Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Removed Ransomware, still having residual issues.


  • Please log in to reply
25 replies to this topic

#1 icarusbreathes

icarusbreathes

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Local time:06:23 AM

Posted 04 June 2013 - 02:59 PM

I went through the prep guide but was unable to download logs to post. In fact, I cannot download anything, really. Everything I download to my desktop from the internet just doesn't show up. I can tell my computer is still infected with something because I can't download Hitman Pro or other programs that may help me continue scanning. The ones I have detect nothing (used rkill, then TDSSKiller and MBAM and Trend Micro Housecall). I can't even download HitmanPro and it deleted Microsoft Secuirty Essentials completely (which I also can't redownload). Again, Firefox acts as if it downloaded these thing to my desktop and then it's not there.

I'm also noticing slowdown that wasn't there before.

I don't have another computer or a flash drive to work with. What can I do?

 



BC AdBot (Login to Remove)

 


#2 D-FRED-BROWN

D-FRED-BROWN

    Resident Bracketologist


  • Malware Response Team
  • 834 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Kansas, USA
  • Local time:06:23 AM

Posted 07 June 2013 - 01:13 AM

Hello icarusbreathes and welcome to Bleeping Computer!

I am D-FRED-BROWN and I will be helping you. smile.png

Please print or save this topic. It will make it easier for you to follow the instructions and complete all of the necessary steps.


----------Step 1----------------
Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!

  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not an option, Skip instead, do not choose Delete unless instructed.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.

----------Step 2----------------
Please download Malwarebytes Anti-Rootkit from HERE

  • Unzip the contents to a folder in a convenient location.
  • Open the folder where the contents were unzipped and run mbar.exe
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • Click on the Cleanup button to remove any threats and reboot if prompted to do so.
  • Wait while the system shuts down and the cleanup process is performed.
  • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
  • When done, please post the two logs produced they will be in the MBAR folder... mbar-log.txt and system-log.txt

----------Step 3----------------
Please download ComboFix.exe. Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingc...to-use-combofix

***IMPORTANT: save ComboFix to your Desktop***

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Please go here to see a list of programs that should be disabled.

**Note: Do not mouseclick ComboFix's window while it's running. That may cause it to stall**

Please include the C:\ComboFix.txt in your next reply for further review.


NOTE: If you receive the message "illegal operation has been attempted on a registry key that has been marked for deletion", just reboot the computer.


----------Step 4----------------
Please download Security Check by screen317 from here or here.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

----------Step 5----------------
In your next reply, please include the following:

  • TDSSKiller's logfile
  • MBAR mbar-log.txt and system-log.txt
  • ComboFix's report (C:\ComboFix.txt)
  • Security Check checkup.txt

After that, please let me know: How is your computer running now? Do you have any questions or concerns you'd like me to address? Don't hesitate to ask. smile.png

-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Note:

Please make sure you are subscribed to this topic: Click on the "Follow This Topic" Button (at the top right of this page), make sure that the "Receive notification" box is checked and that it is set to "Instantly"
 

-------> Your topic will be closed if you haven't replied within 3 days! <--------
(If I don't respond within 24 hours, please send me a PM)



-DFB


Proud graduate of SpywareInfo Bootcamp
Follow me on Twitter! @dfredbrown
Posted Image
Unified Network of Instructors and Trained Eliminators

I volunteer my free time to help you. Please consider making a donation so I can continue helping people like you.
Posted Image
Thank you!

#3 icarusbreathes

icarusbreathes
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Local time:06:23 AM

Posted 11 June 2013 - 06:28 PM

Hey! Thanks for helping me. As I said, I cannot download most things. I download them and they will not show up, I try to run them instead of save and get an error, etc. I already had TDSSKiller on my computer and have run it several times since the infection. It has always come clean and this time was no different. As for the MBAM rootkit, ComboFix, and Security Check, none of them downloaded except for a .part of ComboFix (obviously useless). I do have the normal MBAM software (it has come up clean a few times since the infection as well).

I'd also like to add that since I had them on my computer, a week+ ago I ran rkill, then TDSSKiller, then MBAM, TrendMicro Housecall, and Ccleaner (for speed) and nothing came up. Don't know if that helps at all.

Here is the TDSSKiller log.

19:15:34.0265 7816  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
19:15:34.0590 7816  ============================================================
19:15:34.0590 7816  Current date / time: 2013/06/11 19:15:34.0590
19:15:34.0590 7816  SystemInfo:
19:15:34.0590 7816  
19:15:34.0590 7816  OS Version: 6.0.6002 ServicePack: 2.0
19:15:34.0590 7816  Product type: Workstation
19:15:34.0590 7816  ComputerName: JOSH-PC
19:15:34.0590 7816  UserName: Josh
19:15:34.0590 7816  Windows directory: C:\Windows
19:15:34.0590 7816  System windows directory: C:\Windows
19:15:34.0590 7816  Processor architecture: Intel x86
19:15:34.0590 7816  Number of processors: 2
19:15:34.0590 7816  Page size: 0x1000
19:15:34.0590 7816  Boot type: Normal boot
19:15:34.0590 7816  ============================================================
19:15:34.0989 7816  Drive \Device\Harddisk0\DR0 - Size: 0x3A35294400 (232.83 Gb), SectorSize: 0x200, Cylinders: 0x76BA, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:15:35.0044 7816  ============================================================
19:15:35.0044 7816  \Device\Harddisk0\DR0:
19:15:35.0045 7816  MBR partitions:
19:15:35.0045 7816  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000
19:15:35.0045 7816  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x1B448CA2
19:15:35.0045 7816  ============================================================
19:15:35.0105 7816  C: <-> \Device\Harddisk0\DR0\Partition2
19:15:35.0142 7816  D: <-> \Device\Harddisk0\DR0\Partition1
19:15:35.0142 7816  ============================================================
19:15:35.0142 7816  Initialize success
19:15:35.0142 7816  ============================================================
19:15:36.0623 7844  ============================================================
19:15:36.0623 7844  Scan started
19:15:36.0623 7844  Mode: Manual;
19:15:36.0623 7844  ============================================================
19:15:37.0744 7844  ================ Scan system memory ========================
19:15:37.0744 7844  System memory - ok
19:15:37.0745 7844  ================ Scan services =============================
19:15:38.0052 7844  12905320 - ok
19:15:38.0105 7844  [ 58169FFB207940D4D84B4E85DB02CC1E ] 33998425        C:\Windows\system32\drivers\42151610.sys
19:15:38.0107 7844  33998425 - ok
19:15:38.0153 7844  [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI            C:\Windows\system32\drivers\acpi.sys
19:15:38.0156 7844  ACPI - ok
19:15:38.0230 7844  [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:15:38.0231 7844  AdobeFlashPlayerUpdateSvc - ok
19:15:38.0560 7844  [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
19:15:38.0610 7844  adp94xx - ok
19:15:38.0671 7844  [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci         C:\Windows\system32\drivers\adpahci.sys
19:15:38.0675 7844  adpahci - ok
19:15:38.0698 7844  [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
19:15:38.0700 7844  adpu160m - ok
19:15:38.0724 7844  [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
19:15:38.0726 7844  adpu320 - ok
19:15:38.0765 7844  [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
19:15:38.0766 7844  AeLookupSvc - ok
19:15:38.0781 7844  [ 97210CDE1BA95053CAD83D0FBB7C6A89 ] AERTFilters     C:\Windows\system32\AERTSrv.exe
19:15:38.0782 7844  AERTFilters - ok
19:15:38.0797 7844  [ 3911B972B55FEA0478476B2E777B29FA ] AFD             C:\Windows\system32\drivers\afd.sys
19:15:38.0800 7844  AFD - ok
19:15:38.0846 7844  [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440          C:\Windows\system32\drivers\agp440.sys
19:15:38.0847 7844  agp440 - ok
19:15:38.0878 7844  [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
19:15:38.0879 7844  aic78xx - ok
19:15:38.0920 7844  [ A1545B731579895D8CC44FC0481C1192 ] ALG             C:\Windows\System32\alg.exe
19:15:38.0922 7844  ALG - ok
19:15:38.0937 7844  [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide          C:\Windows\system32\drivers\aliide.sys
19:15:38.0938 7844  aliide - ok
19:15:38.0959 7844  [ C47344BC706E5F0B9DCE369516661578 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
19:15:38.0961 7844  amdagp - ok
19:15:38.0991 7844  [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide          C:\Windows\system32\drivers\amdide.sys
19:15:38.0992 7844  amdide - ok
19:15:39.0009 7844  [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
19:15:39.0010 7844  AmdK7 - ok
19:15:39.0025 7844  [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
19:15:39.0026 7844  AmdK8 - ok
19:15:39.0053 7844  [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo         C:\Windows\System32\appinfo.dll
19:15:39.0054 7844  Appinfo - ok
19:15:39.0235 7844  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:15:39.0236 7844  Apple Mobile Device - ok
19:15:39.0260 7844  [ 5D2888182FB46632511ACEE92FDAD522 ] arc             C:\Windows\system32\drivers\arc.sys
19:15:39.0262 7844  arc - ok
19:15:39.0297 7844  [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
19:15:39.0299 7844  arcsas - ok
19:15:39.0422 7844  [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
19:15:39.0423 7844  aspnet_state - ok
19:15:39.0441 7844  [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
19:15:39.0442 7844  AsyncMac - ok
19:15:39.0461 7844  [ 0D83C87A801A3DFCD1BF73893FE7518C ] atapi           C:\Windows\system32\drivers\atapi.sys
19:15:39.0463 7844  atapi - ok
19:15:39.0497 7844  [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:15:39.0501 7844  AudioEndpointBuilder - ok
19:15:39.0506 7844  [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv        C:\Windows\System32\Audiosrv.dll
19:15:39.0508 7844  Audiosrv - ok
19:15:39.0532 7844  bavzlffj - ok
19:15:39.0554 7844  [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep            C:\Windows\system32\drivers\Beep.sys
19:15:39.0554 7844  Beep - ok
19:15:39.0596 7844  [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE             C:\Windows\System32\bfe.dll
19:15:39.0600 7844  BFE - ok
19:15:39.0631 7844  [ 93952506C6D67330367F7E7934B6A02F ] BITS            C:\Windows\system32\qmgr.dll
19:15:39.0648 7844  BITS - ok
19:15:39.0683 7844  [ D4DF28447741FD3D953526E33A617397 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
19:15:39.0684 7844  blbdrive - ok
19:15:39.0726 7844  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:15:39.0730 7844  Bonjour Service - ok
19:15:39.0760 7844  [ 35F376253F687BDE63976CCB3F2108CA ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
19:15:39.0761 7844  bowser - ok
19:15:39.0780 7844  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
19:15:39.0782 7844  BrFiltLo - ok
19:15:39.0794 7844  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
19:15:39.0795 7844  BrFiltUp - ok
19:15:39.0822 7844  [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser         C:\Windows\System32\browser.dll
19:15:39.0824 7844  Browser - ok
19:15:39.0850 7844  [ B304E75CFF293029EDDF094246747113 ] Brserid         C:\Windows\system32\drivers\brserid.sys
19:15:39.0851 7844  Brserid - ok
19:15:39.0902 7844  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
19:15:39.0903 7844  BrSerWdm - ok
19:15:39.0926 7844  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
19:15:39.0927 7844  BrUsbMdm - ok
19:15:39.0941 7844  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
19:15:39.0942 7844  BrUsbSer - ok
19:15:39.0957 7844  [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
19:15:39.0959 7844  BTHMODEM - ok
19:15:40.0055 7844  catchme - ok
19:15:40.0093 7844  [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
19:15:40.0095 7844  cdfs - ok
19:15:40.0105 7844  [ 6B4BFFB9BECD728097024276430DB314 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
19:15:40.0107 7844  cdrom - ok
19:15:40.0140 7844  [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc     C:\Windows\System32\certprop.dll
19:15:40.0141 7844  CertPropSvc - ok
19:15:40.0163 7844  [ E5D4133F37219DBCFE102BC61072589D ] circlass        C:\Windows\system32\drivers\circlass.sys
19:15:40.0170 7844  circlass - ok
19:15:40.0284 7844  [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS            C:\Windows\system32\CLFS.sys
19:15:40.0288 7844  CLFS - ok
19:15:40.0340 7844  [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:15:40.0342 7844  clr_optimization_v2.0.50727_32 - ok
19:15:40.0394 7844  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:15:40.0457 7844  clr_optimization_v4.0.30319_32 - ok
19:15:40.0476 7844  [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
19:15:40.0477 7844  cmdide - ok
19:15:40.0489 7844  [ 4FC0A44DA7603229E1A9454126A59EFD ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
19:15:40.0490 7844  Compbatt - ok
19:15:40.0505 7844  COMSysApp - ok
19:15:40.0521 7844  [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
19:15:40.0523 7844  crcdisk - ok
19:15:40.0542 7844  [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
19:15:40.0544 7844  Crusoe - ok
19:15:40.0636 7844  [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
19:15:40.0639 7844  CryptSvc - ok
19:15:40.0752 7844  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch      C:\Windows\system32\rpcss.dll
19:15:40.0943 7844  DcomLaunch - ok
19:15:40.0951 7844  [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
19:15:40.0953 7844  DfsC - ok
19:15:41.0014 7844  [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR            C:\Windows\system32\DFSR.exe
19:15:41.0047 7844  DFSR - ok
19:15:41.0077 7844  [ 9028559C132146FB75EB7ACF384B086A ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
19:15:41.0079 7844  Dhcp - ok
19:15:41.0112 7844  [ 5D4AEFC3386920236A548271F8F1AF6A ] disk            C:\Windows\system32\drivers\disk.sys
19:15:41.0113 7844  disk - ok
19:15:41.0140 7844  [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache        C:\Windows\System32\dnsrslvr.dll
19:15:41.0143 7844  Dnscache - ok
19:15:41.0173 7844  [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc         C:\Windows\System32\dot3svc.dll
19:15:41.0175 7844  dot3svc - ok
19:15:41.0207 7844  [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS             C:\Windows\system32\dps.dll
19:15:41.0210 7844  DPS - ok
19:15:41.0230 7844  [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
19:15:41.0231 7844  drmkaud - ok
19:15:41.0260 7844  [ 687AF6BB383885FF6A64071B189A7F3E ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
19:15:41.0263 7844  dtsoftbus01 - ok
19:15:41.0351 7844  [ 5DE0FAEC9E5D1AAE74F8568897891A01 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
19:15:41.0368 7844  DXGKrnl - ok
19:15:41.0405 7844  [ 908ED85B7806E8AF3AF5E9B74F7809D4 ] e1express       C:\Windows\system32\DRIVERS\e1e6032.sys
19:15:41.0407 7844  e1express - ok
19:15:41.0433 7844  [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
19:15:41.0435 7844  E1G60 - ok
19:15:41.0439 7844  EagleNT - ok
19:15:41.0484 7844  EagleXNt - ok
19:15:41.0518 7844  [ C0B95E40D85CD807D614E264248A45B9 ] EapHost         C:\Windows\System32\eapsvc.dll
19:15:41.0519 7844  EapHost - ok
19:15:41.0547 7844  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache          C:\Windows\system32\drivers\ecache.sys
19:15:41.0549 7844  Ecache - ok
19:15:41.0580 7844  [ 23B62471681A124889978F6295B3F4C6 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
19:15:41.0584 7844  elxstor - ok
19:15:41.0617 7844  [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
19:15:41.0633 7844  EMDMgmt - ok
19:15:41.0659 7844  [ F2A80DE2D1B7116052C09CB4D4CA1416 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
19:15:41.0660 7844  ErrDev - ok
19:15:41.0708 7844  [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem     C:\Windows\system32\es.dll
19:15:41.0711 7844  EventSystem - ok
19:15:41.0752 7844  [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat           C:\Windows\system32\drivers\exfat.sys
19:15:41.0754 7844  exfat - ok
19:15:41.0776 7844  [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
19:15:41.0778 7844  fastfat - ok
19:15:41.0805 7844  [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
19:15:41.0806 7844  fdc - ok
19:15:41.0832 7844  [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost         C:\Windows\system32\fdPHost.dll
19:15:41.0834 7844  fdPHost - ok
19:15:41.0862 7844  [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub        C:\Windows\system32\fdrespub.dll
19:15:41.0863 7844  FDResPub - ok
19:15:41.0872 7844  [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
19:15:41.0873 7844  FileInfo - ok
19:15:41.0886 7844  [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
19:15:41.0887 7844  Filetrace - ok
19:15:41.0897 7844  [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
19:15:41.0898 7844  flpydisk - ok
19:15:41.0929 7844  [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
19:15:41.0931 7844  FltMgr - ok
19:15:41.0965 7844  [ 8CE364388C8ECA59B14B539179276D44 ] FontCache       C:\Windows\system32\FntCache.dll
19:15:41.0982 7844  FontCache - ok
19:15:42.0022 7844  [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
19:15:42.0024 7844  FontCache3.0.0.0 - ok
19:15:42.0057 7844  [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
19:15:42.0058 7844  Fs_Rec - ok
19:15:42.0100 7844  [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
19:15:42.0102 7844  gagp30kx - ok
19:15:42.0194 7844  [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:15:42.0195 7844  GEARAspiWDM - ok
19:15:42.0224 7844  [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc           C:\Windows\System32\gpsvc.dll
19:15:42.0233 7844  gpsvc - ok
19:15:42.0267 7844  [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
19:15:42.0276 7844  HDAudBus - ok
19:15:42.0293 7844  [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth          C:\Windows\system32\drivers\hidbth.sys
19:15:42.0294 7844  HidBth - ok
19:15:42.0302 7844  [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr           C:\Windows\system32\drivers\hidir.sys
19:15:42.0304 7844  HidIr - ok
19:15:42.0340 7844  [ 84067081F3318162797385E11A8F0582 ] hidserv         C:\Windows\System32\hidserv.dll
19:15:42.0341 7844  hidserv - ok
19:15:42.0366 7844  [ CCA4B519B17E23A00B826C55716809CC ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
19:15:42.0367 7844  HidUsb - ok
19:15:42.0389 7844  [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc          C:\Windows\system32\kmsvc.dll
19:15:42.0392 7844  hkmsvc - ok
19:15:42.0419 7844  [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
19:15:42.0420 7844  HpCISSs - ok
19:15:42.0456 7844  [ 0EEECA26C8D4BDE2A4664DB058A81937 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
19:15:42.0461 7844  HTTP - ok
19:15:42.0493 7844  [ C6B032D69650985468160FC9937CF5B4 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
19:15:42.0494 7844  i2omp - ok
19:15:42.0534 7844  [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
19:15:42.0536 7844  i8042prt - ok
19:15:42.0601 7844  [ F79525634B192F5A18DE503568F94EF3 ] IAANTMON        C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
19:15:42.0606 7844  IAANTMON - ok
19:15:42.0639 7844  [ 707C1692214B1C290271067197F075F6 ] iaStor          C:\Windows\system32\drivers\iastor.sys
19:15:42.0641 7844  iaStor - ok
19:15:42.0664 7844  [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
19:15:42.0666 7844  iaStorV - ok
19:15:42.0748 7844  [ 6F95324909B502E2651442C1548AB12F ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
19:15:42.0750 7844  IDriverT - ok
19:15:42.0829 7844  [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:15:42.0846 7844  idsvc - ok
19:15:43.0034 7844  [ AA1636107C0C05A881BFBCE41142C70F ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
19:15:43.0150 7844  igfx - ok
19:15:43.0191 7844  [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
19:15:43.0192 7844  iirsp - ok
19:15:43.0228 7844  [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT          C:\Windows\System32\ikeext.dll
19:15:43.0233 7844  IKEEXT - ok
19:15:43.0292 7844  [ 9B89F2E3D705651DEC1F01033B9D6B24 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
19:15:43.0325 7844  IntcAzAudAddService - ok
19:15:43.0352 7844  [ 81486F0EB4238B65C317F97DE246C4AC ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
19:15:43.0354 7844  IntcHdmiAddService - ok
19:15:43.0377 7844  [ 83AA759F3189E6370C30DE5DC5590718 ] intelide        C:\Windows\system32\drivers\intelide.sys
19:15:43.0378 7844  intelide - ok
19:15:43.0402 7844  [ 224191001E78C89DFA78924C3EA595FF ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
19:15:43.0403 7844  intelppm - ok
19:15:43.0426 7844  [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
19:15:43.0429 7844  IPBusEnum - ok
19:15:43.0452 7844  [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:15:43.0454 7844  IpFilterDriver - ok
19:15:43.0491 7844  [ 1998BD97F950680BB55F55A7244679C2 ] IpHlpSvc        C:\Windows\System32\iphlpsvc.dll
19:15:43.0494 7844  IpHlpSvc - ok
19:15:43.0498 7844  IpInIp - ok
19:15:43.0522 7844  [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
19:15:43.0524 7844  IPMIDRV - ok
19:15:43.0577 7844  [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
19:15:43.0579 7844  IPNAT - ok
19:15:43.0661 7844  [ BC0EA61246F8D940FBC5F652D337D6BD ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
19:15:43.0678 7844  iPod Service - ok
19:15:43.0692 7844  [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
19:15:43.0693 7844  IRENUM - ok
19:15:43.0708 7844  [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
19:15:43.0709 7844  isapnp - ok
19:15:43.0734 7844  [ 232FA340531D940AAC623B121A595034 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
19:15:43.0737 7844  iScsiPrt - ok
19:15:43.0755 7844  [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
19:15:43.0757 7844  iteatapi - ok
19:15:43.0767 7844  [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid         C:\Windows\system32\drivers\iteraid.sys
19:15:43.0768 7844  iteraid - ok
19:15:43.0795 7844  [ B07084095F8C03AADB9811C9DF14B5E4 ] JRAID           C:\Windows\system32\drivers\jraid.sys
19:15:43.0797 7844  JRAID - ok
19:15:43.0801 7844  jvyk - ok
19:15:43.0878 7844  [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
19:15:43.0879 7844  kbdclass - ok
19:15:43.0906 7844  [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
19:15:43.0907 7844  kbdhid - ok
19:15:43.0972 7844  [ A3E186B4B935905B829219502557314E ] KeyIso          C:\Windows\system32\lsass.exe
19:15:43.0973 7844  KeyIso - ok
19:15:44.0049 7844  [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
19:15:44.0054 7844  KSecDD - ok
19:15:44.0082 7844  [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm           C:\Windows\system32\msdtckrm.dll
19:15:44.0087 7844  KtmRm - ok
19:15:44.0106 7844  [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer    C:\Windows\System32\srvsvc.dll
19:15:44.0110 7844  LanmanServer - ok
19:15:44.0143 7844  [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:15:44.0147 7844  LanmanWorkstation - ok
19:15:44.0161 7844  [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
19:15:44.0162 7844  lltdio - ok
19:15:44.0204 7844  [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
19:15:44.0208 7844  lltdsvc - ok
19:15:44.0239 7844  [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts         C:\Windows\System32\lmhsvc.dll
19:15:44.0241 7844  lmhosts - ok
19:15:44.0264 7844  [ C7E15E82879BF3235B559563D4185365 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
19:15:44.0266 7844  LSI_FC - ok
19:15:44.0283 7844  [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
19:15:44.0285 7844  LSI_SAS - ok
19:15:44.0322 7844  [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
19:15:44.0329 7844  LSI_SCSI - ok
19:15:44.0379 7844  [ 8F5C7426567798E62A3B3614965D62CC ] luafv           C:\Windows\system32\drivers\luafv.sys
19:15:44.0381 7844  luafv - ok
19:15:44.0403 7844  [ 0001CE609D66632FA17B84705F658879 ] megasas         C:\Windows\system32\drivers\megasas.sys
19:15:44.0404 7844  megasas - ok
19:15:44.0422 7844  [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
19:15:44.0427 7844  MegaSR - ok
19:15:44.0503 7844  [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
19:15:44.0505 7844  Microsoft Office Groove Audit Service - ok
19:15:44.0536 7844  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS           C:\Windows\system32\mmcss.dll
19:15:44.0538 7844  MMCSS - ok
19:15:44.0565 7844  [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem           C:\Windows\system32\drivers\modem.sys
19:15:44.0566 7844  Modem - ok
19:15:44.0623 7844  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
19:15:44.0624 7844  monitor - ok
19:15:44.0647 7844  [ 5BF6A1326A335C5298477754A506D263 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
19:15:44.0648 7844  mouclass - ok
19:15:44.0658 7844  [ 93B8D4869E12CFBE663915502900876F ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
19:15:44.0660 7844  mouhid - ok
19:15:44.0665 7844  [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
19:15:44.0666 7844  MountMgr - ok
19:15:44.0733 7844  [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
19:15:44.0735 7844  MozillaMaintenance - ok
19:15:44.0795 7844  [ CF105EE42E3F71E648CEBB3F666E1CF0 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
19:15:44.0797 7844  MpFilter - ok
19:15:44.0836 7844  [ 511D011289755DD9F9A7579FB0B064E6 ] mpio            C:\Windows\system32\drivers\mpio.sys
19:15:44.0838 7844  mpio - ok
19:15:44.0869 7844  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
19:15:44.0871 7844  mpsdrv - ok
19:15:44.0912 7844  [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc          C:\Windows\system32\mpssvc.dll
19:15:44.0918 7844  MpsSvc - ok
19:15:44.0937 7844  [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
19:15:44.0938 7844  Mraid35x - ok
19:15:44.0983 7844  [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
19:15:44.0985 7844  MRxDAV - ok
19:15:45.0024 7844  [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
19:15:45.0026 7844  mrxsmb - ok
19:15:45.0036 7844  [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:15:45.0039 7844  mrxsmb10 - ok
19:15:45.0047 7844  [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:15:45.0048 7844  mrxsmb20 - ok
19:15:45.0065 7844  [ F70590424EEFBF5C27A40C67AFDB8383 ] msahci          C:\Windows\system32\drivers\msahci.sys
19:15:45.0066 7844  msahci - ok
19:15:45.0097 7844  [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
19:15:45.0099 7844  msdsm - ok
19:15:45.0162 7844  [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC           C:\Windows\System32\msdtc.exe
19:15:45.0164 7844  MSDTC - ok
19:15:45.0196 7844  [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
19:15:45.0198 7844  Msfs - ok
19:15:45.0210 7844  [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
19:15:45.0211 7844  msisadrv - ok
19:15:45.0231 7844  [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
19:15:45.0234 7844  MSiSCSI - ok
19:15:45.0239 7844  msiserver - ok
19:15:45.0255 7844  [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
19:15:45.0256 7844  MSKSSRV - ok
19:15:45.0326 7844  MsMpSvc - ok
19:15:45.0385 7844  [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
19:15:45.0387 7844  MSPCLOCK - ok
19:15:45.0397 7844  [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
19:15:45.0398 7844  MSPQM - ok
19:15:45.0419 7844  [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
19:15:45.0421 7844  MsRPC - ok
19:15:45.0442 7844  [ E384487CB84BE41D09711C30CA79646C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
19:15:45.0443 7844  mssmbios - ok
19:15:45.0466 7844  [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
19:15:45.0467 7844  MSTEE - ok
19:15:45.0481 7844  [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup             C:\Windows\system32\Drivers\mup.sys
19:15:45.0482 7844  Mup - ok
19:15:45.0521 7844  [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent        C:\Windows\system32\qagentRT.dll
19:15:45.0526 7844  napagent - ok
19:15:45.0557 7844  [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
19:15:45.0560 7844  NativeWifiP - ok
19:15:45.0596 7844  NAVENG - ok
19:15:45.0599 7844  NAVEX15 - ok
19:15:45.0629 7844  [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS            C:\Windows\system32\drivers\ndis.sys
19:15:45.0646 7844  NDIS - ok
19:15:45.0670 7844  [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
19:15:45.0671 7844  NdisTapi - ok
19:15:45.0690 7844  [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
19:15:45.0691 7844  Ndisuio - ok
19:15:45.0722 7844  [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
19:15:45.0724 7844  NdisWan - ok
19:15:45.0731 7844  [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
19:15:45.0733 7844  NDProxy - ok
19:15:45.0741 7844  [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
19:15:45.0742 7844  NetBIOS - ok
19:15:45.0763 7844  [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
19:15:45.0765 7844  netbt - ok
19:15:45.0770 7844  [ A3E186B4B935905B829219502557314E ] Netlogon        C:\Windows\system32\lsass.exe
19:15:45.0771 7844  Netlogon - ok
19:15:45.0799 7844  [ C8052711DAECC48B982434C5116CA401 ] Netman          C:\Windows\System32\netman.dll
19:15:45.0803 7844  Netman - ok
19:15:45.0840 7844  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:15:45.0864 7844  NetMsmqActivator - ok
19:15:45.0868 7844  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:15:45.0869 7844  NetPipeActivator - ok
19:15:45.0891 7844  [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm        C:\Windows\System32\netprofm.dll
19:15:45.0895 7844  netprofm - ok
19:15:45.0900 7844  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:15:45.0902 7844  NetTcpActivator - ok
19:15:45.0905 7844  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:15:45.0906 7844  NetTcpPortSharing - ok
19:15:45.0930 7844  [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
19:15:45.0931 7844  nfrd960 - ok
19:15:45.0980 7844  [ 832E098BCA8235436FE2D8AE50AC3718 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
19:15:45.0982 7844  NisDrv - ok
19:15:46.0007 7844  NisSrv - ok
19:15:46.0072 7844  [ EA7BB4CC7C9AB8A3B70F4F696E6B3DDB ] NIWinCDEmu      C:\Windows\system32\DRIVERS\NIWinCDEmu.sys
19:15:46.0074 7844  NIWinCDEmu - ok
19:15:46.0100 7844  [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc          C:\Windows\System32\nlasvc.dll
19:15:46.0103 7844  NlaSvc - ok
19:15:46.0130 7844  [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
19:15:46.0132 7844  Npfs - ok
19:15:46.0136 7844  npggsvc - ok
19:15:46.0151 7844  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi             C:\Windows\system32\nsisvc.dll
19:15:46.0153 7844  nsi - ok
19:15:46.0162 7844  [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
19:15:46.0163 7844  nsiproxy - ok
19:15:46.0203 7844  [ 2C1121F2B87E9A6B12485DF53CD848C7 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
19:15:46.0220 7844  Ntfs - ok
19:15:46.0247 7844  [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
19:15:46.0249 7844  ntrigdigi - ok
19:15:46.0253 7844  [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null            C:\Windows\system32\drivers\Null.sys
19:15:46.0254 7844  Null - ok
19:15:46.0284 7844  [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
19:15:46.0288 7844  nvraid - ok
19:15:46.0328 7844  [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
19:15:46.0330 7844  nvstor - ok
19:15:46.0346 7844  [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
19:15:46.0348 7844  nv_agp - ok
19:15:46.0352 7844  NwlnkFlt - ok
19:15:46.0357 7844  NwlnkFwd - ok
19:15:46.0431 7844  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:15:46.0435 7844  odserv - ok
19:15:46.0459 7844  [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
19:15:46.0461 7844  ohci1394 - ok
19:15:46.0490 7844  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:15:46.0493 7844  ose - ok
19:15:46.0526 7844  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
19:15:46.0543 7844  p2pimsvc - ok
19:15:46.0559 7844  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc          C:\Windows\system32\p2psvc.dll
19:15:46.0565 7844  p2psvc - ok
19:15:46.0584 7844  [ 0FA9B5055484649D63C303FE404E5F4D ] Parport         C:\Windows\system32\drivers\parport.sys
19:15:46.0586 7844  Parport - ok
19:15:46.0616 7844  [ B9C2B89F08670E159F7181891E449CD9 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
19:15:46.0617 7844  partmgr - ok
19:15:46.0643 7844  [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
19:15:46.0644 7844  Parvdm - ok
19:15:46.0684 7844  [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc          C:\Windows\System32\pcasvc.dll
19:15:46.0687 7844  PcaSvc - ok
19:15:46.0719 7844  [ 941DC1D19E7E8620F40BBC206981EFDB ] pci             C:\Windows\system32\drivers\pci.sys
19:15:46.0721 7844  pci - ok
19:15:46.0733 7844  [ FC175F5DDAB666D7F4D17449A547626F ] pciide          C:\Windows\system32\drivers\pciide.sys
19:15:46.0734 7844  pciide - ok
19:15:46.0753 7844  [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
19:15:46.0755 7844  pcmcia - ok
19:15:46.0800 7844  [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
19:15:46.0817 7844  PEAUTH - ok
19:15:46.0869 7844  [ B1689DF169143F57053F795390C99DB3 ] pla             C:\Windows\system32\pla.dll
19:15:46.0894 7844  pla - ok
19:15:46.0923 7844  [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
19:15:46.0928 7844  PlugPlay - ok
19:15:46.0951 7844  [ A1DD33D16F277CE34124EE52AB2C0F14 ] PnkBstrA        C:\Windows\system32\PnkBstrA.exe
19:15:46.0955 7844  PnkBstrA - ok
19:15:46.0967 7844  [ CF45C455C3CDB71584B7E02C4B9237C6 ] PnkBstrB        C:\Windows\system32\PnkBstrB.exe
19:15:46.0971 7844  PnkBstrB - ok
19:15:47.0007 7844  [ 335070925FCE12AF4341BF0B71D8A4B6 ] PnkBstrK        C:\Windows\system32\drivers\PnkBstrK.sys
19:15:47.0009 7844  PnkBstrK - ok
19:15:47.0042 7844  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
19:15:47.0047 7844  PNRPAutoReg - ok
19:15:47.0067 7844  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
19:15:47.0072 7844  PNRPsvc - ok
19:15:47.0113 7844  [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
19:15:47.0118 7844  PolicyAgent - ok
19:15:47.0147 7844  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
19:15:47.0149 7844  PptpMiniport - ok
19:15:47.0168 7844  [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor       C:\Windows\system32\drivers\processr.sys
19:15:47.0170 7844  Processor - ok
19:15:47.0185 7844  [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc         C:\Windows\system32\profsvc.dll
19:15:47.0189 7844  ProfSvc - ok
19:15:47.0201 7844  [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
19:15:47.0203 7844  ProtectedStorage - ok
19:15:47.0234 7844  [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
19:15:47.0236 7844  PSched - ok
19:15:47.0261 7844  [ D24DFD16A1E2A76034DF5AA18125C35D ] PSI             C:\Windows\system32\DRIVERS\psi_mf.sys
19:15:47.0262 7844  PSI - ok
19:15:47.0301 7844  [ 49452BFCEC22F36A7A9B9C2181BC3042 ] PxHelp20        C:\Windows\system32\Drivers\PxHelp20.sys
19:15:47.0302 7844  PxHelp20 - ok
19:15:47.0361 7844  [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
19:15:47.0378 7844  ql2300 - ok
19:15:47.0394 7844  [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
19:15:47.0396 7844  ql40xx - ok
19:15:47.0439 7844  [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE           C:\Windows\system32\qwave.dll
19:15:47.0444 7844  QWAVE - ok
19:15:47.0473 7844  [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
19:15:47.0475 7844  QWAVEdrv - ok
19:15:47.0545 7844  [ E642B131FB74CAF4BB8A014F31113142 ] R300            C:\Windows\system32\DRIVERS\atikmdag.sys
19:15:47.0578 7844  R300 - ok
19:15:47.0617 7844  [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
19:15:47.0618 7844  RasAcd - ok
19:15:47.0639 7844  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto         C:\Windows\System32\rasauto.dll
19:15:47.0642 7844  RasAuto - ok
19:15:47.0657 7844  [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
19:15:47.0659 7844  Rasl2tp - ok
19:15:47.0690 7844  [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan          C:\Windows\System32\rasmans.dll
19:15:47.0694 7844  RasMan - ok
19:15:47.0725 7844  [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
19:15:47.0726 7844  RasPppoe - ok
19:15:47.0756 7844  [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
19:15:47.0758 7844  RasSstp - ok
19:15:47.0782 7844  [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
19:15:47.0785 7844  rdbss - ok
19:15:47.0794 7844  [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
19:15:47.0796 7844  RDPCDD - ok
19:15:47.0822 7844  [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
19:15:47.0825 7844  rdpdr - ok
19:15:47.0850 7844  [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
19:15:47.0851 7844  RDPENCDD - ok
19:15:47.0926 7844  [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
19:15:47.0928 7844  RDPWD - ok
19:15:47.0970 7844  [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess    C:\Windows\System32\mprdim.dll
19:15:47.0974 7844  RemoteAccess - ok
19:15:47.0998 7844  [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry  C:\Windows\system32\regsvc.dll
19:15:48.0001 7844  RemoteRegistry - ok
19:15:48.0005 7844  RimUsb - ok
19:15:48.0041 7844  [ D9B34325EE5DF78B8F28A3DE9F577C7D ] RimVSerPort     C:\Windows\system32\DRIVERS\RimSerial.sys
19:15:48.0042 7844  RimVSerPort - ok
19:15:48.0075 7844  [ 75E8A6BFA7374ABA833AE92BF41AE4E6 ] ROOTMODEM       C:\Windows\system32\Drivers\RootMdm.sys
19:15:48.0077 7844  ROOTMODEM - ok
19:15:48.0113 7844  RoxLiveShare9 - ok
19:15:48.0134 7844  [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator      C:\Windows\system32\locator.exe
19:15:48.0136 7844  RpcLocator - ok
19:15:48.0152 7844  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs           C:\Windows\system32\rpcss.dll
19:15:48.0156 7844  RpcSs - ok
19:15:48.0175 7844  [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
19:15:48.0177 7844  rspndr - ok
19:15:48.0201 7844  [ 2D19A7469EA19993D0C12E627F4530BC ] RTL8169         C:\Windows\system32\DRIVERS\Rtlh86.sys
19:15:48.0204 7844  RTL8169 - ok
19:15:48.0233 7844  [ 7F8D15EE000577BE703537849D4F9397 ] RtNdPt60        C:\Windows\system32\DRIVERS\RtNdPt60.sys
19:15:48.0235 7844  RtNdPt60 - ok
19:15:48.0242 7844  [ A3E186B4B935905B829219502557314E ] SamSs           C:\Windows\system32\lsass.exe
19:15:48.0243 7844  SamSs - ok
19:15:48.0273 7844  [ 3CE8F073A557E172B330109436984E30 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
19:15:48.0275 7844  sbp2port - ok
19:15:48.0302 7844  [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
19:15:48.0306 7844  SCardSvr - ok
19:15:48.0339 7844  [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule        C:\Windows\system32\schedsvc.dll
19:15:48.0356 7844  Schedule - ok
19:15:48.0397 7844  [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc     C:\Windows\System32\certprop.dll
19:15:48.0398 7844  SCPolicySvc - ok
19:15:48.0427 7844  [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
19:15:48.0431 7844  SDRSVC - ok
19:15:48.0451 7844  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
19:15:48.0452 7844  secdrv - ok
19:15:48.0475 7844  [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon        C:\Windows\system32\seclogon.dll
19:15:48.0478 7844  seclogon - ok
19:15:48.0521 7844  [ 5B66DB4877BBAC9F7493AA8D84421E49 ] Secunia PSI Agent C:\Program Files\Secunia\PSI\PSIA.exe
19:15:48.0539 7844  Secunia PSI Agent - ok
19:15:48.0554 7844  [ 0E88FDF474F2CDD370A4A6CE77D018F0 ] Secunia Update Agent C:\Program Files\Secunia\PSI\sua.exe
19:15:48.0559 7844  Secunia Update Agent - ok
19:15:48.0571 7844  [ A9BBAB5759771E523F55563D6CBE140F ] SENS            C:\Windows\system32\sens.dll
19:15:48.0574 7844  SENS - ok
19:15:48.0591 7844  [ CE9EC966638EF0B10B864DDEDF62A099 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
19:15:48.0593 7844  Serenum - ok
19:15:48.0607 7844  [ 6D663022DB3E7058907784AE14B69898 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
19:15:48.0610 7844  Serial - ok
19:15:48.0631 7844  [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
19:15:48.0632 7844  sermouse - ok
19:15:48.0665 7844  [ D2193326F729B163125610DBF3E17D57 ] SessionEnv      C:\Windows\system32\sessenv.dll
19:15:48.0669 7844  SessionEnv - ok
19:15:48.0681 7844  [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
19:15:48.0682 7844  sffdisk - ok
19:15:48.0710 7844  [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
19:15:48.0712 7844  sffp_mmc - ok
19:15:48.0726 7844  [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
19:15:48.0727 7844  sffp_sd - ok
19:15:48.0744 7844  [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
19:15:48.0745 7844  sfloppy - ok
19:15:48.0776 7844  [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
19:15:48.0780 7844  SharedAccess - ok
19:15:48.0836 7844  [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:15:48.0841 7844  ShellHWDetection - ok
19:15:48.0884 7844  [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
19:15:48.0886 7844  sisagp - ok
19:15:48.0903 7844  [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
19:15:48.0904 7844  SiSRaid2 - ok
19:15:48.0945 7844  [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
19:15:48.0946 7844  SiSRaid4 - ok
19:15:49.0032 7844  [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc           C:\Windows\system32\SLsvc.exe
19:15:49.0156 7844  slsvc - ok
19:15:49.0205 7844  [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify      C:\Windows\system32\SLUINotify.dll
19:15:49.0208 7844  SLUINotify - ok
19:15:49.0234 7844  [ 7B75299A4D201D6A6533603D6914AB04 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
19:15:49.0236 7844  Smb - ok
19:15:49.0268 7844  [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
19:15:49.0271 7844  SNMPTRAP - ok
19:15:49.0284 7844  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr           C:\Windows\system32\drivers\spldr.sys
19:15:49.0286 7844  spldr - ok
19:15:49.0314 7844  [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler         C:\Windows\System32\spoolsv.exe
19:15:49.0318 7844  Spooler - ok
19:15:49.0322 7844  SRTSP - ok
19:15:49.0327 7844  SRTSPX - ok
19:15:49.0361 7844  [ 41987F9FC0E61ADF54F581E15029AD91 ] srv             C:\Windows\system32\DRIVERS\srv.sys
19:15:49.0365 7844  srv - ok
19:15:49.0393 7844  [ FF33AFF99564B1AA534F58868CBE41EF ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
19:15:49.0395 7844  srv2 - ok
19:15:49.0411 7844  [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
19:15:49.0413 7844  srvnet - ok
19:15:49.0447 7844  [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
19:15:49.0450 7844  SSDPSRV - ok
19:15:49.0462 7844  [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
19:15:49.0466 7844  SstpSvc - ok
19:15:49.0494 7844  [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc          C:\Windows\System32\wiaservc.dll
19:15:49.0501 7844  stisvc - ok
19:15:49.0559 7844  [ DE3E7A2345EBAA3CE8E6957DFB55FB15 ] stllssvr        C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
19:15:49.0562 7844  stllssvr - ok
19:15:49.0590 7844  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
19:15:49.0591 7844  swenum - ok
19:15:49.0634 7844  [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv           C:\Windows\System32\swprv.dll
19:15:49.0639 7844  swprv - ok
19:15:49.0669 7844  [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
19:15:49.0670 7844  Symc8xx - ok
19:15:49.0685 7844  [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
19:15:49.0686 7844  Sym_hi - ok
19:15:49.0708 7844  [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
19:15:49.0709 7844  Sym_u3 - ok
19:15:49.0752 7844  [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain         C:\Windows\system32\sysmain.dll
19:15:49.0769 7844  SysMain - ok
19:15:49.0796 7844  [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:15:49.0799 7844  TabletInputService - ok
19:15:49.0832 7844  [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv         C:\Windows\System32\tapisrv.dll
19:15:49.0837 7844  TapiSrv - ok
19:15:49.0868 7844  [ CB05822CD9CC6C688168E113C603DBE7 ] TBS             C:\Windows\System32\tbssvc.dll
19:15:49.0871 7844  TBS - ok
19:15:49.0944 7844  [ 74E2D020C47BB2B2FCCBA29A518A7EB4 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
19:15:49.0961 7844  Tcpip - ok
19:15:49.0987 7844  [ 74E2D020C47BB2B2FCCBA29A518A7EB4 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
19:15:49.0992 7844  Tcpip6 - ok
19:15:50.0022 7844  [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
19:15:50.0023 7844  tcpipreg - ok
19:15:50.0047 7844  [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
19:15:50.0048 7844  TDPIPE - ok
19:15:50.0067 7844  [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
19:15:50.0068 7844  TDTCP - ok
19:15:50.0090 7844  [ 76B06EB8A01FC8624D699E7045303E54 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
19:15:50.0092 7844  tdx - ok
19:15:50.0098 7844  [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
19:15:50.0100 7844  TermDD - ok
19:15:50.0144 7844  [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService     C:\Windows\System32\termsrv.dll
19:15:50.0151 7844  TermService - ok
19:15:50.0168 7844  [ C7230FBEE14437716701C15BE02C27B8 ] Themes          C:\Windows\system32\shsvcs.dll
19:15:50.0172 7844  Themes - ok
19:15:50.0180 7844  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER     C:\Windows\system32\mmcss.dll
19:15:50.0181 7844  THREADORDER - ok
19:15:50.0210 7844  [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks          C:\Windows\System32\trkwks.dll
19:15:50.0213 7844  TrkWks - ok
19:15:50.0259 7844  [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:15:50.0261 7844  TrustedInstaller - ok
19:15:50.0285 7844  [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
19:15:50.0287 7844  tssecsrv - ok
19:15:50.0314 7844  [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
19:15:50.0315 7844  tunmp - ok
19:15:50.0341 7844  [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
19:15:50.0343 7844  tunnel - ok
19:15:50.0469 7844  [ 06BCCB3BF0D06ADCCC4EBC8EF682DD59 ] TVersityMediaServer C:\ProgramData\TVersity\Media Server\MediaServer.exe
19:15:50.0490 7844  TVersityMediaServer - ok
19:15:50.0516 7844  [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35          C:\Windows\system32\drivers\uagp35.sys
19:15:50.0519 7844  uagp35 - ok
19:15:50.0585 7844  [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
19:15:50.0587 7844  udfs - ok
19:15:50.0622 7844  [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
19:15:50.0625 7844  UI0Detect - ok
19:15:50.0648 7844  [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
19:15:50.0650 7844  uliagpkx - ok
19:15:50.0696 7844  [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci         C:\Windows\system32\drivers\uliahci.sys
19:15:50.0700 7844  uliahci - ok
19:15:50.0718 7844  [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata          C:\Windows\system32\drivers\ulsata.sys
19:15:50.0720 7844  UlSata - ok
19:15:50.0771 7844  [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
19:15:50.0775 7844  ulsata2 - ok
19:15:50.0818 7844  [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
19:15:50.0819 7844  umbus - ok
19:15:50.0848 7844  [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost        C:\Windows\System32\upnphost.dll
19:15:50.0853 7844  upnphost - ok
19:15:50.0879 7844  [ 73B41F4EAD65F355962168D766AF0F2E ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
19:15:50.0880 7844  USBAAPL - ok
19:15:50.0923 7844  [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
19:15:50.0925 7844  usbccgp - ok
19:15:50.0985 7844  [ E9476E6C486E76BC4898074768FB7131 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
19:15:50.0986 7844  usbcir - ok
19:15:51.0025 7844  [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
19:15:51.0035 7844  usbehci - ok
19:15:51.0176 7844  [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
19:15:51.0178 7844  usbhub - ok
19:15:51.0196 7844  [ 38DBC7DD6CC5A72011F187425384388B ] usbohci         C:\Windows\system32\drivers\usbohci.sys
19:15:51.0197 7844  usbohci - ok
19:15:51.0225 7844  [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint        C:\Windows\system32\drivers\usbprint.sys
19:15:51.0227 7844  usbprint - ok
19:15:51.0241 7844  [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:15:51.0242 7844  USBSTOR - ok
19:15:51.0263 7844  [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
19:15:51.0264 7844  usbuhci - ok
19:15:51.0298 7844  [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms           C:\Windows\System32\uxsms.dll
19:15:51.0301 7844  UxSms - ok
19:15:51.0333 7844  [ CD88D1B7776DC17A119049742EC07EB4 ] vds             C:\Windows\System32\vds.exe
19:15:51.0340 7844  vds - ok
19:15:51.0358 7844  [ 87B06E1F30B749A114F74622D013F8D4 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
19:15:51.0359 7844  vga - ok
19:15:51.0380 7844  [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave         C:\Windows\System32\drivers\vga.sys
19:15:51.0381 7844  VgaSave - ok
19:15:51.0411 7844  [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp          C:\Windows\system32\drivers\viaagp.sys
19:15:51.0413 7844  viaagp - ok
19:15:51.0427 7844  [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7           C:\Windows\system32\drivers\viac7.sys
19:15:51.0429 7844  ViaC7 - ok
19:15:51.0445 7844  [ AADF5587A4063F52C2C3FED7887426FC ] viaide          C:\Windows\system32\drivers\viaide.sys
19:15:51.0446 7844  viaide - ok
19:15:51.0472 7844  [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
19:15:51.0473 7844  volmgr - ok
19:15:51.0501 7844  [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
19:15:51.0505 7844  volmgrx - ok
19:15:51.0568 7844  [ 786DB5771F05EF300390399F626BF30A ] volsnap         C:\Windows\system32\drivers\volsnap.sys
19:15:51.0571 7844  volsnap - ok
19:15:51.0606 7844  [ 587253E09325E6BF226B299774B728A9 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
19:15:51.0608 7844  vsmraid - ok
19:15:51.0644 7844  [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS             C:\Windows\system32\vssvc.exe
19:15:51.0662 7844  VSS - ok
19:15:51.0694 7844  [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time         C:\Windows\system32\w32time.dll
19:15:51.0699 7844  W32Time - ok
19:15:51.0715 7844  [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
19:15:51.0716 7844  WacomPen - ok
19:15:51.0750 7844  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
19:15:51.0752 7844  Wanarp - ok
19:15:51.0755 7844  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
19:15:51.0755 7844  Wanarpv6 - ok
19:15:51.0804 7844  [ A3CD60FD826381B49F03832590E069AF ] wcncsvc         C:\Windows\System32\wcncsvc.dll
19:15:51.0810 7844  wcncsvc - ok
19:15:51.0832 7844  [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:15:51.0836 7844  WcsPlugInService - ok
19:15:51.0849 7844  [ 78FE9542363F297B18C027B2D7E7C07F ] Wd              C:\Windows\system32\drivers\wd.sys
19:15:51.0850 7844  Wd - ok
19:15:51.0943 7844  [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
19:15:51.0960 7844  Wdf01000 - ok
19:15:51.0991 7844  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
19:15:51.0995 7844  WdiServiceHost - ok
19:15:51.0999 7844  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
19:15:52.0001 7844  WdiSystemHost - ok
19:15:52.0029 7844  [ 04C37D8107320312FBAE09926103D5E2 ] WebClient       C:\Windows\System32\webclnt.dll
19:15:52.0033 7844  WebClient - ok
19:15:52.0066 7844  [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc          C:\Windows\system32\wecsvc.dll
19:15:52.0070 7844  Wecsvc - ok
19:15:52.0098 7844  [ 670FF720071ED741206D69BD995EA453 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
19:15:52.0102 7844  wercplsupport - ok
19:15:52.0123 7844  [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc          C:\Windows\System32\WerSvc.dll
19:15:52.0127 7844  WerSvc - ok
19:15:52.0162 7844  WinDefend - ok
19:15:52.0169 7844  WinHttpAutoProxySvc - ok
19:15:52.0208 7844  [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
19:15:52.0210 7844  Winmgmt - ok
19:15:52.0252 7844  [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM           C:\Windows\system32\WsmSvc.dll
19:15:52.0278 7844  WinRM - ok
19:15:52.0315 7844  [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc         C:\Windows\System32\wlansvc.dll
19:15:52.0322 7844  Wlansvc - ok
19:15:52.0348 7844  [ 48CA581C12022AC60FE82E2B96FBF5D4 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
19:15:52.0349 7844  WmiAcpi - ok
19:15:52.0383 7844  [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
19:15:52.0385 7844  wmiApSrv - ok
19:15:52.0445 7844  [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
19:15:52.0462 7844  WMPNetworkSvc - ok
19:15:52.0483 7844  [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
19:15:52.0487 7844  WPCSvc - ok
19:15:52.0513 7844  [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
19:15:52.0517 7844  WPDBusEnum - ok
19:15:52.0546 7844  [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
19:15:52.0548 7844  WpdUsb - ok
19:15:52.0587 7844  [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
19:15:52.0604 7844  WPFFontCache_v0400 - ok
19:15:52.0626 7844  [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
19:15:52.0627 7844  ws2ifsl - ok
19:15:52.0662 7844  [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc          C:\Windows\System32\wscsvc.dll
19:15:52.0665 7844  wscsvc - ok
19:15:52.0669 7844  WSearch - ok
19:15:52.0744 7844  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
19:15:52.0777 7844  wuauserv - ok
19:15:52.0887 7844  [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
19:15:52.0888 7844  WudfPf - ok
19:15:52.0977 7844  [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
19:15:52.0979 7844  WUDFRd - ok
19:15:53.0034 7844  [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
19:15:53.0039 7844  wudfsvc - ok
19:15:53.0149 7844  [ 9EEA6D029FEF5F3016D089B1A603837D ] xnacc           C:\Windows\system32\DRIVERS\xnacc.sys
19:15:53.0166 7844  xnacc - ok
19:15:53.0205 7844  [ A640C90B007762939507C28A021BE3B3 ] xusb21          C:\Windows\system32\DRIVERS\xusb21.sys
19:15:53.0207 7844  xusb21 - ok
19:15:53.0209 7844  ================ Scan global ===============================
19:15:53.0238 7844  [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
19:15:53.0314 7844  [ A508314231C49AEE86987CEA3EAECAD1 ] C:\Windows\system32\winsrv.dll
19:15:53.0329 7844  [ A508314231C49AEE86987CEA3EAECAD1 ] C:\Windows\system32\winsrv.dll
19:15:53.0354 7844  [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
19:15:53.0359 7844  [Global] - ok
19:15:53.0359 7844  ================ Scan MBR ==================================
19:15:53.0377 7844  [ 239841E1AE8E4843C0676F3681A7D6BE ] \Device\Harddisk0\DR0
19:15:53.0735 7844  \Device\Harddisk0\DR0 - ok
19:15:53.0735 7844  ================ Scan VBR ==================================
19:15:53.0747 7844  [ 5522E8D14BC53505C21F847DAF6B3000 ] \Device\Harddisk0\DR0\Partition1
19:15:53.0749 7844  \Device\Harddisk0\DR0\Partition1 - ok
19:15:53.0751 7844  [ 247C37711A7CF8BD9EDC3714B84B6F8E ] \Device\Harddisk0\DR0\Partition2
19:15:53.0752 7844  \Device\Harddisk0\DR0\Partition2 - ok
19:15:53.0753 7844  ============================================================
19:15:53.0753 7844  Scan finished
19:15:53.0753 7844  ============================================================
19:15:53.0762 7836  Detected object count: 0
19:15:53.0762 7836  Actual detected object count: 0
19:16:11.0007 7812  Deinitialize success
 

 

 

 

 

 


Edited by icarusbreathes, 11 June 2013 - 06:30 PM.


#4 D-FRED-BROWN

D-FRED-BROWN

    Resident Bracketologist


  • Malware Response Team
  • 834 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Kansas, USA
  • Local time:06:23 AM

Posted 11 June 2013 - 06:51 PM

See if you can download ComboFix and the other programs on a different computer, then transfer them to the infected computer via flash drive.


Proud graduate of SpywareInfo Bootcamp
Follow me on Twitter! @dfredbrown
Posted Image
Unified Network of Instructors and Trained Eliminators

I volunteer my free time to help you. Please consider making a donation so I can continue helping people like you.
Posted Image
Thank you!

#5 icarusbreathes

icarusbreathes
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Local time:06:23 AM

Posted 11 June 2013 - 09:26 PM

As I mentioned, I do not readily have access to a flash drive or another computer. Am I effectively screwed until I can somehow figure that out?



#6 D-FRED-BROWN

D-FRED-BROWN

    Resident Bracketologist


  • Malware Response Team
  • 834 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Kansas, USA
  • Local time:06:23 AM

Posted 11 June 2013 - 09:35 PM

Try downloading it from another site. I've uploaded it here: http://www.sendspace.com/file/271nrb


Proud graduate of SpywareInfo Bootcamp
Follow me on Twitter! @dfredbrown
Posted Image
Unified Network of Instructors and Trained Eliminators

I volunteer my free time to help you. Please consider making a donation so I can continue helping people like you.
Posted Image
Thank you!

#7 icarusbreathes

icarusbreathes
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Local time:06:23 AM

Posted 13 June 2013 - 05:33 AM

No dice. I've never had this happen before, but it doesn't show up whether I put it on the desktop or in a random folder.



#8 D-FRED-BROWN

D-FRED-BROWN

    Resident Bracketologist


  • Malware Response Team
  • 834 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Kansas, USA
  • Local time:06:23 AM

Posted 13 June 2013 - 09:39 AM

Okay let's try something else:

----------Step 1----------------
Please download AdwCleaner by Xplode onto your desktop.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Search.
  • A logfile will automatically open after the scan has finished.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[R1].txt as well.
----------Step 2----------------
We need to create a New FULL OTL Report
  • Please download OTL from here if you have not done so already:
  • Save it to your desktop.
  • Double click on the OTL icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Change the "Extra Registry" option to "SafeList"
  • Push the Run Scan button.
  • Two reports will open, copy and paste them in a reply here:
    • OTL.txt <-- Will be opened
    • Extra.txt <-- Will be minimized
----------Step 3 (note: this scan may take a little time)----------------
I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the esetOnline.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetSmartInstall.png to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the esetSmartInstallDesktopIcon.png icon on your desktop.
  • Check esetAcceptTerms.png
  • Click the esetStart.png button.
  • Accept any security warnings from your browser.
  • Check esetScanArchives.png
  • Push the Start button.
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push esetListThreats.png
  • Push esetExport.png, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the esetBack.png button.
  • Push esetFinish.png
A log file will be saved here: C:\Program Files\ESET\ESET Online Scanner\log.txt


----------Step 4----------------
Please post the AdwCleaner logfile, the OTL.txt and Extras.txt, and the ESET online scan log in your next reply.

Let me know how things go.

Edited by D-FRED-BROWN, 13 June 2013 - 09:40 AM.

Proud graduate of SpywareInfo Bootcamp
Follow me on Twitter! @dfredbrown
Posted Image
Unified Network of Instructors and Trained Eliminators

I volunteer my free time to help you. Please consider making a donation so I can continue helping people like you.
Posted Image
Thank you!

#9 icarusbreathes

icarusbreathes
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Local time:06:23 AM

Posted 16 June 2013 - 08:47 PM

Sorry for the delay, I wasn't home all weekend.

I could not do the first two steps due to my download issues, but I was able to run the ESET scan. Here is the log:

C:\Program Files\Microsoft Security Client\Drivers\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30\3fe1f5e-4b56368b    a variant of Java/Agent.DU trojan    
C:\Program Files\Microsoft Security Client\en-us\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30\3fe1f5e-4b56368b    a variant of Java/Agent.DU trojan    
C:\Program Files\Windows Defender\en-US\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30\3fe1f5e-4b56368b    a variant of Java/Agent.DU trojan    
C:\Users\Josh\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41\a91f229-1c8106ac    multiple threats    
C:\Users\Josh\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60\aa1023c-616e16fa    multiple threats    
C:\Windows\$NtUninstallKB32527$\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30\3fe1f5e-4b56368b    a variant of Java/Agent.DU trojan    
C:\Windows\$NtUninstallKB33008$\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30\3fe1f5e-4b56368b    a variant of Java/Agent.DU trojan    
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30\3fe1f5e-4b56368b    a variant of Java/Agent.DU trojan    
C:\Documents and Settings\Josh\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41\a91f229-1c8106ac    multiple threats    cleaned by deleting - quarantined
C:\Documents and Settings\Josh\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60\aa1023c-616e16fa    multiple threats    cleaned by deleting - quarantined
C:\Program Files\BitLord\Downloads\Rob.Papen.ConcreteFX.Blue.VSTi.v1.7.incl.KeyGen-BEAT.rar    probably a variant of Win32/Agent.HEPGPJJ trojan    deleted - quarantined
C:\Program Files\Microsoft Security Client\Backup\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30\3fe1f5e-4b56368b    a variant of Java/Agent.DU trojan    cleaned by deleting - quarantined
 



#10 D-FRED-BROWN

D-FRED-BROWN

    Resident Bracketologist


  • Malware Response Team
  • 834 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Kansas, USA
  • Local time:06:23 AM

Posted 16 June 2013 - 08:57 PM

Let's see if we can fix your download issues-

 

Have you tried downloading the files with a different browser and/or saving them to a location other than the Desktop?


Proud graduate of SpywareInfo Bootcamp
Follow me on Twitter! @dfredbrown
Posted Image
Unified Network of Instructors and Trained Eliminators

I volunteer my free time to help you. Please consider making a donation so I can continue helping people like you.
Posted Image
Thank you!

#11 icarusbreathes

icarusbreathes
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Local time:06:23 AM

Posted 16 June 2013 - 11:10 PM

Yes, and I just tried to do so again with no luck.



#12 D-FRED-BROWN

D-FRED-BROWN

    Resident Bracketologist


  • Malware Response Team
  • 834 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Kansas, USA
  • Local time:06:23 AM

Posted 16 June 2013 - 11:15 PM

Run the fixdamage tool included with Malwarebytes Anti-Rootkit and reboot. It's located in the Plugins folder which is in the MBAR folder.

(Just run fixdamage.exe)

Afterwards, check your internet connection- are you able to download files now?


Edited by D-FRED-BROWN, 16 June 2013 - 11:16 PM.

Proud graduate of SpywareInfo Bootcamp
Follow me on Twitter! @dfredbrown
Posted Image
Unified Network of Instructors and Trained Eliminators

I volunteer my free time to help you. Please consider making a donation so I can continue helping people like you.
Posted Image
Thank you!

#13 icarusbreathes

icarusbreathes
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Local time:06:23 AM

Posted 17 June 2013 - 02:48 PM

I wasn't able to download the Anti-Rootkit, remember...? :(



#14 D-FRED-BROWN

D-FRED-BROWN

    Resident Bracketologist


  • Malware Response Team
  • 834 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Kansas, USA
  • Local time:06:23 AM

Posted 17 June 2013 - 03:00 PM

What router/modem are you using?


Proud graduate of SpywareInfo Bootcamp
Follow me on Twitter! @dfredbrown
Posted Image
Unified Network of Instructors and Trained Eliminators

I volunteer my free time to help you. Please consider making a donation so I can continue helping people like you.
Posted Image
Thank you!

#15 icarusbreathes

icarusbreathes
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Local time:06:23 AM

Posted 19 June 2013 - 08:42 PM

It's a Motorola Surfboard.

But it's not my internet connection that is the problem. It is that the downloads do not show up when Firefox/IE says they have been downloaded.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users