Computer Hope
Software => Computer viruses and spyware => Virus and spyware removal => Topic started by: kellylong2007 on December 30, 2012, 05:28:50 PM
-
Here is my adwcleaner log.. I cannot get the other logs - see my previous thread http://www.computerhope.com/forum/index.php/topic,135050.0.html
[year+ old attachment deleted by admin]
-
Hello and welcome to Computer Hope Forum. My name is Dave. I will be helping you out with your particular problem on your computer.
1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.
2. The fixes are specific to your problem and should only be used for this issue on this machine.
3. If you don't know or understand something, please don't hesitate to ask.
4. Please DO NOT run any other tools or scans while I am helping you.
5. It is important that you reply to this thread. Do not start a new topic.
6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
7. Absence of symptoms does not mean that everything is clear.
If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line.
*************************************************************************
Remove the Adware:
- Please close all open programs and internet browsers.
- Double click on adwcleaner.exe to run the tool.
- Click on Delete.
- Confirm each time with OK
- Your computer will be rebooted automatically. A text file will open after the restart.
- Please post the content of that logfile in your reply.
- You can find the logfile at C:\AdwCleaner[Sn].txt as well - n is the order number.
Please try running MBAM in Safe Mode.
-
Adwcleaner is suddenly gone from the computer. and of course now I don't have enough space to redo it. I went to another computer and burned adwcleaner and dds onto a disk. I went to the infected computer and tried to open it and it says there is not enough space on the disk . I cannot run in safe mode because it gets stuck while loading windows files.
-
I managed to get a 199 mb of space , enough to open the cd with adware..here is the log after I hit delete
[year+ old attachment deleted by admin]
-
Ok. Try to run this. If it won't run, please try running it in Safe Mode.
- Download TDSSKiller (http://support.kaspersky.com/downloads/utils/tdsskiller.zip) and save it to your Desktop.
- Extract its contents to your desktop.
- Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
(http://img.photobucket.com/albums/v420/kdiamondkenny/Computer/TDSSKillernumber1.png)
- If an infected file is detected, the default action will be Cure, click on Continue.
(http://img.photobucket.com/albums/v420/kdiamondkenny/Computer/TDSSKillernumber2.png)
- If a suspicious file is detected, the default action will be Skip, click on Continue.
(http://img.photobucket.com/albums/v420/kdiamondkenny/Computer/TDSSKillernumber3.png)
- It may ask you to reboot the computer to complete the process. Click on Reboot Now.
(http://img.photobucket.com/albums/v420/kdiamondkenny/Computer/TDSSKillerlastone3.png)
- Click the Report button and copy/paste the contents of it into your next reply
Note:It will also create a log in the C:\ directory..
-
19:17:46.0391 3476 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
19:17:46.0968 3476 ============================================================
19:17:46.0968 3476 Current date / time: 2013/01/01 19:17:46.0968
19:17:46.0968 3476 SystemInfo:
19:17:46.0968 3476
19:17:46.0968 3476 OS Version: 6.0.6002 ServicePack: 2.0
19:17:46.0968 3476 Product type: Workstation
19:17:46.0968 3476 ComputerName: KELLYNICOLE
19:17:46.0968 3476 UserName: Kelly Nicole
19:17:46.0968 3476 Windows directory: C:\Windows
19:17:46.0968 3476 System windows directory: C:\Windows
19:17:46.0968 3476 Processor architecture: Intel x86
19:17:46.0968 3476 Number of processors: 2
19:17:46.0968 3476 Page size: 0x1000
19:17:46.0968 3476 Boot type: Normal boot
19:17:46.0968 3476 ============================================================
19:17:50.0004 3476 BG loaded
19:17:52.0511 3476 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:17:52.0729 3476 Drive \Device\Harddisk1\DR1 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:17:53.0244 3476 ============================================================
19:17:53.0244 3476 \Device\Harddisk0\DR0:
19:17:53.0260 3476 MBR partitions:
19:17:53.0260 3476 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xCEC0FB8
19:17:53.0260 3476 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xCEC0FF7, BlocksNum 0x10D27CA
19:17:53.0260 3476 \Device\Harddisk1\DR1:
19:17:53.0275 3476 MBR partitions:
19:17:53.0275 3476 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xDF93782
19:17:53.0275 3476 ============================================================
19:17:53.0697 3476 C: <-> \Device\Harddisk0\DR0\Partition1
19:17:53.0759 3476 D: <-> \Device\Harddisk1\DR1\Partition1
19:17:53.0806 3476 E: <-> \Device\Harddisk0\DR0\Partition2
19:17:53.0806 3476 ============================================================
19:17:53.0806 3476 Initialize success
19:17:53.0806 3476 ============================================================
-
Kelly, that doesn't appear to be the entire log. Could you please run it again and post the compete log?
-
Oops sorry! Idk what happened.. I did get everything in safe mode and ran all my scans.. Here is the TDSS scan but Idk if it changed anything because this is after I submitted "delete" the last time.. So this was a clean scan. Once again thank you so much for all your help!
10:01:23.0692 3464 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
10:01:24.0347 3464 ============================================================
10:01:24.0347 3464 Current date / time: 2013/01/02 10:01:24.0347
10:01:24.0347 3464 SystemInfo:
10:01:24.0347 3464
10:01:24.0347 3464 OS Version: 6.0.6002 ServicePack: 2.0
10:01:24.0347 3464 Product type: Workstation
10:01:24.0347 3464 ComputerName: KELLYNICOLE
10:01:24.0347 3464 UserName: Kelly Nicole
10:01:24.0347 3464 Windows directory: C:\Windows
10:01:24.0347 3464 System windows directory: C:\Windows
10:01:24.0347 3464 Processor architecture: Intel x86
10:01:24.0347 3464 Number of processors: 2
10:01:24.0347 3464 Page size: 0x1000
10:01:24.0347 3464 Boot type: Normal boot
10:01:24.0347 3464 ============================================================
10:01:45.0470 3464 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
10:01:45.0688 3464 Drive \Device\Harddisk1\DR1 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
10:01:45.0704 3464 ============================================================
10:01:45.0704 3464 \Device\Harddisk0\DR0:
10:01:45.0860 3464 MBR partitions:
10:01:45.0860 3464 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xCEC0FB8
10:01:45.0860 3464 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xCEC0FF7, BlocksNum 0x10D27CA
10:01:45.0860 3464 \Device\Harddisk1\DR1:
10:01:45.0875 3464 MBR partitions:
10:01:45.0875 3464 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xDF93782
10:01:45.0875 3464 ============================================================
10:01:48.0590 3464 C: <-> \Device\Harddisk0\DR0\Partition1
10:01:48.0668 3464 D: <-> \Device\Harddisk1\DR1\Partition1
10:01:49.0058 3464 E: <-> \Device\Harddisk0\DR0\Partition2
10:01:49.0058 3464 ============================================================
10:01:49.0058 3464 Initialize success
10:01:49.0058 3464 ============================================================
10:01:59.0572 3656 ============================================================
10:01:59.0572 3656 Scan started
10:01:59.0572 3656 Mode: Manual;
10:01:59.0572 3656 ============================================================
10:02:22.0036 3656 ================ Scan system memory ========================
10:02:22.0036 3656 System memory - ok
10:02:22.0036 3656 ================ Scan services =============================
10:02:35.0218 3656 aaajgzss - ok
10:02:35.0249 3656 aaqwdhem - ok
10:02:35.0483 3656 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
10:02:35.0717 3656 ACPI - ok
10:02:35.0842 3656 acqxfcmk - ok
10:02:35.0936 3656 adbgierw - ok
10:02:36.0295 3656 [ E12CFCF1DDBFC50948A75E6E38793225 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
10:02:36.0794 3656 AdobeFlashPlayerUpdateSvc - ok
10:02:37.0075 3656 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
10:02:37.0792 3656 adp94xx - ok
10:02:38.0089 3656 [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci C:\Windows\system32\drivers\adpahci.sys
10:02:38.0385 3656 adpahci - ok
10:02:38.0588 3656 [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
10:02:38.0853 3656 adpu160m - ok
10:02:38.0993 3656 [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320 C:\Windows\system32\drivers\adpu320.sys
10:02:39.0149 3656 adpu320 - ok
10:02:39.0446 3656 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
10:02:40.0694 3656 AeLookupSvc - ok
10:02:40.0725 3656 afbzmreu - ok
10:02:41.0162 3656 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
10:02:41.0911 3656 AFD - ok
10:02:41.0973 3656 aftcfcud - ok
10:02:42.0285 3656 [ EF23439CDD587F64C2C1B8825CEAD7D8 ] agp440 C:\Windows\system32\drivers\agp440.sys
10:02:42.0363 3656 agp440 - ok
10:02:42.0425 3656 ahehkwxa - ok
10:02:42.0488 3656 ahjlzifz - ok
10:02:42.0675 3656 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
10:02:42.0800 3656 aic78xx - ok
10:02:42.0847 3656 aidfysdu - ok
10:02:42.0878 3656 aiqsiqeq - ok
10:02:42.0956 3656 ajnudmmz - ok
10:02:43.0049 3656 akwnsiur - ok
10:02:43.0237 3656 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
10:02:43.0283 3656 ALG - ok
10:02:43.0408 3656 [ 90395B64600EBB4552E26E178C94B2E4 ] aliide C:\Windows\system32\drivers\aliide.sys
10:02:43.0533 3656 aliide - ok
10:02:43.0549 3656 alpnaxyt - ok
10:02:43.0689 3656 [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
10:02:43.0751 3656 amdagp - ok
10:02:44.0173 3656 [ 0577DF1D323FE75A739C787893D300EA ] amdide C:\Windows\system32\drivers\amdide.sys
10:02:44.0282 3656 amdide - ok
10:02:44.0407 3656 [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
10:02:44.0469 3656 AmdK7 - ok
10:02:44.0703 3656 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
10:02:44.0719 3656 AmdK8 - ok
10:02:44.0812 3656 aoapfyut - ok
10:02:44.0843 3656 apnrnhvc - ok
10:02:45.0187 3656 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
10:02:45.0218 3656 Appinfo - ok
10:02:47.0074 3656 [ 70D7BE78061126DD0C3ACCDB7E129017 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:02:47.0308 3656 Apple Mobile Device - ok
10:02:47.0324 3656 aprioxvx - ok
10:02:47.0605 3656 [ 5F673180268BB1FDB69C99B6619FE379 ] arc C:\Windows\system32\drivers\arc.sys
10:02:47.0807 3656 arc - ok
10:02:47.0995 3656 [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas C:\Windows\system32\drivers\arcsas.sys
10:02:48.0151 3656 arcsas - ok
10:02:48.0244 3656 arudimkv - ok
10:02:48.0260 3656 aslvysan - ok
10:02:48.0275 3656 asqabqgm - ok
10:02:48.0681 3656 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
10:02:48.0790 3656 AsyncMac - ok
10:02:48.0931 3656 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
10:02:48.0993 3656 atapi - ok
10:02:49.0024 3656 atvkggfa - ok
10:02:49.0040 3656 atxduejq - ok
10:02:49.0508 3656 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:02:49.0851 3656 AudioEndpointBuilder - ok
10:02:50.0023 3656 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
10:02:50.0023 3656 Audiosrv - ok
10:02:50.0038 3656 auerwwzv - ok
10:02:50.0069 3656 avhroyiw - ok
10:02:50.0101 3656 avimxxqn - ok
10:02:50.0116 3656 avrixqvc - ok
10:02:50.0132 3656 aweiirnz - ok
10:02:50.0163 3656 ayogekjk - ok
10:02:50.0725 3656 [ 746F59822A5187510471FC46889B8CC9 ] BCM43XV C:\Windows\system32\DRIVERS\bcmwl6.sys
10:02:51.0255 3656 BCM43XV - ok
10:02:52.0144 3656 [ 746F59822A5187510471FC46889B8CC9 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl6.sys
10:02:52.0160 3656 BCM43XX - ok
10:02:52.0300 3656 bcryawoy - ok
10:02:52.0363 3656 bdrjvbce - ok
10:02:52.0534 3656 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
10:02:52.0581 3656 Beep - ok
10:02:52.0597 3656 bfbjkdkf - ok
10:02:52.0597 3656 bfmrodde - ok
10:02:52.0659 3656 bkptqdsx - ok
10:02:52.0659 3656 bkpxdtuv - ok
10:02:52.0675 3656 blbdrive - ok
10:02:52.0690 3656 bmrxdjax - ok
10:02:52.0862 3656 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
10:02:52.0987 3656 bowser - ok
10:02:53.0018 3656 bppcwoif - ok
10:02:53.0033 3656 bpxgsxdc - ok
10:02:53.0049 3656 bqndgjlv - ok
10:02:53.0080 3656 bqywbmsz - ok
10:02:53.0345 3656 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
10:02:53.0455 3656 BrFiltLo - ok
10:02:53.0626 3656 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
10:02:53.0673 3656 BrFiltUp - ok
10:02:53.0813 3656 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
10:02:56.0996 3656 Browser - ok
10:02:57.0199 3656 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
10:02:57.0401 3656 Brserid - ok
10:02:57.0495 3656 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
10:02:57.0573 3656 BrSerWdm - ok
10:02:57.0698 3656 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
10:02:57.0791 3656 BrUsbMdm - ok
10:02:57.0854 3656 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
10:02:57.0885 3656 BrUsbSer - ok
10:02:57.0901 3656 bsgdqngn - ok
10:02:57.0916 3656 btasvwnx - ok
10:02:58.0072 3656 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
10:02:58.0181 3656 BTHMODEM - ok
10:02:58.0228 3656 btzibiaa - ok
10:02:58.0244 3656 bvktqrjo - ok
10:02:58.0259 3656 bwstjjbq - ok
10:02:58.0291 3656 byeedbkn - ok
10:02:58.0306 3656 byxniiuv - ok
10:02:58.0322 3656 bzwupyem - ok
10:02:58.0322 3656 bzxsxtbe - ok
10:02:58.0353 3656 ccagbcgv - ok
10:02:58.0400 3656 ccegbugn - ok
10:02:58.0556 3656 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
10:02:58.0868 3656 cdfs - ok
10:02:59.0024 3656 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
10:02:59.0133 3656 cdrom - ok
10:02:59.0398 3656 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
10:02:59.0461 3656 CertPropSvc - ok
10:02:59.0476 3656 cezskwou - ok
10:02:59.0523 3656 cglfbiwo - ok
10:02:59.0554 3656 cgzhagpm - ok
10:02:59.0663 3656 [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass C:\Windows\system32\drivers\circlass.sys
10:02:59.0960 3656 circlass - ok
10:03:00.0038 3656 cjehxdsv - ok
10:03:00.0163 3656 ckkyjaiv - ok
10:03:00.0178 3656 ckrpllio - ok
10:03:01.0177 3656 [ DBAFC6734C054FEEF9087754BD80F847 ] CLCapSvc C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
10:03:01.0177 3656 CLCapSvc - ok
10:03:01.0364 3656 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
10:03:01.0613 3656 CLFS - ok
10:03:03.0033 3656 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:03:03.0127 3656 clr_optimization_v2.0.50727_32 - ok
10:03:04.0718 3656 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:03:06.0013 3656 clr_optimization_v4.0.30319_32 - ok
10:03:06.0200 3656 [ E67F8F036FD882E4AB62501C0D45B536 ] CLSched C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
10:03:06.0215 3656 CLSched - ok
10:03:06.0231 3656 clsdsuyv - ok
10:03:06.0356 3656 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
10:03:06.0403 3656 CmBatt - ok
10:03:06.0527 3656 [ 45201046C776FFDAF3FC8A0029C581C8 ] cmdide C:\Windows\system32\drivers\cmdide.sys
10:03:06.0605 3656 cmdide - ok
10:03:06.0637 3656 coddwexj - ok
10:03:07.0136 3656 [ A5AAA656403E5E7AFA9647CE73DBF944 ] Com4Qlb C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
10:03:07.0729 3656 Com4Qlb - ok
10:03:07.0947 3656 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
10:03:07.0947 3656 Compbatt - ok
10:03:07.0963 3656 COMSysApp - ok
10:03:08.0025 3656 coxaeszc - ok
10:03:08.0041 3656 cpmawbzb - ok
10:03:08.0072 3656 cqzxcfag - ok
10:03:08.0181 3656 [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
10:03:08.0181 3656 crcdisk - ok
10:03:08.0197 3656 crsuyabf - ok
10:03:08.0228 3656 [ 22A7F883508176489F559EE745B5BF5D ] Crusoe C:\Windows\system32\drivers\crusoe.sys
10:03:08.0275 3656 Crusoe - ok
10:03:08.0509 3656 [ 75C6A297E364014840B48ECCD7525E30 ] CryptSvc C:\Windows\system32\cryptsvc.dll
10:03:08.0680 3656 CryptSvc - ok
10:03:08.0774 3656 cspbujnr - ok
10:03:08.0805 3656 ctyngbsc - ok
10:03:08.0836 3656 cwelreal - ok
10:03:08.0867 3656 cxfsdovu - ok
10:03:08.0914 3656 cztbrpee - ok
10:03:08.0930 3656 dafxaoty - ok
10:03:08.0930 3656 darwxzio - ok
10:03:08.0945 3656 daszalvz - ok
10:03:08.0961 3656 dcantlsp - ok
10:03:08.0977 3656 dchwesve - ok
10:03:09.0367 3656 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
10:03:09.0819 3656 DcomLaunch - ok
10:03:09.0850 3656 ddexbwde - ok
10:03:09.0866 3656 ddrsttam - ok
10:03:09.0928 3656 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
10:03:10.0131 3656 DfsC - ok
10:03:11.0551 3656 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
10:03:13.0329 3656 DFSR - ok
10:03:13.0750 3656 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
10:03:13.0937 3656 Dhcp - ok
10:03:13.0969 3656 diijcziw - ok
10:03:14.0000 3656 dirwzqby - ok
10:03:14.0140 3656 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
10:03:14.0187 3656 disk - ok
10:03:14.0187 3656 djelpqbg - ok
10:03:14.0234 3656 dncifige - ok
10:03:14.0374 3656 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
10:03:14.0483 3656 Dnscache - ok
10:03:14.0639 3656 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
10:03:14.0983 3656 dot3svc - ok
10:03:15.0123 3656 [ 4F59C172C094E1A1D46463A8DC061CBD ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
10:03:15.0154 3656 Dot4 - ok
10:03:15.0295 3656 [ 80BF3BA09F6F2523C8F6B7CC6DBF7BD5 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
10:03:15.0341 3656 Dot4Print - ok
10:03:15.0373 3656 [ C55004CA6B419B6695970DFE849B122F ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
10:03:15.0388 3656 dot4usb - ok
10:03:15.0529 3656 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
10:03:15.0607 3656 DPS - ok
10:03:15.0622 3656 dqrkcngm - ok
10:03:15.0731 3656 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
10:03:15.0747 3656 drmkaud - ok
10:03:15.0778 3656 dtmbzepf - ok
10:03:15.0794 3656 duemqgat - ok
10:03:15.0809 3656 dumcmgoy - ok
10:03:15.0825 3656 dxabpaah - ok
10:03:15.0841 3656 dxaulucf - ok
10:03:16.0137 3656 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
10:03:16.0153 3656 DXGKrnl - ok
10:03:16.0168 3656 dxvjeeoc - ok
10:03:16.0184 3656 dxxdlaxv - ok
10:03:16.0215 3656 dyavjmzp - ok
10:03:16.0231 3656 dypxmbrw - ok
10:03:16.0246 3656 dzgicrtm - ok
10:03:16.0262 3656 dznvnobg - ok
10:03:16.0277 3656 dzxaiqxl - ok
10:03:16.0433 3656 [ C0B00E55CF82D122D25983C7A6A53DEA ] E100B C:\Windows\system32\DRIVERS\e100b325.sys
10:03:16.0558 3656 E100B - ok
10:03:16.0605 3656 [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
10:03:16.0667 3656 E1G60 - ok
10:03:16.0761 3656 [ E88B0CFCECF745211BBA87F44F85D0DD ] eabfiltr C:\Windows\system32\DRIVERS\eabfiltr.sys
10:03:16.0808 3656 eabfiltr - ok
10:03:16.0839 3656 eahggedh - ok
10:03:16.0917 3656 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
10:03:16.0933 3656 EapHost - ok
10:03:16.0979 3656 ebniwmig - ok
10:03:16.0995 3656 ebpyrxrf - ok
10:03:16.0995 3656 ebvynydo - ok
10:03:17.0167 3656 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
10:03:17.0276 3656 Ecache - ok
10:03:17.0291 3656 ecwhzneo - ok
10:03:17.0307 3656 ediwgigq - ok
10:03:17.0323 3656 edwyifmj - ok
10:03:17.0338 3656 eedhusmh - ok
10:03:17.0369 3656 egnefsmi - ok
10:03:17.0369 3656 egswoogj - ok
10:03:17.0401 3656 ehnxpxph - ok
10:03:17.0806 3656 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
10:03:18.0352 3656 ehRecvr - ok
10:03:18.0430 3656 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
10:03:18.0524 3656 ehSched - ok
10:03:18.0586 3656 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
10:03:18.0586 3656 ehstart - ok
10:03:18.0586 3656 eidwqcpz - ok
10:03:18.0602 3656 einuyeld - ok
10:03:18.0617 3656 ejcsipur - ok
10:03:18.0617 3656 ejkylkaw - ok
10:03:18.0633 3656 ejojpavo - ok
10:03:18.0649 3656 ejsjiloh - ok
10:03:18.0664 3656 elenfduf - ok
10:03:18.0664 3656 elgunndi - ok
10:03:18.0867 3656 [ E8F3F21A71720C84BCF423B80028359F ] elxstor C:\Windows\system32\drivers\elxstor.sys
10:03:19.0070 3656 elxstor - ok
10:03:19.0351 3656 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
10:03:19.0725 3656 EMDMgmt - ok
10:03:19.0756 3656 emukwckx - ok
10:03:19.0787 3656 enyabpar - ok
10:03:19.0819 3656 eolkdgrp - ok
10:03:19.0834 3656 eovrjssb - ok
10:03:19.0834 3656 epczreci - ok
10:03:19.0850 3656 epueebms - ok
10:03:19.0865 3656 eqkpvavw - ok
10:03:19.0881 3656 ermuuuev - ok
10:03:19.0897 3656 ertujmpr - ok
10:03:19.0943 3656 etffdbuy - ok
10:03:20.0006 3656 eubgjyvr - ok
10:03:20.0224 3656 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
10:03:20.0365 3656 EventSystem - ok
10:03:20.0380 3656 evzakjcs - ok
10:03:20.0599 3656 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
10:03:20.0739 3656 exfat - ok
10:03:20.0739 3656 expqlscx - ok
10:03:20.0755 3656 eyeyzzyo - ok
10:03:20.0755 3656 eyhczuug - ok
10:03:20.0786 3656 fairndfo - ok
10:03:21.0145 3656 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
10:03:21.0254 3656 fastfat - ok
10:03:21.0269 3656 faxshiuj - ok
10:03:21.0285 3656 fbjqygod - ok
10:03:21.0332 3656 fcybnbas - ok
10:03:21.0441 3656 [ 63BDADA84951B9C03E641800E176898A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
10:03:21.0472 3656 fdc - ok
10:03:21.0566 3656 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
10:03:21.0566 3656 fdPHost - ok
10:03:21.0675 3656 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
10:03:21.0706 3656 FDResPub - ok
10:03:21.0722 3656 fevxzmaq - ok
10:03:21.0753 3656 fffbvxgu - ok
10:03:21.0769 3656 fgbkhayi - ok
10:03:21.0800 3656 fhekqvlr - ok
10:03:21.0878 3656 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
10:03:21.0987 3656 FileInfo - ok
10:03:22.0081 3656 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
10:03:22.0096 3656 Filetrace - ok
10:03:22.0143 3656 fjoxakkj - ok
10:03:22.0205 3656 fktsyyzw - ok
10:03:22.0221 3656 fktueevb - ok
10:03:22.0237 3656 flpptizz - ok
10:03:22.0299 3656 [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
10:03:22.0330 3656 flpydisk - ok
10:03:22.0471 3656 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
10:03:22.0580 3656 FltMgr - ok
10:03:22.0595 3656 fmmwnoju - ok
10:03:22.0611 3656 fnknpbnl - ok
10:03:22.0627 3656 fnkszhrj - ok
10:03:22.0627 3656 fnoltzyg - ok
10:03:23.0157 3656 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
10:03:27.0931 3656 FontCache - ok
10:03:28.0149 3656 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
10:03:28.0165 3656 FontCache3.0.0.0 - ok
10:03:28.0196 3656 fqpsqvcz - ok
10:03:28.0227 3656 fripnick - ok
10:03:28.0321 3656 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
10:03:28.0352 3656 Fs_Rec - ok
10:03:28.0367 3656 fvtplxqm - ok
10:03:28.0383 3656 fwmvrdge - ok
10:03:28.0399 3656 fxawcevl - ok
10:03:28.0414 3656 fxnxcpbo - ok
10:03:28.0414 3656 fxujuctt - ok
10:03:28.0445 3656 fzgmzbxr - ok
10:03:28.0508 3656 [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
10:03:28.0586 3656 gagp30kx - ok
10:03:28.0648 3656 gclewfgm - ok
10:03:28.0664 3656 gcunhqnq - ok
10:03:28.0695 3656 gebzdoai - ok
10:03:28.0726 3656 ggkyjyyg - ok
10:03:28.0742 3656 ggskteot - ok
10:03:28.0757 3656 ghcpjznr - ok
10:03:28.0757 3656 ghgtwskn - ok
10:03:28.0789 3656 gitlotwu - ok
10:03:28.0804 3656 gjflvenl - ok
10:03:28.0804 3656 gjzwarai - ok
10:03:28.0835 3656 gmogndxy - ok
10:03:28.0851 3656 gnigopop - ok
10:03:28.0851 3656 gnmzjoze - ok
10:03:28.0867 3656 gnvldexu - ok
10:03:28.0882 3656 gohgvkfv - ok
10:03:28.0898 3656 gpnlzdrb - ok
10:03:29.0085 3656 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
10:03:29.0350 3656 gpsvc - ok
10:03:29.0366 3656 gqoiucgw - ok
10:03:29.0381 3656 griveydp - ok
10:03:29.0397 3656 grlaaxsx - ok
10:03:29.0397 3656 gsqpivbq - ok
10:03:29.0444 3656 gtqrbhkh - ok
10:03:29.0459 3656 gujhuqib - ok
10:03:29.0849 3656 [ CC839E8D766CC31A7710C9F38CF3E375 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
10:03:29.0927 3656 gusvc - ok
10:03:29.0927 3656 guwipivp - ok
10:03:29.0959 3656 gwnrhzgo - ok
10:03:29.0959 3656 gxtzrtha - ok
10:03:29.0974 3656 gycqlooc - ok
10:03:29.0990 3656 hbgbaizn - ok
10:03:30.0099 3656 [ DE15777902A5D9121857D155873A1D1B ] HBtnKey C:\Windows\system32\DRIVERS\cpqbttn.sys
10:03:30.0146 3656 HBtnKey - ok
10:03:30.0146 3656 hbvsqcvn - ok
10:03:30.0177 3656 hbywoqdp - ok
10:03:30.0177 3656 hcaabqle - ok
10:03:30.0193 3656 hcsqsujq - ok
10:03:30.0193 3656 hczrzbrg - ok
10:03:30.0364 3656 [ A08F4808FB19A40792A6056848187AFE ] HdAudAddService C:\Windows\system32\drivers\CHDART.sys
10:03:30.0520 3656 HdAudAddService - ok
10:03:30.0785 3656 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
10:03:30.0973 3656 HDAudBus - ok
10:03:31.0004 3656 heckyssa - ok
10:03:31.0019 3656 heqmpvpp - ok
10:03:31.0051 3656 hexbyvor - ok
10:03:31.0097 3656 hgowshsx - ok
10:03:31.0160 3656 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
10:03:31.0222 3656 HidBth - ok
10:03:31.0285 3656 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
10:03:31.0316 3656 HidIr - ok
10:03:31.0409 3656 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll
10:03:31.0425 3656 hidserv - ok
10:03:31.0472 3656 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
10:03:31.0472 3656 HidUsb - ok
10:03:31.0503 3656 hkmqgwys - ok
10:03:31.0612 3656 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
10:03:31.0628 3656 hkmsvc - ok
10:03:31.0628 3656 hlbosewq - ok
10:03:31.0643 3656 hlighsvp - ok
10:03:31.0877 3656 [ 89F9E1984C1CD9E5F4FE39642D886E11 ] HP Health Check Service c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
10:03:31.0877 3656 HP Health Check Service - ok
10:03:32.0002 3656 [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
10:03:32.0174 3656 HpCISSs - ok
10:03:32.0611 3656 [ 5DA42D24712E00728CEA2342A65009B2 ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
10:03:32.0720 3656 hpqcxs08 - ok
10:03:32.0829 3656 [ D86A39BF100069444D026D22D9A6E555 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
10:03:32.0860 3656 hpqddsvc - ok
10:03:33.0047 3656 [ 04C1DCBB226C6AE647B794833CE3CEB6 ] hpqwmiex C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
10:03:33.0110 3656 hpqwmiex - ok
10:03:33.0391 3656 [ A04F4AC48895774A2CF9D1C9EAAACEF0 ] HPSLPSVC C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
10:03:33.0765 3656 HPSLPSVC - ok
10:03:33.0827 3656 hrydzfmg - ok
10:03:33.0968 3656 [ 46D67209550973257601A533E2AC5785 ] HSFHWAZL C:\Windows\system32\DRIVERS\VSTAZL3.SYS
10:03:34.0171 3656 HSFHWAZL - ok
10:03:34.0420 3656 [ 0D7A055A840C3099C37D576573A42CD5 ] HSF_DPV C:\Windows\system32\DRIVERS\HSX_DPV.sys
10:03:34.0935 3656 HSF_DPV - ok
10:03:35.0387 3656 [ BCC074692882C056B0E1AC97F3331A02 ] HSXHWAZL C:\Windows\system32\DRIVERS\HSXHWAZL.sys
10:03:35.0512 3656 HSXHWAZL - ok
10:03:35.0575 3656 [ 52395A94C127C0266D1C0F3CCE8A4345 ] htcnprot C:\Windows\system32\DRIVERS\htcnprot.sys
10:03:35.0590 3656 htcnprot - ok
10:03:35.0762 3656 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
10:03:35.0840 3656 HTTP - ok
10:03:35.0871 3656 hubicxwk - ok
10:03:35.0887 3656 huhescna - ok
10:03:35.0918 3656 hvlqcozt - ok
10:03:35.0933 3656 hwecwxds - ok
10:03:35.0949 3656 hwqbfzek - ok
10:03:35.0965 3656 hxmdoiwg - ok
10:03:35.0980 3656 hyurdycc - ok
10:03:36.0011 3656 hzbixirx - ok
10:03:36.0027 3656 hztulsur - ok
10:03:36.0089 3656 [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp C:\Windows\system32\drivers\i2omp.sys
10:03:36.0121 3656 i2omp - ok
10:03:36.0262 3656 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
10:03:36.0315 3656 i8042prt - ok
10:03:36.0820 3656 [ 496DB78E6A0C4C44023D9A92B4A7AC31 ] ialm C:\Windows\system32\DRIVERS\igdkmd32.sys
10:03:37.0498 3656 ialm - ok
10:03:37.0589 3656 [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
10:03:37.0683 3656 iaStorV - ok
10:03:37.0699 3656 iasxsjou - ok
10:03:37.0743 3656 ibsijgam - ok
10:03:37.0769 3656 ibvpjgqy - ok
10:03:37.0785 3656 icgkewql - ok
10:03:37.0800 3656 icwtlkbq - ok
10:03:38.0011 3656 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
10:03:38.0470 3656 IDriverT - ok
10:03:38.0893 3656 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:03:39.0311 3656 idsvc - ok
10:03:39.0328 3656 iduiglhs - ok
10:03:39.0354 3656 idzhnnpc - ok
10:03:39.0385 3656 ifegdgjk - ok
10:03:39.0424 3656 ihnqsqkh - ok
10:03:39.0514 3656 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
10:03:39.0577 3656 iirsp - ok
10:03:39.0589 3656 iiyrhcma - ok
10:03:39.0609 3656 ijkvdtcc - ok
10:03:39.0618 3656 ijrowclf - ok
10:03:39.0780 3656 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
10:03:40.0083 3656 IKEEXT - ok
10:03:40.0101 3656 ikkrnksn - ok
10:03:40.0127 3656 ilbawpyf - ok
10:03:40.0173 3656 ilqvlduh - ok
10:03:40.0197 3656 imtqftvg - ok
10:03:40.0207 3656 incmmxst - ok
10:03:40.0228 3656 ingfkntc - ok
10:03:40.0314 3656 [ 97469037714070E45194ED318D636401 ] intelide C:\Windows\system32\drivers\intelide.sys
10:03:40.0344 3656 intelide - ok
10:03:40.0409 3656 [ CE44CC04262F28216DD4341E9E36A16F ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
10:03:40.0480 3656 intelppm - ok
10:03:40.0496 3656 iofahzir - ok
10:03:40.0605 3656 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
10:03:40.0661 3656 IPBusEnum - ok
10:03:40.0767 3656 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:03:40.0785 3656 IpFilterDriver - ok
10:03:40.0792 3656 IpInIp - ok
10:03:40.0836 3656 [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
10:03:40.0863 3656 IPMIDRV - ok
10:03:40.0943 3656 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
10:03:40.0992 3656 IPNAT - ok
10:03:41.0008 3656 ipoqsxyc - ok
10:03:41.0031 3656 iqmqparl - ok
10:03:41.0327 3656 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
10:03:41.0343 3656 IRENUM - ok
10:03:41.0356 3656 irgaufym - ok
10:03:41.0372 3656 irzcetgo - ok
10:03:41.0444 3656 [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp C:\Windows\system32\drivers\isapnp.sys
10:03:41.0481 3656 isapnp - ok
10:03:41.0612 3656 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
10:03:41.0617 3656 iScsiPrt - ok
10:03:41.0773 3656 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
10:03:41.0848 3656 iteatapi - ok
10:03:41.0907 3656 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
10:03:41.0945 3656 iteraid - ok
10:03:41.0952 3656 iteyygbf - ok
10:03:41.0985 3656 itjcxnaf - ok
10:03:42.0019 3656 iuynzkwz - ok
10:03:42.0058 3656 ivthdvza - ok
10:03:42.0070 3656 ivuhxemn - ok
10:03:42.0078 3656 ivwahuow - ok
10:03:42.0091 3656 ixdmkneh - ok
10:03:42.0111 3656 iyoyvgql - ok
10:03:42.0131 3656 iyxtjmtp - ok
10:03:42.0150 3656 jaabuqfk - ok
10:03:42.0173 3656 jcllatbs - ok
10:03:42.0181 3656 jdktzztg - ok
10:03:42.0199 3656 jeckcuvv - ok
10:03:42.0220 3656 jeemfpdo - ok
10:03:42.0245 3656 jfekfyut - ok
10:03:42.0267 3656 jgvfonoz - ok
10:03:42.0289 3656 jhvjksvh - ok
10:03:42.0302 3656 jibsevzs - ok
10:03:42.0312 3656 jilnepwj - ok
10:03:42.0321 3656 jipdgpoo - ok
10:03:42.0347 3656 jlvrhbof - ok
10:03:42.0363 3656 jmomjpym - ok
10:03:42.0372 3656 jmpigkoo - ok
10:03:42.0388 3656 jmymmskm - ok
10:03:42.0402 3656 jnazfoqm - ok
10:03:42.0429 3656 jpvyhssn - ok
10:03:42.0437 3656 jqqbsfbv - ok
10:03:42.0447 3656 jrheukkm - ok
10:03:42.0456 3656 jrisfjuv - ok
10:03:42.0468 3656 jrjwlskb - ok
10:03:42.0480 3656 jrnuqcpo - ok
10:03:42.0493 3656 jsabckvw - ok
10:03:42.0520 3656 jslxmohc - ok
10:03:42.0542 3656 jufnkclg - ok
10:03:42.0553 3656 jukxntvr - ok
10:03:42.0572 3656 jvgdhisl - ok
10:03:42.0583 3656 jvjmronf - ok
10:03:42.0596 3656 jwbojvwq - ok
10:03:42.0609 3656 jxaoioog - ok
10:03:42.0622 3656 jyaofqbv - ok
10:03:42.0636 3656 kamdizeo - ok
10:03:42.0653 3656 kayenudq - ok
10:03:42.0719 3656 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
10:03:42.0720 3656 kbdclass - ok
10:03:42.0871 3656 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
10:03:42.0909 3656 kbdhid - ok
10:03:42.0936 3656 kelzlnka - ok
10:03:42.0968 3656 keomwoda - ok
10:03:43.0036 3656 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
10:03:43.0046 3656 KeyIso - ok
10:03:43.0074 3656 kfgwmkxs - ok
10:03:43.0091 3656 kfjjoqhz - ok
10:03:43.0106 3656 kfrbjfbb - ok
10:03:43.0114 3656 kgaocnxi - ok
10:03:43.0138 3656 khikogwy - ok
10:03:43.0170 3656 kifskymm - ok
10:03:43.0185 3656 kinvwtpi - ok
10:03:43.0197 3656 kjersnaz - ok
10:03:43.0226 3656 kkaerzhk - ok
10:03:43.0248 3656 kksrrjrv - ok
10:03:43.0276 3656 klvsuygg - ok
10:03:43.0319 3656 kmwkclnh - ok
10:03:43.0332 3656 knnrrdra - ok
10:03:43.0357 3656 kpyjzuqu - ok
10:03:43.0383 3656 krsferxl - ok
10:03:43.0394 3656 ksddvsvd - ok
10:03:43.0547 3656 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
10:03:43.0603 3656 KSecDD - ok
10:03:43.0623 3656 ktabycux - ok
10:03:43.0633 3656 ktlaijte - ok
10:03:43.0764 3656 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
10:03:43.0787 3656 KtmRm - ok
10:03:43.0794 3656 kujdmlnx - ok
10:03:43.0818 3656 kvaqgfgr - ok
10:03:43.0844 3656 kwiolpxa - ok
10:03:43.0888 3656 kzjblkpw - ok
10:03:43.0900 3656 kzxpieoe - ok
10:03:43.0915 3656 lahqkzhm - ok
10:03:44.0022 3656 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll
10:03:44.0048 3656 LanmanServer - ok
10:03:44.0133 3656 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:03:44.0139 3656 LanmanWorkstation - ok
10:03:44.0174 3656 lbearyfs - ok
10:03:44.0190 3656 lcnzaejb - ok
10:03:44.0198 3656 ldadezie - ok
10:03:44.0213 3656 ldbbjqcd - ok
10:03:44.0223 3656 ldvsnsxy - ok
10:03:44.0259 3656 lhocjfoc - ok
10:03:44.0422 3656 [ 31D8B705DCD5F2366186E731F87C7A71 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
10:03:44.0430 3656 LightScribeService - ok
10:03:44.0441 3656 lkacckwc - ok
10:03:44.0451 3656 lkblsuuk - ok
10:03:44.0461 3656 lkyqzpwr - ok
10:03:44.0471 3656 lkyyeyyr - ok
10:03:44.0537 3656 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
10:03:44.0554 3656 lltdio - ok
10:03:44.0615 3656 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
10:03:44.0632 3656 lltdsvc - ok
10:03:44.0657 3656 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
10:03:44.0669 3656 lmhosts - ok
10:03:44.0683 3656 lmojfjrf - ok
10:03:44.0692 3656 lmqgibnk - ok
10:03:44.0703 3656 lnksgwgm - ok
10:03:44.0712 3656 lnqidsez - ok
10:03:44.0723 3656 lohjakhc - ok
10:03:44.0754 3656 lqapmqpk - ok
10:03:44.0777 3656 lrfyynmk - ok
10:03:44.0835 3656 [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
10:03:44.0838 3656 LSI_FC - ok
10:03:44.0859 3656 [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
10:03:44.0875 3656 LSI_SAS - ok
10:03:44.0935 3656 [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
10:03:44.0952 3656 LSI_SCSI - ok
10:03:44.0960 3656 lstuymns - ok
10:03:45.0005 3656 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
10:03:45.0021 3656 luafv - ok
10:03:45.0033 3656 luqrbnfk - ok
10:03:45.0063 3656 lvmwayci - ok
10:03:45.0082 3656 lwmvxdtj - ok
10:03:45.0097 3656 lxihoebk - ok
10:03:45.0125 3656 mawafroa - ok
10:03:45.0144 3656 mcazrjay - ok
10:03:45.0486 3656 [ F453D1E6D881E8F8717E20CCD4199E85 ] McComponentHostService C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
10:03:45.0511 3656 McComponentHostService - ok
10:03:45.0519 3656 mcebydmr - ok
10:03:45.0530 3656 mcunyrjm - ok
10:03:45.0600 3656 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
10:03:45.0614 3656 Mcx2Svc - ok
10:03:45.0621 3656 mcyfjyeu - ok
10:03:45.0637 3656 mdmntlht - ok
10:03:45.0647 3656 mdmuzezw - ok
10:03:45.0721 3656 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
10:03:45.0762 3656 mdmxsdk - ok
10:03:45.0777 3656 mdnytxes - ok
10:03:45.0800 3656 mdoexgfn - ok
10:03:45.0821 3656 mdzoeefc - ok
10:03:45.0893 3656 [ D153B14FC6598EAE8422A2037553ADCE ] megasas C:\Windows\system32\drivers\megasas.sys
10:03:45.0924 3656 megasas - ok
10:03:45.0936 3656 mfwxmdon - ok
10:03:45.0965 3656 mhxrmitp - ok
10:03:46.0144 3656 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
10:03:46.0158 3656 Microsoft Office Groove Audit Service - ok
10:03:46.0233 3656 mksmochq - ok
10:03:46.0397 3656 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
10:03:46.0410 3656 MMCSS - ok
10:03:46.0469 3656 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
10:03:46.0477 3656 Modem - ok
10:03:46.0548 3656 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
10:03:46.0549 3656 monitor - ok
10:03:46.0583 3656 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
10:03:46.0584 3656 mouclass - ok
10:03:46.0656 3656 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
10:03:46.0679 3656 mouhid - ok
10:03:46.0730 3656 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
10:03:46.0736 3656 MountMgr - ok
10:03:46.0908 3656 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
10:03:46.0967 3656 MozillaMaintenance - ok
10:03:47.0130 3656 [ EE728AF83850DDAD9A3FCAC0AAB3AD97 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
10:03:47.0134 3656 MpFilter - ok
10:03:47.0186 3656 [ 583A41F26278D9E0EA548163D6139397 ] mpio C:\Windows\system32\drivers\mpio.sys
10:03:47.0211 3656 mpio - ok
10:03:47.0325 3656 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
10:03:47.0349 3656 mpsdrv - ok
10:03:47.0356 3656 mpuijlkz - ok
10:03:47.0367 3656 mqacucjs - ok
10:03:47.0383 3656 mqiehuji - ok
10:03:47.0439 3656 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
10:03:47.0463 3656 Mraid35x - ok
10:03:47.0558 3656 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
10:03:47.0589 3656 MRxDAV - ok
10:03:47.0663 3656 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
10:03:47.0687 3656 mrxsmb - ok
10:03:47.0742 3656 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:03:47.0770 3656 mrxsmb10 - ok
10:03:47.0848 3656 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:03:47.0857 3656 mrxsmb20 - ok
10:03:47.0913 3656 [ 742AED7939E734C36B7E8D6228CE26B7 ] msahci C:\Windows\system32\drivers\msahci.sys
10:03:47.0940 3656 msahci - ok
10:03:47.0982 3656 [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm C:\Windows\system32\drivers\msdsm.sys
10:03:47.0997 3656 msdsm - ok
10:03:48.0091 3656 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
10:03:48.0099 3656 MSDTC - ok
10:03:48.0180 3656 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
10:03:48.0258 3656 Msfs - ok
10:03:48.0327 3656 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
10:03:48.0328 3656 msisadrv - ok
10:03:48.0481 3656 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
10:03:49.0380 3656 MSiSCSI - ok
10:03:49.0387 3656 msiserver - ok
10:03:49.0543 3656 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
10:03:49.0618 3656 MSKSSRV - ok
10:03:49.0811 3656 [ E077FCA2A7E79FB9BF67D3E30B5CE593 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
10:03:49.0827 3656 MsMpSvc - ok
10:03:49.0885 3656 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
10:03:49.0921 3656 MSPCLOCK - ok
10:03:50.0002 3656 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
10:03:50.0030 3656 MSPQM - ok
10:03:50.0038 3656 mspxmpja - ok
10:03:50.0197 3656 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
10:03:50.0241 3656 MsRPC - ok
10:03:50.0315 3656 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
10:03:50.0316 3656 mssmbios - ok
10:03:50.0418 3656 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
10:03:50.0457 3656 MSTEE - ok
10:03:50.0553 3656 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
10:03:50.0591 3656 Mup - ok
10:03:50.0598 3656 murphhge - ok
10:03:50.0614 3656 mvnfeqsl - ok
10:03:50.0630 3656 mwmzvsli - ok
10:03:50.0691 3656 mzznfphy - ok
10:03:50.0809 3656 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
10:03:50.0900 3656 napagent - ok
10:03:51.0043 3656 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
10:03:51.0134 3656 NativeWifiP - ok
10:03:51.0184 3656 nbkdvvpy - ok
10:03:51.0477 3656 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
10:03:51.0632 3656 NDIS - ok
10:03:51.0712 3656 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
10:03:51.0760 3656 NdisTapi - ok
10:03:51.0843 3656 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
10:03:51.0885 3656 Ndisuio - ok
10:03:52.0009 3656 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
10:03:52.0027 3656 NdisWan - ok
10:03:52.0050 3656 ndnfhwfx - ok
10:03:52.0208 3656 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
10:03:52.0217 3656 NDProxy - ok
10:03:52.0239 3656 ndvntnwx - ok
10:03:52.0266 3656 negbxhph - ok
10:03:52.0426 3656 [ A081CB6FB9A12668F233EB5414BE3A0E ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
10:03:52.0457 3656 Net Driver HPZ12 - ok
10:03:52.0587 3656 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
10:03:52.0652 3656 NetBIOS - ok
10:03:52.0756 3656 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
10:03:52.0978 3656 netbt - ok
10:03:53.0020 3656 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
10:03:53.0022 3656 Netlogon - ok
10:03:53.0177 3656 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
10:03:53.0191 3656 Netman - ok
10:03:53.0270 3656 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
10:03:53.0277 3656 netprofm - ok
10:03:53.0363 3656 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:03:53.0382 3656 NetTcpPortSharing - ok
10:03:53.0398 3656 nevzdlkj - ok
10:03:53.0439 3656 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
10:03:53.0455 3656 nfrd960 - ok
10:03:53.0500 3656 nhodtjvb - ok
10:03:53.0516 3656 nilfsons - ok
10:03:53.0578 3656 [ 2CD24A6AF497D0E9B9BF3DA924ED05E6 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
10:03:53.0582 3656 NisDrv - ok
10:03:53.0594 3656 nismtenf - ok
10:03:53.0704 3656 [ 3B846434055F80D9E89D0742F3ADAD34 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
10:03:53.0711 3656 NisSrv - ok
10:03:53.0722 3656 nivptmmf - ok
10:03:53.0730 3656 njguvbir - ok
10:03:53.0837 3656 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
10:03:53.0873 3656 NlaSvc - ok
10:03:53.0938 3656 nowmvmhq - ok
10:03:53.0965 3656 noygobwy - ok
10:03:54.0015 3656 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
10:03:54.0084 3656 Npfs - ok
10:03:54.0100 3656 nrilrono - ok
10:03:54.0122 3656 nrvyvmuk - ok
10:03:54.0193 3656 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
10:03:54.0222 3656 nsi - ok
10:03:54.0229 3656 nsiokyou - ok
10:03:54.0295 3656 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
10:03:54.0317 3656 nsiproxy - ok
10:03:54.0533 3656 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
10:03:55.0052 3656 Ntfs - ok
10:03:55.0158 3656 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
10:03:55.0192 3656 ntrigdigi - ok
10:03:55.0326 3656 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
10:03:55.0374 3656 Null - ok
10:03:55.0720 3656 [ A1108084B0D2FC43DCC401735770E2A3 ] NVENETFD C:\Windows\system32\DRIVERS\nvmfdx32.sys
10:03:55.0740 3656 NVENETFD - ok
10:03:58.0296 3656 [ B36C3B866B0D47E2E2856EC8FD746E39 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
10:04:01.0696 3656 nvlddmkm - ok
10:04:01.0776 3656 [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid C:\Windows\system32\drivers\nvraid.sys
10:04:01.0878 3656 nvraid - ok
10:04:01.0970 3656 [ 9AEBC32F9D6E02EBEE0369AB296FE7C8 ] nvsmu C:\Windows\system32\DRIVERS\nvsmu.sys
10:04:01.0971 3656 nvsmu - ok
10:04:02.0012 3656 [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor C:\Windows\system32\drivers\nvstor.sys
10:04:02.0023 3656 nvstor - ok
10:04:02.0170 3656 [ CF672C71844A3B407EB86042829BCE09 ] nvsvc C:\Windows\system32\nvvsvc.exe
10:04:02.0292 3656 nvsvc - ok
10:04:02.0386 3656 [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
10:04:02.0456 3656 nv_agp - ok
10:04:02.0465 3656 NwlnkFlt - ok
10:04:02.0475 3656 NwlnkFwd - ok
10:04:02.0504 3656 oarcyduw - ok
10:04:02.0514 3656 oblklegl - ok
10:04:02.0523 3656 ocoakgld - ok
10:04:03.0020 3656 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
10:04:03.0437 3656 odserv - ok
10:04:03.0456 3656 odynibxx - ok
10:04:03.0486 3656 oeyjmqzh - ok
10:04:03.0515 3656 ofnhjacr - ok
10:04:03.0536 3656 ofxuchai - ok
10:04:03.0605 3656 ogfudrhv - ok
10:04:03.0615 3656 ogwptghy - ok
10:04:03.0622 3656 ogwxrdiu - ok
10:04:03.0688 3656 [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
10:04:03.0690 3656 ohci1394 - ok
10:04:03.0710 3656 oirfwhfu - ok
10:04:03.0722 3656 ojluasrx - ok
10:04:03.0740 3656 okkiffmf - ok
10:04:03.0756 3656 olaxlfka - ok
10:04:03.0859 3656 omqqbruw - ok
10:04:03.0867 3656 omuiedoc - ok
10:04:03.0880 3656 onzjtlsd - ok
10:04:03.0888 3656 oogddxwk - ok
10:04:03.0897 3656 oooftwta - ok
10:04:03.0904 3656 opdyokkz - ok
10:04:03.0914 3656 ophfplua - ok
10:04:03.0931 3656 opljoqlj - ok
10:04:03.0958 3656 orogaxec - ok
10:04:04.0140 3656 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:04:04.0232 3656 ose - ok
10:04:04.0252 3656 osvzeggl - ok
10:04:04.0274 3656 otvvuego - ok
10:04:04.0307 3656 ovavqgmp - ok
10:04:04.0325 3656 ovwemgid - ok
10:04:04.0354 3656 owgoigqs - ok
10:04:04.0375 3656 owprbdro - ok
10:04:04.0401 3656 oxpcugxi - ok
10:04:04.0446 3656 oyoglijk - ok
10:04:04.0463 3656 ozfmhusj - ok
10:04:04.0678 3656 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
10:04:05.0041 3656 p2pimsvc - ok
10:04:05.0157 3656 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
10:04:05.0165 3656 p2psvc - ok
10:04:05.0183 3656 pamacnrp - ok
10:04:05.0195 3656 pamwnjbq - ok
10:04:05.0265 3656 [ 8A79FDF04A73428597E2CAF9D0D67850 ] Parport C:\Windows\system32\DRIVERS\parport.sys
10:04:05.0278 3656 Parport - ok
10:04:05.0411 3656 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
10:04:05.0428 3656 partmgr - ok
10:04:05.0551 3656 [ 6C580025C81CAF3AE9E3617C22CAD00E ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
10:04:05.0569 3656 Parvdm - ok
10:04:05.0752 3656 [ 39B9DCD7040654C2E57D7396736C718E ] PassThru Service C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
10:04:05.0753 3656 PassThru Service - ok
10:04:05.0767 3656 pblzlvoy - ok
10:04:05.0779 3656 pbnjxzxb - ok
10:04:05.0788 3656 pbtdyjsr - ok
10:04:05.0866 3656 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
10:04:05.0898 3656 PcaSvc - ok
10:04:06.0019 3656 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
10:04:06.0053 3656 pci - ok
10:04:06.0109 3656 [ 1636D43F10416AEB483BC6001097B26C ] pciide C:\Windows\system32\drivers\pciide.sys
10:04:06.0110 3656 pciide - ok
10:04:06.0219 3656 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
10:04:06.0297 3656 pcmcia - ok
10:04:06.0608 3656 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
10:04:06.0886 3656 PEAUTH - ok
10:04:06.0931 3656 pgwemjxi - ok
10:04:06.0940 3656 phhunrub - ok
10:04:06.0958 3656 pilayucv - ok
10:04:06.0974 3656 pizimofu - ok
10:04:06.0982 3656 pjatpmzc - ok
10:04:07.0002 3656 pkuonkox - ok
10:04:07.0527 3656 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
10:04:08.0024 3656 pla - ok
10:04:08.0201 3656 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
10:04:08.0241 3656 PlugPlay - ok
10:04:08.0302 3656 [ 65BC271F337637731D3C71455AE1F476 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
10:04:08.0309 3656 Pml Driver HPZ12 - ok
10:04:08.0367 3656 pmqipqtc - ok
10:04:08.0374 3656 pmwmoprg - ok
10:04:08.0384 3656 pmyzvnfj - ok
10:04:08.0549 3656 [ 088335B06F75ADBCBB81575C7CAE6C43 ] pneteth C:\Windows\system32\DRIVERS\pneteth.sys
10:04:08.0620 3656 pneteth - ok
10:04:08.0753 3656 pnkbfqit - ok
10:04:09.0026 3656 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
10:04:09.0045 3656 PNRPAutoReg - ok
10:04:09.0299 3656 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
10:04:09.0307 3656 PNRPsvc - ok
10:04:09.0383 3656 pnuqaqro - ok
10:04:09.0407 3656 poamofrn - ok
10:04:09.0423 3656 poirseco - ok
10:04:09.0543 3656 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
10:04:09.0657 3656 PolicyAgent - ok
10:04:09.0733 3656 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
10:04:09.0757 3656 PptpMiniport - ok
10:04:09.0771 3656 ppxewvgp - ok
10:04:09.0786 3656 pqjisocj - ok
10:04:09.0801 3656 pqkiurey - ok
10:04:09.0817 3656 pqtpkppr - ok
10:04:09.0887 3656 [ 0E3CEF5D28B40CF273281D620C50700A ] Processor C:\Windows\system32\drivers\processr.sys
10:04:09.0907 3656 Processor - ok
10:04:10.0041 3656 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
10:04:10.0108 3656 ProfSvc - ok
10:04:10.0122 3656 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
10:04:10.0124 3656 ProtectedStorage - ok
10:04:10.0164 3656 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
10:04:10.0167 3656 PSched - ok
10:04:10.0182 3656 psgzdiot - ok
10:04:10.0209 3656 pvenqzvr - ok
10:04:10.0343 3656 [ D86B4A
-
I would also just like to add that when I scan things, it takes forever and scans like 3 million temporary internet files.. this is after I run CCleaner too.. so idk y there are so many..
Also, chkdsk finally worked in safe mode and it did come up with some things files that were missing or something.. it was numbers of files and then said it could not finish it... let me know if you want this posted.
-
Click Start> Computer> right click the C Drive and choose Properties> enter
Click Disk Cleanup from there.
(http://i424.photobucket.com/albums/pp322/digistar/diskcleanup2.jpg)
Click OK on the Disk Cleanup Screen.
Click Yes on the Confirmation screen.
(http://i424.photobucket.com/albums/pp322/digistar/diskcleanup.jpg)
This runs the Disk Cleanup utility along with other selections if you have chosen any. (if you had a lot System Restore points, you will see a significant change in the free space in C drive)
**********************************************
Please do this whether or not you have your OS disk and let me know what happens.
1/ Click the Start button.
2/ From the Start Menu, Click All programs followed by Accessories.
3/ In the Accessories menu, Right Click on the Command Prompt option.
4/ From the drop down menu that appears, Click on the Run as administrator option.
5/ If you have the User Account Control (UAC) enabled you will be asked for authorisation prior to the command prompt opening. You may simply need to press the Continue button if you are the administrator or insert the administrator password etc.
6/ In the Command Prompt window, type: sfc /scannow and then press Enter.
7/ A message will appear stating that the system scan will begin.
8/ Be patient because the scan may take some time.
9/ If any files require replacing SFC will replace them. You may be asked to insert your Vista DVD for this process to continue.
10/ If everything is okay you should, after the scan, see the following message Windows resource protection did not find any integrity violations.
11/ After the scan has completed, Close the command prompt window.
-
Disk clean up did not free up any space. Command sfc/scannow did not find anything
-
I would also just like to add that when I scan things, it takes forever and scans like 3 million temporary internet files..
What are you scanning with that shows all those temp. files? Diskcleanup should have cleaned them all out.
Malwarebytes' Anti-Rootkit
Please download Malwarebytes' Anti-Rootkit (http://www.malwarebytes.org/products/mbar/) and save it to your desktop.
- Be sure to print out and follow the instructions provided on that same page for performing a scan.
- Caution: This is a beta version so also read the disclaimer and back up (http://support.microsoft.com/kb/971759) all your data before using.
- When the scan completes, click on the Cleanup button to remove any threats found and reboot the computer if prompted to do so.
- Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
- If there are problems with Internet access, Windows Update, Windows Firewall or other system issues, run the fixdamage tool located in the folder Malwarebytes Anti-Rootkit was run from and reboot your computer.
- Two files (mbar-log-YYYY-MM-DD, system-log.txt) will be created and saved within that same folder.
- Copy and paste the contents of these two log files in your next reply.
-
I downloaded it but it is quite a few files..not sure which one to click so I selected just the one that says "mbar" and the type is just "application"... when I click RUN then I get the msg that QtGui4.dll was not found.. re-installing the app may fix this problem... So i reinstalled with no fix.
To answer your other question, when I run a FULL scan with either MBAM or Mic. Security Essentials, they both load millions of internet files... I finally gave up on a full scan when it took over 14 hours. they were Internet Explorer files.
-
Okay I got it to work however it finds at least 6 Malwares and gets stuck while still scanning... I cannot cleanup until its finished scanning all the way.
-
Please try running it in Safe Mode.
-
Here are the logs! It was just slow :)
[year+ old attachment deleted by admin]
-
Here are the logs :) THanks!
[year+ old attachment deleted by admin]
-
Is there any change in the computer?
-
not on the C drive for space which was the concern.. I do notice that my internet explorer isn't redirecting me to crazy pages anymore though :)
-
Please do this and give me a screenprint.
Click Start> Computer> right click the C Drive and choose Properties> enter
How to post screenshots or images (http://www.computerhope.com/forum/index.php/topic,61232.0.html)
-
Attached is a screen shot of C drive properties
[year+ old attachment deleted by admin]
-
Please download: HiJackThis (http://go.trendmicro.com/free-tools/hijackthis/HijackThisInstaller.exe) to your Desktop.
- Double Click the HijackThis icon, located on your Desktop.
- By Default, it will install to: C:\Program Files\Trend Micro\HijackThis
- Accept the license agreement.
- Click the Open the Misc Tools section button.
- Click on the Open Uninstall Manager button.
- Click on the Save list... button and specify where you would like to save this file. When you press Save button a Notepad will open with the contents of that file. Save the file to your desktop.
Copy and paste this file in your next reply.
-
Here is the uninstall list.
[year+ old attachment deleted by admin]
-
Download Combofix from any of the links below, and save it to your DESKTOP.
Link 1 (http://download.bleepingcomputer.com/sUBs/ComboFix.exe)
Link 2 (http://www.forospyware.com/sUBs/ComboFix.exe)
Link 3 (http://subs.geekstogo.com/ComboFix.exe)
To prevent your anti-virus application interfering with ComboFix we need to disable it. See here (http://www.pchelpforum.com/anti-virus/110194-how-disable-your-security-applications-4.html) for a tutorial regarding how to do so if you are unsure.
- Close any open windows and double click ComboFix.exe to run it.
You will see the following image:
(http://i424.photobucket.com/albums/pp322/digistar/NSIS_disclaimer_ENG.png)
Click I Agree to start the program.
ComboFix will then extract the necessary files and you will see this:
(http://i424.photobucket.com/albums/pp322/digistar/NSIS_extraction.png)
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. This will not occur in Windows Vista and 7
It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
If you did not have it installed, you will see the prompt below. Choose YES.
(http://i424.photobucket.com/albums/pp322/digistar/RcAuto1.gif)
Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.
Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
(http://i424.photobucket.com/albums/pp322/digistar/whatnext.png)
Click on Yes, to continue scanning for malware.
When finished, it will produce a report for you. Please post the contents of the log (C:\ComboFix.txt).
Leave your computer alone while ComboFix is running. ComboFix will restart your computer if malware is found; allow it to do so.
Note: Please Do NOT mouseclick combofix's window while its running because it may cause it to stall.
-
uhh... uh oh..
This is the message I get when trying to open IE or FireFox after downloading and running ComboFix : Illegal operation attempted on a registry key that has been marked for deletion.
-
uhh... uh oh..
This is the message I get when trying to open IE or FireFox after downloading and running ComboFix : Illegal operation attempted on a registry key that has been marked for deletion.
A re-boot will remove that message.
-
Sorry it's taken me so long to get back to you..reason is because the first time I did ComboFix, it worked correctly and posted a log but then I couldn't open the Internet bc of that message about the registry...You told me to reboot and everything then worked fine but I cannot find the log. I ran combofix several other times and I never see where a new log popups...any idea where I could find it? Or how to get a new one? I looked in recent docs, and documents.
-
You should be able to find it in the ComboFix folder. C:\ComboFix.txt
-
I cannnot find it.. When I click on ComboFix it automatically just starts running the program. I don't see any where to go to C:\ComboFix.txt
-
Go to All programs, Accessories, and select Windows Explorer. Click on your C drive and you should see the ComboFix folder. Click on the folder and you should see a txt file named ComboFix. Open it, copy and paste it in your next reply.
-
I still couldn't find the old one but here is a new one!!!
[year+ old attachment deleted by admin]
-
Download Security Check by screen317 from one of the following links and save it to your desktop.
Link 1 (http://screen317.spywareinfoforum.org/SecurityCheck.exe)
Link 2 (http://screen317.changelog.fr/SecurityCheck.exe)
* Double-click Security Check.bat
* Follow the on-screen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt
* Post the contents of that document in your next reply.
Note: If a security program requests permission from dig.exe to access the Internet, allow it to do so.
****************************************************
Please go to Jotti's malware scan (http://virusscan.jotti.org/)
(If more than one file needs scanned they must be done separately and links posted for each one)
* Copy the file path in the below Code box:
c:\windows\system32\drivers\aaajgzss.sys
* At the upload site, click once inside the window next to Browse.
* Press Ctrl+V on the keyboard (both at the same time) to paste the file path into the window.
* Next click Submit file
* Your file will possibly be entered into a queue which normally takes less than a minute to clear.
* This will perform a scan across multiple different virus scanning engines.
* Important: Wait for all of the scanning engines to complete.
* Once the scan is finished, Copy and then Paste the link in the address bar into your next reply.
*****************************************************
Please download aswMBR.exe (http://public.avast.com/%7Egmerek/aswMBR.exe) ( 511KB ) to your desktop.
Double click the aswMBR.exe to run it
(http://i424.photobucket.com/albums/pp322/digistar/aswMBR_Scan.jpg)
Click the "Scan" button to start scan
Note: Do not take action against any **Rootkit** entries until I have reviewed the log. Often there are false positives
(http://i424.photobucket.com/albums/pp322/digistar/aswMBR_SaveLog.png)
On completion of the scan click save log, save it to your desktop and post in your next reply
-
Attached are the top one and the last one.. I could not do Jotti's malware scan. When I copied the link and clicked once in the window next to browse, it would automatically open up browse and copy the file name. It could not find the file in my files.. so I could never hit submit.
[year+ old attachment deleted by admin]
-
Looking over your log it seems you don't have any antivirus software.
Before we continue download and install a free antivirus.
Remember to only install one antivirus!
1) Avast! Home Edition (http://www.majorgeeks.com/Avast_Home_Edition_d1968.html)
2) AVG Free Edition (http://www.majorgeeks.com/download.php?det=886)
3) Avira AntiVir Personal (http://www.majorgeeks.com/AntiVir_Personal_Edition_7_d955.html)
4) Microsoft Security Essentials for Windows Vista\Windows 7 (http://majorgeeks.com/Microsoft_Security_Essentials_for_Windows_VistaWindows_7_d6242.html) - 64 bit Download (http://majorgeeks.com/downloadget.php?id=6242&file=5&evp=9112d44b71f157fc5d7fcd7724b088ca)
4-a) Microsoft Security Essentials for Windows XP (http://www.microsoft.com/security_essentials/)
5) Comodo Antivirus (http://www.majorgeeks.com/Comodo_AntiVirus_d5109.html) (Uncheck during installation "Install Comodo SafeSurf..", Make Comodo my default search provider" and "Make Comodo Search my homepage" if you choose this one)
6) PC Tools AntiVirus Free Edition (http://www.majorgeeks.com/PC_Tools_AntiVirus_Free_Edition_d5469.html)
7) ThreatFire (http://www.threatfire.com/)
It is strongly recommended that you run only one antivirus program at a time. Having more than one antivirus program active in memory uses additional resources and can result in program conflicts and false virus alerts. If you choose to install more than one antivirus program on your computer, then only one of them should be active in memory at a time.
************************************************
Total Fragmentation on Drive C: 19 % Defragment your hard drive soon! (Do NOT defrag if SSD!)
Please don't ignore this warning. SSD means Solid State Drive
*************************************************
We need to fix the Master Boot Record (http://en.wikipedia.org/wiki/Master_boot_record) using aswMBR now.
- Double click aswMBR.exe to run it like before
- Once the scan finishes click FixMBR to remove the infection as illustrated below
(http://i424.photobucket.com/albums/pp322/digistar/aswMBR_FixMBR.jpg)
- Once the scan finishes click Save log to save the log to your Desktop
(http://i424.photobucket.com/albums/pp322/digistar/aswMBR_SaveLog.png)
- Copy and paste the contents of aswMBR.txt back here for review
.
************************************************************
Please delete/uninstall ComboFix from your computer. It was installed in the wrong place. Please download ComboFix again and save it to your Desktop then run this script below.
Please delete/uninstall ComboFix from your computer. It was installed in the wrong place. Please download ComboFix again and save it to your Desktop then run this script below.
Re-running ComboFix to remove infections:
- Close any open browsers.
- Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
- Open notepad and copy/paste the text in the quotebox below into it:
KillAll::
File::
c:\windows\system32\drivers\aaajgzss.sys
c:\windows\system32\drivers\aaqwdhem.sys
c:\windows\system32\drivers\acqxfcmk.sys
c:\windows\system32\drivers\adbgierw.sys
c:\windows\system32\drivers\afbzmreu.sys
Driver::
aaajgzss
aaqwdhem
acqxfcmk
adbgierw
afbzmreu
- Save this as CFScript.txt, in the same location as ComboFix.exe
(http://i424.photobucket.com/albums/pp322/digistar/cfscriptb4.gif)
- Referring to the picture above, drag CFScript into ComboFix.exe
- When finished, it shall produce a log for you at C:\ComboFix.txt
- Please post the contents of the log in your next reply.
-
I already have Microsoft sec ess. installed.. I'm not sure why you can't see it so I am disabling that one and adding AVG if I can get the space to download it.
Attached is my ASWMBR log after I hit FIX MBR
As far as ComboFix.. I uninstalled. redownloaded to desktop. Made file in notepad and combined, however nothing happens except it runs the beginning stuff and then it makes back up files and then just goes away.
[year+ old attachment deleted by admin]
-
Nevermind. ComboFix worked.. I forgot it takes along time. It is preparing the log report now. When I get home from work I will post it. THanks!
-
combofix log
[year+ old attachment deleted by admin]
-
You didn't run the ComboFix script correctly. Please go back and follow the instructions.
- Download RogueKiller (http://tigzy.geekstogo.com/Tools/RogueKiller.exe) on the desktop
- Close all the running programs
- Windows Vista/7 users: right click on RogueKiller.exe, click Run as Administrator
- Otherwise just double-click on RogueKiller.exe
- Pre-scan will start. Let it finish.
- Click on SCAN button.
- A report (RKreport.txt) should open. Post its content in your next reply. (RKreport could also be found on your desktop)
- If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again
-
Rogue Killer Report attached.
ComboFix is not working for me anymore. I followed instructions but when it first opens, I get constant errors that the file is not open for writing. Just now I went to go delete it so I could reinstall and all of the sudden it is missing..strange because I haven't deleted it yet. I even went to the startup menu and searched and it does not show.
[year+ old attachment deleted by admin]
-
ComboFix is not working for me anymore. I followed instructions but when it first opens, I get constant errors that the file is not open for writing. Just now I went to go delete it so I could reinstall and all of the sudden it is missing..strange because I haven't deleted it yet. I even went to the startup menu and searched and it does not show.
Please download a new one to your desktop and run the script I've provided.
-
Reinstalled combofix. It starts the program and has the beginning sreen with the green text and then it has one error opening file for writing (it's had this every time I've ran it) , I click ignore and it continues then starts backing up to registry but then nothing happens.
-
Ok. Please give me an update on the status of your computer.
-
Strange enough.. I come back hours later and all of the sudden the combo log is on my screen. I attached it. Computer status is still the same. I did do the Rogue Killer log as you asked but I never fixed any of the problems it found. Should I do that?
-
Combo log
[year+ old attachment deleted by admin]
-
I did do the Rogue Killer log as you asked but I never fixed any of the problems it found. Should I do that?
Yes, please.
ComboFix was not run correctly. Please go back to Reply # 33 and follow the instructions to run the script.
-
i honestly don't know what I'm doing wrong. Is there any way you can tell? Here is a new log where I tried again.
[recovering disk space, attachment deleted by admin]
-
That's good.
I'd like to scan your machine with ESET OnlineScan
Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however may need to disable your current installed Anti-Virus, how to do so can be read here. (http://www.bleepingcomputer.com/forums/topic114351.html)
•Please go (http://www.eset.com/onlinescan/) then click on the: (http://i424.photobucket.com/albums/pp322/digistar/esetOnline.png) button.
••Select the option YES, I accept the Terms of Use then click on: (http://i424.photobucket.com/albums/pp322/digistar/esetStart.png) button.
Add-On/Active X to install.
[/list]
•Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
•Now click on Advanced Settings and select the following:
•Scan for potentially unwanted applications
•Scan for potentially unsafe applications
•Enable Anti-Stealth Technology
[/list]
•Push the Start button.
•The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
•When completed the Online Scan will begin automatically.
•Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
•When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
•Push (http://i424.photobucket.com/albums/pp322/digistar/esetFinish.png)
•Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
•Copy and paste that log as a reply to this topic.
Note: Do not forget to re-enable your Anti-Virus application after running the above scan!
-
C:\TDSSKiller_Quarantine\01.01.2013_19.13.20\rtkt0000\svc0000\tsk0000.dta Win32/Sirefef.DA trojan
C:\Users\Kelly Nicole\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59\47363e7b-1bba5397 a variant of Java/JShrink.A application
C:\Users\Kelly Nicole\Downloads\ac3filter.exe a variant of Win32/InstallIQ application
C:\Users\Kelly Nicole\Downloads\cnet_refog_setup_free_kl_643_exe.exe a variant of Win32/InstallCore.D application
C:\Users\Kelly Nicole\Downloads\CouponPrinter(3).exe probably a variant of Win32/Adware.Softomate.AD application
C:\Users\Kelly Nicole\Downloads\CouponPrinter(4).exe probably a variant of Win32/Adware.Softomate.AD application
C:\Users\Kelly Nicole\Downloads\CouponPrinter(5).exe probably a variant of Win32/Adware.Softomate.AD application
C:\Users\Kelly Nicole\Downloads\FDM_Setup.exe Win32/Toolbar.Zugo application
C:\Users\Kelly Nicole\Downloads\GraboidVideoSetup-2.01b-Complete(2).exe Win32/Graboid application
C:\Users\Kelly Nicole\Downloads\GraboidVideoSetup-2.01b-Complete(3).exe Win32/Graboid application
C:\Users\Kelly Nicole\Downloads\GraboidVideoSetup-2.01b-Complete(4).exe Win32/Graboid application
C:\Users\Kelly Nicole\Downloads\GraboidVideoSetup-2.01b-Complete(5).exe Win32/Graboid application
C:\Users\Kelly Nicole\Downloads\GraboidVideoSetup-2.01b-Complete.exe Win32/Graboid application
C:\Users\Kelly Nicole\Downloads\vv-supersearch-silent.exe Win32/Toolbar.Zugo application
-
C:\TDSSKiller_Quarantine\01.01.2013_19.13.20\rtkt0000\svc0000\tsk0000.dta Win32/Sirefef.DA trojan
C:\Users\Kelly Nicole\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59\47363e7b-1bba5397 a variant of Java/JShrink.A application
C:\Users\Kelly Nicole\Downloads\ac3filter.exe a variant of Win32/InstallIQ application
C:\Users\Kelly Nicole\Downloads\cnet_refog_setup_free_kl_643_exe.exe a variant of Win32/InstallCore.D application
C:\Users\Kelly Nicole\Downloads\CouponPrinter(3).exe probably a variant of Win32/Adware.Softomate.AD application
C:\Users\Kelly Nicole\Downloads\CouponPrinter(4).exe probably a variant of Win32/Adware.Softomate.AD application
C:\Users\Kelly Nicole\Downloads\CouponPrinter(5).exe probably a variant of Win32/Adware.Softomate.AD application
C:\Users\Kelly Nicole\Downloads\FDM_Setup.exe Win32/Toolbar.Zugo application
C:\Users\Kelly Nicole\Downloads\GraboidVideoSetup-2.01b-Complete(2).exe Win32/Graboid application
C:\Users\Kelly Nicole\Downloads\GraboidVideoSetup-2.01b-Complete(3).exe Win32/Graboid application
C:\Users\Kelly Nicole\Downloads\GraboidVideoSetup-2.01b-Complete(4).exe Win32/Graboid application
C:\Users\Kelly Nicole\Downloads\GraboidVideoSetup-2.01b-Complete(5).exe Win32/Graboid application
C:\Users\Kelly Nicole\Downloads\GraboidVideoSetup-2.01b-Complete.exe Win32/Graboid application
C:\Users\Kelly Nicole\Downloads\vv-supersearch-silent.exe Win32/Toolbar.Zugo application
Where did this come from? It doesn't look like an ESET log.
-
I believe from this website.. http://www.eset.com/me/home/products/online-scanner/
Do you have a direct link to the correct one?
-
I'd like to scan your machine with ESET OnlineScan
•Hold down Control and click on the following link to open ESET OnlineScan in a new window.
ESET OnlineScan (http://eset.com/onlinescan)
•Click the (http://i424.photobucket.com/albums/pp322/digistar/esetOnline.png) button.
•For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
- Click on (http://i424.photobucket.com/albums/pp322/digistar/esetSmartInstall.png) to download the ESET Smart Installer. Save it to your desktop.
- Double click on the (http://i424.photobucket.com/albums/pp322/digistar/esetSmartInstallDesktopIcon-1.png) icon on your desktop.
•Check (http://i424.photobucket.com/albums/pp322/digistar/esetAcceptTerms.png)
•Click the (http://i424.photobucket.com/albums/pp322/digistar/esetStart.png) button.
•Accept any security warnings from your browser.
- Leave the check mark next to Remove found threats.
•Check (http://i424.photobucket.com/albums/pp322/digistar/esetScanArchives.png)
•Push the Start button.
•ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
•When the scan completes, push (http://i424.photobucket.com/albums/pp322/digistar/esetListThreats.png)
•Push (http://i424.photobucket.com/albums/pp322/digistar/esetExport.png), and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
•Push the (http://i424.photobucket.com/albums/pp322/digistar/esetBack.png) button.
•Push (http://i424.photobucket.com/albums/pp322/digistar/esetFinish.png)
A log file will be saved here: C:\Program Files\ESET\ESET Online Scanner\log.txt
-
I did this a few times.. the first time it found i think 5 things.. then I realized it didn't make a log. So I did it again and the Export to text file option was never there. I'm now trying it again and its no longer working. I did fix all the threats it pulled up though. Any other suggestions? Sorry it's been taking me so long to get back with you lately. I'm pregnant now and I'm just tired and sick all the time. :-X
-
Ok. How's your computer running now? Any other issues I should know about?