Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

hidden hackers have got my computer


  • Please log in to reply
18 replies to this topic

#1 Guest_dxpoo_*

Guest_dxpoo_*

  • Guests
  • OFFLINE
  •  

Posted 28 November 2011 - 04:39 PM

Ok, i was just playing an online game, i left 2 tabs open, my hotmail (which is my current email im using now) and my online game account (aeria games if you want to know) and suddenly the game closed and on google chrome (my browser that i use) a message came something like are you dead or something and then my computer restarted and my email password had been changed and so had my online game account, i have tried a malware scan wotj malwarebytes(i didnt go on safe mode) and when it finished it said the logs have been lost and it wouldnt let me quarantine, after i went onto safe mode and try to do a virus scan with malwarebytes nothing would show up, so i think they have like hid them selves from the scanner, i have no idea what has happened, so now i am writing this on safe mode with networking prompt.
Every account i log onto they seem to change the password instantly, i tried getting my hotmail account back with another email but they changed the password for that to.

Please help me,

Thank you
dxpoo

BC AdBot (Login to Remove)

 


#2 Guest_dxpoo_*

Guest_dxpoo_*

  • Guests
  • OFFLINE
  •  

Posted 02 December 2011 - 04:16 PM

ok, i got my email and my account back for the online game, done like 3 scans and a small can with windows defender (idk just a basic scan or something, not full i dont think) i done 1 with malwarebytes thank fully, and removed 3 threats, i will post logs if requested, i done another with 10bit malware fighter which removed 2, i had to stop the scan 1 time since i had to go and then carried it on the next day, 1st mini scan on 10bit removed 1 threat, the next full scan removed another threat (it didnt get picked up in the time i done my 1st scan with it since i had to go after a bit) and the 3rd scan i done with microsoft security or something its a optional update with windows vista.

Im not sure if i am able to provide logs for each virus scan, if you need them could you please tell me how to get the logs.

I am just unsure if all hacking tools etc are out of my computer and not on my internet either.

Thank you,
dxpoo.

#3 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md

Posted 02 December 2011 - 04:20 PM

Please post the logs.The logs are in the logs tab on Malwarebytes.

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,898 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA

Posted 02 December 2011 - 04:23 PM

Hello,Post that MBAm log and run these pease.

The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.


Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.




Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
Be sure to download TDSSKiller.exe (2.6.11.0) from Kaspersky's website and not TDSSKiller.zip which appears to be an older version 2.3.2.2 of the tool.
  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.


If TDSSKiller does not run, try renaming it. To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to these[/color] instructions. In some cases it may be necessary to redownload TDSSKiller and randomly rename it before downloading and saving to the computer.




I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Under scan settings, check Posted Image and check Remove found threats
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image


[color="#8B0000"]NOTE: In some instances if no malware is found there will be no log produced.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 Guest_dxpoo_*

Guest_dxpoo_*

  • Guests
  • OFFLINE
  •  

Posted 02 December 2011 - 05:18 PM

ok, during the TDSSkiller, it found 1 object, a locked file, it does not give me a cure option, it gives me delete, skip and copy to quarantine.
I am not sure which option to select, so il give you malware logs and the toolbox logs, i will do ESET scanner now,
malwarebytes logs:


Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 8260

Windows 6.0.6002 Service Pack 2
Internet Explorer 9.0.8112.16421

30/11/2011 13:05:56
mbam-log-2011-11-30 (13-05-56).txt

Scan type: Full scan (C:\|D:\|F:\|)
Objects scanned: 297126
Time elapsed: 53 minute(s), 15 second(s)

Memory Processes Infected: 2
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
c:\Windows\System32\WinDir\Svchost.exe (Trojan.Agent) -> 4432 -> Unloaded process successfully.
c:\Windows\System32\WinDir\Svchost.exe (Trojan.Agent) -> 4440 -> Unloaded process successfully.

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\Windows\System32\WinDir\Svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.





toolbox logs:


MiniToolBox by Farbar
Ran by Arjann (administrator) on 02-12-2011 at 21:58:49
Windows Vista ™ Home Premium Service Pack 2 (X86)

***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller = Local Area Connection (Media disconnected)
Intel® Wireless WiFi Link 5100 = Wireless Network Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Arjann-Laptop
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : cable.virginmedia.net
Description . . . . . . . . . . . : Intel® Wireless WiFi Link 5100
Physical Address. . . . . . . . . : 00-22-FA-77-2F-3E
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : cable.virginmedia.net
Description . . . . . . . . . . . : Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller
Physical Address. . . . . . . . . : 00-1E-33-1E-24-5F
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.cable.virginmedia.net
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 14:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 6TO4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 127.0.0.1

Ping request could not find host google.com. Please check the name and try again.

Server: UnKnown
Address: 127.0.0.1

Ping request could not find host yahoo.com. Please check the name and try again.

Server: UnKnown
Address: 127.0.0.1

Ping request could not find host bleepingcomputer.com. Please check the name and try again.



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
11 ...00 22 fa 77 2f 3e ...... Intel® Wireless WiFi Link 5100
10 ...00 1e 33 1e 24 5f ...... Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller
1 ........................... Software Loopback Interface 1
12 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
17 ...00 00 00 00 00 00 00 e0 isatap.cable.virginmedia.net
15 ...00 00 00 00 00 00 00 e0 6TO4 Adapter
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
1 306 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 07 C:\Windows\system32\wshbth.dll [34304] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 32 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 33 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (12/02/2011 09:25:59 PM) (Source: Application Hang) (User: )
Description: The program aeriaignite.exe version 1.2.362.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: ba0
Start Time: 01ccb138d7b9ffd6
Termination Time: 94

Error: (12/02/2011 09:25:16 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/01/2011 05:30:24 PM) (Source: IMFservice) (User: )
Description: The handle is invalid

Error: (12/01/2011 05:30:24 PM) (Source: IMFservice) (User: )
Description: The handle is invalid

Error: (12/01/2011 05:08:17 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/01/2011 05:07:15 PM) (Source: IMFservice) (User: )
Description: The handle is invalid

Error: (12/01/2011 04:43:16 PM) (Source: EventSystem) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (12/01/2011 04:40:56 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/01/2011 04:38:29 PM) (Source: IMFservice) (User: )
Description: The handle is invalid

Error: (12/01/2011 04:38:29 PM) (Source: IMFservice) (User: )
Description: The handle is invalid


System errors:
=============
Error: (12/02/2011 09:34:59 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.115.2798.0

Update Source: %NT AUTHORITY59

Update Stage: 3.0.8402.00

Source Path: 3.0.8402.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (12/02/2011 09:25:40 PM) (Source: Service Control Manager) (User: )
Description: Superfetch%%2

Error: (12/01/2011 05:18:10 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.115.2798.0

Update Source: %NT AUTHORITY59

Update Stage: 3.0.8402.00

Source Path: 3.0.8402.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (12/01/2011 05:08:52 PM) (Source: Service Control Manager) (User: )
Description: Superfetch%%2

Error: (12/01/2011 04:49:40 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.115.2798.0

Update Source: %NT AUTHORITY59

Update Stage: 3.0.8402.00

Source Path: 3.0.8402.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (12/01/2011 04:49:40 PM) (Source: DCOM) (User: )
Description: 1084wuauserv{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (12/01/2011 04:43:51 PM) (Source: Service Control Manager) (User: )
Description: Network List ServiceNetwork Location Awareness%%1068

Error: (12/01/2011 04:43:51 PM) (Source: DCOM) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (12/01/2011 04:43:51 PM) (Source: DCOM) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (12/01/2011 04:43:51 PM) (Source: Service Control Manager) (User: )
Description: Network List ServiceNetwork Location Awareness%%1068


Microsoft Office Sessions:
=========================
Error: (12/02/2011 09:25:59 PM) (Source: Application Hang)(User: )
Description: aeriaignite.exe1.2.362.0ba001ccb138d7b9ffd694

Error: (12/02/2011 09:25:16 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/01/2011 05:30:24 PM) (Source: IMFservice)(User: )
Description: The handle is invalid

Error: (12/01/2011 05:30:24 PM) (Source: IMFservice)(User: )
Description: The handle is invalid

Error: (12/01/2011 05:08:17 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/01/2011 05:07:15 PM) (Source: IMFservice)(User: )
Description: The handle is invalid

Error: (12/01/2011 04:43:16 PM) (Source: EventSystem)(User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (12/01/2011 04:40:56 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/01/2011 04:38:29 PM) (Source: IMFservice)(User: )
Description: The handle is invalid

Error: (12/01/2011 04:38:29 PM) (Source: IMFservice)(User: )
Description: The handle is invalid


=========================== Installed Programs ============================

?ท???? Online (Version: 3.0.0.10)
Acer Crystal Eye Webcam 3.0.6.3 (Version: 3.0.6.3)
Acer eAudio Management (Version: 3.0.3008)
Acer Empowering Technology (Version: 3.0.3009)
Acer ePower Management (Version: 3.0.3014)
Acer eRecovery Management (Version: 3.0.3014)
Acer eSettings Management (Version: 3.0.3011)
Acer Mobility Center Plug-In (Version: 3.0.3000)
Acer Product Registration (Version: 3.0.0.10)
Acer ScreenSaver (Version: 1.13.1301)
Acer VCM (Version: 3.2.3002)
Acrobat.com (Version: 0.0.0)
Acrobat.com (Version: 1.1.377)
Adobe AIR (Version: 3.0.0.4080)
Adobe Flash Player 10 ActiveX (Version: 10.2.153.1)
Adobe Flash Player 10 Plugin (Version: 10.2.159.1)
Adobe Reader X (10.0.1) (Version: 10.0.1)
Adobe Shockwave Player 11.5 (Version: 11.5.9.620)
Advanced SystemCare 4 (Version: 4.2.0)
Aeria Ignite (Version: 1.2.362)
Akamai NetSession Interface
ASIO4ALL
Atheros Communications Inc.® AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver (Version: 1.0.0.30)
ตTorrent (Version: 2.0.0)
Auslogics Disk Defrag (Version: version 3.1)
Auslogics Registry Cleaner (Version: version 2.0)
Bandicam
Bandisoft MPEG-1 Decoder
Blender (Version: 2.60a-release)
CCleaner (Version: 3.12)
D3DX10 (Version: 15.4.2368.0902)
Defraggler (Version: 2.02)
‚ย‚๑šƒf‚๊I `‚ี‚ษ‚ใ‚ี‚่‚d‚w`
ˆล–้ƒgฏƒm–ป“yŠู `‚ี‚ษ‚ใ‚ี‚่XX`
ESET Online Scanner v3
Fraps (remove only)
Free YouTube Download 3 version 3.0.10.722
Free YouTube Download version 3.0.16.923
Free YouTube to MP3 Converter version 3.10.11.923
Game Booster 3 (Version: 3.0)
ŒŽ–พ‚่‚ฬƒ‰ƒYƒxƒŠƒB `‚ย‚๑šƒf‚๊‡U`1.00 (Version: 1.00)
Intel® PROSet/Wireless WiFi Software (Version: 12.00.0004)
Intelฎ Matrix Storage Manager
IObit Malware Fighter (Version: 1.0)
Japanese Fonts Support For Adobe Reader 9 (Version: 9.0.0)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 29 (Version: 6.0.290)
JMicron JMB38X Flash Media Controller (Version: 1.00.12.07)
Launch Manager
LibUSB-Win32-0.1.10.1 (Version: 0.1.10.1)
LightScribe 1.4.142.1 (Version: 1.4.142.1)
Malwarebytes' Anti-Malware version 1.51.2.1300 (Version: 1.51.2.1300)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Antimalware (Version: 3.0.8402.2)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft AppLocale (Version: 1.0.0)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (Version: 3.5.30730.0)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.88.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft Office Suite Activation Assistant (Version: 2.9)
Microsoft Security Client (Version: 2.1.1116.0)
Microsoft Security Essentials (Version: 2.1.1116.0)
Microsoft Silverlight (Version: 4.0.60831.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Windows Application Compatibility Database
Microsoft Works (Version: 08.05.0818)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Microsoft XNA Framework Redistributable 4.0 (Version: 4.0.20823.0)
MSVCRT Redists (Version: 1.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NTI Backup Now 5 (Version: 5.1.2.606)
NTI Backup Now Standard (Version: 5.1.2.606)
NTI Media Maker 8 (Version: 8.0.2.6329)
NVIDIA Display Control Panel (Version: 6.14.12.5896)
NVIDIA Drivers (Version: 1.10.62.40)
NVIDIA PhysX (Version: 9.10.0224)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
Protected Folder
Quantum Conflict (Version: 1.0.2)
Realtek High Definition Audio Driver (Version: 6.0.1.5618)
SixaxisDriver 0.91
Skype™ 5.5 (Version: 5.5.124)
SnagIt 5 (Version: 5.0)
Spelling Dictionaries Support For Adobe Reader 9 (Version: 9.0.0)
Steam (Version: 1.0.0.0)
STREET FIGHTER IV (Version: 1.00.3013)
Synaptics Pointing Device Driver (Version: 10.2.4.1)
System Requirements Lab
Uninstall 1.0.0.1
USB2.0 Capture Device (Version: 1.0.3.0)
Validity Sensors software (Version: 2.8.116)
VC80CRTRedist - 8.0.50727.4053 (Version: 1.1.0)
Ventrilo Client (Version: 3.0.8)
Virgin Media Service Manager 3.7.47 (Version: 3.7.47)
WIDCOMM Bluetooth Software 6.0.1.5000 (Version: 6.0.1.5000)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
WinRAR archiver

========================= Memory info: ===================================

Percentage of memory in use: 36%
Total physical RAM: 3068.03 MB
Available physical RAM: 1947.13 MB
Total Pagefile: 8970.3 MB
Available Pagefile: 7879.35 MB
Total Virtual: 2047.88 MB
Available Virtual: 1933.66 MB

========================= Partitions: =====================================

1 Drive c: (ACER) (Fixed) (Total:144.04 GB) (Free:36.24 GB) NTFS
2 Drive d: (DATA) (Fixed) (Total:137.5 GB) (Free:135.8 GB) NTFS
3 Drive e: () (Removable) (Total:0.98 GB) (Free:0.32 GB) FAT

========================= Users: ========================================

User accounts for \\ARJANN-LAPTOP

Administrator Arjann Guest

========================= Minidump Files ==================================

No minidump file found

**** End of log ****

#6 Guest_dxpoo_*

Guest_dxpoo_*

  • Guests
  • OFFLINE
  •  

Posted 02 December 2011 - 07:13 PM

Sorry, i am unable to post the rest of the logs today, tommorow i will post what is needed (the ESET logs) i am still un sure on the TDSSkiller thing.

Thank you
dxpoo

#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,898 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:22 PM

Posted 02 December 2011 - 08:12 PM

To be safe do this so I can see the log.

skip and copy to quarantine

These 3 items are in your Installed list,do they mean anything to you?
‚‚ñšƒf‚êI `‚Õ‚É‚ã‚Õ‚è‚d‚w`
ˆÅ–éƒg¯ƒm–»“yŠÙ `‚Õ‚É‚ã‚Õ‚èXX`
ŒŽ–¾‚è‚̃‰ƒYƒxƒŠƒB `‚‚ñšƒf‚ê‡U`1.00 (Version: 1.00)


If not can you uninstall them from the Control panel if they exist there.

If not there can you do a file search and see if they come up/.

Edited by boopme, 02 December 2011 - 08:17 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 Guest_dxpoo_*

Guest_dxpoo_*

  • Guests
  • OFFLINE
  •  

Posted 03 December 2011 - 09:50 AM

Yes i am familiar with those items, it was in a different language but i dont think i have the language pack for them so it came up in gibberish text. Nothing harmful from it, its just another game.

And i re done the TDSSkiller thing but it didnt find anything, when it done the scan last time i think it was on skip or delete im not sure and i clicked the red X in top right corner (to close it, i was expecting it to not do any action but it seems it did)

i will do the ESET scan now. Tell me if i should do anything about the TDSSkiller thing if i need to. I will reply in my next post with the ESET logs.

Thank you
dxpoo

#9 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:10:22 AM

Posted 03 December 2011 - 01:06 PM

Yes perform the ESET Scan, then run TDSSKiller and post both logs.

#10 Guest_dxpoo_*

Guest_dxpoo_*

  • Guests
  • OFFLINE
  •  

Posted 03 December 2011 - 01:11 PM

C:\Users\Arjann\AppData\Roaming\a.exe a variant of MSIL/Injector.MT trojan cleaned by deleting - quarantined
C:\Users\Arjann\Downloads\SUPERsetup (1).exe Win32/OpenCandy application deleted - quarantined


There is the ESET logs, i am unable to find the TDSSkiller logs.
Is there anything else i need to go?

Thank you
dxpoo

#11 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md

Posted 03 December 2011 - 01:26 PM

The TDSS Logs should be in the root of Drive C via My Computer. They should start with a TDSSKiller.2.6.21.0_willbedifferent_log.txt

#12 Guest_dxpoo_*

Guest_dxpoo_*

  • Guests
  • OFFLINE
  •  

Posted 03 December 2011 - 02:36 PM

ok, i have 2 logs of the 2st time i done them, so here are the 2 logs i done yesturday....


22:06:03.0551 1876 TDSS rootkit removing tool 2.6.21.0 Nov 24 2011 12:32:44
22:06:03.0597 1876 ============================================================
22:06:03.0597 1876 Current date / time: 2011/12/02 22:06:03.0597
22:06:03.0597 1876 SystemInfo:
22:06:03.0597 1876
22:06:03.0597 1876 OS Version: 6.0.6002 ServicePack: 2.0
22:06:03.0597 1876 Product type: Workstation
22:06:03.0597 1876 ComputerName: ARJANN-LAPTOP
22:06:03.0597 1876 UserName: Arjann
22:06:03.0597 1876 Windows directory: C:\Windows
22:06:03.0597 1876 System windows directory: C:\Windows
22:06:03.0597 1876 Processor architecture: Intel x86
22:06:03.0597 1876 Number of processors: 2
22:06:03.0597 1876 Page size: 0x1000
22:06:03.0597 1876 Boot type: Normal boot
22:06:03.0597 1876 ============================================================
22:06:04.0237 1876 Initialize success
22:06:13.0940 5300 Deinitialize success




the other log:






22:06:23.0501 1456 TDSS rootkit removing tool 2.6.21.0 Nov 24 2011 12:32:44
22:06:23.0563 1456 ============================================================
22:06:23.0563 1456 Current date / time: 2011/12/02 22:06:23.0563
22:06:23.0563 1456 SystemInfo:
22:06:23.0563 1456
22:06:23.0563 1456 OS Version: 6.0.6002 ServicePack: 2.0
22:06:23.0563 1456 Product type: Workstation
22:06:23.0563 1456 ComputerName: ARJANN-LAPTOP
22:06:23.0563 1456 UserName: Arjann
22:06:23.0563 1456 Windows directory: C:\Windows
22:06:23.0563 1456 System windows directory: C:\Windows
22:06:23.0563 1456 Processor architecture: Intel x86
22:06:23.0563 1456 Number of processors: 2
22:06:23.0563 1456 Page size: 0x1000
22:06:23.0563 1456 Boot type: Normal boot
22:06:23.0563 1456 ============================================================
22:06:24.0234 1456 Initialize success
22:06:47.0743 2724 ============================================================
22:06:47.0743 2724 Scan started
22:06:47.0743 2724 Mode: Manual;
22:06:47.0743 2724 ============================================================
22:06:47.0946 2724 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
22:06:47.0946 2724 ACPI - ok
22:06:47.0993 2724 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
22:06:47.0993 2724 adp94xx - ok
22:06:48.0040 2724 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
22:06:48.0040 2724 adpahci - ok
22:06:48.0055 2724 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
22:06:48.0055 2724 adpu160m - ok
22:06:48.0102 2724 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
22:06:48.0102 2724 adpu320 - ok
22:06:48.0164 2724 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
22:06:48.0180 2724 AFD - ok
22:06:48.0227 2724 AgereSoftModem (38325c6aa8eae011897d61ce48ec6435) C:\Windows\system32\DRIVERS\AGRSM.sys
22:06:48.0258 2724 AgereSoftModem - ok
22:06:48.0289 2724 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
22:06:48.0289 2724 agp440 - ok
22:06:48.0305 2724 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
22:06:48.0305 2724 aic78xx - ok
22:06:48.0352 2724 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
22:06:48.0352 2724 aliide - ok
22:06:48.0383 2724 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
22:06:48.0383 2724 amdagp - ok
22:06:48.0414 2724 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
22:06:48.0414 2724 amdide - ok
22:06:48.0445 2724 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
22:06:48.0445 2724 AmdK7 - ok
22:06:48.0476 2724 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
22:06:48.0476 2724 AmdK8 - ok
22:06:48.0508 2724 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
22:06:48.0523 2724 arc - ok
22:06:48.0539 2724 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
22:06:48.0539 2724 arcsas - ok
22:06:48.0601 2724 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
22:06:48.0601 2724 AsyncMac - ok
22:06:48.0632 2724 atapi (2d9c903dc76a66813d350a562de40ed9) C:\Windows\system32\drivers\atapi.sys
22:06:48.0632 2724 atapi - ok
22:06:48.0679 2724 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
22:06:48.0679 2724 Beep - ok
22:06:48.0710 2724 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
22:06:48.0710 2724 blbdrive - ok
22:06:48.0742 2724 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
22:06:48.0742 2724 bowser - ok
22:06:48.0773 2724 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
22:06:48.0773 2724 BrFiltLo - ok
22:06:48.0788 2724 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
22:06:48.0804 2724 BrFiltUp - ok
22:06:48.0835 2724 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
22:06:48.0835 2724 Brserid - ok
22:06:48.0866 2724 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
22:06:48.0866 2724 BrSerWdm - ok
22:06:48.0898 2724 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
22:06:48.0898 2724 BrUsbMdm - ok
22:06:48.0929 2724 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
22:06:48.0929 2724 BrUsbSer - ok
22:06:48.0960 2724 BthEnum (6d39c954799b63ba866910234cf7d726) C:\Windows\system32\DRIVERS\BthEnum.sys
22:06:48.0960 2724 BthEnum - ok
22:06:49.0007 2724 BTHMODEM (9a966a8e86d1771911ae34a20d11bff3) C:\Windows\system32\DRIVERS\bthmodem.sys
22:06:49.0007 2724 BTHMODEM - ok
22:06:49.0038 2724 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys
22:06:49.0038 2724 BthPan - ok
22:06:49.0100 2724 BthPort (611ff3f2f095c8d4a6d4cfd9dcc09793) C:\Windows\system32\Drivers\BTHport.sys
22:06:49.0116 2724 BthPort - ok
22:06:49.0147 2724 BTHUSB (d330803eab2a15caec7f011f1d4cb30e) C:\Windows\system32\Drivers\BTHUSB.sys
22:06:49.0147 2724 BTHUSB - ok
22:06:49.0194 2724 btwaudio (636f45a8500c1438cfa7dee15fc5c184) C:\Windows\system32\drivers\btwaudio.sys
22:06:49.0194 2724 btwaudio - ok
22:06:49.0241 2724 btwavdt (bf9256ff01b093a5d90bb7a35ec90410) C:\Windows\system32\drivers\btwavdt.sys
22:06:49.0241 2724 btwavdt - ok
22:06:49.0272 2724 btwrchid (0ab8c1ac177afb27309e1072faf34a37) C:\Windows\system32\DRIVERS\btwrchid.sys
22:06:49.0288 2724 btwrchid - ok
22:06:49.0319 2724 BVRPMPR5 (248dfa5762dde38dfddbbd44149e9d7a) C:\Windows\system32\drivers\BVRPMPR5.SYS
22:06:49.0319 2724 BVRPMPR5 - ok
22:06:49.0350 2724 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
22:06:49.0350 2724 cdfs - ok
22:06:49.0397 2724 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
22:06:49.0397 2724 cdrom - ok
22:06:49.0428 2724 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\DRIVERS\circlass.sys
22:06:49.0428 2724 circlass - ok
22:06:49.0490 2724 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
22:06:49.0490 2724 CLFS - ok
22:06:49.0506 2724 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
22:06:49.0506 2724 CmBatt - ok
22:06:49.0537 2724 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
22:06:49.0553 2724 cmdide - ok
22:06:49.0584 2724 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
22:06:49.0584 2724 Compbatt - ok
22:06:49.0615 2724 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
22:06:49.0615 2724 crcdisk - ok
22:06:49.0646 2724 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
22:06:49.0646 2724 Crusoe - ok
22:06:49.0693 2724 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
22:06:49.0693 2724 DfsC - ok
22:06:49.0740 2724 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
22:06:49.0740 2724 disk - ok
22:06:49.0771 2724 DKbFltr (73baf270d24fe726b9cd7f80bb17a23d) C:\Windows\system32\DRIVERS\DKbFltr.sys
22:06:49.0771 2724 DKbFltr - ok
22:06:49.0818 2724 DritekPortIO (5c918d413f5837e67a85775c9873775e) C:\PROGRA~1\LAUNCH~1\DPortIO.sys
22:06:49.0818 2724 DritekPortIO - ok
22:06:49.0849 2724 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
22:06:49.0849 2724 drmkaud - ok
22:06:49.0880 2724 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
22:06:49.0880 2724 DXGKrnl - ok
22:06:49.0912 2724 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
22:06:49.0912 2724 E1G60 - ok
22:06:49.0927 2724 EagleNT - ok
22:06:49.0943 2724 EagleXNt - ok
22:06:49.0974 2724 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
22:06:49.0990 2724 Ecache - ok
22:06:50.0036 2724 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
22:06:50.0036 2724 elxstor - ok
22:06:50.0068 2724 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
22:06:50.0068 2724 ErrDev - ok
22:06:50.0130 2724 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
22:06:50.0130 2724 exfat - ok
22:06:50.0177 2724 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
22:06:50.0177 2724 fastfat - ok
22:06:50.0208 2724 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
22:06:50.0208 2724 fdc - ok
22:06:50.0255 2724 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
22:06:50.0255 2724 FileInfo - ok
22:06:50.0348 2724 FileMonitor (8a231081166d912d5ef4e525f5a1cb7b) C:\Program Files\IObit\IObit Malware Fighter\Drivers\wlh_x86\FileMonitor.sys
22:06:50.0348 2724 FileMonitor - ok
22:06:50.0380 2724 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
22:06:50.0380 2724 Filetrace - ok
22:06:50.0411 2724 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
22:06:50.0411 2724 flpydisk - ok
22:06:50.0458 2724 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
22:06:50.0473 2724 FltMgr - ok
22:06:50.0489 2724 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
22:06:50.0489 2724 Fs_Rec - ok
22:06:50.0520 2724 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
22:06:50.0520 2724 gagp30kx - ok
22:06:50.0551 2724 hamachi (833051c6c6c42117191935f734cfbd97) C:\Windows\system32\DRIVERS\hamachi.sys
22:06:50.0551 2724 hamachi - ok
22:06:50.0582 2724 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
22:06:50.0598 2724 HdAudAddService - ok
22:06:50.0645 2724 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
22:06:50.0660 2724 HDAudBus - ok
22:06:50.0692 2724 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
22:06:50.0692 2724 HidBth - ok
22:06:50.0723 2724 HidIr (d8df3722d5e961baa1292aa2f12827e2) C:\Windows\system32\DRIVERS\hidir.sys
22:06:50.0723 2724 HidIr - ok
22:06:50.0770 2724 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
22:06:50.0770 2724 HidUsb - ok
22:06:50.0801 2724 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
22:06:50.0801 2724 HpCISSs - ok
22:06:50.0848 2724 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
22:06:50.0863 2724 HTTP - ok
22:06:50.0879 2724 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
22:06:50.0879 2724 i2omp - ok
22:06:50.0894 2724 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
22:06:50.0910 2724 i8042prt - ok
22:06:50.0941 2724 iaStor (707c1692214b1c290271067197f075f6) C:\Windows\system32\DRIVERS\iaStor.sys
22:06:50.0941 2724 iaStor - ok
22:06:50.0972 2724 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
22:06:50.0972 2724 iaStorV - ok
22:06:50.0988 2724 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
22:06:50.0988 2724 iirsp - ok
22:06:51.0035 2724 int15 (4d8d5b1c895ea0f2a721b98a7ce198f1) C:\Windows\system32\drivers\int15.sys
22:06:51.0035 2724 int15 - ok
22:06:51.0128 2724 IntcAzAudAddService (219ca9a36d6de2ec04f958c907673436) C:\Windows\system32\drivers\RTKVHDA.sys
22:06:51.0144 2724 IntcAzAudAddService - ok
22:06:51.0175 2724 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
22:06:51.0175 2724 intelide - ok
22:06:51.0191 2724 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
22:06:51.0206 2724 intelppm - ok
22:06:51.0222 2724 IpInIp - ok
22:06:51.0238 2724 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
22:06:51.0238 2724 IPMIDRV - ok
22:06:51.0269 2724 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
22:06:51.0269 2724 IPNAT - ok
22:06:51.0300 2724 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
22:06:51.0300 2724 IRENUM - ok
22:06:51.0331 2724 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
22:06:51.0331 2724 isapnp - ok
22:06:51.0378 2724 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
22:06:51.0378 2724 iScsiPrt - ok
22:06:51.0394 2724 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
22:06:51.0409 2724 iteatapi - ok
22:06:51.0440 2724 itecir (80d07fe783a3ac5a0acc0ccdbd26c851) C:\Windows\system32\DRIVERS\itecir.sys
22:06:51.0440 2724 itecir - ok
22:06:51.0472 2724 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
22:06:51.0472 2724 iteraid - ok
22:06:51.0503 2724 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
22:06:51.0503 2724 kbdclass - ok
22:06:51.0518 2724 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
22:06:51.0518 2724 kbdhid - ok
22:06:51.0565 2724 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
22:06:51.0565 2724 KSecDD - ok
22:06:51.0596 2724 L1E (24abddeb766c8459f9d562eb083b6cb8) C:\Windows\system32\DRIVERS\L1E60x86.sys
22:06:51.0596 2724 L1E - ok
22:06:51.0643 2724 libusb0 (d1598203b19b4922531a8bd6811547f7) C:\Windows\system32\DRIVERS\libusb0.sys
22:06:51.0659 2724 libusb0 - ok
22:06:51.0690 2724 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
22:06:51.0690 2724 lltdio - ok
22:06:51.0721 2724 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
22:06:51.0721 2724 LSI_FC - ok
22:06:51.0752 2724 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
22:06:51.0752 2724 LSI_SAS - ok
22:06:51.0784 2724 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
22:06:51.0799 2724 LSI_SCSI - ok
22:06:51.0815 2724 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
22:06:51.0815 2724 luafv - ok
22:06:51.0846 2724 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
22:06:51.0862 2724 megasas - ok
22:06:51.0893 2724 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
22:06:51.0893 2724 MegaSR - ok
22:06:51.0924 2724 mferkdk (db75c83e3e57037390b7b4392bca5481) C:\Windows\system32\drivers\mferkdk.sys
22:06:51.0924 2724 mferkdk - ok
22:06:51.0971 2724 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
22:06:51.0986 2724 Modem - ok
22:06:52.0002 2724 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
22:06:52.0002 2724 monitor - ok
22:06:52.0018 2724 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
22:06:52.0018 2724 mouclass - ok
22:06:52.0033 2724 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
22:06:52.0033 2724 mouhid - ok
22:06:52.0064 2724 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
22:06:52.0064 2724 MountMgr - ok
22:06:52.0111 2724 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\Windows\system32\DRIVERS\MpFilter.sys
22:06:52.0111 2724 MpFilter - ok
22:06:52.0158 2724 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
22:06:52.0158 2724 mpio - ok
22:06:52.0314 2724 MpKslc6c6ebbe (5f53edfead46fa7adb78eee9ecce8fdf) C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0C619401-1C2B-4696-BB1F-1E61CC27D3DF}\MpKslc6c6ebbe.sys
22:06:52.0314 2724 MpKslc6c6ebbe - ok
22:06:52.0423 2724 MpNWMon (2c3489660d4a8d514c123c3f0d67df46) C:\Windows\system32\DRIVERS\MpNWMon.sys
22:06:52.0423 2724 MpNWMon - ok
22:06:52.0470 2724 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
22:06:52.0470 2724 mpsdrv - ok
22:06:52.0486 2724 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
22:06:52.0501 2724 Mraid35x - ok
22:06:52.0532 2724 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
22:06:52.0532 2724 MRxDAV - ok
22:06:52.0564 2724 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
22:06:52.0564 2724 mrxsmb - ok
22:06:52.0610 2724 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:06:52.0610 2724 mrxsmb10 - ok
22:06:52.0626 2724 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:06:52.0642 2724 mrxsmb20 - ok
22:06:52.0673 2724 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
22:06:52.0673 2724 msahci - ok
22:06:52.0704 2724 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
22:06:52.0704 2724 msdsm - ok
22:06:52.0735 2724 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
22:06:52.0735 2724 Msfs - ok
22:06:52.0766 2724 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
22:06:52.0766 2724 msisadrv - ok
22:06:52.0798 2724 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
22:06:52.0798 2724 MSKSSRV - ok
22:06:52.0844 2724 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
22:06:52.0844 2724 MSPCLOCK - ok
22:06:52.0876 2724 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
22:06:52.0876 2724 MSPQM - ok
22:06:52.0922 2724 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
22:06:52.0922 2724 MsRPC - ok
22:06:52.0954 2724 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
22:06:52.0954 2724 mssmbios - ok
22:06:52.0985 2724 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
22:06:52.0985 2724 MSTEE - ok
22:06:53.0000 2724 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
22:06:53.0000 2724 Mup - ok
22:06:53.0047 2724 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
22:06:53.0047 2724 NativeWifiP - ok
22:06:53.0094 2724 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
22:06:53.0094 2724 NDIS - ok
22:06:53.0110 2724 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
22:06:53.0125 2724 NdisTapi - ok
22:06:53.0141 2724 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
22:06:53.0141 2724 Ndisuio - ok
22:06:53.0172 2724 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
22:06:53.0172 2724 NdisWan - ok
22:06:53.0188 2724 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
22:06:53.0203 2724 NDProxy - ok
22:06:53.0219 2724 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
22:06:53.0219 2724 NetBIOS - ok
22:06:53.0266 2724 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
22:06:53.0281 2724 netbt - ok
22:06:53.0422 2724 NETw5v32 (e559ea9138c77b5d1fda8c558764a25f) C:\Windows\system32\DRIVERS\NETw5v32.sys
22:06:53.0515 2724 NETw5v32 - ok
22:06:53.0546 2724 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
22:06:53.0546 2724 nfrd960 - ok
22:06:53.0593 2724 NisDrv (7b01c6172cfd0b10116175e09200d4b4) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
22:06:53.0593 2724 NisDrv - ok
22:06:53.0640 2724 NLNdisMP - ok
22:06:53.0656 2724 NLNdisPT - ok
22:06:53.0687 2724 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
22:06:53.0687 2724 Npfs - ok
22:06:53.0734 2724 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
22:06:53.0734 2724 nsiproxy - ok
22:06:53.0796 2724 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
22:06:53.0858 2724 Ntfs - ok
22:06:53.0874 2724 NTIDrvr (2757d2ba59aee155209e24942ab127c9) C:\Windows\system32\DRIVERS\NTIDrvr.sys
22:06:53.0890 2724 NTIDrvr - ok
22:06:53.0921 2724 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
22:06:53.0921 2724 ntrigdigi - ok
22:06:53.0952 2724 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
22:06:53.0952 2724 Null - ok
22:06:53.0983 2724 NVHDA (b4f70fac4ea61cf150823aa063a39ff9) C:\Windows\system32\drivers\nvhda32v.sys
22:06:53.0983 2724 NVHDA - ok
22:06:54.0264 2724 nvlddmkm (377140a534d013bd661c69f1741de43c) C:\Windows\system32\DRIVERS\nvlddmkm.sys
22:06:54.0326 2724 nvlddmkm - ok
22:06:54.0420 2724 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
22:06:54.0420 2724 nvraid - ok
22:06:54.0451 2724 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
22:06:54.0451 2724 nvstor - ok
22:06:54.0482 2724 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
22:06:54.0498 2724 nv_agp - ok
22:06:54.0498 2724 NwlnkFlt - ok
22:06:54.0514 2724 NwlnkFwd - ok
22:06:54.0545 2724 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
22:06:54.0545 2724 ohci1394 - ok
22:06:54.0576 2724 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
22:06:54.0592 2724 Parport - ok
22:06:54.0638 2724 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
22:06:54.0638 2724 partmgr - ok
22:06:54.0654 2724 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
22:06:54.0670 2724 Parvdm - ok
22:06:54.0701 2724 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
22:06:54.0701 2724 pci - ok
22:06:54.0732 2724 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
22:06:54.0732 2724 pciide - ok
22:06:54.0763 2724 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
22:06:54.0763 2724 pcmcia - ok
22:06:54.0826 2724 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
22:06:54.0857 2724 PEAUTH - ok
22:06:54.0935 2724 PfFilter (56652af63296e1b0304162c5e7db5faf) C:\Program Files\IObit\Protected Folder\pffilter.sys
22:06:54.0935 2724 PfFilter - ok
22:06:55.0106 2724 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
22:06:55.0106 2724 PptpMiniport - ok
22:06:55.0138 2724 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
22:06:55.0138 2724 Processor - ok
22:06:55.0184 2724 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
22:06:55.0184 2724 PSched - ok
22:06:55.0200 2724 PSDFilter (628321c8dd76ad369b362b202e655a68) C:\Windows\system32\DRIVERS\psdfilter.sys
22:06:55.0200 2724 PSDFilter - ok
22:06:55.0231 2724 PSDNServ (79d7117e62709c7690cf3dd55acead37) C:\Windows\system32\DRIVERS\PSDNServ.sys
22:06:55.0231 2724 PSDNServ - ok
22:06:55.0247 2724 psdvdisk (cae5e82827990cf4bd4a49576bde3a43) C:\Windows\system32\DRIVERS\PSDVdisk.sys
22:06:55.0247 2724 psdvdisk - ok
22:06:55.0294 2724 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
22:06:55.0325 2724 ql2300 - ok
22:06:55.0372 2724 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
22:06:55.0387 2724 ql40xx - ok
22:06:55.0403 2724 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
22:06:55.0403 2724 QWAVEdrv - ok
22:06:55.0418 2724 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
22:06:55.0418 2724 RasAcd - ok
22:06:55.0450 2724 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
22:06:55.0450 2724 Rasl2tp - ok
22:06:55.0496 2724 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
22:06:55.0496 2724 RasPppoe - ok
22:06:55.0512 2724 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
22:06:55.0512 2724 RasSstp - ok
22:06:55.0543 2724 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
22:06:55.0543 2724 rdbss - ok
22:06:55.0590 2724 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
22:06:55.0590 2724 RDPCDD - ok
22:06:55.0621 2724 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
22:06:55.0621 2724 rdpdr - ok
22:06:55.0637 2724 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
22:06:55.0637 2724 RDPENCDD - ok
22:06:55.0684 2724 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
22:06:55.0699 2724 RDPWD - ok
22:06:55.0808 2724 RegFilter (6799a96873bf74f5c640b02ca04aa50c) C:\Program Files\IObit\IObit Malware Fighter\drivers\wlh_x86\regfilter.sys
22:06:55.0808 2724 RegFilter - ok
22:06:55.0949 2724 RFCOMM (6482707f9f4da0ecbab43b2e0398a101) C:\Windows\system32\DRIVERS\rfcomm.sys
22:06:55.0949 2724 RFCOMM - ok
22:06:56.0011 2724 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
22:06:56.0011 2724 rspndr - ok
22:06:56.0042 2724 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
22:06:56.0042 2724 sbp2port - ok
22:06:56.0089 2724 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
22:06:56.0089 2724 secdrv - ok
22:06:56.0120 2724 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
22:06:56.0120 2724 Serenum - ok
22:06:56.0152 2724 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
22:06:56.0152 2724 Serial - ok
22:06:56.0183 2724 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
22:06:56.0198 2724 sermouse - ok
22:06:56.0261 2724 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
22:06:56.0261 2724 sffdisk - ok
22:06:56.0276 2724 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
22:06:56.0292 2724 sffp_mmc - ok
22:06:56.0323 2724 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
22:06:56.0323 2724 sffp_sd - ok
22:06:56.0354 2724 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
22:06:56.0354 2724 sfloppy - ok
22:06:56.0386 2724 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
22:06:56.0386 2724 sisagp - ok
22:06:56.0401 2724 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
22:06:56.0401 2724 SiSRaid2 - ok
22:06:56.0432 2724 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
22:06:56.0432 2724 SiSRaid4 - ok
22:06:56.0479 2724 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
22:06:56.0479 2724 Smb - ok
22:06:56.0526 2724 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
22:06:56.0526 2724 spldr - ok
22:06:56.0573 2724 sptd (f42efefb765235f24b24e1d2b6f99f46) C:\Windows\System32\Drivers\sptd.sys
22:06:56.0573 2724 Suspicious file (NoAccess): C:\Windows\System32\Drivers\sptd.sys. md5: f42efefb765235f24b24e1d2b6f99f46
22:06:56.0573 2724 sptd ( LockedFile.Multi.Generic ) - warning
22:06:56.0573 2724 sptd - detected LockedFile.Multi.Generic (1)
22:06:56.0604 2724 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
22:06:56.0620 2724 srv - ok
22:06:56.0651 2724 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
22:06:56.0651 2724 srv2 - ok
22:06:56.0682 2724 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
22:06:56.0682 2724 srvnet - ok
22:06:56.0744 2724 StkAMini (69a926dbca12046633e3d6e6d46e7087) C:\Windows\system32\Drivers\StkAMini.sys
22:06:56.0744 2724 StkAMini - ok
22:06:56.0791 2724 StkScan (83406fb18cb0abfec501add986d63572) C:\Windows\system32\Drivers\StkScan.sys
22:06:56.0807 2724 StkScan - ok
22:06:56.0822 2724 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
22:06:56.0822 2724 swenum - ok
22:06:56.0854 2724 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
22:06:56.0869 2724 Symc8xx - ok
22:06:56.0900 2724 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
22:06:56.0900 2724 Sym_hi - ok
22:06:56.0932 2724 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
22:06:56.0932 2724 Sym_u3 - ok
22:06:56.0978 2724 SynTP (93d33a3a0a4516584a1394c7821bae2e) C:\Windows\system32\DRIVERS\SynTP.sys
22:06:56.0978 2724 SynTP - ok
22:06:57.0041 2724 Tcpip (16731b631f28f63cd9f4cb60940e7ddd) C:\Windows\system32\drivers\tcpip.sys
22:06:57.0056 2724 Tcpip - ok
22:06:57.0119 2724 Tcpip6 (16731b631f28f63cd9f4cb60940e7ddd) C:\Windows\system32\DRIVERS\tcpip.sys
22:06:57.0119 2724 Tcpip6 - ok
22:06:57.0150 2724 tcpipreg (3fc13f09af9be487c7b4fac4070a036c) C:\Windows\system32\drivers\tcpipreg.sys
22:06:57.0150 2724 tcpipreg - ok
22:06:57.0181 2724 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
22:06:57.0181 2724 TDPIPE - ok
22:06:57.0212 2724 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
22:06:57.0212 2724 TDTCP - ok
22:06:57.0259 2724 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
22:06:57.0259 2724 tdx - ok
22:06:57.0290 2724 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
22:06:57.0290 2724 TermDD - ok
22:06:57.0337 2724 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
22:06:57.0337 2724 tssecsrv - ok
22:06:57.0353 2724 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
22:06:57.0353 2724 tunmp - ok
22:06:57.0368 2724 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
22:06:57.0384 2724 tunnel - ok
22:06:57.0400 2724 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
22:06:57.0400 2724 uagp35 - ok
22:06:57.0431 2724 UBHelper (f763e070843ee2803de1395002b42938) C:\Windows\system32\drivers\UBHelper.sys
22:06:57.0446 2724 UBHelper - ok
22:06:57.0493 2724 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
22:06:57.0493 2724 udfs - ok
22:06:57.0540 2724 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
22:06:57.0540 2724 uliagpkx - ok
22:06:57.0571 2724 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
22:06:57.0571 2724 uliahci - ok
22:06:57.0602 2724 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
22:06:57.0602 2724 UlSata - ok
22:06:57.0634 2724 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
22:06:57.0634 2724 ulsata2 - ok
22:06:57.0665 2724 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
22:06:57.0665 2724 umbus - ok
22:06:57.0790 2724 UrlFilter (115d1fc230548904dea317867c924c4a) C:\Program Files\IObit\IObit Malware Fighter\drivers\wlh_x86\UrlFilter.sys
22:06:57.0790 2724 UrlFilter - ok
22:06:57.0868 2724 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
22:06:57.0868 2724 usbaudio - ok
22:06:57.0899 2724 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
22:06:57.0899 2724 usbccgp - ok
22:06:57.0946 2724 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
22:06:57.0946 2724 usbcir - ok
22:06:57.0992 2724 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
22:06:57.0992 2724 usbehci - ok
22:06:58.0008 2724 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
22:06:58.0008 2724 usbhub - ok
22:06:58.0039 2724 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
22:06:58.0039 2724 usbohci - ok
22:06:58.0070 2724 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
22:06:58.0070 2724 usbprint - ok
22:06:58.0117 2724 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
22:06:58.0117 2724 usbscan - ok
22:06:58.0164 2724 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:06:58.0164 2724 USBSTOR - ok
22:06:58.0180 2724 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
22:06:58.0180 2724 usbuhci - ok
22:06:58.0211 2724 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
22:06:58.0211 2724 usbvideo - ok
22:06:58.0258 2724 vfs101x (4d45a93a7dd638ca2db0a86fbfbf42d1) C:\Windows\system32\drivers\vfs101x.sys
22:06:58.0258 2724 vfs101x - ok
22:06:58.0289 2724 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
22:06:58.0289 2724 vga - ok
22:06:58.0320 2724 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
22:06:58.0336 2724 VgaSave - ok
22:06:58.0367 2724 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
22:06:58.0367 2724 viaagp - ok
22:06:58.0414 2724 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
22:06:58.0414 2724 ViaC7 - ok
22:06:58.0445 2724 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
22:06:58.0445 2724 viaide - ok
22:06:58.0460 2724 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
22:06:58.0460 2724 volmgr - ok
22:06:58.0523 2724 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
22:06:58.0523 2724 volmgrx - ok
22:06:58.0554 2724 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
22:06:58.0570 2724 volsnap - ok
22:06:58.0585 2724 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
22:06:58.0601 2724 vsmraid - ok
22:06:58.0632 2724 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
22:06:58.0648 2724 WacomPen - ok
22:06:58.0663 2724 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
22:06:58.0679 2724 Wanarp - ok
22:06:58.0679 2724 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
22:06:58.0679 2724 Wanarpv6 - ok
22:06:58.0726 2724 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
22:06:58.0741 2724 Wd - ok
22:06:58.0788 2724 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
22:06:58.0788 2724 Wdf01000 - ok
22:06:58.0897 2724 WinUSB (676f4b665bdd8053eaa53ac1695b8074) C:\Windows\system32\DRIVERS\WinUSB.sys
22:06:58.0897 2724 WinUSB - ok
22:06:58.0960 2724 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
22:06:58.0960 2724 WmiAcpi - ok
22:06:59.0022 2724 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
22:06:59.0022 2724 ws2ifsl - ok
22:06:59.0084 2724 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
22:06:59.0084 2724 WUDFRd - ok
22:06:59.0131 2724 MBR (0x1B8) (bb9d3a6a13c5010348da7c900bb6af50) \Device\Harddisk0\DR0
22:06:59.0287 2724 \Device\Harddisk0\DR0 - ok
22:06:59.0287 2724 MBR (0x1B8) (ddae9d649db12f6aff24483f2c298989) \Device\Harddisk1\DR3
22:06:59.0303 2724 \Device\Harddisk1\DR3 - ok
22:06:59.0350 2724 Boot (0x1200) (726694548a6cf739c51048094fb68a4d) \Device\Harddisk0\DR0\Partition0
22:06:59.0350 2724 \Device\Harddisk0\DR0\Partition0 - ok
22:06:59.0365 2724 Boot (0x1200) (5b142dc0ef14fe27e82e89f059c76b0a) \Device\Harddisk0\DR0\Partition1
22:06:59.0365 2724 \Device\Harddisk0\DR0\Partition1 - ok
22:06:59.0381 2724 Boot (0x1200) (83909b830885872de9b23101c2a6d19b) \Device\Harddisk1\DR3\Partition0
22:06:59.0381 2724 \Device\Harddisk1\DR3\Partition0 - ok
22:06:59.0381 2724 ============================================================
22:06:59.0381 2724 Scan finished
22:06:59.0381 2724 ============================================================
22:06:59.0381 6036 Detected object count: 1
22:06:59.0381 6036 Actual detected object count: 1
22:14:28.0224 6036 HKLM\SYSTEM\ControlSet001\services\sptd - will be deleted on reboot
22:14:28.0286 6036 HKLM\SYSTEM\ControlSet002\services\sptd - will be deleted on reboot
22:14:28.0302 6036 C:\Windows\System32\Drivers\sptd.sys - will be deleted on reboot
22:14:28.0302 6036 sptd ( LockedFile.Multi.Generic ) - User select action: Delete
22:14:49.0019 2912 Deinitialize success





Thank you

dxpoo

#13 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,898 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA

Posted 03 December 2011 - 09:32 PM

You're welcome. How is it runnning now??
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#14 Guest_dxpoo_*

Guest_dxpoo_*

  • Guests
  • OFFLINE
  •  

Posted 04 December 2011 - 07:46 AM

Hmm, seems to be running smoothly, but i am unsure on 2 things,

1: i am not sure what this start up program is:

Posted Image


Posted Image

i am not sure what that is, do you have any ideas?

2: how can i tell if hackers are on my internet? i am not sure if they are or not, would a simple like reset of the router be fine? and just unplugging the internet for like 30 seconds?

Thank you for your patience and help,
dxpoo.

#15 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:10:22 AM

Posted 04 December 2011 - 01:50 PM

About CCleaner:

Bleeping Computer DOES NOT recommend the use of registry cleaners/optimizers for several reasons:

• Registry cleaners are extremely powerful applications that can damage the registry by using aggressive cleaning routines and cause your computer to become unbootable.

The Windows registry is a central repository (database) for storing configuration data, user settings and machine-dependent settings, and options for the operating system. It contains information and settings for all hardware, software, users, and preferences. Whenever a user makes changes to settings, file associations, system policies, or installed software, the changes are reflected and stored in this repository. The registry is a crucial component because it is where Windows "remembers" all this information, how it works together, how Windows boots the system and what files it uses when it does. The registry is also a vulnerable subsystem, in that relatively small changes done incorrectly can render the system inoperable. For a more detailed explanation, read Understanding The Registry.

• Not all registry cleaners are created equal. There are a number of them available but they do not all work entirely the same way. Each vendor uses different criteria as to what constitutes a "bad entry". One cleaner may find entries on your system that will not cause problems when removed, another may not find the same entries, and still another may want to remove entries required for a program to work.

• Not all registry cleaners create a backup of the registry before making changes. If the changes prevent the system from booting up, then there is no backup available to restore it in order to regain functionality. A backup of the registry is essential BEFORE making any changes to the registry.

• Improperly removing registry entries can hamper malware disinfection and make the removal process more difficult if your computer becomes infected. For example, removing malware related registry entries before the infection is properly identified can contribute to system instability and even make the malware undetectable to removal tools.

• The usefulness of cleaning the registry is highly overrated and can be dangerous. In most cases, using a cleaner to remove obsolete, invalid, and erroneous entries does not affect system performance but it can result in "unpredictable results".

Unless you have a particular problem that requires a registry edit to correct it, I would suggest you leave the registry alone. Using registry cleaning tools unnecessarily or incorrectly could lead to disastrous effects on your operating system such as preventing it from ever starting again. For routine use, the benefits to your computer are negligible while the potential risks are great.

That circled item is in relation to your realtek audio sound card.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users