Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

What to fix/delete with HIJACKTHIS


  • Please log in to reply
3 replies to this topic

#1 Za1p

Za1p

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:05:08 AM

Posted 20 December 2012 - 10:55 PM

Hello forum..... every time I open AOL then close it I get a pop up from Internet Explorer Add On installer wanting access. I think this is some kind of adware or something so I ran Adwcleaner. Now I have Hijackthis but I do not know what to delete or fix...maybe you guys can help me out??

Edited by bloopie, 20 December 2012 - 11:11 PM.
Mod Edit: Removed HJT log as it's not allowed in the AII forum. ~bloopie


BC AdBot (Login to Remove)

 


#2 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:06:08 AM

Posted 20 December 2012 - 11:17 PM

Hi,

Step :step1:

Could you please post the logfile from adwCleaner?

It will be found at C:\AdwCleaner[R1].txt or C:\AdwCleaner[S1].txt

==========

Step :step2:

Download the latest version of TDSSKiller from here and save it to your Desktop.


  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

    Posted Image
  • Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

    Posted Image
  • Click the Start Scan button.

    Posted Image
  • If a suspicious object is detected, the default action will be Skip, click on Continue.

    Posted Image
  • If malicious objects are found, they will show in the Scan results and offer three (3) options.
  • Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

    Posted Image
  • Note*** If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents in your next reply.

==========

Step :step3:

Please download aswMBR ( 4.5MB ) to your desktop.
  • Double click the aswMBR.exe icon, and click Run.
  • When asked if you'd like to "download the latest Avast! virus definitions", click Yes.
  • Click the Scan button to start the scan.
  • On completion of the scan, click the save log button, save it to your desktop, then copy and paste it in your next reply.

==========

Please copy and paste all logs here for me to review!

bloopie

#3 Za1p

Za1p
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:05:08 AM

Posted 21 December 2012 - 05:13 PM

ADWARE LOG:

# AdwCleaner v2.007 - Logfile created 12/21/2012 at 17:01:08
# Updated 06/11/2012 by Xplode
# Operating system : Windows Vista ™ Home Premium Service Pack 1 (32 bits)
# User : Za1p - ZA1P-PC
# Boot Mode : Normal
# Running from : C:\Users\Za1p\Desktop\AdwCleaner.exe
# Option [Search]


***** [Services] *****



***** [Files / Folders] *****


***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.19048

[OK] Registry is clean.

-\\ Mozilla Firefox v12.0 (en-US)

Profile name : default
File : C:\Users\Za1p\AppData\Roaming\Mozilla\Firefox\Profiles\c2z66zyx.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v23.0.1271.97

File : C:\Users\Za1p\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [22615 octets] - [17/12/2012 18:45:59]
AdwCleaner[R2].txt - [1181 octets] - [20/12/2012 01:43:26]
AdwCleaner[R3].txt - [1207 octets] - [20/12/2012 19:00:08]
AdwCleaner[R4].txt - [1018 octets] - [21/12/2012 17:01:08]
AdwCleaner[S1].txt - [21979 octets] - [17/12/2012 18:46:52]
AdwCleaner[S2].txt - [1244 octets] - [20/12/2012 01:43:51]

########## EOF - C:\AdwCleaner[R4].txt - [1199 octets] ##########




TDSSKILLER LOG:

17:07:11.0573 5048 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
17:07:11.0933 5048 ============================================================
17:07:11.0933 5048 Current date / time: 2012/12/21 17:07:11.0933
17:07:11.0933 5048 SystemInfo:
17:07:11.0933 5048
17:07:11.0933 5048 OS Version: 6.0.6001 ServicePack: 1.0
17:07:11.0933 5048 Product type: Workstation
17:07:11.0933 5048 ComputerName: ZA1P-PC
17:07:11.0933 5048 UserName: Za1p
17:07:11.0933 5048 Windows directory: C:\Windows
17:07:11.0933 5048 System windows directory: C:\Windows
17:07:11.0933 5048 Processor architecture: Intel x86
17:07:11.0933 5048 Number of processors: 2
17:07:11.0933 5048 Page size: 0x1000
17:07:11.0933 5048 Boot type: Normal boot
17:07:11.0933 5048 ============================================================
17:07:12.0320 5048 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
17:07:12.0322 5048 ============================================================
17:07:12.0322 5048 \Device\Harddisk0\DR0:
17:07:12.0322 5048 MBR partitions:
17:07:12.0322 5048 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x16275E7
17:07:12.0322 5048 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1627800, BlocksNum 0x1BB9D000
17:07:12.0322 5048 ============================================================
17:07:12.0358 5048 C: <-> \Device\Harddisk0\DR0\Partition2
17:07:12.0384 5048 D: <-> \Device\Harddisk0\DR0\Partition1
17:07:12.0385 5048 ============================================================
17:07:12.0385 5048 Initialize success
17:07:12.0385 5048 ============================================================
17:07:59.0304 6108 ============================================================
17:07:59.0304 6108 Scan started
17:07:59.0304 6108 Mode: Manual; SigCheck; TDLFS;
17:07:59.0304 6108 ============================================================
17:07:59.0621 6108 ================ Scan system memory ========================
17:07:59.0621 6108 System memory - ok
17:07:59.0622 6108 ================ Scan services =============================
17:07:59.0774 6108 [ FCB8C7210F0135E24C6580F7F649C73C ] ACPI C:\Windows\system32\drivers\acpi.sys
17:07:59.0850 6108 ACPI - ok
17:07:59.0963 6108 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
17:07:59.0973 6108 AdobeFlashPlayerUpdateSvc - ok
17:08:00.0015 6108 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
17:08:00.0031 6108 adp94xx - ok
17:08:00.0082 6108 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
17:08:00.0093 6108 adpahci - ok
17:08:00.0125 6108 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
17:08:00.0134 6108 adpu160m - ok
17:08:00.0185 6108 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
17:08:00.0194 6108 adpu320 - ok
17:08:00.0268 6108 [ 5EFE06456DBC5CD87CADC42AF8D31CD9 ] AE1000 C:\Windows\system32\DRIVERS\ae1000va.sys
17:08:00.0310 6108 AE1000 - ok
17:08:00.0358 6108 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:08:00.0406 6108 AeLookupSvc - ok
17:08:00.0493 6108 [ 763E172A55177E478CB419F88FD0BA03 ] AFD C:\Windows\system32\drivers\afd.sys
17:08:00.0547 6108 AFD - ok
17:08:00.0641 6108 [ 8ED60797908FD394EEE0D6949F493224 ] AgereModemAudio C:\Windows\system32\agrsmsvc.exe
17:08:00.0653 6108 AgereModemAudio - ok
17:08:00.0786 6108 [ 38325C6AA8EAE011897D61CE48EC6435 ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys
17:08:00.0866 6108 AgereSoftModem - ok
17:08:00.0919 6108 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
17:08:00.0933 6108 agp440 - ok
17:08:00.0968 6108 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
17:08:00.0983 6108 aic78xx - ok
17:08:01.0021 6108 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
17:08:01.0075 6108 ALG - ok
17:08:01.0093 6108 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
17:08:01.0105 6108 aliide - ok
17:08:01.0181 6108 [ AEFEEE2E852F2774A4491C8EFA6C3B6E ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
17:08:01.0235 6108 AMD External Events Utility - ok
17:08:01.0253 6108 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
17:08:01.0267 6108 amdagp - ok
17:08:01.0284 6108 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
17:08:01.0297 6108 amdide - ok
17:08:01.0313 6108 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
17:08:01.0370 6108 AmdK7 - ok
17:08:01.0396 6108 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
17:08:01.0433 6108 AmdK8 - ok
17:08:01.0712 6108 [ D05CF4523E0C04EF82454ABFD84FDC1D ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
17:08:02.0033 6108 amdkmdag - ok
17:08:02.0080 6108 [ 92DC2E0AE49148F83B24D89C737B0C97 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
17:08:02.0113 6108 amdkmdap - ok
17:08:02.0234 6108 [ 85180CF88C5EBAD73B452A43A004CA51 ] AOL ACS C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
17:08:02.0240 6108 AOL ACS - ok
17:08:02.0291 6108 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
17:08:02.0338 6108 Appinfo - ok
17:08:02.0454 6108 [ 20F6F19FE9E753F2780DC2FA083AD597 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:08:02.0462 6108 Apple Mobile Device - ok
17:08:02.0483 6108 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
17:08:02.0494 6108 arc - ok
17:08:02.0544 6108 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
17:08:02.0555 6108 arcsas - ok
17:08:02.0656 6108 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
17:08:02.0665 6108 aspnet_state - ok
17:08:02.0691 6108 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:08:02.0746 6108 AsyncMac - ok
17:08:02.0768 6108 [ 2D9C903DC76A66813D350A562DE40ED9 ] atapi C:\Windows\system32\drivers\atapi.sys
17:08:02.0777 6108 atapi - ok
17:08:02.0995 6108 [ D05CF4523E0C04EF82454ABFD84FDC1D ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
17:08:03.0245 6108 atikmdag - ok
17:08:03.0313 6108 [ 42076E29AAFA0830A2C5D4E310F58DD1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:08:03.0380 6108 AudioEndpointBuilder - ok
17:08:03.0402 6108 [ 42076E29AAFA0830A2C5D4E310F58DD1 ] Audiosrv C:\Windows\System32\Audiosrv.dll
17:08:03.0425 6108 Audiosrv - ok
17:08:03.0511 6108 [ AE9560C298D847AEF346BDD5FAD3B0E3 ] Automatic LiveUpdate Scheduler C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
17:08:03.0522 6108 Automatic LiveUpdate Scheduler - ok
17:08:03.0596 6108 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
17:08:03.0649 6108 Beep - ok
17:08:03.0687 6108 [ 8582E233C346AEFE759833E8A30DD697 ] BFE C:\Windows\System32\bfe.dll
17:08:03.0739 6108 BFE - ok
17:08:03.0833 6108 [ 02ED7B4DBC2A3232A389106DA7515C3D ] BITS C:\Windows\System32\qmgr.dll
17:08:04.0006 6108 BITS - ok
17:08:04.0049 6108 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
17:08:04.0118 6108 blbdrive - ok
17:08:04.0259 6108 [ F2060A34C8A75BC24A9222EB4F8C07BD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:08:04.0283 6108 Bonjour Service - ok
17:08:04.0360 6108 [ 8153396D5551276227FA146900F734E6 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:08:04.0408 6108 bowser - ok
17:08:04.0443 6108 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
17:08:04.0475 6108 BrFiltLo - ok
17:08:04.0503 6108 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
17:08:04.0537 6108 BrFiltUp - ok
17:08:04.0562 6108 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
17:08:04.0626 6108 Browser - ok
17:08:04.0674 6108 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\DRIVERS\BrSerId.sys
17:08:04.0736 6108 Brserid - ok
17:08:04.0797 6108 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
17:08:04.0848 6108 BrSerWdm - ok
17:08:04.0877 6108 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
17:08:04.0933 6108 BrUsbMdm - ok
17:08:04.0956 6108 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\DRIVERS\BrUsbSer.sys
17:08:04.0993 6108 BrUsbSer - ok
17:08:05.0029 6108 [ DA7B195275BDA7F8FCF79B40E0F45DDE ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
17:08:05.0039 6108 BthEnum - ok
17:08:05.0088 6108 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
17:08:05.0154 6108 BTHMODEM - ok
17:08:05.0239 6108 [ 5904EFA25F829BF84EA6FB045134A1D8 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
17:08:05.0287 6108 BthPan - ok
17:08:05.0336 6108 [ 73D53F8E90550BA81E2CF44A0873B410 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
17:08:05.0374 6108 BTHPORT - ok
17:08:05.0408 6108 [ 58EE7F5E68310BC8D4E7CEBD8358C12E ] BthServ C:\Windows\System32\bthserv.dll
17:08:05.0445 6108 BthServ - ok
17:08:05.0464 6108 [ 32045A4BB143BBC5BAB1298C4E9E309A ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
17:08:05.0494 6108 BTHUSB - ok
17:08:05.0569 6108 [ 636F45A8500C1438CFA7DEE15FC5C184 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
17:08:05.0604 6108 btwaudio - ok
17:08:05.0612 6108 [ BF9256FF01B093A5D90BB7A35EC90410 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
17:08:05.0624 6108 btwavdt - ok
17:08:05.0680 6108 [ 0AB8C1AC177AFB27309E1072FAF34A37 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
17:08:05.0689 6108 btwrchid - ok
17:08:05.0710 6108 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:08:05.0762 6108 cdfs - ok
17:08:05.0808 6108 [ 1EC25CEA0DE6AC4718BF89F9E1778B57 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:08:05.0857 6108 cdrom - ok
17:08:05.0888 6108 [ 87C2D0377B23E2D8A41093C2F5FB1A5B ] CertPropSvc C:\Windows\System32\certprop.dll
17:08:05.0947 6108 CertPropSvc - ok
17:08:05.0963 6108 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys
17:08:06.0018 6108 circlass - ok
17:08:06.0050 6108 [ 465745561C832B29F7C48B488AAB3842 ] CLFS C:\Windows\system32\CLFS.sys
17:08:06.0068 6108 CLFS - ok
17:08:06.0185 6108 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:08:06.0205 6108 clr_optimization_v2.0.50727_32 - ok
17:08:06.0297 6108 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:08:06.0323 6108 clr_optimization_v4.0.30319_32 - ok
17:08:06.0381 6108 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
17:08:06.0437 6108 CmBatt - ok
17:08:06.0455 6108 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:08:06.0473 6108 cmdide - ok
17:08:06.0496 6108 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
17:08:06.0515 6108 Compbatt - ok
17:08:06.0525 6108 COMSysApp - ok
17:08:06.0537 6108 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
17:08:06.0556 6108 crcdisk - ok
17:08:06.0584 6108 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
17:08:06.0638 6108 Crusoe - ok
17:08:06.0683 6108 [ 6DE363F9F99334514C46AEC02D3E3678 ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:08:06.0760 6108 CryptSvc - ok
17:08:06.0865 6108 [ 61A86809B62769643892BC0812B204AA ] cvhsvc C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
17:08:06.0915 6108 cvhsvc - ok
17:08:06.0986 6108 [ 301AE00E12408650BADDC04DBC832830 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:08:07.0094 6108 DcomLaunch - ok
17:08:07.0112 6108 [ 9E635AE5E8AD93E2B5989E2E23679F97 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:08:07.0166 6108 DfsC - ok
17:08:07.0258 6108 [ FA3463F25F9CC9C3BCF1E7912FEFF099 ] DFSR C:\Windows\system32\DFSR.exe
17:08:07.0431 6108 DFSR - ok
17:08:07.0497 6108 [ 6CC6C4B9D7B906A151AA094CA087B9F0 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
17:08:07.0503 6108 dg_ssudbus - ok
17:08:07.0554 6108 [ 43A988A9C10333476CB5FB667CBD629D ] Dhcp C:\Windows\System32\dhcpcsvc.dll
17:08:07.0579 6108 Dhcp - ok
17:08:07.0625 6108 [ 64109E623ABD6955C8FB110B592E68B7 ] disk C:\Windows\system32\drivers\disk.sys
17:08:07.0632 6108 disk - ok
17:08:07.0683 6108 [ 4805D9A6D281C7A7DEFD9094DEC6AF7D ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:08:07.0711 6108 Dnscache - ok
17:08:07.0745 6108 [ 5AF620A08C614E24206B79E8153CF1A8 ] dot3svc C:\Windows\System32\dot3svc.dll
17:08:07.0769 6108 dot3svc - ok
17:08:07.0833 6108 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
17:08:07.0858 6108 DPS - ok
17:08:07.0931 6108 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:08:07.0965 6108 drmkaud - ok
17:08:08.0027 6108 [ 85F33880B8CFB554BD3D9CCDB486845A ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:08:08.0077 6108 DXGKrnl - ok
17:08:08.0142 6108 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
17:08:08.0186 6108 E1G60 - ok
17:08:08.0226 6108 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
17:08:08.0286 6108 EapHost - ok
17:08:08.0332 6108 [ DD2CD259D83D8B72C02C5F2331FF9D68 ] Ecache C:\Windows\system32\drivers\ecache.sys
17:08:08.0344 6108 Ecache - ok
17:08:08.0411 6108 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:08:08.0434 6108 ehRecvr - ok
17:08:08.0445 6108 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
17:08:08.0491 6108 ehSched - ok
17:08:08.0502 6108 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
17:08:08.0529 6108 ehstart - ok
17:08:08.0566 6108 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
17:08:08.0585 6108 elxstor - ok
17:08:08.0657 6108 [ 70B1A86DF0C8EAD17D2BC332EDAE2C7C ] EMDMgmt C:\Windows\system32\emdmgmt.dll
17:08:08.0701 6108 EMDMgmt - ok
17:08:08.0731 6108 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:08:08.0787 6108 ErrDev - ok
17:08:08.0858 6108 [ 3CB3343D720168B575133A0A20DC2465 ] EventSystem C:\Windows\system32\es.dll
17:08:08.0894 6108 EventSystem - ok
17:08:08.0940 6108 [ 0D858EB20589A34EFB25695ACAA6AA2D ] exfat C:\Windows\system32\drivers\exfat.sys
17:08:09.0005 6108 exfat - ok
17:08:09.0032 6108 [ 3C489390C2E2064563727752AF8EAB9E ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:08:09.0092 6108 fastfat - ok
17:08:09.0112 6108 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
17:08:09.0162 6108 fdc - ok
17:08:09.0184 6108 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
17:08:09.0204 6108 fdPHost - ok
17:08:09.0209 6108 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
17:08:09.0246 6108 FDResPub - ok
17:08:09.0267 6108 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:08:09.0274 6108 FileInfo - ok
17:08:09.0291 6108 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:08:09.0311 6108 Filetrace - ok
17:08:09.0327 6108 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
17:08:09.0364 6108 flpydisk - ok
17:08:09.0388 6108 [ 05EA53AFE985443011E36DAB07343B46 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:08:09.0397 6108 FltMgr - ok
17:08:09.0469 6108 [ C9BE08664611DDAF98E2331E9288B00B ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
17:08:09.0475 6108 FontCache3.0.0.0 - ok
17:08:09.0489 6108 [ 65EA8B77B5851854F0C55C43FA51A198 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:08:09.0527 6108 Fs_Rec - ok
17:08:09.0548 6108 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
17:08:09.0556 6108 gagp30kx - ok
17:08:09.0619 6108 [ 77EBF3E9386DAA51551AF429052D88D0 ] giveio C:\Windows\system32\giveio.sys
17:08:09.0642 6108 giveio ( UnsignedFile.Multi.Generic ) - warning
17:08:09.0642 6108 giveio - detected UnsignedFile.Multi.Generic (1)
17:08:09.0684 6108 [ D9F1113D9401185245573350712F92FC ] gpsvc C:\Windows\System32\gpsvc.dll
17:08:09.0818 6108 gpsvc - ok
17:08:09.0941 6108 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
17:08:09.0952 6108 gupdate - ok
17:08:09.0996 6108 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
17:08:10.0005 6108 gupdatem - ok
17:08:10.0052 6108 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:08:10.0104 6108 HdAudAddService - ok
17:08:10.0140 6108 [ C87B1EE051C0464491C1A7B03FA0BC99 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
17:08:10.0195 6108 HDAudBus - ok
17:08:10.0218 6108 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
17:08:10.0284 6108 HidBth - ok
17:08:10.0298 6108 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
17:08:10.0365 6108 HidIr - ok
17:08:10.0392 6108 [ 8FA640195279ACE21BEA91396A0054FC ] hidserv C:\Windows\system32\hidserv.dll
17:08:10.0442 6108 hidserv - ok
17:08:10.0455 6108 [ 3C64042B95E583B366BA4E5D2450235E ] HidUsb C:\Windows\system32\drivers\hidusb.sys
17:08:10.0512 6108 HidUsb - ok
17:08:10.0547 6108 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:08:10.0581 6108 hkmsvc - ok
17:08:10.0602 6108 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
17:08:10.0610 6108 HpCISSs - ok
17:08:10.0668 6108 [ 96E241624C71211A79C84F50A8E71CAB ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:08:10.0697 6108 HTTP - ok
17:08:10.0714 6108 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
17:08:10.0721 6108 i2omp - ok
17:08:10.0759 6108 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
17:08:10.0797 6108 i8042prt - ok
17:08:10.0916 6108 [ 72B53E9C8924949DEC8F3799BCBA2251 ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
17:08:10.0933 6108 IAANTMON - ok
17:08:11.0006 6108 [ 8318E04A6455CED1020BCC5039B62CFA ] ialm C:\Windows\system32\DRIVERS\ialmnt5.sys
17:08:11.0182 6108 ialm - ok
17:08:11.0264 6108 [ E5A0034847537EAEE3C00349D5C34C5F ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
17:08:11.0276 6108 iaStor - ok
17:08:11.0324 6108 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
17:08:11.0337 6108 iaStorV - ok
17:08:11.0402 6108 [ 1E2546E44387262108051DB8BD07BC13 ] IDMWFP C:\Windows\system32\DRIVERS\idmwfp.sys
17:08:11.0413 6108 IDMWFP - ok
17:08:11.0492 6108 [ 7B630ACAED64FEF0C3E1CF255CB56686 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:08:11.0575 6108 idsvc - ok
17:08:11.0755 6108 [ 23E1BCADABE423C35C19BBDFF10CCE6D ] IHA_MessageCenter C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
17:08:11.0778 6108 IHA_MessageCenter - ok
17:08:11.0837 6108 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
17:08:11.0850 6108 iirsp - ok
17:08:11.0892 6108 [ A3BC480A2BF8AA8E4DABD2D5DCE0AFAC ] IKEEXT C:\Windows\System32\ikeext.dll
17:08:11.0945 6108 IKEEXT - ok
17:08:11.0991 6108 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
17:08:11.0998 6108 intelide - ok
17:08:12.0018 6108 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:08:12.0052 6108 intelppm - ok
17:08:12.0074 6108 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:08:12.0106 6108 IPBusEnum - ok
17:08:12.0124 6108 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:08:12.0144 6108 IpFilterDriver - ok
17:08:12.0164 6108 [ CAD416B8A4309B5E1CE75425381E7D2F ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:08:12.0189 6108 iphlpsvc - ok
17:08:12.0193 6108 IpInIp - ok
17:08:12.0213 6108 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
17:08:12.0233 6108 IPMIDRV - ok
17:08:12.0250 6108 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
17:08:12.0271 6108 IPNAT - ok
17:08:12.0294 6108 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:08:12.0314 6108 IRENUM - ok
17:08:12.0337 6108 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:08:12.0345 6108 isapnp - ok
17:08:12.0380 6108 [ F247EEC28317F6C739C16DE420097301 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
17:08:12.0390 6108 iScsiPrt - ok
17:08:12.0408 6108 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
17:08:12.0415 6108 iteatapi - ok
17:08:12.0430 6108 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
17:08:12.0437 6108 iteraid - ok
17:08:12.0455 6108 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:08:12.0462 6108 kbdclass - ok
17:08:12.0478 6108 [ 18247836959BA67E3511B62846B9C2E0 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
17:08:12.0512 6108 kbdhid - ok
17:08:12.0559 6108 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] KeyIso C:\Windows\system32\lsass.exe
17:08:12.0598 6108 KeyIso - ok
17:08:12.0751 6108 [ 775C6D5D60146D7DB08A01CB596D7EC6 ] Kodak AiO Network Discovery Service C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe
17:08:12.0769 6108 Kodak AiO Network Discovery Service - ok
17:08:12.0850 6108 [ 17AFF68AB32F8671BC46612D35351099 ] Kodak AiO Status Monitor Service C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
17:08:12.0890 6108 Kodak AiO Status Monitor Service - ok
17:08:12.0925 6108 [ 7A0CF7908B6824D6A2A1D313E5AE3DCA ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:08:12.0968 6108 KSecDD - ok
17:08:13.0054 6108 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
17:08:13.0101 6108 KtmRm - ok
17:08:13.0177 6108 [ 1925E63C91CF1610AE41BFD539062079 ] LanmanServer C:\Windows\system32\srvsvc.dll
17:08:13.0211 6108 LanmanServer - ok
17:08:13.0268 6108 [ 2AE2E1628C5D3F1C0A46A67C9FA1DF15 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:08:13.0322 6108 LanmanWorkstation - ok
17:08:13.0450 6108 [ 90D5E2E6A614164B9DDEFA79938FDE0C ] LiveUpdate C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
17:08:13.0686 6108 LiveUpdate - ok
17:08:13.0728 6108 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:08:13.0779 6108 lltdio - ok
17:08:13.0835 6108 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:08:13.0901 6108 lltdsvc - ok
17:08:13.0923 6108 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:08:13.0974 6108 lmhosts - ok
17:08:13.0990 6108 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
17:08:13.0998 6108 LSI_FC - ok
17:08:14.0008 6108 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
17:08:14.0016 6108 LSI_SAS - ok
17:08:14.0050 6108 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
17:08:14.0058 6108 LSI_SCSI - ok
17:08:14.0079 6108 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
17:08:14.0118 6108 luafv - ok
17:08:14.0201 6108 [ F8B823414A22DBF3BEC10DCAA5F93CD8 ] McciCMService C:\Program Files\Common Files\Motive\McciCMService.exe
17:08:14.0211 6108 McciCMService ( UnsignedFile.Multi.Generic ) - warning
17:08:14.0211 6108 McciCMService - detected UnsignedFile.Multi.Generic (1)
17:08:14.0239 6108 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:08:14.0263 6108 Mcx2Svc - ok
17:08:14.0291 6108 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
17:08:14.0298 6108 megasas - ok
17:08:14.0343 6108 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
17:08:14.0358 6108 MegaSR - ok
17:08:14.0446 6108 Microsoft SharePoint Workspace Audit Service - ok
17:08:14.0465 6108 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
17:08:14.0488 6108 MMCSS - ok
17:08:14.0517 6108 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
17:08:14.0550 6108 Modem - ok
17:08:14.0566 6108 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:08:14.0603 6108 monitor - ok
17:08:14.0627 6108 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:08:14.0634 6108 mouclass - ok
17:08:14.0659 6108 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\drivers\mouhid.sys
17:08:14.0694 6108 mouhid - ok
17:08:14.0711 6108 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
17:08:14.0721 6108 MountMgr - ok
17:08:14.0770 6108 [ 96AA8BA23142CC8E2B30F3CAE0C80254 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
17:08:14.0782 6108 MozillaMaintenance - ok
17:08:14.0811 6108 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
17:08:14.0823 6108 mpio - ok
17:08:14.0845 6108 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:08:14.0873 6108 mpsdrv - ok
17:08:14.0910 6108 [ D1639BA315B0D79DEC49A4B0E1FB929B ] MpsSvc C:\Windows\system32\mpssvc.dll
17:08:14.0987 6108 MpsSvc - ok
17:08:15.0015 6108 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
17:08:15.0025 6108 Mraid35x - ok
17:08:15.0069 6108 [ 9BD4DCB5412921864A7AACDEDFBD1923 ] MREMP50 C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
17:08:15.0087 6108 MREMP50 ( UnsignedFile.Multi.Generic ) - warning
17:08:15.0087 6108 MREMP50 - detected UnsignedFile.Multi.Generic (1)
17:08:15.0091 6108 MREMPR5 - ok
17:08:15.0095 6108 MRENDIS5 - ok
17:08:15.0114 6108 [ 07C02C892E8E1A72D6BF35004F0E9C5E ] MRESP50 C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
17:08:15.0118 6108 MRESP50 ( UnsignedFile.Multi.Generic ) - warning
17:08:15.0118 6108 MRESP50 - detected UnsignedFile.Multi.Generic (1)
17:08:15.0137 6108 [ AE3DE84536B6799D2267443CEC8EDBB9 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:08:15.0164 6108 MRxDAV - ok
17:08:15.0185 6108 [ CC752D233EF39875CA6885D9415BA869 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:08:15.0200 6108 mrxsmb - ok
17:08:15.0258 6108 [ 9049DDDD4BD27D43D82F5968F1DA76E4 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:08:15.0290 6108 mrxsmb10 - ok
17:08:15.0319 6108 [ 91DC069B6831EF564E7D8C97EAF0343E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:08:15.0333 6108 mrxsmb20 - ok
17:08:15.0364 6108 [ 28023E86F17001F7CD9B15A5BC9AE07D ] msahci C:\Windows\system32\drivers\msahci.sys
17:08:15.0377 6108 msahci - ok
17:08:15.0401 6108 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:08:15.0416 6108 msdsm - ok
17:08:15.0453 6108 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
17:08:15.0493 6108 MSDTC - ok
17:08:15.0518 6108 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:08:15.0570 6108 Msfs - ok
17:08:15.0597 6108 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:08:15.0610 6108 msisadrv - ok
17:08:15.0641 6108 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:08:15.0682 6108 MSiSCSI - ok
17:08:15.0687 6108 msiserver - ok
17:08:15.0726 6108 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:08:15.0772 6108 MSKSSRV - ok
17:08:15.0802 6108 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:08:15.0838 6108 MSPCLOCK - ok
17:08:15.0857 6108 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:08:15.0877 6108 MSPQM - ok
17:08:15.0897 6108 [ B5614AECB05A9340AA0FB55BF561CC63 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:08:15.0906 6108 MsRPC - ok
17:08:15.0925 6108 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
17:08:15.0933 6108 mssmbios - ok
17:08:15.0943 6108 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:08:15.0964 6108 MSTEE - ok
17:08:15.0984 6108 [ 6DFD1D322DE55B0B7DB7D21B90BEC49C ] Mup C:\Windows\system32\Drivers\mup.sys
17:08:15.0992 6108 Mup - ok
17:08:16.0032 6108 [ C43B25863FBD65B6D2A142AF3AE320CA ] napagent C:\Windows\system32\qagentRT.dll
17:08:16.0079 6108 napagent - ok
17:08:16.0143 6108 [ 3C21CE48FF529BB73DADB98770B54025 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:08:16.0153 6108 NativeWifiP - ok
17:08:16.0180 6108 [ 9BDC71790FA08F0A0B5F10462B1BD0B1 ] NDIS C:\Windows\system32\drivers\ndis.sys
17:08:16.0227 6108 NDIS - ok
17:08:16.0280 6108 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:08:16.0316 6108 NdisTapi - ok
17:08:16.0365 6108 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:08:16.0385 6108 Ndisuio - ok
17:08:16.0437 6108 [ 3D14C3B3496F88890D431E8AA022A411 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:08:16.0457 6108 NdisWan - ok
17:08:16.0474 6108 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:08:16.0493 6108 NDProxy - ok
17:08:16.0599 6108 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:08:16.0635 6108 NetBIOS - ok
17:08:16.0661 6108 [ 7C5FEE5B1C5728507CD96FB4A13E7A02 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
17:08:16.0704 6108 netbt - ok
17:08:16.0720 6108 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] Netlogon C:\Windows\system32\lsass.exe
17:08:16.0730 6108 Netlogon - ok
17:08:16.0761 6108 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
17:08:16.0805 6108 Netman - ok
17:08:16.0854 6108 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:08:16.0863 6108 NetMsmqActivator - ok
17:08:16.0868 6108 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:08:16.0876 6108 NetPipeActivator - ok
17:08:16.0894 6108 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
17:08:16.0922 6108 netprofm - ok
17:08:16.0927 6108 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:08:16.0935 6108 NetTcpActivator - ok
17:08:16.0940 6108 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:08:16.0948 6108 NetTcpPortSharing - ok
17:08:17.0074 6108 [ 6E9EDC1020B319E7676387B8CDF2398C ] NETw2v32 C:\Windows\system32\DRIVERS\NETw2v32.sys
17:08:17.0207 6108 NETw2v32 - ok
17:08:17.0234 6108 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
17:08:17.0242 6108 nfrd960 - ok
17:08:17.0265 6108 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:08:17.0290 6108 NlaSvc - ok
17:08:17.0302 6108 [ ECB5003F484F9ED6C608D6D6C7886CBB ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:08:17.0341 6108 Npfs - ok
17:08:17.0374 6108 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
17:08:17.0414 6108 nsi - ok
17:08:17.0431 6108 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:08:17.0469 6108 nsiproxy - ok
17:08:17.0512 6108 [ B4EFFE29EB4F15538FD8A9681108492D ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:08:17.0565 6108 Ntfs - ok
17:08:17.0590 6108 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
17:08:17.0638 6108 ntrigdigi - ok
17:08:17.0658 6108 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
17:08:17.0696 6108 Null - ok
17:08:17.0720 6108 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:08:17.0728 6108 nvraid - ok
17:08:17.0745 6108 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:08:17.0752 6108 nvstor - ok
17:08:17.0772 6108 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:08:17.0781 6108 nv_agp - ok
17:08:17.0785 6108 NwlnkFlt - ok
17:08:17.0789 6108 NwlnkFwd - ok
17:08:17.0828 6108 [ 790E27C3DB53410B40FF9EF2FD10A1D9 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
17:08:17.0850 6108 ohci1394 - ok
17:08:17.0918 6108 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:08:17.0928 6108 ose - ok
17:08:18.0101 6108 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:08:18.0418 6108 osppsvc - ok
17:08:18.0484 6108 [ 5DE1A3972FD3112C75EB17BDCF454169 ] p2pimsvc C:\Windows\system32\p2psvc.dll
17:08:18.0572 6108 p2pimsvc - ok
17:08:18.0586 6108 [ 5DE1A3972FD3112C75EB17BDCF454169 ] p2psvc C:\Windows\system32\p2psvc.dll
17:08:18.0613 6108 p2psvc - ok
17:08:18.0675 6108 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
17:08:18.0729 6108 Parport - ok
17:08:18.0752 6108 [ 3B38467E7C3DAED009DFE359E17F139F ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:08:18.0759 6108 partmgr - ok
17:08:18.0779 6108 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
17:08:18.0816 6108 Parvdm - ok
17:08:18.0834 6108 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
17:08:18.0864 6108 PcaSvc - ok
17:08:18.0870 6108 [ 01B94418DEB235DFF777CC80076354B4 ] pci C:\Windows\system32\drivers\pci.sys
17:08:18.0879 6108 pci - ok
17:08:18.0899 6108 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys
17:08:18.0907 6108 pciide - ok
17:08:18.0939 6108 [ B7C5A8769541900F6DFA6FE0C5E4D513 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
17:08:18.0948 6108 pcmcia - ok
17:08:19.0014 6108 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:08:19.0118 6108 PEAUTH - ok
17:08:19.0227 6108 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
17:08:19.0368 6108 pla - ok
17:08:19.0406 6108 [ 78F975CB6D18265BE6F492EDB2D7BC7B ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:08:19.0444 6108 PlugPlay - ok
17:08:19.0486 6108 [ 5DE1A3972FD3112C75EB17BDCF454169 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
17:08:19.0508 6108 PNRPAutoReg - ok
17:08:19.0552 6108 [ 5DE1A3972FD3112C75EB17BDCF454169 ] PNRPsvc C:\Windows\system32\p2psvc.dll
17:08:19.0581 6108 PNRPsvc - ok
17:08:19.0639 6108 [ 47B8F37AA18B74D8C2E1BC1A7A2C8F8A ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:08:19.0687 6108 PolicyAgent - ok
17:08:19.0730 6108 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:08:19.0769 6108 PptpMiniport - ok
17:08:19.0794 6108 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys
17:08:19.0822 6108 Processor - ok
17:08:19.0853 6108 [ B627E4FC8585E8843C5905D4D3587A90 ] ProfSvc C:\Windows\system32\profsvc.dll
17:08:19.0900 6108 ProfSvc - ok
17:08:19.0924 6108 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:08:19.0938 6108 ProtectedStorage - ok
17:08:19.0985 6108 [ BFEF604508A0ED1EAE2A73E872555FFB ] PSched C:\Windows\system32\DRIVERS\pacer.sys
17:08:20.0021 6108 PSched - ok
17:08:20.0083 6108 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
17:08:20.0157 6108 ql2300 - ok
17:08:20.0177 6108 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
17:08:20.0191 6108 ql40xx - ok
17:08:20.0218 6108 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
17:08:20.0257 6108 QWAVE - ok
17:08:20.0276 6108 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:08:20.0293 6108 QWAVEdrv - ok
17:08:20.0301 6108 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:08:20.0338 6108 RasAcd - ok
17:08:20.0355 6108 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
17:08:20.0391 6108 RasAuto - ok
17:08:20.0411 6108 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:08:20.0443 6108 Rasl2tp - ok
17:08:20.0464 6108 [ 6E7C284FC5C4EC07AD164D93810385A6 ] RasMan C:\Windows\System32\rasmans.dll
17:08:20.0492 6108 RasMan - ok
17:08:20.0499 6108 [ 3E9D9B048107B40D87B97DF2E48E0744 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:08:20.0520 6108 RasPppoe - ok
17:08:20.0526 6108 [ A7D141684E9500AC928A772ED8E6B671 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:08:20.0546 6108 RasSstp - ok
17:08:20.0579 6108 [ 6E1C5D0457622F9EE35F683110E93D14 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:08:20.0600 6108 rdbss - ok
17:08:20.0608 6108 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:08:20.0647 6108 RDPCDD - ok
17:08:20.0673 6108 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
17:08:20.0695 6108 rdpdr - ok
17:08:20.0700 6108 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:08:20.0732 6108 RDPENCDD - ok
17:08:20.0767 6108 [ E1C18F4097A5ABCEC941DC4B2F99DB7E ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:08:20.0789 6108 RDPWD - ok
17:08:20.0837 6108 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:08:20.0859 6108 RemoteAccess - ok
17:08:20.0882 6108 [ CC4E32400F3C7253400CF8F3F3A0B676 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:08:20.0906 6108 RemoteRegistry - ok
17:08:20.0920 6108 [ 34CC78C06587718C2AD6D3AA83B1F072 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
17:08:20.0941 6108 RFCOMM - ok
17:08:20.0988 6108 [ 4F4A4C09CC5BE58A76CAC1C337E004E6 ] RimUsb C:\Windows\system32\Drivers\RimUsb.sys
17:08:20.0996 6108 RimUsb - ok
17:08:21.0066 6108 [ 3A5633AD615E2B15291BD0B1B97CCD8A ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial.sys
17:08:21.0085 6108 RimVSerPort - ok
17:08:21.0118 6108 [ 75E8A6BFA7374ABA833AE92BF41AE4E6 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
17:08:21.0139 6108 ROOTMODEM - ok
17:08:21.0166 6108 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
17:08:21.0216 6108 RpcLocator - ok
17:08:21.0246 6108 [ 301AE00E12408650BADDC04DBC832830 ] RpcSs C:\Windows\system32\rpcss.dll
17:08:21.0272 6108 RpcSs - ok
17:08:21.0291 6108 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:08:21.0319 6108 rspndr - ok
17:08:21.0377 6108 [ CB0BD9E10E3E244D312C106DEE1BBB93 ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys
17:08:21.0413 6108 RTL8169 - ok
17:08:21.0454 6108 [ 7AB67112806D3AFBED30AEA446D83DBA ] RTL8187Se C:\Windows\system32\DRIVERS\RTL8187Se.sys
17:08:21.0490 6108 RTL8187Se - ok
17:08:21.0529 6108 [ 0D1C1B0DE2819FE1EA25098183130B64 ] RTSTOR C:\Windows\system32\drivers\RTSTOR.SYS
17:08:21.0559 6108 RTSTOR - ok
17:08:21.0582 6108 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] SamSs C:\Windows\system32\lsass.exe
17:08:21.0601 6108 SamSs - ok
17:08:21.0621 6108 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:08:21.0634 6108 sbp2port - ok
17:08:21.0665 6108 [ 11387E32642269C7E62E8B52C060B3C6 ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:08:21.0707 6108 SCardSvr - ok
17:08:21.0771 6108 [ 7B587B8A6D4A99F79D2902D0385F29BD ] Schedule C:\Windows\system32\schedsvc.dll
17:08:21.0875 6108 Schedule - ok
17:08:21.0888 6108 [ 87C2D0377B23E2D8A41093C2F5FB1A5B ] SCPolicySvc C:\Windows\System32\certprop.dll
17:08:21.0925 6108 SCPolicySvc - ok
17:08:21.0954 6108 [ 126EA89BCC413EE45E3004FB0764888F ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
17:08:21.0991 6108 sdbus - ok
17:08:22.0012 6108 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:08:22.0047 6108 SDRSVC - ok
17:08:22.0061 6108 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:08:22.0147 6108 secdrv - ok
17:08:22.0168 6108 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
17:08:22.0208 6108 seclogon - ok
17:08:22.0223 6108 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
17:08:22.0279 6108 SENS - ok
17:08:22.0294 6108 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
17:08:22.0365 6108 Serenum - ok
17:08:22.0380 6108 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
17:08:22.0434 6108 Serial - ok
17:08:22.0450 6108 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
17:08:22.0471 6108 sermouse - ok
17:08:22.0493 6108 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
17:08:22.0525 6108 SessionEnv - ok
17:08:22.0549 6108 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:08:22.0568 6108 sffdisk - ok
17:08:22.0594 6108 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:08:22.0625 6108 sffp_mmc - ok
17:08:22.0642 6108 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:08:22.0672 6108 sffp_sd - ok
17:08:22.0699 6108 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
17:08:22.0756 6108 sfloppy - ok
17:08:22.0813 6108 [ 74744F4D9EB18DDD0EB45E03CFDD648E ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
17:08:22.0830 6108 Sftfs - ok
17:08:22.0913 6108 [ BAF282373E79D08CE9510AC8B5A1F41D ] sftlist C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
17:08:22.0934 6108 sftlist - ok
17:08:22.0979 6108 [ CBC5BE6F81E86CC73656E61767002DA9 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
17:08:22.0987 6108 Sftplay - ok
17:08:22.0996 6108 [ 961E50666E6D6949328B1FFBC33ADF43 ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
17:08:23.0002 6108 Sftredir - ok
17:08:23.0038 6108 [ C8C02C8FE267751EC62B7E7D8D214C63 ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
17:08:23.0044 6108 Sftvol - ok
17:08:23.0060 6108 [ EE28AEB3889A9CCA894626ECD1FB1C8B ] sftvsa C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
17:08:23.0071 6108 sftvsa - ok
17:08:23.0103 6108 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:08:23.0131 6108 SharedAccess - ok
17:08:23.0186 6108 [ 1E3FDB80E40A3CE645F229DFBDFB7694 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:08:23.0216 6108 ShellHWDetection - ok
17:08:23.0238 6108 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
17:08:23.0249 6108 sisagp - ok
17:08:23.0272 6108 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
17:08:23.0282 6108 SiSRaid2 - ok
17:08:23.0301 6108 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
17:08:23.0312 6108 SiSRaid4 - ok
17:08:23.0412 6108 [ 0BA91E1358AD25236863039BB2609A2E ] slsvc C:\Windows\system32\SLsvc.exe
17:08:23.0637 6108 slsvc - ok
17:08:23.0683 6108 [ 7C6DC44CA0BFA6291629AB764200D1D4 ] SLUINotify C:\Windows\system32\SLUINotify.dll
17:08:23.0724 6108 SLUINotify - ok
17:08:23.0747 6108 [ 031E6BCD53C9B2B9ACE111EAFEC347B6 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:08:23.0801 6108 Smb - ok
17:08:23.0830 6108 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:08:23.0849 6108 SNMPTRAP - ok
17:08:23.0865 6108 [ 9F70CD5EDCC4EFC48AE21E04FB03BE9D ] speedfan C:\Windows\system32\speedfan.sys
17:08:23.0878 6108 speedfan - ok
17:08:23.0885 6108 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
17:08:23.0898 6108 spldr - ok
17:08:23.0946 6108 [ 3665F79026A3F91FBCA63F2C65A09B19 ] Spooler C:\Windows\System32\spoolsv.exe
17:08:24.0001 6108 Spooler - ok
17:08:24.0068 6108 [ 2252AEF839B1093D16761189F45AF885 ] srv C:\Windows\system32\DRIVERS\srv.sys
17:08:24.0090 6108 srv - ok
17:08:24.0141 6108 [ 96512F4A30B741E7D33A7936B9ABBC20 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:08:24.0160 6108 srv2 - ok
17:08:24.0220 6108 [ 1C69E33E0E23626DA5A34CA5BA0DD990 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:08:24.0251 6108 srvnet - ok
17:08:24.0288 6108 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:08:24.0312 6108 SSDPSRV - ok
17:08:24.0349 6108 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:08:24.0373 6108 SstpSvc - ok
17:08:24.0429 6108 [ 359FEE084F1173FFFFD7F9CCBD43D47F ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
17:08:24.0436 6108 ssudmdm - ok
17:08:24.0487 6108 [ 5BFA0EECF42A8E4467A1DFE2186F1AC0 ] STacSV C:\WINDOWS\System32\STacSV.exe
17:08:24.0512 6108 STacSV ( UnsignedFile.Multi.Generic ) - warning
17:08:24.0512 6108 STacSV - detected UnsignedFile.Multi.Generic (1)
17:08:24.0565 6108 [ 9B33AA7F98D54747B486FE33D4903278 ] STHDA C:\Windows\system32\drivers\stwrt.sys
17:08:24.0599 6108 STHDA - ok
17:08:24.0635 6108 [ 7DD08A597BC56051F320DA0BAF69E389 ] stisvc C:\Windows\System32\wiaservc.dll
17:08:24.0658 6108 stisvc - ok
17:08:24.0719 6108 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
17:08:24.0726 6108 swenum - ok
17:08:24.0745 6108 [ B36C7CDB86F7F7A8E884479219766950 ] swprv C:\Windows\System32\swprv.dll
17:08:24.0793 6108 swprv - ok
17:08:24.0830 6108 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
17:08:24.0837 6108 Symc8xx - ok
17:08:24.0864 6108 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
17:08:24.0871 6108 Sym_hi - ok
17:08:24.0895 6108 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
17:08:24.0902 6108 Sym_u3 - ok
17:08:24.0976 6108 [ 1F452F22DF0C00DD2529867E1EA0DC25 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
17:08:24.0986 6108 SynTP - ok
17:08:25.0017 6108 [ 8710A92D0024B03B5FB9540DF1F71F1D ] SysMain C:\Windows\system32\sysmain.dll
17:08:25.0144 6108 SysMain - ok
17:08:25.0169 6108 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:08:25.0198 6108 TabletInputService - ok
17:08:25.0223 6108 [ 680916BB09EE0F3A6ACA7C274B0D633F ] TapiSrv C:\Windows\System32\tapisrv.dll
17:08:25.0278 6108 TapiSrv - ok
17:08:25.0303 6108 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
17:08:25.0353 6108 TBS - ok
17:08:25.0429 6108 [ 782568AB6A43160A159B6215B70BCCE9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:08:25.0464 6108 Tcpip - ok
17:08:25.0495 6108 [ 782568AB6A43160A159B6215B70BCCE9 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
17:08:25.0592 6108 Tcpip6 - ok
17:08:25.0635 6108 [ D4A2E4A4B011F3A883AF77315A5AE76B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:08:25.0673 6108 tcpipreg - ok
17:08:25.0691 6108 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:08:25.0710 6108 TDPIPE - ok
17:08:25.0743 6108 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:08:25.0764 6108 TDTCP - ok
17:08:25.0790 6108 [ D09276B1FAB033CE1D40DCBDF303D10F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:08:25.0811 6108 tdx - ok
17:08:25.0826 6108 [ A048056F5E1A96A9BF3071B91741A5AA ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
17:08:25.0834 6108 TermDD - ok
17:08:25.0859 6108 [ D605031E225AACCBCEB5B76A4F1603A6 ] TermService C:\Windows\System32\termsrv.dll
17:08:25.0892 6108 TermService - ok
17:08:25.0934 6108 [ 1E3FDB80E40A3CE645F229DFBDFB7694 ] Themes C:\Windows\system32\shsvcs.dll
17:08:25.0947 6108 Themes - ok
17:08:25.0959 6108 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
17:08:25.0979 6108 THREADORDER - ok
17:08:25.0990 6108 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
17:08:26.0013 6108 TrkWks - ok
17:08:26.0046 6108 [ 16613A1BAD034D4ECF957AF18B7C2FF5 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:08:26.0079 6108 TrustedInstaller - ok
17:08:26.0107 6108 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:08:26.0144 6108 tssecsrv - ok
17:08:26.0167 6108 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
17:08:26.0187 6108 tunmp - ok
17:08:26.0214 6108 [ 119B8184E106BAEDC83FCE5DDF3950DA ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:08:26.0256 6108 tunnel - ok
17:08:26.0272 6108 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
17:08:26.0280 6108 uagp35 - ok
17:08:26.0300 6108 [ 8B5088058FA1D1CD897A2113CCFF6C58 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:08:26.0323 6108 udfs - ok
17:08:26.0348 6108 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:08:26.0371 6108 UI0Detect - ok
17:08:26.0394 6108 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:08:26.0402 6108 uliagpkx - ok
17:08:26.0431 6108 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
17:08:26.0441 6108 uliahci - ok
17:08:26.0464 6108 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
17:08:26.0471 6108 UlSata - ok
17:08:26.0492 6108 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
17:08:26.0500 6108 ulsata2 - ok
17:08:26.0523 6108 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
17:08:26.0556 6108 umbus - ok
17:08:26.0583 6108 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
17:08:26.0630 6108 upnphost - ok
17:08:26.0662 6108 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:08:26.0690 6108 usbccgp - ok
17:08:26.0719 6108 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:08:26.0781 6108 usbcir - ok
17:08:26.0805 6108 [ CEBE90821810E76320155BEBA722FCF9 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
17:08:26.0833 6108 usbehci - ok
17:08:26.0846 6108 [ CC6B28E4CE39951357963119CE47B143 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:08:26.0892 6108 usbhub - ok
17:08:26.0919 6108 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
17:08:26.0969 6108 usbohci - ok
17:08:27.0000 6108 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:08:27.0027 6108 usbprint - ok
17:08:27.0080 6108 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
17:08:27.0107 6108 usbscan - ok
17:08:27.0137 6108 [ 87BA6B83C5D19B69160968D07D6E2982 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:08:27.0179 6108 USBSTOR - ok
17:08:27.0194 6108 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
17:08:27.0222 6108 usbuhci - ok
17:08:27.0260 6108 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
17:08:27.0317 6108 usbvideo - ok
17:08:27.0357 6108 [ 7B8424BBAAFBC127C8F55AD6007D6D6B ] UVCFTR C:\Windows\system32\Drivers\UVCFTR_S.SYS
17:08:27.0370 6108 UVCFTR - ok
17:08:27.0402 6108 [ 032A0ACC3909AE7215D524E29D536797 ] UxSms C:\Windows\System32\uxsms.dll
17:08:27.0460 6108 UxSms - ok
17:08:27.0482 6108 [ B13BC395B9D6116628F5AF47E0802AC4 ] vds C:\Windows\System32\vds.exe
17:08:27.0561 6108 vds - ok
17:08:27.0584 6108 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:08:27.0616 6108 vga - ok
17:08:27.0630 6108 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
17:08:27.0672 6108 VgaSave - ok
17:08:27.0697 6108 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
17:08:27.0705 6108 viaagp - ok
17:08:27.0717 6108 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
17:08:27.0738 6108 ViaC7 - ok
17:08:27.0836 6108 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
17:08:27.0843 6108 viaide - ok
17:08:27.0868 6108 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:08:27.0876 6108 volmgr - ok
17:08:27.0895 6108 [ 98F5FFE6316BD74E9E2C97206C190196 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:08:27.0906 6108 volmgrx - ok
17:08:27.0937 6108 [ D8B4A53DD2769F226B3EB374374987C9 ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:08:27.0947 6108 volsnap - ok
17:08:27.0973 6108 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
17:08:27.0982 6108 vsmraid - ok
17:08:28.0041 6108 [ D5FB73D19C46ADE183F968E13F186B23 ] VSS C:\Windows\system32\vssvc.exe
17:08:28.0153 6108 VSS - ok
17:08:28.0178 6108 [ 1CF9206966A8458CDA9A8B20DF8AB7D3 ] W32Time C:\Windows\system32\w32time.dll
17:08:28.0230 6108 W32Time - ok
17:08:28.0260 6108 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
17:08:28.0309 6108 WacomPen - ok
17:08:28.0335 6108 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
17:08:28.0375 6108 Wanarp - ok
17:08:28.0380 6108 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:08:28.0409 6108 Wanarpv6 - ok
17:08:28.0455 6108 [ 0A716C08CB13C3A8F4F51E882DBF7416 ] wanatw C:\Windows\system32\DRIVERS\wanatw4.sys
17:08:28.0464 6108 wanatw - ok
17:08:28.0489 6108 [ F3A5C2E1A6533192B070D06ECF6BE796 ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:08:28.0524 6108 wcncsvc - ok
17:08:28.0543 6108 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:08:28.0587 6108 WcsPlugInService - ok
17:08:28.0631 6108 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
17:08:28.0640 6108 Wd - ok
17:08:28.0692 6108 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:08:28.0746 6108 Wdf01000 - ok
17:08:28.0804 6108 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:08:28.0837 6108 WdiServiceHost - ok
17:08:28.0842 6108 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:08:28.0884 6108 WdiSystemHost - ok
17:08:28.0909 6108 [ CF9A5F41789B642DB967021DE06A2713 ] WebClient C:\Windows\System32\webclnt.dll
17:08:28.0945 6108 WebClient - ok
17:08:28.0967 6108 [ 905214925A88311FCE52F66153DE7610 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:08:29.0012 6108 Wecsvc - ok
17:08:29.0030 6108 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:08:29.0083 6108 wercplsupport - ok
17:08:29.0105 6108 [ 4081288554294F144E5A7D4EE20E3CE6 ] WerSvc C:\Windows\System32\WerSvc.dll
17:08:29.0148 6108 WerSvc - ok
17:08:29.0197 6108 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
17:08:29.0211 6108 WinDefend - ok
17:08:29.0217 6108 WinHttpAutoProxySvc - ok
17:08:29.0283 6108 [ 00B79A7C984678F24CF052E5BEB3A2F5 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:08:29.0321 6108 Winmgmt - ok
17:08:29.0360 6108 [ 20FC93FDC916843CFDFCAA7A1B0DB16F ] WinRM C:\Windows\system32\WsmSvc.dll
17:08:29.0409 6108 WinRM - ok
17:08:29.0462 6108 [ F03110711B17AD31271CB2BAF0DBB2B1 ] WinUSB C:\Windows\system32\DRIVERS\WinUSB.sys
17:08:29.0496 6108 WinUSB - ok
17:08:29.0551 6108 [ 275F4346E569DF56CFB95243BD6F6FF0 ] Wlansvc C:\Windows\System32\wlansvc.dll
17:08:29.0628 6108 Wlansvc - ok
17:08:29.0657 6108 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
17:08:29.0677 6108 WmiAcpi - ok
17:08:29.0710 6108 [ ABA4CF9F856D9A3A25F4DDD7690A6E9D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:08:29.0733 6108 wmiApSrv - ok
17:08:29.0794 6108 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
17:08:29.0859 6108 WMPNetworkSvc - ok
17:08:29.0882 6108 [ 5D94CD167751294962BA238D82DD1BB8 ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:08:29.0904 6108 WPCSvc - ok
17:08:29.0919 6108 [ 396D406292B0CD26E3504FFE82784702 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:08:29.0932 6108 WPDBusEnum - ok
17:08:29.0987 6108 [ 0CEC23084B51B8288099EB710224E955 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
17:08:30.0025 6108 WpdUsb - ok
17:08:30.0124 6108 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
17:08:30.0161 6108 WPFFontCache_v0400 - ok
17:08:30.0222 6108 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:08:30.0260 6108 ws2ifsl - ok
17:08:30.0289 6108 [ 683DD16B590372F2C9661D277F35E49C ] wscsvc C:\Windows\System32\wscsvc.dll
17:08:30.0302 6108 wscsvc - ok
17:08:30.0306 6108 WSearch - ok
17:08:30.0403 6108 [ 6298277B73C77FA99106B271A7525163 ] wuauserv C:\Windows\system32\wuaueng.dll
17:08:30.0530 6108 wuauserv - ok
17:08:30.0575 6108 [ 6F9B6C0C93232CFF47D0F72D6DB1D21E ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:08:30.0591 6108 WudfPf - ok
17:08:30.0653 6108 [ F91FF1E51FCA30B3C3981DB7D5924252 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:08:30.0684 6108 WUDFRd - ok
17:08:30.0704 6108 [ 2C0206FF8D2C75AC027D1096FA2FAFDA ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:08:30.0718 6108 wudfsvc - ok
17:08:30.0748 6108 [ 7D1F3B131D503EF43EE594B5A2B9B427 ] yukonwlh C:\Windows\system32\DRIVERS\yk60x86.sys
17:08:30.0799 6108 yukonwlh - ok
17:08:30.0900 6108 [ 74EC37B9EAF9FCA015B933A526825C7A ] {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC} C:\Program Files\CyberLink\PowerDVD10\NavFilter\000.fcl
17:08:30.0908 6108 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC} - ok
17:08:30.0924 6108 ================ Scan global ===============================
17:08:30.0952 6108 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
17:08:30.0987 6108 [ 8B05FAF8603E6FDE90C5B103761CC3F6 ] C:\Windows\system32\winsrv.dll
17:08:31.0021 6108 [ 8B05FAF8603E6FDE90C5B103761CC3F6 ] C:\Windows\system32\winsrv.dll
17:08:31.0064 6108 [ 2B336AB6286D6C81FA02CBAB914E3C6C ] C:\Windows\system32\services.exe
17:08:31.0074 6108 [Global] - ok
17:08:31.0075 6108 ================ Scan MBR ==================================
17:08:31.0092 6108 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
17:08:31.0530 6108 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
17:08:31.0531 6108 \Device\Harddisk0\DR0 - detected TDSS File System (1)
17:08:31.0532 6108 ================ Scan VBR ==================================
17:08:31.0538 6108 [ 8FE812A1039D0C31100BF0258957428D ] \Device\Harddisk0\DR0\Partition1
17:08:31.0541 6108 \Device\Harddisk0\DR0\Partition1 - ok
17:08:31.0549 6108 [ 71A03615243F9FFE47E161FB6140B324 ] \Device\Harddisk0\DR0\Partition2
17:08:31.0552 6108 \Device\Harddisk0\DR0\Partition2 - ok
17:08:31.0553 6108 ============================================================
17:08:31.0553 6108 Scan finished
17:08:31.0553 6108 ============================================================
17:08:31.0572 3168 Detected object count: 6
17:08:31.0572 3168 Actual detected object count: 6
17:09:31.0641 3168 giveio ( UnsignedFile.Multi.Generic ) - skipped by user
17:09:31.0642 3168 giveio ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:09:31.0642 3168 McciCMService ( UnsignedFile.Multi.Generic ) - skipped by user
17:09:31.0643 3168 McciCMService ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:09:31.0647 3168 MREMP50 ( UnsignedFile.Multi.Generic ) - skipped by user
17:09:31.0647 3168 MREMP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:09:31.0650 3168 MRESP50 ( UnsignedFile.Multi.Generic ) - skipped by user
17:09:31.0650 3168 MRESP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:09:31.0653 3168 STacSV ( UnsignedFile.Multi.Generic ) - skipped by user
17:09:31.0653 3168 STacSV ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:09:31.0658 3168 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
17:09:31.0659 3168 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

#4 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:06:08 AM

Posted 21 December 2012 - 07:04 PM

Hi again, :)

Okay, let's run a few other tools next:



Step :step1:

Let's get a Security Check of your machine:

Please download and run Security Check from HERE,and save it to your Desktop.

  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document in your next reply.

==========

Step :step2:

Please download Malwarebytes Anti-Malware Posted Image and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download. ***Also please note this scan may take some time.
  • Double-click on the renamed file to install, then follow these instructions for doing a Full Scan in normal mode.
  • Don't forget to check for database definition updates through the program's interface (preferable method) before scanning.
  • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues.
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • After completing the scan, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab .
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

-- Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, use Malwarebytes Chameleon and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).

==========

Step :step3:

Run RogueKiller

Download RogueKiller from here or here and save it to your desktop.

  • Close all programs and disconnect any USB or external drives before running the tool.
  • Right-click RogueKiller.exe and select Run as Administrator.
  • Once the Prescan has finished, click Scan.
  • Once the Status box shows "Scan Finished", click Delete.
  • When the Status box shows "Deleting Finished", click Report and then copy and paste the log in your next reply.
  • The log can also be found at RKreport[1].txt on your desktop.

==========

In your next reply, please include the following:

  • The Security Check log
  • The MBAM log
  • The RogueKiller log
Also, please let me know how the computer is running now!

bloopie




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users