Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojan Horse patched_c.LZI INFECTION


  • Please log in to reply
3 replies to this topic

#1 Rikumo

Rikumo

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:11:33 AM

Posted 26 October 2012 - 02:33 PM

This trojan is a hard one...please guide me through this removal, you mighty experts :)

Edited by hamluis, 26 October 2012 - 03:40 PM.
Moved from Vista to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:33 AM

Posted 26 October 2012 - 04:29 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 Rikumo

Rikumo
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:11:33 AM

Posted 27 October 2012 - 11:07 AM

TDSS KILLER LOG

12:01:46.0637 3352 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
12:01:47.0027 3352 ============================================================
12:01:47.0027 3352 Current date / time: 2012/10/27 12:01:47.0027
12:01:47.0027 3352 SystemInfo:
12:01:47.0027 3352
12:01:47.0027 3352 OS Version: 6.0.6002 ServicePack: 2.0
12:01:47.0027 3352 Product type: Workstation
12:01:47.0027 3352 ComputerName: GANSHORN_GAME_C
12:01:47.0027 3352 UserName: Jamie
12:01:47.0027 3352 Windows directory: C:\Windows
12:01:47.0027 3352 System windows directory: C:\Windows
12:01:47.0027 3352 Running under WOW64
12:01:47.0027 3352 Processor architecture: Intel x64
12:01:47.0027 3352 Number of processors: 2
12:01:47.0027 3352 Page size: 0x1000
12:01:47.0027 3352 Boot type: Normal boot
12:01:47.0027 3352 ============================================================
12:01:47.0354 3352 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:01:47.0401 3352 Drive \Device\Harddisk1\DR9 - Size: 0x1DD800000 (7.46 Gb), SectorSize: 0x200, Cylinders: 0x3CD, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:01:47.0495 3352 ============================================================
12:01:47.0495 3352 \Device\Harddisk0\DR0:
12:01:47.0495 3352 MBR partitions:
12:01:47.0495 3352 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1389000, BlocksNum 0x494CE800
12:01:47.0495 3352 \Device\Harddisk1\DR9:
12:01:47.0495 3352 MBR partitions:
12:01:47.0495 3352 \Device\Harddisk1\DR9\Partition1: MBR, Type 0xB, StartLBA 0x800, BlocksNum 0xEEB800
12:01:47.0495 3352 ============================================================
12:01:47.0573 3352 C: <-> \Device\Harddisk0\DR0\Partition1
12:01:47.0573 3352 ============================================================
12:01:47.0573 3352 Initialize success
12:01:47.0573 3352 ============================================================
12:02:01.0207 4804 ============================================================
12:02:01.0207 4804 Scan started
12:02:01.0207 4804 Mode: Manual; TDLFS;
12:02:01.0207 4804 ============================================================
12:02:01.0519 4804 ================ Scan system memory ========================
12:02:01.0519 4804 System memory - ok
12:02:01.0519 4804 ================ Scan services =============================
12:02:01.0800 4804 [ 1965AAFFAB07E3FB03C77F81BEBA3547 ] ACPI C:\Windows\system32\drivers\acpi.sys
12:02:01.0800 4804 ACPI - ok
12:02:01.0862 4804 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:02:01.0862 4804 AdobeARMservice - ok
12:02:01.0956 4804 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:02:01.0956 4804 AdobeFlashPlayerUpdateSvc - ok
12:02:02.0003 4804 [ F14215E37CF124104575073F782111D2 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
12:02:02.0018 4804 adp94xx - ok
12:02:02.0065 4804 [ 7D05A75E3066861A6610F7EE04FF085C ] adpahci C:\Windows\system32\drivers\adpahci.sys
12:02:02.0065 4804 adpahci - ok
12:02:02.0096 4804 [ 820A201FE08A0C345B3BEDBC30E1A77C ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
12:02:02.0096 4804 adpu160m - ok
12:02:02.0112 4804 [ 9B4AB6854559DC168FBB4C24FC52E794 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
12:02:02.0128 4804 adpu320 - ok
12:02:02.0174 4804 [ 0F421175574BFE0BF2F4D8E910A253BB ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:02:02.0174 4804 AeLookupSvc - ok
12:02:02.0206 4804 [ C4F6CE6087760AD70960C9EB130E7943 ] AFD C:\Windows\system32\drivers\afd.sys
12:02:02.0221 4804 AFD - ok
12:02:02.0237 4804 [ F6F6793B7F17B550ECFDBD3B229173F7 ] agp440 C:\Windows\system32\drivers\agp440.sys
12:02:02.0237 4804 agp440 - ok
12:02:02.0268 4804 [ 222CB641B4B8A1D1126F8033F9FD6A00 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
12:02:02.0268 4804 aic78xx - ok
12:02:02.0284 4804 [ 5922F4F59B7868F3D74BBBBEB7B825A3 ] ALG C:\Windows\System32\alg.exe
12:02:02.0284 4804 ALG - ok
12:02:02.0299 4804 [ 157D0898D4B73F075CE9FA26B482DF98 ] aliide C:\Windows\system32\drivers\aliide.sys
12:02:02.0299 4804 aliide - ok
12:02:02.0330 4804 [ 970FA5059E61E30D25307B99903E991E ] amdide C:\Windows\system32\drivers\amdide.sys
12:02:02.0330 4804 amdide - ok
12:02:02.0346 4804 [ CDC3632A3A5EA4DBB83E46076A3165A1 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
12:02:02.0346 4804 AmdK8 - ok
12:02:02.0362 4804 [ 9C37B3FD5615477CB9A0CD116CF43F5C ] Appinfo C:\Windows\System32\appinfo.dll
12:02:02.0362 4804 Appinfo - ok
12:02:02.0408 4804 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:02:02.0408 4804 Apple Mobile Device - ok
12:02:02.0455 4804 [ BA8417D4765F3988FF921F30F630E303 ] arc C:\Windows\system32\drivers\arc.sys
12:02:02.0455 4804 arc - ok
12:02:02.0486 4804 [ 9D41C435619733B34CC16A511E644B11 ] arcsas C:\Windows\system32\drivers\arcsas.sys
12:02:02.0486 4804 arcsas - ok
12:02:02.0502 4804 [ 22D13FF3DAFEC2A80634752B1EAA2DE6 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:02:02.0502 4804 AsyncMac - ok
12:02:02.0533 4804 [ E68D9B3A3905619732F7FE039466A623 ] atapi C:\Windows\system32\drivers\atapi.sys
12:02:02.0533 4804 atapi - ok
12:02:02.0549 4804 [ 79318C744693EC983D20E9337A2F8196 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:02:02.0564 4804 AudioEndpointBuilder - ok
12:02:02.0596 4804 [ 79318C744693EC983D20E9337A2F8196 ] AudioSrv C:\Windows\System32\Audiosrv.dll
12:02:02.0596 4804 AudioSrv - ok
12:02:03.0001 4804 [ F6A528DE535396C2FB1A4E3C6F00CEC4 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
12:02:03.0032 4804 AVGIDSAgent - ok
12:02:03.0079 4804 [ 1B2E9FCDC26DC7C81D4131430E2DC936 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
12:02:03.0079 4804 AVGIDSDriver - ok
12:02:03.0110 4804 [ 0F293406F64B48D5D2F0D3A1117F3A83 ] AVGIDSFilter C:\Windows\system32\DRIVERS\avgidsfiltera.sys
12:02:03.0110 4804 AVGIDSFilter - ok
12:02:03.0142 4804 [ CFFC3A4A638F462E0561CB368B9A7A3A ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
12:02:03.0142 4804 AVGIDSHA - ok
12:02:03.0173 4804 [ 221FEBAB02D6C97C95558348CC354A85 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
12:02:03.0173 4804 Avgldx64 - ok
12:02:03.0220 4804 [ A6AEC362AAE5E2DDA7445E7690CB0F33 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
12:02:03.0220 4804 Avgmfx64 - ok
12:02:03.0251 4804 [ 645C7F0A0E39758A0024A9B1748273C0 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
12:02:03.0251 4804 Avgrkx64 - ok
12:02:03.0282 4804 [ F8C3C7ED612A41B05C66358FC9786BFD ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
12:02:03.0282 4804 Avgtdia - ok
12:02:03.0313 4804 [ F058E434232A91940BB31D5F41AAEE42 ] avgtp C:\Windows\system32\drivers\avgtpx64.sys
12:02:03.0313 4804 avgtp - ok
12:02:03.0344 4804 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
12:02:03.0344 4804 avgwd - ok
12:02:03.0391 4804 [ 79FEEB40056683F8F61398D81DDA65D2 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
12:02:03.0391 4804 blbdrive - ok
12:02:03.0454 4804 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:02:03.0469 4804 Bonjour Service - ok
12:02:03.0500 4804 [ 2348447A80920B2493A9B582A23E81E1 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:02:03.0500 4804 bowser - ok
12:02:03.0516 4804 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
12:02:03.0516 4804 BrFiltLo - ok
12:02:03.0532 4804 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
12:02:03.0532 4804 BrFiltUp - ok
12:02:03.0578 4804 [ A1B39DE453433B115B4EA69EE0343816 ] Browser C:\Windows\System32\browser.dll
12:02:03.0578 4804 Browser - ok
12:02:03.0594 4804 [ F0F0BA4D815BE446AA6A4583CA3BCA9B ] Brserid C:\Windows\system32\drivers\brserid.sys
12:02:03.0594 4804 Brserid - ok
12:02:03.0625 4804 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
12:02:03.0625 4804 BrSerWdm - ok
12:02:03.0641 4804 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
12:02:03.0641 4804 BrUsbMdm - ok
12:02:03.0656 4804 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
12:02:03.0656 4804 BrUsbSer - ok
12:02:03.0672 4804 BTCFilterService - ok
12:02:03.0719 4804 [ E0777B34E05F8A82A21856EFC900C29F ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
12:02:03.0719 4804 BTHMODEM - ok
12:02:03.0750 4804 [ 797C36E597F9FC4EFD88E6E0E98ABE37 ] CAXHWBS2 C:\Windows\system32\DRIVERS\CAXHWBS2.sys
12:02:03.0750 4804 CAXHWBS2 - ok
12:02:03.0766 4804 [ B4D787DB8D30793A4D4DF9FEED18F136 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:02:03.0781 4804 cdfs - ok
12:02:03.0812 4804 [ C025AA69BE3D0D25C7A2E746EF6F94FC ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
12:02:03.0812 4804 cdrom - ok
12:02:03.0844 4804 [ 5A268127633C7EE2A7FB87F39D748D56 ] CertPropSvc C:\Windows\System32\certprop.dll
12:02:03.0844 4804 CertPropSvc - ok
12:02:03.0875 4804 [ 02EA568D498BBDD4BA55BF3FCE34D456 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
12:02:03.0875 4804 circlass - ok
12:02:03.0890 4804 [ 3DCA9A18B204939CFB24BEA53E31EB48 ] CLFS C:\Windows\system32\CLFS.sys
12:02:03.0906 4804 CLFS - ok
12:02:03.0953 4804 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:02:03.0953 4804 clr_optimization_v2.0.50727_32 - ok
12:02:04.0000 4804 [ CE07A466201096F021CD09D631B21540 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:02:04.0000 4804 clr_optimization_v2.0.50727_64 - ok
12:02:04.0046 4804 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:02:04.0062 4804 clr_optimization_v4.0.30319_32 - ok
12:02:04.0078 4804 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:02:04.0078 4804 clr_optimization_v4.0.30319_64 - ok
12:02:04.0093 4804 [ E5D5499A1C50A54B5161296B6AFE6192 ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:02:04.0093 4804 cmdide - ok
12:02:04.0109 4804 [ 7FB8AD01DB0EABE60C8A861531A8F431 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
12:02:04.0109 4804 Compbatt - ok
12:02:04.0124 4804 COMSysApp - ok
12:02:04.0140 4804 [ A8585B6412253803CE8EFCBD6D6DC15C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
12:02:04.0140 4804 crcdisk - ok
12:02:04.0171 4804 [ 62740B9D2A137E8CED41A9E4239A7A31 ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:02:04.0187 4804 CryptSvc - ok
12:02:04.0249 4804 [ 80861969541971176E005D2C09DAE851 ] DAUpdaterSvc C:\Program Files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
12:02:04.0265 4804 DAUpdaterSvc - ok
12:02:04.0296 4804 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] DcomLaunch C:\Windows\system32\rpcss.dll
12:02:04.0327 4804 DcomLaunch - ok
12:02:04.0343 4804 [ 8B722BA35205C71E7951CDC4CDBADE19 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:02:04.0343 4804 DfsC - ok
12:02:04.0436 4804 [ C647F468F7DE343DF8C143655C5557D4 ] DFSR C:\Windows\system32\DFSR.exe
12:02:04.0499 4804 DFSR - ok
12:02:04.0530 4804 [ 3ED0321127CE70ACDAABBF77E157C2A7 ] Dhcp C:\Windows\System32\dhcpcsvc.dll
12:02:04.0530 4804 Dhcp - ok
12:02:04.0561 4804 [ B0107E40ECDB5FA692EBF832F295D905 ] disk C:\Windows\system32\drivers\disk.sys
12:02:04.0561 4804 disk - ok
12:02:04.0592 4804 [ 06230F1B721494A6DF8D47FD395BB1B0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:02:04.0592 4804 Dnscache - ok
12:02:04.0624 4804 [ 1A7156DD1E850E9914E5E991E3225B94 ] dot3svc C:\Windows\System32\dot3svc.dll
12:02:04.0624 4804 dot3svc - ok
12:02:04.0655 4804 [ 74C02B1717740C3B8039539E23E4B53F ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
12:02:04.0655 4804 Dot4 - ok
12:02:04.0686 4804 [ 08321D1860235BF42CF2854234337AEA ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
12:02:04.0686 4804 Dot4Print - ok
12:02:04.0702 4804 [ 4ADCCF0124F2B6911D3786A5D0E779E5 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
12:02:04.0702 4804 dot4usb - ok
12:02:04.0733 4804 [ 1583B39790DB3EAEC7EDB0CB0140C708 ] DPS C:\Windows\system32\dps.dll
12:02:04.0733 4804 DPS - ok
12:02:04.0764 4804 [ F1A78A98CFC2EE02144C6BEC945447E6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:02:04.0764 4804 drmkaud - ok
12:02:04.0873 4804 [ B8E554E502D5123BC111F99D6A2181B4 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:02:04.0889 4804 DXGKrnl - ok
12:02:04.0920 4804 [ 264CEE7B031A9D6C827F3D0CB031F2FE ] E1G60 C:\Windows\system32\DRIVERS\E1G6032E.sys
12:02:04.0920 4804 E1G60 - ok
12:02:04.0936 4804 [ C2303883FD9BE49DC36A6400643002EA ] EapHost C:\Windows\System32\eapsvc.dll
12:02:04.0936 4804 EapHost - ok
12:02:04.0967 4804 [ 5F94962BE5A62DB6E447FF6470C4F48A ] Ecache C:\Windows\system32\drivers\ecache.sys
12:02:04.0967 4804 Ecache - ok
12:02:05.0029 4804 [ 14CE384D2E27B64C256BDA4DC39C312D ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:02:05.0029 4804 ehRecvr - ok
12:02:05.0060 4804 [ B93159C1313D66FDFBBE876F5189CD52 ] ehSched C:\Windows\ehome\ehsched.exe
12:02:05.0060 4804 ehSched - ok
12:02:05.0076 4804 [ F5EE2527D74449868E3C3227A59BCD28 ] ehstart C:\Windows\ehome\ehstart.dll
12:02:05.0076 4804 ehstart - ok
12:02:05.0107 4804 [ C4636D6E10469404AB5308D9FD45ED07 ] elxstor C:\Windows\system32\drivers\elxstor.sys
12:02:05.0107 4804 elxstor - ok
12:02:05.0138 4804 [ A9B18B63A4FD6BAAB83326706D857FAB ] EMDMgmt C:\Windows\system32\emdmgmt.dll
12:02:05.0154 4804 EMDMgmt - ok
12:02:05.0170 4804 [ BC3A58E938BB277E46BF4B3003B01ABD ] ErrDev C:\Windows\system32\drivers\errdev.sys
12:02:05.0170 4804 ErrDev - ok
12:02:05.0216 4804 [ 4D06D9A26227AC485305133916888DF1 ] ETService C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe
12:02:05.0216 4804 ETService - ok
12:02:05.0248 4804 [ E12F22B73F153DECE721CD45EC05B4AF ] EventSystem C:\Windows\system32\es.dll
12:02:05.0248 4804 EventSystem - ok
12:02:05.0279 4804 [ 486844F47B6636044A42454614ED4523 ] exfat C:\Windows\system32\drivers\exfat.sys
12:02:05.0279 4804 exfat - ok
12:02:05.0310 4804 [ 1A4BEE34277784619DDAF0422C0C6E23 ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:02:05.0310 4804 fastfat - ok
12:02:05.0341 4804 [ 81B79B6DF71FA1D2C6D688D830616E39 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
12:02:05.0341 4804 fdc - ok
12:02:05.0357 4804 [ BB9267ACACD8B7533DD936C34A0CBA5E ] fdPHost C:\Windows\system32\fdPHost.dll
12:02:05.0372 4804 fdPHost - ok
12:02:05.0388 4804 [ 300C80931EABBE1DB7591C516EFE8D0F ] FDResPub C:\Windows\system32\fdrespub.dll
12:02:05.0388 4804 FDResPub - ok
12:02:05.0404 4804 [ 457B7D1D533E4BD62A99AED9C7BB4C59 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:02:05.0404 4804 FileInfo - ok
12:02:05.0435 4804 [ D421327FD6EFCCAF884A54C58E1B0D7F ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:02:05.0435 4804 Filetrace - ok
12:02:05.0450 4804 [ 230923EA2B80F79B0F88D90F87B87EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
12:02:05.0450 4804 flpydisk - ok
12:02:05.0466 4804 [ E3041BC26D6930D61F42AEDB79C91720 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:02:05.0466 4804 FltMgr - ok
12:02:05.0528 4804 [ BE1C5BD1CA7ED015BC6FA1AE67E592C8 ] FontCache C:\Windows\system32\FntCache.dll
12:02:05.0544 4804 FontCache - ok
12:02:05.0606 4804 [ BC5B0BE5AF3510B0FD8C140EE42C6D3E ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:02:05.0606 4804 FontCache3.0.0.0 - ok
12:02:05.0622 4804 [ 5779B86CD8B32519FBECB136394D946A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:02:05.0622 4804 Fs_Rec - ok
12:02:05.0638 4804 [ C8E416668D3DC2BE3D4FE4C79224997F ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
12:02:05.0638 4804 gagp30kx - ok
12:02:05.0700 4804 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
12:02:05.0700 4804 GamesAppService - ok
12:02:05.0731 4804 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:02:05.0731 4804 GEARAspiWDM - ok
12:02:05.0762 4804 [ A0E1B575BA8F504968CD40C0FAEB2384 ] gpsvc C:\Windows\System32\gpsvc.dll
12:02:05.0762 4804 gpsvc - ok
12:02:05.0809 4804 [ 626A24ED1228580B9518C01930936DF9 ] gupdate1ca45351831fa7b C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:02:05.0809 4804 gupdate1ca45351831fa7b - ok
12:02:05.0825 4804 [ 626A24ED1228580B9518C01930936DF9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:02:05.0825 4804 gupdatem - ok
12:02:05.0887 4804 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
12:02:05.0887 4804 gusvc - ok
12:02:05.0934 4804 [ DF45F8142DC6DF9D18C39B3EFFBD0409 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:02:05.0934 4804 HdAudAddService - ok
12:02:05.0965 4804 [ F942C5820205F2FB453243EDFEC82A3D ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
12:02:05.0981 4804 HDAudBus - ok
12:02:05.0996 4804 [ B4881C84A180E75B8C25DC1D726C375F ] HidBth C:\Windows\system32\drivers\hidbth.sys
12:02:05.0996 4804 HidBth - ok
12:02:06.0012 4804 [ 5F47839455D01FF6403B008D481A6F5B ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
12:02:06.0012 4804 HidIr - ok
12:02:06.0059 4804 [ 59361D38A297755D46A540E450202B2A ] hidserv C:\Windows\system32\hidserv.dll
12:02:06.0059 4804 hidserv - ok
12:02:06.0074 4804 [ 443BDD2D30BB4F00795C797E2CF99EDF ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
12:02:06.0074 4804 HidUsb - ok
12:02:06.0090 4804 [ B12F367EA39C0795FD57E31242CE1A5A ] hkmsvc C:\Windows\system32\kmsvc.dll
12:02:06.0106 4804 hkmsvc - ok
12:02:06.0121 4804 [ D7109A1E6BD2DFDBCBA72A6BC626A13B ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
12:02:06.0121 4804 HpCISSs - ok
12:02:06.0199 4804 [ 1E260B33F6555146A0B826F047238C00 ] HSF_DPV C:\Windows\system32\DRIVERS\CAX_DPV.sys
12:02:06.0230 4804 HSF_DPV - ok
12:02:06.0262 4804 [ 098F1E4E5C9CB5B0063A959063631610 ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:02:06.0277 4804 HTTP - ok
12:02:06.0293 4804 [ DA94C854CEA5FAC549D4E1F6E88349E8 ] i2omp C:\Windows\system32\drivers\i2omp.sys
12:02:06.0293 4804 i2omp - ok
12:02:06.0324 4804 [ CBB597659A2713CE0C9CC20C88C7591F ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
12:02:06.0324 4804 i8042prt - ok
12:02:06.0340 4804 [ 3E3BF3627D886736D0B4E90054F929F6 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
12:02:06.0340 4804 iaStorV - ok
12:02:06.0386 4804 [ 749F5F8CEDCA70F2A512945325FC489D ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:02:06.0402 4804 idsvc - ok
12:02:06.0433 4804 [ 8C3951AD2FE886EF76C7B5027C3125D3 ] iirsp C:\Windows\system32\drivers\iirsp.sys
12:02:06.0433 4804 iirsp - ok
12:02:06.0464 4804 [ 0C9EA6E654E7B0471741E343A6C671AF ] IKEEXT C:\Windows\System32\ikeext.dll
12:02:06.0480 4804 IKEEXT - ok
12:02:06.0542 4804 [ 8C7FA71CB1EBCD3EDE8958D27B1BF0B4 ] int15 C:\Windows\SysWOW64\drivers\int15_64.sys
12:02:06.0542 4804 int15 - ok
12:02:06.0620 4804 [ B3FB479A7C0626499EB5989BC087CF8D ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
12:02:06.0636 4804 IntcAzAudAddService - ok
12:02:06.0667 4804 [ DF797A12176F11B2D301C5B234BB200E ] intelide C:\Windows\system32\drivers\intelide.sys
12:02:06.0667 4804 intelide - ok
12:02:06.0683 4804 [ BFD84AF32FA1BAD6231C4585CB469630 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:02:06.0683 4804 intelppm - ok
12:02:06.0730 4804 [ 5624BC1BC5EEB49C0AB76A8114F05EA3 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:02:06.0730 4804 IPBusEnum - ok
12:02:06.0761 4804 [ D8AABC341311E4780D6FCE8C73C0AD81 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:02:06.0761 4804 IpFilterDriver - ok
12:02:06.0761 4804 IpInIp - ok
12:02:06.0776 4804 [ 9C2EE2E6E5A7203BFAE15C299475EC67 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
12:02:06.0792 4804 IPMIDRV - ok
12:02:06.0792 4804 [ B7E6212F581EA5F6AB0C3A6CEEEB89BE ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
12:02:06.0808 4804 IPNAT - ok
12:02:06.0839 4804 [ D38469601B72D2DA4F847FC642174E21 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
12:02:06.0854 4804 iPod Service - ok
12:02:06.0870 4804 [ 8C42CA155343A2F11D29FECA67FAA88D ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:02:06.0870 4804 IRENUM - ok
12:02:06.0886 4804 [ 0672BFCEDC6FC468A2B0500D81437F4F ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:02:06.0886 4804 isapnp - ok
12:02:06.0917 4804 [ E4FDF99599F27EC25D2CF6D754243520 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
12:02:06.0917 4804 iScsiPrt - ok
12:02:06.0932 4804 [ 63C766CDC609FF8206CB447A65ABBA4A ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
12:02:06.0932 4804 iteatapi - ok
12:02:06.0964 4804 [ 1281FE73B17664631D12F643CBEA3F59 ] iteraid C:\Windows\system32\drivers\iteraid.sys
12:02:06.0979 4804 iteraid - ok
12:02:06.0995 4804 [ 423696F3BA6472DD17699209B933BC26 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
12:02:06.0995 4804 kbdclass - ok
12:02:07.0026 4804 [ DBDF75D51464FBC47D0104EC3D572C05 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
12:02:07.0026 4804 kbdhid - ok
12:02:07.0042 4804 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] KeyIso C:\Windows\system32\lsass.exe
12:02:07.0057 4804 KeyIso - ok
12:02:07.0104 4804 [ 524503240D2BA280D97E2297102151CE ] kl1 C:\Windows\system32\DRIVERS\kl1.sys
12:02:07.0104 4804 kl1 - ok
12:02:07.0120 4804 [ 6AB7B4B65C5E201CB968DEC20AF10DCB ] KLIF C:\Windows\system32\DRIVERS\klif.sys
12:02:07.0135 4804 KLIF - ok
12:02:07.0151 4804 [ 2758D174604F597BBC8A217FF667913D ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:02:07.0166 4804 KSecDD - ok
12:02:07.0182 4804 [ 1D419CF43DB29396ECD7113D129D94EB ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
12:02:07.0182 4804 ksthunk - ok
12:02:07.0213 4804 [ 1FAF6926F3416D3DA05C5B265491BDAE ] KtmRm C:\Windows\system32\msdtckrm.dll
12:02:07.0229 4804 KtmRm - ok
12:02:07.0244 4804 [ 50C7A3CB427E9BB5ED0708A669956AB5 ] LanmanServer C:\Windows\system32\srvsvc.dll
12:02:07.0244 4804 LanmanServer - ok
12:02:07.0276 4804 [ CAF86FC1388BE1E470F1A7B43E348ADB ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:02:07.0276 4804 LanmanWorkstation - ok
12:02:07.0307 4804 [ 797289607A5EBF31353AA5EAD141F872 ] LeapFrog-USBLAN C:\Windows\system32\DRIVERS\btblan.sys
12:02:07.0307 4804 LeapFrog-USBLAN - ok
12:02:07.0322 4804 [ 96ECE2659B6654C10A0C310AE3A6D02C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:02:07.0322 4804 lltdio - ok
12:02:07.0354 4804 [ 961CCBD0B1CCB5675D64976FAE37D092 ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:02:07.0354 4804 lltdsvc - ok
12:02:07.0369 4804 [ A47F8080CACC23C91FE823AD19AA5612 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:02:07.0369 4804 lmhosts - ok
12:02:07.0385 4804 [ ACBE1AF32D3123E330A07BFBC5EC4A9B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
12:02:07.0385 4804 LSI_FC - ok
12:02:07.0416 4804 [ 799FFB2FC4729FA46D2157C0065B3525 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
12:02:07.0416 4804 LSI_SAS - ok
12:02:07.0432 4804 [ F445FF1DAAD8A226366BFAF42551226B ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
12:02:07.0432 4804 LSI_SCSI - ok
12:02:07.0447 4804 [ 52F87B9CC8932C2A7375C3B2A9BE5E3E ] luafv C:\Windows\system32\drivers\luafv.sys
12:02:07.0447 4804 luafv - ok
12:02:07.0494 4804 [ 8B03202C731A0B967927EB7E5B2E470C ] mbamchameleon C:\Windows\system32\drivers\mbamchameleon.sys
12:02:07.0494 4804 mbamchameleon - ok
12:02:07.0541 4804 [ 944B3087B142CD9BF8DA6B3039FBFBA5 ] McciCMService C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
12:02:07.0541 4804 McciCMService - ok
12:02:07.0603 4804 [ FBD57A7C443C85CC6C6169493A020FDF ] McciCMService64 C:\Program Files\Common Files\Motive\McciCMService.exe
12:02:07.0603 4804 McciCMService64 - ok
12:02:07.0619 4804 [ 76A58DF02BD4EA29F189B82D0BEF17F8 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:02:07.0634 4804 Mcx2Svc - ok
12:02:07.0650 4804 [ E4F44EC214B3E381E1FC844A02926666 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
12:02:07.0650 4804 mdmxsdk - ok
12:02:07.0666 4804 [ 5C5CD6AACED32FB26C3FB34B3DCF972F ] megasas C:\Windows\system32\drivers\megasas.sys
12:02:07.0681 4804 megasas - ok
12:02:07.0697 4804 [ 859BC2436B076C77C159ED694ACFE8F8 ] MegaSR C:\Windows\system32\drivers\megasr.sys
12:02:07.0697 4804 MegaSR - ok
12:02:07.0728 4804 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] MMCSS C:\Windows\system32\mmcss.dll
12:02:07.0728 4804 MMCSS - ok
12:02:07.0744 4804 [ 59848D5CC74606F0EE7557983BB73C2E ] Modem C:\Windows\system32\drivers\modem.sys
12:02:07.0744 4804 Modem - ok
12:02:07.0775 4804 [ C247CC2A57E0A0C8C6DCCF7807B3E9E5 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:02:07.0775 4804 monitor - ok
12:02:07.0790 4804 motandroidusb - ok
12:02:07.0822 4804 motccgp - ok
12:02:07.0822 4804 motccgpfl - ok
12:02:07.0837 4804 motmodem - ok
12:02:07.0853 4804 MotoSwitchService - ok
12:02:07.0853 4804 Motousbnet - ok
12:02:07.0868 4804 motusbdevice - ok
12:02:07.0868 4804 [ 9367304E5E412B120CF5F4EA14E4E4F1 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
12:02:07.0884 4804 mouclass - ok
12:02:07.0900 4804 [ C2C2BD5C5CE5AAF786DDD74B75D2AC69 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:02:07.0900 4804 mouhid - ok
12:02:07.0915 4804 [ 11BC9B1E8801B01F7F6ADB9EAD30019B ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
12:02:07.0931 4804 MountMgr - ok
12:02:07.0946 4804 [ F8276EB8698142884498A528DFEA8478 ] mpio C:\Windows\system32\drivers\mpio.sys
12:02:07.0962 4804 mpio - ok
12:02:07.0978 4804 [ C92B9ABDB65A5991E00C28F13491DBA2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:02:07.0978 4804 mpsdrv - ok
12:02:07.0993 4804 [ 3C200630A89EF2C0864D515B7A75802E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
12:02:07.0993 4804 Mraid35x - ok
12:02:08.0024 4804 [ 9BD4DCB5412921864A7AACDEDFBD1923 ] MREMP50 C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS
12:02:08.0024 4804 MREMP50 - ok
12:02:08.0024 4804 MREMP50a64 - ok
12:02:08.0040 4804 MREMPR5 - ok
12:02:08.0040 4804 MRENDIS5 - ok
12:02:08.0056 4804 [ 07C02C892E8E1A72D6BF35004F0E9C5E ] MRESP50 C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS
12:02:08.0056 4804 MRESP50 - ok
12:02:08.0071 4804 MRESP50a64 - ok
12:02:08.0087 4804 [ 7C1DE4AA96DC0C071611F9E7DE02A68D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:02:08.0087 4804 MRxDAV - ok
12:02:08.0118 4804 [ 1485811B320FF8C7EDAD1CAEBB1C6C2B ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:02:08.0118 4804 mrxsmb - ok
12:02:08.0149 4804 [ 3B929A60C833FC615FD97FBA82BC7632 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:02:08.0149 4804 mrxsmb10 - ok
12:02:08.0180 4804 [ C64AB3E1F53B4F5B5BB6D796B2D7BEC3 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:02:08.0180 4804 mrxsmb20 - ok
12:02:08.0196 4804 [ 1AC860612B85D8E85EE257D372E39F4D ] msahci C:\Windows\system32\drivers\msahci.sys
12:02:08.0196 4804 msahci - ok
12:02:08.0212 4804 [ 264BBB4AAF312A485F0E44B65A6B7202 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:02:08.0212 4804 msdsm - ok
12:02:08.0243 4804 [ 7EC02CE772F068ED0BEAFA3DA341A9BC ] MSDTC C:\Windows\System32\msdtc.exe
12:02:08.0243 4804 MSDTC - ok
12:02:08.0274 4804 [ 704F59BFC4512D2BB0146AEC31B10A7C ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:02:08.0274 4804 Msfs - ok
12:02:08.0290 4804 [ 00EBC952961664780D43DCA157E79B27 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:02:08.0290 4804 msisadrv - ok
12:02:08.0321 4804 [ 366B0C1F4478B519C181E37D43DCDA32 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:02:08.0321 4804 MSiSCSI - ok
12:02:08.0321 4804 msiserver - ok
12:02:08.0352 4804 [ 0EA73E498F53B96D83DBFCA074AD4CF8 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:02:08.0352 4804 MSKSSRV - ok
12:02:08.0383 4804 [ 52E59B7E992A58E740AA63F57EDBAE8B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:02:08.0383 4804 MSPCLOCK - ok
12:02:08.0399 4804 [ 49084A75BAE043AE02D5B44D02991BB2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:02:08.0399 4804 MSPQM - ok
12:02:08.0430 4804 [ DC6CCF440CDEDE4293DB41C37A5060A5 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:02:08.0430 4804 MsRPC - ok
12:02:08.0446 4804 [ 855796E59DF77EA93AF46F20155BF55B ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
12:02:08.0446 4804 mssmbios - ok
12:02:08.0461 4804 [ 86D632D75D05D5B7C7C043FA3564AE86 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:02:08.0461 4804 MSTEE - ok
12:02:08.0477 4804 [ 0CC49F78D8ACA0877D885F149084E543 ] Mup C:\Windows\system32\Drivers\mup.sys
12:02:08.0492 4804 Mup - ok
12:02:08.0508 4804 [ A5B10C845E7538C60C0F5D87A57CB3F5 ] napagent C:\Windows\system32\qagentRT.dll
12:02:08.0524 4804 napagent - ok
12:02:08.0539 4804 [ 2007B826C4ACD94AE32232B41F0842B9 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:02:08.0555 4804 NativeWifiP - ok
12:02:08.0586 4804 [ 65950E07329FCEE8E6516B17C8D0ABB6 ] NDIS C:\Windows\system32\drivers\ndis.sys
12:02:08.0602 4804 NDIS - ok
12:02:08.0617 4804 [ 64DF698A425478E321981431AC171334 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:02:08.0617 4804 NdisTapi - ok
12:02:08.0633 4804 [ 8BAA43196D7B5BB972C9A6B2BBF61A19 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:02:08.0633 4804 Ndisuio - ok
12:02:08.0648 4804 [ F8158771905260982CE724076419EF19 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:02:08.0648 4804 NdisWan - ok
12:02:08.0664 4804 [ 9CB77ED7CB72850253E973A2D6AFDF49 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:02:08.0664 4804 NDProxy - ok
12:02:08.0695 4804 [ 458A00528BF213A31F51896EC37B91F4 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
12:02:08.0695 4804 Net Driver HPZ12 - ok
12:02:08.0711 4804 [ A499294F5029A7862ADC115BDA7371CE ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:02:08.0711 4804 NetBIOS - ok
12:02:08.0726 4804 [ FC2C792EBDDC8E28DF939D6A92C83D61 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
12:02:08.0726 4804 netbt - ok
12:02:08.0742 4804 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] Netlogon C:\Windows\system32\lsass.exe
12:02:08.0758 4804 Netlogon - ok
12:02:08.0789 4804 [ 9B63B29DEFC0F3115A559D2597BF5D75 ] Netman C:\Windows\System32\netman.dll
12:02:08.0789 4804 Netman - ok
12:02:08.0820 4804 [ 7846D0136CC2B264926A73047BA7688A ] netprofm C:\Windows\System32\netprofm.dll
12:02:08.0820 4804 netprofm - ok
12:02:08.0836 4804 [ 74751DDA198165947FD7454D83F49825 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:02:08.0851 4804 NetTcpPortSharing - ok
12:02:08.0867 4804 [ 4AC08BD6AF2DF42E0C3196D826C8AEA7 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
12:02:08.0867 4804 nfrd960 - ok
12:02:08.0882 4804 [ F145BF4C4668E7E312069F81EF847CFC ] NlaSvc C:\Windows\System32\nlasvc.dll
12:02:08.0882 4804 NlaSvc - ok
12:02:08.0914 4804 [ B298874F8E0EA93F06EC40AA8D146478 ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:02:08.0929 4804 Npfs - ok
12:02:08.0929 4804 [ ACB62BAA1C319B17752553DF3026EEEB ] nsi C:\Windows\system32\nsisvc.dll
12:02:08.0929 4804 nsi - ok
12:02:08.0945 4804 [ 1523AF19EE8B030BA682F7A53537EAEB ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:02:08.0945 4804 nsiproxy - ok
12:02:08.0992 4804 [ BAC869DFB98E499BA4D9BB1FB43270E1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:02:09.0023 4804 Ntfs - ok
12:02:09.0038 4804 [ DD5D684975352B85B52E3FD5347C20CB ] Null C:\Windows\system32\drivers\Null.sys
12:02:09.0054 4804 Null - ok
12:02:09.0101 4804 [ 99ED33F7FE39026A477893D92AEA5EF0 ] NVENETFD C:\Windows\system32\DRIVERS\nvmfdx64.sys
12:02:09.0132 4804 NVENETFD - ok
12:02:09.0163 4804 [ 87A7E98A682B0B20820BE781C7758B94 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
12:02:09.0163 4804 NVHDA - ok
12:02:09.0319 4804 [ 12BDF9809840AE7CC9AB627B3BB933C5 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
12:02:09.0460 4804 nvlddmkm - ok
12:02:09.0491 4804 [ 2C040B7ADA5B06F6FACADAC8514AA034 ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:02:09.0491 4804 nvraid - ok
12:02:09.0522 4804 [ A4B9AF8D1793F67CE894BF051342110F ] nvrd64 C:\Windows\system32\drivers\nvrd64.sys
12:02:09.0522 4804 nvrd64 - ok
12:02:09.0538 4804 [ 99F119FA421774AE8595B7BED932E1A4 ] nvsmu C:\Windows\system32\DRIVERS\nvsmu.sys
12:02:09.0538 4804 nvsmu - ok
12:02:09.0553 4804 [ F7EA0FE82842D05EDA3EFDD376DBFDBA ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:02:09.0553 4804 nvstor - ok
12:02:09.0584 4804 [ 7919EE9458B6D84517BC5A598D795931 ] nvstor64 C:\Windows\system32\drivers\nvstor64.sys
12:02:09.0584 4804 nvstor64 - ok
12:02:09.0616 4804 [ AE20369AB671CF1D4F7541A9605094B4 ] nvsvc C:\Windows\system32\nvvsvc.exe
12:02:09.0616 4804 nvsvc - ok
12:02:09.0631 4804 [ 19067CA93075EF4823E3938A686F532F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:02:09.0647 4804 nv_agp - ok
12:02:09.0647 4804 NwlnkFlt - ok
12:02:09.0647 4804 NwlnkFwd - ok
12:02:09.0709 4804 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:02:09.0709 4804 odserv - ok
12:02:09.0740 4804 [ B5B1CE65AC15BBD11C0619E3EF7CFC28 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
12:02:09.0740 4804 ohci1394 - ok
12:02:09.0756 4804 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:02:09.0772 4804 ose - ok
12:02:09.0787 4804 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2pimsvc C:\Windows\system32\p2psvc.dll
12:02:09.0818 4804 p2pimsvc - ok
12:02:09.0834 4804 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2psvc C:\Windows\system32\p2psvc.dll
12:02:09.0834 4804 p2psvc - ok
12:02:09.0850 4804 [ AECD57F94C887F58919F307C35498EA0 ] Parport C:\Windows\system32\drivers\parport.sys
12:02:09.0865 4804 Parport - ok
12:02:09.0881 4804 [ B43751085E2ABE389DA466BC62A4B987 ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:02:09.0881 4804 partmgr - ok
12:02:09.0896 4804 [ 9AB157B374192FF276C1628FBDBA2B0E ] PcaSvc C:\Windows\System32\pcasvc.dll
12:02:09.0912 4804 PcaSvc - ok
12:02:09.0928 4804 [ 47AB1E0FC9D0E12BB53BA246E3A0906D ] pci C:\Windows\system32\drivers\pci.sys
12:02:09.0928 4804 pci - ok
12:02:09.0943 4804 [ 2657F6C0B78C36D95034BE109336E382 ] pciide C:\Windows\system32\drivers\pciide.sys
12:02:09.0943 4804 pciide - ok
12:02:09.0990 4804 [ 037661F3D7C507C9993B7010CEEE6288 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
12:02:09.0990 4804 pcmcia - ok
12:02:10.0021 4804 [ 58865916F53592A61549B04941BFD80D ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:02:10.0037 4804 PEAUTH - ok
12:02:10.0052 4804 [ 0ED8727EA0172860F47258456C06CAEA ] PerfHost C:\Windows\SysWow64\perfhost.exe
12:02:10.0068 4804 PerfHost - ok
12:02:10.0115 4804 [ E9E68C1A0F25CF4A7AC966EEA74EE89E ] pla C:\Windows\system32\pla.dll
12:02:10.0146 4804 pla - ok
12:02:10.0162 4804 [ FE6B0F59215C9FD9F9D26539C58C8B82 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:02:10.0177 4804 PlugPlay - ok
12:02:10.0193 4804 [ BB3BF7B26DAADCBAB3BA90C4BCF9E73C ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
12:02:10.0193 4804 Pml Driver HPZ12 - ok
12:02:10.0208 4804 PnkBstrA - ok
12:02:10.0224 4804 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
12:02:10.0240 4804 PNRPAutoReg - ok
12:02:10.0255 4804 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPsvc C:\Windows\system32\p2psvc.dll
12:02:10.0255 4804 PNRPsvc - ok
12:02:10.0286 4804 [ 89A5560671C2D8B4A4B51F3E1AA069D8 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:02:10.0302 4804 PolicyAgent - ok
12:02:10.0349 4804 [ 23386E9952025F5F21C368971E2E7301 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:02:10.0349 4804 PptpMiniport - ok
12:02:10.0380 4804 [ 5080E59ECEE0BC923F14018803AA7A01 ] Processor C:\Windows\system32\drivers\processr.sys
12:02:10.0380 4804 Processor - ok
12:02:10.0396 4804 [ E058CE4FC2449D8BFA14739C83B7FF2A ] ProfSvc C:\Windows\system32\profsvc.dll
12:02:10.0411 4804 ProfSvc - ok
12:02:10.0411 4804 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] ProtectedStorage C:\Windows\system32\lsass.exe
12:02:10.0411 4804 ProtectedStorage - ok
12:02:10.0474 4804 [ C5AB7F0809392D0DA027F4A2A81BFA31 ] PSched C:\Windows\system32\DRIVERS\pacer.sys
12:02:10.0474 4804 PSched - ok
12:02:10.0505 4804 [ 0B83F4E681062F3839BE2EC1D98FD94A ] ql2300 C:\Windows\system32\drivers\ql2300.sys
12:02:10.0520 4804 ql2300 - ok
12:02:10.0536 4804 [ E1C80F8D4D1E39EF9595809C1369BF2A ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
12:02:10.0536 4804 ql40xx - ok
12:02:10.0567 4804 [ 90574842C3DA781E279061A3EFF91F07 ] QWAVE C:\Windows\system32\qwave.dll
12:02:10.0583 4804 QWAVE - ok
12:02:10.0598 4804 [ E8D76EDAB77EC9C634C27B8EAC33ADC5 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:02:10.0598 4804 QWAVEdrv - ok
12:02:10.0614 4804 [ 1013B3B663A56D3DDD784F581C1BD005 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:02:10.0614 4804 RasAcd - ok
12:02:10.0630 4804 [ B2AE18F847D07F0044404DDF7CB04497 ] RasAuto C:\Windows\System32\rasauto.dll
12:02:10.0630 4804 RasAuto - ok
12:02:10.0645 4804 [ AC7BC4D42A7E558718DFDEC599BBFC2C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:02:10.0645 4804 Rasl2tp - ok
12:02:10.0661 4804 [ 3AD83E4046C43BE510DE681588ACB8AF ] RasMan C:\Windows\System32\rasmans.dll
12:02:10.0676 4804 RasMan - ok
12:02:10.0708 4804 [ 4517FBF8B42524AFE4EDE1DE102AAE3E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:02:10.0708 4804 RasPppoe - ok
12:02:10.0723 4804 [ C6A593B51F34C33E5474539544072527 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:02:10.0723 4804 RasSstp - ok
12:02:10.0754 4804 [ 322DB5C6B55E8D8EE8D6F358B2AAABB1 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:02:10.0770 4804 rdbss - ok
12:02:10.0770 4804 [ 603900CC05F6BE65CCBF373800AF3716 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:02:10.0786 4804 RDPCDD - ok
12:02:10.0801 4804 [ C045D1FB111C28DF0D1BE8D4BDA22C06 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
12:02:10.0817 4804 rdpdr - ok
12:02:10.0832 4804 [ CAB9421DAF3D97B33D0D055858E2C3AB ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:02:10.0832 4804 RDPENCDD - ok
12:02:10.0848 4804 [ AE4BD9E1C33D351D8E607FC81F15160C ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:02:10.0864 4804 RDPWD - ok
12:02:10.0910 4804 [ C612B9557DA73F70D41F8A6FBC8E5344 ] RemoteAccess C:\Windows\System32\mprdim.dll
12:02:10.0910 4804 RemoteAccess - ok
12:02:10.0942 4804 [ 44B9D8EC2F3EF3A0EFB00857AF70D861 ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:02:10.0942 4804 RemoteRegistry - ok
12:02:10.0988 4804 [ 9C3AC71A9934B884FAC567A8807E9C4D ] Revoflt C:\Windows\system32\DRIVERS\revoflt.sys
12:02:10.0988 4804 Revoflt - ok
12:02:11.0004 4804 [ F46C457840D4B7A4DAAFEE739CE04102 ] RpcLocator C:\Windows\system32\locator.exe
12:02:11.0004 4804 RpcLocator - ok
12:02:11.0035 4804 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] RpcSs C:\Windows\system32\rpcss.dll
12:02:11.0035 4804 RpcSs - ok
12:02:11.0066 4804 [ 22A9CB08B1A6707C1550C6BF099AAE73 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:02:11.0066 4804 rspndr - ok
12:02:11.0098 4804 [ B6B74A05F4DA0231D5D275568A104F89 ] RTSTOR C:\Windows\system32\drivers\RTSTOR64.SYS
12:02:11.0113 4804 RTSTOR - ok
12:02:11.0113 4804 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] SamSs C:\Windows\system32\lsass.exe
12:02:11.0113 4804 SamSs - ok
12:02:11.0300 4804 [ 99DF79C258B3342B6C8A5F802998DE56 ] SASDIFSV C:\Users\Jamie\AppData\Local\Temp\SAS_SelfExtract\SASDIFSV64.SYS
12:02:11.0300 4804 SASDIFSV - ok
12:02:11.0332 4804 [ 2859C35C0651E8EB0D86D48E740388F2 ] SASKUTIL C:\Users\Jamie\AppData\Local\Temp\SAS_SelfExtract\SASKUTIL64.SYS
12:02:11.0332 4804 SASKUTIL - ok
12:02:11.0347 4804 [ CD9C693589C60AD59BBBCFB0E524E01B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:02:11.0347 4804 sbp2port - ok
12:02:11.0363 4804 [ FD1CDCF108D5EF3366F00D18B70FB89B ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:02:11.0363 4804 SCardSvr - ok
12:02:11.0410 4804 [ 0F838C811AD295D2A4489B9993096C63 ] Schedule C:\Windows\system32\schedsvc.dll
12:02:11.0425 4804 Schedule - ok
12:02:11.0441 4804 [ 5A268127633C7EE2A7FB87F39D748D56 ] SCPolicySvc C:\Windows\System32\certprop.dll
12:02:11.0441 4804 SCPolicySvc - ok
12:02:11.0472 4804 [ 4FF71B076A7760FE75EA5AE2D0EE0018 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:02:11.0472 4804 SDRSVC - ok
12:02:11.0488 4804 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:02:11.0488 4804 secdrv - ok
12:02:11.0503 4804 [ 5ACDCBC67FCF894A1815B9F96D704490 ] seclogon C:\Windows\system32\seclogon.dll
12:02:11.0503 4804 seclogon - ok
12:02:11.0550 4804 [ 90973A64B96CD647FF81C79443618EED ] SENS C:\Windows\System32\sens.dll
12:02:11.0566 4804 SENS - ok
12:02:11.0581 4804 [ 2449316316411D65BD2C761A6FFB2CE2 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
12:02:11.0581 4804 Serenum - ok
12:02:11.0612 4804 [ 4B438170BE2FC8E0BD35EE87A960F84F ] Serial C:\Windows\system32\DRIVERS\serial.sys
12:02:11.0612 4804 Serial - ok
12:02:11.0628 4804 [ A842F04833684BCEEA7336211BE478DF ] sermouse C:\Windows\system32\drivers\sermouse.sys
12:02:11.0628 4804 sermouse - ok
12:02:11.0659 4804 [ A8E4A4407A09F35DCCC3771AF590B0C4 ] SessionEnv C:\Windows\system32\sessenv.dll
12:02:11.0659 4804 SessionEnv - ok
12:02:11.0675 4804 [ 14D4B4465193A87C127933978E8C4106 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:02:11.0675 4804 sffdisk - ok
12:02:11.0690 4804 [ 7073AEE3F82F3D598E3825962AA98AB2 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:02:11.0690 4804 sffp_mmc - ok
12:02:11.0706 4804 [ 35E59EBE4A01A0532ED67975161C7B82 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:02:11.0706 4804 sffp_sd - ok
12:02:11.0706 4804 [ 6B7838C94135768BD455CBDC23E39E5F ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
12:02:11.0706 4804 sfloppy - ok
12:02:11.0753 4804 [ 56793271ECDEDD350C5ADD305603E963 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:02:11.0768 4804 ShellHWDetection - ok
12:02:11.0768 4804 [ 7A5DE502AEB719D4594C6471060A78B3 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
12:02:11.0768 4804 SiSRaid2 - ok
12:02:11.0800 4804 [ 3A2F769FAB9582BC720E11EA1DFB184D ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
12:02:11.0800 4804 SiSRaid4 - ok
12:02:11.0846 4804 [ A9A27A8E257B45A604FDAD4F26FE7241 ] slsvc C:\Windows\system32\SLsvc.exe
12:02:11.0893 4804 slsvc - ok
12:02:11.0924 4804 [ FD74B4B7C2088E390A30C85A896FC3AF ] SLUINotify C:\Windows\system32\SLUINotify.dll
12:02:11.0924 4804 SLUINotify - ok
12:02:11.0956 4804 [ 290B6F6A0EC4FCDFC90F5CB6D7020473 ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:02:11.0956 4804 Smb - ok
12:02:11.0987 4804 [ F8F47F38909823B1AF28D60B96340CFF ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:02:11.0987 4804 SNMPTRAP - ok
12:02:12.0002 4804 [ 386C3C63F00A7040C7EC5E384217E89D ] spldr C:\Windows\system32\drivers\spldr.sys
12:02:12.0002 4804 spldr - ok
12:02:12.0018 4804 [ F66FF751E7EFC816D266977939EF5DC3 ] Spooler C:\Windows\System32\spoolsv.exe
12:02:12.0034 4804 Spooler - ok
12:02:12.0065 4804 [ 880A57FCCB571EBD063D4DD50E93E46D ] srv C:\Windows\system32\DRIVERS\srv.sys
12:02:12.0080 4804 srv - ok
12:02:12.0112 4804 [ A1AD14A6D7A37891FFFECA35EBBB0730 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:02:12.0112 4804 srv2 - ok
12:02:12.0127 4804 [ 4BED62F4FA4D8300973F1151F4C4D8A7 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:02:12.0143 4804 srvnet - ok
12:02:12.0158 4804 [ 192C74646EC5725AEF3F80D19FF75F6A ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:02:12.0158 4804 SSDPSRV - ok
12:02:12.0190 4804 [ 2EE3FA0308E6185BA64A9A7F2E74332B ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:02:12.0190 4804 SstpSvc - ok
12:02:12.0236 4804 [ 15825C1FBFB8779992CB65087F316AF5 ] stisvc C:\Windows\System32\wiaservc.dll
12:02:12.0252 4804 stisvc - ok
12:02:12.0283 4804 [ 85BF0B7CE3D9B6D1611E05872E1C3E56 ] SWDUMon C:\Windows\system32\DRIVERS\SWDUMon.sys
12:02:12.0283 4804 SWDUMon - ok
12:02:12.0299 4804 [ 8A851CA908B8B974F89C50D2E18D4F0C ] swenum C:\Windows\system32\DRIVERS\swenum.sys
12:02:12.0299 4804 swenum - ok
12:02:12.0330 4804 [ 6DE37F4DE19D4EFD9C48C43ADDBC949A ] swprv C:\Windows\System32\swprv.dll
12:02:12.0346 4804 swprv - ok
12:02:12.0361 4804 [ 2F26A2C6FC96B29BEFF5D8ED74E6625B ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
12:02:12.0361 4804 Symc8xx - ok
12:02:12.0377 4804 [ A909667976D3BCCD1DF813FED517D837 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
12:02:12.0377 4804 Sym_hi - ok
12:02:12.0392 4804 [ 36887B56EC2D98B9C362F6AE4DE5B7B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
12:02:12.0392 4804 Sym_u3 - ok
12:02:12.0439 4804 [ 92D7A8B0F87B036F17D25885937897A6 ] SysMain C:\Windows\system32\sysmain.dll
12:02:12.0455 4804 SysMain - ok
12:02:12.0502 4804 [ 005CE42567F9113A3BCCB3B20073B029 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:02:12.0502 4804 TabletInputService - ok
12:02:12.0517 4804 [ CC2562B4D55E0B6A4758C65407F63B79 ] TapiSrv C:\Windows\System32\tapisrv.dll
12:02:12.0548 4804 TapiSrv - ok
12:02:12.0564 4804 [ CDBE8D7C1E201B911CDC346D06617FB5 ] TBS C:\Windows\System32\tbssvc.dll
12:02:12.0564 4804 TBS - ok
12:02:12.0611 4804 [ AC8D5728E6AD6A7C4819D9A67008337A ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:02:12.0642 4804 Tcpip - ok
12:02:12.0673 4804 [ AC8D5728E6AD6A7C4819D9A67008337A ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
12:02:12.0673 4804 Tcpip6 - ok
12:02:12.0704 4804 [ FD8FDE859E38E40A20085EBB0C22B416 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:02:12.0704 4804 tcpipreg - ok
12:02:12.0736 4804 [ 1D8BF4AAA5FB7A2761475781DC1195BC ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:02:12.0736 4804 TDPIPE - ok
12:02:12.0751 4804 [ 7F7E00CDF609DF657F4CDA02DD1C9BB1 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:02:12.0751 4804 TDTCP - ok
12:02:12.0782 4804 [ 458919C8C42E398DC4802178D5FFEE27 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:02:12.0782 4804 tdx - ok
12:02:12.0798 4804 [ 8C19678D22649EC002EF2282EAE92F98 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
12:02:12.0798 4804 TermDD - ok
12:02:12.0829 4804 [ 5CDD30BC217082DAC71A9878D9BFD566 ] TermService C:\Windows\System32\termsrv.dll
12:02:12.0845 4804 TermService - ok
12:02:12.0860 4804 [ 56793271ECDEDD350C5ADD305603E963 ] Themes C:\Windows\system32\shsvcs.dll
12:02:12.0860 4804 Themes - ok
12:02:12.0876 4804 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] THREADORDER C:\Windows\system32\mmcss.dll
12:02:12.0876 4804 THREADORDER - ok
12:02:12.0892 4804 [ F4689F05AF472A651A7B1B7B02D200E7 ] TrkWks C:\Windows\System32\trkwks.dll
12:02:12.0892 4804 TrkWks - ok
12:02:12.0923 4804 [ 66328B08EF5A9305D8EDE36B93930369 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:02:12.0923 4804 TrustedInstaller - ok
12:02:12.0954 4804 [ 9E5409CD17C8BEF193AAD498F3BC2CB8 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:02:12.0954 4804 tssecsrv - ok
12:02:12.0970 4804 [ 89EC74A9E602D16A75A4170511029B3C ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
12:02:12.0970 4804 tunmp - ok
12:02:13.0001 4804 [ 30A9B3F45AD081BFFC3BCAA9C812B609 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:02:13.0016 4804 tunnel - ok
12:02:13.0016 4804 [ FEC266EF401966311744BD0F359F7F56 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
12:02:13.0032 4804 uagp35 - ok
12:02:13.0048 4804 [ FAF2640A2A76ED03D449E443194C4C34 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:02:13.0048 4804 udfs - ok
12:02:13.0079 4804 [ 060507C4113391394478F6953A79EEDC ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:02:13.0079 4804 UI0Detect - ok
12:02:13.0094 4804 [ 4EC9447AC3AB462647F60E547208CA00 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:02:13.0094 4804 uliagpkx - ok
12:02:13.0110 4804 [ 697F0446134CDC8F99E69306184FBBB4 ] uliahci C:\Windows\system32\drivers\uliahci.sys
12:02:13.0110 4804 uliahci - ok
12:02:13.0141 4804 [ 31707F09846056651EA2C37858F5DDB0 ] UlSata C:\Windows\system32\drivers\ulsata.sys
12:02:13.0141 4804 UlSata - ok
12:02:13.0157 4804 [ 85E5E43ED5B48C8376281BAB519271B7 ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
12:02:13.0157 4804 ulsata2 - ok
12:02:13.0172 4804 [ 46E9A994C4FED537DD951F60B86AD3F4 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
12:02:13.0188 4804 umbus - ok
12:02:13.0204 4804 [ 01ABE05C401E70795B43A8933B44831E ] UMPass C:\Windows\system32\DRIVERS\umpass.sys
12:02:13.0204 4804 UMPass - ok
12:02:13.0219 4804 [ 7093799FF80E9DECA0680D2E3535BE60 ] upnphost C:\Windows\System32\upnphost.dll
12:02:13.0235 4804 upnphost - ok
12:02:13.0282 4804 [ AFBF3DE5B9E662CD7124740F7199F2AA ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
12:02:13.0282 4804 USBAAPL64 - ok
12:02:13.0313 4804 [ 07E3498FC60834219D2356293DA0FECC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:02:13.0313 4804 usbccgp - ok
12:02:13.0328 4804 [ 8C39D53E1A343F4C47EE8F3C052126D8 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
12:02:13.0328 4804 usbcir - ok
12:02:13.0360 4804 [ 827E44DE934A736EA31E91D353EB126F ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
12:02:13.0360 4804 usbehci - ok
12:02:13.0375 4804 [ BB35CD80A2ECECFADC73569B3D70C7D1 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:02:13.0375 4804 usbhub - ok
12:02:13.0391 4804 [ E406B003A354776D317762694956B0FC ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
12:02:13.0406 4804 usbohci - ok
12:02:13.0422 4804 [ 28B693B6D31E7B9332C1BDCEFEF228C1 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
12:02:13.0422 4804 usbprint - ok
12:02:13.0453 4804 [ EA0BF666868964FBE8CB10E50C97B9F1 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
12:02:13.0453 4804 usbscan - ok
12:02:13.0469 4804 [ B854C1558FCA0C269A38663E8B59B581 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:02:13.0469 4804 USBSTOR - ok
12:02:13.0516 4804 [ B2872CBF9F47316ABD0E0C74A1ABA507 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
12:02:13.0516 4804 usbuhci - ok
12:02:13.0531 4804 [ D76E231E4850BB3F88A3D9A78DF191E3 ] UxSms C:\Windows\System32\uxsms.dll
12:02:13.0531 4804 UxSms - ok
12:02:13.0562 4804 [ 294945381DFA7CE58CECF0A9896AF327 ] vds C:\Windows\System32\vds.exe
12:02:13.0578 4804 vds - ok
12:02:13.0594 4804 [ 916B94BCF1E09873FFF2D5FB11767BBC ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:02:13.0594 4804 vga - ok
12:02:13.0609 4804 [ B83AB16B51FEDA65DD81B8C59D114D63 ] VgaSave C:\Windows\System32\drivers\vga.sys
12:02:13.0609 4804 VgaSave - ok
12:02:13.0625 4804 [ 8294B6C3FDB6C33F24E150DE647ECDAA ] viaide C:\Windows\system32\drivers\viaide.sys
12:02:13.0625 4804 viaide - ok
12:02:13.0672 4804 [ 5F974FDE801C73952770736BECDE11E7 ] Viewpoint Manager Service C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe
12:02:13.0672 4804 Viewpoint Manager Service - ok
12:02:13.0687 4804 [ 2B7E885ED951519A12C450D24535DFCA ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:02:13.0687 4804 volmgr - ok
12:02:13.0718 4804 [ CEC5AC15277D75D9E5DEC2E1C6EAF877 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:02:13.0718 4804 volmgrx - ok
12:02:13.0750 4804 [ 5280AADA24AB36B01A84A6424C475C8D ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:02:13.0750 4804 volsnap - ok
12:02:13.0781 4804 [ A68F455ED2673835209318DD61BFBB0E ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
12:02:13.0781 4804 vsmraid - ok
12:02:13.0828 4804 [ B75232DAD33BFD95BF6F0A3E6BFF51E1 ] VSS C:\Windows\system32\vssvc.exe
12:02:13.0843 4804 VSS - ok
12:02:13.0890 4804 [ A811CE7CDDFE5D4CC1A2197E2A270837 ] vToolbarUpdater13.0.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.0.0\ToolbarUpdater.exe
12:02:13.0906 4804 vToolbarUpdater13.0.0 - ok
12:02:13.0937 4804 [ F14A7DE2EA41883E250892E1E5230A9A ] W32Time C:\Windows\system32\w32time.dll
12:02:13.0937 4804 W32Time - ok
12:02:13.0952 4804 [ FEF8FE5923FEAD2CEE4DFABFCE3393A7 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
12:02:13.0952 4804 WacomPen - ok
12:02:13.0984 4804 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
12:02:13.0984 4804 Wanarp - ok
12:02:13.0999 4804 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:02:13.0999 4804 Wanarpv6 - ok
12:02:14.0015 4804 [ B4E4C37D0AA6100090A53213EE2BF1C1 ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:02:14.0030 4804 wcncsvc - ok
12:02:14.0046 4804 [ EA4B369560E986F19D93F45A881484AC ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:02:14.0046 4804 WcsPlugInService - ok
12:02:14.0077 4804 [ 0C17A0816F65B89E362E682AD5E7266E ] Wd C:\Windows\system32\drivers\wd.sys
12:02:14.0077 4804 Wd - ok
12:02:14.0108 4804 [ D02E7E4567DA1E7582FBF6A91144B0DF ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:02:14.0124 4804 Wdf01000 - ok
12:02:14.0140 4804 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:02:14.0140 4804 WdiServiceHost - ok
12:02:14.0140 4804 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:02:14.0140 4804 WdiSystemHost - ok
12:02:14.0171 4804 [ 3E6D05381CF35F75EBB055544A8ED9AC ] WebClient C:\Windows\System32\webclnt.dll
12:02:14.0171 4804 WebClient - ok
12:02:14.0202 4804 [ 8D40BC587993F876658BF9FB0F7D3462 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:02:14.0202 4804 Wecsvc - ok
12:02:14.0218 4804 [ 9C980351D7E96288EA0C23AE232BD065 ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:02:14.0218 4804 wercplsupport - ok
12:02:14.0233 4804 [ 66B9ECEBC46683F47EDC06333C075FEF ] WerSvc C:\Windows\System32\WerSvc.dll
12:02:14.0249 4804 WerSvc - ok
12:02:14.0280 4804 [ CBDEB4B3B5CF8C49ACC221D45F1C50C1 ] winachsf C:\Windows\system32\DRIVERS\CAX_CNXT.sys
12:02:14.0296 4804 winachsf - ok
12:02:14.0296 4804 WinHttpAutoProxySvc - ok
12:02:14.0342 4804 [ D2E7296ED1BD26D8DB2799770C077A02 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:02:14.0342 4804 Winmgmt - ok
12:02:14.0405 4804 [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869 ] WinRM C:\Windows\system32\WsmSvc.dll
12:02:14.0436 4804 WinRM - ok
12:02:14.0467 4804 [ EC339C8115E91BAED835957E9A677F16 ] Wlansvc C:\Windows\System32\wlansvc.dll
12:02:14.0483 4804 Wlansvc - ok
12:02:14.0608 4804 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:02:14.0639 4804 wlidsvc - ok
12:02:14.0670 4804 [ E18AEBAAA5A773FE11AA2C70F65320F5 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
12:02:14.0670 4804 WmiAcpi - ok
12:02:14.0686 4804 [ 21FA389E65A852698B6A1341F36EE02D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:02:14.0701 4804 wmiApSrv - ok
12:02:14.0717 4804 WMPNetworkSvc - ok
12:02:14.0732 4804 [ CBC156C913F099E6680D1DF9307DB7A8 ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:02:14.0732 4804 WPCSvc - ok
12:02:14.0764 4804 [ 490A18B4E4D53DC10879DEAA8E8B70D9 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:02:14.0764 4804 WPDBusEnum - ok
12:02:14.0795 4804 [ 5E2401B3FC1089C90E081291357371A9 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
12:02:14.0795 4804 WpdUsb - ok
12:02:14.0904 4804 [ 991E2C2CF3BC204C2BB2EE1476149E4E ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
12:02:14.0920 4804 WPFFontCache_v0400 - ok
12:02:14.0935 4804 [ 8A900348370E359B6BFF6A550E4649E1 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:02:14.0935 4804 ws2ifsl - ok
12:02:14.0951 4804 WSearch - ok
12:02:15.0013 4804 [ FB3796754FE00F0BDC87A36F164A5F4D ] wuauserv C:\Windows\system32\wuaueng.dll
12:02:15.0060 4804 wuauserv - ok
12:02:15.0076 4804 [ 501A65252617B495C0F1832F908D54D8 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:02:15.0076 4804 WUDFRd - ok
12:02:15.0107 4804 [ 6CBD51FF913C851D56ED9DC7F2A27DDE ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:02:15.0107 4804 wudfsvc - ok
12:02:15.0122 4804 [ 2F2CE5E47B014F52BC722AE28B19CBF3 ] XAudio C:\Windows\system32\DRIVERS\xaudio64.sys
12:02:15.0122 4804 XAudio - ok
12:02:15.0154 4804 [ A337887A4E3396A3EA5D6E54FA431C84 ] XAudioService C:\Windows\system32\DRIVERS\xaudio64.exe
12:02:15.0154 4804 XAudioService - ok
12:02:15.0169 4804 ================ Scan global ===============================
12:02:15.0200 4804 [ 060DC3A7A9A2626031EB23D90151428D ] C:\Windows\system32\basesrv.dll
12:02:15.0232 4804 [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll
12:02:15.0247 4804 [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll
12:02:15.0294 4804 [ BC81150939BD52DBC7A08C245F1FB229 ] C:\Windows\system32\services.exe
12:02:15.0310 4804 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.b ) - infected
12:02:15.0310 4804 C:\Windows\system32\services.exe - detected Virus.Win64.ZAccess.b (0)
12:02:15.0310 4804 ================ Scan MBR ==================================
12:02:15.0325 4804 [ B751AF1ACDDD7A1A71313731839F4ECB ] \Device\Harddisk0\DR0
12:02:17.0496 4804 \Device\Harddisk0\DR0 - ok
12:02:17.0501 4804 [ 23B571400A29918F5392F6E85EEB756E ] \Device\Harddisk1\DR9
12:02:17.0940 4804 \Device\Harddisk1\DR9 - ok
12:02:17.0940 4804 ================ Scan VBR ==================================
12:02:17.0944 4804 [ C2A207CB03413F71DE3B73713437610C ] \Device\Harddisk0\DR0\Partition1
12:02:17.0945 4804 \Device\Harddisk0\DR0\Partition1 - ok
12:02:17.0954 4804 [ 1D2AF947F0851E96CABF1C13133B1B49 ] \Device\Harddisk1\DR9\Partition1
12:02:17.0955 4804 \Device\Harddisk1\DR9\Partition1 - ok
12:02:17.0955 4804 ============================================================
12:02:17.0955 4804 Scan finished
12:02:17.0955 4804 ============================================================
12:02:17.0973 1880 Detected object count: 1
12:02:17.0973 1880 Actual detected object count: 1
12:02:38.0362 1880 C:\Windows\system32\services.exe - copied to quarantine
12:02:39.0048 1880 C:\Windows\installer\{7bf377e7-3db9-1642-2b5b-1480782f0548}\@ - copied to quarantine
12:02:39.0064 1880 C:\Users\Jamie\AppData\Local\{7bf377e7-3db9-1642-2b5b-1480782f0548}\@ - copied to quarantine
12:03:12.0604 1880 Backup copy not found, trying to cure infected file..
12:03:12.0604 1880 Cure success, using it..
12:03:12.0713 1880 C:\Windows\installer\{7bf377e7-3db9-1642-2b5b-1480782f0548}\@ - will be deleted on reboot
12:03:12.0713 1880 C:\Users\Jamie\AppData\Local\{7bf377e7-3db9-1642-2b5b-1480782f0548}\@ - will be deleted on reboot
12:03:12.0729 1880 C:\Windows\system32\services.exe - will be cured on reboot
12:03:12.0729 1880 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.b ) - User select action: Cure




aswMBR LOG

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-27 11:41:30
-----------------------------
11:41:30.534 OS Version: Windows x64 6.0.6002 Service Pack 2
11:41:30.534 Number of processors: 2 586 0x1706
11:41:30.534 ComputerName: GANSHORN_GAME_C UserName: Jamie
11:41:33.607 Initialize success
11:44:33.513 AVAST engine defs: 12102700
11:44:45.774 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000059
11:44:45.774 Disk 0 Vendor: WDC_WD64 01.0 Size: 610480MB BusType: 8
11:44:45.805 Disk 0 MBR read successfully
11:44:45.805 Disk 0 MBR scan
11:44:45.805 Disk 0 unknown MBR code
11:44:45.821 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 10001 MB offset 63
11:44:45.837 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 600477 MB offset 20484096
11:44:45.868 Disk 0 scanning C:\Windows\system32\drivers
11:45:08.006 Service scanning
11:45:24.527 Modules scanning
11:45:24.527 Disk 0 trace - called modules:
11:45:24.542 ntoskrnl.exe CLASSPNP.SYS disk.sys acpi.sys storport.sys hal.dll nvstor64.sys
11:45:24.542 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004d1e790]
11:45:24.542 3 CLASSPNP.SYS[fffffa6000a08c33] -> nt!IofCallDriver -> [0xfffffa8004b78c00]
11:45:24.542 5 acpi.sys[fffffa60008f3fde] -> nt!IofCallDriver -> \Device\00000059[0xfffffa8004b78560]
11:45:27.506 AVAST engine scan C:\Windows
11:45:41.531 AVAST engine scan C:\Windows\system32
11:49:06.920 AVAST engine scan C:\Windows\system32\drivers
11:49:34.925 AVAST engine scan C:\Users\Jamie
11:56:16.306 AVAST engine scan C:\ProgramData
12:00:40.302 Scan finished successfully
12:00:58.616 Disk 0 MBR has been saved successfully to "E:\Bleeping Computer tools\MBR.dat"
12:00:58.632 The log file has been saved successfully to "E:\Bleeping Computer tools\aswMBR.txt"



ESET LOG

C:\Users\Jamie\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@lplay.com\components\lptlf.dll a variant of Win32/Adware.Gamevance.BR application cleaned by deleting - quarantined
C:\Users\Jamie\Downloads\SoftonicDownloader_for_intel-pro-wireless-drivers.exe a variant of Win32/SoftonicDownloader.E application cleaned by deleting - quarantined
C:\Users\Jamie\Downloads\WinZipDriverUpdater.exe a variant of Win32/OpenInstall application cleaned by deleting - quarantined

Edited by Rikumo, 27 October 2012 - 11:09 AM.


#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:33 AM

Posted 27 October 2012 - 11:08 AM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users