Jump to content

Trojan Agent 3 and winrscmde


Recommended Posts

I'm running a Windows 7 computer with a x64 bit processor. I ran AVG and Malwarebytes and I can't get rid of Trojan Agent3.atli. On top of that, my svchost.exe is infected with winrscmde. Any help to get rid of these pests without wiping my computer would be much appreciated.

Link to post
Share on other sites

flevine,

post-32477-1261866970.gif

Logs will be closed if you haven't replied within 3 days

Please don't attach the scans / logs for these tools, use "copy/paste".

DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision.

Doing so could make your pc inoperatible and could require a full reinstall of your OS, losing all your programs and data.

Please run a new MBAM scan being sure to update before scanning.

Post the scan results

Also please describe how your computer behaves at the moment.

Please don't attach the scans / logs, use "copy/paste".

Link to post
Share on other sites

No it's not overheating or anything else normal that would cause it to restart like a faulty plug. I've removed Trojans before but this one has been fighting me for a few weeks and now I feel helpless because I've done everything I know to do. I'm stuck in class for another 2 hours but as soon as I get home I'll run the scan and post the results.

Link to post
Share on other sites

OK.

I'll be online for another 2hrs, but I'll check the results tomorrow.

Logs will be closed if you haven't replied within 3 days

Please don't attach the scans / logs from these scans, use "copy/paste".

The 3rd thing I want you to run is TDSSKiller.

Next:

Download TDSSKiller from here and save it to your Desktop.

Note: if the Cure option is not there, please select 'Skip'.

Please read carefully and follow these steps.

  1. Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
    tdss_1.jpg
  2. Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
    tdss_2.jpg
  3. Click the Start Scan button.
    tdss_3.jpg
  4. If a suspicious object is detected, the default action will be Skip, click on Continue.
    tdss_4.jpg
  5. If Malicious objects are found then ensure Cure is selected
  6. If TDLFS File System is found then ensure Delete is selected
  7. Then click Continue Reboot now to finish the cleaning process.
    tdss_5.jpg

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

Link to post
Share on other sites

Malwarebytes Anti-Malware 1.60.1.1000

www.malwarebytes.org

Database version: v2012.04.03.12

Windows 7 x64 NTFS

Internet Explorer 8.0.7600.16385

Levine :: LEVINE-PC [administrator]

4/3/2012 5:28:20 PM

mbam-log-2012-04-03 (20-37-56).txt

Scan type: Full scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 581067

Time elapsed: 2 hour(s), 54 minute(s), 45 second(s)

Memory Processes Detected: 1

C:\Windows\svchost.exe (Trojan.Agent) -> 2676 -> No action taken.

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 2

C:\Windows\svchost.exe (Trojan.Agent) -> No action taken.

C:\Windows\svchost.exe.vir (Heuristics.Reserved.Word.Exploit) -> No action taken.

(end)

Malwarebytes Anti-Malware 1.60.1.1000

www.malwarebytes.org

Database version: v2012.04.03.12

Windows 7 x64 NTFS

Internet Explorer 8.0.7600.16385

Levine :: LEVINE-PC [administrator]

4/3/2012 5:28:20 PM

mbam-log-2012-04-03 (17-28-20).txt

Scan type: Full scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 581067

Time elapsed: 2 hour(s), 54 minute(s), 45 second(s)

Memory Processes Detected: 1

C:\Windows\svchost.exe (Trojan.Agent) -> 2676 -> Delete on reboot.

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 2

C:\Windows\svchost.exe (Trojan.Agent) -> Delete on reboot.

C:\Windows\svchost.exe.vir (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.

(end)

17:29:31.0198 5788 TDSS rootkit removing tool 2.7.25.0 Apr 3 2012 13:42:32

17:29:32.0206 5788 ============================================================

17:29:32.0207 5788 Current date / time: 2012/04/03 17:29:32.0206

17:29:32.0207 5788 SystemInfo:

17:29:32.0207 5788

17:29:32.0207 5788 OS Version: 6.1.7600 ServicePack: 0.0

17:29:32.0207 5788 Product type: Workstation

17:29:32.0207 5788 ComputerName: LEVINE-PC

17:29:32.0225 5788 UserName: Levine

17:29:32.0225 5788 Windows directory: C:\Windows

17:29:32.0225 5788 System windows directory: C:\Windows

17:29:32.0225 5788 Running under WOW64

17:29:32.0225 5788 Processor architecture: Intel x64

17:29:32.0225 5788 Number of processors: 2

17:29:32.0225 5788 Page size: 0x1000

17:29:32.0225 5788 Boot type: Normal boot

17:29:32.0225 5788 ============================================================

17:29:33.0291 5788 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

17:29:33.0307 5788 \Device\Harddisk0\DR0:

17:29:33.0307 5788 MBR used

17:29:33.0307 5788 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000

17:29:33.0307 5788 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x38625830

17:29:33.0344 5788 Initialize success

17:29:33.0344 5788 ============================================================

17:30:03.0330 3784 ============================================================

17:30:03.0330 3784 Scan started

17:30:03.0330 3784 Mode: Manual; SigCheck; TDLFS;

17:30:03.0330 3784 ============================================================

17:30:06.0035 3784 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys

17:30:06.0439 3784 1394ohci - ok

17:30:06.0869 3784 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys

17:30:06.0986 3784 ACPI - ok

17:30:07.0202 3784 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys

17:30:07.0738 3784 AcpiPmi - ok

17:30:07.0945 3784 AdobeActiveFileMonitor8.0 - ok

17:30:08.0142 3784 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys

17:30:08.0206 3784 adp94xx - ok

17:30:08.0917 3784 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys

17:30:08.0934 3784 adpahci - ok

17:30:09.0385 3784 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys

17:30:09.0601 3784 adpu320 - ok

17:30:09.0729 3784 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll

17:30:10.0225 3784 AeLookupSvc - ok

17:30:10.0549 3784 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys

17:30:10.0731 3784 AFD - ok

17:30:10.0822 3784 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys

17:30:10.0835 3784 agp440 - ok

17:30:10.0935 3784 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe

17:30:11.0195 3784 ALG - ok

17:30:11.0583 3784 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys

17:30:11.0595 3784 aliide - ok

17:30:12.0030 3784 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys

17:30:12.0041 3784 amdide - ok

17:30:12.0526 3784 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys

17:30:12.0615 3784 AmdK8 - ok

17:30:12.0992 3784 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

17:30:13.0099 3784 AmdPPM - ok

17:30:13.0452 3784 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys

17:30:13.0465 3784 amdsata - ok

17:30:13.0998 3784 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys

17:30:14.0093 3784 amdsbs - ok

17:30:14.0495 3784 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys

17:30:14.0508 3784 amdxata - ok

17:30:15.0191 3784 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys

17:30:16.0646 3784 AppID - ok

17:30:16.0985 3784 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll

17:30:17.0117 3784 AppIDSvc - ok

17:30:17.0481 3784 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll

17:30:17.0634 3784 Appinfo - ok

17:30:17.0927 3784 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

17:30:17.0965 3784 Apple Mobile Device - ok

17:30:18.0357 3784 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys

17:30:18.0372 3784 arc - ok

17:30:18.0639 3784 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys

17:30:18.0752 3784 arcsas - ok

17:30:18.0969 3784 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

17:30:19.0156 3784 AsyncMac - ok

17:30:19.0488 3784 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys

17:30:19.0507 3784 atapi - ok

17:30:19.0855 3784 athur (c579174daf19e9330c31c95df1471380) C:\Windows\system32\DRIVERS\athurx.sys

17:30:20.0257 3784 athur - ok

17:30:20.0497 3784 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll

17:30:20.0614 3784 AudioEndpointBuilder - ok

17:30:20.0746 3784 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll

17:30:20.0795 3784 AudioSrv - ok

17:30:21.0711 3784 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe

17:30:21.0989 3784 AVGIDSAgent - ok

17:30:22.0467 3784 AVGIDSDriver (e29ea1a0ec7ab9fa2dc7e75a03f12a4f) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys

17:30:22.0531 3784 AVGIDSDriver - ok

17:30:22.0859 3784 AVGIDSEH (f823d184b8e8ffb8da3ead45dbf5bd6a) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys

17:30:22.0908 3784 AVGIDSEH - ok

17:30:23.0121 3784 AVGIDSFilter (ed2b25bd7fe35d1944211968842d30da) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys

17:30:23.0540 3784 AVGIDSFilter - ok

17:30:24.0163 3784 Avgldx64 (979cf8912449a10b987218bff80a1fa3) C:\Windows\system32\DRIVERS\avgldx64.sys

17:30:24.0324 3784 Avgldx64 - ok

17:30:24.0525 3784 Avgmfx64 (36b1a5843695766eac714daffc5b84d1) C:\Windows\system32\DRIVERS\avgmfx64.sys

17:30:24.0596 3784 Avgmfx64 - ok

17:30:24.0835 3784 Avgrkx64 (1102239fb724527f1febbbbccf6bf313) C:\Windows\system32\DRIVERS\avgrkx64.sys

17:30:24.0843 3784 Avgrkx64 - ok

17:30:25.0018 3784 Avgtdia (11f36d3ea82d9db9aa05a476a210551b) C:\Windows\system32\DRIVERS\avgtdia.sys

17:30:25.0037 3784 Avgtdia - ok

17:30:25.0286 3784 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe

17:30:25.0302 3784 avgwd - ok

17:30:25.0477 3784 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll

17:30:25.0647 3784 AxInstSV - ok

17:30:25.0889 3784 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys

17:30:26.0034 3784 b06bdrv - ok

17:30:26.0149 3784 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

17:30:26.0252 3784 b57nd60a - ok

17:30:26.0686 3784 BCMH43XX (e49110a58a32e9450356686a95dd7763) C:\Windows\system32\DRIVERS\bcmwlhigh664.sys

17:30:26.0768 3784 BCMH43XX - ok

17:30:27.0075 3784 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll

17:30:27.0393 3784 BDESVC - ok

17:30:27.0537 3784 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

17:30:27.0620 3784 Beep - ok

17:30:27.0994 3784 BFE (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll

17:30:28.0173 3784 BFE - ok

17:30:28.0420 3784 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\System32\qmgr.dll

17:30:28.0812 3784 BITS - ok

17:30:29.0174 3784 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

17:30:29.0334 3784 blbdrive - ok

17:30:29.0647 3784 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe

17:30:29.0665 3784 Bonjour Service - ok

17:30:30.0071 3784 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys

17:30:30.0330 3784 bowser - ok

17:30:30.0622 3784 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys

17:30:30.0682 3784 BrFiltLo - ok

17:30:30.0841 3784 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys

17:30:30.0858 3784 BrFiltUp - ok

17:30:31.0229 3784 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys

17:30:31.0303 3784 BridgeMP - ok

17:30:31.0570 3784 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll

17:30:31.0661 3784 Browser - ok

17:30:31.0952 3784 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

17:30:32.0128 3784 Brserid - ok

17:30:32.0473 3784 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

17:30:32.0519 3784 BrSerWdm - ok

17:30:32.0750 3784 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

17:30:32.0816 3784 BrUsbMdm - ok

17:30:33.0058 3784 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

17:30:33.0096 3784 BrUsbSer - ok

17:30:33.0708 3784 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

17:30:33.0795 3784 BTHMODEM - ok

17:30:33.0976 3784 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll

17:30:34.0025 3784 bthserv - ok

17:30:34.0253 3784 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

17:30:34.0371 3784 cdfs - ok

17:30:34.0741 3784 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys

17:30:34.0846 3784 cdrom - ok

17:30:35.0004 3784 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll

17:30:35.0102 3784 CertPropSvc - ok

17:30:35.0361 3784 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys

17:30:35.0435 3784 circlass - ok

17:30:35.0641 3784 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

17:30:35.0663 3784 CLFS - ok

17:30:35.0865 3784 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

17:30:35.0876 3784 clr_optimization_v2.0.50727_32 - ok

17:30:36.0050 3784 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

17:30:36.0060 3784 clr_optimization_v2.0.50727_64 - ok

17:30:36.0384 3784 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

17:30:37.0072 3784 clr_optimization_v4.0.30319_32 - ok

17:30:37.0565 3784 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

17:30:37.0577 3784 clr_optimization_v4.0.30319_64 - ok

17:30:37.0750 3784 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

17:30:37.0840 3784 CmBatt - ok

17:30:38.0065 3784 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys

17:30:38.0082 3784 cmdide - ok

17:30:38.0285 3784 CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys

17:30:38.0359 3784 CNG - ok

17:30:39.0190 3784 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

17:30:39.0326 3784 Compbatt - ok

17:30:39.0971 3784 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys

17:30:40.0117 3784 CompositeBus - ok

17:30:40.0310 3784 COMSysApp - ok

17:30:40.0629 3784 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys

17:30:40.0740 3784 crcdisk - ok

17:30:40.0856 3784 CryptSvc (8c57411b66282c01533cb776f98ad384) C:\Windows\system32\cryptsvc.dll

17:30:40.0969 3784 CryptSvc - ok

17:30:41.0562 3784 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll

17:30:41.0684 3784 DcomLaunch - ok

17:30:41.0889 3784 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll

17:30:42.0071 3784 defragsvc - ok

17:30:42.0280 3784 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys

17:30:42.0409 3784 DfsC - ok

17:30:42.0718 3784 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll

17:30:43.0640 3784 Dhcp - ok

17:30:43.0863 3784 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

17:30:44.0046 3784 discache - ok

17:30:44.0223 3784 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys

17:30:44.0245 3784 Disk - ok

17:30:44.0365 3784 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll

17:30:44.0473 3784 Dnscache - ok

17:30:44.0701 3784 DockLoginService (0840abbbdf438691ee65a20040635cbe) C:\Program Files\Dell\DellDock\DockLogin.exe

17:30:44.0756 3784 DockLoginService ( UnsignedFile.Multi.Generic ) - warning

17:30:44.0756 3784 DockLoginService - detected UnsignedFile.Multi.Generic (1)

17:30:44.0900 3784 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll

17:30:45.0043 3784 dot3svc - ok

17:30:45.0187 3784 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll

17:30:45.0284 3784 DPS - ok

17:30:45.0505 3784 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

17:30:45.0658 3784 drmkaud - ok

17:30:45.0909 3784 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys

17:30:46.0076 3784 DXGKrnl - ok

17:30:46.0184 3784 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll

17:30:46.0241 3784 EapHost - ok

17:30:47.0200 3784 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys

17:30:47.0741 3784 ebdrv - ok

17:30:47.0922 3784 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe

17:30:48.0128 3784 EFS - ok

17:30:48.0333 3784 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe

17:30:48.0509 3784 ehRecvr - ok

17:30:48.0682 3784 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe

17:30:48.0929 3784 ehSched - ok

17:30:49.0609 3784 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys

17:30:49.0715 3784 elxstor - ok

17:30:49.0954 3784 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys

17:30:50.0018 3784 ErrDev - ok

17:30:50.0280 3784 esgiguard - ok

17:30:50.0856 3784 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll

17:30:51.0015 3784 EventSystem - ok

17:30:51.0733 3784 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

17:30:51.0837 3784 exfat - ok

17:30:52.0017 3784 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

17:30:52.0053 3784 fastfat - ok

17:30:52.0300 3784 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe

17:30:52.0387 3784 Fax - ok

17:30:52.0585 3784 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys

17:30:52.0634 3784 fdc - ok

17:30:52.0873 3784 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll

17:30:52.0974 3784 fdPHost - ok

17:30:53.0287 3784 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll

17:30:53.0474 3784 FDResPub - ok

17:30:53.0571 3784 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

17:30:53.0585 3784 FileInfo - ok

17:30:53.0600 3784 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

17:30:53.0968 3784 Filetrace - ok

17:30:54.0224 3784 FLEXnet Licensing Service (abedfd48ac042c6aaad32452e77217a1) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

17:30:54.0254 3784 FLEXnet Licensing Service - ok

17:30:54.0337 3784 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys

17:30:54.0460 3784 flpydisk - ok

17:30:54.0559 3784 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys

17:30:54.0584 3784 FltMgr - ok

17:30:54.0862 3784 FontCache (cb5e4b9c319e3c6bb363eb7e58a4a051) C:\Windows\system32\FntCache.dll

17:30:54.0973 3784 FontCache - ok

17:30:55.0223 3784 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

17:30:55.0232 3784 FontCache3.0.0.0 - ok

17:30:55.0338 3784 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

17:30:55.0350 3784 FsDepends - ok

17:30:55.0391 3784 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys

17:30:55.0415 3784 Fs_Rec - ok

17:30:55.0520 3784 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys

17:30:55.0541 3784 fvevol - ok

17:30:55.0588 3784 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys

17:30:55.0613 3784 gagp30kx - ok

17:30:55.0646 3784 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

17:30:55.0688 3784 GEARAspiWDM - ok

17:30:55.0818 3784 GoToAssist (d3316f6e3c011435f36e3d6e49b3196c) C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe

17:30:55.0830 3784 GoToAssist - ok

17:30:56.0323 3784 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll

17:30:56.0403 3784 gpsvc - ok

17:30:56.0647 3784 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

17:30:56.0683 3784 hcw85cir - ok

17:30:56.0726 3784 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys

17:30:56.0778 3784 HDAudBus - ok

17:30:56.0799 3784 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys

17:30:56.0843 3784 HidBatt - ok

17:30:56.0914 3784 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys

17:30:56.0975 3784 HidBth - ok

17:30:57.0011 3784 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys

17:30:57.0073 3784 HidIr - ok

17:30:57.0111 3784 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll

17:30:57.0201 3784 hidserv - ok

17:30:57.0362 3784 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys

17:30:57.0500 3784 HidUsb - ok

17:30:57.0551 3784 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll

17:30:57.0624 3784 hkmsvc - ok

17:30:57.0660 3784 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll

17:30:57.0874 3784 HomeGroupListener - ok

17:30:57.0995 3784 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll

17:30:58.0064 3784 HomeGroupProvider - ok

17:30:58.0243 3784 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys

17:30:58.0259 3784 HpSAMD - ok

17:30:58.0420 3784 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys

17:30:58.0500 3784 HTTP - ok

17:30:58.0535 3784 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys

17:30:58.0549 3784 hwpolicy - ok

17:30:58.0585 3784 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys

17:30:58.0610 3784 i8042prt - ok

17:30:58.0790 3784 IAANTMON (7548066df68a8a1a56b043359f915f37) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe

17:30:58.0807 3784 IAANTMON - ok

17:30:59.0052 3784 iaStor (1d004cb1da6323b1f55caef7f94b61d9) C:\Windows\system32\DRIVERS\iaStor.sys

17:30:59.0140 3784 iaStor - ok

17:30:59.0311 3784 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys

17:30:59.0338 3784 iaStorV - ok

17:30:59.0699 3784 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

17:30:59.0846 3784 idsvc - ok

17:31:00.0740 3784 igfx (677aa5991026a65ada128c4b59cf2bad) C:\Windows\system32\DRIVERS\igdkmd64.sys

17:31:01.0295 3784 igfx - ok

17:31:01.0460 3784 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys

17:31:01.0473 3784 iirsp - ok

17:31:01.0627 3784 IJPLMSVC (51516252dbbfed36f70b341dba263167) C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE

17:31:01.0695 3784 IJPLMSVC ( UnsignedFile.Multi.Generic ) - warning

17:31:01.0695 3784 IJPLMSVC - detected UnsignedFile.Multi.Generic (1)

17:31:02.0078 3784 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll

17:31:02.0190 3784 IKEEXT - ok

17:31:02.0411 3784 IntcAzAudAddService (492cd3a94913d753b4591cd9e29ec843) C:\Windows\system32\drivers\RTKVHD64.sys

17:31:02.0521 3784 IntcAzAudAddService - ok

17:31:02.0549 3784 IntcHdmiAddService (d485d3bd3e2179aa86853a182f70699f) C:\Windows\system32\drivers\IntcHdmi.sys

17:31:02.0715 3784 IntcHdmiAddService - ok

17:31:02.0782 3784 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys

17:31:02.0796 3784 intelide - ok

17:31:03.0154 3784 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

17:31:03.0219 3784 intelppm - ok

17:31:03.0406 3784 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll

17:31:03.0477 3784 IPBusEnum - ok

17:31:03.0546 3784 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys

17:31:03.0608 3784 IpFilterDriver - ok

17:31:03.0847 3784 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll

17:31:03.0944 3784 iphlpsvc - ok

17:31:04.0045 3784 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys

17:31:04.0114 3784 IPMIDRV - ok

17:31:04.0139 3784 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

17:31:04.0286 3784 IPNAT - ok

17:31:04.0577 3784 iPod Service (ee4c2a137c7088911a8919effc9812e7) C:\Program Files\iPod\bin\iPodService.exe

17:31:04.0596 3784 iPod Service - ok

17:31:04.0879 3784 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

17:31:04.0896 3784 IRENUM - ok

17:31:04.0925 3784 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys

17:31:05.0086 3784 isapnp - ok

17:31:05.0121 3784 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys

17:31:05.0194 3784 iScsiPrt - ok

17:31:05.0354 3784 jswpsapi (81534359f525f7c02b2b56b2653bd779) C:\Program Files (x86)\NETGEAR\WNA1100\jswpsapi.exe

17:31:05.0419 3784 jswpsapi ( UnsignedFile.Multi.Generic ) - warning

17:31:05.0420 3784 jswpsapi - detected UnsignedFile.Multi.Generic (1)

17:31:05.0742 3784 JSWPSLWF (5be640e88814b77a9e84b4549b5dcc2c) C:\Windows\system32\DRIVERS\jswpslwfx.sys

17:31:05.0814 3784 JSWPSLWF - ok

17:31:06.0147 3784 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys

17:31:06.0211 3784 kbdclass - ok

17:31:06.0315 3784 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys

17:31:06.0353 3784 kbdhid - ok

17:31:06.0396 3784 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe

17:31:06.0427 3784 KeyIso - ok

17:31:06.0483 3784 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys

17:31:06.0496 3784 KSecDD - ok

17:31:06.0520 3784 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys

17:31:06.0540 3784 KSecPkg - ok

17:31:06.0595 3784 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

17:31:06.0659 3784 ksthunk - ok

17:31:06.0721 3784 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll

17:31:06.0782 3784 KtmRm - ok

17:31:06.0879 3784 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\System32\srvsvc.dll

17:31:06.0931 3784 LanmanServer - ok

17:31:07.0008 3784 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll

17:31:07.0089 3784 LanmanWorkstation - ok

17:31:07.0513 3784 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

17:31:07.0665 3784 lltdio - ok

17:31:07.0711 3784 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll

17:31:07.0855 3784 lltdsvc - ok

17:31:08.0053 3784 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll

17:31:08.0115 3784 lmhosts - ok

17:31:08.0184 3784 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys

17:31:08.0202 3784 LSI_FC - ok

17:31:08.0273 3784 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys

17:31:08.0287 3784 LSI_SAS - ok

17:31:08.0306 3784 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys

17:31:08.0325 3784 LSI_SAS2 - ok

17:31:08.0356 3784 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys

17:31:08.0405 3784 LSI_SCSI - ok

17:31:08.0459 3784 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

17:31:08.0547 3784 luafv - ok

17:31:08.0625 3784 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll

17:31:08.0709 3784 Mcx2Svc - ok

17:31:08.0817 3784 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys

17:31:08.0829 3784 megasas - ok

17:31:08.0919 3784 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys

17:31:08.0943 3784 MegaSR - ok

17:31:09.0024 3784 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

17:31:09.0112 3784 MMCSS - ok

17:31:09.0296 3784 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

17:31:09.0425 3784 Modem - ok

17:31:09.0797 3784 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

17:31:09.0890 3784 monitor - ok

17:31:10.0781 3784 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

17:31:10.0855 3784 mouclass - ok

17:31:11.0531 3784 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

17:31:11.0566 3784 mouhid - ok

17:31:11.0634 3784 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys

17:31:11.0650 3784 mountmgr - ok

17:31:11.0673 3784 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys

17:31:11.0693 3784 mpio - ok

17:31:11.0718 3784 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

17:31:11.0767 3784 mpsdrv - ok

17:31:11.0817 3784 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys

17:31:11.0860 3784 MRxDAV - ok

17:31:11.0935 3784 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys

17:31:12.0116 3784 mrxsmb - ok

17:31:12.0255 3784 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys

17:31:12.0485 3784 mrxsmb10 - ok

17:31:12.0554 3784 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys

17:31:12.0642 3784 mrxsmb20 - ok

17:31:12.0686 3784 msahci (bccf16d5fb1109162380e3e28dc9e4e5) C:\Windows\system32\DRIVERS\msahci.sys

17:31:12.0700 3784 msahci - ok

17:31:12.0850 3784 MSCamSvc (a592a054d78750b4d73abaa4c94decdf) C:\Program Files\Microsoft LifeCam\MSCamS64.exe

17:31:12.0880 3784 MSCamSvc - ok

17:31:13.0059 3784 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys

17:31:13.0097 3784 msdsm - ok

17:31:13.0260 3784 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe

17:31:13.0366 3784 MSDTC - ok

17:31:13.0728 3784 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

17:31:13.0794 3784 Msfs - ok

17:31:14.0007 3784 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

17:31:14.0088 3784 mshidkmdf - ok

17:31:14.0619 3784 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys

17:31:14.0707 3784 msisadrv - ok

17:31:15.0073 3784 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll

17:31:15.0166 3784 MSiSCSI - ok

17:31:15.0305 3784 msiserver - ok

17:31:15.0353 3784 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

17:31:15.0496 3784 MSKSSRV - ok

17:31:15.0565 3784 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

17:31:15.0755 3784 MSPCLOCK - ok

17:31:15.0880 3784 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

17:31:16.0178 3784 MSPQM - ok

17:31:16.0583 3784 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys

17:31:16.0620 3784 MsRPC - ok

17:31:16.0806 3784 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys

17:31:16.0867 3784 mssmbios - ok

17:31:16.0920 3784 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

17:31:17.0068 3784 MSTEE - ok

17:31:17.0161 3784 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys

17:31:17.0240 3784 MTConfig - ok

17:31:17.0334 3784 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

17:31:17.0384 3784 Mup - ok

17:31:17.0422 3784 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll

17:31:17.0504 3784 napagent - ok

17:31:17.0737 3784 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

17:31:17.0799 3784 NativeWifiP - ok

17:31:18.0129 3784 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys

17:31:18.0236 3784 NDIS - ok

17:31:18.0480 3784 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

17:31:18.0710 3784 NdisCap - ok

17:31:18.0834 3784 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

17:31:18.0990 3784 NdisTapi - ok

17:31:19.0012 3784 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys

17:31:19.0195 3784 Ndisuio - ok

17:31:19.0912 3784 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys

17:31:20.0137 3784 NdisWan - ok

17:31:20.0474 3784 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys

17:31:20.0612 3784 NDProxy - ok

17:31:20.0661 3784 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

17:31:20.0712 3784 NetBIOS - ok

17:31:21.0046 3784 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys

17:31:21.0142 3784 NetBT - ok

17:31:21.0321 3784 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe

17:31:21.0373 3784 Netlogon - ok

17:31:21.0564 3784 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll

17:31:21.0641 3784 Netman - ok

17:31:21.0872 3784 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll

17:31:21.0954 3784 netprofm - ok

17:31:22.0204 3784 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

17:31:22.0218 3784 NetTcpPortSharing - ok

17:31:22.0626 3784 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys

17:31:22.0640 3784 nfrd960 - ok

17:31:22.0832 3784 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll

17:31:22.0909 3784 NlaSvc - ok

17:31:23.0000 3784 NPF (c31fa031335eff434b2d94278e74bcce) C:\Windows\system32\DRIVERS\npf.sys

17:31:23.0061 3784 NPF - ok

17:31:23.0089 3784 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

17:31:23.0153 3784 Npfs - ok

17:31:23.0393 3784 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll

17:31:23.0481 3784 nsi - ok

17:31:23.0586 3784 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

17:31:23.0731 3784 nsiproxy - ok

17:31:24.0563 3784 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys

17:31:24.0645 3784 Ntfs - ok

17:31:25.0042 3784 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

17:31:25.0100 3784 Null - ok

17:31:25.0214 3784 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys

17:31:25.0228 3784 nvraid - ok

17:31:25.0322 3784 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys

17:31:25.0339 3784 nvstor - ok

17:31:25.0384 3784 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys

17:31:25.0399 3784 nv_agp - ok

17:31:25.0417 3784 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys

17:31:25.0506 3784 ohci1394 - ok

17:31:25.0797 3784 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

17:31:25.0808 3784 ose - ok

17:31:26.0571 3784 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

17:31:26.0784 3784 osppsvc - ok

17:31:27.0116 3784 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

17:31:27.0486 3784 p2pimsvc - ok

17:31:27.0794 3784 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll

17:31:27.0913 3784 p2psvc - ok

17:31:28.0643 3784 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys

17:31:28.0795 3784 Parport - ok

17:31:29.0879 3784 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys

17:31:29.0931 3784 partmgr - ok

17:31:30.0394 3784 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll

17:31:30.0572 3784 PcaSvc - ok

17:31:31.0677 3784 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys

17:31:32.0024 3784 pci - ok

17:31:32.0704 3784 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys

17:31:32.0736 3784 pciide - ok

17:31:33.0009 3784 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

17:31:33.0046 3784 pcmcia - ok

17:31:33.0103 3784 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

17:31:33.0123 3784 pcw - ok

17:31:33.0151 3784 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

17:31:33.0312 3784 PEAUTH - ok

17:31:33.0432 3784 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe

17:31:33.0512 3784 PerfHost - ok

17:31:33.0982 3784 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll

17:31:34.0171 3784 pla - ok

17:31:34.0532 3784 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll

17:31:34.0726 3784 PlugPlay - ok

17:31:34.0944 3784 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll

17:31:35.0009 3784 PNRPAutoReg - ok

17:31:35.0200 3784 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

17:31:35.0234 3784 PNRPsvc - ok

17:31:35.0384 3784 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll

17:31:35.0634 3784 PolicyAgent - ok

17:31:35.0884 3784 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll

17:31:35.0954 3784 Power - ok

17:31:36.0031 3784 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys

17:31:36.0125 3784 PptpMiniport - ok

17:31:36.0169 3784 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys

17:31:36.0222 3784 Processor - ok

17:31:36.0488 3784 ProfSvc (f381975e1f4346de875cb07339ce8d3a) C:\Windows\system32\profsvc.dll

17:31:36.0576 3784 ProfSvc - ok

17:31:36.0628 3784 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe

17:31:36.0905 3784 ProtectedStorage - ok

17:31:37.0032 3784 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys

17:31:37.0098 3784 Psched - ok

17:31:37.0149 3784 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys

17:31:37.0160 3784 PxHlpa64 - ok

17:31:37.0410 3784 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys

17:31:37.0494 3784 ql2300 - ok

17:31:37.0557 3784 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys

17:31:37.0579 3784 ql40xx - ok

17:31:37.0619 3784 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll

17:31:37.0660 3784 QWAVE - ok

17:31:37.0684 3784 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

17:31:37.0730 3784 QWAVEdrv - ok

17:31:37.0765 3784 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

17:31:37.0866 3784 RasAcd - ok

17:31:37.0958 3784 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

17:31:38.0098 3784 RasAgileVpn - ok

17:31:38.0137 3784 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll

17:31:38.0341 3784 RasAuto - ok

17:31:38.0514 3784 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys

17:31:38.0810 3784 Rasl2tp - ok

17:31:38.0930 3784 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll

17:31:39.0109 3784 RasMan - ok

17:31:39.0227 3784 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

17:31:39.0354 3784 RasPppoe - ok

17:31:39.0427 3784 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

17:31:39.0665 3784 RasSstp - ok

17:31:39.0722 3784 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys

17:31:39.0843 3784 rdbss - ok

17:31:39.0898 3784 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

17:31:40.0059 3784 rdpbus - ok

17:31:40.0093 3784 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

17:31:40.0229 3784 RDPCDD - ok

17:31:40.0258 3784 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

17:31:40.0348 3784 RDPENCDD - ok

17:31:40.0387 3784 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

17:31:40.0457 3784 RDPREFMP - ok

17:31:40.0508 3784 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys

17:31:40.0604 3784 RDPWD - ok

17:31:40.0665 3784 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys

17:31:40.0681 3784 rdyboost - ok

17:31:40.0707 3784 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll

17:31:40.0780 3784 RemoteAccess - ok

17:31:40.0837 3784 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll

17:31:40.0923 3784 RemoteRegistry - ok

17:31:40.0981 3784 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll

17:31:41.0071 3784 RpcEptMapper - ok

17:31:41.0111 3784 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe

17:31:41.0215 3784 RpcLocator - ok

17:31:41.0567 3784 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll

17:31:41.0642 3784 RpcSs - ok

17:31:42.0039 3784 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

17:31:42.0125 3784 rspndr - ok

17:31:42.0736 3784 RTL8167 (4b42bc58294e83a6a92ec8b88c14c4a3) C:\Windows\system32\DRIVERS\Rt64win7.sys

17:31:42.0752 3784 RTL8167 - ok

17:31:42.0836 3784 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe

17:31:42.0890 3784 SamSs - ok

17:31:42.0993 3784 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys

17:31:43.0051 3784 sbp2port - ok

17:31:43.0813 3784 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe

17:31:43.0842 3784 SBSDWSCService - ok

17:31:44.0147 3784 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll

17:31:44.0227 3784 SCardSvr - ok

17:31:44.0317 3784 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys

17:31:44.0461 3784 scfilter - ok

17:31:44.0561 3784 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll

17:31:44.0943 3784 Schedule - ok

17:31:45.0019 3784 SCMNdisP (6011cdf54bb6f4c69f38faccdad73d7e) C:\Windows\system32\DRIVERS\scmndisp.sys

17:31:45.0031 3784 SCMNdisP - ok

17:31:45.0085 3784 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll

17:31:45.0156 3784 SCPolicySvc - ok

17:31:45.0253 3784 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll

17:31:45.0598 3784 SDRSVC - ok

17:31:45.0764 3784 SeaPort (ab4a13f99be22a75046f770c23177d99) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

17:31:45.0789 3784 SeaPort - ok

17:31:45.0867 3784 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

17:31:45.0986 3784 secdrv - ok

17:31:46.0030 3784 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll

17:31:46.0117 3784 seclogon - ok

17:31:46.0139 3784 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll

17:31:46.0236 3784 SENS - ok

17:31:46.0276 3784 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll

17:31:46.0376 3784 SensrSvc - ok

17:31:46.0573 3784 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

17:31:46.0638 3784 Serenum - ok

17:31:46.0669 3784 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

17:31:46.0736 3784 Serial - ok

17:31:46.0777 3784 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys

17:31:46.0878 3784 sermouse - ok

17:31:46.0978 3784 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll

17:31:47.0270 3784 SessionEnv - ok

17:31:47.0339 3784 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys

17:31:47.0441 3784 sffdisk - ok

17:31:47.0491 3784 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys

17:31:47.0810 3784 sffp_mmc - ok

17:31:47.0908 3784 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys

17:31:48.0179 3784 sffp_sd - ok

17:31:48.0218 3784 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys

17:31:48.0267 3784 sfloppy - ok

17:31:48.0397 3784 SftService (38f88f0df46c4d42125ef721abd7f6b9) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE

17:31:48.0422 3784 SftService - ok

17:31:48.0470 3784 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll

17:31:48.0728 3784 SharedAccess - ok

17:31:48.0802 3784 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll

17:31:48.0910 3784 ShellHWDetection - ok

17:31:49.0049 3784 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys

17:31:49.0065 3784 SiSRaid2 - ok

17:31:49.0090 3784 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys

17:31:49.0105 3784 SiSRaid4 - ok

17:31:49.0237 3784 SkypeUpdate (db0405d9aad62f0762e0876ac142b7e1) C:\Program Files (x86)\Skype\Updater\Updater.exe

17:31:49.0249 3784 SkypeUpdate - ok

17:31:49.0288 3784 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

17:31:49.0378 3784 Smb - ok

17:31:49.0452 3784 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe

17:31:49.0580 3784 SNMPTRAP - ok

17:31:49.0637 3784 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

17:31:49.0657 3784 spldr - ok

17:31:49.0788 3784 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe

17:31:49.0845 3784 Spooler - ok

17:31:50.0088 3784 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe

17:31:50.0469 3784 sppsvc - ok

17:31:50.0609 3784 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll

17:31:50.0670 3784 sppuinotify - ok

17:31:50.0782 3784 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys

17:31:50.0926 3784 srv - ok

17:31:51.0020 3784 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys

17:31:51.0062 3784 srv2 - ok

17:31:51.0126 3784 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys

17:31:51.0177 3784 srvnet - ok

17:31:51.0331 3784 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll

17:31:51.0372 3784 SSDPSRV - ok

17:31:51.0422 3784 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll

17:31:51.0485 3784 SstpSvc - ok

17:31:51.0541 3784 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys

17:31:51.0555 3784 stexstor - ok

17:31:51.0708 3784 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll

17:31:51.0801 3784 stisvc - ok

17:31:51.0842 3784 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys

17:31:51.0877 3784 swenum - ok

17:31:52.0122 3784 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

17:31:52.0184 3784 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning

17:31:52.0185 3784 SwitchBoard - detected UnsignedFile.Multi.Generic (1)

17:31:52.0373 3784 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll

17:31:52.0444 3784 swprv - ok

17:31:52.0621 3784 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll

17:31:52.0946 3784 SysMain - ok

17:31:52.0964 3784 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll

17:31:53.0002 3784 TabletInputService - ok

17:31:53.0086 3784 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll

17:31:53.0173 3784 TapiSrv - ok

17:31:53.0211 3784 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll

17:31:53.0323 3784 TBS - ok

17:31:53.0783 3784 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys

17:31:54.0229 3784 Tcpip - ok

17:31:54.0367 3784 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys

17:31:54.0461 3784 TCPIP6 - ok

17:31:54.0501 3784 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys

17:31:54.0601 3784 tcpipreg - ok

17:31:54.0641 3784 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

17:31:54.0762 3784 TDPIPE - ok

17:31:54.0796 3784 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys

17:31:54.0920 3784 TDTCP - ok

17:31:55.0038 3784 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys

17:31:55.0474 3784 tdx - ok

17:31:56.0036 3784 TeamViewer6 (839e88db24d2d8f05b72e12b175951ca) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe

17:31:56.0158 3784 TeamViewer6 - ok

17:31:56.0470 3784 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys

17:31:56.0505 3784 TermDD - ok

17:31:56.0682 3784 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll

17:31:56.0768 3784 TermService - ok

17:31:56.0893 3784 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll

17:31:57.0007 3784 Themes - ok

17:31:57.0262 3784 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

17:31:57.0367 3784 THREADORDER - ok

17:31:57.0449 3784 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll

17:31:57.0534 3784 TrkWks - ok

17:31:57.0679 3784 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe

17:31:57.0700 3784 TrustedInstaller - ok

17:31:57.0894 3784 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys

17:31:58.0022 3784 tssecsrv - ok

17:31:58.0068 3784 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys

17:31:58.0140 3784 tunnel - ok

17:31:58.0166 3784 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys

17:31:58.0179 3784 uagp35 - ok

17:31:58.0300 3784 udfs (31ba4a33afab6a69ea092b18017f737f) C:\Windows\system32\DRIVERS\udfs.sys

17:31:58.0495 3784 udfs - ok

17:31:58.0573 3784 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe

17:31:58.0683 3784 UI0Detect - ok

17:31:58.0745 3784 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys

17:31:58.0837 3784 uliagpkx - ok

17:31:58.0916 3784 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys

17:31:59.0005 3784 umbus - ok

17:31:59.0071 3784 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys

17:31:59.0303 3784 UmPass - ok

17:31:59.0653 3784 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll

17:31:59.0772 3784 upnphost - ok

17:31:59.0911 3784 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys

17:32:00.0064 3784 USBAAPL64 - ok

17:32:00.0357 3784 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys

17:32:00.0463 3784 usbaudio - ok

17:32:00.0591 3784 usbccgp (537a4e03d7103c12d42dfd8ffdb5bdc9) C:\Windows\system32\DRIVERS\usbccgp.sys

17:32:00.0721 3784 usbccgp - ok

17:32:00.0770 3784 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys

17:32:00.0935 3784 usbcir - ok

17:32:01.0046 3784 usbehci (fbb21ebe49f6d560db37ac25fbc68e66) C:\Windows\system32\DRIVERS\usbehci.sys

17:32:01.0188 3784 usbehci - ok

17:32:01.0603 3784 usbhub (6b7a8a99c4a459e73c286a6763ea24cc) C:\Windows\system32\DRIVERS\usbhub.sys

17:32:01.0641 3784 usbhub - ok

17:32:01.0681 3784 usbohci (8c88aa7617b4cbc2e4bed61d26b33a27) C:\Windows\system32\drivers\usbohci.sys

17:32:01.0772 3784 usbohci - ok

17:32:02.0156 3784 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

17:32:02.0213 3784 usbprint - ok

17:32:02.0379 3784 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys

17:32:02.0426 3784 usbscan - ok

17:32:02.0472 3784 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS

17:32:02.0578 3784 USBSTOR - ok

17:32:02.0617 3784 usbuhci (0b5b3b2df3fd1709618acfa50b8392b0) C:\Windows\system32\DRIVERS\usbuhci.sys

17:32:02.0703 3784 usbuhci - ok

17:32:02.0739 3784 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll

17:32:02.0813 3784 UxSms - ok

17:32:02.0852 3784 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe

17:32:02.0873 3784 VaultSvc - ok

17:32:02.0969 3784 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys

17:32:03.0024 3784 vdrvroot - ok

17:32:03.0079 3784 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe

17:32:03.0143 3784 vds - ok

17:32:03.0214 3784 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

17:32:03.0298 3784 vga - ok

17:32:03.0337 3784 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

17:32:03.0462 3784 VgaSave - ok

17:32:03.0499 3784 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys

17:32:03.0514 3784 vhdmp - ok

17:32:03.0550 3784 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys

17:32:03.0568 3784 viaide - ok

17:32:03.0605 3784 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys

17:32:03.0625 3784 volmgr - ok

17:32:03.0684 3784 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys

17:32:03.0736 3784 volmgrx - ok

17:32:03.0773 3784 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys

17:32:03.0793 3784 volsnap - ok

17:32:03.0855 3784 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys

17:32:03.0876 3784 vsmraid - ok

17:32:04.0159 3784 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe

17:32:04.0265 3784 VSS - ok

17:32:04.0328 3784 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys

17:32:04.0361 3784 vwifibus - ok

17:32:04.0439 3784 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys

17:32:04.0504 3784 vwififlt - ok

17:32:04.0599 3784 VX3000 (c366ae91d2cc2c1c25380061d235c36b) C:\Windows\system32\DRIVERS\VX3000.sys

17:32:04.0654 3784 VX3000 - ok

17:32:04.0761 3784 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll

17:32:04.0808 3784 W32Time - ok

17:32:04.0833 3784 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys

17:32:04.0880 3784 WacomPen - ok

17:32:04.0937 3784 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys

17:32:05.0058 3784 WANARP - ok

17:32:05.0095 3784 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys

17:32:05.0145 3784 Wanarpv6 - ok

17:32:05.0400 3784 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe

17:32:05.0449 3784 WatAdminSvc - ok

17:32:05.0564 3784 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe

17:32:05.0811 3784 wbengine - ok

17:32:06.0257 3784 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll

17:32:06.0369 3784 WbioSrvc - ok

17:32:06.0633 3784 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll

17:32:06.0999 3784 wcncsvc - ok

17:32:07.0281 3784 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll

17:32:07.0358 3784 WcsPlugInService - ok

17:32:07.0384 3784 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys

17:32:07.0403 3784 Wd - ok

17:32:07.0450 3784 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\Windows\system32\DRIVERS\wdcsam64.sys

17:32:07.0804 3784 WDC_SAM - ok

17:32:07.0958 3784 WDDMService (334e5ed94d3faff3c44f4d36b1fe1c90) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe

17:32:08.0014 3784 WDDMService ( UnsignedFile.Multi.Generic ) - warning

17:32:08.0014 3784 WDDMService - detected UnsignedFile.Multi.Generic (1)

17:32:08.0187 3784 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

17:32:08.0221 3784 Wdf01000 - ok

17:32:08.0284 3784 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

17:32:08.0658 3784 WdiServiceHost - ok

17:32:08.0718 3784 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

17:32:08.0796 3784 WdiSystemHost - ok

17:32:08.0897 3784 WDSmartWareBackgroundService (138ab06adbbf300aa804d7974a5aec82) C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe

17:32:08.0944 3784 WDSmartWareBackgroundService ( UnsignedFile.Multi.Generic ) - warning

17:32:08.0945 3784 WDSmartWareBackgroundService - detected UnsignedFile.Multi.Generic (1)

17:32:09.0066 3784 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll

17:32:09.0362 3784 WebClient - ok

17:32:09.0402 3784 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll

17:32:09.0671 3784 Wecsvc - ok

17:32:09.0736 3784 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll

17:32:10.0019 3784 wercplsupport - ok

17:32:10.0060 3784 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll

17:32:10.0253 3784 WerSvc - ok

17:32:10.0317 3784 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

17:32:10.0528 3784 WfpLwf - ok

17:32:10.0585 3784 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys

17:32:10.0643 3784 WimFltr - ok

17:32:10.0672 3784 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

17:32:10.0687 3784 WIMMount - ok

17:32:10.0717 3784 WinDefend - ok

17:32:10.0730 3784 WinHttpAutoProxySvc - ok

17:32:10.0812 3784 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll

17:32:10.0916 3784 Winmgmt - ok

17:32:11.0004 3784 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll

17:32:11.0176 3784 WinRM - ok

17:32:11.0376 3784 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys

17:32:11.0458 3784 WinUsb - ok

17:32:11.0508 3784 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll

17:32:11.0571 3784 Wlansvc - ok

17:32:11.0585 3784 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys

17:32:11.0622 3784 WmiAcpi - ok

17:32:11.0713 3784 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe

17:32:11.0819 3784 wmiApSrv - ok

17:32:11.0887 3784 WMPNetworkSvc - ok

17:32:11.0911 3784 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll

17:32:12.0018 3784 WPCSvc - ok

17:32:12.0039 3784 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll

17:32:12.0171 3784 WPDBusEnum - ok

17:32:12.0198 3784 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

17:32:12.0401 3784 ws2ifsl - ok

17:32:12.0461 3784 wscsvc (8f9f3969933c02da96eb0f84576db43e) C:\Windows\system32\wscsvc.dll

17:32:12.0546 3784 wscsvc - ok

17:32:12.0554 3784 WSearch - ok

17:32:12.0778 3784 WSWNA1100 (3e366f57cbb540c965bab1f2be6d7998) C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe

17:32:12.0897 3784 WSWNA1100 ( UnsignedFile.Multi.Generic ) - warning

17:32:12.0898 3784 WSWNA1100 - detected UnsignedFile.Multi.Generic (1)

17:32:12.0971 3784 WSWNA3100 (d0697918519a4cf059c2c7e3b9e93a53) C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe

17:32:12.0993 3784 WSWNA3100 - ok

17:32:13.0126 3784 wuauserv (38340204a2d0228f1e87740fc5e554a7) C:\Windows\system32\wuaueng.dll

17:32:13.0303 3784 wuauserv - ok

17:32:13.0346 3784 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys

17:32:13.0402 3784 WudfPf - ok

17:32:13.0478 3784 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys

17:32:13.0514 3784 WUDFRd - ok

17:32:13.0552 3784 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll

17:32:13.0621 3784 wudfsvc - ok

17:32:13.0690 3784 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll

17:32:13.0738 3784 WwanSvc - ok

17:32:13.0765 3784 ZDCNDIS6a64 - ok

17:32:13.0826 3784 MBR (0x1B8) (ae8fa489bdbabb7f15572f885c9ff9ae) \Device\Harddisk0\DR0

17:32:13.0864 3784 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - infected

17:32:13.0864 3784 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.b (0)

17:32:14.0223 3784 \Device\Harddisk0\DR0 ( TDSS File System ) - warning

17:32:14.0223 3784 \Device\Harddisk0\DR0 - detected TDSS File System (1)

17:32:14.0244 3784 Boot (0x1200) (847126097afbb027ab722a82ca08c5c1) \Device\Harddisk0\DR0\Partition0

17:32:14.0245 3784 \Device\Harddisk0\DR0\Partition0 - ok

17:32:14.0267 3784 Boot (0x1200) (8a41df8a92b9f047acdf0c1395ca961b) \Device\Harddisk0\DR0\Partition1

17:32:14.0271 3784 \Device\Harddisk0\DR0\Partition1 - ok

17:32:14.0271 3784 ============================================================

17:32:14.0271 3784 Scan finished

17:32:14.0271 3784 ============================================================

17:32:14.0313 2472 Detected object count: 9

17:32:14.0313 2472 Actual detected object count: 9

17:36:12.0244 2472 DockLoginService ( UnsignedFile.Multi.Generic ) - skipped by user

17:36:12.0245 2472 DockLoginService ( UnsignedFile.Multi.Generic ) - User select action: Skip

17:36:12.0245 2472 IJPLMSVC ( UnsignedFile.Multi.Generic ) - skipped by user

17:36:12.0245 2472 IJPLMSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip

17:36:12.0254 2472 jswpsapi ( UnsignedFile.Multi.Generic ) - skipped by user

17:36:12.0254 2472 jswpsapi ( UnsignedFile.Multi.Generic ) - User select action: Skip

17:36:12.0254 2472 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user

17:36:12.0254 2472 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip

17:36:12.0257 2472 WDDMService ( UnsignedFile.Multi.Generic ) - skipped by user

17:36:12.0257 2472 WDDMService ( UnsignedFile.Multi.Generic ) - User select action: Skip

17:36:12.0259 2472 WDSmartWareBackgroundService ( UnsignedFile.Multi.Generic ) - skipped by user

17:36:12.0260 2472 WDSmartWareBackgroundService ( UnsignedFile.Multi.Generic ) - User select action: Skip

17:36:12.0262 2472 WSWNA1100 ( UnsignedFile.Multi.Generic ) - skipped by user

17:36:12.0262 2472 WSWNA1100 ( UnsignedFile.Multi.Generic ) - User select action: Skip

17:36:12.0605 2472 \Device\Harddisk0\DR0\# - copied to quarantine

17:36:12.0606 2472 \Device\Harddisk0\DR0 - copied to quarantine

17:36:19.0632 2472 \Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine

17:36:19.0757 2472 \Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine

17:36:19.0975 2472 \Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine

17:36:20.0390 2472 \Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine

17:36:20.0893 2472 \Device\Harddisk0\DR0\TDLFS\phlx - copied to quarantine

17:36:23.0135 2472 \Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine

17:36:23.0142 2472 \Device\Harddisk0\DR0\TDLFS\phdx - copied to quarantine

17:36:23.0149 2472 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine

17:36:23.0151 2472 \Device\Harddisk0\DR0\TDLFS\phx.dll - copied to quarantine

17:36:23.0153 2472 \Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine

17:36:23.0157 2472 \Device\Harddisk0\DR0\TDLFS\xh.dll - copied to quarantine

17:36:23.0398 2472 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - will be cured on reboot

17:36:23.0399 2472 \Device\Harddisk0\DR0 - ok

17:36:23.0765 2472 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - User select action: Cure

17:36:23.0774 2472 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user

17:36:23.0775 2472 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

Anything else?

Link to post
Share on other sites

17:36:23.0774 2472 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user

17:36:23.0775 2472 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

I need you to rebooted if you haven't already.

Run TDSSKiller again and delete ONLY the two above if they are still listed.

Reboot

Run a new MBAM scan and fix whatever it finds.

Post the MBAM log

Post a new TDSSKiller log

Link to post
Share on other sites

You should be good to go.

You can remove TDSSKIller.

Here's my usual all clean post

To be on the safe side, I would also change all my passwords.

This infection appears to have been cleaned, but as the malware could be configured to run any program a remote attacker requires, it's impossible to be 100% sure that any machine is clean.

Log looks good :D

  • Update your AntiVirus Software - It is imperative that you update your Antivirus software at least once a week
    (Even more if you wish). If you do not update your antivirus software then it will not be able to catch any of the new variants that may come out.
  • Use a Firewall - I can not stress how important it is that you use a Firewall on your computer.
    Without a firewall your computer is succeptible to being hacked and taken over.
    I am very serious about this and see it happen almost every day with my clients.
    Simply using a Firewall in its default configuration can lower your risk greatly.
  • Using a secure browser plugin M86 SecureBrowsing makes it safe to search, surf and socialize online. This free browser plug-in displays security icons next to links on search engines and social networking sites like Facebook, Twitter and LinkedIn, so you'll know which pages are safe and which ones to avoid.
    •Free browser plug-in for Internet Explorer and Firefox
    •Real-time safety ratings
    •Ideal for Facebook, Twitter and LinkedIn
  • JAVA Click this link and click on the Free JAVA Download
  • Visit Microsoft's Windows Update Site Frequently - It is important that you visit http://www.windowsupdate.com regularly.
    This will ensure your computer has always the latest security updates available installed on your computer.
    If there are new updates to install, install them immediately, reboot your computer, and revisit the site
    until there are no more critical updates.

Only run one Anti-Virus and Firewall program.

I would suggest you read:

PC Safety and Security--What Do I Need?.

How to Prevent Malware:

The full version of Malwarebytes' Anti-Malware could have helped protect your computer against this threat.

We use different ways of protecting your computer(s):

  • Dynamically Blocks Malware Sites & Servers
  • Malware Execution Prevention

Save yourself the hassle and get protected.

Link to post
Share on other sites

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.