Æo de IP do Windows
 
   Nome do host. . . . . . . . . . . . . . . . : Rafael-Notebook
   Sufixo DNS prim rio . . . . . . . . . . . . : 
   Tipo de n¢. . . . . . . . . . . . . . . . . : h¡brido
   Roteamento de IP ativado. . . . . . . . . . : nÆo
   Proxy WINS ativado. . . . . . . . . . . . . : nÆo
 
Adaptador de Rede sem Fio ConexÆo de Rede sem Fio:
 
   Sufixo DNS espec¡fico de conexÆo. . . . . . : 
   Descri‡Æo . . . . . . . . . . . . . . . . . : Realtek RTL8191SE Wireless LAN 802.11n PCI-E NIC
   Endere‡o F¡sico . . . . . . . . . . . . . . : 68-A3-C4-D6-B4-61
   DHCP Habilitado . . . . . . . . . . . . . . : Sim
   Configura‡Æo Autom tica Habilitada. . . . . : Sim
   Endere‡o IPv6 de link local . . . . . . . . : fe80::95d:2626:633f:2220%12(Preferencial) 
   Endere‡o IPv4. . . . . . . .  . . . . . . . : 192.168.0.101(Preferencial) 
   M scara de Sub-rede . . . . . . . . . . . . : 255.255.255.0
   ConcessÆo Obtida. . . . . . . . . . . . . . : sexta-feira, 12 de julho de 2013 13:44:47
   ConcessÆo Expira. . . . . . . . . . . . . . : sexta-feira, 19 de julho de 2013 13:44:46
   Gateway PadrÆo. . . . . . . . . . . . . . . : 192.168.0.1
   Servidor DHCP . . . . . . . . . . . . . . . : 192.168.0.1
   IAID de DHCPv6. . . . . . . . . . . . . . . : 224961476
   DUID de Cliente DHCPv6. . . . . . . . . . . : 00-01-00-01-19-70-C4-66-80-EE-73-1F-52-72
   Servidores DNS. . . . . . . . . . . . . . . : 192.168.0.1
   NetBIOS em Tcpip. . . . . . . . . . . . . . : Habilitado
 
Adaptador de t£nel Reusable ISATAP Interface {EDBC4C74-DAE5-462D-80BB-21B12DAFDEE5}:
 
   Estado da m¡dia. . . . . . . . . . . . . .  : m¡dia desconectada
   Sufixo DNS espec¡fico de conexÆo. . . . . . : 
   Descri‡Æo . . . . . . . . . . . . . . . . . : Adaptador do Microsoft ISATAP
   Endere‡o F¡sico . . . . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Habilitado . . . . . . . . . . . . . . : NÆo
   Configura‡Æo Autom tica Habilitada. . . . . : Sim
 
Adaptador de t£nel Teredo Tunneling Pseudo-Interface:
 
   Estado da m¡dia. . . . . . . . . . . . . .  : m¡dia desconectada
   Sufixo DNS espec¡fico de conexÆo. . . . . . : 
   Descri‡Æo . . . . . . . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Endere‡o F¡sico . . . . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Habilitado . . . . . . . . . . . . . . : NÆo
   Configura‡Æo Autom tica Habilitada. . . . . : Sim
 
Adaptador de t£nel isatap.{258DBDD3-445B-475D-9AB9-25184A0FCD63}:
 
   Estado da m¡dia. . . . . . . . . . . . . .  : m¡dia desconectada
   Sufixo DNS espec¡fico de conexÆo. . . . . . : 
   Descri‡Æo . . . . . . . . . . . . . . . . . : Adaptador do Microsoft ISATAP #2
   Endere‡o F¡sico . . . . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Habilitado . . . . . . . . . . . . . . : NÆo
   Configura‡Æo Autom tica Habilitada. . . . . : Sim
Servidor:  UnKnown
Address:  192.168.0.1
 
Nome:    google.com
Addresses:  2800:3f0:4001:805::1001
 74.125.234.169
 74.125.234.174
 74.125.234.160
 74.125.234.161
 74.125.234.162
 74.125.234.163
 74.125.234.164
 74.125.234.165
 74.125.234.166
 74.125.234.167
 74.125.234.168
 
 
Disparando google.com [74.125.234.168] com 32 bytes de dados:
Resposta de 74.125.234.168: bytes=32 tempo=22ms TTL=56
Resposta de 74.125.234.168: bytes=32 tempo=22ms TTL=56
 
Estat¡sticas do Ping para 74.125.234.168:
    Pacotes: Enviados = 2, Recebidos = 2, Perdidos = 0 (0% de
             perda),
Aproximar um n£mero redondo de vezes em milissegundos:
    M¡nimo = 22ms, M ximo = 22ms, M‚dia = 22ms
Servidor:  UnKnown
Address:  192.168.0.1
 
Nome:    yahoo.com
Addresses:  206.190.36.45
 98.138.253.109
 98.139.183.24
 
 
Disparando yahoo.com [98.139.183.24] com 32 bytes de dados:
Resposta de 98.139.183.24: bytes=32 tempo=190ms TTL=51
Resposta de 98.139.183.24: bytes=32 tempo=185ms TTL=52
 
Estat¡sticas do Ping para 98.139.183.24:
    Pacotes: Enviados = 2, Recebidos = 2, Perdidos = 0 (0% de
             perda),
Aproximar um n£mero redondo de vezes em milissegundos:
    M¡nimo = 185ms, M ximo = 190ms, M‚dia = 187ms
 
Disparando 127.0.0.1 com 32 bytes de dados:
Resposta de 127.0.0.1: bytes=32 tempo=6ms TTL=128
Resposta de 127.0.0.1: bytes=32 tempo=3ms TTL=128
 
Estat¡sticas do Ping para 127.0.0.1:
    Pacotes: Enviados = 2, Recebidos = 2, Perdidos = 0 (0% de
             perda),
Aproximar um n£mero redondo de vezes em milissegundos:
    M¡nimo = 3ms, M ximo = 6ms, M‚dia = 4ms
===========================================================================
Lista de interfaces
 12...68 a3 c4 d6 b4 61 ......Realtek RTL8191SE Wireless LAN 802.11n PCI-E NIC
  1...........................Software Loopback Interface 1
 15...00 00 00 00 00 00 00 e0 Adaptador do Microsoft ISATAP
 13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 14...00 00 00 00 00 00 00 e0 Adaptador do Microsoft ISATAP #2
===========================================================================
 
Tabela de rotas IPv4
===========================================================================
Rotas ativas:
Endere‡o de rede          M scara   Ender. gateway       Interface   Custo
          0.0.0.0          0.0.0.0      192.168.0.1    192.168.0.101     25
        127.0.0.0        255.0.0.0      No v¡nculo         127.0.0.1    306
        127.0.0.1  255.255.255.255      No v¡nculo         127.0.0.1    306
  127.255.255.255  255.255.255.255      No v¡nculo         127.0.0.1    306
      192.168.0.0    255.255.255.0      No v¡nculo     192.168.0.101    281
    192.168.0.101  255.255.255.255      No v¡nculo     192.168.0.101    281
    192.168.0.255  255.255.255.255      No v¡nculo     192.168.0.101    281
        224.0.0.0        240.0.0.0      No v¡nculo         127.0.0.1    306
        224.0.0.0        240.0.0.0      No v¡nculo     192.168.0.101    281
  255.255.255.255  255.255.255.255      No v¡nculo         127.0.0.1    306
  255.255.255.255  255.255.255.255      No v¡nculo     192.168.0.101    281
===========================================================================
Rotas persistentes:
  Nenhuma
 
Tabela de rotas IPv6
===========================================================================
Rotas ativas:
 Se destino de rede de m‚trica      Gateway
  1    306 ::1/128                  No v¡nculo
 12    281 fe80::/64                No v¡nculo
 12    281 fe80::95d:2626:633f:2220/128
                                    No v¡nculo
  1    306 ff00::/8                 No v¡nculo
 12    281 ff00::/8                 No v¡nculo
===========================================================================
Rotas persistentes:
  Nenhuma
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\system32\NLAapi.dll [51712] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (07/12/2013 10:41:03 AM) (Source: Winlogon) (User: )
Description: O processo de logon do Windows não pôde encerrar os processos do usuário conectado no momento.
 
Error: (07/12/2013 10:40:34 AM) (Source: Winlogon) (User: )
Description: O processo de logon do Windows não pôde encerrar os processos do usuário conectado no momento.
 
Error: (07/12/2013 10:39:26 AM) (Source: Winlogon) (User: )
Description: O processo de logon do Windows não pôde encerrar os processos do usuário conectado no momento.
 
 
System errors:
=============
Error: (07/12/2013 01:10:58 PM) (Source: Disk) (User: )
Description: O driver detectou um erro de controlador em \Device\Harddisk1\DR2.
 
Error: (07/12/2013 01:10:57 PM) (Source: Disk) (User: )
Description: O driver detectou um erro de controlador em \Device\Harddisk1\DR2.
 
Error: (07/12/2013 01:10:57 PM) (Source: Disk) (User: )
Description: O driver detectou um erro de controlador em \Device\Harddisk1\DR2.
 
Error: (07/12/2013 01:10:56 PM) (Source: Disk) (User: )
Description: O driver detectou um erro de controlador em \Device\Harddisk1\DR2.
 
Error: (07/12/2013 01:10:56 PM) (Source: Disk) (User: )
Description: O driver detectou um erro de controlador em \Device\Harddisk1\DR2.
 
Error: (07/12/2013 01:03:05 PM) (Source: Disk) (User: )
Description: O driver detectou um erro de controlador em \Device\Harddisk1\DR1.
 
Error: (07/12/2013 01:03:05 PM) (Source: Disk) (User: )
Description: O driver detectou um erro de controlador em \Device\Harddisk1\DR1.
 
Error: (07/12/2013 01:03:03 PM) (Source: Disk) (User: )
Description: O driver detectou um erro de controlador em \Device\Harddisk1\DR1.
 
Error: (07/12/2013 11:43:28 AM) (Source: Disk) (User: )
Description: O driver detectou um erro de controlador em \Device\Harddisk1\DR2.
 
Error: (07/12/2013 11:43:26 AM) (Source: Disk) (User: )
Description: O driver detectou um erro de controlador em \Device\Harddisk1\DR2.
 
 
Microsoft Office Sessions:
=========================
Error: (07/12/2013 10:41:03 AM) (Source: Winlogon)(User: )
Description: 
 
Error: (07/12/2013 10:40:34 AM) (Source: Winlogon)(User: )
Description: 
 
Error: (07/12/2013 10:39:26 AM) (Source: Winlogon)(User: )
Description: 
 
 
CodeIntegrity Errors:
===================================
  Date: 2013-07-12 12:08:45.957
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-07-12 12:08:45.957
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-07-12 12:08:45.957
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-07-12 12:08:45.957
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-07-12 12:08:45.942
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-07-12 12:08:45.942
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-07-12 12:08:45.942
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-07-12 12:08:45.942
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-07-12 12:08:45.926
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-07-12 12:08:45.895
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX86\klelam.sys because the set of per-page image hashes could not be found on the system.
 
 
=========================== Installed Programs ============================
 
Adobe Flash Player 11 Plugin (Version: 11.8.800.94)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
Google Chrome (Version: 28.0.1500.71)
Google Update Helper (Version: 1.3.21.149)
IDT Audio (Version: 1.0.6289.0)
Intel® Management Engine Components (Version: 7.0.0.1118)
Intel® Processor Graphics (Version: 8.15.10.2238)
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
JMicron Ethernet Adapter NDIS Driver (Version: 6.0.24.7)
JMicron Flash Media Controller Driver (Version: 1.0.53.5)
Kaspersky PURE 3.0 (Version: 13.0.2.558)
Malwarebytes Anti-Malware versão 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
REALTEK Wireless LAN Driver (Version: 1.00.0157)
REALTEK Wireless LAN Driver (Version: 1.00.0174)
Webcam 1.5 (Version: 1.5)
WinRAR 4.20 (32-bit) (Version: 4.20.0)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 44%
Total physical RAM: 3496.77 MB
Available physical RAM: 1939.59 MB
Total Pagefile: 6991.82 MB
Available Pagefile: 4968.39 MB
Total Virtual: 2047.88 MB
Available Virtual: 1939.14 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:150 GB) (Free:128.56 GB) NTFS
2 Drive d: () (Fixed) (Total:315.66 GB) (Free:130.13 GB) NTFS
 
========================= Users: ========================================
 
Contas de usu rio para \\RAFAEL-NOTEBOOK
 
ADM123                   Administrador            Convidado                
Rafael                   
Comando conclu¡do com ˆxito.
 
 
**** End of log ****

 

Here's what TDSSKiller returned:

 

14:17:29.0647 2288  TDSS rootkit removing tool 2.8.18.0 Jun 10 2013 21:44:19
14:17:30.0635 2288  ============================================================
14:17:30.0635 2288  Current date / time: 2013/07/12 14:17:30.0635
14:17:30.0635 2288  SystemInfo:
14:17:30.0635 2288  
14:17:30.0635 2288  OS Version: 6.1.7600 ServicePack: 0.0
14:17:30.0635 2288  Product type: Workstation
14:17:30.0636 2288  ComputerName: RAFAEL-NOTEBOOK
14:17:30.0636 2288  UserName: Rafael
14:17:30.0636 2288  Windows directory: C:\Windows
14:17:30.0636 2288  System windows directory: C:\Windows
14:17:30.0636 2288  Processor architecture: Intel x86
14:17:30.0636 2288  Number of processors: 4
14:17:30.0636 2288  Page size: 0x1000
14:17:30.0636 2288  Boot type: Normal boot
14:17:30.0636 2288  ============================================================
14:18:01.0392 2288  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
14:18:01.0399 2288  ============================================================
14:18:01.0399 2288  \Device\Harddisk0\DR0:
14:18:01.0400 2288  MBR partitions:
14:18:01.0400 2288  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
14:18:01.0400 2288  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x12C00000
14:18:01.0400 2288  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x12C32800, BlocksNum 0x27753000
14:18:01.0400 2288  ============================================================
14:18:01.0437 2288  C: <-> \Device\Harddisk0\DR0\Partition2
14:18:01.0468 2288  D: <-> \Device\Harddisk0\DR0\Partition3
14:18:01.0469 2288  ============================================================
14:18:01.0469 2288  Initialize success
14:18:01.0469 2288  ============================================================
14:18:03.0631 5856  ============================================================
14:18:03.0631 5856  Scan started
14:18:03.0631 5856  Mode: Manual; 
14:18:03.0631 5856  ============================================================
14:18:04.0539 5856  ================ Scan system memory ========================
14:18:04.0539 5856  System memory - ok
14:18:04.0540 5856  ================ Scan services =============================
14:18:04.0727 5856  [ 6D2ACA41739BFE8CB86EE8E85F29697D ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
14:18:04.0732 5856  1394ohci - ok
14:18:04.0757 5856  [ F0E07D144C8685B8774BC32FC8DA4DF0 ] ACPI            C:\Windows\system32\DRIVERS\ACPI.sys
14:18:04.0761 5856  ACPI - ok
14:18:04.0769 5856  [ 98D81CA942D19F7D9153B095162AC013 ] AcpiPmi         C:\Windows\system32\DRIVERS\acpipmi.sys
14:18:04.0771 5856  AcpiPmi - ok
14:18:04.0828 5856  [ 476BB014F3F68C0C15EDDD5B444DA8FF ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
14:18:04.0831 5856  AdobeFlashPlayerUpdateSvc - ok
14:18:04.0865 5856  [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
14:18:04.0887 5856  adp94xx - ok
14:18:04.0895 5856  [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
14:18:04.0902 5856  adpahci - ok
14:18:04.0909 5856  [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
14:18:04.0912 5856  adpu320 - ok
14:18:04.0926 5856  [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
14:18:04.0927 5856  AeLookupSvc - ok
14:18:04.0975 5856  [ 0DB7A48388D54D154EBEC120461A0FCD ] AFD             C:\Windows\system32\drivers\afd.sys
14:18:04.0980 5856  AFD - ok
14:18:05.0001 5856  [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440          C:\Windows\system32\DRIVERS\agp440.sys
14:18:05.0003 5856  agp440 - ok
14:18:05.0025 5856  [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx         C:\Windows\system32\DRIVERS\djsvs.sys
14:18:05.0026 5856  aic78xx - ok
14:18:05.0045 5856  [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG             C:\Windows\System32\alg.exe
14:18:05.0047 5856  ALG - ok
14:18:05.0064 5856  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide          C:\Windows\system32\DRIVERS\aliide.sys
14:18:05.0066 5856  aliide - ok
14:18:05.0070 5856  [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp          C:\Windows\system32\DRIVERS\amdagp.sys
14:18:05.0072 5856  amdagp - ok
14:18:05.0075 5856  [ CD5914170297126B6266860198D1D4F0 ] amdide          C:\Windows\system32\DRIVERS\amdide.sys
14:18:05.0077 5856  amdide - ok
14:18:05.0091 5856  [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
14:18:05.0092 5856  AmdK8 - ok
14:18:05.0096 5856  [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
14:18:05.0097 5856  AmdPPM - ok
14:18:05.0103 5856  [ 2101A86C25C154F8314B24EF49D7FBC2 ] amdsata         C:\Windows\system32\DRIVERS\amdsata.sys
14:18:05.0105 5856  amdsata - ok
14:18:05.0121 5856  [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
14:18:05.0123 5856  amdsbs - ok
14:18:05.0127 5856  [ B81C2B5616F6420A9941EA093A92B150 ] amdxata         C:\Windows\system32\DRIVERS\amdxata.sys
14:18:05.0128 5856  amdxata - ok
14:18:05.0132 5856  [ FEB834C02CE1E84B6A38F953CA067706 ] AppID           C:\Windows\system32\drivers\appid.sys
14:18:05.0133 5856  AppID - ok
14:18:05.0150 5856  [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
14:18:05.0152 5856  AppIDSvc - ok
14:18:05.0158 5856  [ 7DEAD9E3F65DCB2794F2711003BBF650 ] Appinfo         C:\Windows\System32\appinfo.dll
14:18:05.0160 5856  Appinfo - ok
14:18:05.0185 5856  [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt         C:\Windows\System32\appmgmts.dll
14:18:05.0189 5856  AppMgmt - ok
14:18:05.0193 5856  [ 2932004F49677BD84DBC72EDB754FFB3 ] arc             C:\Windows\system32\DRIVERS\arc.sys
14:18:05.0194 5856  arc - ok
14:18:05.0198 5856  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
14:18:05.0199 5856  arcsas - ok
14:18:05.0206 5856  [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
14:18:05.0207 5856  AsyncMac - ok
14:18:05.0211 5856  [ 338C86357871C167A96AB976519BF59E ] atapi           C:\Windows\system32\DRIVERS\atapi.sys
14:18:05.0211 5856  atapi - ok
14:18:05.0227 5856  [ 510C873BFA135AA829F4180352772734 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:18:05.0230 5856  AudioEndpointBuilder - ok
14:18:05.0238 5856  [ 510C873BFA135AA829F4180352772734 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
14:18:05.0241 5856  Audiosrv - ok
14:18:05.0481 5856  [ C6CDA4E093DD3B2977F87DA498827FCB ] AVP             C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
14:18:05.0485 5856  AVP - ok
14:18:05.0523 5856  [ DD6A431B43E34B91A767D1CE33728175 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
14:18:05.0526 5856  AxInstSV - ok
14:18:05.0570 5856  [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbdx.sys
14:18:05.0574 5856  b06bdrv - ok
14:18:05.0601 5856  [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
14:18:05.0604 5856  b57nd60x - ok
14:18:05.0634 5856  [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC          C:\Windows\System32\bdesvc.dll
14:18:05.0636 5856  BDESVC - ok
14:18:05.0640 5856  [ 505506526A9D467307B3C393DEDAF858 ] Beep            C:\Windows\system32\drivers\Beep.sys
14:18:05.0643 5856  Beep - ok
14:18:05.0665 5856  [ 85AC71C045CEB054ED48A7841AAE0C11 ] BFE             C:\Windows\System32\bfe.dll
14:18:05.0668 5856  BFE - ok
14:18:05.0708 5856  [ 53F476476F55A27F580661BDE09C4EC4 ] BITS            C:\Windows\System32\qmgr.dll
14:18:05.0714 5856  BITS - ok
14:18:05.0718 5856  [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
14:18:05.0720 5856  blbdrive - ok
14:18:05.0747 5856  [ 9A5C671B7FBAE4865149BB11F59B91B2 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
14:18:05.0766 5856  bowser - ok
14:18:05.0771 5856  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:18:05.0775 5856  BrFiltLo - ok
14:18:05.0778 5856  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:18:05.0779 5856  BrFiltUp - ok
14:18:05.0817 5856  [ A0E691DC6589D4D2CBE373171D1A49E5 ] Browser         C:\Windows\System32\browser.dll
14:18:05.0820 5856  Browser - ok
14:18:05.0828 5856  [ 845B8CE732E67F3B4133164868C666EA ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
14:18:05.0831 5856  Brserid - ok
14:18:05.0835 5856  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
14:18:05.0837 5856  BrSerWdm - ok
14:18:05.0842 5856  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
14:18:05.0845 5856  BrUsbMdm - ok
14:18:05.0848 5856  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
14:18:05.0850 5856  BrUsbSer - ok
14:18:05.0870 5856  [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
14:18:05.0871 5856  BTHMODEM - ok
14:18:05.0909 5856  [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv         C:\Windows\system32\bthserv.dll
14:18:05.0911 5856  bthserv - ok
14:18:05.0936 5856  [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
14:18:05.0937 5856  cdfs - ok
14:18:05.0963 5856  [ BA6E70AA0E6091BC39DE29477D866A77 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
14:18:05.0967 5856  cdrom - ok
14:18:05.0995 5856  [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] CertPropSvc     C:\Windows\System32\certprop.dll
14:18:05.0997 5856  CertPropSvc - ok
14:18:06.0003 5856  [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
14:18:06.0005 5856  circlass - ok
14:18:06.0030 5856  [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS            C:\Windows\system32\CLFS.sys
14:18:06.0038 5856  CLFS - ok
14:18:06.0215 5856  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:18:06.0258 5856  clr_optimization_v2.0.50727_32 - ok
14:18:06.0296 5856  [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
14:18:06.0297 5856  CmBatt - ok
14:18:06.0300 5856  [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide          C:\Windows\system32\DRIVERS\cmdide.sys
14:18:06.0301 5856  cmdide - ok
14:18:06.0336 5856  [ DB5E008B3744DD60C8498CBBF2A1CFA6 ] CNG             C:\Windows\system32\Drivers\cng.sys
14:18:06.0343 5856  CNG - ok
14:18:06.0360 5856  [ A6023D3823C37043986713F118A89BEE ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
14:18:06.0362 5856  Compbatt - ok
14:18:06.0384 5856  [ F1724BA27E97D627F808FB0BA77A28A6 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
14:18:06.0385 5856  CompositeBus - ok
14:18:06.0389 5856  COMSysApp - ok
14:18:06.0396 5856  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
14:18:06.0398 5856  crcdisk - ok
14:18:06.0449 5856  [ F2FDE6C8DBAAD44CC58D1E07E4AF4EED ] CryptSvc        C:\Windows\system32\cryptsvc.dll
14:18:06.0451 5856  CryptSvc - ok
14:18:06.0481 5856  [ 27C9490BDD0AE48911AB8CF1932591ED ] CSC             C:\Windows\system32\drivers\csc.sys
14:18:06.0486 5856  CSC - ok
14:18:06.0522 5856  [ 64D579F38C5FADFB05182B34808469E1 ] CSCrySec        C:\Windows\system32\DRIVERS\CSCrySec.sys
14:18:06.0535 5856  CSCrySec - ok
14:18:06.0562 5856  [ 56FB5F222EA30D3D3FC459879772CB73 ] CscService      C:\Windows\System32\cscsvc.dll
14:18:06.0565 5856  CscService - ok
14:18:06.0650 5856  [ 0F9FE82E229C039F0AC1996E44059653 ] CSObjectsSrv    C:\Program Files\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
14:18:06.0680 5856  CSObjectsSrv - ok
14:18:06.0733 5856  [ 4CEDBC3811E655567D99D3123804647B ] CSVirtualDiskDrv C:\Windows\system32\DRIVERS\CSVirtualDiskDrv.sys
14:18:06.0734 5856  CSVirtualDiskDrv - ok
14:18:06.0782 5856  [ B82CD39E336973359D7C9BF911E8E84F ] DcomLaunch      C:\Windows\system32\rpcss.dll
14:18:06.0791 5856  DcomLaunch - ok
14:18:06.0813 5856  [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc       C:\Windows\System32\defragsvc.dll
14:18:06.0820 5856  defragsvc - ok
14:18:06.0852 5856  [ 83D1ECEA8FAAE75604C0FA49AC7AD996 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
14:18:06.0857 5856  DfsC - ok
14:18:06.0899 5856  [ C56495FBD770712367CAD35E5DE72DA6 ] Dhcp            C:\Windows\system32\dhcpcore.dll
14:18:06.0904 5856  Dhcp - ok
14:18:06.0931 5856  [ 1A050B0274BFB3890703D490F330C0DA ] discache        C:\Windows\system32\drivers\discache.sys
14:18:06.0933 5856  discache - ok
14:18:06.0953 5856  [ 565003F326F99802E68CA78F2A68E9FF ] Disk            C:\Windows\system32\DRIVERS\disk.sys
14:18:06.0956 5856  Disk - ok
14:18:07.0006 5856  [ B15BE77A2BACF9C3177D27518AFE26A9 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
14:18:07.0012 5856  Dnscache - ok
14:18:07.0039 5856  [ 4408C85C21EEA48EB0CE486BAEEF0502 ] dot3svc         C:\Windows\System32\dot3svc.dll
14:18:07.0048 5856  dot3svc - ok
14:18:07.0056 5856  [ 7FA81C6E11CAA594ADB52084DA73A1E5 ] DPS             C:\Windows\system32\dps.dll
14:18:07.0061 5856  DPS - ok
14:18:07.0101 5856  [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
14:18:07.0104 5856  drmkaud - ok
14:18:07.0152 5856  [ C94B6C3CC628179CB9B9061C19888B99 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
14:18:07.0213 5856  DXGKrnl - ok
14:18:07.0239 5856  [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost         C:\Windows\System32\eapsvc.dll
14:18:07.0241 5856  EapHost - ok
14:18:07.0312 5856  [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv           C:\Windows\system32\DRIVERS\evbdx.sys
14:18:07.0330 5856  ebdrv - ok
14:18:07.0353 5856  [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] EFS             C:\Windows\System32\lsass.exe
14:18:07.0356 5856  EFS - ok
14:18:07.0420 5856  [ 3A74A6E33685662B125A3269B1F2114F ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
14:18:07.0424 5856  ehRecvr - ok
14:18:07.0431 5856  [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched         C:\Windows\ehome\ehsched.exe
14:18:07.0452 5856  ehSched - ok
14:18:07.0468 5856  [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
14:18:07.0472 5856  elxstor - ok
14:18:07.0481 5856  [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev          C:\Windows\system32\DRIVERS\errdev.sys
14:18:07.0483 5856  ErrDev - ok
14:18:07.0544 5856  esgiguard - ok
14:18:07.0583 5856  [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem     C:\Windows\system32\es.dll
14:18:07.0590 5856  EventSystem - ok
14:18:07.0625 5856  [ 2DC9108D74081149CC8B651D3A26207F ] exfat           C:\Windows\system32\drivers\exfat.sys
14:18:07.0627 5856  exfat - ok
14:18:07.0640 5856  [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
14:18:07.0643 5856  fastfat - ok
14:18:07.0662 5856  [ F7EA23CC5E6BF2181F3F399D54F6EFC1 ] Fax             C:\Windows\system32\fxssvc.exe
14:18:07.0668 5856  Fax - ok
14:18:07.0672 5856  [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
14:18:07.0674 5856  fdc - ok
14:18:07.0683 5856  [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost         C:\Windows\system32\fdPHost.dll
14:18:07.0685 5856  fdPHost - ok
14:18:07.0689 5856  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub        C:\Windows\system32\fdrespub.dll
14:18:07.0692 5856  FDResPub - ok
14:18:07.0696 5856  [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
14:18:07.0699 5856  FileInfo - ok
14:18:07.0702 5856  [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
14:18:07.0703 5856  Filetrace - ok
14:18:07.0707 5856  [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
14:18:07.0708 5856  flpydisk - ok
14:18:07.0713 5856  [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
14:18:07.0716 5856  FltMgr - ok
14:18:07.0756 5856  [ 151258FC2EC8C48BDF8A53350AE0A676 ] FontCache       C:\Windows\system32\FntCache.dll
14:18:07.0782 5856  FontCache - ok
14:18:07.0852 5856  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
14:18:07.0856 5856  FontCache3.0.0.0 - ok
14:18:07.0878 5856  [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
14:18:07.0881 5856  FsDepends - ok
14:18:07.0952 5856  [ 500A9814FD9446A8126858A5A7F7D273 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
14:18:07.0956 5856  Fs_Rec - ok
14:18:08.0041 5856  [ 5592F5DBA26282D24D2B080EB438A4D7 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
14:18:08.0046 5856  fvevol - ok
14:18:08.0065 5856  [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
14:18:08.0069 5856  gagp30kx - ok
14:18:08.0110 5856  [ 8BA3C04702BF8F927AB36AE8313CA4EE ] gpsvc           C:\Windows\System32\gpsvc.dll
14:18:08.0146 5856  gpsvc - ok
14:18:08.0197 5856  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
14:18:08.0202 5856  gupdate - ok
14:18:08.0209 5856  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
14:18:08.0211 5856  gupdatem - ok
14:18:08.0224 5856  [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
14:18:08.0227 5856  hcw85cir - ok
14:18:08.0266 5856  [ 3530CAD25DEBA7DC7DE8BB51632CBC5F ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:18:08.0270 5856  HdAudAddService - ok
14:18:08.0274 5856  [ 717A2207FD6F13AD3E664C7D5A43C7BF ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
14:18:08.0276 5856  HDAudBus - ok
14:18:08.0280 5856  [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
14:18:08.0282 5856  HidBatt - ok
14:18:08.0288 5856  [ 89448F40E6DF260C206A193A4683BA78 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
14:18:08.0290 5856  HidBth - ok
14:18:08.0304 5856  [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
14:18:08.0305 5856  HidIr - ok
14:18:08.0324 5856  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv         C:\Windows\system32\hidserv.dll
14:18:08.0326 5856  hidserv - ok
14:18:08.0340 5856  [ 25072FB35AC90B25F9E4E3BACF774102 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
14:18:08.0341 5856  HidUsb - ok
14:18:08.0366 5856  [ 741C2A45CA8407E374AABA3E330B7872 ] hkmsvc          C:\Windows\system32\kmsvc.dll
14:18:08.0369 5856  hkmsvc - ok
14:18:08.0383 5856  [ A768CA158BB06782A2835B907F4873C3 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:18:08.0387 5856  HomeGroupListener - ok
14:18:08.0413 5856  [ FB08DEC5EF43D0C66D83B8E9694E7549 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:18:08.0415 5856  HomeGroupProvider - ok
14:18:08.0420 5856  [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD          C:\Windows\system32\DRIVERS\HpSAMD.sys
14:18:08.0422 5856  HpSAMD - ok
14:18:08.0452 5856  [ C531C7FD9E8B62021112787C4E2C5A5A ] HTTP            C:\Windows\system32\drivers\HTTP.sys
14:18:08.0459 5856  HTTP - ok
14:18:08.0462 5856  [ 8305F33CDE89AD6C7A0763ED0B5A8D42 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
14:18:08.0463 5856  hwpolicy - ok
14:18:08.0472 5856  [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
14:18:08.0474 5856  i8042prt - ok
14:18:08.0494 5856  [ 934AF4D7C5F457B9F0743F4299B77B67 ] iaStorV         C:\Windows\system32\DRIVERS\iaStorV.sys
14:18:08.0499 5856  iaStorV - ok
14:18:08.0564 5856  [ 5AF815EB5BC9802E5A064E2BA62BFC0C ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:18:08.0571 5856  idsvc - ok
14:18:08.0795 5856  [ C9AF82BCA0F3606E4DA60CD768283E23 ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
14:18:09.0128 5856  igfx - ok
14:18:09.0183 5856  [ 4173FF5708F3236CF25195FECD742915 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
14:18:09.0186 5856  iirsp - ok
14:18:09.0246 5856  [ FAC0EE6562B121B1399D6E855583F7A5 ] IKEEXT          C:\Windows\System32\ikeext.dll
14:18:09.0260 5856  IKEEXT - ok
14:18:09.0333 5856  [ 5576AD2F0039D2BCCCA3567FC0BF981C ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
14:18:09.0347 5856  IntcDAud - ok
14:18:09.0352 5856  [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide        C:\Windows\system32\DRIVERS\intelide.sys
14:18:09.0355 5856  intelide - ok
14:18:09.0368 5856  [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
14:18:09.0370 5856  intelppm - ok
14:18:09.0389 5856  [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
14:18:09.0392 5856  IPBusEnum - ok
14:18:09.0396 5856  [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:18:09.0398 5856  IpFilterDriver - ok
14:18:09.0425 5856  [ 477397B432A256A50EE7E4339EB9EA14 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
14:18:09.0429 5856  iphlpsvc - ok
14:18:09.0433 5856  [ E4454B6C37D7FFD5649611F6496308A7 ] IPMIDRV         C:\Windows\system32\DRIVERS\IPMIDrv.sys
14:18:09.0435 5856  IPMIDRV - ok
14:18:09.0440 5856  [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
14:18:09.0442 5856  IPNAT - ok
14:18:09.0445 5856  [ 42996CFF20A3084A56017B7902307E9F ] IRENUM          C:\Windows\system32\drivers\irenum.sys
14:18:09.0446 5856  IRENUM - ok
14:18:09.0450 5856  [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp          C:\Windows\system32\DRIVERS\isapnp.sys
14:18:09.0451 5856  isapnp - ok
14:18:09.0465 5856  [ ED46C223AE46C6866AB77CDC41C404B7 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
14:18:09.0468 5856  iScsiPrt - ok
14:18:09.0513 5856  [ EC1C6B2978B2DB27D649863BBDEFE76F ] JMCR            C:\Windows\system32\DRIVERS\jmcr.sys
14:18:09.0516 5856  JMCR - ok
14:18:09.0539 5856  [ 5D107BCF175E903B51972C11F3B6F223 ] JME             C:\Windows\system32\DRIVERS\JME.sys
14:18:09.0549 5856  JME - ok
14:18:09.0553 5856  [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
14:18:09.0555 5856  kbdclass - ok
14:18:09.0571 5856  [ 3D9F0EBF350EDCFD6498057301455964 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
14:18:09.0572 5856  kbdhid - ok
14:18:09.0598 5856  [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] KeyIso          C:\Windows\system32\lsass.exe
14:18:09.0599 5856  KeyIso - ok
14:18:09.0622 5856  [ EA26CB00F83686856F2C79673C00C686 ] kl1             C:\Windows\system32\DRIVERS\kl1.sys
14:18:09.0626 5856  kl1 - ok
14:18:09.0730 5856  [ FBC7F840F1118D358D2AFB8C1714B384 ] KLIF            C:\Windows\system32\DRIVERS\klif.sys
14:18:09.0757 5856  KLIF - ok
14:18:09.0804 5856  [ AF127FE7DD5ED2BBC9049FD8A00DEFC2 ] KLIM6           C:\Windows\system32\DRIVERS\klim6.sys
14:18:09.0808 5856  KLIM6 - ok
14:18:09.0855 5856  [ 24AEBAD59D1DE8A7CC36E8F09F999362 ] klkbdflt        C:\Windows\system32\DRIVERS\klkbdflt.sys
14:18:09.0858 5856  klkbdflt - ok
14:18:09.0900 5856  [ A58507C2827C3AE1D4CCB2746AAB349F ] klmouflt        C:\Windows\system32\DRIVERS\klmouflt.sys
14:18:09.0903 5856  klmouflt - ok
14:18:09.0948 5856  [ 53C0DF6C5139CB78A631E7AFCD893730 ] kltdi           C:\Windows\system32\DRIVERS\kltdi.sys
14:18:09.0952 5856  kltdi - ok
14:18:10.0003 5856  [ 71A38C123600172511C26BFABD0EF579 ] kneps           C:\Windows\system32\DRIVERS\kneps.sys
14:18:10.0008 5856  kneps - ok
14:18:10.0038 5856  [ 52FC17C8589F11747D01D3CF592673D0 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
14:18:10.0043 5856  KSecDD - ok
14:18:10.0073 5856  [ 3E5474B03568CFAB834DA3C38E8C9EFA ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
14:18:10.0078 5856  KSecPkg - ok
14:18:10.0113 5856  [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm           C:\Windows\system32\msdtckrm.dll
14:18:10.0119 5856  KtmRm - ok
14:18:10.0163 5856  [ 8F6BF790D3168224C16F2AF68A84438C ] LanmanServer    C:\Windows\system32\srvsvc.dll
14:18:10.0174 5856  LanmanServer - ok
14:18:10.0202 5856  [ B9891F885DCF1F0513A51CB58493CB1F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:18:10.0205 5856  LanmanWorkstation - ok
14:18:10.0247 5856  [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
14:18:10.0249 5856  lltdio - ok
14:18:10.0276 5856  [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
14:18:10.0281 5856  lltdsvc - ok
14:18:10.0284 5856  [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts         C:\Windows\System32\lmhsvc.dll
14:18:10.0287 5856  lmhosts - ok
14:18:10.0368 5856  [ 926EBA26A8B49D1597751CED06B50862 ] LMS             C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
14:18:10.0370 5856  LMS - ok
14:18:10.0386 5856  [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
14:18:10.0388 5856  LSI_FC - ok
14:18:10.0393 5856  [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
14:18:10.0395 5856  LSI_SAS - ok
14:18:10.0400 5856  [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:18:10.0401 5856  LSI_SAS2 - ok
14:18:10.0405 5856  [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:18:10.0407 5856  LSI_SCSI - ok
14:18:10.0419 5856  [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv           C:\Windows\system32\drivers\luafv.sys
14:18:10.0420 5856  luafv - ok
14:18:10.0459 5856  [ 4470E3C1E0C3378E4CAB137893C12C3A ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
14:18:10.0463 5856  MBAMProtector - ok
14:18:10.0536 5856  [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler   C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
14:18:10.0610 5856  MBAMScheduler - ok
14:18:10.0662 5856  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService     C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
14:18:10.0673 5856  MBAMService - ok
14:18:10.0715 5856  [ E2B0887816ED336685954E3D8FDAA51D ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
14:18:10.0718 5856  Mcx2Svc - ok
14:18:10.0745 5856  [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
14:18:10.0747 5856  megasas - ok
14:18:10.0768 5856  [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
14:18:10.0771 5856  MegaSR - ok
14:18:10.0806 5856  [ CFCB18986426A2D8E66F1992636221D0 ] MEI             C:\Windows\system32\DRIVERS\HECI.sys
14:18:10.0807 5856  MEI - ok
14:18:10.0832 5856  [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS           C:\Windows\system32\mmcss.dll
14:18:10.0833 5856  MMCSS - ok
14:18:10.0836 5856  [ F001861E5700EE84E2D4E52C712F4964 ] Modem           C:\Windows\system32\drivers\modem.sys
14:18:10.0838 5856  Modem - ok
14:18:10.0863 5856  [ 79D10964DE86B292320E9DFE02282A23 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
14:18:10.0864 5856  monitor - ok
14:18:10.0877 5856  [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
14:18:10.0879 5856  mouclass - ok
14:18:10.0893 5856  [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
14:18:10.0895 5856  mouhid - ok
14:18:10.0906 5856  [ 921C18727C5920D6C0300736646931C2 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
14:18:10.0907 5856  mountmgr - ok
14:18:10.0924 5856  [ 2AF5997438C55FB79D33D015C30E1974 ] mpio            C:\Windows\system32\DRIVERS\mpio.sys
14:18:10.0926 5856  mpio - ok
14:18:10.0930 5856  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
14:18:10.0932 5856  mpsdrv - ok
14:18:10.0949 5856  [ 5CD996CECF45CBC3E8D109C86B82D69E ] MpsSvc          C:\Windows\system32\mpssvc.dll
14:18:10.0953 5856  MpsSvc - ok
14:18:10.0957 5856  [ B1BE47008D20E43DA3ADC37C24CDB89D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
14:18:10.0958 5856  MRxDAV - ok
14:18:10.0979 5856  [ CA7570E42522E24324A12161DB14EC02 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
14:18:10.0983 5856  mrxsmb - ok
14:18:10.0995 5856  [ F965C3AB2B2AE5C378F4562486E35051 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:18:11.0000 5856  mrxsmb10 - ok
14:18:11.0011 5856  [ 25C38264A3C72594DD21D355D70D7A5D ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:18:11.0014 5856  mrxsmb20 - ok
14:18:11.0018 5856  [ 4326D168944123F38DD3B2D9C37A0B12 ] msahci          C:\Windows\system32\DRIVERS\msahci.sys
14:18:11.0019 5856  msahci - ok
14:18:11.0023 5856  [ 455029C7174A2DBB03DBA8A0D8BDDD9A ] msdsm           C:\Windows\system32\DRIVERS\msdsm.sys
14:18:11.0025 5856  msdsm - ok
14:18:11.0042 5856  [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC           C:\Windows\System32\msdtc.exe
14:18:11.0045 5856  MSDTC - ok
14:18:11.0051 5856  [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs            C:\Windows\system32\drivers\Msfs.sys
14:18:11.0054 5856  Msfs - ok
14:18:11.0056 5856  [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
14:18:11.0058 5856  mshidkmdf - ok
14:18:11.0061 5856  [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv        C:\Windows\system32\DRIVERS\msisadrv.sys
14:18:11.0062 5856  msisadrv - ok
14:18:11.0088 5856  [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
14:18:11.0091 5856  MSiSCSI - ok
14:18:11.0094 5856  msiserver - ok
14:18:11.0120 5856  [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
14:18:11.0121 5856  MSKSSRV - ok
14:18:11.0124 5856  [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
14:18:11.0125 5856  MSPCLOCK - ok
14:18:11.0129 5856  [ F456E973590D663B1073E9C463B40932 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
14:18:11.0130 5856  MSPQM - ok
14:18:11.0136 5856  [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
14:18:11.0138 5856  MsRPC - ok
14:18:11.0143 5856  [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
14:18:11.0144 5856  mssmbios - ok
14:18:11.0149 5856  [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
14:18:11.0151 5856  MSTEE - ok
14:18:11.0154 5856  [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
14:18:11.0155 5856  MTConfig - ok
14:18:11.0159 5856  [ 159FAD02F64E6381758C990F753BCC80 ] Mup             C:\Windows\system32\Drivers\mup.sys
14:18:11.0160 5856  Mup - ok
14:18:11.0194 5856  [ 80284F1985C70C86F0B5F86DA2DFE1DF ] napagent        C:\Windows\system32\qagentRT.dll
14:18:11.0198 5856  napagent - ok
14:18:11.0230 5856  [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
14:18:11.0234 5856  NativeWifiP - ok
14:18:11.0257 5856  [ 23759D175A0A9BAAF04D05047BC135A8 ] NDIS            C:\Windows\system32\drivers\ndis.sys
14:18:11.0261 5856  NDIS - ok
14:18:11.0265 5856  [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
14:18:11.0266 5856  NdisCap - ok
14:18:11.0277 5856  [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
14:18:11.0279 5856  NdisTapi - ok
14:18:11.0282 5856  [ B30AE7F2B6D7E343B0DF32E6C08FCE75 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
14:18:11.0284 5856  Ndisuio - ok
14:18:11.0289 5856  [ 267C415EADCBE53C9CA873DEE39CF3A4 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
14:18:11.0290 5856  NdisWan - ok
14:18:11.0313 5856  [ AF7E7C63DCEF3F8772726F86039D6EB4 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
14:18:11.0315 5856  NDProxy - ok
14:18:11.0319 5856  [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
14:18:11.0322 5856  NetBIOS - ok
14:18:11.0327 5856  [ DD52A733BF4CA5AF84562A5E2F963B91 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
14:18:11.0330 5856  NetBT - ok
14:18:11.0343 5856  [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] Netlogon        C:\Windows\system32\lsass.exe
14:18:11.0344 5856  Netlogon - ok
14:18:11.0395 5856  [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman          C:\Windows\System32\netman.dll
14:18:11.0398 5856  Netman - ok
14:18:11.0407 5856  [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm        C:\Windows\System32\netprofm.dll
14:18:11.0410 5856  netprofm - ok
14:18:11.0442 5856  [ FE2AA5A684B0DD9B1FAE57B7817C198B ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:18:11.0443 5856  NetTcpPortSharing - ok
14:18:11.0460 5856  [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
14:18:11.0463 5856  nfrd960 - ok
14:18:11.0491 5856  [ 2226496E34BD40734946A054B1CD657F ] NlaSvc          C:\Windows\System32\nlasvc.dll
14:18:11.0499 5856  NlaSvc - ok
14:18:11.0510 5856  [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
14:18:11.0512 5856  Npfs - ok
14:18:11.0525 5856  [ BA387E955E890C8A88306D9B8D06BF17 ] nsi             C:\Windows\system32\nsisvc.dll
14:18:11.0528 5856  nsi - ok
14:18:11.0532 5856  [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
14:18:11.0535 5856  nsiproxy - ok
14:18:11.0605 5856  [ A8F59428E9F361C7AC42A94AC1560BC9 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
14:18:11.0675 5856  Ntfs - ok
14:18:11.0696 5856  [ F9756A98D69098DCA8945D62858A812C ] Null            C:\Windows\system32\drivers\Null.sys
14:18:11.0697 5856  Null - ok
14:18:11.0710 5856  [ 3F3D04B1D08D43C16EA7963954EC768D ] nvraid          C:\Windows\system32\DRIVERS\nvraid.sys
14:18:11.0712 5856  nvraid - ok
14:18:11.0724 5856  [ C99F251A5DE63C6F129CF71933ACED0F ] nvstor          C:\Windows\system32\DRIVERS\nvstor.sys
14:18:11.0726 5856  nvstor - ok
14:18:11.0730 5856  [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp          C:\Windows\system32\DRIVERS\nv_agp.sys
14:18:11.0733 5856  nv_agp - ok
14:18:11.0737 5856  [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
14:18:11.0739 5856  ohci1394 - ok
14:18:11.0761 5856  [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
14:18:11.0764 5856  p2pimsvc - ok
14:18:11.0784 5856  [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc          C:\Windows\system32\p2psvc.dll
14:18:11.0788 5856  p2psvc - ok
14:18:11.0793 5856  [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
14:18:11.0795 5856  Parport - ok
14:18:11.0816 5856  [ 66D3415C159741ADE7038A277EFFF99F ] partmgr         C:\Windows\system32\drivers\partmgr.sys
14:18:11.0820 5856  partmgr - ok
14:18:11.0823 5856  [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
14:18:11.0825 5856  Parvdm - ok
14:18:11.0830 5856  [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc          C:\Windows\System32\pcasvc.dll
14:18:11.0833 5856  PcaSvc - ok
14:18:11.0839 5856  [ C858CB77C577780ECC456A892E7E7D0F ] pci             C:\Windows\system32\DRIVERS\pci.sys
14:18:11.0840 5856  pci - ok
14:18:11.0844 5856  [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide          C:\Windows\system32\DRIVERS\pciide.sys
14:18:11.0845 5856  pciide - ok
14:18:11.0867 5856  [ F396431B31693E71E8A80687EF523506 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
14:18:11.0869 5856  pcmcia - ok
14:18:11.0873 5856  [ 250F6B43D2B613172035C6747AEEB19F ] pcw             C:\Windows\system32\drivers\pcw.sys
14:18:11.0874 5856  pcw - ok
14:18:11.0890 5856  [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
14:18:11.0897 5856  PEAUTH - ok
14:18:11.0938 5856  [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
14:18:11.0968 5856  PeerDistSvc - ok
14:18:12.0021 5856  [ 9C1BFF7910C89A1D12E57343475840CB ] pla             C:\Windows\system32\pla.dll
14:18:12.0054 5856  pla - ok
14:18:12.0082 5856  [ 71DEF5EC79774C798342D0EA16E41780 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
14:18:12.0085 5856  PlugPlay - ok
14:18:12.0099 5856  [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
14:18:12.0102 5856  PNRPAutoReg - ok
14:18:12.0109 5856  [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
14:18:12.0111 5856  PNRPsvc - ok
14:18:12.0135 5856  [ 48E1B75C6DC0232FD92BAAE4BD344721 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
14:18:12.0139 5856  PolicyAgent - ok
14:18:12.0171 5856  [ DBFF83F709A91049621C1D35DD45C92C ] Power           C:\Windows\system32\umpo.dll
14:18:12.0174 5856  Power - ok
14:18:12.0212 5856  [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
14:18:12.0214 5856  PptpMiniport - ok
14:18:12.0220 5856  [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
14:18:12.0221 5856  Processor - ok
14:18:12.0253 5856  [ 630CF26F0227498B7D5A92B12548960F ] ProfSvc         C:\Windows\system32\profsvc.dll
14:18:12.0256 5856  ProfSvc - ok
14:18:12.0265 5856  [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:18:12.0266 5856  ProtectedStorage - ok
14:18:12.0287 5856  [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
14:18:12.0290 5856  Psched - ok
14:18:12.0341 5856  [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
14:18:12.0381 5856  ql2300 - ok
14:18:12.0401 5856  [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
14:18:12.0405 5856  ql40xx - ok
14:18:12.0421 5856  [ 31AC809E7707EB580B2BDB760390765A ] QWAVE           C:\Windows\system32\qwave.dll
14:18:12.0426 5856  QWAVE - ok
14:18:12.0429 5856  [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
14:18:12.0430 5856  QWAVEdrv - ok
14:18:12.0433 5856  [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
14:18:12.0435 5856  RasAcd - ok
14:18:12.0445 5856  [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
14:18:12.0446 5856  RasAgileVpn - ok
14:18:12.0475 5856  [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto         C:\Windows\System32\rasauto.dll
14:18:12.0483 5856  RasAuto - ok
14:18:12.0501 5856  [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
14:18:12.0503 5856  Rasl2tp - ok
14:18:12.0528 5856  [ 0CE66EC736B7FC526D78F7624C7D2A94 ] RasMan          C:\Windows\System32\rasmans.dll
14:18:12.0534 5856  RasMan - ok
14:18:12.0538 5856  [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
14:18:12.0540 5856  RasPppoe - ok
14:18:12.0558 5856  [ 44101F495A83EA6401D886E7FD70096B ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
14:18:12.0560 5856  RasSstp - ok
14:18:12.0565 5856  [ 835D7E81BF517A3B72384BDCC85E1CE6 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
14:18:12.0568 5856  rdbss - ok
14:18:12.0576 5856  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
14:18:12.0577 5856  rdpbus - ok
14:18:12.0580 5856  [ 1E016846895B15A99F9A176A05029075 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
14:18:12.0585 5856  RDPCDD - ok
14:18:12.0617 5856  [ C5FF95883FFEF704D50C40D21CFB3AB5 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
14:18:12.0620 5856  RDPDR - ok
14:18:12.0633 5856  [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
14:18:12.0634 5856  RDPENCDD - ok
14:18:12.0639 5856  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
14:18:12.0641 5856  RDPREFMP - ok
14:18:12.0677 5856  [ C5B8D47A4688DE9D335204EA757C2240 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
14:18:12.0681 5856  RDPWD - ok
14:18:12.0686 5856  [ 4EA225BF1CF05E158853F30A99CA29A7 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
14:18:12.0688 5856  rdyboost - ok
14:18:12.0716 5856  [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess    C:\Windows\System32\mprdim.dll
14:18:12.0719 5856  RemoteAccess - ok
14:18:12.0739 5856  [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
14:18:12.0743 5856  RemoteRegistry - ok
14:18:12.0768 5856  [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
14:18:12.0770 5856  RpcEptMapper - ok
14:18:12.0800 5856  [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator      C:\Windows\system32\locator.exe
14:18:12.0803 5856  RpcLocator - ok
14:18:12.0825 5856  [ B82CD39E336973359D7C9BF911E8E84F ] RpcSs           C:\Windows\system32\rpcss.dll
14:18:12.0828 5856  RpcSs - ok
14:18:12.0849 5856  [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
14:18:12.0851 5856  rspndr - ok
14:18:12.0915 5856  [ 382E200EA455306A33AE6D7EAB15649E ] rtl8192se       C:\Windows\system32\DRIVERS\rtl8192se.sys
14:18:12.0925 5856  rtl8192se - ok
14:18:12.0950 5856  [ 5423D8437051E89DD34749F242C98648 ] s3cap           C:\Windows\system32\DRIVERS\vms3cap.sys
14:18:12.0952 5856  s3cap - ok
14:18:12.0965 5856  [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] SamSs           C:\Windows\system32\lsass.exe
14:18:12.0967 5856  SamSs - ok
14:18:12.0981 5856  [ 34EE0C44B724E3E4CE2EFF29126DE5B5 ] sbp2port        C:\Windows\system32\DRIVERS\sbp2port.sys
14:18:12.0984 5856  sbp2port - ok
14:18:13.0011 5856  [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
14:18:13.0016 5856  SCardSvr - ok
14:18:13.0020 5856  [ A95C54B2AC3CC9C73FCDF9E51A1D6B51 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
14:18:13.0021 5856  scfilter - ok
14:18:13.0057 5856  [ DF1E5C82E4D09CF8105CC644980C4803 ] Schedule        C:\Windows\system32\schedsvc.dll
14:18:13.0066 5856  Schedule - ok
14:18:13.0085 5856  [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] SCPolicySvc     C:\Windows\System32\certprop.dll
14:18:13.0086 5856  SCPolicySvc - ok
14:18:13.0103 5856  [ 7B48CFF3A475FE849DEA65EC4D35C425 ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
14:18:13.0105 5856  sdbus - ok
14:18:13.0121 5856  [ 5FD90ABDBFAEE85986802622CBB03446 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
14:18:13.0126 5856  SDRSVC - ok
14:18:13.0165 5856  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
14:18:13.0168 5856  secdrv - ok
14:18:13.0182 5856  [ A59B3A4442C52060CC7A85293AA3546F ] seclogon        C:\Windows\system32\seclogon.dll
14:18:13.0185 5856  seclogon - ok
14:18:13.0195 5856  [ DCB7FCDCC97F87360F75D77425B81737 ] SENS            C:\Windows\System32\sens.dll
14:18:13.0198 5856  SENS - ok
14:18:13.0232 5856  [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc        C:\Windows\system32\sensrsvc.dll
14:18:13.0236 5856  SensrSvc - ok
14:18:13.0240 5856  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
14:18:13.0242 5856  Serenum - ok
14:18:13.0262 5856  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
14:18:13.0264 5856  Serial - ok
14:18:13.0268 5856  [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
14:18:13.0270 5856  sermouse - ok
14:18:13.0317 5856  [ 8F55CE568C543D5ADF45C409D16718FC ] SessionEnv      C:\Windows\system32\sessenv.dll
14:18:13.0326 5856  SessionEnv - ok
14:18:13.0333 5856  [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
14:18:13.0336 5856  sffdisk - ok
14:18:13.0343 5856  [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc        C:\Windows\system32\DRIVERS\sffp_mmc.sys
14:18:13.0346 5856  sffp_mmc - ok
14:18:13.0350 5856  [ 4F1E5B0FE7C8050668DBFADE8999AEFB ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
14:18:13.0352 5856  sffp_sd - ok
14:18:13.0357 5856  [ DB96666CC8312EBC45032F30B007A547 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
14:18:13.0359 5856  sfloppy - ok
14:18:13.0373 5856  [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
14:18:13.0378 5856  SharedAccess - ok
14:18:13.0392 5856  [ CD2E48FA5B29EE2B3B5858056D246EF2 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:18:13.0396 5856  ShellHWDetection - ok
14:18:13.0399 5856  [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp          C:\Windows\system32\DRIVERS\sisagp.sys
14:18:13.0401 5856  sisagp - ok
14:18:13.0414 5856  [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:18:13.0415 5856  SiSRaid2 - ok
14:18:13.0429 5856  [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
14:18:13.0431 5856  SiSRaid4 - ok
14:18:13.0440 5856  [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb             C:\Windows\system32\DRIVERS\smb.sys
14:18:13.0442 5856  Smb - ok
14:18:13.0463 5856  [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
14:18:13.0466 5856  SNMPTRAP - ok
14:18:13.0469 5856  [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr           C:\Windows\system32\drivers\spldr.sys
14:18:13.0471 5856  spldr - ok
14:18:13.0497 5856  [ D1BB750EB51694DE183E08B9C33BE5B2 ] Spooler         C:\Windows\System32\spoolsv.exe
14:18:13.0502 5856  Spooler - ok
14:18:13.0589 5856  [ 4C287F9069FEDBD791178876EE9DE536 ] sppsvc          C:\Windows\system32\sppsvc.exe
14:18:13.0637 5856  sppsvc - ok
14:18:13.0645 5856  [ D8E3E19EEBDAB49DD4A8D3062EAD4EC7 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
14:18:13.0647 5856  sppuinotify - ok
14:18:13.0681 5856  [ C4A027B8C0BD3FC0699F41FA5E9E0C87 ] srv             C:\Windows\system32\DRIVERS\srv.sys
14:18:13.0688 5856  srv - ok
14:18:13.0707 5856  [ 414BB592CAD8A79649D01F9D94318FB3 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
14:18:13.0714 5856  srv2 - ok
14:18:13.0731 5856  [ FF207D67700AA18242AAF985D3E7D8F4 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
14:18:13.0735 5856  srvnet - ok
14:18:13.0760 5856  [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
14:18:13.0764 5856  SSDPSRV - ok
14:18:13.0769 5856  [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
14:18:13.0771 5856  SstpSvc - ok
14:18:13.0831 5856  [ D44D3387809EEDB5564735EC27BE700E ] STacSV          C:\Program Files\IDT\WDM\STacSV.exe
14:18:13.0906 5856  STacSV - ok
14:18:13.0937 5856  [ DB32D325C192B801DF274BFD12A7E72B ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
14:18:13.0939 5856  stexstor - ok
14:18:13.0956 5856  [ CBC28A0F6F08242D7F7CF5875B72E23D ] STHDA           C:\Windows\system32\DRIVERS\stwrt.sys
14:18:13.0983 5856  STHDA - ok
14:18:14.0016 5856  [ A22825E7BB7018E8AF3E229A5AF17221 ] StiSvc          C:\Windows\System32\wiaservc.dll
14:18:14.0020 5856  StiSvc - ok
14:18:14.0044 5856  [ 957E346CA948668F2496A6CCF6FF82CC ] storflt         C:\Windows\system32\DRIVERS\vmstorfl.sys
14:18:14.0045 5856  storflt - ok
14:18:14.0068 5856  [ 0BF669F0A910BEDA4A32258D363AF2A5 ] StorSvc         C:\Windows\system32\storsvc.dll
14:18:14.0072 5856  StorSvc - ok
14:18:14.0088 5856  [ D5751969DC3E4B88BF482AC8EC9FE019 ] storvsc         C:\Windows\system32\DRIVERS\storvsc.sys
14:18:14.0089 5856  storvsc - ok
14:18:14.0093 5856  [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
14:18:14.0095 5856  swenum - ok
14:18:14.0132 5856  [ A28BD92DF340E57B024BA433165D34D7 ] swprv           C:\Windows\System32\swprv.dll
14:18:14.0136 5856  swprv - ok
14:18:14.0172 5856  [ 04105C8DA62353589C29BDAEB8D88BD8 ] SysMain         C:\Windows\system32\sysmain.dll
14:18:14.0183 5856  SysMain - ok
14:18:14.0198 5856  [ FCFB6C552FBC0DA299799CBD50AD9FD4 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:18:14.0202 5856  TabletInputService - ok
14:18:14.0217 5856  [ 2F46B0C70A4ADC8C90CF825DA3B4FEAF ] TapiSrv         C:\Windows\System32\tapisrv.dll
14:18:14.0221 5856  TapiSrv - ok
14:18:14.0230 5856  [ B799D9FDB26111737F58288D8DC172D9 ] TBS             C:\Windows\System32\tbssvc.dll
14:18:14.0234 5856  TBS - ok
14:18:14.0291 5856  [ BBCEAEFF1FD72A026F827CBB2F4AA8AD ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
14:18:14.0313 5856  Tcpip - ok
14:18:14.0348 5856  [ BBCEAEFF1FD72A026F827CBB2F4AA8AD ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
14:18:14.0355 5856  TCPIP6 - ok
14:18:14.0379 5856  [ E64444523ADD154F86567C469BC0B17F ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
14:18:14.0381 5856  tcpipreg - ok
14:18:14.0386 5856  [ 1875C1490D99E70E449E3AFAE9FCBADF ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
14:18:14.0388 5856  TDPIPE - ok
14:18:14.0424 5856  [ 7156308896D34EA75A582F9A09E50C17 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
14:18:14.0426 5856  TDTCP - ok
14:18:14.0430 5856  [ CB39E896A2A83702D1737BFD402B3542 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
14:18:14.0432 5856  tdx - ok
14:18:14.0437 5856  [ C36F41EE20E6999DBF4B0425963268A5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
14:18:14.0439 5856  TermDD - ok
14:18:14.0473 5856  [ 790B322949B0D50D92F8783E77042AD1 ] TermService     C:\Windows\System32\termsrv.dll
14:18:14.0478 5856  TermService - ok
14:18:14.0495 5856  [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes          C:\Windows\system32\themeservice.dll
14:18:14.0499 5856  Themes - ok
14:18:14.0510 5856  [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER     C:\Windows\system32\mmcss.dll
14:18:14.0512 5856  THREADORDER - ok
14:18:14.0544 5856  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks          C:\Windows\System32\trkwks.dll
14:18:14.0546 5856  TrkWks - ok
14:18:14.0612 5856  [ 41A4C781D2286208D397D72099304133 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:18:14.0616 5856  TrustedInstaller - ok
14:18:14.0622 5856  [ 98AE6FA07D12CB4EC5CF4A9BFA5F4242 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
14:18:14.0623 5856  tssecsrv - ok
14:18:14.0676 5856  [ 3E461D890A97F9D4C168F5FDA36E1D00 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
14:18:14.0680 5856  tunnel - ok
14:18:14.0717 5856  [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
14:18:14.0719 5856  uagp35 - ok
14:18:14.0726 5856  [ 09CC3E16F8E5EE7168E01CF8FCBE061A ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
14:18:14.0728 5856  udfs - ok
14:18:14.0767 5856  [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
14:18:14.0771 5856  UI0Detect - ok
14:18:14.0783 5856  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx        C:\Windows\system32\DRIVERS\uliagpkx.sys
14:18:14.0785 5856  uliagpkx - ok
14:18:14.0789 5856  [ 049B3A50B3D646BAEEEE9EEC9B0668DC ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
14:18:14.0791 5856  umbus - ok
14:18:14.0794 5856  [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
14:18:14.0795 5856  UmPass - ok
14:18:14.0819 5856  [ 8ECACA5454844F66386F7BE4AE0D7CD1 ] UmRdpService    C:\Windows\System32\umrdp.dll
14:18:14.0822 5856  UmRdpService - ok
14:18:14.0888 5856  [ FDF92EC84FECEE834FB10A2A0A19BCDA ] UNS             C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe
14:18:14.0942 5856  UNS - ok
14:18:14.0983 5856  [ 833FBB672460EFCE8011D262175FAD33 ] upnphost        C:\Windows\System32\upnphost.dll
14:18:14.0987 5856  upnphost - ok
14:18:14.0991 5856  [ 8455C4ED038EFD09E99327F9D2D48FFA ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
14:18:14.0992 5856  usbccgp - ok
14:18:14.0997 5856  [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir          C:\Windows\system32\DRIVERS\usbcir.sys
14:18:14.0999 5856  usbcir - ok
14:18:15.0015 5856  [ 1C333BFD60F2FED2C7AD5DAF533CB742 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
14:18:15.0016 5856  usbehci - ok
14:18:15.0028 5856  [ EE6EF93CCFA94FAE8C6AB298273D8AE2 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
14:18:15.0032 5856  usbhub - ok
14:18:15.0037 5856  [ A6FB7957EA7AFB1165991E54CE934B74 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
14:18:15.0038 5856  usbohci - ok
14:18:15.0069 5856  [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
14:18:15.0070 5856  usbprint - ok
14:18:15.0075 5856  [ D8889D56E0D27E57ED4591837FE71D27 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:18:15.0076 5856  USBSTOR - ok
14:18:15.0080 5856  [ 78780C3EBCE17405B1CCD07A3A8A7D72 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
14:18:15.0081 5856  usbuhci - ok
14:18:15.0106 5856  [ F642A7E4BF78CFA359CCA0A3557C28D7 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
14:18:15.0109 5856  usbvideo - ok
14:18:15.0132 5856  [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms           C:\Windows\System32\uxsms.dll
14:18:15.0135 5856  UxSms - ok
14:18:15.0154 5856  [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] VaultSvc        C:\Windows\system32\lsass.exe
14:18:15.0155 5856  VaultSvc - ok
14:18:15.0159 5856  [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot        C:\Windows\system32\DRIVERS\vdrvroot.sys
14:18:15.0160 5856  vdrvroot - ok
14:18:15.0186 5856  [ 8C4E7C49D3641BC9E299E466A7F8867D ] vds             C:\Windows\System32\vds.exe
14:18:15.0194 5856  vds - ok
14:18:15.0205 5856  [ 17C408214EA61696CEC9C66E388B14F3 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
14:18:15.0207 5856  vga - ok
14:18:15.0210 5856  [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave         C:\Windows\System32\drivers\vga.sys
14:18:15.0211 5856  VgaSave - ok
14:18:15.0216 5856  [ 3BE6E1F3A4F1AFEC8CEE0D7883F93583 ] vhdmp           C:\Windows\system32\DRIVERS\vhdmp.sys
14:18:15.0219 5856  vhdmp - ok
14:18:15.0229 5856  [ C829317A37B4BEA8F39735D4B076E923 ] viaagp          C:\Windows\system32\DRIVERS\viaagp.sys
14:18:15.0230 5856  viaagp - ok
14:18:15.0234 5856  [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7           C:\Windows\system32\DRIVERS\viac7.sys
14:18:15.0236 5856  ViaC7 - ok
14:18:15.0242 5856  [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide          C:\Windows\system32\DRIVERS\viaide.sys
14:18:15.0243 5856  viaide - ok
14:18:15.0266 5856  [ 379B349F65F453D2A6E75EA6B7448E49 ] vmbus           C:\Windows\system32\DRIVERS\vmbus.sys
14:18:15.0269 5856  vmbus - ok
14:18:15.0275 5856  [ EC2BBAB4B84D0738C6C83D2234DC36FE ] VMBusHID        C:\Windows\system32\DRIVERS\VMBusHID.sys
14:18:15.0276 5856  VMBusHID - ok
14:18:15.0281 5856  [ 384E5A2AA49934295171E499F86BA6F3 ] volmgr          C:\Windows\system32\DRIVERS\volmgr.sys
14:18:15.0282 5856  volmgr - ok
14:18:15.0290 5856  [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
14:18:15.0294 5856  volmgrx - ok
14:18:15.0321 5856  [ 59F06B4968E58BC83DFC56CA4517960E ] volsnap         C:\Windows\system32\DRIVERS\volsnap.sys
14:18:15.0356 5856  volsnap - ok
14:18:15.0376 5856  [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
14:18:15.0379 5856  vsmraid - ok
14:18:15.0427 5856  [ 7EA2BCD94D9CFAF4C556F5CC94532A6C ] VSS             C:\Windows\system32\vssvc.exe
14:18:15.0441 5856  VSS - ok
14:18:15.0444 5856  [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
14:18:15.0445 5856  vwifibus - ok
14:18:15.0449 5856  [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
14:18:15.0451 5856  vwififlt - ok
14:18:15.0466 5856  [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time         C:\Windows\system32\w32time.dll
14:18:15.0470 5856  W32Time - ok
14:18:15.0475 5856  [ DE3721E89C653AA281428C8A69745D90 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
14:18:15.0477 5856  WacomPen - ok
14:18:15.0483 5856  [ 692A712062146E96D28BA0B7D75DE31B ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
14:18:15.0485 5856  WANARP - ok
14:18:15.0489 5856  [ 692A712062146E96D28BA0B7D75DE31B ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
14:18:15.0490 5856  Wanarpv6 - ok
14:18:15.0528 5856  [ 7790B77FE1E5EE47DCC66247095BB4C9 ] wbengine        C:\Windows\system32\wbengine.exe
14:18:15.0562 5856  wbengine - ok
14:18:15.0566 5856  [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
14:18:15.0571 5856  WbioSrvc - ok
14:18:15.0578 5856  [ D0F88AA11EE1A62BCC6D6A8A7783CA11 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
14:18:15.0583 5856  wcncsvc - ok
14:18:15.0599 5856  [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:18:15.0602 5856  WcsPlugInService - ok
14:18:15.0608 5856  [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd              C:\Windows\system32\DRIVERS\wd.sys
14:18:15.0610 5856  Wd - ok
14:18:15.0631 5856  [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
14:18:15.0634 5856  Wdf01000 - ok
14:18:15.0647 5856  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
14:18:15.0649 5856  WdiServiceHost - ok
14:18:15.0654 5856  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
14:18:15.0658 5856  WdiSystemHost - ok
14:18:15.0673 5856  [ D87C7D2C517F82A5AB7A73E203063D9E ] WebClient       C:\Windows\System32\webclnt.dll
14:18:15.0678 5856  WebClient - ok
14:18:15.0696 5856  [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc          C:\Windows\system32\wecsvc.dll
14:18:15.0700 5856  Wecsvc - ok
14:18:15.0718 5856  [ AC804569BB2364FB6017370258A4091B ] wercplsupport   C:\Windows\System32\wercplsupport.dll
14:18:15.0720 5856  wercplsupport - ok
14:18:15.0733 5856  [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc          C:\Windows\System32\WerSvc.dll
14:18:15.0736 5856  WerSvc - ok
14:18:15.0749 5856  [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
14:18:15.0750 5856  WfpLwf - ok
14:18:15.0755 5856  [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
14:18:15.0756 5856  WIMMount - ok
14:18:15.0817 5856  [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
14:18:15.0837 5856  WinDefend - ok
14:18:15.0848 5856  WinHttpAutoProxySvc - ok
14:18:15.0923 5856  [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
14:18:15.0932 5856  Winmgmt - ok
14:18:15.0984 5856  [ C4F5D3901D1B41D602DDC196E0B95B51 ] WinRM           C:\Windows\system32\WsmSvc.dll
14:18:15.0999 5856  WinRM - ok
14:18:16.0038 5856  [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc         C:\Windows\System32\wlansvc.dll
14:18:16.0045 5856  Wlansvc - ok
14:18:16.0074 5856  [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
14:18:16.0075 5856  WmiAcpi - ok
14:18:16.0091 5856  [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
14:18:16.0094 5856  wmiApSrv - ok
14:18:16.0158 5856  [ 77FBD400984CF72BA0FC4B3489D65F74 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
14:18:16.0178 5856  WMPNetworkSvc - ok
14:18:16.0193 5856  [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc          C:\Windows\System32\wpcsvc.dll
14:18:16.0196 5856  WPCSvc - ok
14:18:16.0201 5856  [ B7F658A2EBC07129538AD9AB35212637 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
14:18:16.0205 5856  WPDBusEnum - ok
14:18:16.0227 5856  [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
14:18:16.0229 5856  ws2ifsl - ok
14:18:16.0242 5856  [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc          C:\Windows\System32\wscsvc.dll
14:18:16.0245 5856  wscsvc - ok
14:18:16.0247 5856  WSearch - ok
14:18:16.0303 5856  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
14:18:16.0367 5856  wuauserv - ok
14:18:16.0426 5856  [ 6F9B6C0C93232CFF47D0F72D6DB1D21E ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
14:18:16.0473 5856  WudfPf - ok
14:18:16.0571 5856  [ F91FF1E51FCA30B3C3981DB7D5924252 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
14:18:16.0612 5856  WUDFRd - ok
14:18:16.0649 5856  [ DDEE3682FE97037C45F4D7AB467CB8B6 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
14:18:16.0656 5856  wudfsvc - ok
14:18:16.0673 5856  [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc         C:\Windows\System32\wwansvc.dll
14:18:16.0680 5856  WwanSvc - ok
14:18:16.0710 5856  ================ Scan global ===============================
14:18:16.0740 5856  [ 9A595DF601070DA78C40481120DD2C06 ] C:\Windows\system32\basesrv.dll
14:18:16.0775 5856  [ 8531AAF69394EFB93BC653916C46D245 ] C:\Windows\system32\winsrv.dll
14:18:16.0785 5856  [ 8531AAF69394EFB93BC653916C46D245 ] C:\Windows\system32\winsrv.dll
14:18:16.0814 5856  [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
14:18:16.0845 5856  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
14:18:16.0849 5856  [Global] - ok
14:18:16.0850 5856  ================ Scan MBR ==================================
14:18:16.0859 5856  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:18:17.0169 5856  \Device\Harddisk0\DR0 - ok
14:18:17.0170 5856  ================ Scan VBR ==================================
14:18:17.0173 5856  [ F79331A233A67809D98D376148F5CCE3 ] \Device\Harddisk0\DR0\Partition1
14:18:17.0175 5856  \Device\Harddisk0\DR0\Partition1 - ok
14:18:17.0195 5856  [ 4F2391D9525D065054C6B0C630B483B4 ] \Device\Harddisk0\DR0\Partition2
14:18:17.0197 5856  \Device\Harddisk0\DR0\Partition2 - ok
14:18:17.0216 5856  [ 2AE2012AB97629D2E3DA5F590C7F0C46 ] \Device\Harddisk0\DR0\Partition3
14:18:17.0219 5856  \Device\Harddisk0\DR0\Partition3 - ok
14:18:17.0220 5856  ============================================================
14:18:17.0220 5856  Scan finished
14:18:17.0220 5856  ============================================================
14:18:17.0236 4168  Detected object count: 0
14:18:17.0236 4168  Actual detected object count: 0
 
AdwCleaner:
 
# AdwCleaner v2.305 - Relatório criado em 12/07/2013 às 14:20:57
# Atualizado em 11/07/2013 por Xplode
# Sistema Operacional : Windows 7 Professional  (32 bits)
# Usuário : Rafael - RAFAEL-NOTEBOOK
# Modo de Boot : Normal
# Executado de : C:\Users\Rafael\Downloads\AdwCleaner.exe
# Opção [Remover]
 
 
***** [Serviços] *****
 
 
***** [Arquivos/Pastas] *****
 
 
***** [Registro] *****
 
 
***** [Navegadores] *****
 
-\\ Internet Explorer v9.0.8112.16421
 
[OK] Registro está limpo.
 
-\\ Google Chrome v28.0.1500.71
 
Arquivo : C:\Users\Rafael\AppData\Local\Google\Chrome\User Data\Default\Preferences
 
[OK] Arquivo está limpo.
 
*************************
 
AdwCleaner[R1].txt - [897 octets] - [12/07/2013 02:15:48]
AdwCleaner[R2].txt - [985 octets] - [12/07/2013 14:20:45]
AdwCleaner[S1].txt - [349 octets] - [12/07/2013 02:16:18]
AdwCleaner[S2].txt - [1009 octets] - [12/07/2013 02:18:28]
AdwCleaner[S3].txt - [915 octets] - [12/07/2013 14:20:57]
 
########## EOF - C:\AdwCleaner[S3].txt - [974 octets] ##########
 
ESET logs:
 
C:\Users\Rafael\AppData\Local\Temp\foto.gif a variant of Java/Agent.E trojan cleaned by deleting - quarantined
C:\Users\Rafael\AppData\Local\Temp\nao1753341602244666139sim.exe a variant of Java/Agent.E trojan deleted - quarantined
C:\Users\Rafael\AppData\Local\Temp\nao244681424165910593sim.exe a variant of Java/Agent.E trojan deleted - quarantined
C:\Users\Rafael\AppData\Local\Temp\nao5257944042556896501sim.exe a variant of Java/Agent.E trojan deleted - quarantined
C:\Users\Rafael\AppData\Local\Temp\nao6801283922341418428sim.exe a variant of Java/Agent.E trojan deleted - quarantined
C:\Users\Rafael\AppData\Local\Temp\nao7235995768828626396sim.exe a variant of Java/Agent.E trojan deleted - quarantined
C:\Users\Rafael\AppData\Local\Temp\nao7953938182059621137sim.exe a variant of Java/Agent.E trojan deleted - quarantined
C:\Users\Rafael\AppData\Local\Temp\nao8216110626999759444sim.exe a variant of Java/Agent.E trojan deleted - quarantined
C:\Users\Rafael\AppData\Local\Temp\nao8524957816108127548sim.exe a variant of Java/Agent.E trojan deleted - quarantined
C:\Users\Rafael\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0\73be74c0-65c35236 a variant of Java/Agent.E trojan deleted - quarantined
C:\Users\Rafael\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22\476f9bd6-3f75f3fd a variant of Java/Agent.E trojan deleted - quarantined
C:\Users\Rafael\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28\1f654d1c-6e5bda53 a variant of Java/Agent.E trojan deleted - quarantined
C:\Users\Rafael\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3\72bc383-7b165591 a variant of Java/Agent.E trojan deleted - quarantined
C:\Users\Rafael\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30\5a40039e-3581f261 a variant of Java/Agent.E trojan deleted - quarantined
C:\Users\Rafael\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\16388432-50e26b91 a variant of Java/Agent.E trojan deleted - quarantined
C:\Users\Rafael\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59\20a83b7b-3ddb89ec a variant of Java/Agent.E trojan deleted - quarantined
C:\Users\Rafael\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60\5e4607bc-5714ffb6 a variant of Java/Agent.E trojan deleted - quarantined
D:\Programas\Daemon Tools Lite\DTLite4454-0316.exe Win32/OpenCandy application cleaned by deleting - quarantined
 

It stopped showing the fake update message when I go to youtube, instead it opens a self-extracting file from WinRar called tropa.exe and Kaspersky goes wild blocking it. If I uninstall Java nothing will happen when I open youtube (but obviously it will load messy and won't work). By installing Java again the malware will show up one more time. What now?


Edited by Flixxel, 12 July 2013 - 03:36 PM.


#4 Flixxel

Flixxel
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:04:59 AM

Posted 12 July 2013 - 02:06 PM

Oh and i still cant post in here, just edit comments. my laptop shows no typing box (doing it on the phone right now)


Edited by Flixxel, 12 July 2013 - 02:06 PM.


#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 62,409 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:59 AM

Posted 12 July 2013 - 08:09 PM

Hello, I cannot find good info on the "tropa.exe" file. Therefore we need to get a deeper look for the malware. Follow this guide. Make a new post with this latest info.

when I go to youtube, instead it opens a self-extracting file from WinRar called tropa.exe and Kaspersky goes wild blocking it. If I uninstall Java nothing will happen when I open youtube (but obviously it will load messy and won't work). By installing Java again the malware will show up one more time. What now?

Include this link back to here.

http://www.bleepingcomputer.com/forums/t/500882/flashjava-virus/#entry3102336

We need stronger tools to get it out.

Please follow this Preparation Guide and post in a new topic.
Let me know if all went well.

Edited by boopme, 12 July 2013 - 08:10 PM.

How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook Have you seen..Select Real Security

#6 Flixxel

Flixxel
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:04:59 AM

Posted 12 July 2013 - 10:12 PM

Done. My sincere gratefulness for your guidance. I will wait for their reply!

 

For future reference: http://www.bleepingcomputer.com/forums/t/500926/java-virus/


Edited by Flixxel, 12 July 2013 - 10:13 PM.


#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 62,409 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:59 AM

Posted 13 July 2013 - 09:36 AM

You're welcome!!

Now that your log is properly posted, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a Malware Removal Team member, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show it the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.
From this point on the Malware Removal Team should be the only members that you take advice from, until they have verified your log as clean.
Please be patient. It may take a while to get a response because the Malware Removal Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the Malware Removal Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRL Team member is already assisting you and not open the thread to respond.
The current wait time is 1 - 2 days and ALL logs are answered.
If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.
To avoid confusion, I am closing this topic.
How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook Have you seen..Select Real Security




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users