Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

GMER trouble


  • This topic is locked This topic is locked
30 replies to this topic

#1 groucho69

groucho69

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:42 PM

Posted 02 November 2012 - 10:31 AM

I am following the malware removal Prep Guide but I have an issue with GMER. It opens and scans without asking me. The boxes from System down to Libraries are greyed out and cannot be checked. Any advice?

Do the other scans and post the logs you can get.

nasdaq

Edited by nasdaq, 03 November 2012 - 08:37 AM.


BC AdBot (Login to Remove)

 


#2 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:02:42 AM

Posted 03 November 2012 - 04:51 PM

Hi,

Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.
  • Follow nasdaq's instructions (which have been edited to the bottom of your last post)
  • Please subscribe to this topic, if you haven't already. Click the Watch This Topic button at the top on the right.

  • Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.

  • Please reply to this post so I know you are there.
The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.

Once I receive a reply then I will return with your first instructions.

Thanks :thumbup2:
Posted Image
m0le is a proud member of UNITE

#3 groucho69

groucho69
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:42 PM

Posted 03 November 2012 - 06:54 PM

Hi M0le:

Thanks for the quick assistance. OK GMER trouble is likely because I run WIN 7 64 bit? AVG is popping up with WIN 64/patched.a, Trojan Generic 29.ANOX, 28.CBQW, Luhe.Sirefefet.A, Bacvkdoor.Generic15.CGSY. DDS:


DDS (Ver_2012-10-19.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.9.2
Run by ED at 19:38:26 on 2012-11-03
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.8169.4908 [GMT -4:00]
.
AV: AVG Internet Security 2011 *Enabled/Outdated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Internet Security 2011 *Enabled/Outdated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: AVG Firewall *Enabled* {621CC794-9486-F902-D092-0484E8EA828B}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2013\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe
C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\AVG\AVG2013\avgfws.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe
C:\Windows\system32\crypserv.exe
C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe
C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladFileMonSvc.exe
C:\Windows\system32\IProsetMonitor.exe
C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSVSSSvr.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Common Files\Bluebeam Software\Bluebeam Revu\Brewery\V45\Printer Support\BBPrint.exe
C:\Users\ED\Local Settings\Apps\F.lux\flux.exe
C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
C:\Users\ED\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\Infinite Mind LC\eyeQ\ARLaunch.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Windows\Samsung\PanelMgr\SSMMgr.exe
C:\Program Files (x86)\Nuance\PDF Create 7\PdfCreate7Hook.exe
C:\Windows\twain_32\Samsung\CLX3180\Scan2Pc.exe
C:\Program Files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe
C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Users\ED\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Program Files (x86)\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\Samsung\PanelMgr\caller64.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladinetClient.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\SysWOW64\nlssrv32.exe
C:\Windows\SysWOW64\IoctlSvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files (x86)\WinZip\zipsendservice.exe
C:\Program Files (x86)\Common Files\Acronis\TrueImageHome\TrueImageHomeNotify.exe
C:\Program Files (x86)\Common Files\Acronis\TrueImageHome\TrueImageHomeService.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Users\ED\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\ED\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\ED\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\ED\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\ED\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\ED\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\ED\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\ED\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
C:\Windows\splwow64.exe
C:\Users\ED\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Adobe\Adobe Photoshop CS2\Photoshop.exe
C:\Users\ED\AppData\Local\Temp\Adobelm_Cleanup.0001
C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
C:\Users\ED\AppData\Local\Temp\Adobelm_Cleanup.0001
C:\Users\ED\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\ED\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Users\ED\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\ED\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\ED\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\ED\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://www.google.ca/
mStart Page = hxxp://start.funmoods.com/?f=1&a=adknlg&chnl=adknlg&cd=2XzuyEtN2Y1L1Qzu0FyEyC0DtDyEtByCyByBtA0DyC0F0BtCtN0D0Tzu0CtByEyDtN1L2XzutBtFtCtFtCtFtAtCtB&cr=595635956
uProxyServer = hxxp=;ftp=;https=;
mSearchAssistant = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
mURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll
mURLSearchHooks: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll
mURLSearchHooks: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll
mWinlogon: Userinit = userinit.exe,
BHO: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\12.2.5.34\AVG Secure Search_toolbar.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll
BHO: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll
BHO: ZeonIEEventHelper Class: {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} - C:\Program Files (x86)\Nuance\PDF Create 7\bin\ZeonIEFavClient.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: SMTTB2009 Class: {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\FileBulldog DB Toolbar\tbcore3.dll
BHO: Yontoo: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll
TB: uTorrentBar Toolbar: {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll
TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>
TB: DocuCom PDF: {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - C:\Program Files (x86)\Nuance\PDF Create 7\bin\ZeonIEFavClient.dll
TB: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll
TB: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll
TB: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll
TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\12.2.5.34\AVG Secure Search_toolbar.dll
TB: FileBulldog DB Toolbar: {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files (x86)\FileBulldog DB Toolbar\tbcore3.dll
uRun: [F.lux] "C:\Users\ED\Local Settings\Apps\F.lux\flux.exe" /noshow
uRun: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
uRun: [Super Hide IP] C:\Program Files (x86)\SuperHideIP\SuperHideIP.exe
uRun: [Google Update] "C:\Users\ED\AppData\Local\Google\Update\GoogleUpdate.exe" /c
mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [JMB36X IDE Setup] "C:\Windows\RaidTool\xInsIDE.exe"
mRun: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun
mRun: [OmniPage Preload] "C:\Program Files (x86)\Nuance\OmniPage18\OmniPage18.exe" /preload
mRun: [Nuance OmniPage 18-reminder] "C:\Program Files (x86)\Nuance\OmniPage18\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\OmniPage 18\Ereg\Ereg.ini"
mRun: [PDFCreHook] "C:\Program Files (x86)\Nuance\PDF Create 7\pdfcreate7hook.exe"
mRun: [PDF7 Registry Controller] "C:\Program Files (x86)\Nuance\PDF Create 7\RegistryController.exe"
mRun: [CLX3180_Scan2Pc] "C:\Windows\Twain_32\Samsung\CLX3180\Scan2pc.exe"
mRun: [3180 Scan2PC] "C:\Windows\twain_32\Samsung\CLX3180\Scan2Pc.exe"
mRun: [SAOB Monitor] "C:\Program Files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe"
mRun: [TrueImageMonitor.exe] "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
mRun: [DNS7reminder] "C:\Program Files (x86)\Nuance\NaturallySpeaking11\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\NaturallySpeaking11\Ereg.ini"
mRun: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
mRun: [atr.exe] <no file>
StartupFolder: C:\Users\ED\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEG~1.LNK - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
StartupFolder: C:\Users\ED\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\ED\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\ED\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\PMBMED~1.LNK - C:\Program Files (x86)\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MINIEY~1.LNK - C:\Program Files (x86)\Infinite Mind LC\eyeQ\ARLaunch.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\NUANCE~1.LNK - C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladLauncher.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: Append the content of the link to existing PDF file - C:\Program Files (x86)\Nuance\PDF Create 7\Bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
IE: Append the content of the selected links to existing PDF file - C:\Program Files (x86)\Nuance\PDF Create 7\Bin\ZeonIEFavClient.dll/ZeonIEAppendSelLinks.HTML
IE: Append to existing PDF file - C:\Program Files (x86)\Nuance\PDF Create 7\Bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
IE: Create PDF file - C:\Program Files (x86)\Nuance\PDF Create 7\Bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
IE: Create PDF file from the content of the link - C:\Program Files (x86)\Nuance\PDF Create 7\Bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
IE: Create PDF files from the selected links - C:\Program Files (x86)\Nuance\PDF Create 7\Bin\ZeonIEFavClient.dll/ZeonIECaptureSelLinks.HTML
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
LSP: mswsock.dll
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
TCP: NameServer = 192.168.2.1
TCP: Interfaces\{615D0FC5-4211-4481-9223-911679C4A217} : DHCPNameServer = 192.168.2.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: intu-tt2010 - {97A0575E-2309-4e75-8509-B1F9390C4DE7} - C:\Program Files (x86)\TurboTax 2010\ic2010pp.dll
Handler: intu-tt2011 - {B3B5DAD9-E96D-45b4-B636-B6CF2F773DE1} - C:\Program Files (x86)\TurboTax 2011\ic2011pp.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\12.2.6\ViProtocol.dll
SSODL: WebCheck - <orphaned>
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
x64-mStart Page = hxxp://start.funmoods.com/?f=1&a=adknlg&chnl=adknlg&cd=2XzuyEtN2Y1L1Qzu0FyEyC0DtDyEtByCyByBtA0DyC0F0BtCtN0D0Tzu0CtByEyDtN1L2XzutBtFtCtFtCtFtAtCtB&cr=595635956
x64-BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-Run: [RtHDVCpl] "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
x64-Run: [AtherosBtStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
x64-Run: [AthBtTray] "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
x64-Run: [Acronis Scheduler2 Service] "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
x64-Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
x64-Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
x64-Run: [BbPrintMonitor] C:\Program Files\Common Files\Bluebeam Software\Bluebeam Revu\Brewery\V45\Printer Support\BBPrint.exe
x64-Run: [BbInstallUser] C:\Program Files\Bluebeam Software\Bluebeam Revu\Pushbutton PDF\Bluebeam Admin User.exe
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
x64-DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: intu-tt2010 - {97A0575E-2309-4e75-8509-B1F9390C4DE7} - <orphaned>
x64-Handler: intu-tt2011 - {B3B5DAD9-E96D-45b4-B636-B6CF2F773DE1} - <orphaned>
x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\Windows\System32\wpdshserviceobj.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\ED\AppData\Roaming\Mozilla\Firefox\Profiles\6lp5mtc8.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - AVG Secure Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.ca/
FF - prefs.js: keyword.URL - hxxps://isearch.avg.com/search?cid=%7Bde25c842-89f3-45fc-96e6-86adf3e22092%7D&mid=e145a634c3c247d1a8d8d16fc5f33eba-770b72d1de54e84445552df87890c4230556cf37&ds=AVG&v=12.2.5.34&lang=en&pr=pr&d=2012-09-16%2013%3A28%3A17&sap=ku&q=
FF - prefs.js: network.proxy.gopher -
FF - prefs.js: network.proxy.gopher_port - 0
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.6\npsitesafety.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Users\ED\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2012-09-16 13:28; avg@toolbar; C:\ProgramData\AVG Secure Search\12.2.5.34
FF - ExtSQL: 2012-10-01 17:04; OneClickDownload@OneClickDownload.com; C:\Users\ED\AppData\Roaming\Mozilla\Firefox\Profiles\6lp5mtc8.default\extensions\OneClickDownload@OneClickDownload.com
FF - ExtSQL: 2012-10-06 19:17; {75656794-AB59-4712-BFBC-5D816D56F3BC}; C:\Users\ED\AppData\Roaming\Mozilla\Firefox\Profiles\6lp5mtc8.default\extensions\{75656794-AB59-4712-BFBC-5D816D56F3BC}
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.funmoods.hmpg - true
FF - user.js: extensions.funmoods.hmpgUrl - hxxp://start.funmoods.com/?f=1&a=adknlg&chnl=adknlg&cd=2XzuyEtN2Y1L1Qzu0FyEyC0DtDyEtByCyByBtA0DyC0F0BtCtN0D0Tzu0CtByEyDtN1L2XzutBtFtCtFtCtFtAtCtB&cr=595635956
FF - user.js: extensions.funmoods.dfltSrch - true
FF - user.js: extensions.funmoods.srchPrvdr - Search
FF - user.js: extensions.funmoods.dnsErr - true
FF - user.js: extensions.funmoods_i.newTab - true
FF - user.js: extensions.funmoods.newTabUrl - hxxp://start.funmoods.com/?f=2&a=adknlg&chnl=adknlg&cd=2XzuyEtN2Y1L1Qzu0FyEyC0DtDyEtByCyByBtA0DyC0F0BtCtN0D0Tzu0CtByEyDtN1L2XzutBtFtCtFtCtFtAtCtB&cr=595635956
FF - user.js: extensions.funmoods.tlbrSrchUrl - hxxp://start.funmoods.com/?f=3&a=adknlg&chnl=adknlg&cd=2XzuyEtN2Y1L1Qzu0FyEyC0DtDyEtByCyByBtA0DyC0F0BtCtN0D0Tzu0CtByEyDtN1L2XzutBtFtCtFtCtFtAtCtB&cr=595635956&q=
FF - user.js: extensions.funmoods.id - F46D0426773D6FB1
FF - user.js: extensions.funmoods.instlDay - 15584
FF - user.js: extensions.funmoods.vrsn - 1.5.23.22
FF - user.js: extensions.funmoods.vrsni - 1.5.23.22
FF - user.js: extensions.funmoods_i.vrsnTs - 1.5.23.2213:36:3
FF - user.js: extensions.funmoods.prtnrId - funmoods
FF - user.js: extensions.funmoods.prdct - funmoods
FF - user.js: extensions.funmoods.aflt - adknlg
FF - user.js: extensions.funmoods_i.smplGrp - none
FF - user.js: extensions.funmoods.tlbrId - base
FF - user.js: extensions.funmoods.instlRef - adknlg
FF - user.js: extensions.funmoods.dfltLng -
FF - user.js: extensions.funmoods.excTlbr - false
FF - user.js: extensions.funmoods.autoRvrt - false
FF - user.js: extensions.funmoods.envrmnt - production
FF - user.js: extensions.funmoods.isdcmntcmplt - true
FF - user.js: extensions.funmoods.mntrvrsn - 1.3.0
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2012-9-21 61792]
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2012-9-21 225120]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2012-10-5 111456]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2012-9-14 40800]
R0 mv91xx;mv91xx;C:\Windows\System32\drivers\mv91xx.sys [2010-11-22 303408]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2011-9-2 53488]
R0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273);C:\Windows\System32\drivers\tdrpm273.sys [2011-10-11 1263200]
R1 Avgfwfd;AVG network filter service;C:\Windows\System32\drivers\avgfwd6a.sys [2010-7-12 50296]
R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2012-9-13 151904]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2012-10-2 185696]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2012-9-21 200032]
R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2012-9-16 31080]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2012-8-19 283200]
R2 {329F96B6-DF1E-4328-BFDA-39EA953C1312};Power Control [2011/08/23 14:11:55];C:\Program Files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl [2011-8-23 148976]
R2 ntk_PowerDVD;ntk_PowerDVD;C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys [2011-8-23 75248]
R2 SSPORT;SSPORT;C:\Windows\System32\drivers\SSPORT.sys [2009-7-13 11576]
R3 afcdp;afcdp;C:\Windows\System32\drivers\afcdp.sys [2011-10-11 285280]
R3 amdkmdag;amdkmdag;C:\Windows\System32\drivers\atikmdag.sys [2012-7-28 10278912]
R3 amdkmdap;amdkmdap;C:\Windows\System32\drivers\atikmpag.sys [2012-7-27 368640]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2012-5-14 96896]
R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\System32\drivers\btath_bus.sys [2010-10-27 31080]
R3 e1cexpress;Intel® PRO/1000 PCI Express Network Connection Driver C;C:\Windows\System32\drivers\e1c62x64.sys [2011-8-23 313520]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-11-2 25928]
R3 MEIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2011-8-23 56344]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2010-12-10 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2010-12-10 181248]
S3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\System32\drivers\btath_flt.sys [2010-10-27 38248]
S3 ATHDFU;Atheros Valkyrie USB BootROM;C:\Windows\System32\drivers\AthDfu.sys [2010-10-27 55336]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\drivers\btath_a2dp.sys [2010-10-27 301680]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\drivers\btath_hcrp.sys [2010-10-27 203624]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\drivers\btath_lwflt.sys [2010-10-27 58992]
S3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\drivers\btath_rcp.sys [2010-10-27 156520]
S3 BtFilter;BtFilter;C:\Windows\System32\drivers\btfilter.sys [2010-10-27 279152]
S3 esgiguard;esgiguard;C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [2011-3-2 13088]
S3 EsgScanner;EsgScanner;C:\Windows\System32\drivers\EsgScanner.sys [2012-11-2 22704]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-8-23 59392]
.
=============== File Associations ===============
.
FileExt: .scr: AutoCADScriptFile=C:\Windows\System32\notepad.exe "%1"
.
=============== Created Last 30 ================
.
2012-11-03 17:52:57 -------- d-----w- C:\ProgramData\Astroburn Lite
2012-11-03 17:52:57 -------- d-----w- C:\Program Files (x86)\Astroburn Lite
2012-11-03 15:29:19 -------- d-----w- C:\Users\ED\AppData\Roaming\DriverCure
2012-11-03 15:29:18 -------- d-----w- C:\Users\ED\AppData\Roaming\SpeedyPC Software
2012-11-03 15:29:12 -------- d-----w- C:\Program Files (x86)\Common Files\SpeedyPC Software
2012-11-03 15:29:10 -------- d-----w- C:\ProgramData\SpeedyPC Software
2012-11-03 15:29:10 -------- d-----w- C:\Program Files (x86)\SpeedyPC Software
2012-11-02 23:16:54 -------- d-----w- C:\Users\ED\AppData\Roaming\Malwarebytes
2012-11-02 23:16:40 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-11-02 23:16:40 -------- d-----w- C:\ProgramData\Malwarebytes
2012-11-02 23:16:40 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-11-02 18:49:08 22704 ----a-w- C:\Windows\System32\drivers\EsgScanner.sys
2012-11-02 18:49:04 110080 ----a-r- C:\Users\ED\AppData\Roaming\Microsoft\Installer\{83B952C7-F8F3-4CA3-B4C5-33C85B24E478}\IconF7A21AF7.exe
2012-11-02 18:49:04 110080 ----a-r- C:\Users\ED\AppData\Roaming\Microsoft\Installer\{83B952C7-F8F3-4CA3-B4C5-33C85B24E478}\IconD7F16134.exe
2012-11-02 18:49:04 110080 ----a-r- C:\Users\ED\AppData\Roaming\Microsoft\Installer\{83B952C7-F8F3-4CA3-B4C5-33C85B24E478}\Icon1226A4C5.exe
2012-11-02 18:49:03 -------- d-----w- C:\sh4ldr
2012-11-02 18:49:03 -------- d-----w- C:\Program Files\Enigma Software Group
2012-11-02 18:48:22 -------- d-----w- C:\Windows\83B952C7F8F34CA3B4C533C85B24E478.TMP
2012-10-31 16:50:37 -------- d-----w- C:\Windows\Downloaded Installations
2012-10-30 14:48:57 -------- d-----w- C:\Program Files (x86)\Top Password
2012-10-29 23:11:58 -------- d-----w- C:\Users\ED\AppData\Local\WinZip Courier
2012-10-29 23:00:23 -------- d-----w- C:\ProgramData\WinZipEC
2012-10-28 23:15:39 -------- d-----w- C:\Program Files (x86)\RAR Password Recovery Magic
2012-10-25 19:44:07 -------- d-----w- C:\Program Files (x86)\Wondershare
2012-10-25 16:54:05 -------- d-----w- C:\ProgramData\Logs
2012-10-24 23:13:38 -------- d-----w- C:\Program Files (x86)\ImageSkill
2012-10-24 21:04:04 -------- d-----w- C:\ProgramData\ArcSoft
2012-10-24 21:03:45 -------- d-----w- C:\Users\ED\AppData\Local\ArcSoft
2012-10-24 17:43:15 -------- d-----w- C:\Users\ED\AppData\Local\assembly
2012-10-24 17:42:06 -------- d-----w- C:\Users\ED\AppData\Local\TechSmith
2012-10-24 17:14:14 -------- d-----w- C:\Users\ED\AppData\Local\Nik Software
2012-10-24 17:14:09 -------- d-----w- C:\ProgramData\Nik Software
2012-10-24 17:14:07 -------- d-----w- C:\Program Files\Nik Software
2012-10-24 15:18:10 -------- d-----w- C:\Users\ED\AppData\Roaming\PictureCutoutGuide
2012-10-24 14:45:11 -------- d-----w- C:\Program Files (x86)\Two Pilots
2012-10-24 14:45:11 -------- d-----w- C:\Program Files (x86)\Picture Cutout Guide
2012-10-22 22:29:08 -------- d-----w- C:\Users\ED\AppData\Roaming\Bluebeam Software
2012-10-22 22:12:54 110680 ----a-w- C:\Windows\System32\BBPdfPortMon.DLL
2012-10-22 22:08:27 -------- d-----w- C:\ProgramData\Bluebeam Software
2012-10-22 22:08:27 -------- d-----w- C:\Program Files\Common Files\Bluebeam Software
2012-10-22 22:08:27 -------- d-----w- C:\Program Files\Bluebeam Software
2012-10-22 22:08:27 -------- d-----w- C:\Program Files (x86)\Bluebeam Software
2012-10-22 22:07:07 77656 ----a-w- C:\Windows\System32\XAPOFX1_5.dll
2012-10-22 22:07:07 74072 ----a-w- C:\Windows\SysWow64\XAPOFX1_5.dll
2012-10-22 22:07:07 527192 ----a-w- C:\Windows\SysWow64\XAudio2_7.dll
2012-10-22 22:07:07 518488 ----a-w- C:\Windows\System32\XAudio2_7.dll
2012-10-22 22:07:04 1907552 ----a-w- C:\Windows\System32\d3dcsx_43.dll
2012-10-22 22:07:04 1868128 ----a-w- C:\Windows\SysWow64\d3dcsx_43.dll
2012-10-22 22:06:58 24920 ----a-w- C:\Windows\System32\X3DAudio1_7.dll
2012-10-22 22:06:58 22360 ----a-w- C:\Windows\SysWow64\X3DAudio1_7.dll
2012-10-22 22:06:56 81768 ----a-w- C:\Windows\SysWow64\xinput1_3.dll
2012-10-22 22:06:56 107368 ----a-w- C:\Windows\System32\xinput1_3.dll
2012-10-22 22:06:13 -------- d-----w- C:\ProgramData\ABBYY
2012-10-22 22:06:13 -------- d-----w- C:\Program Files (x86)\Common Files\Bluebeam Software
2012-10-22 21:07:07 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2012-10-21 22:26:40 66560 ----a-w- C:\Windows\System32\nlssrv32.exe
2012-10-20 18:01:06 -------- d-----w- C:\Users\ED\AppData\Roaming\Zoner
2012-10-20 18:01:05 -------- d-----w- C:\ProgramData\Zoner
2012-10-20 18:01:04 -------- d-----w- C:\Users\ED\AppData\Local\Zoner
2012-10-20 18:00:18 -------- d-----w- C:\Program Files\Zoner
2012-10-20 17:49:10 -------- d-----w- C:\Program Files (x86)\Caricature Software
2012-10-19 20:25:33 -------- d-----w- C:\Program Files (x86)\Mozilla Firefox.bak
2012-10-19 18:06:50 -------- d-----w- C:\Program Files (x86)\Focus Multimedia
2012-10-19 13:33:02 1060864 ----a-w- C:\Windows\SysWow64\MFC71.dll
2012-10-19 13:33:01 27025 ----a-w- C:\Windows\SysWow64\OLE2.REG
2012-10-19 13:32:50 -------- d-----w- C:\Program Files (x86)\Common Files\MySoftware
2012-10-19 13:32:17 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\DotNetInstaller.exe
2012-10-18 18:08:03 -------- d-----w- C:\Users\ED\AppData\Roaming\MyLogoMaker
2012-10-11 17:21:15 -------- d-----w- C:\results
2012-10-10 12:54:31 -------- d-----r- C:\Users\ED\Dropbox
2012-10-10 12:51:14 -------- d-----w- C:\Users\ED\AppData\Roaming\Dropbox
2012-10-08 23:18:46 -------- d-----w- C:\Users\ED\AppData\Roaming\onOne Software
2012-10-08 16:24:43 -------- d-----w- C:\keygen
2012-10-08 16:15:44 -------- d-----w- C:\Program Files\onOne Software
2012-10-08 16:15:41 -------- d-----w- C:\Windows\SysWow64\spool
2012-10-08 16:15:41 -------- d-----w- C:\Program Files (x86)\onOne Software
2012-10-08 16:15:18 -------- d-----w- C:\ProgramData\onOne Software
2012-10-07 14:35:54 -------- d-----w- C:\Program Files (x86)\Remove Logo Now!
2012-10-07 13:59:38 -------- d-----w- C:\Program Files (x86)\SourceTec
2012-10-06 23:17:17 368912 ----a-w- C:\Windows\SysWow64\vbar332.dll
2012-10-06 23:17:01 -------- d-----w- C:\Program Files (x86)\FileBulldog DB Toolbar
2012-10-06 23:16:54 -------- d-----w- C:\LogoSmartz
2012-10-06 23:05:26 -------- d-----w- C:\Program Files (x86)\Aurora3D
2012-10-06 20:21:49 -------- d-----w- C:\Program Files (x86)\Studio V5
2012-10-06 18:15:55 -------- d-----w- C:\Program Files (x86)\Avanquest update
2012-10-06 18:12:25 565760 ----a-w- C:\Windows\SysWow64\msvcp50.DLL
2012-10-06 18:12:24 5632 ----a-w- C:\Windows\SysWow64\MFCUIA32.DLL
2012-10-06 18:12:24 348160 ----a-w- C:\Windows\SysWow64\MFC30.DLL
2012-10-06 18:12:24 133904 ----a-w- C:\Windows\SysWow64\MFCANS32.DLL
2012-10-06 18:11:46 -------- d-----w- C:\Program Files (x86)\MySoftware
2012-10-05 07:26:22 111456 ----a-w- C:\Windows\System32\drivers\avgmfx64.sys
.
==================== Find3M ====================
.
2012-10-09 06:10:23 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-09 06:10:23 696760 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-10-02 07:30:38 185696 ----a-w- C:\Windows\System32\drivers\avgldx64.sys
2012-09-21 07:46:04 200032 ----a-w- C:\Windows\System32\drivers\avgtdia.sys
2012-09-21 07:46:00 225120 ----a-w- C:\Windows\System32\drivers\avgloga.sys
2012-09-21 07:45:50 61792 ----a-w- C:\Windows\System32\drivers\avgidsha.sys
2012-09-16 17:33:19 821736 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2012-09-16 17:33:19 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-09-16 17:28:15 31080 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys
2012-09-16 17:09:31 916456 ----a-w- C:\Windows\System32\deployJava1.dll
2012-09-16 17:09:31 108008 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll
2012-09-16 17:09:31 1034216 ----a-w- C:\Windows\System32\npDeployJava1.dll
2012-09-14 07:05:18 40800 ----a-w- C:\Windows\System32\drivers\avgrkx64.sys
2012-09-13 07:11:18 151904 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys
2012-09-04 14:39:32 50296 ----a-w- C:\Windows\System32\drivers\avgfwd6a.sys
2012-08-27 22:00:12 117507 ----a-w- C:\Windows\SysWow64\Msinet.ocx
2012-08-19 16:18:37 283200 ----a-w- C:\Windows\System32\drivers\dtsoftbus01.sys
.
============= FINISH: 19:45:52.82 ===============

Edited by groucho69, 03 November 2012 - 06:58 PM.


#4 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:02:42 AM

Posted 03 November 2012 - 07:00 PM

Please start by running TDSSKiller

  • Download TDSSKiller and save it to your Desktop.

  • Extract its contents to your desktop and make sure TDSSKiller.exe (the contents of the zipped file) is on the Desktop itself, not within a folder on the desktop.

  • Go to Start > Run (Or you can hold down your Windows key and press R) and copy and paste the following into the text field. (make sure you include the quote marks) Then press OK.

    "%userprofile%\Desktop\TDSSKiller.exe" -l report.txt

  • Now click Start Scan.
  • If Malicious objects are found, ensure Cure is selected then click Continue > Reboot now.
  • Click Close
  • Finally press Report and copy and paste the contents into your next reply. If you've rebooted then the log will be found at C:\

Posted Image
m0le is a proud member of UNITE

#5 groucho69

groucho69
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:42 PM

Posted 04 November 2012 - 10:57 AM

It did not offer reboot as an option. Should I reboot?


10:50:55.0263 8552 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
10:50:56.0516 8552 ============================================================
10:50:56.0516 8552 Current date / time: 2012/11/04 10:50:56.0516
10:50:56.0516 8552 SystemInfo:
10:50:56.0516 8552
10:50:56.0516 8552 OS Version: 6.1.7601 ServicePack: 1.0
10:50:56.0516 8552 Product type: Workstation
10:50:56.0517 8552 ComputerName: ED-PC
10:50:56.0517 8552 UserName: ED
10:50:56.0517 8552 Windows directory: C:\Windows
10:50:56.0517 8552 System windows directory: C:\Windows
10:50:56.0517 8552 Running under WOW64
10:50:56.0517 8552 Processor architecture: Intel x64
10:50:56.0517 8552 Number of processors: 4
10:50:56.0517 8552 Page size: 0x1000
10:50:56.0517 8552 Boot type: Normal boot
10:50:56.0517 8552 ============================================================
10:50:57.0612 8552 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:50:57.0615 8552 Drive \Device\Harddisk10\DR10 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
10:50:58.0101 8552 Drive \Device\Harddisk1\DR1 - Size: 0x1D1C0F00000 (1863.01 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
10:50:58.0509 8552 Drive \Device\Harddisk2\DR2 - Size: 0x2BAA1474000 (2794.52 Gb), SectorSize: 0x1000, Cylinders: 0xB220, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
10:50:58.0776 8552 Drive \Device\Harddisk3\DR3 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
10:50:58.0792 8552 Drive \Device\Harddisk4\DR4 - Size: 0x7820000 (0.12 Gb), SectorSize: 0x200, Cylinders: 0xF, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
10:50:58.0803 8552 Drive \Device\Harddisk9\DR9 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
10:50:58.0825 8552 ============================================================
10:50:58.0825 8552 \Device\Harddisk0\DR0:
10:50:58.0825 8552 MBR partitions:
10:50:58.0825 8552 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
10:50:58.0825 8552 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3800
10:50:58.0825 8552 \Device\Harddisk10\DR10:
10:50:58.0826 8552 MBR partitions:
10:50:58.0826 8552 \Device\Harddisk10\DR10\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
10:50:58.0826 8552 \Device\Harddisk10\DR10\Partition2: MBR, Type 0x7, StartLBA 0x32830, BlocksNum 0x3CAEE510
10:50:58.0826 8552 \Device\Harddisk10\DR10\Partition3: MBR, Type 0x7, StartLBA 0x3CB21000, BlocksNum 0x37BE5000
10:50:58.0826 8552 \Device\Harddisk1\DR1:
10:50:58.0826 8552 MBR partitions:
10:50:58.0826 8552 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07000
10:50:58.0826 8552 \Device\Harddisk2\DR2:
10:50:58.0827 8552 MBR partitions:
10:50:58.0827 8552 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2BAA0A20
10:50:58.0827 8552 \Device\Harddisk3\DR3:
10:50:58.0827 8552 MBR partitions:
10:50:58.0827 8552 \Device\Harddisk3\DR3\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02
10:50:58.0827 8552 \Device\Harddisk4\DR4:
10:50:58.0828 8552 MBR partitions:
10:50:58.0828 8552 \Device\Harddisk4\DR4\Partition1: MBR, Type 0x6, StartLBA 0x61, BlocksNum 0x3C09F
10:50:58.0828 8552 \Device\Harddisk9\DR9:
10:50:58.0834 8552 MBR partitions:
10:50:58.0834 8552 \Device\Harddisk9\DR9\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xE8E07482
10:50:58.0834 8552 ============================================================
10:50:58.0858 8552 C: <-> \Device\Harddisk0\DR0\Partition2
10:50:58.0885 8552 J: <-> \Device\Harddisk1\DR1\Partition1
10:50:58.0917 8552 K: <-> \Device\Harddisk9\DR9\Partition1
10:50:58.0956 8552 L: <-> \Device\Harddisk10\DR10\Partition2
10:50:59.0006 8552 M: <-> \Device\Harddisk10\DR10\Partition3
10:50:59.0031 8552 O: <-> \Device\Harddisk10\DR10\Partition1
10:50:59.0055 8552 P: <-> \Device\Harddisk3\DR3\Partition1
10:50:59.0104 8552 R: <-> \Device\Harddisk2\DR2\Partition1
10:50:59.0104 8552 ============================================================
10:50:59.0104 8552 Initialize success
10:50:59.0104 8552 ============================================================
10:51:01.0767 9192 ============================================================
10:51:01.0768 9192 Scan started
10:51:01.0768 9192 Mode: Manual;
10:51:01.0768 9192 ============================================================
10:51:08.0342 9192 ================ Scan system memory ========================
10:51:08.0342 9192 System memory - ok
10:51:08.0342 9192 ================ Scan services =============================
10:51:08.0452 9192 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
10:51:08.0455 9192 1394ohci - ok
10:51:08.0473 9192 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
10:51:08.0476 9192 ACPI - ok
10:51:08.0487 9192 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
10:51:08.0488 9192 AcpiPmi - ok
10:51:08.0556 9192 [ B07B9F3B2B94E4FC5B0F496DDD65ADF2 ] AcrSch2Svc C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
10:51:08.0565 9192 AcrSch2Svc - ok
10:51:08.0663 9192 [ 9E100616B5075228BFED1CC5738AAD8B ] ADExchange C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe
10:51:08.0665 9192 ADExchange - ok
10:51:08.0730 9192 [ 8B46D5A1D3EF08232C04D0EAFB871FB2 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
10:51:08.0743 9192 Adobe LM Service - ok
10:51:08.0865 9192 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:51:08.0867 9192 AdobeFlashPlayerUpdateSvc - ok
10:51:08.0888 9192 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
10:51:08.0892 9192 adp94xx - ok
10:51:08.0919 9192 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
10:51:08.0923 9192 adpahci - ok
10:51:08.0942 9192 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
10:51:08.0944 9192 adpu320 - ok
10:51:08.0961 9192 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
10:51:08.0962 9192 AeLookupSvc - ok
10:51:08.0972 9192 [ AE1FCE2CD1E99BEA89183BA8CD320872 ] afcdp C:\Windows\system32\DRIVERS\afcdp.sys
10:51:08.0975 9192 afcdp - ok
10:51:09.0016 9192 [ AF44F7E027037628F1FAC3C13CDE73E6 ] afcdpsrv C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
10:51:09.0058 9192 afcdpsrv - ok
10:51:09.0137 9192 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
10:51:09.0141 9192 AFD - ok
10:51:09.0150 9192 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
10:51:09.0152 9192 agp440 - ok
10:51:09.0165 9192 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
10:51:09.0166 9192 ALG - ok
10:51:09.0176 9192 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
10:51:09.0177 9192 aliide - ok
10:51:09.0221 9192 [ B3B263B419FC9E7B1D41E61FDAE45BD9 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
10:51:09.0223 9192 AMD External Events Utility - ok
10:51:09.0231 9192 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
10:51:09.0232 9192 amdide - ok
10:51:09.0243 9192 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
10:51:09.0244 9192 AmdK8 - ok
10:51:09.0403 9192 [ 9A6E9363F7A5E5A06629D9DDC76EE6B5 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
10:51:09.0555 9192 amdkmdag - ok
10:51:09.0576 9192 [ 957A4C13E1981B1701E600EF1E823C68 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
10:51:09.0580 9192 amdkmdap - ok
10:51:09.0582 9192 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
10:51:09.0583 9192 AmdPPM - ok
10:51:09.0614 9192 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
10:51:09.0615 9192 amdsata - ok
10:51:09.0623 9192 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
10:51:09.0625 9192 amdsbs - ok
10:51:09.0638 9192 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
10:51:09.0639 9192 amdxata - ok
10:51:09.0661 9192 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
10:51:09.0662 9192 AppID - ok
10:51:09.0674 9192 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
10:51:09.0675 9192 AppIDSvc - ok
10:51:09.0681 9192 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
10:51:09.0682 9192 Appinfo - ok
10:51:09.0687 9192 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
10:51:09.0689 9192 AppMgmt - ok
10:51:09.0701 9192 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
10:51:09.0702 9192 arc - ok
10:51:09.0713 9192 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
10:51:09.0715 9192 arcsas - ok
10:51:09.0753 9192 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:51:09.0754 9192 aspnet_state - ok
10:51:09.0768 9192 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
10:51:09.0769 9192 AsyncMac - ok
10:51:09.0779 9192 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
10:51:09.0780 9192 atapi - ok
10:51:09.0799 9192 [ AAAE03F8EDA817EC28C5445193EA8BF3 ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys
10:51:09.0800 9192 AthBTPort - ok
10:51:09.0819 9192 [ 4ECC791539F23982411864037D1AC8FC ] ATHDFU C:\Windows\system32\Drivers\AthDfu.sys
10:51:09.0820 9192 ATHDFU - ok
10:51:09.0850 9192 [ C34B28D6285EAD94B3A2FABA84E90DA5 ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
10:51:09.0851 9192 AtherosSvc - ok
10:51:09.0862 9192 [ B0790FF0E25B7A2674296052F2162C1A ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
10:51:09.0864 9192 AtiHDAudioService - ok
10:51:09.0887 9192 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:51:09.0893 9192 AudioEndpointBuilder - ok
10:51:09.0900 9192 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
10:51:09.0903 9192 AudioSrv - ok
10:51:09.0991 9192 [ F431DC5D94F4B2FDBC927655D8A9B10E ] Autodesk Content Service C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
10:51:09.0992 9192 Autodesk Content Service - ok
10:51:10.0050 9192 [ 3D1FFAA3358CA0D8A298DEA8BECFC468 ] Avgfwfd C:\Windows\system32\DRIVERS\avgfwd6a.sys
10:51:10.0051 9192 Avgfwfd - ok
10:51:10.0125 9192 [ 2E0DB82F4254FF91E153F331BA9B2D6E ] avgfws C:\Program Files (x86)\AVG\AVG2013\avgfws.exe
10:51:10.0130 9192 avgfws - ok
10:51:10.0232 9192 [ B41F0E54105801538D56623271A0AE49 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
10:51:10.0252 9192 AVGIDSAgent - ok
10:51:10.0287 9192 [ F1A99DA71E6549D7D944596E15142866 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
10:51:10.0289 9192 AVGIDSDriver - ok
10:51:10.0322 9192 [ E6CB84918C1ABE84AAAF749D2EA4E764 ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
10:51:10.0322 9192 AVGIDSHA - ok
10:51:10.0359 9192 [ 5989592A91A17587799792A81E1541D4 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
10:51:10.0362 9192 Avgldx64 - ok
10:51:10.0407 9192 [ 3FC43AA02545FCDDC22817829114DEC8 ] Avgloga C:\Windows\system32\DRIVERS\avgloga.sys
10:51:10.0410 9192 Avgloga - ok
10:51:10.0447 9192 [ EAFF19168F26FA225EB679547B718051 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
10:51:10.0449 9192 Avgmfx64 - ok
10:51:10.0464 9192 [ FE4F444DBE4BBBDFD8FECF49398DEFC7 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
10:51:10.0465 9192 Avgrkx64 - ok
10:51:10.0507 9192 [ 6E634525613D48A1D1657FB21F21F3B2 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
10:51:10.0509 9192 Avgtdia - ok
10:51:10.0536 9192 [ DE24B2CA078FC6A7EAA53B1DFD3F61CF ] avgtp C:\Windows\system32\drivers\avgtpx64.sys
10:51:10.0537 9192 avgtp - ok
10:51:10.0575 9192 [ 0D2EB149AFF89A307E5D82D0A2B78439 ] avgwd C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
10:51:10.0576 9192 avgwd - ok
10:51:10.0593 9192 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
10:51:10.0594 9192 AxInstSV - ok
10:51:10.0611 9192 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
10:51:10.0616 9192 b06bdrv - ok
10:51:10.0628 9192 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
10:51:10.0631 9192 b57nd60a - ok
10:51:10.0658 9192 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
10:51:10.0660 9192 BDESVC - ok
10:51:10.0664 9192 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
10:51:10.0665 9192 Beep - ok
10:51:10.0672 9192 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
10:51:10.0674 9192 blbdrive - ok
10:51:10.0684 9192 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
10:51:10.0686 9192 bowser - ok
10:51:10.0696 9192 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:51:10.0697 9192 BrFiltLo - ok
10:51:10.0706 9192 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:51:10.0707 9192 BrFiltUp - ok
10:51:10.0728 9192 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll
10:51:10.0730 9192 Browser - ok
10:51:10.0744 9192 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
10:51:10.0747 9192 Brserid - ok
10:51:10.0750 9192 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
10:51:10.0751 9192 BrSerWdm - ok
10:51:10.0753 9192 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
10:51:10.0754 9192 BrUsbMdm - ok
10:51:10.0756 9192 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
10:51:10.0756 9192 BrUsbSer - ok
10:51:10.0766 9192 [ 3B1B573371B206D1D5F25E0EF5FCD6D6 ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys
10:51:10.0769 9192 BTATH_A2DP - ok
10:51:10.0776 9192 [ 2D0446336D9DB55A742B999EC16ADF15 ] BTATH_BUS C:\Windows\system32\DRIVERS\btath_bus.sys
10:51:10.0776 9192 BTATH_BUS - ok
10:51:10.0780 9192 [ 9A9694BBEB2849EAF95DFFCAE5DF02AD ] BTATH_HCRP C:\Windows\system32\DRIVERS\btath_hcrp.sys
10:51:10.0782 9192 BTATH_HCRP - ok
10:51:10.0789 9192 [ FC0A8075DDF2E9C66267AEC91E0676F9 ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys
10:51:10.0790 9192 BTATH_LWFLT - ok
10:51:10.0801 9192 [ 5EB4815CBDDBA4541F2380DAE6E269AB ] BTATH_RCP C:\Windows\system32\DRIVERS\btath_rcp.sys
10:51:10.0803 9192 BTATH_RCP - ok
10:51:10.0818 9192 [ 0ECEDE7B33CFD9A52A61220ABBD09A50 ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys
10:51:10.0821 9192 BtFilter - ok
10:51:10.0834 9192 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
10:51:10.0835 9192 BthEnum - ok
10:51:10.0837 9192 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
10:51:10.0839 9192 BTHMODEM - ok
10:51:10.0849 9192 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
10:51:10.0851 9192 BthPan - ok
10:51:10.0868 9192 [ 64C198198501F7560EE41D8D1EFA7952 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
10:51:10.0873 9192 BTHPORT - ok
10:51:10.0887 9192 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
10:51:10.0888 9192 bthserv - ok
10:51:10.0897 9192 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
10:51:10.0898 9192 BTHUSB - ok
10:51:10.0910 9192 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
10:51:10.0911 9192 cdfs - ok
10:51:10.0931 9192 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
10:51:10.0933 9192 cdrom - ok
10:51:10.0952 9192 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
10:51:10.0953 9192 CertPropSvc - ok
10:51:10.0963 9192 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
10:51:10.0964 9192 circlass - ok
10:51:10.0981 9192 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
10:51:10.0985 9192 CLFS - ok
10:51:11.0037 9192 [ 4AA6694FB767BBFF6A8EF080806447BD ] CLHNServiceForPowerDVD C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe
10:51:11.0038 9192 CLHNServiceForPowerDVD - ok
10:51:11.0086 9192 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:51:11.0088 9192 clr_optimization_v2.0.50727_32 - ok
10:51:11.0125 9192 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:51:11.0126 9192 clr_optimization_v2.0.50727_64 - ok
10:51:11.0165 9192 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:51:11.0167 9192 clr_optimization_v4.0.30319_32 - ok
10:51:11.0180 9192 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:51:11.0181 9192 clr_optimization_v4.0.30319_64 - ok
10:51:11.0194 9192 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
10:51:11.0195 9192 CmBatt - ok
10:51:11.0209 9192 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
10:51:11.0210 9192 cmdide - ok
10:51:11.0250 9192 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
10:51:11.0255 9192 CNG - ok
10:51:11.0277 9192 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
10:51:11.0278 9192 Compbatt - ok
10:51:11.0280 9192 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
10:51:11.0281 9192 CompositeBus - ok
10:51:11.0283 9192 COMSysApp - ok
10:51:11.0291 9192 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
10:51:11.0292 9192 crcdisk - ok
10:51:11.0294 9192 Crypkey License - ok
10:51:11.0332 9192 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
10:51:11.0334 9192 CryptSvc - ok
10:51:11.0351 9192 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
10:51:11.0355 9192 CSC - ok
10:51:11.0381 9192 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
10:51:11.0386 9192 CscService - ok
10:51:11.0415 9192 [ D3484412EAE43685E3AD304C9979F30E ] CyberLink PowerDVD 11.0 Monitor Service C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe
10:51:11.0416 9192 CyberLink PowerDVD 11.0 Monitor Service - ok
10:51:11.0430 9192 [ 4B0F03AF88FF89441EF57175849C3961 ] CyberLink PowerDVD 11.0 Service C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe
10:51:11.0433 9192 CyberLink PowerDVD 11.0 Service - ok
10:51:11.0456 9192 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
10:51:11.0461 9192 DcomLaunch - ok
10:51:11.0502 9192 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] DEFRAGSVC C:\Windows\System32\defragsvc.dll
10:51:11.0505 9192 DEFRAGSVC - ok
10:51:11.0539 9192 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
10:51:11.0540 9192 DfsC - ok
10:51:11.0580 9192 [ 2D589A2C024B2FB238535DB9F7B3597D ] DgiVecp C:\Windows\system32\Drivers\DgiVecp.sys
10:51:11.0581 9192 DgiVecp - ok
10:51:11.0593 9192 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
10:51:11.0597 9192 Dhcp - ok
10:51:11.0606 9192 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
10:51:11.0607 9192 discache - ok
10:51:11.0640 9192 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
10:51:11.0641 9192 Disk - ok
10:51:11.0660 9192 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
10:51:11.0663 9192 Dnscache - ok
10:51:11.0689 9192 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
10:51:11.0692 9192 dot3svc - ok
10:51:11.0702 9192 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
10:51:11.0704 9192 DPS - ok
10:51:11.0758 9192 [ B123656688D67DF3A08FE5912203F71B ] DragonSvc C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
10:51:11.0761 9192 DragonSvc - ok
10:51:11.0785 9192 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
10:51:11.0786 9192 drmkaud - ok
10:51:11.0817 9192 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
10:51:11.0820 9192 dtsoftbus01 - ok
10:51:11.0846 9192 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
10:51:11.0854 9192 DXGKrnl - ok
10:51:11.0904 9192 [ 6BAFD9819D9FEC2EDBAEBC8493C711A4 ] e1cexpress C:\Windows\system32\DRIVERS\e1c62x64.sys
10:51:11.0907 9192 e1cexpress - ok
10:51:11.0917 9192 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
10:51:11.0919 9192 EapHost - ok
10:51:11.0972 9192 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
10:51:12.0012 9192 ebdrv - ok
10:51:12.0045 9192 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
10:51:12.0046 9192 EFS - ok
10:51:12.0097 9192 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
10:51:12.0103 9192 ehRecvr - ok
10:51:12.0153 9192 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
10:51:12.0155 9192 ehSched - ok
10:51:12.0170 9192 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
10:51:12.0175 9192 elxstor - ok
10:51:12.0226 9192 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
10:51:12.0228 9192 ErrDev - ok
10:51:12.0286 9192 [ DF96C3CD6AE15F6D0A6BCB70F9C1E88D ] esgiguard C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys
10:51:12.0287 9192 esgiguard - ok
10:51:12.0337 9192 [ 3B32CAA07D672F8A2E0DF5CB3A873F45 ] EsgScanner C:\Windows\system32\DRIVERS\EsgScanner.sys
10:51:12.0338 9192 EsgScanner - ok
10:51:12.0362 9192 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
10:51:12.0366 9192 EventSystem - ok
10:51:12.0382 9192 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
10:51:12.0384 9192 exfat - ok
10:51:12.0402 9192 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
10:51:12.0405 9192 fastfat - ok
10:51:12.0427 9192 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
10:51:12.0433 9192 Fax - ok
10:51:12.0482 9192 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
10:51:12.0483 9192 fdc - ok
10:51:12.0498 9192 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
10:51:12.0499 9192 fdPHost - ok
10:51:12.0508 9192 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
10:51:12.0509 9192 FDResPub - ok
10:51:12.0520 9192 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
10:51:12.0522 9192 FileInfo - ok
10:51:12.0532 9192 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
10:51:12.0534 9192 Filetrace - ok
10:51:12.0588 9192 [ BB0667B0171B632B97EA759515476F07 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
10:51:12.0594 9192 FLEXnet Licensing Service - ok
10:51:12.0649 9192 [ 64AB6F28047744B9B19C97459C2AB31B ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
10:51:12.0660 9192 FLEXnet Licensing Service 64 - ok
10:51:12.0663 9192 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
10:51:12.0664 9192 flpydisk - ok
10:51:12.0690 9192 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
10:51:12.0694 9192 FltMgr - ok
10:51:12.0721 9192 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
10:51:12.0731 9192 FontCache - ok
10:51:12.0751 9192 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:51:12.0752 9192 FontCache3.0.0.0 - ok
10:51:12.0761 9192 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
10:51:12.0763 9192 FsDepends - ok
10:51:12.0802 9192 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
10:51:12.0803 9192 Fs_Rec - ok
10:51:12.0821 9192 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
10:51:12.0823 9192 fvevol - ok
10:51:12.0839 9192 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
10:51:12.0840 9192 gagp30kx - ok
10:51:12.0911 9192 [ 859EB508AFD5E26298B6B902D46F6535 ] GladFileMonSvc C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladFileMonSvc.exe
10:51:12.0912 9192 GladFileMonSvc - ok
10:51:12.0942 9192 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
10:51:12.0949 9192 gpsvc - ok
10:51:12.0961 9192 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
10:51:12.0962 9192 hcw85cir - ok
10:51:12.0996 9192 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:51:12.0999 9192 HdAudAddService - ok
10:51:13.0025 9192 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
10:51:13.0026 9192 HDAudBus - ok
10:51:13.0036 9192 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
10:51:13.0037 9192 HidBatt - ok
10:51:13.0049 9192 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
10:51:13.0051 9192 HidBth - ok
10:51:13.0062 9192 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
10:51:13.0063 9192 HidIr - ok
10:51:13.0080 9192 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
10:51:13.0081 9192 hidserv - ok
10:51:13.0102 9192 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
10:51:13.0103 9192 HidUsb - ok
10:51:13.0127 9192 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
10:51:13.0129 9192 hkmsvc - ok
10:51:13.0146 9192 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:51:13.0149 9192 HomeGroupListener - ok
10:51:13.0164 9192 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:51:13.0166 9192 HomeGroupProvider - ok
10:51:13.0179 9192 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
10:51:13.0181 9192 HpSAMD - ok
10:51:13.0202 9192 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
10:51:13.0209 9192 HTTP - ok
10:51:13.0220 9192 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
10:51:13.0220 9192 hwpolicy - ok
10:51:13.0231 9192 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
10:51:13.0233 9192 i8042prt - ok
10:51:13.0261 9192 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
10:51:13.0265 9192 iaStorV - ok
10:51:13.0281 9192 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:51:13.0288 9192 idsvc - ok
10:51:13.0303 9192 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
10:51:13.0304 9192 iirsp - ok
10:51:13.0334 9192 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
10:51:13.0341 9192 IKEEXT - ok
10:51:13.0405 9192 [ DAB7318CCFA8081200D5B7B486793F74 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
10:51:13.0437 9192 IntcAzAudAddService - ok
10:51:13.0475 9192 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
10:51:13.0476 9192 intelide - ok
10:51:13.0479 9192 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
10:51:13.0480 9192 intelppm - ok
10:51:13.0509 9192 [ 068EC06F3B6DD7B81B365D8FD2CE27E6 ] Intel® PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
10:51:13.0511 9192 Intel® PROSet Monitoring Service - ok
10:51:13.0523 9192 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
10:51:13.0525 9192 IPBusEnum - ok
10:51:13.0545 9192 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:51:13.0547 9192 IpFilterDriver - ok
10:51:13.0554 9192 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
10:51:13.0556 9192 IPMIDRV - ok
10:51:13.0566 9192 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
10:51:13.0568 9192 IPNAT - ok
10:51:13.0579 9192 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
10:51:13.0580 9192 IRENUM - ok
10:51:13.0588 9192 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
10:51:13.0589 9192 isapnp - ok
10:51:13.0604 9192 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
10:51:13.0607 9192 iScsiPrt - ok
10:51:13.0617 9192 [ A577F5DB30F70ECA9708C07C2EACBD9D ] JRAID C:\Windows\system32\DRIVERS\jraid.sys
10:51:13.0619 9192 JRAID - ok
10:51:13.0629 9192 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
10:51:13.0630 9192 kbdclass - ok
10:51:13.0636 9192 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
10:51:13.0637 9192 kbdhid - ok
10:51:13.0644 9192 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
10:51:13.0645 9192 KeyIso - ok
10:51:13.0677 9192 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
10:51:13.0678 9192 KSecDD - ok
10:51:13.0718 9192 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
10:51:13.0720 9192 KSecPkg - ok
10:51:13.0729 9192 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
10:51:13.0730 9192 ksthunk - ok
10:51:13.0760 9192 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
10:51:13.0764 9192 KtmRm - ok
10:51:13.0789 9192 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
10:51:13.0792 9192 LanmanServer - ok
10:51:13.0809 9192 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:51:13.0811 9192 LanmanWorkstation - ok
10:51:13.0837 9192 [ 83D8BE94E1CBCBE2EA8372DB1A95A159 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
10:51:13.0837 9192 LightScribeService - ok
10:51:13.0851 9192 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
10:51:13.0853 9192 lltdio - ok
10:51:13.0870 9192 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
10:51:13.0873 9192 lltdsvc - ok
10:51:13.0875 9192 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
10:51:13.0876 9192 lmhosts - ok
10:51:13.0894 9192 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
10:51:13.0896 9192 LSI_FC - ok
10:51:13.0903 9192 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
10:51:13.0905 9192 LSI_SAS - ok
10:51:13.0914 9192 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:51:13.0915 9192 LSI_SAS2 - ok
10:51:13.0923 9192 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:51:13.0925 9192 LSI_SCSI - ok
10:51:13.0939 9192 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
10:51:13.0941 9192 luafv - ok
10:51:13.0987 9192 [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
10:51:13.0988 9192 MBAMProtector - ok
10:51:14.0059 9192 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
10:51:14.0063 9192 MBAMScheduler - ok
10:51:14.0090 9192 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
10:51:14.0093 9192 MBAMService - ok
10:51:14.0141 9192 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
10:51:14.0143 9192 Mcx2Svc - ok
10:51:14.0176 9192 [ 7CF1B716372B89568AE4C0FE769F5869 ] MDM C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
10:51:14.0179 9192 MDM - ok
10:51:14.0189 9192 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
10:51:14.0190 9192 megasas - ok
10:51:14.0207 9192 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
10:51:14.0210 9192 MegaSR - ok
10:51:14.0244 9192 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
10:51:14.0246 9192 MEIx64 - ok
10:51:14.0276 9192 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
10:51:14.0278 9192 MMCSS - ok
10:51:14.0295 9192 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
10:51:14.0296 9192 Modem - ok
10:51:14.0310 9192 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
10:51:14.0311 9192 monitor - ok
10:51:14.0313 9192 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
10:51:14.0315 9192 mouclass - ok
10:51:14.0318 9192 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
10:51:14.0319 9192 mouhid - ok
10:51:14.0336 9192 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
10:51:14.0338 9192 mountmgr - ok
10:51:14.0387 9192 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:51:14.0389 9192 MozillaMaintenance - ok
10:51:14.0399 9192 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
10:51:14.0401 9192 mpio - ok
10:51:14.0421 9192 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
10:51:14.0422 9192 mpsdrv - ok
10:51:14.0429 9192 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
10:51:14.0431 9192 MRxDAV - ok
10:51:14.0435 9192 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
10:51:14.0437 9192 mrxsmb - ok
10:51:14.0458 9192 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:51:14.0462 9192 mrxsmb10 - ok
10:51:14.0468 9192 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:51:14.0470 9192 mrxsmb20 - ok
10:51:14.0479 9192 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
10:51:14.0480 9192 msahci - ok
10:51:14.0499 9192 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
10:51:14.0501 9192 msdsm - ok
10:51:14.0513 9192 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
10:51:14.0515 9192 MSDTC - ok
10:51:14.0528 9192 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
10:51:14.0529 9192 Msfs - ok
10:51:14.0533 9192 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
10:51:14.0534 9192 mshidkmdf - ok
10:51:14.0536 9192 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
10:51:14.0537 9192 msisadrv - ok
10:51:14.0552 9192 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
10:51:14.0554 9192 MSiSCSI - ok
10:51:14.0556 9192 msiserver - ok
10:51:14.0573 9192 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
10:51:14.0574 9192 MSKSSRV - ok
10:51:14.0584 9192 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
10:51:14.0585 9192 MSPCLOCK - ok
10:51:14.0598 9192 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
10:51:14.0599 9192 MSPQM - ok
10:51:14.0621 9192 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
10:51:14.0624 9192 MsRPC - ok
10:51:14.0641 9192 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
10:51:14.0642 9192 mssmbios - ok
10:51:14.0647 9192 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
10:51:14.0648 9192 MSTEE - ok
10:51:14.0658 9192 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
10:51:14.0659 9192 MTConfig - ok
10:51:14.0661 9192 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
10:51:14.0662 9192 Mup - ok
10:51:14.0683 9192 [ 38B4C95E821528FB91DF16A78E04450F ] mv91xx C:\Windows\system32\DRIVERS\mv91xx.sys
10:51:14.0686 9192 mv91xx - ok
10:51:14.0709 9192 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
10:51:14.0714 9192 napagent - ok
10:51:14.0737 9192 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
10:51:14.0740 9192 NativeWifiP - ok
10:51:14.0826 9192 [ 3BAE2BFCB6D69E19C8373F635DD544DC ] NBService C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
10:51:14.0833 9192 NBService - ok
10:51:14.0873 9192 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
10:51:14.0881 9192 NDIS - ok
10:51:14.0897 9192 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
10:51:14.0898 9192 NdisCap - ok
10:51:14.0918 9192 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
10:51:14.0919 9192 NdisTapi - ok
10:51:14.0935 9192 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
10:51:14.0936 9192 Ndisuio - ok
10:51:14.0939 9192 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
10:51:14.0942 9192 NdisWan - ok
10:51:14.0959 9192 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
10:51:14.0960 9192 NDProxy - ok
10:51:14.0971 9192 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
10:51:14.0973 9192 NetBIOS - ok
10:51:14.0981 9192 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
10:51:14.0984 9192 NetBT - ok
10:51:14.0994 9192 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
10:51:14.0995 9192 Netlogon - ok
10:51:15.0022 9192 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
10:51:15.0026 9192 Netman - ok
10:51:15.0043 9192 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:51:15.0045 9192 NetMsmqActivator - ok
10:51:15.0048 9192 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:51:15.0049 9192 NetPipeActivator - ok
10:51:15.0068 9192 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
10:51:15.0072 9192 netprofm - ok
10:51:15.0075 9192 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:51:15.0076 9192 NetTcpActivator - ok
10:51:15.0078 9192 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:51:15.0079 9192 NetTcpPortSharing - ok
10:51:15.0129 9192 [ 2263727032E9B19231A706046B8C82D3 ] NetworkX C:\Windows\system32\ckldrv.sys
10:51:15.0131 9192 NetworkX - ok
10:51:15.0136 9192 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
10:51:15.0138 9192 nfrd960 - ok
10:51:15.0175 9192 [ BEEBF29E6F01D2810313B0FD89EC933B ] NitroDriverReadSpool C:\Program Files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe
10:51:15.0178 9192 NitroDriverReadSpool - ok
10:51:15.0195 9192 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
10:51:15.0199 9192 NlaSvc - ok
10:51:15.0277 9192 [ B1EF4686961986DFFB7FE8F18E6FCB5B ] nlsX86cc C:\Windows\SysWOW64\nlssrv32.exe
10:51:15.0279 9192 nlsX86cc - ok
10:51:15.0322 9192 [ 193FA51DDDD0BFFDED1C340F0434999A ] NMIndexingService C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
10:51:15.0325 9192 NMIndexingService - ok
10:51:15.0339 9192 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
10:51:15.0340 9192 Npfs - ok
10:51:15.0350 9192 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
10:51:15.0352 9192 nsi - ok
10:51:15.0362 9192 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
10:51:15.0363 9192 nsiproxy - ok
10:51:15.0404 9192 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
10:51:15.0417 9192 Ntfs - ok
10:51:15.0476 9192 [ 7420B2E1F65642129B6E23BD42F752AA ] ntk_PowerDVD C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys
10:51:15.0478 9192 ntk_PowerDVD - ok
10:51:15.0487 9192 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
10:51:15.0488 9192 Null - ok
10:51:15.0505 9192 [ 158AD24745BD85BA9BE3C51C38F48C32 ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
10:51:15.0507 9192 nusb3hub - ok
10:51:15.0520 9192 [ D40A13B2C0891E218F9523B376955DB6 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
10:51:15.0522 9192 nusb3xhc - ok
10:51:15.0562 9192 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
10:51:15.0564 9192 nvraid - ok
10:51:15.0578 9192 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
10:51:15.0580 9192 nvstor - ok
10:51:15.0609 9192 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
10:51:15.0611 9192 nv_agp - ok
10:51:15.0658 9192 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
10:51:15.0673 9192 odserv - ok
10:51:15.0692 9192 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
10:51:15.0693 9192 ohci1394 - ok
10:51:15.0741 9192 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:51:15.0743 9192 ose - ok
10:51:15.0865 9192 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
10:51:15.0925 9192 osppsvc - ok
10:51:15.0940 9192 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
10:51:15.0943 9192 p2pimsvc - ok
10:51:15.0955 9192 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
10:51:15.0959 9192 p2psvc - ok
10:51:15.0974 9192 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
10:51:15.0976 9192 Parport - ok
10:51:16.0011 9192 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
10:51:16.0013 9192 partmgr - ok
10:51:16.0019 9192 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
10:51:16.0022 9192 PcaSvc - ok
10:51:16.0034 9192 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
10:51:16.0036 9192 pci - ok
10:51:16.0042 9192 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
10:51:16.0043 9192 pciide - ok
10:51:16.0055 9192 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
10:51:16.0058 9192 pcmcia - ok
10:51:16.0060 9192 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
10:51:16.0061 9192 pcw - ok
10:51:16.0088 9192 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
10:51:16.0094 9192 PEAUTH - ok
10:51:16.0138 9192 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
10:51:16.0149 9192 PeerDistSvc - ok
10:51:16.0200 9192 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
10:51:16.0202 9192 PerfHost - ok
10:51:16.0232 9192 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
10:51:16.0244 9192 pla - ok
10:51:16.0282 9192 [ 875E4E0661F3A5994DF9E5E3A0A4F96B ] PLFlash DeviceIoControl Service C:\Windows\SysWOW64\IoctlSvc.exe
10:51:16.0283 9192 PLFlash DeviceIoControl Service - ok
10:51:16.0314 9192 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
10:51:16.0318 9192 PlugPlay - ok
10:51:16.0327 9192 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
10:51:16.0329 9192 PNRPAutoReg - ok
10:51:16.0334 9192 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
10:51:16.0336 9192 PNRPsvc - ok
10:51:16.0393 9192 [ 4F0878FD62D5F7444C5F1C4C66D9D293 ] Point64 C:\Windows\system32\DRIVERS\point64.sys
10:51:16.0394 9192 Point64 - ok
10:51:16.0419 9192 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
10:51:16.0424 9192 PolicyAgent - ok
10:51:16.0444 9192 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
10:51:16.0446 9192 Power - ok
10:51:16.0461 9192 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
10:51:16.0462 9192 PptpMiniport - ok
10:51:16.0477 9192 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
10:51:16.0478 9192 Processor - ok
10:51:16.0526 9192 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
10:51:16.0529 9192 ProfSvc - ok
10:51:16.0536 9192 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
10:51:16.0537 9192 ProtectedStorage - ok
10:51:16.0558 9192 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
10:51:16.0559 9192 Psched - ok
10:51:16.0593 9192 [ 46851BC18322DA70F3F2299A1007C479 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
10:51:16.0594 9192 PxHlpa64 - ok
10:51:16.0623 9192 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
10:51:16.0636 9192 ql2300 - ok
10:51:16.0652 9192 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
10:51:16.0654 9192 ql40xx - ok
10:51:16.0668 9192 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
10:51:16.0671 9192 QWAVE - ok
10:51:16.0677 9192 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
10:51:16.0678 9192 QWAVEdrv - ok
10:51:16.0685 9192 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
10:51:16.0686 9192 RasAcd - ok
10:51:16.0703 9192 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
10:51:16.0705 9192 RasAgileVpn - ok
10:51:16.0717 9192 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
10:51:16.0719 9192 RasAuto - ok
10:51:16.0737 9192 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
10:51:16.0739 9192 Rasl2tp - ok
10:51:16.0758 9192 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
10:51:16.0762 9192 RasMan - ok
10:51:16.0769 9192 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
10:51:16.0770 9192 RasPppoe - ok
10:51:16.0782 9192 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
10:51:16.0783 9192 RasSstp - ok
10:51:16.0795 9192 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
10:51:16.0799 9192 rdbss - ok
10:51:16.0811 9192 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
10:51:16.0812 9192 rdpbus - ok
10:51:16.0817 9192 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
10:51:16.0818 9192 RDPCDD - ok
10:51:16.0827 9192 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
10:51:16.0830 9192 RDPDR - ok
10:51:16.0843 9192 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
10:51:16.0844 9192 RDPENCDD - ok
10:51:16.0855 9192 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
10:51:16.0855 9192 RDPREFMP - ok
10:51:16.0888 9192 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
10:51:16.0890 9192 RDPWD - ok
10:51:16.0914 9192 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
10:51:16.0917 9192 rdyboost - ok
10:51:16.0933 9192 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
10:51:16.0935 9192 RemoteAccess - ok
10:51:16.0946 9192 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
10:51:16.0949 9192 RemoteRegistry - ok
10:51:16.0970 9192 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
10:51:16.0972 9192 RFCOMM - ok
10:51:16.0983 9192 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
10:51:16.0985 9192 RpcEptMapper - ok
10:51:17.0000 9192 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
10:51:17.0001 9192 RpcLocator - ok
10:51:17.0022 9192 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
10:51:17.0025 9192 RpcSs - ok
10:51:17.0034 9192 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
10:51:17.0035 9192 rspndr - ok
10:51:17.0060 9192 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
10:51:17.0061 9192 s3cap - ok
10:51:17.0064 9192 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
10:51:17.0064 9192 SamSs - ok
10:51:17.0128 9192 [ E382F5DB58A759B3E821BAC853DC15DB ] Samsung Network Fax Server C:\Windows\system32\spool\drivers\x64\3\NetFaxServer64.exe
10:51:17.0131 9192 Samsung Network Fax Server - ok
10:51:17.0146 9192 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
10:51:17.0148 9192 sbp2port - ok
10:51:17.0167 9192 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
10:51:17.0170 9192 SCardSvr - ok
10:51:17.0180 9192 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
10:51:17.0181 9192 scfilter - ok
10:51:17.0205 9192 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
10:51:17.0215 9192 Schedule - ok
10:51:17.0235 9192 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
10:51:17.0235 9192 SCPolicySvc - ok
10:51:17.0244 9192 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
10:51:17.0247 9192 SDRSVC - ok
10:51:17.0260 9192 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
10:51:17.0261 9192 secdrv - ok
10:51:17.0268 9192 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
10:51:17.0269 9192 seclogon - ok
10:51:17.0275 9192 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
10:51:17.0277 9192 SENS - ok
10:51:17.0285 9192 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
10:51:17.0287 9192 SensrSvc - ok
10:51:17.0312 9192 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
10:51:17.0313 9192 Serenum - ok
10:51:17.0324 9192 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
10:51:17.0326 9192 Serial - ok
10:51:17.0337 9192 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
10:51:17.0338 9192 sermouse - ok
10:51:17.0351 9192 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
10:51:17.0353 9192 SessionEnv - ok
10:51:17.0364 9192 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
10:51:17.0366 9192 sffdisk - ok
10:51:17.0370 9192 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
10:51:17.0371 9192 sffp_mmc - ok
10:51:17.0380 9192 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
10:51:17.0381 9192 sffp_sd - ok
10:51:17.0393 9192 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
10:51:17.0394 9192 sfloppy - ok
10:51:17.0411 9192 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:51:17.0415 9192 ShellHWDetection - ok
10:51:17.0426 9192 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
10:51:17.0428 9192 SiSRaid2 - ok
10:51:17.0440 9192 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
10:51:17.0442 9192 SiSRaid4 - ok
10:51:17.0458 9192 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
10:51:17.0460 9192 Smb - ok
10:51:17.0489 9192 [ 10450F432811D7FDA60A97FCC674D7B2 ] snapman C:\Windows\system32\DRIVERS\snapman.sys
10:51:17.0492 9192 snapman - ok
10:51:17.0499 9192 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
10:51:17.0500 9192 SNMPTRAP - ok
10:51:17.0506 9192 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
10:51:17.0507 9192 spldr - ok
10:51:17.0525 9192 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
10:51:17.0528 9192 Spooler - ok
10:51:17.0576 9192 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
10:51:17.0620 9192 sppsvc - ok
10:51:17.0656 9192 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
10:51:17.0658 9192 sppuinotify - ok
10:51:17.0720 9192 [ 8978ED1D492B1A430857A43CDD130AED ] SpyHunter 4 Service C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
10:51:17.0729 9192 SpyHunter 4 Service - ok
10:51:17.0764 9192 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
10:51:17.0768 9192 srv - ok
10:51:17.0781 9192 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
10:51:17.0785 9192 srv2 - ok
10:51:17.0794 9192 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
10:51:17.0797 9192 srvnet - ok
10:51:17.0805 9192 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
10:51:17.0808 9192 SSDPSRV - ok
10:51:17.0834 9192 [ 0211AB46B73A2623B86C1CFCB30579AB ] SSPORT C:\Windows\system32\Drivers\SSPORT.sys
10:51:17.0835 9192 SSPORT - ok
10:51:17.0846 9192 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
10:51:17.0848 9192 SstpSvc - ok
10:51:17.0856 9192 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
10:51:17.0857 9192 stexstor - ok
10:51:17.0881 9192 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
10:51:17.0887 9192 stisvc - ok
10:51:17.0893 9192 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
10:51:17.0894 9192 storflt - ok
10:51:17.0910 9192 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
10:51:17.0911 9192 StorSvc - ok
10:51:17.0920 9192 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
10:51:17.0921 9192 storvsc - ok
10:51:17.0923 9192 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
10:51:17.0924 9192 swenum - ok
10:51:17.0940 9192 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
10:51:17.0946 9192 swprv - ok
10:51:17.0985 9192 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
10:51:18.0005 9192 SysMain - ok
10:51:18.0018 9192 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:51:18.0020 9192 TabletInputService - ok
10:51:18.0034 9192 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
10:51:18.0038 9192 TapiSrv - ok
10:51:18.0041 9192 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
10:51:18.0042 9192 TBS - ok
10:51:18.0095 9192 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
10:51:18.0117 9192 Tcpip - ok
10:51:18.0180 9192 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
10:51:18.0187 9192 TCPIP6 - ok
10:51:18.0222 9192 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
10:51:18.0223 9192 tcpipreg - ok
10:51:18.0234 9192 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
10:51:18.0235 9192 TDPIPE - ok
10:51:18.0259 9192 [ 99527D49EE0A96FC25537C61B270A372 ] tdrpman273 C:\Windows\system32\DRIVERS\tdrpm273.sys
10:51:18.0270 9192 tdrpman273 - ok
10:51:18.0306 9192 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
10:51:18.0308 9192 TDTCP - ok
10:51:18.0330 9192 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
10:51:18.0332 9192 tdx - ok
10:51:18.0342 9192 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
10:51:18.0343 9192 TermDD - ok
10:51:18.0361 9192 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
10:51:18.0367 9192 TermService - ok
10:51:18.0377 9192 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
10:51:18.0378 9192 Themes - ok
10:51:18.0393 9192 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
10:51:18.0394 9192 THREADORDER - ok
10:51:18.0437 9192 [ EBBAEA02F0095A798000C7E06B16D41B ] timounter C:\Windows\system32\DRIVERS\timntr.sys
10:51:18.0445 9192 timounter - ok
10:51:18.0460 9192 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
10:51:18.0462 9192 TrkWks - ok
10:51:18.0477 9192 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:51:18.0480 9192 TrustedInstaller - ok
10:51:18.0491 9192 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
10:51:18.0492 9192 tssecsrv - ok
10:51:18.0509 9192 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
10:51:18.0510 9192 TsUsbFlt - ok
10:51:18.0529 9192 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
10:51:18.0531 9192 tunnel - ok
10:51:18.0551 9192 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
10:51:18.0552 9192 uagp35 - ok
10:51:18.0569 9192 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
10:51:18.0573 9192 udfs - ok
10:51:18.0582 9192 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
10:51:18.0584 9192 UI0Detect - ok
10:51:18.0593 9192 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
10:51:18.0595 9192 uliagpkx - ok
10:51:18.0615 9192 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
10:51:18.0616 9192 umbus - ok
10:51:18.0624 9192 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
10:51:18.0625 9192 UmPass - ok
10:51:18.0644 9192 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
10:51:18.0647 9192 UmRdpService - ok
10:51:18.0659 9192 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
10:51:18.0663 9192 upnphost - ok
10:51:18.0697 9192 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
10:51:18.0699 9192 usbaudio - ok
10:51:18.0737 9192 [ B26AFB54A534D634523C4FB66765B026 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
10:51:18.0739 9192 usbccgp - ok
10:51:18.0747 9192 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
10:51:18.0749 9192 usbcir - ok
10:51:18.0764 9192 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
10:51:18.0766 9192 usbehci - ok
10:51:18.0775 9192 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
10:51:18.0779 9192 usbhub - ok
10:51:18.0789 9192 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
10:51:18.0790 9192 usbohci - ok
10:51:18.0804 9192 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
10:51:18.0805 9192 usbprint - ok
10:51:18.0817 9192 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:51:18.0818 9192 USBSTOR - ok
10:51:18.0826 9192 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
10:51:18.0827 9192 usbuhci - ok
10:51:18.0840 9192 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
10:51:18.0841 9192 UxSms - ok
10:51:18.0852 9192 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
10:51:18.0853 9192 VaultSvc - ok
10:51:18.0857 9192 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
10:51:18.0858 9192 vdrvroot - ok
10:51:18.0881 9192 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
10:51:18.0886 9192 vds - ok
10:51:18.0899 9192 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
10:51:18.0900 9192 vga - ok
10:51:18.0921 9192 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
10:51:18.0922 9192 VgaSave - ok
10:51:18.0935 9192 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
10:51:18.0937 9192 vhdmp - ok
10:51:18.0951 9192 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
10:51:18.0952 9192 viaide - ok
10:51:18.0961 9192 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
10:51:18.0963 9192 vmbus - ok
10:51:18.0979 9192 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
10:51:18.0980 9192 VMBusHID - ok
10:51:18.0994 9192 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
10:51:18.0995 9192 volmgr - ok
10:51:19.0008 9192 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
10:51:19.0012 9192 volmgrx - ok
10:51:19.0023 9192 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
10:51:19.0026 9192 volsnap - ok
10:51:19.0039 9192 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
10:51:19.0041 9192 vsmraid - ok
10:51:19.0069 9192 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
10:51:19.0083 9192 VSS - ok
10:51:19.0180 9192 [ 40DBA03782BCC10685A8C200C5EBDCD0 ] vToolbarUpdater12.2.6 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
10:51:19.0186 9192 vToolbarUpdater12.2.6 - ok
10:51:19.0189 9192 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
10:51:19.0190 9192 vwifibus - ok
10:51:19.0209 9192 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
10:51:19.0213 9192 W32Time - ok
10:51:19.0228 9192 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
10:51:19.0229 9192 WacomPen - ok
10:51:19.0258 9192 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
10:51:19.0260 9192 WANARP - ok
10:51:19.0271 9192 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
10:51:19.0272 9192 Wanarpv6 - ok
10:51:19.0311 9192 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
10:51:19.0322 9192 WatAdminSvc - ok
10:51:19.0359 9192 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
10:51:19.0372 9192 wbengine - ok
10:51:19.0392 9192 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
10:51:19.0394 9192 WbioSrvc - ok
10:51:19.0406 9192 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
10:51:19.0410 9192 wcncsvc - ok
10:51:19.0416 9192 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:51:19.0418 9192 WcsPlugInService - ok
10:51:19.0434 9192 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
10:51:19.0435 9192 Wd - ok
10:51:19.0454 9192 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
10:51:19.0459 9192 Wdf01000 - ok
10:51:19.0475 9192 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
10:51:19.0477 9192 WdiServiceHost - ok
10:51:19.0479 9192 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
10:51:19.0481 9192 WdiSystemHost - ok
10:51:19.0491 9192 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
10:51:19.0494 9192 WebClient - ok
10:51:19.0498 9192 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
10:51:19.0501 9192 Wecsvc - ok
10:51:19.0504 9192 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
10:51:19.0506 9192 wercplsupport - ok
10:51:19.0519 9192 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
10:51:19.0521 9192 WerSvc - ok
10:51:19.0528 9192 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
10:51:19.0529 9192 WfpLwf - ok
10:51:19.0545 9192 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
10:51:19.0546 9192 WIMMount - ok
10:51:19.0553 9192 WinHttpAutoProxySvc - ok
10:51:19.0584 9192 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
10:51:19.0586 9192 Winmgmt - ok
10:51:19.0621 9192 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
10:51:19.0647 9192 WinRM - ok
10:51:19.0694 9192 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
10:51:19.0695 9192 WinUsb - ok
10:51:19.0713 9192 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
10:51:19.0721 9192 Wlansvc - ok
10:51:19.0730 9192 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
10:51:19.0731 9192 WmiAcpi - ok
10:51:19.0749 9192 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
10:51:19.0751 9192 wmiApSrv - ok
10:51:19.0762 9192 WMPNetworkSvc - ok
10:51:19.0770 9192 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
10:51:19.0771 9192 WPCSvc - ok
10:51:19.0788 9192 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
10:51:19.0790 9192 WPDBusEnum - ok
10:51:19.0800 9192 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
10:51:19.0801 9192 ws2ifsl - ok
10:51:19.0803 9192 WSearch - ok
10:51:19.0824 9192 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
10:51:19.0826 9192 WudfPf - ok
10:51:19.0840 9192 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
10:51:19.0842 9192 WUDFRd - ok
10:51:19.0849 9192 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
10:51:19.0851 9192 wudfsvc - ok
10:51:19.0866 9192 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
10:51:19.0869 9192 WwanSvc - ok
10:51:19.0904 9192 [ 1870A74EE2901CA09FFBFE79A5EE0E94 ] {329F96B6-DF1E-4328-BFDA-39EA953C1312} C:\Program Files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl
10:51:19.0906 9192 {329F96B6-DF1E-4328-BFDA-39EA953C1312} - ok
10:51:19.0914 9192 ================ Scan global ===============================
10:51:19.0931 9192 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
10:51:19.0950 9192 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
10:51:19.0956 9192 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
10:51:19.0959 9192 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
10:51:19.0989 9192 [ 50BEA589F7D7958BDD2528A8F69D05CC ] C:\Windows\system32\services.exe
10:51:19.0996 9192 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.a ) - infected
10:51:19.0996 9192 C:\Windows\system32\services.exe - detected Virus.Win64.ZAccess.a (0)
10:51:19.0997 9192 ================ Scan MBR ==================================
10:51:20.0012 9192 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:51:20.0150 9192 \Device\Harddisk0\DR0 - ok
10:51:20.0153 9192 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk10\DR10
10:51:20.0963 9192 \Device\Harddisk10\DR10 - ok
10:51:20.0965 9192 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
10:51:20.0968 9192 \Device\Harddisk1\DR1 - ok
10:51:21.0022 9192 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk2\DR2
10:51:21.0611 9192 \Device\Harddisk2\DR2 - ok
10:51:21.0614 9192 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk3\DR3
10:51:21.0617 9192 \Device\Harddisk3\DR3 - ok
10:51:21.0624 9192 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk4\DR4
10:51:21.0718 9192 \Device\Harddisk4\DR4 - ok
10:51:21.0720 9192 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk9\DR9
10:51:21.0724 9192 \Device\Harddisk9\DR9 - ok
10:51:21.0724 9192 ================ Scan VBR ==================================
10:51:21.0725 9192 [ 976208CD861C2E2EE6FD530475D7CDB5 ] \Device\Harddisk0\DR0\Partition1
10:51:21.0726 9192 \Device\Harddisk0\DR0\Partition1 - ok
10:51:21.0731 9192 [ 22C85D8C703B922B10CF384CBA19C7AD ] \Device\Harddisk0\DR0\Partition2
10:51:21.0732 9192 \Device\Harddisk0\DR0\Partition2 - ok
10:51:21.0734 9192 [ E584753709112500724AFD4CC4EFB3AB ] \Device\Harddisk10\DR10\Partition1
10:51:21.0735 9192 \Device\Harddisk10\DR10\Partition1 - ok
10:51:21.0737 9192 [ FEA436FDD94B6E23C8476E5861876054 ] \Device\Harddisk10\DR10\Partition2
10:51:21.0739 9192 \Device\Harddisk10\DR10\Partition2 - ok
10:51:21.0741 9192 [ 68C5ED907F51EF06204EE3A7E02C8912 ] \Device\Harddisk10\DR10\Partition3
10:51:21.0743 9192 \Device\Harddisk10\DR10\Partition3 - ok
10:51:21.0745 9192 [ 86E3888C2D2DCEB7F660302751B2134D ] \Device\Harddisk1\DR1\Partition1
10:51:21.0746 9192 \Device\Harddisk1\DR1\Partition1 - ok
10:51:21.0747 9192 [ 36ADAEB78EDF7D3B0A2986F78C79AC1B ] \Device\Harddisk2\DR2\Partition1
10:51:21.0749 9192 \Device\Harddisk2\DR2\Partition1 - ok
10:51:21.0751 9192 [ D54D9DF5CA299DB7C13194AD89CC60E9 ] \Device\Harddisk3\DR3\Partition1
10:51:21.0753 9192 \Device\Harddisk3\DR3\Partition1 - ok
10:51:21.0756 9192 [ 7F956E1565AF668598CF4A5798ED0AB9 ] \Device\Harddisk4\DR4\Partition1
10:51:21.0757 9192 \Device\Harddisk4\DR4\Partition1 - ok
10:51:21.0759 9192 [ E164E88244109D1A7AE90911B0A39848 ] \Device\Harddisk9\DR9\Partition1
10:51:21.0761 9192 \Device\Harddisk9\DR9\Partition1 - ok
10:51:21.0761 9192 ============================================================
10:51:21.0761 9192 Scan finished
10:51:21.0761 9192 ============================================================
10:51:21.0766 4916 Detected object count: 1
10:51:21.0767 4916 Actual detected object count: 1
10:51:53.0437 4916 C:\Windows\system32\services.exe - copied to quarantine
10:51:54.0062 4916 C:\Windows\installer\{06ed06b2-89f5-4411-ae3d-c2291cfae50c}\@ - copied to quarantine
10:51:54.0075 4916 C:\Windows\installer\{06ed06b2-89f5-4411-ae3d-c2291cfae50c}\L\00000004.@ - copied to quarantine
10:51:54.0076 4916 C:\Windows\installer\{06ed06b2-89f5-4411-ae3d-c2291cfae50c}\L\201d3dde - copied to quarantine
10:51:54.0077 4916 C:\Windows\installer\{06ed06b2-89f5-4411-ae3d-c2291cfae50c}\U\00000004.@ - copied to quarantine
10:51:54.0078 4916 C:\Windows\installer\{06ed06b2-89f5-4411-ae3d-c2291cfae50c}\U\00000008.@ - copied to quarantine
10:51:54.0079 4916 C:\Windows\installer\{06ed06b2-89f5-4411-ae3d-c2291cfae50c}\U\000000cb.@ - copied to quarantine
10:51:54.0081 4916 C:\Windows\installer\{06ed06b2-89f5-4411-ae3d-c2291cfae50c}\U\80000000.@ - copied to quarantine
10:51:54.0082 4916 C:\Windows\installer\{06ed06b2-89f5-4411-ae3d-c2291cfae50c}\U\80000064.@ - copied to quarantine
10:52:18.0363 4916 Backup copy not found, trying to cure infected file..
10:52:18.0363 4916 C:\Windows\system32\services.exe - Cure failed (FFFFFFFF)
10:52:18.0363 4916 C:\Windows\system32\services.exe - processing error
10:52:18.0363 4916 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.a ) - User select action: Cure
10:53:08.0315 0896 ============================================================
10:53:08.0315 0896 Scan started
10:53:08.0316 0896 Mode: Manual;
10:53:08.0316 0896 ============================================================
10:53:08.0901 0896 ================ Scan system memory ========================
10:53:08.0901 0896 System memory - ok
10:53:08.0902 0896 ================ Scan services =============================
10:53:08.0991 0896 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
10:53:08.0993 0896 1394ohci - ok
10:53:09.0021 0896 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
10:53:09.0022 0896 ACPI - ok
10:53:09.0043 0896 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
10:53:09.0043 0896 AcpiPmi - ok
10:53:09.0095 0896 [ B07B9F3B2B94E4FC5B0F496DDD65ADF2 ] AcrSch2Svc C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
10:53:09.0100 0896 AcrSch2Svc - ok
10:53:09.0186 0896 [ 9E100616B5075228BFED1CC5738AAD8B ] ADExchange C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe
10:53:09.0187 0896 ADExchange - ok
10:53:09.0211 0896 [ 8B46D5A1D3EF08232C04D0EAFB871FB2 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
10:53:09.0212 0896 Adobe LM Service - ok
10:53:09.0280 0896 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:53:09.0281 0896 AdobeFlashPlayerUpdateSvc - ok
10:53:09.0302 0896 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
10:53:09.0304 0896 adp94xx - ok
10:53:09.0317 0896 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
10:53:09.0319 0896 adpahci - ok
10:53:09.0335 0896 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
10:53:09.0336 0896 adpu320 - ok
10:53:09.0346 0896 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
10:53:09.0347 0896 AeLookupSvc - ok
10:53:09.0361 0896 [ AE1FCE2CD1E99BEA89183BA8CD320872 ] afcdp C:\Windows\system32\DRIVERS\afcdp.sys
10:53:09.0362 0896 afcdp - ok
10:53:09.0405 0896 [ AF44F7E027037628F1FAC3C13CDE73E6 ] afcdpsrv C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
10:53:09.0417 0896 afcdpsrv - ok
10:53:09.0460 0896 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
10:53:09.0462 0896 AFD - ok
10:53:09.0473 0896 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
10:53:09.0474 0896 agp440 - ok
10:53:09.0488 0896 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
10:53:09.0488 0896 ALG - ok
10:53:09.0499 0896 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
10:53:09.0499 0896 aliide - ok
10:53:09.0535 0896 [ B3B263B419FC9E7B1D41E61FDAE45BD9 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
10:53:09.0536 0896 AMD External Events Utility - ok
10:53:09.0546 0896 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
10:53:09.0546 0896 amdide - ok
10:53:09.0558 0896 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
10:53:09.0558 0896 AmdK8 - ok
10:53:09.0709 0896 [ 9A6E9363F7A5E5A06629D9DDC76EE6B5 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
10:53:09.0745 0896 amdkmdag - ok
10:53:09.0758 0896 [ 957A4C13E1981B1701E600EF1E823C68 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
10:53:09.0759 0896 amdkmdap - ok
10:53:09.0762 0896 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
10:53:09.0762 0896 AmdPPM - ok
10:53:09.0802 0896 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
10:53:09.0803 0896 amdsata - ok
10:53:09.0820 0896 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
10:53:09.0821 0896 amdsbs - ok
10:53:09.0823 0896 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
10:53:09.0823 0896 amdxata - ok
10:53:09.0841 0896 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
10:53:09.0842 0896 AppID - ok
10:53:09.0854 0896 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
10:53:09.0854 0896 AppIDSvc - ok
10:53:09.0862 0896 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
10:53:09.0862 0896 Appinfo - ok
10:53:09.0866 0896 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
10:53:09.0867 0896 AppMgmt - ok
10:53:09.0881 0896 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
10:53:09.0882 0896 arc - ok
10:53:09.0893 0896 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
10:53:09.0894 0896 arcsas - ok
10:53:09.0933 0896 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:53:09.0934 0896 aspnet_state - ok
10:53:09.0940 0896 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
10:53:09.0940 0896 AsyncMac - ok
10:53:09.0951 0896 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
10:53:09.0951 0896 atapi - ok
10:53:09.0963 0896 [ AAAE03F8EDA817EC28C5445193EA8BF3 ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys
10:53:09.0963 0896 AthBTPort - ok
10:53:09.0974 0896 [ 4ECC791539F23982411864037D1AC8FC ] ATHDFU C:\Windows\system32\Drivers\AthDfu.sys
10:53:09.0974 0896 ATHDFU - ok
10:53:09.0997 0896 [ C34B28D6285EAD94B3A2FABA84E90DA5 ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
10:53:09.0998 0896 AtherosSvc - ok
10:53:10.0009 0896 [ B0790FF0E25B7A2674296052F2162C1A ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
10:53:10.0010 0896 AtiHDAudioService - ok
10:53:10.0034 0896 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:53:10.0037 0896 AudioEndpointBuilder - ok
10:53:10.0044 0896 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
10:53:10.0047 0896 AudioSrv - ok
10:53:10.0129 0896 [ F431DC5D94F4B2FDBC927655D8A9B10E ] Autodesk Content Service C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
10:53:10.0130 0896 Autodesk Content Service - ok
10:53:10.0155 0896 [ 3D1FFAA3358CA0D8A298DEA8BECFC468 ] Avgfwfd C:\Windows\system32\DRIVERS\avgfwd6a.sys
10:53:10.0156 0896 Avgfwfd - ok
10:53:10.0230 0896 [ 2E0DB82F4254FF91E153F331BA9B2D6E ] avgfws C:\Program Files (x86)\AVG\AVG2013\avgfws.exe
10:53:10.0235 0896 avgfws - ok
10:53:10.0337 0896 [ B41F0E54105801538D56623271A0AE49 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
10:53:10.0358 0896 AVGIDSAgent - ok
10:53:10.0401 0896 [ F1A99DA71E6549D7D944596E15142866 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
10:53:10.0402 0896 AVGIDSDriver - ok
10:53:10.0427 0896 [ E6CB84918C1ABE84AAAF749D2EA4E764 ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
10:53:10.0427 0896 AVGIDSHA - ok
10:53:10.0464 0896 [ 5989592A91A17587799792A81E1541D4 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
10:53:10.0465 0896 Avgldx64 - ok
10:53:10.0504 0896 [ 3FC43AA02545FCDDC22817829114DEC8 ] Avgloga C:\Windows\system32\DRIVERS\avgloga.sys
10:53:10.0505 0896 Avgloga - ok
10:53:10.0536 0896 [ EAFF19168F26FA225EB679547B718051 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
10:53:10.0536 0896 Avgmfx64 - ok
10:53:10.0544 0896 [ FE4F444DBE4BBBDFD8FECF49398DEFC7 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
10:53:10.0545 0896 Avgrkx64 - ok
10:53:10.0587 0896 [ 6E634525613D48A1D1657FB21F21F3B2 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
10:53:10.0588 0896 Avgtdia - ok
10:53:10.0625 0896 [ DE24B2CA078FC6A7EAA53B1DFD3F61CF ] avgtp C:\Windows\system32\drivers\avgtpx64.sys
10:53:10.0625 0896 avgtp - ok
10:53:10.0663 0896 [ 0D2EB149AFF89A307E5D82D0A2B78439 ] avgwd C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
10:53:10.0664 0896 avgwd - ok
10:53:10.0681 0896 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
10:53:10.0682 0896 AxInstSV - ok
10:53:10.0700 0896 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
10:53:10.0702 0896 b06bdrv - ok
10:53:10.0716 0896 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
10:53:10.0718 0896 b57nd60a - ok
10:53:10.0730 0896 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
10:53:10.0731 0896 BDESVC - ok
10:53:10.0736 0896 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
10:53:10.0736 0896 Beep - ok
10:53:10.0744 0896 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
10:53:10.0745 0896 blbdrive - ok
10:53:10.0756 0896 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
10:53:10.0757 0896 bowser - ok
10:53:10.0767 0896 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:53:10.0768 0896 BrFiltLo - ok
10:53:10.0778 0896 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:53:10.0778 0896 BrFiltUp - ok
10:53:10.0800 0896 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll
10:53:10.0801 0896 Browser - ok
10:53:10.0816 0896 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
10:53:10.0818 0896 Brserid - ok
10:53:10.0820 0896 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
10:53:10.0820 0896 BrSerWdm - ok
10:53:10.0823 0896 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
10:53:10.0823 0896 BrUsbMdm - ok
10:53:10.0825 0896 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
10:53:10.0825 0896 BrUsbSer - ok
10:53:10.0871 0896 [ 3B1B573371B206D1D5F25E0EF5FCD6D6 ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys
10:53:10.0872 0896 BTATH_A2DP - ok
10:53:10.0889 0896 [ 2D0446336D9DB55A742B999EC16ADF15 ] BTATH_BUS C:\Windows\system32\DRIVERS\btath_bus.sys
10:53:10.0890 0896 BTATH_BUS - ok
10:53:10.0893 0896 [ 9A9694BBEB2849EAF95DFFCAE5DF02AD ] BTATH_HCRP C:\Windows\system32\DRIVERS\btath_hcrp.sys
10:53:10.0894 0896 BTATH_HCRP - ok
10:53:10.0911 0896 [ FC0A8075DDF2E9C66267AEC91E0676F9 ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys
10:53:10.0911 0896 BTATH_LWFLT - ok
10:53:10.0923 0896 [ 5EB4815CBDDBA4541F2380DAE6E269AB ] BTATH_RCP C:\Windows\system32\DRIVERS\btath_rcp.sys
10:53:10.0924 0896 BTATH_RCP - ok
10:53:10.0940 0896 [ 0ECEDE7B33CFD9A52A61220ABBD09A50 ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys
10:53:10.0941 0896 BtFilter - ok
10:53:10.0956 0896 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
10:53:10.0956 0896 BthEnum - ok
10:53:10.0959 0896 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
10:53:10.0959 0896 BTHMODEM - ok
10:53:10.0971 0896 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
10:53:10.0972 0896 BthPan - ok
10:53:10.0990 0896 [ 64C198198501F7560EE41D8D1EFA7952 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
10:53:10.0992 0896 BTHPORT - ok
10:53:11.0009 0896 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
10:53:11.0010 0896 bthserv - ok
10:53:11.0027 0896 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
10:53:11.0028 0896 BTHUSB - ok
10:53:11.0040 0896 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
10:53:11.0041 0896 cdfs - ok
10:53:11.0061 0896 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
10:53:11.0062 0896 cdrom - ok
10:53:11.0074 0896 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
10:53:11.0074 0896 CertPropSvc - ok
10:53:11.0077 0896 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
10:53:11.0078 0896 circlass - ok
10:53:11.0086 0896 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
10:53:11.0088 0896 CLFS - ok
10:53:11.0151 0896 [ 4AA6694FB767BBFF6A8EF080806447BD ] CLHNServiceForPowerDVD C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe
10:53:11.0152 0896 CLHNServiceForPowerDVD - ok
10:53:11.0191 0896 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:53:11.0192 0896 clr_optimization_v2.0.50727_32 - ok
10:53:11.0238 0896 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:53:11.0239 0896 clr_optimization_v2.0.50727_64 - ok
10:53:11.0271 0896 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:53:11.0272 0896 clr_optimization_v4.0.30319_32 - ok
10:53:11.0285 0896 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:53:11.0286 0896 clr_optimization_v4.0.30319_64 - ok
10:53:11.0299 0896 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
10:53:11.0299 0896 CmBatt - ok
10:53:11.0306 0896 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
10:53:11.0306 0896 cmdide - ok
10:53:11.0347 0896 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
10:53:11.0349 0896 CNG - ok
10:53:11.0365 0896 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
10:53:11.0366 0896 Compbatt - ok
10:53:11.0368 0896 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
10:53:11.0368 0896 CompositeBus - ok
10:53:11.0371 0896 COMSysApp - ok
10:53:11.0380 0896 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
10:53:11.0380 0896 crcdisk - ok
10:53:11.0382 0896 Crypkey License - ok
10:53:11.0412 0896 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
10:53:11.0413 0896 CryptSvc - ok
10:53:11.0431 0896 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
10:53:11.0433 0896 CSC - ok
10:53:11.0461 0896 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
10:53:11.0463 0896 CscService - ok
10:53:11.0486 0896 [ D3484412EAE43685E3AD304C9979F30E ] CyberLink PowerDVD 11.0 Monitor Service C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe
10:53:11.0487 0896 CyberLink PowerDVD 11.0 Monitor Service - ok
10:53:11.0502 0896 [ 4B0F03AF88FF89441EF57175849C3961 ] CyberLink PowerDVD 11.0 Service C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe
10:53:11.0504 0896 CyberLink PowerDVD 11.0 Service - ok
10:53:11.0527 0896 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
10:53:11.0530 0896 DcomLaunch - ok
10:53:11.0540 0896 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] DEFRAGSVC C:\Windows\System32\defragsvc.dll
10:53:11.0542 0896 DEFRAGSVC - ok
10:53:11.0552 0896 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
10:53:11.0553 0896 DfsC - ok
10:53:11.0569 0896 [ 2D589A2C024B2FB238535DB9F7B3597D ] DgiVecp C:\Windows\system32\Drivers\DgiVecp.sys
10:53:11.0569 0896 DgiVecp - ok
10:53:11.0582 0896 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
10:53:11.0583 0896 Dhcp - ok
10:53:11.0595 0896 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
10:53:11.0595 0896 discache - ok
10:53:11.0612 0896 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
10:53:11.0613 0896 Disk - ok
10:53:11.0632 0896 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
10:53:11.0633 0896 Dnscache - ok
10:53:11.0653 0896 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
10:53:11.0654 0896 dot3svc - ok
10:53:11.0666 0896 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
10:53:11.0666 0896 DPS - ok
10:53:11.0688 0896 [ B123656688D67DF3A08FE5912203F71B ] DragonSvc C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
10:53:11.0690 0896 DragonSvc - ok
10:53:11.0715 0896 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
10:53:11.0716 0896 drmkaud - ok
10:53:11.0747 0896 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
10:53:11.0749 0896 dtsoftbus01 - ok
10:53:11.0776 0896 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
10:53:11.0780 0896 DXGKrnl - ok
10:53:11.0793 0896 [ 6BAFD9819D9FEC2EDBAEBC8493C711A4 ] e1cexpress C:\Windows\system32\DRIVERS\e1c62x64.sys
10:53:11.0794 0896 e1cexpress - ok
10:53:11.0806 0896 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
10:53:11.0807 0896 EapHost - ok
10:53:11.0877 0896 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
10:53:11.0889 0896 ebdrv - ok
10:53:11.0908 0896 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
10:53:11.0909 0896 EFS - ok
10:53:11.0935 0896 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
10:53:11.0938 0896 ehRecvr - ok
10:53:11.0958 0896 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
10:53:11.0959 0896 ehSched - ok
10:53:11.0975 0896 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
10:53:11.0978 0896 elxstor - ok
10:53:11.0999 0896 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
10:53:12.0000 0896 ErrDev - ok
10:53:12.0050 0896 [ DF96C3CD6AE15F6D0A6BCB70F9C1E88D ] esgiguard C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys
10:53:12.0051 0896 esgiguard - ok
10:53:12.0076 0896 [ 3B32CAA07D672F8A2E0DF5CB3A873F45 ] EsgScanner C:\Windows\system32\DRIVERS\EsgScanner.sys
10:53:12.0077 0896 EsgScanner - ok
10:53:12.0102 0896 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
10:53:12.0104 0896 EventSystem - ok
10:53:12.0121 0896 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
10:53:12.0122 0896 exfat - ok
10:53:12.0133 0896 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
10:53:12.0134 0896 fastfat - ok
10:53:12.0150 0896 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
10:53:12.0153 0896 Fax - ok
10:53:12.0163 0896 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
10:53:12.0163 0896 fdc - ok
10:53:12.0180 0896 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
10:53:12.0180 0896 fdPHost - ok
10:53:12.0189 0896 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
10:53:12.0190 0896 FDResPub - ok
10:53:12.0201 0896 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
10:53:12.0202 0896 FileInfo - ok
10:53:12.0214 0896 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
10:53:12.0214 0896 Filetrace - ok
10:53:12.0261 0896 [ BB0667B0171B632B97EA759515476F07 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
10:53:12.0264 0896 FLEXnet Licensing Service - ok
10:53:12.0313 0896 [ 64AB6F28047744B9B19C97459C2AB31B ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
10:53:12.0318 0896 FLEXnet Licensing Service 64 - ok
10:53:12.0321 0896 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
10:53:12.0321 0896 flpydisk - ok
10:53:12.0347 0896 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
10:53:12.0348 0896 FltMgr - ok
10:53:12.0378 0896 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
10:53:12.0382 0896 FontCache - ok
10:53:12.0407 0896 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:53:12.0408 0896 FontCache3.0.0.0 - ok
10:53:12.0418 0896 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
10:53:12.0418 0896 FsDepends - ok
10:53:12.0458 0896 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
10:53:12.0458 0896 Fs_Rec - ok
10:53:12.0477 0896 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
10:53:12.0478 0896 fvevol - ok
10:53:12.0487 0896 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
10:53:12.0487 0896 gagp30kx - ok
10:53:12.0559 0896 [ 859EB508AFD5E26298B6B902D46F6535 ] GladFileMonSvc C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladFileMonSvc.exe
10:53:12.0559 0896 GladFileMonSvc - ok
10:53:12.0582 0896 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
10:53:12.0585 0896 gpsvc - ok
10:53:12.0601 0896 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
10:53:12.0601 0896 hcw85cir - ok
10:53:12.0635 0896 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:53:12.0637 0896 HdAudAddService - ok
10:53:12.0656 0896 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
10:53:12.0657 0896 HDAudBus - ok
10:53:12.0667 0896 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
10:53:12.0668 0896 HidBatt - ok
10:53:12.0681 0896 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
10:53:12.0681 0896 HidBth - ok
10:53:12.0693 0896 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
10:53:12.0694 0896 HidIr - ok
10:53:12.0711 0896 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
10:53:12.0711 0896 hidserv - ok
10:53:12.0717 0896 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
10:53:12.0717 0896 HidUsb - ok
10:53:12.0742 0896 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
10:53:12.0743 0896 hkmsvc - ok
10:53:12.0761 0896 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:53:12.0762 0896 HomeGroupListener - ok
10:53:12.0787 0896 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:53:12.0788 0896 HomeGroupProvider - ok
10:53:12.0802 0896 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
10:53:12.0803 0896 HpSAMD - ok
10:53:12.0825 0896 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
10:53:12.0828 0896 HTTP - ok
10:53:12.0843 0896 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
10:53:12.0843 0896 hwpolicy - ok
10:53:12.0846 0896 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
10:53:12.0846 0896 i8042prt - ok
10:53:12.0867 0896 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
10:53:12.0868 0896 iaStorV - ok
10:53:12.0887 0896 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:53:12.0890 0896 idsvc - ok
10:53:12.0901 0896 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
10:53:12.0901 0896 iirsp - ok
10:53:12.0923 0896 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
10:53:12.0927 0896 IKEEXT - ok
10:53:12.0978 0896 [ DAB7318CCFA8081200D5B7B486793F74 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
10:53:12.0987 0896 IntcAzAudAddService - ok
10:53:12.0998 0896 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
10:53:12.0998 0896 intelide - ok
10:53:13.0001 0896 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
10:53:13.0001 0896 intelppm - ok
10:53:13.0024 0896 [ 068EC06F3B6DD7B81B365D8FD2CE27E6 ] Intel® PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
10:53:13.0025 0896 Intel® PROSet Monitoring Service - ok
10:53:13.0046 0896 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
10:53:13.0047 0896 IPBusEnum - ok
10:53:13.0060 0896 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:53:13.0061 0896 IpFilterDriver - ok
10:53:13.0069 0896 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
10:53:13.0069 0896 IPMIDRV - ok
10:53:13.0080 0896 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
10:53:13.0081 0896 IPNAT - ok
10:53:13.0094 0896 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
10:53:13.0094 0896 IRENUM - ok
10:53:13.0103 0896 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
10:53:13.0103 0896 isapnp - ok
10:53:13.0119 0896 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
10:53:13.0120 0896 iScsiPrt - ok
10:53:13.0131 0896 [ A577F5DB30F70ECA9708C07C2EACBD9D ] JRAID C:\Windows\system32\DRIVERS\jraid.sys
10:53:13.0132 0896 JRAID - ok
10:53:13.0143 0896 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
10:53:13.0144 0896 kbdclass - ok
10:53:13.0146 0896 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
10:53:13.0147 0896 kbdhid - ok
10:53:13.0151 0896 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
10:53:13.0151 0896 KeyIso - ok
10:53:13.0183 0896 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
10:53:13.0183 0896 KSecDD - ok
10:53:13.0225 0896 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
10:53:13.0225 0896 KSecPkg - ok
10:53:13.0235 0896 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
10:53:13.0236 0896 ksthunk - ok
10:53:13.0263 0896 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
10:53:13.0265 0896 KtmRm - ok
10:53:13.0287 0896 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
10:53:13.0288 0896 LanmanServer - ok
10:53:13.0307 0896 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:53:13.0308 0896 LanmanWorkstation - ok
10:53:13.0326 0896 [ 83D8BE94E1CBCBE2EA8372DB1A95A159 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
10:53:13.0327 0896 LightScribeService - ok
10:53:13.0333 0896 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
10:53:13.0333 0896 lltdio - ok
10:53:13.0343 0896 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
10:53:13.0344 0896 lltdsvc - ok
10:53:13.0346 0896 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
10:53:13.0347 0896 lmhosts - ok
10:53:13.0359 0896 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
10:53:13.0360 0896 LSI_FC - ok
10:53:13.0368 0896 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
10:53:13.0368 0896 LSI_SAS - ok
10:53:13.0379 0896 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:53:13.0379 0896 LSI_SAS2 - ok
10:53:13.0388 0896 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:53:13.0388 0896 LSI_SCSI - ok
10:53:13.0403 0896 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
10:53:13.0404 0896 luafv - ok
10:53:13.0434 0896 [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
10:53:13.0435 0896 MBAMProtector - ok
10:53:13.0474 0896 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
10:53:13.0476 0896 MBAMScheduler - ok
10:53:13.0496 0896 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
10:53:13.0499 0896 MBAMService - ok
10:53:13.0556 0896 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
10:53:13.0557 0896 Mcx2Svc - ok
10:53:13.0590 0896 [ 7CF1B716372B89568AE4C0FE769F5869 ] MDM C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
10:53:13.0592 0896 MDM - ok
10:53:13.0612 0896 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
10:53:13.0612 0896 megasas - ok
10:53:13.0630 0896 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
10:53:13.0632 0896 MegaSR - ok
10:53:13.0651 0896 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
10:53:13.0651 0896 MEIx64 - ok
10:53:13.0658 0896 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
10:53:13.0659 0896 MMCSS - ok
10:53:13.0676 0896 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
10:53:13.0677 0896 Modem - ok
10:53:13.0700 0896 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
10:53:13.0700 0896 monitor - ok
10:53:13.0703 0896 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
10:53:13.0703 0896 mouclass - ok
10:53:13.0705 0896 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
10:53:13.0706 0896 mouhid - ok
10:53:13.0726 0896 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
10:53:13.0727 0896 mountmgr - ok
10:53:13.0777 0896 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:53:13.0778 0896 MozillaMaintenance - ok
10:53:13.0789 0896 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
10:53:13.0790 0896 mpio - ok
10:53:13.0802 0896 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
10:53:13.0803 0896 mpsdrv - ok
10:53:13.0818 0896 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
10:53:13.0819 0896 MRxDAV - ok
10:53:13.0824 0896 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
10:53:13.0825 0896 mrxsmb - ok
10:53:13.0848 0896 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:53:13.0849 0896 mrxsmb10 - ok
10:53:13.0858 0896 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:53:13.0858 0896 mrxsmb20 - ok
10:53:13.0868 0896 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
10:53:13.0869 0896 msahci - ok
10:53:13.0888 0896 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
10:53:13.0889 0896 msdsm - ok
10:53:13.0903 0896 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
10:53:13.0904 0896 MSDTC - ok
10:53:13.0917 0896 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
10:53:13.0918 0896 Msfs - ok
10:53:13.0923 0896 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
10:53:13.0923 0896 mshidkmdf - ok
10:53:13.0925 0896 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
10:53:13.0926 0896 msisadrv - ok
10:53:13.0942 0896 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
10:53:13.0943 0896 MSiSCSI - ok
10:53:13.0945 0896 msiserver - ok
10:53:13.0963 0896 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
10:53:13.0963 0896 MSKSSRV - ok
10:53:13.0973 0896 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
10:53:13.0974 0896 MSPCLOCK - ok
10:53:13.0979 0896 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
10:53:13.0980 0896 MSPQM - ok
10:53:14.0002 0896 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
10:53:14.0004 0896 MsRPC - ok
10:53:14.0014 0896 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
10:53:14.0015 0896 mssmbios - ok
10:53:14.0028 0896 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
10:53:14.0029 0896 MSTEE - ok
10:53:14.0039 0896 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
10:53:14.0040 0896 MTConfig - ok
10:53:14.0042 0896 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
10:53:14.0043 0896 Mup - ok
10:53:14.0056 0896 [ 38B4C95E821528FB91DF16A78E04450F ] mv91xx C:\Windows\system32\DRIVERS\mv91xx.sys
10:53:14.0057 0896 mv91xx - ok
10:53:14.0082 0896 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
10:53:14.0084 0896 napagent - ok
10:53:14.0102 0896 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
10:53:14.0103 0896 NativeWifiP - ok
10:53:14.0174 0896 [ 3BAE2BFCB6D69E19C8373F635DD544DC ] NBService C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
10:53:14.0177 0896 NBService - ok
10:53:14.0205 0896 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
10:53:14.0208 0896 NDIS - ok
10:53:14.0220 0896 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
10:53:14.0220 0896 NdisCap - ok
10:53:14.0232 0896 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
10:53:14.0233 0896 NdisTapi - ok
10:53:14.0241 0896 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
10:53:14.0242 0896 Ndisuio - ok
10:53:14.0245 0896 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
10:53:14.0246 0896 NdisWan - ok
10:53:14.0265 0896 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
10:53:14.0266 0896 NDProxy - ok
10:53:14.0277 0896 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
10:53:14.0278 0896 NetBIOS - ok
10:53:14.0288 0896 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
10:53:14.0289 0896 NetBT - ok
10:53:14.0301 0896 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
10:53:14.0301 0896 Netlogon - ok
10:53:14.0320 0896 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
10:53:14.0322 0896 Netman - ok
10:53:14.0333 0896 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:53:14.0334 0896 NetMsmqActivator - ok
10:53:14.0336 0896 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:53:14.0337 0896 NetPipeActivator - ok
10:53:14.0349 0896 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
10:53:14.0351 0896 netprofm - ok
10:53:14.0354 0896 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:53:14.0355 0896 NetTcpActivator - ok
10:53:14.0357 0896 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:53:14.0358 0896 NetTcpPortSharing - ok
10:53:14.0394 0896 [ 2263727032E9B19231A706046B8C82D3 ] NetworkX C:\Windows\system32\ckldrv.sys
10:53:14.0395 0896 NetworkX - ok
10:53:14.0401 0896 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
10:53:14.0402 0896 nfrd960 - ok
10:53:14.0431 0896 [ BEEBF29E6F01D2810313B0FD89EC933B ] NitroDriverReadSpool C:\Program Files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe
10:53:14.0433 0896 NitroDriverReadSpool - ok
10:53:14.0451 0896 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
10:53:14.0453 0896 NlaSvc - ok
10:53:14.0517 0896 [ B1EF4686961986DFFB7FE8F18E6FCB5B ] nlsX86cc C:\Windows\SysWOW64\nlssrv32.exe
10:53:14.0518 0896 nlsX86cc - ok
10:53:14.0562 0896 [ 193FA51DDDD0BFFDED1C340F0434999A ] NMIndexingService C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
10:53:14.0563 0896 NMIndexingService - ok
10:53:14.0578 0896 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
10:53:14.0579 0896 Npfs - ok
10:53:14.0590 0896 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
10:53:14.0591 0896 nsi - ok
10:53:14.0602 0896 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
10:53:14.0603 0896 nsiproxy - ok
10:53:14.0643 0896 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
10:53:14.0649 0896 Ntfs - ok
10:53:14.0691 0896 [ 7420B2E1F65642129B6E23BD42F752AA ] ntk_PowerDVD C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys
10:53:14.0691 0896 ntk_PowerDVD - ok
10:53:14.0702 0896 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
10:53:14.0702 0896 Null - ok
10:53:14.0712 0896 [ 158AD24745BD85BA9BE3C51C38F48C32 ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
10:53:14.0712 0896 nusb3hub - ok
10:53:14.0718 0896 [ D40A13B2C0891E218F9523B376955DB6 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
10:53:14.0719 0896 nusb3xhc - ok
10:53:14.0744 0896 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
10:53:14.0744 0896 nvraid - ok
10:53:14.0751 0896 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
10:53:14.0752 0896 nvstor - ok
10:53:14.0774 0896 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
10:53:14.0774 0896 nv_agp - ok
10:53:14.0814 0896 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
10:53:14.0816 0896 odserv - ok
10:53:14.0848 0896 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
10:53:14.0849 0896 ohci1394 - ok
10:53:14.0889 0896 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:53:14.0890 0896 ose - ok
10:53:15.0005 0896 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
10:53:15.0022 0896 osppsvc - ok
10:53:15.0055 0896 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
10:53:15.0056 0896 p2pimsvc - ok
10:53:15.0069 0896 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
10:53:15.0072 0896 p2psvc - ok
10:53:15.0080 0896 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
10:53:15.0081 0896 Parport - ok
10:53:15.0101 0896 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
10:53:15.0101 0896 partmgr - ok
10:53:15.0125 0896 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
10:53:15.0127 0896 PcaSvc - ok
10:53:15.0132 0896 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
10:53:15.0133 0896 pci - ok
10:53:15.0140 0896 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
10:53:15.0140 0896 pciide - ok
10:53:15.0153 0896 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
10:53:15.0154 0896 pcmcia - ok
10:53:15.0156 0896 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
10:53:15.0157 0896 pcw - ok
10:53:15.0178 0896 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
10:53:15.0181 0896 PEAUTH - ok
10:53:15.0202 0896 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
10:53:15.0208 0896 PeerDistSvc - ok
10:53:15.0223 0896 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
10:53:15.0224 0896 PerfHost - ok
10:53:15.0255 0896 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
10:53:15.0261 0896 pla - ok
10:53:15.0272 0896 [ 875E4E0661F3A5994DF9E5E3A0A4F96B ] PLFlash DeviceIoControl Service C:\Windows\SysWOW64\IoctlSvc.exe
10:53:15.0273 0896 PLFlash DeviceIoControl Service - ok
10:53:15.0295 0896 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
10:53:15.0297 0896 PlugPlay - ok
10:53:15.0309 0896 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
10:53:15.0310 0896 PNRPAutoReg - ok
10:53:15.0314 0896 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
10:53:15.0316 0896 PNRPsvc - ok
10:53:15.0349 0896 [ 4F0878FD62D5F7444C5F1C4C66D9D293 ] Point64 C:\Windows\system32\DRIVERS\point64.sys
10:53:15.0350 0896 Point64 - ok
10:53:15.0375 0896 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
10:53:15.0377 0896 PolicyAgent - ok
10:53:15.0400 0896 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
10:53:15.0402 0896 Power - ok
10:53:15.0409 0896 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
10:53:15.0409 0896 PptpMiniport - ok
10:53:15.0425 0896 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
10:53:15.0425 0896 Processor - ok
10:53:15.0466 0896 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
10:53:15.0467 0896 ProfSvc - ok
10:53:15.0476 0896 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
10:53:15.0476 0896 ProtectedStorage - ok
10:53:15.0489 0896 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
10:53:15.0490 0896 Psched - ok
10:53:15.0524 0896 [ 46851BC18322DA70F3F2299A1007C479 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
10:53:15.0525 0896 PxHlpa64 - ok
10:53:15.0554 0896 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
10:53:15.0560 0896 ql2300 - ok
10:53:15.0575 0896 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
10:53:15.0576 0896 ql40xx - ok
10:53:15.0591 0896 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
10:53:15.0593 0896 QWAVE - ok
10:53:15.0600 0896 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
10:53:15.0600 0896 QWAVEdrv - ok
10:53:15.0608 0896 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
10:53:15.0609 0896 RasAcd - ok
10:53:15.0618 0896 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
10:53:15.0618 0896 RasAgileVpn - ok
10:53:15.0624 0896 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
10:53:15.0625 0896 RasAuto - ok
10:53:15.0635 0896 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
10:53:15.0636 0896 Rasl2tp - ok
10:53:15.0648 0896 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
10:53:15.0650 0896 RasMan - ok
10:53:15.0658 0896 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
10:53:15.0659 0896 RasPppoe - ok
10:53:15.0671 0896 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
10:53:15.0672 0896 RasSstp - ok
10:53:15.0685 0896 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
10:53:15.0686 0896 rdbss - ok
10:53:15.0689 0896 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
10:53:15.0689 0896 rdpbus - ok
10:53:15.0699 0896 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
10:53:15.0699 0896 RDPCDD - ok
10:53:15.0709 0896 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
10:53:15.0710 0896 RDPDR - ok
10:53:15.0716 0896 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
10:53:15.0717 0896 RDPENCDD - ok
10:53:15.0728 0896 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
10:53:15.0728 0896 RDPREFMP - ok
10:53:15.0761 0896 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
10:53:15.0762 0896 RDPWD - ok
10:53:15.0787 0896 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
10:53:15.0788 0896 rdyboost - ok
10:53:15.0806 0896 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
10:53:15.0807 0896 RemoteAccess - ok
10:53:15.0819 0896 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
10:53:15.0821 0896 RemoteRegistry - ok
10:53:15.0843 0896 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
10:53:15.0844 0896 RFCOMM - ok
10:53:15.0856 0896 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
10:53:15.0857 0896 RpcEptMapper - ok
10:53:15.0873 0896 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
10:53:15.0874 0896 RpcLocator - ok
10:53:15.0895 0896 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
10:53:15.0897 0896 RpcSs - ok
10:53:15.0907 0896 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
10:53:15.0907 0896 rspndr - ok
10:53:15.0925 0896 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
10:53:15.0925 0896 s3cap - ok
10:53:15.0928 0896 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
10:53:15.0928 0896 SamSs - ok
10:53:15.0993 0896 [ E382F5DB58A759B3E821BAC853DC15DB ] Samsung Network Fax Server C:\Windows\system32\spool\drivers\x64\3\NetFaxServer64.exe
10:53:15.0994 0896 Samsung Network Fax Server - ok
10:53:16.0011 0896 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
10:53:16.0012 0896 sbp2port - ok
10:53:16.0024 0896 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
10:53:16.0025 0896 SCardSvr - ok
10:53:16.0037 0896 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
10:53:16.0037 0896 scfilter - ok
10:53:16.0061 0896 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
10:53:16.0065 0896 Schedule - ok
10:53:16.0091 0896 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
10:53:16.0092 0896 SCPolicySvc - ok
10:53:16.0100 0896 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
10:53:16.0102 0896 SDRSVC - ok
10:53:16.0116 0896 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
10:53:16.0117 0896 secdrv - ok
10:53:16.0124 0896 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
10:53:16.0125 0896 seclogon - ok
10:53:16.0131 0896 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
10:53:16.0132 0896 SENS - ok
10:53:16.0142 0896 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
10:53:16.0143 0896 SensrSvc - ok
10:53:16.0151 0896 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
10:53:16.0152 0896 Serenum - ok
10:53:16.0164 0896 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
10:53:16.0164 0896 Serial - ok
10:53:16.0177 0896 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
10:53:16.0177 0896 sermouse - ok
10:53:16.0191 0896 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
10:53:16.0192 0896 SessionEnv - ok
10:53:16.0204 0896 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
10:53:16.0204 0896 sffdisk - ok
10:53:16.0210 0896 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
10:53:16.0211 0896 sffp_mmc - ok
10:53:16.0219 0896 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
10:53:16.0220 0896 sffp_sd - ok
10:53:16.0233 0896 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
10:53:16.0233 0896 sfloppy - ok
10:53:16.0250 0896 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:53:16.0252 0896 ShellHWDetection - ok
10:53:16.0266 0896 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
10:53:16.0266 0896 SiSRaid2 - ok
10:53:16.0280 0896 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
10:53:16.0281 0896 SiSRaid4 - ok
10:53:16.0290 0896 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
10:53:16.0290 0896 Smb - ok
10:53:16.0329 0896 [ 10450F432811D7FDA60A97FCC674D7B2 ] snapman C:\Windows\system32\DRIVERS\snapman.sys
10:53:16.0330 0896 snapman - ok
10:53:16.0338 0896 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
10:53:16.0339 0896 SNMPTRAP - ok
10:53:16.0342 0896 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
10:53:16.0342 0896 spldr - ok
10:53:16.0365 0896 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
10:53:16.0368 0896 Spooler - ok
10:53:16.0416 0896 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
10:53:16.0429 0896 sppsvc - ok
10:53:16.0445 0896 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
10:53:16.0446 0896 sppuinotify - ok
10:53:16.0502 0896 [ 8978ED1D492B1A430857A43CDD130AED ] SpyHunter 4 Service C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
10:53:16.0505 0896 SpyHunter 4 Service - ok
10:53:16.0528 0896 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
10:53:16.0530 0896 srv - ok
10:53:16.0545 0896 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
10:53:16.0547 0896 srv2 - ok
10:53:16.0559 0896 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
10:53:16.0560 0896 srvnet - ok
10:53:16.0570 0896 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
10:53:16.0571 0896 SSDPSRV - ok
10:53:16.0590 0896 [ 0211AB46B73A2623B86C1CFCB30579AB ] SSPORT C:\Windows\system32\Drivers\SSPORT.sys
10:53:16.0591 0896 SSPORT - ok
10:53:16.0603 0896 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
10:53:16.0604 0896 SstpSvc - ok
10:53:16.0612 0896 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
10:53:16.0613 0896 stexstor - ok
10:53:16.0637 0896 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
10:53:16.0640 0896 stisvc - ok
10:53:16.0650 0896 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
10:53:16.0650 0896 storflt - ok
10:53:16.0666 0896 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
10:53:16.0667 0896 StorSvc - ok
10:53:16.0676 0896 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
10:53:16.0676 0896 storvsc - ok
10:53:16.0679 0896 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
10:53:16.0679 0896 swenum - ok
10:53:16.0697 0896 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
10:53:16.0699 0896 swprv - ok
10:53:16.0725 0896 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
10:53:16.0732 0896 SysMain - ok
10:53:16.0741 0896 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:53:16.0743 0896 TabletInputService - ok
10:53:16.0757 0896 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
10:53:16.0759 0896 TapiSrv - ok
10:53:16.0762 0896 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
10:53:16.0763 0896 TBS - ok
10:53:16.0818 0896 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
10:53:16.0825 0896 Tcpip - ok
10:53:16.0851 0896 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
10:53:16.0858 0896 TCPIP6 - ok
10:53:16.0878 0896 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
10:53:16.0879 0896 tcpipreg - ok
10:53:16.0890 0896 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
10:53:16.0891 0896 TDPIPE - ok
10:53:16.0916 0896 [ 99527D49EE0A96FC25537C61B270A372 ] tdrpman273 C:\Windows\system32\DRIVERS\tdrpm273.sys
10:53:16.0921 0896 tdrpman273 - ok
10:53:16.0954 0896 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
10:53:16.0955 0896 TDTCP - ok
10:53:16.0969 0896 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
10:53:16.0970 0896 tdx - ok
10:53:16.0981 0896 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
10:53:16.0982 0896 TermDD - ok
10:53:17.0001 0896 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
10:53:17.0004 0896 TermService - ok
10:53:17.0016 0896 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
10:53:17.0017 0896 Themes - ok
10:53:17.0032 0896 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
10:53:17.0033 0896 THREADORDER - ok
10:53:17.0052 0896 [ EBBAEA02F0095A798000C7E06B16D41B ] timounter C:\Windows\system32\DRIVERS\timntr.sys
10:53:17.0056 0896 timounter - ok
10:53:17.0067 0896 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
10:53:17.0068 0896 TrkWks - ok
10:53:17.0092 0896 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:53:17.0093 0896 TrustedInstaller - ok
10:53:17.0105 0896 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
10:53:17.0106 0896 tssecsrv - ok
10:53:17.0115 0896 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
10:53:17.0116 0896 TsUsbFlt - ok
10:53:17.0127 0896 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
10:53:17.0128 0896 tunnel - ok
10:53:17.0140 0896 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
10:53:17.0141 0896 uagp35 - ok
10:53:17.0159 0896 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
10:53:17.0161 0896 udfs - ok
10:53:17.0172 0896 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
10:53:17.0173 0896 UI0Detect - ok
10:53:17.0183 0896 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
10:53:17.0183 0896 uliagpkx - ok
10:53:17.0196 0896 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
10:53:17.0196 0896 umbus - ok
10:53:17.0205 0896 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
10:53:17.0206 0896 UmPass - ok
10:53:17.0225 0896 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
10:53:17.0227 0896 UmRdpService - ok
10:53:17.0240 0896 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
10:53:17.0243 0896 upnphost - ok
10:53:17.0262 0896 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
10:53:17.0262 0896 usbaudio - ok
10:53:17.0302 0896 [ B26AFB54A534D634523C4FB66765B026 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
10:53:17.0303 0896 usbccgp - ok
10:53:17.0312 0896 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
10:53:17.0313 0896 usbcir - ok
10:53:17.0329 0896 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
10:53:17.0329 0896 usbehci - ok
10:53:17.0334 0896 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
10:53:17.0336 0896 usbhub - ok
10:53:17.0361 0896 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
10:53:17.0362 0896 usbohci - ok
10:53:17.0368 0896 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
10:53:17.0369 0896 usbprint - ok
10:53:17.0373 0896 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:53:17.0374 0896 USBSTOR - ok
10:53:17.0382 0896 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
10:53:17.0382 0896 usbuhci - ok
10:53:17.0396 0896 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
10:53:17.0397 0896 UxSms - ok
10:53:17.0409 0896 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
10:53:17.0409 0896 VaultSvc - ok
10:53:17.0413 0896 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
10:53:17.0414 0896 vdrvroot - ok
10:53:17.0437 0896 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
10:53:17.0440 0896 vds - ok
10:53:17.0456 0896 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
10:53:17.0456 0896 vga - ok
10:53:17.0469 0896 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
10:53:17.0469 0896 VgaSave - ok
10:53:17.0491 0896 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
10:53:17.0492 0896 vhdmp - ok
10:53:17.0507 0896 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
10:53:17.0507 0896 viaide - ok
10:53:17.0517 0896 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
10:53:17.0518 0896 vmbus - ok
10:53:17.0527 0896 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
10:53:17.0528 0896 VMBusHID - ok
10:53:17.0542 0896 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
10:53:17.0542 0896 volmgr - ok
10:53:17.0565 0896 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
10:53:17.0566 0896 volmgrx - ok
10:53:17.0579 0896 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
10:53:17.0581 0896 volsnap - ok
10:53:17.0596 0896 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
10:53:17.0597 0896 vsmraid - ok
10:53:17.0625 0896 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
10:53:17.0631 0896 VSS - ok
10:53:17.0720 0896 [ 40DBA03782BCC10685A8C200C5EBDCD0 ] vToolbarUpdater12.2.6 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
10:53:17.0723 0896 vToolbarUpdater12.2.6 - ok
10:53:17.0725 0896 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
10:53:17.0726 0896 vwifibus - ok
10:53:17.0732 0896 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
10:53:17.0734 0896 W32Time - ok
10:53:17.0742 0896 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
10:53:17.0743 0896 WacomPen - ok
10:53:17.0773 0896 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
10:53:17.0773 0896 WANARP - ok
10:53:17.0776 0896 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
10:53:17.0776 0896 Wanarpv6 - ok
10:53:17.0809 0896 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
10:53:17.0814 0896 WatAdminSvc - ok
10:53:17.0840 0896 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
10:53:17.0847 0896 wbengine - ok
10:53:17.0856 0896 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
10:53:17.0858 0896 WbioSrvc - ok
10:53:17.0871 0896 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
10:53:17.0873 0896 wcncsvc - ok
10:53:17.0881 0896 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:53:17.0882 0896 WcsPlugInService - ok
10:53:17.0899 0896 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
10:53:17.0899 0896 Wd - ok
10:53:17.0906 0896 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
10:53:17.0909 0896 Wdf01000 - ok
10:53:17.0940 0896 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
10:53:17.0941 0896 WdiServiceHost - ok
10:53:17.0943 0896 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
10:53:17.0945 0896 WdiSystemHost - ok
10:53:17.0955 0896 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
10:53:17.0957 0896 WebClient - ok
10:53:17.0961 0896 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
10:53:17.0963 0896 Wecsvc - ok
10:53:17.0966 0896 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
10:53:17.0967 0896 wercplsupport - ok
10:53:17.0984 0896 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
10:53:17.0985 0896 WerSvc - ok
10:53:17.0993 0896 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
10:53:17.0993 0896 WfpLwf - ok
10:53:18.0010 0896 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
10:53:18.0010 0896 WIMMount - ok
10:53:18.0014 0896 WinHttpAutoProxySvc - ok
10:53:18.0040 0896 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
10:53:18.0041 0896 Winmgmt - ok
10:53:18.0070 0896 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
10:53:18.0078 0896 WinRM - ok
10:53:18.0092 0896 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
10:53:18.0092 0896 WinUsb - ok
10:53:18.0119 0896 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
10:53:18.0123 0896 Wlansvc - ok
10:53:18.0128 0896 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
10:53:18.0129 0896 WmiAcpi - ok
10:53:18.0147 0896 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
10:53:18.0148 0896 wmiApSrv - ok
10:53:18.0160 0896 WMPNetworkSvc - ok
10:53:18.0168 0896 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
10:53:18.0169 0896 WPCSvc - ok
10:53:18.0186 0896 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
10:53:18.0187 0896 WPDBusEnum - ok
10:53:18.0198 0896 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
10:53:18.0198 0896 ws2ifsl - ok
10:53:18.0200 0896 WSearch - ok
10:53:18.0222 0896 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
10:53:18.0223 0896 WudfPf - ok
10:53:18.0230 0896 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
10:53:18.0231 0896 WUDFRd - ok
10:53:18.0239 0896 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
10:53:18.0240 0896 wudfsvc - ok
10:53:18.0247 0896 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
10:53:18.0249 0896 WwanSvc - ok
10:53:18.0286 0896 [ 1870A74EE2901CA09FFBFE79A5EE0E94 ] {329F96B6-DF1E-4328-BFDA-39EA953C1312} C:\Program Files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl
10:53:18.0286 0896 {329F96B6-DF1E-4328-BFDA-39EA953C1312} - ok
10:53:18.0288 0896 ================ Scan global ===============================
10:53:18.0304 0896 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
10:53:18.0323 0896 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
10:53:18.0328 0896 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
10:53:18.0341 0896 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
10:53:18.0371 0896 [ 50BEA589F7D7958BDD2528A8F69D05CC ] C:\Windows\system32\services.exe
10:53:18.0379 0896 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.a ) - infected
10:53:18.0379 0896 C:\Windows\system32\services.exe - detected Virus.Win64.ZAccess.a (0)
10:53:18.0379 0896 ================ Scan MBR ==================================
10:53:18.0393 0896 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:53:18.0532 0896 \Device\Harddisk0\DR0 - ok
10:53:18.0535 0896 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk10\DR10
10:53:18.0827 0896 \Device\Harddisk10\DR10 - ok
10:53:18.0835 0896 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
10:53:18.0837 0896 \Device\Harddisk1\DR1 - ok
10:53:18.0851 0896 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk2\DR2
10:53:19.0445 0896 \Device\Harddisk2\DR2 - ok
10:53:19.0448 0896 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk3\DR3
10:53:19.0452 0896 \Device\Harddisk3\DR3 - ok
10:53:19.0458 0896 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk4\DR4
10:53:19.0551 0896 \Device\Harddisk4\DR4 - ok
10:53:19.0554 0896 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk9\DR9
10:53:19.0557 0896 \Device\Harddisk9\DR9 - ok
10:53:19.0558 0896 ================ Scan VBR ==================================
10:53:19.0559 0896 [ 976208CD861C2E2EE6FD530475D7CDB5 ] \Device\Harddisk0\DR0\Partition1
10:53:19.0560 0896 \Device\Harddisk0\DR0\Partition1 - ok
10:53:19.0570 0896 [ 22C85D8C703B922B10CF384CBA19C7AD ] \Device\Harddisk0\DR0\Partition2
10:53:19.0571 0896 \Device\Harddisk0\DR0\Partition2 - ok
10:53:19.0573 0896 [ E584753709112500724AFD4CC4EFB3AB ] \Device\Harddisk10\DR10\Partition1
10:53:19.0575 0896 \Device\Harddisk10\DR10\Partition1 - ok
10:53:19.0577 0896 [ FEA436FDD94B6E23C8476E5861876054 ] \Device\Harddisk10\DR10\Partition2
10:53:19.0579 0896 \Device\Harddisk10\DR10\Partition2 - ok
10:53:19.0581 0896 [ 68C5ED907F51EF06204EE3A7E02C8912 ] \Device\Harddisk10\DR10\Partition3
10:53:19.0583 0896 \Device\Harddisk10\DR10\Partition3 - ok
10:53:19.0585 0896 [ 86E3888C2D2DCEB7F660302751B2134D ] \Device\Harddisk1\DR1\Partition1
10:53:19.0586 0896 \Device\Harddisk1\DR1\Partition1 - ok
10:53:19.0588 0896 [ 36ADAEB78EDF7D3B0A2986F78C79AC1B ] \Device\Harddisk2\DR2\Partition1
10:53:19.0589 0896 \Device\Harddisk2\DR2\Partition1 - ok
10:53:19.0591 0896 [ D54D9DF5CA299DB7C13194AD89CC60E9 ] \Device\Harddisk3\DR3\Partition1
10:53:19.0593 0896 \Device\Harddisk3\DR3\Partition1 - ok
10:53:19.0596 0896 [ 7F956E1565AF668598CF4A5798ED0AB9 ] \Device\Harddisk4\DR4\Partition1
10:53:19.0597 0896 \Device\Harddisk4\DR4\Partition1 - ok
10:53:19.0599 0896 [ E164E88244109D1A7AE90911B0A39848 ] \Device\Harddisk9\DR9\Partition1
10:53:19.0601 0896 \Device\Harddisk9\DR9\Partition1 - ok
10:53:19.0601 0896 ============================================================
10:53:19.0601 0896 Scan finished
10:53:19.0601 0896 ============================================================
10:53:19.0606 7400 Detected object count: 1
10:53:19.0606 7400 Actual detected object count: 1
10:53:23.0194 7400 C:\Windows\system32\services.exe - copied to quarantine
10:53:23.0223 7400 C:\Windows\installer\{06ed06b2-89f5-4411-ae3d-c2291cfae50c}\@ - copied to quarantine
10:53:23.0224 7400 C:\Windows\installer\{06ed06b2-89f5-4411-ae3d-c2291cfae50c}\L\00000004.@ - copied to quarantine
10:53:23.0225 7400 C:\Windows\installer\{06ed06b2-89f5-4411-ae3d-c2291cfae50c}\L\201d3dde - copied to quarantine
10:53:23.0226 7400 C:\Windows\installer\{06ed06b2-89f5-4411-ae3d-c2291cfae50c}\U\00000004.@ - copied to quarantine
10:53:23.0227 7400 C:\Windows\installer\{06ed06b2-89f5-4411-ae3d-c2291cfae50c}\U\00000008.@ - copied to quarantine
10:53:23.0228 7400 C:\Windows\installer\{06ed06b2-89f5-4411-ae3d-c2291cfae50c}\U\000000cb.@ - copied to quarantine
10:53:23.0229 7400 C:\Windows\installer\{06ed06b2-89f5-4411-ae3d-c2291cfae50c}\U\80000000.@ - copied to quarantine
10:53:23.0231 7400 C:\Windows\installer\{06ed06b2-89f5-4411-ae3d-c2291cfae50c}\U\80000064.@ - copied to quarantine
10:53:24.0583 7400 Backup copy not found, trying to cure infected file..
10:53:24.0583 7400 C:\Windows\system32\services.exe - Cure failed (FFFFFFFF)
10:53:24.0583 7400 C:\Windows\system32\services.exe - processing error
10:53:24.0583 7400 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.a ) - User select action: Cure

#6 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:02:42 AM

Posted 04 November 2012 - 11:46 AM

TDSSKiller has it but can't cure it.

Please download ComboFix from one of these locations:* IMPORTANT !!! Save ComboFix.exe to your Desktop making sure you rename it comfix.exe
  • Disable your AntiVirus and AntiSpyware applications including Firewalls, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Double click on Comfix.exe & follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Posted Image


Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Posted Image


Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

If you receive the message "Illegal operation attempted on a registry key that has been marked for deletion." then please reboot the system.
Posted Image
m0le is a proud member of UNITE

#7 groucho69

groucho69
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:42 PM

Posted 04 November 2012 - 01:21 PM

Ran combo fix and it concluded with infection found need to reboot. I said OK and it has been about an hour with the screen saying: " Operations are in progress. Please wait. The machine will be turned off automatically after the operations are complete." Is this an odd time frame?

#8 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:02:42 AM

Posted 04 November 2012 - 08:13 PM

Yes, an hour is too long. Reboot the system and look for a Combofix log

Please go to start -> Run.

Copy and paste the bold line in the run-box and click OK:

cmd /c dir /a/s/b C:\QooBox >log.txt & log.txt

A text file opens up, copy and paste the content to your reply.
Posted Image
m0le is a proud member of UNITE

#9 groucho69

groucho69
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:42 PM

Posted 04 November 2012 - 10:19 PM

The command window opened, but no text window. I looked in C:\QooBox and can see no text files.<br style="color: rgb(28, 40, 55); font-size: 13px; line-height: 19px; background-color: rgb(250, 251, 252); ">

#10 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:02:42 AM

Posted 05 November 2012 - 08:04 PM

Hmmm, some defences still exist. Please run SystemLook and we'll replace the services.exe file

Please download SystemLook from the link below and save it to your Desktop.
Download Mirror #1
  • Double-click SystemLook.exe to run it.
  • Copy the content of the following codebox into the main textfield:
    :filefind
    services.exe
    
  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt
Posted Image
m0le is a proud member of UNITE

#11 groucho69

groucho69
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:42 PM

Posted 06 November 2012 - 09:02 AM

Searching for "services.exe"
C:\Windows\System32\services.exe --a---- 328704 bytes [23:19 13/07/2009] [01:39 14/07/2009] 24ACB7E5BE595468E3B9AA488B9B4FCB
C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe --a---- 328704 bytes [23:19 13/07/2009] [01:39 14/07/2009] 24ACB7E5BE595468E3B9AA488B9B4FCB

-= EOF =-

#12 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:02:42 AM

Posted 06 November 2012 - 07:32 PM

The services.exe file is clean. It looks like Combofix did remove it even if it was killed in the process.

Please run aswMBR and let's see what it thinks

Please download aswMBR ( 511KB ) to your desktop.
  • Double click the aswMBR.exe icon to run it
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

Edited by m0le, 06 November 2012 - 07:33 PM.

Posted Image
m0le is a proud member of UNITE

#13 groucho69

groucho69
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:42 PM

Posted 06 November 2012 - 09:37 PM

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-11-06 21:35:16
-----------------------------
21:35:16.625 OS Version: Windows x64 6.1.7601 Service Pack 1
21:35:16.626 Number of processors: 4 586 0x2A07
21:35:16.626 ComputerName: ED-PC UserName: ED
21:35:20.696 Initialize success
21:35:53.580 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
21:35:53.581 Disk 0 Vendor: WDC_WD1002FAEX-00Z3A0 05.01D05 Size: 953869MB BusType: 11
21:35:53.593 Disk 0 MBR read successfully
21:35:53.595 Disk 0 MBR scan
21:35:53.596 Disk 0 Windows 7 default MBR code
21:35:53.599 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
21:35:53.601 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 953767 MB offset 206848
21:35:53.631 Disk 0 scanning C:\Windows\system32\drivers
21:35:58.370 Service scanning
21:36:13.561 Modules scanning
21:36:13.565 Disk 0 trace - called modules:
21:36:13.584 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
21:36:13.587 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007ff0060]
21:36:13.589 3 CLASSPNP.SYS[fffff880017a943f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8007831060]
21:36:13.592 Scan finished successfully

#14 groucho69

groucho69
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:42 PM

Posted 07 November 2012 - 07:09 AM

AVG has now popped up with Trojen Horse Generic 29.ANPX in C:windows\assembly\GAC_64\desktop.ini

#15 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:02:42 AM

Posted 07 November 2012 - 05:05 PM

The rootkit lives still.
  • Download on the desktop RogueKiller (by tigzy)
  • Quit all programs
  • Start RogueKiller.exe.
  • Right click -> run as administrator
  • Wait until Prescan has finished ...
  • Click on Scan. Click on Report and copy/paste the content of the notepad into your next reply.

Posted Image
m0le is a proud member of UNITE




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users