Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

PUP.WhiteSmoke infection


  • Please log in to reply
4 replies to this topic

#1 nehsb

nehsb

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:05:38 AM

Posted 16 November 2011 - 06:39 PM

I scanned my computer with MBAM and found two PUP.WhiteSmoke files, which were quarantined. I no longer see WhiteSmoke in the list of programs, but how do I make sure my computers has gotten rid of the WhiteSmoke file. I also read that PUP.WhiteSmoke contains a rootkit a lot of times, how do I check if I have it?

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:38 AM

Posted 16 November 2011 - 09:07 PM

Welcome!
The WhiteSmoke web site indicates it makes English grammar correction software, translation software, and other specialized English writing tools. However, many users have reported they did not know how WhiteSmoke was downloaded or installed. From our investigation and dealings with this software we are also finding many cases of it with a TDSS rootkit infection. So depending on the severity of system infection will determine how the disinfection process goes.

The web site says the software can be removed through Add/Remove Programs or Programs and Features if using Vista/Windows 7 so check there first, highlight anything with the name "Whitesmoke", select Remove and restart the computer normally. This appears to work in most cases with the Whitesmoke Toolbar but not with the Translator.



Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
Be sure to download TDSSKiller.exe (2.6.11.0) from Kaspersky's website and not TDSSKiller.zip which appears to be an older version 2.3.2.2 of the tool.
  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.


If TDSSKiller does not run, try renaming it. To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to these[/color] instructions. [color=green]In some cases it may be necessary to redownload TDSSKiller and randomly rename it before downloading and saving to the computer.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 nehsb

nehsb
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:05:38 AM

Posted 16 November 2011 - 10:11 PM

(By the way, the scan ran extremely quickly, scanning only around 250 files; is this supposed to happen?)

The only thing it listed was a Locked file, Service: sptd, Suspicious object, Medium risk, LockedFile.Multi.Generic (There was no cure button, according to the Kaspersky website that's because it's only Medium risk. I just did the default option, skip.)

19:05:14.0125 3480 TDSS rootkit removing tool 2.6.19.0 Nov 16 2011 12:18:50
19:05:14.0531 3480 ============================================================
19:05:14.0531 3480 Current date / time: 2011/11/16 19:05:14.0531
19:05:14.0531 3480 SystemInfo:
19:05:14.0531 3480
19:05:14.0531 3480 OS Version: 6.1.7600 ServicePack: 0.0
19:05:14.0531 3480 Product type: Workstation
19:05:14.0531 3480 ComputerName: DAVIDYANG246B
19:05:14.0531 3480 UserName: Administrator
19:05:14.0531 3480 Windows directory: C:\Windows
19:05:14.0531 3480 System windows directory: C:\Windows
19:05:14.0531 3480 Processor architecture: Intel x86
19:05:14.0531 3480 Number of processors: 1
19:05:14.0531 3480 Page size: 0x1000
19:05:14.0531 3480 Boot type: Normal boot
19:05:14.0531 3480 ============================================================
19:05:14.0671 3480 Initialize success
19:05:31.0625 3552 ============================================================
19:05:31.0625 3552 Scan started
19:05:31.0625 3552 Mode: Manual;
19:05:31.0625 3552 ============================================================
19:05:31.0953 3552 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys
19:05:31.0953 3552 1394ohci - ok
19:05:31.0968 3552 ac97intc (4b56caafed0b0b996341d74ce0e76565) C:\Windows\system32\drivers\ac97intc.sys
19:05:31.0968 3552 ac97intc - ok
19:05:32.0000 3552 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys
19:05:32.0000 3552 ACPI - ok
19:05:32.0015 3552 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys
19:05:32.0015 3552 AcpiPmi - ok
19:05:32.0046 3552 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
19:05:32.0046 3552 adp94xx - ok
19:05:32.0078 3552 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
19:05:32.0078 3552 adpahci - ok
19:05:32.0093 3552 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
19:05:32.0109 3552 adpu320 - ok
19:05:32.0140 3552 AFD (0db7a48388d54d154ebec120461a0fcd) C:\Windows\system32\drivers\afd.sys
19:05:32.0140 3552 AFD - ok
19:05:32.0171 3552 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys
19:05:32.0171 3552 agp440 - ok
19:05:32.0390 3552 AhnRptTfFRegFNT - ok
19:05:32.0406 3552 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
19:05:32.0406 3552 aic78xx - ok
19:05:32.0453 3552 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys
19:05:32.0453 3552 aliide - ok
19:05:32.0468 3552 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys
19:05:32.0468 3552 amdagp - ok
19:05:32.0484 3552 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys
19:05:32.0484 3552 amdide - ok
19:05:32.0531 3552 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
19:05:32.0531 3552 AmdK8 - ok
19:05:32.0546 3552 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
19:05:32.0546 3552 AmdPPM - ok
19:05:32.0625 3552 amdsata (19ce906b4cdc11fc4fef5745f33a63b6) C:\Windows\system32\drivers\amdsata.sys
19:05:32.0625 3552 amdsata - ok
19:05:32.0640 3552 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
19:05:32.0640 3552 amdsbs - ok
19:05:32.0671 3552 amdxata (869e67d66be326a5a9159fba8746fa70) C:\Windows\system32\drivers\amdxata.sys
19:05:32.0687 3552 amdxata - ok
19:05:32.0703 3552 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys
19:05:32.0703 3552 AppID - ok
19:05:32.0750 3552 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
19:05:32.0750 3552 arc - ok
19:05:32.0765 3552 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
19:05:32.0781 3552 arcsas - ok
19:05:32.0796 3552 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
19:05:32.0796 3552 AsyncMac - ok
19:05:32.0812 3552 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys
19:05:32.0812 3552 atapi - ok
19:05:32.0875 3552 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
19:05:32.0875 3552 b06bdrv - ok
19:05:32.0890 3552 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
19:05:32.0906 3552 b57nd60x - ok
19:05:32.0921 3552 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
19:05:32.0921 3552 Beep - ok
19:05:32.0953 3552 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
19:05:32.0953 3552 blbdrive - ok
19:05:32.0968 3552 bowser (9a5c671b7fbae4865149bb11f59b91b2) C:\Windows\system32\DRIVERS\bowser.sys
19:05:32.0968 3552 bowser - ok
19:05:33.0000 3552 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:05:33.0000 3552 BrFiltLo - ok
19:05:33.0015 3552 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:05:33.0015 3552 BrFiltUp - ok
19:05:33.0093 3552 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
19:05:33.0093 3552 Brserid - ok
19:05:33.0109 3552 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
19:05:33.0109 3552 BrSerWdm - ok
19:05:33.0140 3552 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
19:05:33.0140 3552 BrUsbMdm - ok
19:05:33.0156 3552 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
19:05:33.0156 3552 BrUsbSer - ok
19:05:33.0171 3552 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
19:05:33.0171 3552 BTHMODEM - ok
19:05:33.0203 3552 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
19:05:33.0203 3552 cdfs - ok
19:05:33.0218 3552 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys
19:05:33.0218 3552 cdrom - ok
19:05:33.0250 3552 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
19:05:33.0250 3552 circlass - ok
19:05:33.0265 3552 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
19:05:33.0265 3552 CLFS - ok
19:05:33.0296 3552 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
19:05:33.0296 3552 CmBatt - ok
19:05:33.0312 3552 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys
19:05:33.0312 3552 cmdide - ok
19:05:33.0343 3552 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
19:05:33.0343 3552 CNG - ok
19:05:33.0359 3552 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
19:05:33.0359 3552 Compbatt - ok
19:05:33.0390 3552 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys
19:05:33.0390 3552 CompositeBus - ok
19:05:33.0406 3552 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
19:05:33.0406 3552 crcdisk - ok
19:05:33.0453 3552 DfsC (83d1ecea8faae75604c0fa49ac7ad996) C:\Windows\system32\Drivers\dfsc.sys
19:05:33.0453 3552 DfsC - ok
19:05:33.0468 3552 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
19:05:33.0468 3552 discache - ok
19:05:33.0515 3552 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
19:05:33.0515 3552 Disk - ok
19:05:33.0578 3552 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
19:05:33.0578 3552 drmkaud - ok
19:05:33.0609 3552 DXGKrnl (1679a4669326cb1a67cc95658d273234) C:\Windows\System32\drivers\dxgkrnl.sys
19:05:33.0609 3552 DXGKrnl - ok
19:05:33.0640 3552 EagleNT - ok
19:05:33.0765 3552 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
19:05:33.0796 3552 ebdrv - ok
19:05:33.0859 3552 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
19:05:33.0859 3552 elxstor - ok
19:05:33.0890 3552 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys
19:05:33.0890 3552 ErrDev - ok
19:05:33.0937 3552 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
19:05:33.0937 3552 exfat - ok
19:05:33.0968 3552 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
19:05:33.0968 3552 fastfat - ok
19:05:33.0984 3552 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
19:05:33.0984 3552 fdc - ok
19:05:34.0015 3552 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
19:05:34.0015 3552 FileInfo - ok
19:05:34.0031 3552 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
19:05:34.0031 3552 Filetrace - ok
19:05:34.0062 3552 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
19:05:34.0062 3552 flpydisk - ok
19:05:34.0078 3552 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
19:05:34.0078 3552 FltMgr - ok
19:05:34.0109 3552 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
19:05:34.0109 3552 FsDepends - ok
19:05:34.0125 3552 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
19:05:34.0125 3552 Fs_Rec - ok
19:05:34.0187 3552 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\Windows\system32\DRIVERS\fvevol.sys
19:05:34.0187 3552 fvevol - ok
19:05:34.0203 3552 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
19:05:34.0203 3552 gagp30kx - ok
19:05:34.0281 3552 GGSAFERDriver - ok
19:05:34.0328 3552 hamachi (53b84ef7011832bc094b46c057a42aa8) C:\Windows\system32\DRIVERS\hamachi.sys
19:05:34.0328 3552 hamachi - ok
19:05:34.0359 3552 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
19:05:34.0359 3552 hcw85cir - ok
19:05:34.0390 3552 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys
19:05:34.0390 3552 HDAudBus - ok
19:05:34.0406 3552 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
19:05:34.0406 3552 HidBatt - ok
19:05:34.0421 3552 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
19:05:34.0437 3552 HidBth - ok
19:05:34.0453 3552 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
19:05:34.0453 3552 HidIr - ok
19:05:34.0484 3552 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys
19:05:34.0484 3552 HidUsb - ok
19:05:34.0515 3552 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys
19:05:34.0515 3552 HpSAMD - ok
19:05:34.0546 3552 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys
19:05:34.0546 3552 HTTP - ok
19:05:34.0578 3552 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys
19:05:34.0578 3552 hwpolicy - ok
19:05:34.0593 3552 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
19:05:34.0593 3552 i8042prt - ok
19:05:34.0640 3552 iaStorV (71f1a494fedf4b33c02c4a6a28d6d9e9) C:\Windows\system32\drivers\iaStorV.sys
19:05:34.0640 3552 iaStorV - ok
19:05:34.0687 3552 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
19:05:34.0687 3552 iirsp - ok
19:05:34.0703 3552 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys
19:05:34.0703 3552 intelide - ok
19:05:34.0734 3552 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
19:05:34.0734 3552 intelppm - ok
19:05:34.0750 3552 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:05:34.0750 3552 IpFilterDriver - ok
19:05:34.0781 3552 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys
19:05:34.0781 3552 IPMIDRV - ok
19:05:34.0796 3552 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
19:05:34.0796 3552 IPNAT - ok
19:05:34.0843 3552 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
19:05:34.0843 3552 IRENUM - ok
19:05:34.0859 3552 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys
19:05:34.0859 3552 isapnp - ok
19:05:34.0890 3552 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys
19:05:34.0906 3552 iScsiPrt - ok
19:05:34.0921 3552 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
19:05:34.0921 3552 kbdclass - ok
19:05:34.0953 3552 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys
19:05:34.0968 3552 kbdhid - ok
19:05:35.0000 3552 KSecDD (e36a061ec11b373826905b21be10948f) C:\Windows\system32\Drivers\ksecdd.sys
19:05:35.0000 3552 KSecDD - ok
19:05:35.0015 3552 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) C:\Windows\system32\Drivers\ksecpkg.sys
19:05:35.0015 3552 KSecPkg - ok
19:05:35.0078 3552 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
19:05:35.0078 3552 lltdio - ok
19:05:35.0125 3552 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
19:05:35.0125 3552 LSI_FC - ok
19:05:35.0140 3552 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
19:05:35.0140 3552 LSI_SAS - ok
19:05:35.0171 3552 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:05:35.0171 3552 LSI_SAS2 - ok
19:05:35.0203 3552 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:05:35.0203 3552 LSI_SCSI - ok
19:05:35.0218 3552 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
19:05:35.0218 3552 luafv - ok
19:05:35.0250 3552 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
19:05:35.0250 3552 megasas - ok
19:05:35.0281 3552 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
19:05:35.0281 3552 MegaSR - ok
19:05:35.0296 3552 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
19:05:35.0296 3552 Modem - ok
19:05:35.0328 3552 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
19:05:35.0328 3552 monitor - ok
19:05:35.0343 3552 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
19:05:35.0343 3552 mouclass - ok
19:05:35.0359 3552 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
19:05:35.0359 3552 mouhid - ok
19:05:35.0390 3552 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys
19:05:35.0390 3552 mountmgr - ok
19:05:35.0406 3552 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys
19:05:35.0406 3552 mpio - ok
19:05:35.0437 3552 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
19:05:35.0437 3552 mpsdrv - ok
19:05:35.0453 3552 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys
19:05:35.0453 3552 MRxDAV - ok
19:05:35.0500 3552 mrxsmb (ca7570e42522e24324a12161db14ec02) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:05:35.0500 3552 mrxsmb - ok
19:05:35.0515 3552 mrxsmb10 (f965c3ab2b2ae5c378f4562486e35051) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:05:35.0531 3552 mrxsmb10 - ok
19:05:35.0562 3552 mrxsmb20 (25c38264a3c72594dd21d355d70d7a5d) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:05:35.0562 3552 mrxsmb20 - ok
19:05:35.0578 3552 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys
19:05:35.0578 3552 msahci - ok
19:05:35.0609 3552 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys
19:05:35.0609 3552 msdsm - ok
19:05:35.0640 3552 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
19:05:35.0640 3552 Msfs - ok
19:05:35.0671 3552 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
19:05:35.0671 3552 mshidkmdf - ok
19:05:35.0687 3552 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys
19:05:35.0687 3552 msisadrv - ok
19:05:35.0718 3552 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
19:05:35.0718 3552 MSKSSRV - ok
19:05:35.0734 3552 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
19:05:35.0734 3552 MSPCLOCK - ok
19:05:35.0765 3552 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
19:05:35.0765 3552 MSPQM - ok
19:05:35.0781 3552 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
19:05:35.0781 3552 MsRPC - ok
19:05:35.0796 3552 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
19:05:35.0796 3552 mssmbios - ok
19:05:35.0828 3552 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
19:05:35.0828 3552 MSTEE - ok
19:05:35.0843 3552 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
19:05:35.0843 3552 MTConfig - ok
19:05:35.0859 3552 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
19:05:35.0859 3552 Mup - ok
19:05:35.0984 3552 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
19:05:35.0984 3552 NativeWifiP - ok
19:05:36.0015 3552 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys
19:05:36.0031 3552 NDIS - ok
19:05:36.0062 3552 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
19:05:36.0062 3552 NdisCap - ok
19:05:36.0078 3552 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
19:05:36.0078 3552 NdisTapi - ok
19:05:36.0093 3552 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys
19:05:36.0093 3552 Ndisuio - ok
19:05:36.0109 3552 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys
19:05:36.0109 3552 NdisWan - ok
19:05:36.0156 3552 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys
19:05:36.0156 3552 NDProxy - ok
19:05:36.0171 3552 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
19:05:36.0171 3552 NetBIOS - ok
19:05:36.0203 3552 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys
19:05:36.0203 3552 NetBT - ok
19:05:36.0234 3552 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
19:05:36.0234 3552 nfrd960 - ok
19:05:36.0265 3552 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
19:05:36.0265 3552 Npfs - ok
19:05:36.0281 3552 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
19:05:36.0281 3552 nsiproxy - ok
19:05:36.0328 3552 Ntfs (187002ce05693c306f43c873f821381f) C:\Windows\system32\drivers\Ntfs.sys
19:05:36.0343 3552 Ntfs - ok
19:05:36.0375 3552 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
19:05:36.0375 3552 Null - ok
19:05:36.0406 3552 nvraid (f1b0bed906f97e16f6d0c3629d2f21c6) C:\Windows\system32\drivers\nvraid.sys
19:05:36.0406 3552 nvraid - ok
19:05:36.0437 3552 nvstor (4520b63899e867f354ee012d34e11536) C:\Windows\system32\drivers\nvstor.sys
19:05:36.0437 3552 nvstor - ok
19:05:36.0484 3552 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys
19:05:36.0484 3552 nv_agp - ok
19:05:36.0500 3552 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys
19:05:36.0500 3552 ohci1394 - ok
19:05:36.0546 3552 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
19:05:36.0546 3552 Parport - ok
19:05:36.0562 3552 partmgr (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys
19:05:36.0562 3552 partmgr - ok
19:05:36.0593 3552 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
19:05:36.0593 3552 Parvdm - ok
19:05:36.0609 3552 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys
19:05:36.0609 3552 pci - ok
19:05:36.0640 3552 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys
19:05:36.0640 3552 pciide - ok
19:05:36.0656 3552 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
19:05:36.0656 3552 pcmcia - ok
19:05:36.0687 3552 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
19:05:36.0687 3552 pcw - ok
19:05:36.0781 3552 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
19:05:36.0796 3552 PEAUTH - ok
19:05:36.0890 3552 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
19:05:36.0890 3552 PptpMiniport - ok
19:05:36.0984 3552 prl_boot (80a9573f1718c2c9f148b3d860e295d8) C:\Windows\system32\Drivers\prl_boot.sys
19:05:36.0984 3552 prl_boot - ok
19:05:37.0000 3552 prl_dd (0b7bdbcfcbcf01f106c8b5f7242bbfd9) C:\Windows\system32\DRIVERS\prl_kmdd.sys
19:05:37.0000 3552 prl_dd - ok
19:05:37.0031 3552 prl_eth5 (63db22aa5f9d14749404b642c8408085) C:\Windows\system32\DRIVERS\prl_eth5.sys
19:05:37.0031 3552 prl_eth5 - ok
19:05:37.0046 3552 prl_fs (4a1202105cef8aeaa04c2389b3e9dfad) C:\Windows\system32\DRIVERS\prl_fs.sys
19:05:37.0046 3552 prl_fs - ok
19:05:37.0078 3552 prl_memdev (e9e74fb242aa8f101d249ac39d522773) C:\Program Files\Parallels\Parallels Tools\Drivers\prl_memdev\prl_memdev.sys
19:05:37.0078 3552 prl_memdev - ok
19:05:37.0109 3552 prl_mouf (a61ece73bcf6bfce848ce577f1d0cee5) C:\Windows\system32\DRIVERS\prl_mouf.sys
19:05:37.0125 3552 prl_mouf - ok
19:05:37.0140 3552 prl_pv32 (858114006dcda62964bdcafa4df794d1) C:\Windows\system32\DRIVERS\prl_pv32.sys
19:05:37.0140 3552 prl_pv32 - ok
19:05:37.0203 3552 prl_tg (cb02a9b02741a3f77f9362f7201aca56) C:\Windows\system32\DRIVERS\prl_tg.sys
19:05:37.0203 3552 prl_tg - ok
19:05:37.0234 3552 prl_time (a88a7cc809d54dca07c27de235f84645) C:\Windows\system32\drivers\prl_time.sys
19:05:37.0234 3552 prl_time - ok
19:05:37.0265 3552 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
19:05:37.0265 3552 Processor - ok
19:05:37.0296 3552 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
19:05:37.0296 3552 Psched - ok
19:05:37.0359 3552 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
19:05:37.0375 3552 ql2300 - ok
19:05:37.0390 3552 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
19:05:37.0406 3552 ql40xx - ok
19:05:37.0421 3552 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
19:05:37.0421 3552 QWAVEdrv - ok
19:05:37.0437 3552 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
19:05:37.0437 3552 RasAcd - ok
19:05:37.0468 3552 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
19:05:37.0468 3552 RasAgileVpn - ok
19:05:37.0484 3552 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:05:37.0484 3552 Rasl2tp - ok
19:05:37.0515 3552 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
19:05:37.0515 3552 RasPppoe - ok
19:05:37.0531 3552 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
19:05:37.0531 3552 RasSstp - ok
19:05:37.0546 3552 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys
19:05:37.0562 3552 rdbss - ok
19:05:37.0593 3552 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
19:05:37.0593 3552 rdpbus - ok
19:05:37.0609 3552 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:05:37.0609 3552 RDPCDD - ok
19:05:37.0640 3552 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
19:05:37.0640 3552 RDPENCDD - ok
19:05:37.0656 3552 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
19:05:37.0656 3552 RDPREFMP - ok
19:05:37.0687 3552 RDPWD (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys
19:05:37.0687 3552 RDPWD - ok
19:05:37.0703 3552 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys
19:05:37.0703 3552 rdyboost - ok
19:05:37.0750 3552 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
19:05:37.0750 3552 rspndr - ok
19:05:37.0781 3552 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys
19:05:37.0781 3552 sbp2port - ok
19:05:37.0812 3552 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys
19:05:37.0812 3552 scfilter - ok
19:05:37.0859 3552 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
19:05:37.0859 3552 secdrv - ok
19:05:37.0890 3552 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
19:05:37.0890 3552 Serenum - ok
19:05:37.0921 3552 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
19:05:37.0921 3552 Serial - ok
19:05:37.0937 3552 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
19:05:37.0937 3552 sermouse - ok
19:05:37.0968 3552 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys
19:05:37.0968 3552 sffdisk - ok
19:05:38.0000 3552 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys
19:05:38.0000 3552 sffp_mmc - ok
19:05:38.0015 3552 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) C:\Windows\system32\DRIVERS\sffp_sd.sys
19:05:38.0015 3552 sffp_sd - ok
19:05:38.0031 3552 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
19:05:38.0031 3552 sfloppy - ok
19:05:38.0062 3552 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys
19:05:38.0062 3552 sisagp - ok
19:05:38.0078 3552 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:05:38.0078 3552 SiSRaid2 - ok
19:05:38.0093 3552 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
19:05:38.0093 3552 SiSRaid4 - ok
19:05:38.0125 3552 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
19:05:38.0125 3552 Smb - ok
19:05:38.0156 3552 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
19:05:38.0156 3552 spldr - ok
19:05:38.0203 3552 sptd (cdddec541bc3c96f91ecb48759673505) C:\Windows\system32\Drivers\sptd.sys
19:05:38.0203 3552 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
19:05:38.0203 3552 sptd ( LockedFile.Multi.Generic ) - warning
19:05:38.0203 3552 sptd - detected LockedFile.Multi.Generic (1)
19:05:38.0234 3552 srv (c4a027b8c0bd3fc0699f41fa5e9e0c87) C:\Windows\system32\DRIVERS\srv.sys
19:05:38.0234 3552 srv - ok
19:05:38.0296 3552 srv2 (414bb592cad8a79649d01f9d94318fb3) C:\Windows\system32\DRIVERS\srv2.sys
19:05:38.0296 3552 srv2 - ok
19:05:38.0328 3552 srvnet (ff207d67700aa18242aaf985d3e7d8f4) C:\Windows\system32\DRIVERS\srvnet.sys
19:05:38.0328 3552 srvnet - ok
19:05:38.0375 3552 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
19:05:38.0375 3552 stexstor - ok
19:05:38.0406 3552 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
19:05:38.0406 3552 swenum - ok
19:05:38.0453 3552 Tcpip (56c198ac82efa622dd93e9e43575f79c) C:\Windows\system32\drivers\tcpip.sys
19:05:38.0468 3552 Tcpip - ok
19:05:38.0500 3552 TCPIP6 (56c198ac82efa622dd93e9e43575f79c) C:\Windows\system32\DRIVERS\tcpip.sys
19:05:38.0515 3552 TCPIP6 - ok
19:05:38.0593 3552 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys
19:05:38.0593 3552 tcpipreg - ok
19:05:38.0609 3552 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys
19:05:38.0609 3552 TDPIPE - ok
19:05:38.0640 3552 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers\tdtcp.sys
19:05:38.0640 3552 TDTCP - ok
19:05:38.0656 3552 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys
19:05:38.0656 3552 tdx - ok
19:05:38.0671 3552 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys
19:05:38.0671 3552 TermDD - ok
19:05:38.0718 3552 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:05:38.0718 3552 tssecsrv - ok
19:05:38.0750 3552 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys
19:05:38.0750 3552 tunnel - ok
19:05:38.0765 3552 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
19:05:38.0765 3552 uagp35 - ok
19:05:38.0812 3552 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys
19:05:38.0812 3552 udfs - ok
19:05:38.0843 3552 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys
19:05:38.0859 3552 uliagpkx - ok
19:05:38.0875 3552 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys
19:05:38.0875 3552 umbus - ok
19:05:38.0890 3552 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
19:05:38.0890 3552 UmPass - ok
19:05:38.0953 3552 usbccgp (c31ae588e403042632dc796cf09e30b0) C:\Windows\system32\drivers\usbccgp.sys
19:05:38.0953 3552 usbccgp - ok
19:05:38.0984 3552 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys
19:05:38.0984 3552 usbcir - ok
19:05:39.0000 3552 usbehci (e4c436d914768ce965d5e659ba7eebd8) C:\Windows\system32\DRIVERS\usbehci.sys
19:05:39.0000 3552 usbehci - ok
19:05:39.0015 3552 usbhub (bdcd7156ec37448f08633fd899823620) C:\Windows\system32\DRIVERS\usbhub.sys
19:05:39.0031 3552 usbhub - ok
19:05:39.0062 3552 usbohci (eb2d819a639015253c871cda09d91d58) C:\Windows\system32\drivers\usbohci.sys
19:05:39.0062 3552 usbohci - ok
19:05:39.0078 3552 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
19:05:39.0078 3552 usbprint - ok
19:05:39.0109 3552 USBSTOR (1c4287739a93594e57e2a9e6a3ed7353) C:\Windows\system32\drivers\USBSTOR.SYS
19:05:39.0109 3552 USBSTOR - ok
19:05:39.0140 3552 usbuhci (22480bf4e5a09192e5e30ba4dde79fa4) C:\Windows\system32\DRIVERS\usbuhci.sys
19:05:39.0140 3552 usbuhci - ok
19:05:39.0156 3552 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys
19:05:39.0156 3552 vdrvroot - ok
19:05:39.0203 3552 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
19:05:39.0203 3552 vga - ok
19:05:39.0234 3552 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
19:05:39.0234 3552 VgaSave - ok
19:05:39.0250 3552 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys
19:05:39.0250 3552 vhdmp - ok
19:05:39.0265 3552 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys
19:05:39.0265 3552 viaagp - ok
19:05:39.0296 3552 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
19:05:39.0296 3552 ViaC7 - ok
19:05:39.0312 3552 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys
19:05:39.0312 3552 viaide - ok
19:05:39.0328 3552 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys
19:05:39.0328 3552 volmgr - ok
19:05:39.0359 3552 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
19:05:39.0359 3552 volmgrx - ok
19:05:39.0390 3552 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys
19:05:39.0390 3552 volsnap - ok
19:05:39.0421 3552 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
19:05:39.0421 3552 vsmraid - ok
19:05:39.0437 3552 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
19:05:39.0437 3552 vwifibus - ok
19:05:39.0468 3552 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
19:05:39.0468 3552 WacomPen - ok
19:05:39.0484 3552 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
19:05:39.0484 3552 WANARP - ok
19:05:39.0500 3552 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
19:05:39.0500 3552 Wanarpv6 - ok
19:05:39.0546 3552 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
19:05:39.0546 3552 Wd - ok
19:05:39.0578 3552 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
19:05:39.0578 3552 Wdf01000 - ok
19:05:39.0640 3552 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
19:05:39.0640 3552 WfpLwf - ok
19:05:39.0656 3552 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
19:05:39.0656 3552 WIMMount - ok
19:05:39.0734 3552 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys
19:05:39.0734 3552 WmiAcpi - ok
19:05:39.0781 3552 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
19:05:39.0781 3552 ws2ifsl - ok
19:05:39.0828 3552 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
19:05:39.0828 3552 WudfPf - ok
19:05:39.0875 3552 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
19:05:39.0890 3552 \Device\Harddisk0\DR0 - ok
19:05:39.0890 3552 Boot (0x1200) (85679e917ba42105dd421de6ff3ed71a) \Device\Harddisk0\DR0\Partition0
19:05:39.0890 3552 \Device\Harddisk0\DR0\Partition0 - ok
19:05:39.0906 3552 ============================================================
19:05:39.0906 3552 Scan finished
19:05:39.0906 3552 ============================================================
19:05:39.0921 3468 Detected object count: 1
19:05:39.0921 3468 Actual detected object count: 1
19:08:54.0812 3468 sptd ( LockedFile.Multi.Generic ) - skipped by user
19:08:54.0812 3468 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
19:09:27.0656 2452 Deinitialize success

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:38 AM

Posted 17 November 2011 - 01:25 PM

This is good. You are OK>
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,932 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:05:38 AM

Posted 19 November 2011 - 10:10 PM

(By the way, the scan ran extremely quickly, scanning only around 250 files; is this supposed to happen?)

TDSSKiller is a specialized tool created by Kaspersky specifically for TDSS rootkit infections so it only checks those locations (i.e. infected/patched/forged files in the Windows drivers folder and the Master Boot Record) the rootkit is commonly found. It was not intended to be used as a general purpose malware scanner like SuperAntispyware or Malwarebytes Anti-Malware which scan individual drives or different folders on a computer for viruses.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users