Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Generic30.bbue


  • Please log in to reply
10 replies to this topic

#1 kkort

kkort

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:02:53 AM

Posted 11 December 2012 - 10:44 AM

Hi,

Yesterday, AVG started popping up that I have been infected with a trojan horse called Generic30.bbue in C:\ProgramData\Browser Manager\2.5.976.107\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exe and C:\ProgramData\Browser Manager\2.5.976.107\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.exe.

I have run multiple scans which have detected 2 files but they keep coming back. What can I do?

Edited by kkort, 11 December 2012 - 10:45 AM.


BC AdBot (Login to Remove)

 


#2 Jimbob85

Jimbob85

  • Members
  • 308 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:VA, USA
  • Local time:05:53 AM

Posted 11 December 2012 - 02:17 PM

Please post any logs that you have. It sounds like you may have a Rootkit, it it is regenerating it's self.

Please Download Tdsskiller

Run TDSSKiller.exe
Click on Change Parameters
Put a check in the box of Detect TDLFS file system
Start scan
When it is finished the utility outputs a list of detected objects with descriptions:
The utility automatically selects an action (Cure or Delete) for malicious objects and asks you what to do with suspicious objects (Skip, by default)
Just stick with the default options and click Continue
If it wants to reboot please allow it to do so and let me know
Click on Report and post the contents of the text file that will open

By default, the utility outputs the log into system disk (it is usually the disk where the operating system is installed, C:\) root folder. The Log will have a name like: TDSSKiller.Version_Date_Time_log.txt.




Please Download Malwarebytes AKA MBAM

Update Malwarebytes via the update tab.
Run a full scan
When the scan finnishes please select Remove Selected and make sure all of the boxs are checked
Please post the results

The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
Copy and paste the contents of that report in your next reply. Be sure to post the complete log to
include the top portion which shows MBAM's database version and your operating system.

#3 kkort

kkort
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:02:53 AM

Posted 11 December 2012 - 02:28 PM

TdssKiller Report
11:24:46.0904 5240 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
11:24:47.0434 5240 ============================================================
11:24:47.0434 5240 Current date / time: 2012/12/11 11:24:47.0434
11:24:47.0434 5240 SystemInfo:
11:24:47.0434 5240
11:24:47.0434 5240 OS Version: 6.0.6002 ServicePack: 2.0
11:24:47.0434 5240 Product type: Workstation
11:24:47.0434 5240 ComputerName: KATIE-PC
11:24:47.0435 5240 UserName: Katie
11:24:47.0435 5240 Windows directory: C:\Windows
11:24:47.0435 5240 System windows directory: C:\Windows
11:24:47.0435 5240 Running under WOW64
11:24:47.0435 5240 Processor architecture: Intel x64
11:24:47.0435 5240 Number of processors: 2
11:24:47.0435 5240 Page size: 0x1000
11:24:47.0435 5240 Boot type: Normal boot
11:24:47.0435 5240 ============================================================
11:24:48.0588 5240 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:24:48.0597 5240 ============================================================
11:24:48.0597 5240 \Device\Harddisk0\DR0:
11:24:48.0599 5240 MBR partitions:
11:24:48.0599 5240 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x23CCF800
11:24:48.0600 5240 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x23CD0000, BlocksNum 0x175D000
11:24:48.0600 5240 ============================================================
11:24:48.0624 5240 C: <-> \Device\Harddisk0\DR0\Partition1
11:24:48.0672 5240 D: <-> \Device\Harddisk0\DR0\Partition2
11:24:48.0672 5240 ============================================================
11:24:48.0672 5240 Initialize success
11:24:48.0672 5240 ============================================================
11:24:58.0757 5052 ============================================================
11:24:58.0757 5052 Scan started
11:24:58.0757 5052 Mode: Manual; TDLFS;
11:24:58.0757 5052 ============================================================
11:24:59.0657 5052 ================ Scan system memory ========================
11:24:59.0657 5052 System memory - ok
11:24:59.0658 5052 ================ Scan services =============================
11:24:59.0824 5052 [ 426E0E8127BAC7D5DDEE8251F104E053 ] AbsoluteNotifier C:\Program Files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifierService.exe
11:24:59.0824 5052 AbsoluteNotifier - ok
11:24:59.0933 5052 [ 60FBB29CCCE48B4C3A6517CAF42C3496 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
11:24:59.0934 5052 Accelerometer - ok
11:24:59.0992 5052 [ 1965AAFFAB07E3FB03C77F81BEBA3547 ] ACPI C:\Windows\system32\drivers\acpi.sys
11:24:59.0996 5052 ACPI - ok
11:25:00.0091 5052 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:25:00.0093 5052 AdobeFlashPlayerUpdateSvc - ok
11:25:00.0131 5052 [ F14215E37CF124104575073F782111D2 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
11:25:00.0138 5052 adp94xx - ok
11:25:00.0159 5052 [ 7D05A75E3066861A6610F7EE04FF085C ] adpahci C:\Windows\system32\drivers\adpahci.sys
11:25:00.0162 5052 adpahci - ok
11:25:00.0185 5052 [ 820A201FE08A0C345B3BEDBC30E1A77C ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
11:25:00.0186 5052 adpu160m - ok
11:25:00.0201 5052 [ 9B4AB6854559DC168FBB4C24FC52E794 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
11:25:00.0203 5052 adpu320 - ok
11:25:00.0286 5052 [ 96D6CDD0B32846E8CFBE592F4F32E608 ] AdvancedSystemCareService5 C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe
11:25:00.0292 5052 AdvancedSystemCareService5 - ok
11:25:00.0313 5052 [ 0F421175574BFE0BF2F4D8E910A253BB ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
11:25:00.0314 5052 AeLookupSvc - ok
11:25:00.0364 5052 [ 6CCD1135320109D6B219F1A6E04AD9F6 ] Afc C:\Windows\syswow64\drivers\Afc.sys
11:25:00.0365 5052 Afc - ok
11:25:00.0421 5052 [ C4F6CE6087760AD70960C9EB130E7943 ] AFD C:\Windows\system32\drivers\afd.sys
11:25:00.0424 5052 AFD - ok
11:25:00.0461 5052 [ 734088CB57AEA704CA716C1C6BC5E0E6 ] AgereModemAudio C:\Program Files\LSI SoftModem\agr64svc.exe
11:25:00.0462 5052 AgereModemAudio - ok
11:25:00.0502 5052 [ 70E15CDA25E151DFC60636EF73F5A7BE ] AgereSoftModem C:\Windows\system32\DRIVERS\agrsm64.sys
11:25:00.0510 5052 AgereSoftModem - ok
11:25:00.0531 5052 [ F6F6793B7F17B550ECFDBD3B229173F7 ] agp440 C:\Windows\system32\drivers\agp440.sys
11:25:00.0531 5052 agp440 - ok
11:25:00.0551 5052 [ 222CB641B4B8A1D1126F8033F9FD6A00 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
11:25:00.0552 5052 aic78xx - ok
11:25:00.0575 5052 [ 5922F4F59B7868F3D74BBBBEB7B825A3 ] ALG C:\Windows\System32\alg.exe
11:25:00.0576 5052 ALG - ok
11:25:00.0597 5052 [ E0CA5BB8E6C79533DC6B1DA7361A201E ] aliide C:\Windows\system32\drivers\aliide.sys
11:25:00.0597 5052 aliide - ok
11:25:00.0611 5052 [ 7034F8D1B9703D711D3F92C95DEB377D ] amdide C:\Windows\system32\drivers\amdide.sys
11:25:00.0612 5052 amdide - ok
11:25:00.0629 5052 [ CDC3632A3A5EA4DBB83E46076A3165A1 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
11:25:00.0630 5052 AmdK8 - ok
11:25:00.0666 5052 [ 69D882157E5E4D17D32E30182F945046 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
11:25:00.0668 5052 ApfiltrService - ok
11:25:00.0706 5052 [ 9C37B3FD5615477CB9A0CD116CF43F5C ] Appinfo C:\Windows\System32\appinfo.dll
11:25:00.0707 5052 Appinfo - ok
11:25:00.0757 5052 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:25:00.0758 5052 Apple Mobile Device - ok
11:25:00.0778 5052 [ BA8417D4765F3988FF921F30F630E303 ] arc C:\Windows\system32\drivers\arc.sys
11:25:00.0779 5052 arc - ok
11:25:00.0798 5052 [ 9D41C435619733B34CC16A511E644B11 ] arcsas C:\Windows\system32\drivers\arcsas.sys
11:25:00.0800 5052 arcsas - ok
11:25:00.0820 5052 [ 22D13FF3DAFEC2A80634752B1EAA2DE6 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
11:25:00.0821 5052 AsyncMac - ok
11:25:00.0870 5052 [ E68D9B3A3905619732F7FE039466A623 ] atapi C:\Windows\system32\drivers\atapi.sys
11:25:00.0871 5052 atapi - ok
11:25:00.0906 5052 [ 79318C744693EC983D20E9337A2F8196 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:25:00.0910 5052 AudioEndpointBuilder - ok
11:25:00.0928 5052 [ 79318C744693EC983D20E9337A2F8196 ] AudioSrv C:\Windows\System32\Audiosrv.dll
11:25:00.0932 5052 AudioSrv - ok
11:25:01.0290 5052 [ F6A528DE535396C2FB1A4E3C6F00CEC4 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
11:25:01.0342 5052 AVGIDSAgent - ok
11:25:01.0372 5052 [ 1B2E9FCDC26DC7C81D4131430E2DC936 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
11:25:01.0374 5052 AVGIDSDriver - ok
11:25:01.0405 5052 [ 0F293406F64B48D5D2F0D3A1117F3A83 ] AVGIDSFilter C:\Windows\system32\DRIVERS\avgidsfiltera.sys
11:25:01.0406 5052 AVGIDSFilter - ok
11:25:01.0415 5052 [ CFFC3A4A638F462E0561CB368B9A7A3A ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
11:25:01.0417 5052 AVGIDSHA - ok
11:25:01.0447 5052 [ 221FEBAB02D6C97C95558348CC354A85 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
11:25:01.0450 5052 Avgldx64 - ok
11:25:01.0457 5052 [ A6AEC362AAE5E2DDA7445E7690CB0F33 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
11:25:01.0458 5052 Avgmfx64 - ok
11:25:01.0466 5052 [ 645C7F0A0E39758A0024A9B1748273C0 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
11:25:01.0467 5052 Avgrkx64 - ok
11:25:01.0493 5052 [ F8C3C7ED612A41B05C66358FC9786BFD ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
11:25:01.0496 5052 Avgtdia - ok
11:25:01.0522 5052 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
11:25:01.0524 5052 avgwd - ok
11:25:01.0603 5052 [ 2C91205C43EA45CFE14E9E14E05601AE ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
11:25:01.0620 5052 BCM43XX - ok
11:25:01.0645 5052 [ FFB96C2589FFA60473EAD78B39FBDE29 ] BFE C:\Windows\System32\bfe.dll
11:25:01.0649 5052 BFE - ok
11:25:01.0703 5052 [ 6D316F4859634071CC25C4FD4589AD2C ] BITS C:\Windows\System32\qmgr.dll
11:25:01.0712 5052 BITS - ok
11:25:01.0731 5052 [ 79FEEB40056683F8F61398D81DDA65D2 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
11:25:01.0732 5052 blbdrive - ok
11:25:01.0784 5052 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
11:25:01.0790 5052 Bonjour Service - ok
11:25:01.0816 5052 [ 2348447A80920B2493A9B582A23E81E1 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
11:25:01.0818 5052 bowser - ok
11:25:01.0844 5052 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
11:25:01.0845 5052 BrFiltLo - ok
11:25:01.0859 5052 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
11:25:01.0860 5052 BrFiltUp - ok
11:25:01.0892 5052 [ A1B39DE453433B115B4EA69EE0343816 ] Browser C:\Windows\System32\browser.dll
11:25:01.0894 5052 Browser - ok
11:25:01.0916 5052 [ F0F0BA4D815BE446AA6A4583CA3BCA9B ] Brserid C:\Windows\system32\drivers\brserid.sys
11:25:01.0918 5052 Brserid - ok
11:25:01.0939 5052 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
11:25:01.0940 5052 BrSerWdm - ok
11:25:01.0969 5052 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
11:25:01.0970 5052 BrUsbMdm - ok
11:25:01.0981 5052 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
11:25:01.0982 5052 BrUsbSer - ok
11:25:02.0021 5052 [ 471FF09330A53177BBE9FD6DDF8A8259 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
11:25:02.0022 5052 BthEnum - ok
11:25:02.0045 5052 [ E0777B34E05F8A82A21856EFC900C29F ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
11:25:02.0047 5052 BTHMODEM - ok
11:25:02.0063 5052 [ BEFC5311736B475AC5B60C14FF7C775A ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
11:25:02.0065 5052 BthPan - ok
11:25:02.0096 5052 [ 7D104F22C04A76F0D2F96F789AC07FCB ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
11:25:02.0103 5052 BTHPORT - ok
11:25:02.0131 5052 [ 22E65FFD640F16968F855F5B3528D366 ] BthServ C:\Windows\System32\bthserv.dll
11:25:02.0133 5052 BthServ - ok
11:25:02.0150 5052 [ D9324F0C142267961CE900BFC3798BB1 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
11:25:02.0151 5052 BTHUSB - ok
11:25:02.0182 5052 [ B4D787DB8D30793A4D4DF9FEED18F136 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
11:25:02.0184 5052 cdfs - ok
11:25:02.0237 5052 [ C025AA69BE3D0D25C7A2E746EF6F94FC ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
11:25:02.0240 5052 cdrom - ok
11:25:02.0259 5052 [ 5A268127633C7EE2A7FB87F39D748D56 ] CertPropSvc C:\Windows\System32\certprop.dll
11:25:02.0261 5052 CertPropSvc - ok
11:25:02.0274 5052 [ 02EA568D498BBDD4BA55BF3FCE34D456 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
11:25:02.0275 5052 circlass - ok
11:25:02.0319 5052 [ 3DCA9A18B204939CFB24BEA53E31EB48 ] CLFS C:\Windows\system32\CLFS.sys
11:25:02.0323 5052 CLFS - ok
11:25:02.0383 5052 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:25:02.0384 5052 clr_optimization_v2.0.50727_32 - ok
11:25:02.0681 5052 [ CE07A466201096F021CD09D631B21540 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:25:02.0683 5052 clr_optimization_v2.0.50727_64 - ok
11:25:02.0756 5052 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:25:02.0758 5052 clr_optimization_v4.0.30319_32 - ok
11:25:02.0806 5052 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:25:02.0809 5052 clr_optimization_v4.0.30319_64 - ok
11:25:02.0905 5052 [ B52D9A14CE4101577900A364BA86F3DF ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
11:25:02.0906 5052 CmBatt - ok
11:25:02.0939 5052 [ 8C6AA24C1D7273A02284588426AB8CE3 ] cmdide C:\Windows\system32\drivers\cmdide.sys
11:25:02.0940 5052 cmdide - ok
11:25:03.0229 5052 [ 2F27104F5D6ED63FDAC38CACB9D19DFD ] Com4QLBEx C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
11:25:03.0231 5052 Com4QLBEx - ok
11:25:03.0283 5052 [ 7FB8AD01DB0EABE60C8A861531A8F431 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
11:25:03.0285 5052 Compbatt - ok
11:25:03.0292 5052 COMSysApp - ok
11:25:03.0302 5052 [ A8585B6412253803CE8EFCBD6D6DC15C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
11:25:03.0303 5052 crcdisk - ok
11:25:03.0336 5052 [ CA78B312C44E4D52E842C2C8BD48E452 ] CryptSvc C:\Windows\system32\cryptsvc.dll
11:25:03.0339 5052 CryptSvc - ok
11:25:03.0390 5052 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] DcomLaunch C:\Windows\system32\rpcss.dll
11:25:03.0399 5052 DcomLaunch - ok
11:25:03.0427 5052 [ 8B722BA35205C71E7951CDC4CDBADE19 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
11:25:03.0429 5052 DfsC - ok
11:25:03.0531 5052 [ C647F468F7DE343DF8C143655C5557D4 ] DFSR C:\Windows\system32\DFSR.exe
11:25:03.0566 5052 DFSR - ok
11:25:03.0595 5052 [ 3ED0321127CE70ACDAABBF77E157C2A7 ] Dhcp C:\Windows\System32\dhcpcsvc.dll
11:25:03.0598 5052 Dhcp - ok
11:25:03.0656 5052 [ B0107E40ECDB5FA692EBF832F295D905 ] disk C:\Windows\system32\drivers\disk.sys
11:25:03.0658 5052 disk - ok
11:25:03.0690 5052 [ 06230F1B721494A6DF8D47FD395BB1B0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
11:25:03.0693 5052 Dnscache - ok
11:25:03.0721 5052 [ 1A7156DD1E850E9914E5E991E3225B94 ] dot3svc C:\Windows\System32\dot3svc.dll
11:25:03.0726 5052 dot3svc - ok
11:25:03.0767 5052 [ 74C02B1717740C3B8039539E23E4B53F ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
11:25:03.0769 5052 Dot4 - ok
11:25:03.0782 5052 [ 08321D1860235BF42CF2854234337AEA ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
11:25:03.0783 5052 Dot4Print - ok
11:25:03.0804 5052 [ 4ADCCF0124F2B6911D3786A5D0E779E5 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
11:25:03.0805 5052 dot4usb - ok
11:25:03.0841 5052 [ 1583B39790DB3EAEC7EDB0CB0140C708 ] DPS C:\Windows\system32\dps.dll
11:25:03.0844 5052 DPS - ok
11:25:03.0896 5052 [ F1A78A98CFC2EE02144C6BEC945447E6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
11:25:03.0897 5052 drmkaud - ok
11:25:03.0960 5052 [ B8E554E502D5123BC111F99D6A2181B4 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
11:25:03.0970 5052 DXGKrnl - ok
11:25:04.0012 5052 [ 264CEE7B031A9D6C827F3D0CB031F2FE ] E1G60 C:\Windows\system32\DRIVERS\E1G6032E.sys
11:25:04.0015 5052 E1G60 - ok
11:25:04.0047 5052 [ C2303883FD9BE49DC36A6400643002EA ] EapHost C:\Windows\System32\eapsvc.dll
11:25:04.0049 5052 EapHost - ok
11:25:04.0081 5052 [ 5F94962BE5A62DB6E447FF6470C4F48A ] Ecache C:\Windows\system32\drivers\ecache.sys
11:25:04.0083 5052 Ecache - ok
11:25:04.0144 5052 [ 14CE384D2E27B64C256BDA4DC39C312D ] ehRecvr C:\Windows\ehome\ehRecvr.exe
11:25:04.0150 5052 ehRecvr - ok
11:25:04.0163 5052 [ B93159C1313D66FDFBBE876F5189CD52 ] ehSched C:\Windows\ehome\ehsched.exe
11:25:04.0165 5052 ehSched - ok
11:25:04.0188 5052 [ F5EE2527D74449868E3C3227A59BCD28 ] ehstart C:\Windows\ehome\ehstart.dll
11:25:04.0190 5052 ehstart - ok
11:25:04.0226 5052 [ C4636D6E10469404AB5308D9FD45ED07 ] elxstor C:\Windows\system32\drivers\elxstor.sys
11:25:04.0232 5052 elxstor - ok
11:25:04.0272 5052 [ A9B18B63A4FD6BAAB83326706D857FAB ] EMDMgmt C:\Windows\system32\emdmgmt.dll
11:25:04.0277 5052 EMDMgmt - ok
11:25:04.0308 5052 [ CD0C80E5E9A9BF8DD145F43713D77993 ] enecir C:\Windows\system32\DRIVERS\enecir.sys
11:25:04.0309 5052 enecir - ok
11:25:04.0333 5052 [ BC3A58E938BB277E46BF4B3003B01ABD ] ErrDev C:\Windows\system32\drivers\errdev.sys
11:25:04.0335 5052 ErrDev - ok
11:25:04.0392 5052 [ E12F22B73F153DECE721CD45EC05B4AF ] EventSystem C:\Windows\system32\es.dll
11:25:04.0396 5052 EventSystem - ok
11:25:04.0440 5052 [ 486844F47B6636044A42454614ED4523 ] exfat C:\Windows\system32\drivers\exfat.sys
11:25:04.0443 5052 exfat - ok
11:25:04.0476 5052 [ 1A4BEE34277784619DDAF0422C0C6E23 ] fastfat C:\Windows\system32\drivers\fastfat.sys
11:25:04.0478 5052 fastfat - ok
11:25:04.0508 5052 [ 81B79B6DF71FA1D2C6D688D830616E39 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
11:25:04.0509 5052 fdc - ok
11:25:04.0539 5052 [ BB9267ACACD8B7533DD936C34A0CBA5E ] fdPHost C:\Windows\system32\fdPHost.dll
11:25:04.0540 5052 fdPHost - ok
11:25:04.0552 5052 [ 300C80931EABBE1DB7591C516EFE8D0F ] FDResPub C:\Windows\system32\fdrespub.dll
11:25:04.0554 5052 FDResPub - ok
11:25:04.0576 5052 [ 457B7D1D533E4BD62A99AED9C7BB4C59 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
11:25:04.0578 5052 FileInfo - ok
11:25:04.0679 5052 [ EE231D4D8F6D5107A97EBFE50FD097CB ] FileMonitor C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\wlh_amd64\FileMonitor.sys
11:25:04.0681 5052 FileMonitor - ok
11:25:04.0702 5052 [ D421327FD6EFCCAF884A54C58E1B0D7F ] Filetrace C:\Windows\system32\drivers\filetrace.sys
11:25:04.0703 5052 Filetrace - ok
11:25:04.0738 5052 [ 230923EA2B80F79B0F88D90F87B87EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
11:25:04.0739 5052 flpydisk - ok
11:25:04.0772 5052 [ E3041BC26D6930D61F42AEDB79C91720 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
11:25:04.0776 5052 FltMgr - ok
11:25:04.0851 5052 [ BE1C5BD1CA7ED015BC6FA1AE67E592C8 ] FontCache C:\Windows\system32\FntCache.dll
11:25:04.0865 5052 FontCache - ok
11:25:04.0916 5052 [ BC5B0BE5AF3510B0FD8C140EE42C6D3E ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:25:04.0917 5052 FontCache3.0.0.0 - ok
11:25:04.0965 5052 [ 5779B86CD8B32519FBECB136394D946A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
11:25:04.0966 5052 Fs_Rec - ok
11:25:04.0990 5052 [ C8E416668D3DC2BE3D4FE4C79224997F ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
11:25:04.0992 5052 gagp30kx - ok
11:25:05.0023 5052 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
11:25:05.0024 5052 GEARAspiWDM - ok
11:25:05.0061 5052 [ A0E1B575BA8F504968CD40C0FAEB2384 ] gpsvc C:\Windows\System32\gpsvc.dll
11:25:05.0070 5052 gpsvc - ok
11:25:05.0128 5052 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:25:05.0130 5052 gupdate - ok
11:25:05.0150 5052 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:25:05.0152 5052 gupdatem - ok
11:25:05.0170 5052 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
11:25:05.0172 5052 gusvc - ok
11:25:05.0221 5052 [ 68E732382B32417FF61FD663259B4B09 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:25:05.0224 5052 HdAudAddService - ok
11:25:05.0313 5052 [ F942C5820205F2FB453243EDFEC82A3D ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
11:25:05.0323 5052 HDAudBus - ok
11:25:05.0350 5052 [ B4881C84A180E75B8C25DC1D726C375F ] HidBth C:\Windows\system32\drivers\hidbth.sys
11:25:05.0351 5052 HidBth - ok
11:25:05.0364 5052 [ 5F47839455D01FF6403B008D481A6F5B ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
11:25:05.0365 5052 HidIr - ok
11:25:05.0406 5052 [ 59361D38A297755D46A540E450202B2A ] hidserv C:\Windows\system32\hidserv.dll
11:25:05.0408 5052 hidserv - ok
11:25:05.0429 5052 [ 443BDD2D30BB4F00795C797E2CF99EDF ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
11:25:05.0431 5052 HidUsb - ok
11:25:05.0450 5052 [ B12F367EA39C0795FD57E31242CE1A5A ] hkmsvc C:\Windows\system32\kmsvc.dll
11:25:05.0453 5052 hkmsvc - ok
11:25:05.0490 5052 [ 158DDAC4AA0DFCF2E33B4F53CB5A20B9 ] HP Health Check Service C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
11:25:05.0492 5052 HP Health Check Service - ok
11:25:05.0523 5052 [ D7109A1E6BD2DFDBCBA72A6BC626A13B ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
11:25:05.0524 5052 HpCISSs - ok
11:25:05.0555 5052 [ 4A435CA815A54639CA09DDF75D751EBC ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
11:25:05.0556 5052 hpdskflt - ok
11:25:05.0577 5052 [ 0ECC54FD34D6A089C300846B011E81D6 ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
11:25:05.0578 5052 HpqKbFiltr - ok
11:25:05.0613 5052 [ 3E1CB5C4AFFA06B4B29E8FF12544CF23 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
11:25:05.0616 5052 hpqwmiex - ok
11:25:05.0703 5052 [ 5ECEC779312AD35B1B19951A4B53FAC1 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
11:25:05.0714 5052 HPSLPSVC - ok
11:25:05.0738 5052 [ 6BF024EA61D7894BF4AF0B10A90B546E ] hpsrv C:\Windows\system32\Hpservice.exe
11:25:05.0740 5052 hpsrv - ok
11:25:05.0781 5052 [ 098F1E4E5C9CB5B0063A959063631610 ] HTTP C:\Windows\system32\drivers\HTTP.sys
11:25:05.0788 5052 HTTP - ok
11:25:05.0814 5052 [ DA94C854CEA5FAC549D4E1F6E88349E8 ] i2omp C:\Windows\system32\drivers\i2omp.sys
11:25:05.0815 5052 i2omp - ok
11:25:05.0831 5052 [ CBB597659A2713CE0C9CC20C88C7591F ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
11:25:05.0832 5052 i8042prt - ok
11:25:05.0854 5052 [ 3E3BF3627D886736D0B4E90054F929F6 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
11:25:05.0858 5052 iaStorV - ok
11:25:05.0914 5052 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
11:25:05.0916 5052 IDriverT - ok
11:25:05.0981 5052 [ 749F5F8CEDCA70F2A512945325FC489D ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:25:05.0991 5052 idsvc - ok
11:25:06.0208 5052 [ 7B0A679638E9380C0D8D42C7D43F8169 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
11:25:06.0285 5052 igfx - ok
11:25:06.0305 5052 [ 8C3951AD2FE886EF76C7B5027C3125D3 ] iirsp C:\Windows\system32\drivers\iirsp.sys
11:25:06.0306 5052 iirsp - ok
11:25:06.0347 5052 [ 0C9EA6E654E7B0471741E343A6C671AF ] IKEEXT C:\Windows\System32\ikeext.dll
11:25:06.0351 5052 IKEEXT - ok
11:25:06.0415 5052 [ 491FB9E6C0BD1383884D64EA5B886AD8 ] IMFservice C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
11:25:06.0421 5052 IMFservice - ok
11:25:06.0452 5052 [ C7C9720A5B0FD2B974FC4F72E405204B ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
11:25:06.0453 5052 IntcHdmiAddService - ok
11:25:06.0472 5052 [ 475490CAF376E55E6E8B37BBDFEB2E81 ] intelide C:\Windows\system32\drivers\intelide.sys
11:25:06.0473 5052 intelide - ok
11:25:06.0488 5052 [ BFD84AF32FA1BAD6231C4585CB469630 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
11:25:06.0488 5052 intelppm - ok
11:25:06.0504 5052 [ 5624BC1BC5EEB49C0AB76A8114F05EA3 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
11:25:06.0505 5052 IPBusEnum - ok
11:25:06.0527 5052 [ D8AABC341311E4780D6FCE8C73C0AD81 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:25:06.0528 5052 IpFilterDriver - ok
11:25:06.0574 5052 [ BF0DBFA9792C5C14FA00F61C75116C1B ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
11:25:06.0577 5052 iphlpsvc - ok
11:25:06.0583 5052 IpInIp - ok
11:25:06.0621 5052 [ 9C2EE2E6E5A7203BFAE15C299475EC67 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
11:25:06.0622 5052 IPMIDRV - ok
11:25:06.0637 5052 [ B7E6212F581EA5F6AB0C3A6CEEEB89BE ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
11:25:06.0638 5052 IPNAT - ok
11:25:06.0676 5052 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
11:25:06.0682 5052 iPod Service - ok
11:25:06.0698 5052 [ 8C42CA155343A2F11D29FECA67FAA88D ] IRENUM C:\Windows\system32\drivers\irenum.sys
11:25:06.0699 5052 IRENUM - ok
11:25:06.0721 5052 [ 0672BFCEDC6FC468A2B0500D81437F4F ] isapnp C:\Windows\system32\drivers\isapnp.sys
11:25:06.0721 5052 isapnp - ok
11:25:06.0774 5052 [ E4FDF99599F27EC25D2CF6D754243520 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
11:25:06.0776 5052 iScsiPrt - ok
11:25:06.0800 5052 [ 63C766CDC609FF8206CB447A65ABBA4A ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
11:25:06.0801 5052 iteatapi - ok
11:25:06.0818 5052 [ 1281FE73B17664631D12F643CBEA3F59 ] iteraid C:\Windows\system32\drivers\iteraid.sys
11:25:06.0819 5052 iteraid - ok
11:25:06.0848 5052 [ B33736B29D70DBD275B099BCD4F5C1BA ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys
11:25:06.0850 5052 JMCR - ok
11:25:06.0868 5052 [ 423696F3BA6472DD17699209B933BC26 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
11:25:06.0869 5052 kbdclass - ok
11:25:06.0923 5052 [ DBDF75D51464FBC47D0104EC3D572C05 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
11:25:06.0924 5052 kbdhid - ok
11:25:06.0998 5052 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] KeyIso C:\Windows\system32\lsass.exe
11:25:07.0000 5052 KeyIso - ok
11:25:07.0023 5052 [ 88956AD9FA510848AD176777A6C6C1F5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
11:25:07.0029 5052 KSecDD - ok
11:25:07.0051 5052 [ 1D419CF43DB29396ECD7113D129D94EB ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
11:25:07.0052 5052 ksthunk - ok
11:25:07.0109 5052 [ 1FAF6926F3416D3DA05C5B265491BDAE ] KtmRm C:\Windows\system32\msdtckrm.dll
11:25:07.0114 5052 KtmRm - ok
11:25:07.0153 5052 [ 50C7A3CB427E9BB5ED0708A669956AB5 ] LanmanServer C:\Windows\system32\srvsvc.dll
11:25:07.0157 5052 LanmanServer - ok
11:25:07.0221 5052 [ CAF86FC1388BE1E470F1A7B43E348ADB ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:25:07.0226 5052 LanmanWorkstation - ok
11:25:07.0265 5052 [ 9188D073CD14F886790D6037D1986063 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
11:25:07.0267 5052 LightScribeService - ok
11:25:07.0285 5052 [ 96ECE2659B6654C10A0C310AE3A6D02C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
11:25:07.0286 5052 lltdio - ok
11:25:07.0328 5052 [ 961CCBD0B1CCB5675D64976FAE37D092 ] lltdsvc C:\Windows\System32\lltdsvc.dll
11:25:07.0333 5052 lltdsvc - ok
11:25:07.0374 5052 [ A47F8080CACC23C91FE823AD19AA5612 ] lmhosts C:\Windows\System32\lmhsvc.dll
11:25:07.0376 5052 lmhosts - ok
11:25:07.0496 5052 [ ACBE1AF32D3123E330A07BFBC5EC4A9B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
11:25:07.0498 5052 LSI_FC - ok
11:25:07.0516 5052 [ 799FFB2FC4729FA46D2157C0065B3525 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
11:25:07.0518 5052 LSI_SAS - ok
11:25:07.0537 5052 [ F445FF1DAAD8A226366BFAF42551226B ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
11:25:07.0539 5052 LSI_SCSI - ok
11:25:07.0555 5052 [ 52F87B9CC8932C2A7375C3B2A9BE5E3E ] luafv C:\Windows\system32\drivers\luafv.sys
11:25:07.0557 5052 luafv - ok
11:25:07.0585 5052 [ 76A58DF02BD4EA29F189B82D0BEF17F8 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
11:25:07.0588 5052 Mcx2Svc - ok
11:25:07.0620 5052 [ 5C5CD6AACED32FB26C3FB34B3DCF972F ] megasas C:\Windows\system32\drivers\megasas.sys
11:25:07.0621 5052 megasas - ok
11:25:07.0641 5052 [ 859BC2436B076C77C159ED694ACFE8F8 ] MegaSR C:\Windows\system32\drivers\megasr.sys
11:25:07.0646 5052 MegaSR - ok
11:25:07.0656 5052 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] MMCSS C:\Windows\system32\mmcss.dll
11:25:07.0659 5052 MMCSS - ok
11:25:07.0677 5052 [ 59848D5CC74606F0EE7557983BB73C2E ] Modem C:\Windows\system32\drivers\modem.sys
11:25:07.0679 5052 Modem - ok
11:25:07.0698 5052 [ C247CC2A57E0A0C8C6DCCF7807B3E9E5 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
11:25:07.0700 5052 monitor - ok
11:25:07.0726 5052 [ 9367304E5E412B120CF5F4EA14E4E4F1 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
11:25:07.0727 5052 mouclass - ok
11:25:07.0737 5052 [ C2C2BD5C5CE5AAF786DDD74B75D2AC69 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
11:25:07.0738 5052 mouhid - ok
11:25:07.0753 5052 [ 11BC9B1E8801B01F7F6ADB9EAD30019B ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
11:25:07.0754 5052 MountMgr - ok
11:25:07.0775 5052 [ F8276EB8698142884498A528DFEA8478 ] mpio C:\Windows\system32\drivers\mpio.sys
11:25:07.0777 5052 mpio - ok
11:25:07.0795 5052 [ C92B9ABDB65A5991E00C28F13491DBA2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
11:25:07.0797 5052 mpsdrv - ok
11:25:07.0843 5052 [ 897E3BAF68BA406A61682AE39C83900C ] MpsSvc C:\Windows\system32\mpssvc.dll
11:25:07.0851 5052 MpsSvc - ok
11:25:07.0882 5052 [ 3C200630A89EF2C0864D515B7A75802E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
11:25:07.0883 5052 Mraid35x - ok
11:25:07.0898 5052 [ 7C1DE4AA96DC0C071611F9E7DE02A68D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
11:25:07.0902 5052 MRxDAV - ok
11:25:07.0930 5052 [ 1485811B320FF8C7EDAD1CAEBB1C6C2B ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
11:25:07.0932 5052 mrxsmb - ok
11:25:07.0962 5052 [ 3B929A60C833FC615FD97FBA82BC7632 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:25:07.0966 5052 mrxsmb10 - ok
11:25:07.0981 5052 [ C64AB3E1F53B4F5B5BB6D796B2D7BEC3 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:25:07.0983 5052 mrxsmb20 - ok
11:25:08.0041 5052 [ AA459F2AB3AB603C357FF117CAE3D818 ] msahci C:\Windows\system32\drivers\msahci.sys
11:25:08.0042 5052 msahci - ok
11:25:08.0066 5052 [ 264BBB4AAF312A485F0E44B65A6B7202 ] msdsm C:\Windows\system32\drivers\msdsm.sys
11:25:08.0068 5052 msdsm - ok
11:25:08.0093 5052 [ 7EC02CE772F068ED0BEAFA3DA341A9BC ] MSDTC C:\Windows\System32\msdtc.exe
11:25:08.0096 5052 MSDTC - ok
11:25:08.0125 5052 [ 704F59BFC4512D2BB0146AEC31B10A7C ] Msfs C:\Windows\system32\drivers\Msfs.sys
11:25:08.0127 5052 Msfs - ok
11:25:08.0145 5052 [ 00EBC952961664780D43DCA157E79B27 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
11:25:08.0147 5052 msisadrv - ok
11:25:08.0186 5052 [ 366B0C1F4478B519C181E37D43DCDA32 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
11:25:08.0189 5052 MSiSCSI - ok
11:25:08.0196 5052 msiserver - ok
11:25:08.0224 5052 [ 0EA73E498F53B96D83DBFCA074AD4CF8 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
11:25:08.0225 5052 MSKSSRV - ok
11:25:08.0245 5052 [ 52E59B7E992A58E740AA63F57EDBAE8B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
11:25:08.0246 5052 MSPCLOCK - ok
11:25:08.0261 5052 [ 49084A75BAE043AE02D5B44D02991BB2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
11:25:08.0263 5052 MSPQM - ok
11:25:08.0295 5052 [ DC6CCF440CDEDE4293DB41C37A5060A5 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
11:25:08.0298 5052 MsRPC - ok
11:25:08.0326 5052 [ 855796E59DF77EA93AF46F20155BF55B ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
11:25:08.0327 5052 mssmbios - ok
11:25:08.0343 5052 [ 86D632D75D05D5B7C7C043FA3564AE86 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
11:25:08.0344 5052 MSTEE - ok
11:25:08.0365 5052 [ 0CC49F78D8ACA0877D885F149084E543 ] Mup C:\Windows\system32\Drivers\mup.sys
11:25:08.0366 5052 Mup - ok
11:25:08.0399 5052 [ A5B10C845E7538C60C0F5D87A57CB3F5 ] napagent C:\Windows\system32\qagentRT.dll
11:25:08.0405 5052 napagent - ok
11:25:08.0431 5052 [ 2007B826C4ACD94AE32232B41F0842B9 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
11:25:08.0434 5052 NativeWifiP - ok
11:25:08.0485 5052 NAVENG - ok
11:25:08.0490 5052 NAVEX15 - ok
11:25:08.0542 5052 [ 65950E07329FCEE8E6516B17C8D0ABB6 ] NDIS C:\Windows\system32\drivers\ndis.sys
11:25:08.0550 5052 NDIS - ok
11:25:08.0568 5052 [ 64DF698A425478E321981431AC171334 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
11:25:08.0571 5052 NdisTapi - ok
11:25:08.0593 5052 [ 8BAA43196D7B5BB972C9A6B2BBF61A19 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
11:25:08.0594 5052 Ndisuio - ok
11:25:08.0623 5052 [ F8158771905260982CE724076419EF19 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
11:25:08.0625 5052 NdisWan - ok
11:25:08.0642 5052 [ 9CB77ED7CB72850253E973A2D6AFDF49 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
11:25:08.0644 5052 NDProxy - ok
11:25:08.0665 5052 [ DC6530A291D4BDF6DF399F1F128E7F8F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
11:25:08.0668 5052 Net Driver HPZ12 - ok
11:25:08.0678 5052 [ A499294F5029A7862ADC115BDA7371CE ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
11:25:08.0680 5052 NetBIOS - ok
11:25:08.0707 5052 [ FC2C792EBDDC8E28DF939D6A92C83D61 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
11:25:08.0710 5052 netbt - ok
11:25:08.0721 5052 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] Netlogon C:\Windows\system32\lsass.exe
11:25:08.0722 5052 Netlogon - ok
11:25:08.0759 5052 [ 9B63B29DEFC0F3115A559D2597BF5D75 ] Netman C:\Windows\System32\netman.dll
11:25:08.0765 5052 Netman - ok
11:25:08.0785 5052 [ 7846D0136CC2B264926A73047BA7688A ] netprofm C:\Windows\System32\netprofm.dll
11:25:08.0790 5052 netprofm - ok
11:25:08.0814 5052 [ 74751DDA198165947FD7454D83F49825 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:25:08.0816 5052 NetTcpPortSharing - ok
11:25:08.0916 5052 [ C86984AEE87900C1EEB6942EDE3BF4B6 ] NETw3v64 C:\Windows\system32\DRIVERS\NETw3v64.sys
11:25:08.0943 5052 NETw3v64 - ok
11:25:08.0961 5052 [ 4AC08BD6AF2DF42E0C3196D826C8AEA7 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
11:25:08.0962 5052 nfrd960 - ok
11:25:08.0984 5052 [ F145BF4C4668E7E312069F81EF847CFC ] NlaSvc C:\Windows\System32\nlasvc.dll
11:25:08.0987 5052 NlaSvc - ok
11:25:08.0991 5052 Norton Internet Security - ok
11:25:09.0010 5052 [ B298874F8E0EA93F06EC40AA8D146478 ] Npfs C:\Windows\system32\drivers\Npfs.sys
11:25:09.0011 5052 Npfs - ok
11:25:09.0030 5052 [ ACB62BAA1C319B17752553DF3026EEEB ] nsi C:\Windows\system32\nsisvc.dll
11:25:09.0031 5052 nsi - ok
11:25:09.0057 5052 [ 1523AF19EE8B030BA682F7A53537EAEB ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
11:25:09.0059 5052 nsiproxy - ok
11:25:09.0118 5052 [ BAC869DFB98E499BA4D9BB1FB43270E1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
11:25:09.0131 5052 Ntfs - ok
11:25:09.0147 5052 [ DD5D684975352B85B52E3FD5347C20CB ] Null C:\Windows\system32\drivers\Null.sys
11:25:09.0148 5052 Null - ok
11:25:09.0166 5052 [ 2C040B7ADA5B06F6FACADAC8514AA034 ] nvraid C:\Windows\system32\drivers\nvraid.sys
11:25:09.0168 5052 nvraid - ok
11:25:09.0182 5052 [ F7EA0FE82842D05EDA3EFDD376DBFDBA ] nvstor C:\Windows\system32\drivers\nvstor.sys
11:25:09.0183 5052 nvstor - ok
11:25:09.0202 5052 [ 19067CA93075EF4823E3938A686F532F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
11:25:09.0204 5052 nv_agp - ok
11:25:09.0209 5052 NwlnkFlt - ok
11:25:09.0215 5052 NwlnkFwd - ok
11:25:09.0279 5052 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
11:25:09.0283 5052 odserv - ok
11:25:09.0321 5052 [ 1B30103FDE512915A9214B108B6E7A9C ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
11:25:09.0322 5052 ohci1394 - ok
11:25:09.0366 5052 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:25:09.0367 5052 ose - ok
11:25:09.0409 5052 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2pimsvc C:\Windows\system32\p2psvc.dll
11:25:09.0416 5052 p2pimsvc - ok
11:25:09.0511 5052 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2psvc C:\Windows\system32\p2psvc.dll
11:25:09.0518 5052 p2psvc - ok
11:25:09.0616 5052 [ AECD57F94C887F58919F307C35498EA0 ] Parport C:\Windows\system32\drivers\parport.sys
11:25:09.0617 5052 Parport - ok
11:25:09.0676 5052 [ B43751085E2ABE389DA466BC62A4B987 ] partmgr C:\Windows\system32\drivers\partmgr.sys
11:25:09.0677 5052 partmgr - ok
11:25:09.0702 5052 [ 9AB157B374192FF276C1628FBDBA2B0E ] PcaSvc C:\Windows\System32\pcasvc.dll
11:25:09.0704 5052 PcaSvc - ok
11:25:09.0746 5052 [ 47AB1E0FC9D0E12BB53BA246E3A0906D ] pci C:\Windows\system32\drivers\pci.sys
11:25:09.0748 5052 pci - ok
11:25:09.0782 5052 [ 15E5C3F89A3452EFBDA3B39816DBC4EE ] pciide C:\Windows\system32\drivers\pciide.sys
11:25:09.0782 5052 pciide - ok
11:25:09.0813 5052 [ 037661F3D7C507C9993B7010CEEE6288 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
11:25:09.0813 5052 pcmcia - ok
11:25:09.0845 5052 [ 58865916F53592A61549B04941BFD80D ] PEAUTH C:\Windows\system32\drivers\peauth.sys
11:25:09.0860 5052 PEAUTH - ok
11:25:09.0923 5052 [ 0ED8727EA0172860F47258456C06CAEA ] PerfHost C:\Windows\SysWow64\perfhost.exe
11:25:09.0923 5052 PerfHost - ok
11:25:09.0985 5052 [ E9E68C1A0F25CF4A7AC966EEA74EE89E ] pla C:\Windows\system32\pla.dll
11:25:10.0001 5052 pla - ok
11:25:10.0032 5052 [ FE6B0F59215C9FD9F9D26539C58C8B82 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
11:25:10.0047 5052 PlugPlay - ok
11:25:10.0063 5052 [ 71F62C51DFDFBC04C83C5C64B2B8058E ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
11:25:10.0063 5052 Pml Driver HPZ12 - ok
11:25:10.0094 5052 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
11:25:10.0094 5052 PNRPAutoReg - ok
11:25:10.0125 5052 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPsvc C:\Windows\system32\p2psvc.dll
11:25:10.0141 5052 PNRPsvc - ok
11:25:10.0172 5052 [ 89A5560671C2D8B4A4B51F3E1AA069D8 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
11:25:10.0172 5052 PolicyAgent - ok
11:25:10.0189 5052 [ 23386E9952025F5F21C368971E2E7301 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
11:25:10.0190 5052 PptpMiniport - ok
11:25:10.0221 5052 [ 5080E59ECEE0BC923F14018803AA7A01 ] Processor C:\Windows\system32\drivers\processr.sys
11:25:10.0222 5052 Processor - ok
11:25:10.0254 5052 [ E058CE4FC2449D8BFA14739C83B7FF2A ] ProfSvc C:\Windows\system32\profsvc.dll
11:25:10.0258 5052 ProfSvc - ok
11:25:10.0277 5052 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] ProtectedStorage C:\Windows\system32\lsass.exe
11:25:10.0279 5052 ProtectedStorage - ok
11:25:10.0301 5052 [ C5AB7F0809392D0DA027F4A2A81BFA31 ] PSched C:\Windows\system32\DRIVERS\pacer.sys
11:25:10.0303 5052 PSched - ok
11:25:10.0347 5052 [ 2E570416E5B5A227CCF29EE89A656A36 ] PTDUBus C:\Windows\system32\DRIVERS\PTDUBus.sys
11:25:10.0348 5052 PTDUBus - ok
11:25:10.0372 5052 [ D535DE3126E2D69D77AA87E7AC901ED4 ] PTDUMdm C:\Windows\system32\DRIVERS\PTDUMdm.sys
11:25:10.0373 5052 PTDUMdm - ok
11:25:10.0392 5052 [ E585ABA47264521ED46DFCE32A7C2CE3 ] PTDUVsp C:\Windows\system32\DRIVERS\PTDUVsp.sys
11:25:10.0393 5052 PTDUVsp - ok
11:25:10.0408 5052 [ EDEAA71DFCD1E9CD880D6EB247F9401D ] PTDUWWAN C:\Windows\system32\DRIVERS\PTDUWWAN.sys
11:25:10.0410 5052 PTDUWWAN - ok
11:25:10.0494 5052 [ 0B83F4E681062F3839BE2EC1D98FD94A ] ql2300 C:\Windows\system32\drivers\ql2300.sys
11:25:10.0507 5052 ql2300 - ok
11:25:10.0528 5052 [ E1C80F8D4D1E39EF9595809C1369BF2A ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
11:25:10.0530 5052 ql40xx - ok
11:25:10.0558 5052 [ 90574842C3DA781E279061A3EFF91F07 ] QWAVE C:\Windows\system32\qwave.dll
11:25:10.0563 5052 QWAVE - ok
11:25:10.0587 5052 [ E8D76EDAB77EC9C634C27B8EAC33ADC5 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
11:25:10.0588 5052 QWAVEdrv - ok
11:25:10.0602 5052 [ 1013B3B663A56D3DDD784F581C1BD005 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
11:25:10.0603 5052 RasAcd - ok
11:25:10.0620 5052 [ B2AE18F847D07F0044404DDF7CB04497 ] RasAuto C:\Windows\System32\rasauto.dll
11:25:10.0623 5052 RasAuto - ok
11:25:10.0650 5052 [ AC7BC4D42A7E558718DFDEC599BBFC2C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
11:25:10.0652 5052 Rasl2tp - ok
11:25:10.0669 5052 [ 3AD83E4046C43BE510DE681588ACB8AF ] RasMan C:\Windows\System32\rasmans.dll
11:25:10.0674 5052 RasMan - ok
11:25:10.0708 5052 [ 4517FBF8B42524AFE4EDE1DE102AAE3E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
11:25:10.0710 5052 RasPppoe - ok
11:25:10.0739 5052 [ C6A593B51F34C33E5474539544072527 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
11:25:10.0740 5052 RasSstp - ok
11:25:10.0768 5052 [ 322DB5C6B55E8D8EE8D6F358B2AAABB1 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
11:25:10.0771 5052 rdbss - ok
11:25:10.0793 5052 [ 603900CC05F6BE65CCBF373800AF3716 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
11:25:10.0794 5052 RDPCDD - ok
11:25:10.0824 5052 [ C045D1FB111C28DF0D1BE8D4BDA22C06 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
11:25:10.0828 5052 rdpdr - ok
11:25:10.0834 5052 [ CAB9421DAF3D97B33D0D055858E2C3AB ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
11:25:10.0836 5052 RDPENCDD - ok
11:25:10.0889 5052 [ AE4BD9E1C33D351D8E607FC81F15160C ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
11:25:10.0891 5052 RDPWD - ok
11:25:10.0942 5052 [ 6266D28705BC3F99E8BAC1F864C14E91 ] Recovery Service for Windows C:\Program Files (x86)\SMINST\BLService.exe
11:25:10.0946 5052 Recovery Service for Windows - ok
11:25:10.0965 5052 [ BEDD5D3CCABE43926BDD01C10516321D ] RegFilter C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\wlh_amd64\regfilter.sys
11:25:10.0966 5052 RegFilter - ok
11:25:11.0006 5052 [ C612B9557DA73F70D41F8A6FBC8E5344 ] RemoteAccess C:\Windows\System32\mprdim.dll
11:25:11.0008 5052 RemoteAccess - ok
11:25:11.0038 5052 [ 44B9D8EC2F3EF3A0EFB00857AF70D861 ] RemoteRegistry C:\Windows\system32\regsvc.dll
11:25:11.0041 5052 RemoteRegistry - ok
11:25:11.0080 5052 [ 72C35598BA591ABDDC37FCE7D26FE1C4 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
11:25:11.0082 5052 RFCOMM - ok
11:25:11.0194 5052 [ 498EB62A160674E793FA40FD65390625 ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
11:25:11.0194 5052 RichVideo - ok
11:25:11.0210 5052 [ F46C457840D4B7A4DAAFEE739CE04102 ] RpcLocator C:\Windows\system32\locator.exe
11:25:11.0210 5052 RpcLocator - ok
11:25:11.0241 5052 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] RpcSs C:\Windows\system32\rpcss.dll
11:25:11.0256 5052 RpcSs - ok
11:25:11.0288 5052 [ 22A9CB08B1A6707C1550C6BF099AAE73 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
11:25:11.0288 5052 rspndr - ok
11:25:11.0319 5052 [ 390482953C63E81BAE52F20386394421 ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh64.sys
11:25:11.0319 5052 RTL8169 - ok
11:25:11.0334 5052 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] SamSs C:\Windows\system32\lsass.exe
11:25:11.0334 5052 SamSs - ok
11:25:11.0350 5052 [ CD9C693589C60AD59BBBCFB0E524E01B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
11:25:11.0350 5052 sbp2port - ok
11:25:11.0381 5052 [ FD1CDCF108D5EF3366F00D18B70FB89B ] SCardSvr C:\Windows\System32\SCardSvr.dll
11:25:11.0381 5052 SCardSvr - ok
11:25:11.0428 5052 [ 0F838C811AD295D2A4489B9993096C63 ] Schedule C:\Windows\system32\schedsvc.dll
11:25:11.0444 5052 Schedule - ok
11:25:11.0475 5052 [ 5A268127633C7EE2A7FB87F39D748D56 ] SCPolicySvc C:\Windows\System32\certprop.dll
11:25:11.0475 5052 SCPolicySvc - ok
11:25:11.0490 5052 [ B42EE50F7D24F837F925332EB349ECA5 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
11:25:11.0490 5052 sdbus - ok
11:25:11.0537 5052 [ 4FF71B076A7760FE75EA5AE2D0EE0018 ] SDRSVC C:\Windows\System32\SDRSVC.dll
11:25:11.0537 5052 SDRSVC - ok
11:25:11.0568 5052 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
11:25:11.0568 5052 secdrv - ok
11:25:11.0584 5052 [ 5ACDCBC67FCF894A1815B9F96D704490 ] seclogon C:\Windows\system32\seclogon.dll
11:25:11.0584 5052 seclogon - ok
11:25:11.0584 5052 [ 90973A64B96CD647FF81C79443618EED ] SENS C:\Windows\System32\sens.dll
11:25:11.0584 5052 SENS - ok
11:25:11.0615 5052 [ F71BFE7AC6C52273B7C82CBF1BB2A222 ] Serenum C:\Windows\system32\drivers\serenum.sys
11:25:11.0615 5052 Serenum - ok
11:25:11.0646 5052 [ E62FAC91EE288DB29A9696A9D279929C ] Serial C:\Windows\system32\drivers\serial.sys
11:25:11.0646 5052 Serial - ok
11:25:11.0646 5052 [ A842F04833684BCEEA7336211BE478DF ] sermouse C:\Windows\system32\drivers\sermouse.sys
11:25:11.0646 5052 sermouse - ok
11:25:11.0678 5052 [ A8E4A4407A09F35DCCC3771AF590B0C4 ] SessionEnv C:\Windows\system32\sessenv.dll
11:25:11.0693 5052 SessionEnv - ok
11:25:11.0709 5052 [ 14D4B4465193A87C127933978E8C4106 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
11:25:11.0709 5052 sffdisk - ok
11:25:11.0724 5052 [ 7073AEE3F82F3D598E3825962AA98AB2 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
11:25:11.0724 5052 sffp_mmc - ok
11:25:11.0740 5052 [ 35E59EBE4A01A0532ED67975161C7B82 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
11:25:11.0740 5052 sffp_sd - ok
11:25:11.0756 5052 [ 6B7838C94135768BD455CBDC23E39E5F ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
11:25:11.0756 5052 sfloppy - ok
11:25:11.0802 5052 [ 4C5AEE179DA7E1EE9A9CCB9DA289AF34 ] SharedAccess C:\Windows\System32\ipnathlp.dll
11:25:11.0802 5052 SharedAccess - ok
11:25:11.0834 5052 [ 56793271ECDEDD350C5ADD305603E963 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:25:11.0834 5052 ShellHWDetection - ok
11:25:11.0849 5052 [ 7A5DE502AEB719D4594C6471060A78B3 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
11:25:11.0849 5052 SiSRaid2 - ok
11:25:11.0865 5052 [ 3A2F769FAB9582BC720E11EA1DFB184D ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
11:25:11.0880 5052 SiSRaid4 - ok
11:25:11.0990 5052 [ 3740B83AEC21D981065D7E819BD7E878 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
11:25:12.0021 5052 Skype C2C Service - ok
11:25:12.0068 5052 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
11:25:12.0068 5052 SkypeUpdate - ok
11:25:12.0161 5052 [ A9A27A8E257B45A604FDAD4F26FE7241 ] slsvc C:\Windows\system32\SLsvc.exe
11:25:12.0192 5052 slsvc - ok
11:25:12.0224 5052 [ FD74B4B7C2088E390A30C85A896FC3AF ] SLUINotify C:\Windows\system32\SLUINotify.dll
11:25:12.0224 5052 SLUINotify - ok
11:25:12.0239 5052 [ B68385FD0CB677A1BB3EAB0BEB2999B7 ] SmartDefragDriver C:\Windows\system32\Drivers\SmartDefragDriver.sys
11:25:12.0239 5052 SmartDefragDriver - ok
11:25:12.0270 5052 [ 290B6F6A0EC4FCDFC90F5CB6D7020473 ] Smb C:\Windows\system32\DRIVERS\smb.sys
11:25:12.0270 5052 Smb - ok
11:25:12.0302 5052 [ F8F47F38909823B1AF28D60B96340CFF ] SNMPTRAP C:\Windows\System32\snmptrap.exe
11:25:12.0302 5052 SNMPTRAP - ok
11:25:12.0348 5052 [ 386C3C63F00A7040C7EC5E384217E89D ] spldr C:\Windows\system32\drivers\spldr.sys
11:25:12.0348 5052 spldr - ok
11:25:12.0380 5052 [ F66FF751E7EFC816D266977939EF5DC3 ] Spooler C:\Windows\System32\spoolsv.exe
11:25:12.0380 5052 Spooler - ok
11:25:12.0395 5052 SRTSP - ok
11:25:12.0395 5052 SRTSPX - ok
11:25:12.0426 5052 [ 880A57FCCB571EBD063D4DD50E93E46D ] srv C:\Windows\system32\DRIVERS\srv.sys
11:25:12.0442 5052 srv - ok
11:25:12.0473 5052 [ A1AD14A6D7A37891FFFECA35EBBB0730 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
11:25:12.0473 5052 srv2 - ok
11:25:12.0504 5052 [ 4BED62F4FA4D8300973F1151F4C4D8A7 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
11:25:12.0504 5052 srvnet - ok
11:25:12.0536 5052 [ 192C74646EC5725AEF3F80D19FF75F6A ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
11:25:12.0536 5052 SSDPSRV - ok
11:25:12.0567 5052 [ 2EE3FA0308E6185BA64A9A7F2E74332B ] SstpSvc C:\Windows\system32\sstpsvc.dll
11:25:12.0567 5052 SstpSvc - ok
11:25:12.0660 5052 [ 72EB6157E892A674E47E08732BB5CCE3 ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_6ef279c8\STacSV64.exe
11:25:12.0660 5052 STacSV - ok
11:25:12.0707 5052 [ 0C7BDA7E9A329A071C080EB5210FE019 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
11:25:12.0723 5052 STHDA - ok
11:25:12.0770 5052 [ 15825C1FBFB8779992CB65087F316AF5 ] stisvc C:\Windows\System32\wiaservc.dll
11:25:12.0770 5052 stisvc - ok
11:25:12.0801 5052 [ 8A851CA908B8B974F89C50D2E18D4F0C ] swenum C:\Windows\system32\DRIVERS\swenum.sys
11:25:12.0816 5052 swenum - ok
11:25:12.0848 5052 [ 6DE37F4DE19D4EFD9C48C43ADDBC949A ] swprv C:\Windows\System32\swprv.dll
11:25:12.0863 5052 swprv - ok
11:25:12.0879 5052 [ 2F26A2C6FC96B29BEFF5D8ED74E6625B ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
11:25:12.0879 5052 Symc8xx - ok
11:25:12.0910 5052 [ A909667976D3BCCD1DF813FED517D837 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
11:25:12.0910 5052 Sym_hi - ok
11:25:12.0926 5052 [ 36887B56EC2D98B9C362F6AE4DE5B7B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
11:25:12.0926 5052 Sym_u3 - ok
11:25:12.0972 5052 [ 92D7A8B0F87B036F17D25885937897A6 ] SysMain C:\Windows\system32\sysmain.dll
11:25:12.0972 5052 SysMain - ok
11:25:13.0004 5052 [ 005CE42567F9113A3BCCB3B20073B029 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:25:13.0004 5052 TabletInputService - ok
11:25:13.0050 5052 [ CC2562B4D55E0B6A4758C65407F63B79 ] TapiSrv C:\Windows\System32\tapisrv.dll
11:25:13.0050 5052 TapiSrv - ok
11:25:13.0066 5052 [ CDBE8D7C1E201B911CDC346D06617FB5 ] TBS C:\Windows\System32\tbssvc.dll
11:25:13.0082 5052 TBS - ok
11:25:13.0175 5052 [ 46D448E9117464E4D3BBF36D7E3FA48E ] Tcpip C:\Windows\system32\drivers\tcpip.sys
11:25:13.0191 5052 Tcpip - ok
11:25:13.0269 5052 [ 46D448E9117464E4D3BBF36D7E3FA48E ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
11:25:13.0284 5052 Tcpip6 - ok
11:25:13.0347 5052 [ C7E72A4071EE0200E3C075DACFB2B334 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
11:25:13.0347 5052 tcpipreg - ok
11:25:13.0456 5052 [ 1D8BF4AAA5FB7A2761475781DC1195BC ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
11:25:13.0456 5052 TDPIPE - ok
11:25:13.0503 5052 [ 7F7E00CDF609DF657F4CDA02DD1C9BB1 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
11:25:13.0503 5052 TDTCP - ok
11:25:13.0533 5052 [ 458919C8C42E398DC4802178D5FFEE27 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
11:25:13.0536 5052 tdx - ok
11:25:13.0594 5052 [ 8C19678D22649EC002EF2282EAE92F98 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
11:25:13.0596 5052 TermDD - ok
11:25:13.0660 5052 [ 5CDD30BC217082DAC71A9878D9BFD566 ] TermService C:\Windows\System32\termsrv.dll
11:25:13.0668 5052 TermService - ok
11:25:13.0707 5052 [ 56793271ECDEDD350C5ADD305603E963 ] Themes C:\Windows\system32\shsvcs.dll
11:25:13.0711 5052 Themes - ok
11:25:13.0735 5052 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] THREADORDER C:\Windows\system32\mmcss.dll
11:25:13.0737 5052 THREADORDER - ok
11:25:13.0763 5052 [ F4689F05AF472A651A7B1B7B02D200E7 ] TrkWks C:\Windows\System32\trkwks.dll
11:25:13.0765 5052 TrkWks - ok
11:25:13.0805 5052 [ 66328B08EF5A9305D8EDE36B93930369 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:25:13.0806 5052 TrustedInstaller - ok
11:25:13.0825 5052 [ 9E5409CD17C8BEF193AAD498F3BC2CB8 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
11:25:13.0826 5052 tssecsrv - ok
11:25:13.0838 5052 [ 89EC74A9E602D16A75A4170511029B3C ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
11:25:13.0839 5052 tunmp - ok
11:25:13.0870 5052 [ 30A9B3F45AD081BFFC3BCAA9C812B609 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
11:25:13.0871 5052 tunnel - ok
11:25:13.0963 5052 [ 4215ECFC15D265A8E6E1925084B80908 ] TVCapSvc C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
11:25:13.0966 5052 TVCapSvc - ok
11:25:13.0988 5052 [ F386D56F1B6D70E0E4E70E494975D279 ] TVSched C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
11:25:13.0990 5052 TVSched - ok
11:25:14.0026 5052 [ FEC266EF401966311744BD0F359F7F56 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
11:25:14.0027 5052 uagp35 - ok
11:25:14.0066 5052 [ FAF2640A2A76ED03D449E443194C4C34 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
11:25:14.0069 5052 udfs - ok
11:25:14.0101 5052 [ 060507C4113391394478F6953A79EEDC ] UI0Detect C:\Windows\system32\UI0Detect.exe
11:25:14.0103 5052 UI0Detect - ok
11:25:14.0142 5052 [ 4EC9447AC3AB462647F60E547208CA00 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
11:25:14.0143 5052 uliagpkx - ok
11:25:14.0176 5052 [ 697F0446134CDC8F99E69306184FBBB4 ] uliahci C:\Windows\system32\drivers\uliahci.sys
11:25:14.0178 5052 uliahci - ok
11:25:14.0198 5052 [ 31707F09846056651EA2C37858F5DDB0 ] UlSata C:\Windows\system32\drivers\ulsata.sys
11:25:14.0199 5052 UlSata - ok
11:25:14.0220 5052 [ 85E5E43ED5B48C8376281BAB519271B7 ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
11:25:14.0222 5052 ulsata2 - ok
11:25:14.0239 5052 [ 46E9A994C4FED537DD951F60B86AD3F4 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
11:25:14.0240 5052 umbus - ok
11:25:14.0277 5052 [ 7093799FF80E9DECA0680D2E3535BE60 ] upnphost C:\Windows\System32\upnphost.dll
11:25:14.0281 5052 upnphost - ok
11:25:14.0330 5052 [ 1161D118CFFA13F0B4D48631F1BABD35 ] UrlFilter C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\wlh_amd64\UrlFilter.sys
11:25:14.0331 5052 UrlFilter - ok
11:25:14.0368 5052 [ 2793155DC986CCF8AA0DD89B1E53E5F0 ] USB28xxBGA C:\Windows\system32\DRIVERS\emBDA64.sys
11:25:14.0373 5052 USB28xxBGA - ok
11:25:14.0409 5052 [ D7940283C43E440FCF83AB55B85689C9 ] USB28xxOEM C:\Windows\system32\DRIVERS\emOEM64.sys
11:25:14.0411 5052 USB28xxOEM - ok
11:25:14.0434 5052 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
11:25:14.0436 5052 USBAAPL64 - ok
11:25:14.0486 5052 [ C6BA890DE6E41857FBE84175519CAE7D ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
11:25:14.0487 5052 usbaudio - ok
11:25:14.0539 5052 [ 07E3498FC60834219D2356293DA0FECC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
11:25:14.0539 5052 usbccgp - ok
11:25:14.0570 5052 [ 9247F7E0B65852C1F6631480984D6ED2 ] usbcir C:\Windows\system32\drivers\usbcir.sys
11:25:14.0570 5052 usbcir - ok
11:25:14.0617 5052 [ 827E44DE934A736EA31E91D353EB126F ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
11:25:14.0617 5052 usbehci - ok
11:25:14.0680 5052 [ BB35CD80A2ECECFADC73569B3D70C7D1 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
11:25:14.0695 5052 usbhub - ok
11:25:14.0742 5052 [ EBA14EF0C07CEC233F1529C698D0D154 ] usbohci C:\Windows\system32\drivers\usbohci.sys
11:25:14.0742 5052 usbohci - ok
11:25:14.0758 5052 [ 28B693B6D31E7B9332C1BDCEFEF228C1 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
11:25:14.0758 5052 usbprint - ok
11:25:14.0789 5052 [ EA0BF666868964FBE8CB10E50C97B9F1 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
11:25:14.0789 5052 usbscan - ok
11:25:14.0836 5052 [ B854C1558FCA0C269A38663E8B59B581 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:25:14.0851 5052 USBSTOR - ok
11:25:14.0867 5052 [ B2872CBF9F47316ABD0E0C74A1ABA507 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
11:25:14.0867 5052 usbuhci - ok
11:25:14.0882 5052 [ FC33099877790D51B0927B7039059855 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
11:25:14.0898 5052 usbvideo - ok
11:25:14.0929 5052 [ D76E231E4850BB3F88A3D9A78DF191E3 ] UxSms C:\Windows\System32\uxsms.dll
11:25:14.0929 5052 UxSms - ok
11:25:14.0960 5052 [ 294945381DFA7CE58CECF0A9896AF327 ] vds C:\Windows\System32\vds.exe
11:25:14.0976 5052 vds - ok
11:25:14.0992 5052 [ 916B94BCF1E09873FFF2D5FB11767BBC ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
11:25:14.0992 5052 vga - ok
11:25:15.0007 5052 [ B83AB16B51FEDA65DD81B8C59D114D63 ] VgaSave C:\Windows\System32\drivers\vga.sys
11:25:15.0007 5052 VgaSave - ok
11:25:15.0023 5052 [ 4F964E6828156F0EF3FA8D3A9A7895DE ] viaide C:\Windows\system32\drivers\viaide.sys
11:25:15.0023 5052 viaide - ok
11:25:15.0054 5052 [ 2B7E885ED951519A12C450D24535DFCA ] volmgr C:\Windows\system32\drivers\volmgr.sys
11:25:15.0054 5052 volmgr - ok
11:25:15.0085 5052 [ CEC5AC15277D75D9E5DEC2E1C6EAF877 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
11:25:15.0085 5052 volmgrx - ok
11:25:15.0148 5052 [ 5280AADA24AB36B01A84A6424C475C8D ] volsnap C:\Windows\system32\drivers\volsnap.sys
11:25:15.0163 5052 volsnap - ok
11:25:15.0350 5052 [ A68F455ED2673835209318DD61BFBB0E ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
11:25:15.0350 5052 vsmraid - ok
11:25:15.0413 5052 [ B75232DAD33BFD95BF6F0A3E6BFF51E1 ] VSS C:\Windows\system32\vssvc.exe
11:25:15.0428 5052 VSS - ok
11:25:15.0460 5052 [ F14A7DE2EA41883E250892E1E5230A9A ] W32Time C:\Windows\system32\w32time.dll
11:25:15.0460 5052 W32Time - ok
11:25:15.0491 5052 [ FEF8FE5923FEAD2CEE4DFABFCE3393A7 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
11:25:15.0491 5052 WacomPen - ok
11:25:15.0522 5052 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
11:25:15.0522 5052 Wanarp - ok
11:25:15.0538 5052 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
11:25:15.0538 5052 Wanarpv6 - ok
11:25:15.0569 5052 [ B4E4C37D0AA6100090A53213EE2BF1C1 ] wcncsvc C:\Windows\System32\wcncsvc.dll
11:25:15.0569 5052 wcncsvc - ok
11:25:15.0600 5052 [ EA4B369560E986F19D93F45A881484AC ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:25:15.0600 5052 WcsPlugInService - ok
11:25:15.0616 5052 [ 0C17A0816F65B89E362E682AD5E7266E ] Wd C:\Windows\system32\drivers\wd.sys
11:25:15.0616 5052 Wd - ok
11:25:15.0647 5052 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys
11:25:15.0647 5052 WDC_SAM - ok
11:25:15.0694 5052 [ D02E7E4567DA1E7582FBF6A91144B0DF ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
11:25:15.0709 5052 Wdf01000 - ok
11:25:15.0725 5052 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiServiceHost C:\Windows\system32\wdi.dll
11:25:15.0725 5052 WdiServiceHost - ok
11:25:15.0756 5052 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiSystemHost C:\Windows\system32\wdi.dll
11:25:15.0756 5052 WdiSystemHost - ok
11:25:15.0772 5052 [ 3E6D05381CF35F75EBB055544A8ED9AC ] WebClient C:\Windows\System32\webclnt.dll
11:25:15.0772 5052 WebClient - ok
11:25:15.0803 5052 [ 8D40BC587993F876658BF9FB0F7D3462 ] Wecsvc C:\Windows\system32\wecsvc.dll
11:25:15.0803 5052 Wecsvc - ok
11:25:15.0850 5052 [ 9C980351D7E96288EA0C23AE232BD065 ] wercplsupport C:\Windows\System32\wercplsupport.dll
11:25:15.0850 5052 wercplsupport - ok
11:25:15.0881 5052 [ 66B9ECEBC46683F47EDC06333C075FEF ] WerSvc C:\Windows\System32\WerSvc.dll
11:25:15.0881 5052 WerSvc - ok
11:25:15.0896 5052 WinDefend - ok
11:25:15.0912 5052 WinHttpAutoProxySvc - ok
11:25:15.0959 5052 [ D2E7296ED1BD26D8DB2799770C077A02 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
11:25:15.0959 5052 Winmgmt - ok
11:25:16.0037 5052 [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869 ] WinRM C:\Windows\system32\WsmSvc.dll
11:25:16.0068 5052 WinRM - ok
11:25:16.0115 5052 [ 7F2F9E48566B2087F2AAAD258CB2A8D4 ] winusb C:\Windows\system32\DRIVERS\WinUSB.SYS
11:25:16.0115 5052 winusb - ok
11:25:16.0177 5052 [ EC339C8115E91BAED835957E9A677F16 ] Wlansvc C:\Windows\System32\wlansvc.dll
11:25:16.0177 5052 Wlansvc - ok
11:25:16.0193 5052 [ E18AEBAAA5A773FE11AA2C70F65320F5 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
11:25:16.0193 5052 WmiAcpi - ok
11:25:16.0224 5052 [ 21FA389E65A852698B6A1341F36EE02D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
11:25:16.0224 5052 wmiApSrv - ok
11:25:16.0240 5052 WMPNetworkSvc - ok
11:25:16.0255 5052 [ CBC156C913F099E6680D1DF9307DB7A8 ] WPCSvc C:\Windows\System32\wpcsvc.dll
11:25:16.0271 5052 WPCSvc - ok
11:25:16.0333 5052 [ 490A18B4E4D53DC10879DEAA8E8B70D9 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
11:25:16.0333 5052 WPDBusEnum - ok
11:25:16.0364 5052 [ 5E2401B3FC1089C90E081291357371A9 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
11:25:16.0364 5052 WpdUsb - ok
11:25:16.0474 5052 [ 991E2C2CF3BC204C2BB2EE1476149E4E ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
11:25:16.0474 5052 WPFFontCache_v0400 - ok
11:25:16.0505 5052 [ 8A900348370E359B6BFF6A550E4649E1 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
11:25:16.0520 5052 ws2ifsl - ok
11:25:16.0552 5052 [ 9EA3E6D0EF7A5C2B9181961052A4B01A ] wscsvc C:\Windows\System32\wscsvc.dll
11:25:16.0552 5052 wscsvc - ok
11:25:16.0567 5052 WSearch - ok
11:25:16.0645 5052 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
11:25:16.0676 5052 wuauserv - ok
11:25:16.0708 5052 [ 501A65252617B495C0F1832F908D54D8 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
11:25:16.0708 5052 WUDFRd - ok
11:25:16.0739 5052 [ 6CBD51FF913C851D56ED9DC7F2A27DDE ] wudfsvc C:\Windows\System32\WUDFSvc.dll
11:25:16.0739 5052 wudfsvc - ok
11:25:16.0770 5052 [ 07F7285220307AAFB755D890295F0F9A ] yukonx64 C:\Windows\system32\DRIVERS\yk60x64.sys
11:25:16.0770 5052 yukonx64 - ok
11:25:16.0786 5052 ================ Scan global ===============================
11:25:16.0832 5052 [ 060DC3A7A9A2626031EB23D90151428D ] C:\Windows\system32\basesrv.dll
11:25:16.0895 5052 [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll
11:25:16.0926 5052 [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll
11:25:16.0957 5052 [ 934E0B7D77FF78C18D9F8891221B6DE3 ] C:\Windows\system32\services.exe
11:25:16.0957 5052 [Global] - ok
11:25:16.0957 5052 ================ Scan MBR ==================================
11:25:16.0973 5052 [ 5C86ADEC17B739C437E145E3B3FC2E6D ] \Device\Harddisk0\DR0
11:25:17.0501 5052 \Device\Harddisk0\DR0 - ok
11:25:17.0501 5052 ================ Scan VBR ==================================
11:25:17.0539 5052 [ 2CCC589F00F233E0ECEB76F37B3A2DA4 ] \Device\Harddisk0\DR0\Partition1
11:25:17.0542 5052 \Device\Harddisk0\DR0\Partition1 - ok
11:25:17.0573 5052 [ 9C9959FEC1D638AFC5F137499EE18A81 ] \Device\Harddisk0\DR0\Partition2
11:25:17.0575 5052 \Device\Harddisk0\DR0\Partition2 - ok
11:25:17.0576 5052 ============================================================
11:25:17.0576 5052 Scan finished
11:25:17.0576 5052 ============================================================
11:25:17.0591 1552 Detected object count: 0
11:25:17.0591 1552 Actual detected object count: 0

#4 kkort

kkort
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:02:53 AM

Posted 11 December 2012 - 04:10 PM

Malwarebytes Anti-Malware (Trial) 1.65.1.1000


Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 518300
Time elapsed: 1 hour(s), 33 minute(s), 34 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 43
HKCR\CLSID\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\funmoods.funmoodsHlpr.1 (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\funmoods.funmoodsHlpr (PUP.Funmoods) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\CLSID\{11111111-1111-1111-1111-110011341191} (PUP.GamePlayLab) -> Quarantined and deleted successfully.
HKCR\TypeLib\{44444444-4444-4444-4444-440044344491} (PUP.GamePlayLab) -> Quarantined and deleted successfully.
HKCR\Interface\{55555555-5555-5555-5555-550055345591} (PUP.GamePlayLab) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0003491.BHO.1 (PUP.GamePlayLab) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110011341191} (PUP.GamePlayLab) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011341191} (PUP.GamePlayLab) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011341191} (PUP.GamePlayLab) -> Quarantined and deleted successfully.
HKCR\CLSID\{75A4D144-506D-4BE5-81DB-EC7DA1E7F840} (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\TypeLib\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706} (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\esrv.funmoodsESrvc.1 (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\esrv.funmoodsESrvc (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\CLSID\{965B9DBE-B104-44AC-950A-8A5F97AFF439} (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\escort.escortIEPane.1 (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\escort.escortIEPane (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\CLSID\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\CLSID\{9E131A93-EED7-4BEB-B015-A0ADB30B5646} (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\claro.clarodskBnd.1 (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\claro.clarodskBnd (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\funmoods.dskBnd.1 (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\funmoods.dskBnd (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\CLSID\{A9DB719C-7156-415E-B49D-BAD039DE4F13} (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\CLSID\{EE4FC43F-84CE-4E20-88C2-2188525B47FB} (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\claro.claroappCore.1 (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\claro.claroappCore (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\funmoodsApp.appCore.1 (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\funmoodsApp.appCore (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\CLSID\{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9} (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\f (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\Typelib\{1D085C0A-E4F4-4F66-BDBF-4BE51015BFC3} (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191} (PUP.Funmoods) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C87FC351-A80D-43E9-9A86-CF1E29DC443A} (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0003491.BHO (PUP.GamePlayLab) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\funmoods (PUP.FunMoods) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Funmoods (PUP.FunMoods) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\215 APPS (PUP.CrossFire.SA) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\kincjchfokkeneeofpeefomkikfkiedl (PUP.FCTPlugin) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Google\chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki (PUP.Funmoods) -> Quarantined and deleted successfully.

Registry Values Detected: 5
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{9E131A93-EED7-4BEB-B015-A0ADB30B5646} (PUP.Funmoods) -> Data: Claro LTD Toolbar -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} (PUP.Funmoods) -> Data: Funmoods Toolbar -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} (PUP.Funmoods) -> Data: -> Quarantined and deleted successfully.
HKCU\Software\InstalledBrowserExtensions\215 Apps|3491 (PUP.CrossFire.SA) -> Data: Vid-Saver -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\funmoods|UninstallString (PUP.Funmoods) -> Data: "C:\Program Files (x86)\Funmoods\funmoods\1.5.11.16\uninstall.exe" -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 6
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Funmoods (PUP.FunMoods) -> Quarantined and deleted successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Funmoods\Funmoods (PUP.FunMoods) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Funmoods (PUP.FunMoods) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Funmoods\funmoods (PUP.FunMoods) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Funmoods\funmoods\1.5.11.16 (PUP.FunMoods) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Funmoods\funmoods\1.5.11.16\bh (PUP.FunMoods) -> Quarantined and deleted successfully.

Files Detected: 19
C:\Program Files (x86)\Funmoods\funmoods\1.5.11.16\bh\funmoods.dll (PUP.Funmoods) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Funmoods\funmoods\1.5.11.16\funmoodssrv.exe (PUP.Funmoods) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Funmoods\funmoods\1.5.11.16\funmoodsTlbr.dll (PUP.Funmoods) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Claro LTD\claro\1.8.3.10\claroTlbr.dll (PUP.Funmoods) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Funmoods\funmoods\1.5.11.16\funmoodsApp.dll (PUP.Funmoods) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Claro LTD\claro\1.8.3.10\claroApp.dll (PUP.Funmoods) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Funmoods\funmoods\1.5.11.16\funmoodsEng.dll (PUP.Funmoods) -> Quarantined and deleted successfully.
C:\$RECYCLE.BIN\S-1-5-21-2315972212-3474492224-2883458246-1000\$R466KZB.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\$RECYCLE.BIN\S-1-5-21-2315972212-3474492224-2883458246-1000\$R5ZAWJ7.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\$RECYCLE.BIN\S-1-5-21-2315972212-3474492224-2883458246-1000\$R6KWLO1.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\$RECYCLE.BIN\S-1-5-21-2315972212-3474492224-2883458246-1000\$RBP36FC.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\$RECYCLE.BIN\S-1-5-21-2315972212-3474492224-2883458246-1000\$RF2SSF4.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\$RECYCLE.BIN\S-1-5-21-2315972212-3474492224-2883458246-1000\$RHUWXD6.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\$RECYCLE.BIN\S-1-5-21-2315972212-3474492224-2883458246-1000\$RLHPIJU.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\$RECYCLE.BIN\S-1-5-21-2315972212-3474492224-2883458246-1000\$RNYIMMJ.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\$RECYCLE.BIN\S-1-5-21-2315972212-3474492224-2883458246-1000\$RUAYMRN.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Funmoods\funmoods\1.5.11.16\uninstall.exe (PUP.FunMoods) -> Quarantined and deleted successfully.
C:\Users\Katie\AppData\Local\GetBooks\GetBooks.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Funmoods\funmoods\1.5.11.16\funmoodsOEM.crx (PUP.FunMoods) -> Quarantined and deleted successfully.

(end)

Edited by kkort, 11 December 2012 - 04:23 PM.


#5 Jimbob85

Jimbob85

  • Members
  • 308 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:VA, USA
  • Local time:05:53 AM

Posted 11 December 2012 - 04:26 PM

Most of this stuff is just stuff that is a nuisance and not any real threat. There we some threats that were found. Lets try another scan.

Download

ESET online scanner

Install it

Click on START, it should download the virus definitions
When scan completes, click on LIST of found threats

Export the list to desktop, copy the contents of the text file in your reply
You may not get a listing if nothing is found

#6 kkort

kkort
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:02:53 AM

Posted 11 December 2012 - 04:26 PM

It is still popping up in my AVG.

Edited by kkort, 11 December 2012 - 04:26 PM.


#7 Jimbob85

Jimbob85

  • Members
  • 308 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:VA, USA
  • Local time:05:53 AM

Posted 11 December 2012 - 04:29 PM

Try this other scan and let me see if I can find more specifics on the warning that AVG is giving you.

#8 kkort

kkort
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:02:53 AM

Posted 11 December 2012 - 04:45 PM

I ran the ESET scan before I posted and it found some stuff... not sure where the log would be though. I'm running it again and so far it hasn't found anything.

So far my AVG has only popped up 1 time in 20 min. It used to be popping up about once a minute. But I am also running an AVG scan and it hasn't found anything so far either.

#9 kkort

kkort
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:02:53 AM

Posted 11 December 2012 - 08:05 PM

I think I have gotten rid of all the files because AVG isn't detecting any files anymore.

Thank you so much for your help!

#10 Jimbob85

Jimbob85

  • Members
  • 308 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:VA, USA
  • Local time:05:53 AM

Posted 12 December 2012 - 08:37 AM

On your re-run of ESET did it find anything? If not you are probably ok.

From what I found on the infection it is a nasty bugger. Make sure that you change all of your online passwords. NO EXCEPTIONS!!

You may want to look and see of the "C:\ProgramData\Browser Manager" folder still exists. You may have to turn on hidden files.

#11 Jimbob85

Jimbob85

  • Members
  • 308 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:VA, USA
  • Local time:05:53 AM

Posted 17 December 2012 - 11:11 AM

If you need any further help please PM me.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users